tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

SEPolicy: Add read permission to traced_probes

Browse source 
Allow traced_probes to read file
/data/system/game_mode_intervention.list

Bug: 219543620
Doc: go/game-dashboard-information-to-perfetto
Test: manual
Change-Id: I16962d2e544959d00a8d4cf32e6ca9c5bef73064
This commit is contained in:
Andy Yu 2022-04-01 15:16:14 -07:00
parent bf8af42bf5
commit 9e96849345
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
private/traced_probes.te
View file

@ -43,6 +43,9 @@ allow traced_probes proc_kallsyms:file r_file_perms;
# Allow to read packages.list file. # Allow to read packages.list file.
allow traced_probes packages_list_file:file r_file_perms; allow traced_probes packages_list_file:file r_file_perms;
# Allow to read game_mode_intervention.list file.
allow traced_probes game_mode_intervention_list_file:file r_file_perms;
# Allow to log to kernel dmesg when starting / stopping ftrace. # Allow to log to kernel dmesg when starting / stopping ftrace.
allow traced_probes kmsg_device:chr_file write; allow traced_probes kmsg_device:chr_file write;
@ -144,6 +147,7 @@ neverallow traced_probes {
-zoneinfo_data_file -zoneinfo_data_file
-packages_list_file -packages_list_file
with_native_coverage(`-method_trace_data_file') with_native_coverage(`-method_trace_data_file')
-game_mode_intervention_list_file
}:file *; }:file *;
# Only init is allowed to enter the traced_probes domain via exec() # Only init is allowed to enter the traced_probes domain via exec()