tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/prebuilts/api/31.0/private/simpleperf.te
Inseob Kim 08d4c8fa6e Add fake 31.0 prebuilt 
This commit adds fake 31.0 prebuilt. The prebuilt is based on AOSP
policy, but slightly modified so the set of types and attributes is a
subset of real 31.0 prebuilt (sc-dev policy).

Steps taken to make the fake prebuilt:

1) build plat_sepolicy.cil both on AOSP and sc-dev, with lunch target
aosp_arm64-eng.
2) diff both outputs to find out which types and attributes don't exist.
3) remove all relevant files and statements.

As a result, the following types are removed.

artd
artd_exec
artd_service
power_stats_service
transformer_service
virtualizationservice
virtualizationservice_data_file
virtualizationservice_exec

Bug: 189161483
Test: N/A, will do after adding 31.0 mapping files.
Change-Id: Ia957fc32b1838dae730d9dd7bd917d684d4a24cf
Merged-In: Ia4ea2999f4bc8ae80f13e51d99fba3e98e293447
2021-06-15 12:08:00 +00:00

37 lines
1.7 KiB
Text
Raw Blame History

# Domain used when running /system/bin/simpleperf to profile a specific app.
# Entered either by the app itself exec-ing the binary, or through
# simpleperf_app_runner (with shell as its origin). Certain other domains
# (runas_app, shell) can also exec this binary without a domain transition.
typeattribute simpleperf coredomain;
type simpleperf_exec, system_file_type, exec_type, file_type;
domain_auto_trans({ untrusted_app_all -runas_app }, simpleperf_exec, simpleperf)
# When running in this domain, simpleperf is scoped to profiling an individual
# app. The necessary MAC permissions for profiling are more maintainable and
# consistent if simpleperf is marked as an app domain as well (as, for example,
# it will then see the same set of system libraries as the app).
app_domain(simpleperf)
untrusted_app_domain(simpleperf)
# Allow ptrace attach to the target app, for reading JIT debug info (using
# process_vm_readv) during unwinding and symbolization.
allow simpleperf untrusted_app_all:process ptrace;
# Allow using perf_event_open syscall for profiling the target app.
allow simpleperf self:perf_event { open read write kernel };
# Allow /proc/<pid> access for the target app (for example, when trying to
# discover it by cmdline).
r_dir_file(simpleperf, untrusted_app_all)
# Suppress denial logspam when simpleperf is trying to find a matching process
# by scanning /proc/<pid>/cmdline files. The /proc/<pid> directories are within
# the same domain as their respective processes, most of which this domain is
# not allowed to see.
dontaudit simpleperf domain:dir search;
# Neverallows:
# Profiling must be confined to the scope of an individual app.
neverallow simpleperf self:perf_event ~{ open read write kernel };
Reference in a new issue View git blame Copy permalink