Merge "sepolicy: add support for new tracefs" into nyc-dev

am: 26e675c6

* commit '26e675c6':
  sepolicy: add support for new tracefs

Change-Id: I947918e01e55c1a9850f1ecc8ed0eacd7ccd9883

file.te

@@ -236,7 +236,7 @@ type property_contexts, file_type;
 # Allow files to be created in their appropriate filesystems.
 allow fs_type self:filesystem associate;
 allow sysfs_type sysfs:filesystem associate;
-allow debugfs_type debugfs:filesystem associate;
+allow debugfs_type { debugfs debugfs_tracing }:filesystem associate;
 allow file_type labeledfs:filesystem associate;
 allow file_type tmpfs:filesystem associate;
 allow file_type rootfs:filesystem associate;

genfs_contexts

@@ -34,6 +34,7 @@ genfscon sysfs / u:object_r:sysfs:s0
 genfscon inotifyfs / u:object_r:inotify:s0
 genfscon vfat / u:object_r:vfat:s0
 genfscon debugfs / u:object_r:debugfs:s0
+genfscon tracefs / u:object_r:debugfs_tracing:s0
 genfscon fuse / u:object_r:fuse:s0
 genfscon configfs / u:object_r:configfs:s0
 genfscon sdcardfs / u:object_r:sdcardfs:s0

init.te

@@ -108,7 +108,7 @@ allow init {file_type -system_file -exec_type -keystore_data_file -security_file
 allow init {file_type -system_file -exec_type -keystore_data_file -security_file -app_data_file -shell_data_file -vold_data_file -misc_logd_file }:{ sock_file fifo_file } { create getattr open read setattr relabelfrom unlink };
 allow init {file_type -system_file -exec_type -keystore_data_file -security_file -app_data_file -shell_data_file -vold_data_file -misc_logd_file }:lnk_file { create getattr setattr relabelfrom unlink };
 allow init {file_type -system_file -exec_type}:dir_file_class_set relabelto;
-allow init { sysfs debugfs }:{ dir file lnk_file } { getattr relabelfrom };
+allow init { sysfs debugfs debugfs_tracing }:{ dir file lnk_file } { getattr relabelfrom };
 allow init { sysfs_type debugfs_type }:{ dir file lnk_file } relabelto;
 allow init dev_type:dir create_dir_perms;
 allow init dev_type:lnk_file create;