# Android Heap Profiler Daemon go/heapprofd
type heapprofd_exec, exec_type, file_type, system_file_type;

init_daemon_domain(heapprofd)

set_prop(heapprofd, heapprofd_prop);

userdebug_or_eng(`
  # TODO(fmayer): We will also need this on user to read /proc/<pid>/cmdline
  # and send signals.
  typeattribute heapprofd mlstrustedsubject;
  # Allow to send signal to processes.
  # This excludes SIGKILL, SIGSTOP and SIGCHLD,
  # which are controlled by separate permissions.
  allow heapprofd self:capability kill;

  # Executables and libraries.
  # These are needed to read the ELF binary data needed for unwinding.
  r_dir_file(heapprofd, system_file_type)
  r_dir_file(heapprofd, apk_data_file)
  r_dir_file(heapprofd, dalvikcache_data_file)
  r_dir_file(heapprofd, vendor_file_type)
')

# Write trace data to the Perfetto traced damon. This requires connecting to its
# producer socket and obtaining a (per-process) tmpfs fd.
allow heapprofd traced:fd use;
allow heapprofd traced_tmpfs:file { read write getattr map };
unix_socket_connect(heapprofd, traced_producer, traced)

never_profile_heap(`{
  bpfloader
  init
  kernel
  keystore
  llkd
  logd
  ueventd
  vendor_init
  vold
}')

full_treble_only(`
  neverallow heapprofd vendor_file:file { no_w_file_perms no_x_file_perms };
')