Add selinux rules for additional file contexts in userdebug These rules allow the additional tracepoints we need for running traceur in userdebug builds to be writeable. Bug: 37110010 Test: I'm testing by running atrace -l and confirming that the tracepoints that I'm attempting to enable are available. Change-Id: Ia352100ed67819ae5acca2aad803fa392d8b80fd

commit: 25788df11580805a1d1dd082f7a50cbada31bbf0 [log] [tgz]
author: Carmen Jackson <carmenjackson@google.com> Fri Apr 14 12:12:50 2017 -0700
committer: Carmen Jackson <carmenjackson@google.com> Tue Apr 18 14:33:41 2017 -0700
tree: f0aa38b48bbd30d1cced904381db078761ae6a5c
parent: 0d1b2ce151d094b4df949248ab55b4e6d6780869 [diff] [blame]
diff --git a/private/shell.te b/private/shell.te
index c24bfd3..c0b4ee5 100644
--- a/private/shell.te
+++ b/private/shell.te

@@ -7,6 +7,10 @@
 allow shell debugfs_trace_marker:file getattr;
 allow shell atrace_exec:file rx_file_perms;
 
+userdebug_or_eng(`
+  allow shell tracing_shell_writable_debug:file rw_file_perms;
+')
+
 # Run app_process.
 # XXX Transition into its own domain?
 app_domain(shell)
commit	25788df11580805a1d1dd082f7a50cbada31bbf0	[log] [tgz]
author	Carmen Jackson <carmenjackson@google.com>	Fri Apr 14 12:12:50 2017 -0700
committer	Carmen Jackson <carmenjackson@google.com>	Tue Apr 18 14:33:41 2017 -0700
tree	f0aa38b48bbd30d1cced904381db078761ae6a5c
parent	0d1b2ce151d094b4df949248ab55b4e6d6780869 [diff] [blame]