0c8ad1dc94
Make all platform tyeps public to start to prevent build breakage in any devices that may have device-specific policy using these types. Future changes will need to be carefully made to ensure we properly limit types for use by non-platform policy. Test: Builds Change-Id: I7349940d5b5a57357bc7c16f66925dee1d030eb6
23 lines
672 B
Text
23 lines
672 B
Text
# Domain for atrace process spawned by boottrace service.
|
|
type atrace_exec, exec_type, file_type;
|
|
|
|
userdebug_or_eng(`
|
|
|
|
type atrace, domain, domain_deprecated;
|
|
|
|
# boottrace services uses /data/misc/boottrace/categories
|
|
allow atrace boottrace_data_file:dir search;
|
|
allow atrace boottrace_data_file:file r_file_perms;
|
|
|
|
# atrace reads the files in /sys/kernel/debug/tracing/
|
|
allow atrace debugfs_tracing:file r_file_perms;
|
|
|
|
# atrace sets debug.atrace.* properties
|
|
set_prop(atrace, debug_prop)
|
|
|
|
# atrace pokes all the binder-enabled processes at startup.
|
|
binder_use(atrace)
|
|
allow atrace healthd:binder call;
|
|
allow atrace surfaceflinger:binder call;
|
|
|
|
')
|