tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "Allow permissions needed for gdb debugging"

Browse source
This commit is contained in:
Treehugger Robot 2019-01-31 05:58:55 +00:00 committed by Gerrit Code Review
commit ecf787e85f
2 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
private/runas_app.te
View file

@ -14,4 +14,4 @@ allow runas_app app_data_file:file execute_no_trans;
r_dir_file(runas_app, untrusted_app_all)
# Allow lldb/ndk-gdb/simpleperf to ptrace attach to debuggable app processes.
allow runas_app untrusted_app_all:process ptrace;
allow runas_app untrusted_app_all:process { ptrace signal sigstop };

4
private/untrusted_app_all.te
View file

@ -112,6 +112,10 @@ allow untrusted_app_all self:process ptrace;
# b/123297648
allow untrusted_app_all runas_app:unix_stream_socket connectto;
# Untrusted apps need to be able to send a SIGCHLD to runas_app
# when running under a debugger (b/123612207)
allow untrusted_app_all runas_app:process sigchld;
# Cts: HwRngTest
allow untrusted_app_all sysfs_hwrandom:dir search;
allow untrusted_app_all sysfs_hwrandom:file r_file_perms;