2d5f2e242d
LinkerConfig generator runs from early init, so if there is any warning / error then logs can be only found from kernel log. To enable kernel logging from linkerconfig, specific policy should be added. Test: m -j && Tested from Cuttlefish Change-Id: I6c49d7693e0334ae8550891b72bcb04e37c16d89
13 lines
480 B
Text
13 lines
480 B
Text
type linkerconfig, domain, coredomain;
|
|
type linkerconfig_exec, exec_type, file_type, system_file_type;
|
|
|
|
init_daemon_domain(linkerconfig)
|
|
|
|
## Read and write linkerconfig subdirectory.
|
|
allow linkerconfig linkerconfig_file:dir rw_dir_perms;
|
|
allow linkerconfig linkerconfig_file:file create_file_perms;
|
|
|
|
# Allow linkerconfig to log to the kernel.
|
|
allow linkerconfig kmsg_device:chr_file w_file_perms;
|
|
|
|
neverallow { domain -init -linkerconfig } linkerconfig_exec:file no_x_file_perms;
|