Merge "Allow to signal perfetto from shell."

private/perfetto.te

@@ -3,7 +3,6 @@
 # This command line client accesses the privileged socket of the traced
 # daemon.
 
-type perfetto, domain, coredomain;
 type perfetto_exec, system_file_type, exec_type, file_type;
 
 tmpfs_domain(perfetto);

private/shell.te

@@ -44,6 +44,8 @@ domain_auto_trans(shell, vendor_shell_exec, vendor_shell)
 # transition into its own domain, so that it behaves consistently to
 # when exec()-d by statsd.
 domain_auto_trans(shell, perfetto_exec, perfetto)
+# Allow to send SIGINT to perfetto when daemonized.
+allow shell perfetto:process signal;
 
 # Allow shell to run adb shell cmd stats commands. Needed for CTS.
 binder_call(shell, statsd);

public/app.te

@@ -432,7 +432,9 @@ neverallow { appdomain -shell } { domain -appdomain }:file no_rw_file_perms;
 # sigchld allowed for parent death notification.
 # signull allowed for kill(pid, 0) existence test.
 # All others prohibited.
-neverallow appdomain { domain -appdomain }:process
+# -perfetto is to allow shell (which is an appdomain) to kill perfetto
+# (see private/shell.te).
+neverallow appdomain { domain -appdomain -perfetto }:process
     { sigkill sigstop signal };
 
 # Write to rootfs.

public/perfetto.te

@@ -0,0 +1 @@
+type perfetto, domain, coredomain;