Sync internal master and AOSP sepolicy. Bug: 37916906 Test: Builds 'n' boots. Change-Id: Ia1d86264446ebecc1ca79f32f11354921bc77668 Merged-In: I208ec6a864127a059fb389417a9c6b259d7474cb

commit: 91d398d802b4fbd33c2b88da9f56ecee8bdc363c [log] [tgz]
author: Dan Cashman <dcashman@google.com> Tue Sep 26 12:58:29 2017 -0700
committer: Dan Cashman <dcashman@google.com> Tue Sep 26 14:38:47 2017 -0700
tree: ae80a698d8f48b79a749eb9d0b1668402614c1d0
parent: 6922dfe3661ca7c4043f6ef9c6c61fdb9c7fa89a [diff] [blame]
diff --git a/private/atrace.te b/private/atrace.te
index a57c6ec..fc27517 100644
--- a/private/atrace.te
+++ b/private/atrace.te

@@ -11,8 +11,11 @@
   allow atrace boottrace_data_file:dir search;
   allow atrace boottrace_data_file:file r_file_perms;
 
-  # atrace reads the files in /sys/kernel/debug/tracing/
-  allow atrace debugfs_tracing:file r_file_perms;
+  # Allow atrace to access tracefs.
+  allow atrace debugfs_tracing:dir r_dir_perms;
+  allow atrace debugfs_tracing:file rw_file_perms;
+  allow atrace debugfs_tracing_debug:file rw_file_perms;
+  allow atrace debugfs_trace_marker:file getattr;
 
   # atrace sets debug.atrace.* properties
   set_prop(atrace, debug_prop)
commit	91d398d802b4fbd33c2b88da9f56ecee8bdc363c	[log] [tgz]
author	Dan Cashman <dcashman@google.com>	Tue Sep 26 12:58:29 2017 -0700
committer	Dan Cashman <dcashman@google.com>	Tue Sep 26 14:38:47 2017 -0700
tree	ae80a698d8f48b79a749eb9d0b1668402614c1d0
parent	6922dfe3661ca7c4043f6ef9c6c61fdb9c7fa89a [diff] [blame]