Allow profilable domains to use heapprofd fd and tmpfs.
am: 315d8bfa15
Change-Id: I82f130cb679a26794524ac822bfa01334c9602a0
This commit is contained in:
Florian Mayer
android-build-merger
commit
951a1c8fad
3 changed files with 17 additions and 8 deletions
|
|
@ -19,6 +19,10 @@ userdebug_or_eng(`can_profile_heap_userdebug_or_eng({
|
|||
-keystore
|
||||
-llkd
|
||||
-logd
|
||||
-logpersist
|
||||
-recovery
|
||||
-recovery_persist
|
||||
-recovery_refresh
|
||||
-ueventd
|
||||
-vendor_init
|
||||
-vold
|
||||
|
|
|
|||
|
|
@ -10,8 +10,14 @@
|
|||
# On debug builds, this central daemon performs profiling for all target
|
||||
# processes (which talk directly to this daemon).
|
||||
type heapprofd_exec, exec_type, file_type, system_file_type;
|
||||
type heapprofd_tmpfs, file_type;
|
||||
|
||||
init_daemon_domain(heapprofd)
|
||||
tmpfs_domain(heapprofd)
|
||||
|
||||
# Allow apps in other MLS contexts (for multi-user) to access
|
||||
# share memory buffers created by heapprofd.
|
||||
typeattribute heapprofd_tmpfs mlstrustedobject;
|
||||
|
||||
set_prop(heapprofd, heapprofd_prop);
|
||||
|
||||
|
|
|
|||
|
|
@ -661,14 +661,8 @@ define(`can_profile_heap', `
|
|||
allow heapprofd $1:file r_file_perms;
|
||||
allow heapprofd $1:dir r_dir_perms;
|
||||
|
||||
# On debug builds, central daemon can handle profiling of all processes
|
||||
# directly.
|
||||
userdebug_or_eng(`
|
||||
# Allow connecting to the daemon.
|
||||
unix_socket_connect($1, heapprofd, heapprofd)
|
||||
# Allow daemon to use the passed fds.
|
||||
allow heapprofd $1:fd use;
|
||||
')
|
||||
# Profilability on user implies profilability on userdebug and eng.
|
||||
can_profile_heap_userdebug_or_eng($1)
|
||||
')
|
||||
|
||||
###################################
|
||||
|
|
@ -686,6 +680,11 @@ define(`can_profile_heap_userdebug_or_eng', `
|
|||
unix_socket_connect($1, heapprofd, heapprofd)
|
||||
# Allow daemon to use the passed fds.
|
||||
allow heapprofd $1:fd use;
|
||||
# Allow to read and write to heapprofd shmem.
|
||||
# The client needs to read the read and write pointers in order to write.
|
||||
allow $1 heapprofd_tmpfs:file { read write getattr map };
|
||||
# Use shared memory received over the unix socket.
|
||||
allow $1 heapprofd:fd use;
|
||||
|
||||
# To read from the received file descriptors.
|
||||
# /proc/[pid]/maps and /proc/[pid]/mem have the same SELinux label as the
|
||||
|
|
|
|||
Loading…
Reference in a new issue