tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Allow statsd to read file descriptors from any app" into main

Browse source
This commit is contained in:
Jeffrey Huang 2024-06-12 21:14:37 +00:00 committed by Gerrit Code Review
commit bfcc43e84e
1 changed files with 5 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
private/statsd.te
View file

@ -19,8 +19,11 @@ allow statsd incidentd:fifo_file write;
# Allow StatsCompanionService to pipe data to statsd.
allow statsd system_server:fifo_file { read write getattr };
# Allow Statsd to pipe data to privileged apps.
allow statsd priv_app:fifo_file { read write getattr };
# Allow any app to pipe data to statsd.
# Access control to all statsd APIs inherit from system_api_service, so
# appdomain permissions are granted to avoid listing each individual
# service that can access system_api_service.
allow statsd appdomain:fifo_file { read write getattr };
# Allow statsd to retrieve SF statistics over binder
binder_call(statsd, surfaceflinger);