# Domain for atrace process spawned by boottrace service. type atrace_exec, exec_type, file_type; userdebug_or_eng(` type atrace, domain, coredomain; init_daemon_domain(atrace) # boottrace services uses /data/misc/boottrace/categories allow atrace boottrace_data_file:dir search; allow atrace boottrace_data_file:file r_file_perms; # Allow atrace to access tracefs. allow atrace debugfs_tracing:dir r_dir_perms; allow atrace debugfs_tracing:file rw_file_perms; allow atrace debugfs_tracing_debug:file rw_file_perms; allow atrace debugfs_trace_marker:file getattr; # atrace sets debug.atrace.* properties set_prop(atrace, debug_prop) # atrace pokes all the binder-enabled processes at startup. binder_use(atrace) allow atrace healthd:binder call; allow atrace surfaceflinger:binder call; ')