perfetto: allow traced to write into FDs received by the client

This allows an optimization that consists in the "perfetto" cmdline client passing directly the file descriptor for the output trace to traced (as opposite to having traced streaming back the trace data to "perfetto" and having that one doing the write() into file). This reduces sensibly the memory traffic and CPU overhead of traces with a minor change. Bug: 73625179 Test: builds + perfetto_integrationtests w/ long_trace.cfg Change-Id: I81f5a230338ced20dc543fd91c5a0bd0e58725f2 Merged-In: I81f5a230338ced20dc543fd91c5a0bd0e58725f2 (cherry picked from aosp/648831)

perfetto: allow traced to write into FDs received by the client
e9b8bff6 · Primiano Tucci · e5542494 · e9b8bff6
Commit e9b8bff6 authored 7 years ago by Primiano Tucci
--- a/private/traced.te
+++ b/private/traced.te
@@ -14,6 +14,13 @@ typeattribute traced_tmpfs mlstrustedobject;
 # the privileged process that controls it.
 allow traced self:global_capability_class_set { sys_nice };

+# Allow to pass a file descriptor for the output trace from "perfetto" (the
+# cmdline client) and other shell binaries to traced and let traced write
+# directly into that (rather than returning the trace contents over the socket).
+allow traced perfetto:fd use;
+allow traced shell:fd use;
+allow traced perfetto_traces_data_file:file { read write };
+
 ###
 ### Neverallow rules
 ###
@@ -42,7 +49,11 @@ neverallow traced {
 neverallow traced { system_data_file }:dir ~{ getattr search };
 neverallow traced zoneinfo_data_file:dir ~r_dir_perms;
 neverallow traced { data_file_type -zoneinfo_data_file }:lnk_file *;
-neverallow traced { data_file_type -zoneinfo_data_file }:file ~write;
+neverallow traced {
+  data_file_type
+  -zoneinfo_data_file
+  -perfetto_traces_data_file
+}:file ~write;

 # Only init is allowed to enter the traced domain via exec()
 neverallow { domain -init } traced:process transition;