Blame - ramdump/ramdump.te - android_hardware_google_pixel-sepolicy

blob: f9c93c67dbd214c73eac3e0ab3c4068a740e0903 [file] [log] [blame]

Woody Lin	33210ec	2020-01-17 18:51:36 +0800	[diff] [blame]	1	type ramdump_exec, exec_type, vendor_file_type, file_type;
				2	type ramdump, domain;
				3
				4	userdebug_or_eng(`
				5	init_daemon_domain(ramdump)
				6
				7	set_prop(ramdump, vendor_ramdump_prop)
				8
				9	# f2fs set pin file requires sys_admin
				10	allow ramdump self:capability { sys_admin sys_rawio };
				11
				12	allow ramdump ramdump_vendor_data_file:dir create_dir_perms;
				13	allow ramdump ramdump_vendor_data_file:file create_file_perms;
				14	allow ramdump proc_cmdline:file r_file_perms;
				15
				16	allow ramdump block_device:dir search;
				17	allow ramdump misc_block_device:blk_file rw_file_perms;
				18	allow ramdump userdata_block_device:blk_file rw_file_perms;
				19
				20	dontaudit ramdump metadata_file:dir search;
				21
				22	# read /fstab.${ro.hardware}
				23	allow ramdump rootfs:file r_file_perms;
				24
				25	r_dir_file(ramdump, sysfs_type)
				26
				27	# To access statsd.
				28	hwbinder_use(ramdump)
				29	get_prop(ramdump, hwservicemanager_prop)
Woody Lin	007cdcb	2021-03-08 12:18:51 +0800	[diff] [blame]	30	get_prop(ramdump, boot_status_prop)
Woody Lin	33210ec	2020-01-17 18:51:36 +0800	[diff] [blame]	31	allow ramdump fwk_stats_hwservice:hwservice_manager find;
				32	binder_call(ramdump, stats_service_server)
Vova Sharaienko	8868447	2021-03-03 01:27:44 +0000	[diff] [blame]	33	allow ramdump fwk_stats_service:service_manager find;
				34	binder_use(ramdump)
Woody Lin	33210ec	2020-01-17 18:51:36 +0800	[diff] [blame]	35
				36	# To implement fusefs (ramdumpfs) under /mnt/vendor/ramdump.
				37	allow ramdump fuse:filesystem relabelfrom;
				38	allow ramdump fuse_device:chr_file rw_file_perms;
				39	allow ramdump mnt_vendor_file:dir r_dir_perms;
				40	allow ramdump ramdump_vendor_mnt_file:dir { getattr mounton };
				41	allow ramdump ramdump_vendor_mnt_file:filesystem { mount unmount relabelfrom relabelto };
Woody Lin	ea907ea	2021-03-02 17:13:27 +0800	[diff] [blame]	42
				43	# Access new Stats AIDL APIs (ag/13714907).
				44	allow ramdump fwk_stats_service:service_manager find;
				45	binder_call(ramdump, servicemanager)
Woody Lin	33210ec	2020-01-17 18:51:36 +0800	[diff] [blame]	46	')