41daa7f859
Specify per-service rules for PDX transport. Now being able to grant permissions to individual services provided by processes, not all services of a process. Also tighter control over which permissions are required for client and server for individual components of IPC (endpoints, channels, etc). Bug: 37646189 Change-Id: I78eb8ae8b6e08105666445a66bfcbd2f1d69d0ea
18 lines
782 B
Text
18 lines
782 B
Text
# performanced
|
|
type performanced, domain, mlstrustedsubject;
|
|
type performanced_exec, exec_type, file_type;
|
|
|
|
pdx_server(performanced, performance_client)
|
|
|
|
# TODO: use file caps to obtain sys_nice instead of setuid / setgid.
|
|
allow performanced self:capability { setuid setgid sys_nice };
|
|
|
|
# Access /proc to validate we're only affecting threads in the same thread group.
|
|
# Performanced also shields unbound kernel threads. It scans every task in the
|
|
# root cpu set, but only affects the kernel threads.
|
|
r_dir_file(performanced, { appdomain bufferhubd kernel sensord surfaceflinger })
|
|
dontaudit performanced domain:dir read;
|
|
allow performanced { appdomain bufferhubd kernel sensord surfaceflinger }:process setsched;
|
|
|
|
# Access /dev/cpuset/cpuset.cpus
|
|
r_dir_file(performanced, cgroup)
|