Allow debuggerd to access native tests

Test: run a gtest in /data/nativetest/ with no permission denial Change-Id: Id644ed7dbea59becaf84b6073c9144711ad07c10
2017-01-12 14:18:50 -08:00 · 2017-01-12 14:18:50 -08:00 · 926dc3317d
commit 926dc3317d
parent d5db9de58d
2 changed files with 7 additions and 0 deletions
--- a/private/file_contexts
+++ b/private/file_contexts
@ -300,6 +300,7 @@
 /data/media(/.*)?	u:object_r:media_rw_data_file:s0
 /data/mediadrm(/.*)?	u:object_r:media_data_file:s0
 /data/nativetest(/.*)?	u:object_r:nativetest_data_file:s0
+/data/nativetest64(/.*)?	u:object_r:nativetest_data_file:s0
 /data/property(/.*)?	u:object_r:property_data_file:s0
 /data/preloads(/.*)?	u:object_r:preloads_data_file:s0

--- a/public/debuggerd.te
+++ b/public/debuggerd.te
@ -55,6 +55,12 @@ allow debuggerd {
 # Connect to system_server via /data/system/ndebugsocket.
 unix_socket_connect(debuggerd, system_ndebug, system_server)

+# Get stack traces for VTS executables
+userdebug_or_eng(`
+  allow debuggerd nativetest_data_file:dir search;
+  allow debuggerd nativetest_data_file:file r_file_perms;
+')
+
 userdebug_or_eng(`
  allow debuggerd input_device:dir r_dir_perms;
  allow debuggerd input_device:chr_file rw_file_perms;