ff3048349a
logd.ready is a system property that logd sets when it is ready to serve incoming socket requests for reading and writing logs. Clients of logd (e.g. logcat) can use this to synchronize with logd, otherwise they may experience a crash due to the refused socket connection to logd when they are started before logd is ready. Bug: 206826522 Test: run microdroid. see logcat logs are shown immediately Change-Id: Iee13485b0f4c2beda9bc8434f514c4e32e119492
31 lines
1.2 KiB
Text
31 lines
1.2 KiB
Text
typeattribute logpersist coredomain;
|
|
|
|
# android debug log storage in logpersist domains (eng and userdebug only)
|
|
userdebug_or_eng(`
|
|
|
|
r_dir_file(logpersist, cgroup)
|
|
r_dir_file(logpersist, cgroup_v2)
|
|
|
|
allow logpersist misc_logd_file:file create_file_perms;
|
|
allow logpersist misc_logd_file:dir rw_dir_perms;
|
|
|
|
allow logpersist self:global_capability_class_set sys_nice;
|
|
allow logpersist pstorefs:dir search;
|
|
allow logpersist pstorefs:file r_file_perms;
|
|
|
|
control_logd(logpersist)
|
|
unix_socket_connect(logpersist, logdr, logd)
|
|
get_prop(logpersist, logd_prop)
|
|
read_runtime_log_tags(logpersist)
|
|
|
|
')
|
|
|
|
# logpersist is allowed to write to /data/misc/log for userdebug and eng builds
|
|
neverallow logpersist {
|
|
file_type
|
|
userdebug_or_eng(`-misc_logd_file -coredump_file')
|
|
with_native_coverage(`-method_trace_data_file')
|
|
}:file { create write append };
|
|
neverallow { domain -init -dumpstate -incidentd userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_rw_file_perms;
|
|
neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:file no_w_file_perms;
|
|
neverallow { domain -init userdebug_or_eng(`-logpersist -logd') } misc_logd_file:dir { add_name link relabelfrom remove_name rename reparent rmdir write };
|