tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Revert "Selinux policy for bootreceiver tracing instance""

Browse source
This commit is contained in:
Wonsik Kim 2021-03-04 00:44:58 +00:00 committed by Gerrit Code Review
commit 89bd64cd0d
5 changed files with 0 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
private/compat/30.0/30.0.ignore.cil
View file

@ -22,7 +22,6 @@
ctl_snapuserd_prop
debugfs_kprobes
debugfs_mm_events_tracing
debugfs_bootreceiver_tracing
device_config_profcollect_native_boot_prop
device_config_connectivity_prop
device_config_swcodec_native_prop

2
private/genfs_contexts
View file

@ -177,8 +177,6 @@ genfscon tracefs /per_cpu/cpu u:object_r:debugfs_tracing
genfscon debugfs /tracing/instances u:object_r:debugfs_tracing_instances:s0
genfscon tracefs /instances u:object_r:debugfs_tracing_instances:s0
genfscon debugfs /tracing/instances/bootreceiver u:object_r:debugfs_bootreceiver_tracing:s0
genfscon tracefs /instances/bootreceiver u:object_r:debugfs_bootreceiver_tracing:s0
genfscon debugfs /tracing/instances/mm_events u:object_r:debugfs_mm_events_tracing:s0
genfscon tracefs /instances/mm_events u:object_r:debugfs_mm_events_tracing:s0
genfscon debugfs /tracing/instances/wifi u:object_r:debugfs_wifi_tracing:s0

3
private/init.te
View file

@ -83,6 +83,3 @@ neverallow { -init } property_service_version_prop:property_service set;
# Only init can set keystore.boot_level
neverallow { -init } keystore_listen_prop:property_service set;
# Allow accessing /sys/kernel/tracing/instances/bootreceiver to set up tracing.
allow init debugfs_bootreceiver_tracing:file w_file_perms;

4
private/system_server.te
View file

@ -1021,10 +1021,6 @@ allow system_server debugfs_tracing_instances:dir search;
allow system_server debugfs_wifi_tracing:dir search;
allow system_server debugfs_wifi_tracing:file rw_file_perms;
# Allow BootReceiver to watch trace error_report events.
allow system_server debugfs_bootreceiver_tracing:dir search;
allow system_server debugfs_bootreceiver_tracing:file r_file_perms;
# Allow system_server to read tracepoint ids in order to attach BPF programs to them.
allow system_server debugfs_tracing:file r_file_perms;

3
public/file.te
View file

@ -557,9 +557,6 @@ type hwservice_contexts_file, system_file_type, file_type;
# vndservice_contexts file
type vndservice_contexts_file, file_type;
# /sys/kernel/tracing/instances/bootreceiver for monitoring kernel memory corruptions.
type debugfs_bootreceiver_tracing, fs_type, debugfs_type;
# Allow files to be created in their appropriate filesystems.
allow fs_type self:filesystem associate;
allow cgroup tmpfs:filesystem associate;