SEPolicy: Changes for new stack dumping scheme. Applications connect to tombstoned via a unix domain socket and request an open FD to which they can write their traces. This socket has a new label (tombstoned_java_trace_socket) and appdomain and system_server are given permissions to connect and write to it. Apps no longer need permissions to open files under /data/anr/ and these permissions will be withdrawn in a future change. Bug: 32064548 Test: Manual (cherry picked from commit a8832dabc7f3b7b2381760d2b95f81abf78db709) Change-Id: I70a3e6e230268d12b454e849fa88418082269c4f

commit: 11bfcc1e96d9ede3d5aaa586630d154e73a7214a [log] [tgz]
author: Narayan Kamath <narayan@google.com> Mon May 15 18:39:16 2017 +0100
committer: Narayan Kamath <narayan@google.com> Tue May 30 18:16:38 2017 +0100
tree: 4b441ffb3bb1d08ec7893c14da4bf36566d6d3d8
parent: 4aa02d17297ee7dccca6960fc60cd7dca933f6bb [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index 73f4a7f..691605a 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -146,6 +146,7 @@
 /dev/socket/rild	u:object_r:rild_socket:s0
 /dev/socket/rild-debug	u:object_r:rild_debug_socket:s0
 /dev/socket/tombstoned_crash u:object_r:tombstoned_crash_socket:s0
+/dev/socket/tombstoned_java_trace u:object_r:tombstoned_java_trace_socket:s0
 /dev/socket/tombstoned_intercept u:object_r:tombstoned_intercept_socket:s0
 /dev/socket/uncrypt	u:object_r:uncrypt_socket:s0
 /dev/socket/vold	u:object_r:vold_socket:s0
commit	11bfcc1e96d9ede3d5aaa586630d154e73a7214a	[log] [tgz]
author	Narayan Kamath <narayan@google.com>	Mon May 15 18:39:16 2017 +0100
committer	Narayan Kamath <narayan@google.com>	Tue May 30 18:16:38 2017 +0100
tree	4b441ffb3bb1d08ec7893c14da4bf36566d6d3d8
parent	4aa02d17297ee7dccca6960fc60cd7dca933f6bb [diff] [blame]