Selinux policy for bootreceiver tracing instance Create contexts for /sys/kernel/tracing/instances/bootreceiver Allow read access to files in this dir for system_server. Bug: 172316664 Bug: 181778620 Test: manual runs with KFENCE enabled Signed-off-by: Alexander Potapenko <glider@google.com> Change-Id: I7021a9f32b1392b9afb77294a1fd0a1be232b1f2

commit: 3d52817da411821e7288c7c9d730fb42fc9a6e64 [log] [tgz]
author: Alexander Potapenko <glider@google.com> Tue Mar 02 16:46:50 2021 +0100
committer: Alexander Potapenko <glider@google.com> Fri Mar 05 08:53:39 2021 +0100
tree: 3af859f5635fd880618b3868bbe6f36a6bdc51f2
parent: ae69347dbeacb243d7a77f02514a09e635f97387 [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index c0c7c16..8bee1bf 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -1021,6 +1021,10 @@
 allow system_server debugfs_wifi_tracing:dir search;
 allow system_server debugfs_wifi_tracing:file rw_file_perms;
 
+# Allow BootReceiver to watch trace error_report events.
+allow system_server debugfs_bootreceiver_tracing:dir search;
+allow system_server debugfs_bootreceiver_tracing:file r_file_perms;
+
 # Allow system_server to read tracepoint ids in order to attach BPF programs to them.
 allow system_server debugfs_tracing:file r_file_perms;
commit	3d52817da411821e7288c7c9d730fb42fc9a6e64	[log] [tgz]
author	Alexander Potapenko <glider@google.com>	Tue Mar 02 16:46:50 2021 +0100
committer	Alexander Potapenko <glider@google.com>	Fri Mar 05 08:53:39 2021 +0100
tree	3af859f5635fd880618b3868bbe6f36a6bdc51f2
parent	ae69347dbeacb243d7a77f02514a09e635f97387 [diff] [blame]