2d6942d397
- Allow system_server to create and write to /data/misc/wmtrace/* - Allow surfaceflinger to create and write files from /data/misc/wmtrace/* - Allow dumpstate to read files from /data/misc/wmtrace/* permissions are restricted to userdebug or eng builds Bug: 64831661 Test: adb shell cmd window tracing start && adb shell cmd window tracing stop Test: adb shell su root service call SurfaceFlinger 1025 i32 1 >/dev/null && adb shell su root service call SurfaceFlinger 1025 i32 0 >/dev/null Test: adb bugreport ~/tmp.zip && adb shell su root dmesg | grep 'avc: ' Change-Id: I0b15166560739d73d7749201f3ad197dbcf5791c
31 lines
1,002 B
Text
31 lines
1,002 B
Text
typeattribute dumpstate coredomain;
|
|
|
|
init_daemon_domain(dumpstate)
|
|
|
|
# Execute and transition to the vdc domain
|
|
domain_auto_trans(dumpstate, vdc_exec, vdc)
|
|
|
|
# Acquire advisory lock on /system/etc/xtables.lock from ip[6]tables
|
|
allow dumpstate system_file:file lock;
|
|
|
|
# TODO: deal with tmpfs_domain pub/priv split properly
|
|
allow dumpstate dumpstate_tmpfs:file execute;
|
|
|
|
# systrace support - allow atrace to run
|
|
allow dumpstate debugfs_tracing:dir r_dir_perms;
|
|
allow dumpstate debugfs_tracing:file rw_file_perms;
|
|
allow dumpstate debugfs_trace_marker:file getattr;
|
|
allow dumpstate atrace_exec:file rx_file_perms;
|
|
allow dumpstate storaged_exec:file rx_file_perms;
|
|
|
|
# /data/misc/wmtrace for wm traces
|
|
userdebug_or_eng(`
|
|
allow dumpstate wm_trace_data_file:dir r_dir_perms;
|
|
allow dumpstate wm_trace_data_file:file r_file_perms;
|
|
')
|
|
|
|
# Allow dumpstate to make binder calls to storaged service
|
|
binder_call(dumpstate, storaged)
|
|
|
|
# Collect metrics on boot time created by init
|
|
get_prop(dumpstate, boottime_prop)
|