da4e51b71f
Add a domain for /data/local/tests which will be used by atest to execute tests on devices as shell or root. Bug: 138450837 Test: atest binderVendorDoubleLoadTest memunreachable_unit_test memunreachable_binder_test Change-Id: Ia34314bd9430e21c8b3304ac079e3d9b5705e19c
13 lines
528 B
Text
13 lines
528 B
Text
# adbd seclabel is specified in init.rc since
|
|
# it lives in the rootfs and has no unique file type.
|
|
type adbd, domain;
|
|
type adbd_exec, exec_type, file_type, system_file_type;
|
|
|
|
# Only init is allowed to enter the adbd domain via exec()
|
|
neverallow { domain -init } adbd:process transition;
|
|
neverallow * adbd:process dyntransition;
|
|
|
|
# Access /data/local/tests.
|
|
allow adbd shell_test_data_file:dir create_dir_perms;
|
|
allow adbd shell_test_data_file:file create_file_perms;
|
|
allow adbd shell_test_data_file:lnk_file create_file_perms;
|