fde3e6a0f7
Tombstoned unlinks "trace_XX" files if there are too many of them.
avc: denied { unlink } for comm="tombstoned" name="trace_12"
scontext=u:r:tombstoned:s0 tcontext=u:object_r:anr_data_file:s0
tclass=file
Bug: 77970585
Test: Build/boot taimen. adb root; sigquit an app.
(cherry picked from commit eb8f938fd4)
Change-Id: I2f29d12f747d688f8f4e06b48cf72c5109adc2ae
22 lines
908 B
Text
22 lines
908 B
Text
# debugger interface
|
|
type tombstoned, domain, mlstrustedsubject;
|
|
type tombstoned_exec, exec_type, file_type;
|
|
|
|
# Write to arbitrary pipes given to us.
|
|
allow tombstoned domain:fd use;
|
|
allow tombstoned domain:fifo_file write;
|
|
|
|
allow tombstoned domain:dir r_dir_perms;
|
|
allow tombstoned domain:file r_file_perms;
|
|
allow tombstoned tombstone_data_file:dir rw_dir_perms;
|
|
allow tombstoned tombstone_data_file:file create_file_perms;
|
|
|
|
# TODO: Remove append / write permissions. They were temporarily
|
|
# granted due to a bug which appears to have been fixed.
|
|
allow tombstoned anr_data_file:file { append write };
|
|
auditallow tombstoned anr_data_file:file { append write };
|
|
|
|
# Changes for the new stack dumping mechanism. Each trace goes into a
|
|
# separate file, and these files are managed by tombstoned.
|
|
allow tombstoned anr_data_file:dir rw_dir_perms;
|
|
allow tombstoned anr_data_file:file { create getattr open unlink };
|