Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / a9f1dc970879c38efd922ccb79a7f5b4d508ee5e
commita9f1dc970879c38efd922ccb79a7f5b4d508ee5e[log] [tgz]
authorShikha Panwar <shikhapanwar@google.com>Thu Mar 24 09:05:59 2022 +0000
committerShikha Panwar <shikhapanwar@google.com>Tue Apr 05 13:09:04 2022 +0000
treee94d4b1a2a9ea9e77ea984bc76d4e2c27ec68fe6
parent45b594f5efdd45154d0e2cebdf1be6fbc4d61c2f [diff]
Selinux configs for enabling tombstones be passed to host

For Guest: tombstone_tranmit needs permissions for:
1. keeping track of files being written on /data/tombstones.
2. creating vsock socket to talk to virtualizationservice (to forward
   these tombstones)

These permissions will be similar to tombstone_tarnsmit on cuttlefish
(device/google/cuttlefish/guest/monitoring/tombstone_transmit/tombstone_transmit.cpp)

For Host (virtualizationservice) needs:
1. permission to  connect to tombstoned.
2. permission to use fd belonging to tombstoned.
3. append and related permissions on tombstone_data file.

Test: Tested by crashing a process in guest (started using microdroid
demo)

Change-Id: Ifd0728d792bda98ba139f18fa9406494a714879d
4 files changed
tree: e94d4b1a2a9ea9e77ea984bc76d4e2c27ec68fe6
  1. apex/
  2. build/
  3. com.android.sepolicy/
  4. compat/
  5. contexts/
  6. microdroid/
  7. prebuilts/
  8. private/
  9. public/
  10. reqd_mask/
  11. tests/
  12. tools/
  13. vendor/
  14. .gitignore
  15. Android.bp
  16. Android.mk
  17. CleanSpec.mk
  18. definitions.mk
  19. mac_permissions.mk
  20. METADATA
  21. MODULE_LICENSE_PUBLIC_DOMAIN
  22. NOTICE
  23. OWNERS
  24. policy_version.mk
  25. PREUPLOAD.cfg
  26. README
  27. TEST_MAPPING
  28. treble_sepolicy_tests_for_release.mk