Add framework_watchdog_config_prop The framework_watchdog_config_prop properties control framework watchdog configurations to handle watchdog timeout loop. The properties are written only by vendor_init. More details and background: go/break-sys-watchdog-loop Bug: 141948707 Change-Id: I6c0da5fdafba8165e79d0f04e0a82874f605a06d

commit: e00543248213180dfc28bd87e3775780a22fb3c8 [log] [tgz]
author: Woody Lin <woodylin@google.com> Mon May 25 16:33:17 2020 +0800
committer: Woody Lin <woodylin@google.com> Mon Oct 12 16:44:13 2020 +0000
tree: bcb2958fd111b09512a991cb84118d0445b4e1b9
parent: 7f663a15e13e4699e0661797ff36711c7211eb64 [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index cadc6cd..a3ee549 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -1020,6 +1020,13 @@
 # Only system server can access BINDER_FREEZE and BINDER_GET_FROZEN_INFO
 allowxperm system_server binder_device:chr_file ioctl { BINDER_FREEZE BINDER_GET_FROZEN_INFO };
 
+# Watchdog prints debugging log to /dev/kmsg_debug.
+userdebug_or_eng(`
+  allow system_server kmsg_debug_device:chr_file { open append getattr };
+')
+# Watchdog reads sysprops framework_watchdog.fatal_* to handle watchdog timeout loop.
+get_prop(system_server, framework_watchdog_config_prop)
+
 ###
 ### Neverallow rules
 ###
commit	e00543248213180dfc28bd87e3775780a22fb3c8	[log] [tgz]
author	Woody Lin <woodylin@google.com>	Mon May 25 16:33:17 2020 +0800
committer	Woody Lin <woodylin@google.com>	Mon Oct 12 16:44:13 2020 +0000
tree	bcb2958fd111b09512a991cb84118d0445b4e1b9
parent	7f663a15e13e4699e0661797ff36711c7211eb64 [diff] [blame]