Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
A
AndroidSystemSEPolicy
Manage
Activity
Members
Code
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Deploy
Releases
Container registry
Model registry
Analyze
Contributor analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Terms and privacy
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
Werner Sembach
AndroidSystemSEPolicy
Commits
1ca5efe9
Commit
1ca5efe9
authored
9 years ago
by
Calin Juravle
Committed by
android-build-merger
9 years ago
Browse files
Options
Downloads
Plain Diff
Add SElinux rules for /data/misc/trace
am:
f255d775
* commit '
f255d775
': Add SElinux rules for /data/misc/trace
parents
c97f86eb
f255d775
Branches
Branches containing commit
Tags
Tags containing commit
No related merge requests found
Changes
5
Hide whitespace changes
Inline
Side-by-side
Showing
5 changed files
app.te
+5
-1
5 additions, 1 deletion
app.te
file.te
+2
-0
2 additions, 0 deletions
file.te
file_contexts
+1
-0
1 addition, 0 deletions
file_contexts
system_server.te
+6
-0
6 additions, 0 deletions
system_server.te
zygote.te
+6
-0
6 additions, 0 deletions
zygote.te
with
20 additions
and
1 deletion
app.te
+
5
−
1
View file @
1ca5efe9
...
...
@@ -25,9 +25,13 @@ allow appdomain zygote_tmpfs:file read;
# Notify zygote of death;
allow appdomain zygote:process sigchld;
# Notify zygote of the wrapped process PID when using --invoke-with.
userdebug_or_eng(`
# Notify zygote of the wrapped process PID when using --invoke-with.
allow appdomain zygote:fifo_file write;
# Allow apps to create and write method traces in /data/misc/trace.
allow appdomain method_trace_data_file:dir w_dir_perms;
allow appdomain method_trace_data_file:file { create w_file_perms };
')
# Notify shell and adbd of death when spawned via runas for ndk-gdb.
...
...
This diff is collapsed.
Click to expand it.
file.te
+
2
−
0
View file @
1ca5efe9
...
...
@@ -126,6 +126,8 @@ type wifi_data_file, file_type, data_file_type;
type zoneinfo_data_file, file_type, data_file_type;
type vold_data_file, file_type, data_file_type;
type perfprofd_data_file, file_type, data_file_type, mlstrustedobject;
# /data/misc/trace for method traces on userdebug / eng builds
type method_trace_data_file, file_type, data_file_type, mlstrustedobject;
# Compatibility with type names used in vanilla Android 4.3 and 4.4.
typealias audio_data_file alias audio_firmware_file;
...
...
This diff is collapsed.
Click to expand it.
file_contexts
+
1
−
0
View file @
1ca5efe9
...
...
@@ -278,6 +278,7 @@
/data/misc/perfprofd(/.*)? u:object_r:perfprofd_data_file:s0
/data/misc/update_engine(/.*)? u:object_r:update_engine_data_file:s0
/data/system/heapdump(/.*)? u:object_r:heapdump_data_file:s0
/data/misc/trace(/.*)? u:object_r:method_trace_data_file:s0
# Fingerprint data
/data/system/users/[0-9]+/fpdata(/.*)? u:object_r:fingerprintd_data_file:s0
...
...
This diff is collapsed.
Click to expand it.
system_server.te
+
6
−
0
View file @
1ca5efe9
...
...
@@ -423,6 +423,12 @@ allow system_server mnt_expand_file:dir r_dir_perms;
# Allow system process to relabel the fingerprint directory after mkdir
allow system_server fingerprintd_data_file:dir {r_dir_perms relabelto};
userdebug_or_eng(`
# Allow system server to create and write method traces in /data/misc/trace.
allow system_server method_trace_data_file:dir w_dir_perms;
allow system_server method_trace_data_file:file { create w_file_perms };
')
###
### Neverallow rules
###
...
...
This diff is collapsed.
Click to expand it.
zygote.te
+
6
−
0
View file @
1ca5efe9
...
...
@@ -68,6 +68,12 @@ allow zygote storage_file:dir { search mounton };
# Handle --invoke-with command when launching Zygote with a wrapper command.
allow zygote zygote_exec:file rx_file_perms;
userdebug_or_eng(`
# Allow zygote to create and write method traces in /data/misc/trace.
allow zygote method_trace_data_file:dir w_dir_perms;
allow zygote method_trace_data_file:file { create w_file_perms };
')
###
### neverallow rules
###
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment