SEPolicy: Changes for new stack dumping scheme. Applications connect to tombstoned via a unix domain socket and request an open FD to which they can write their traces. This socket has a new label (tombstoned_java_trace_socket) and appdomain and system_server are given permissions to connect and write to it. Apps no longer need permissions to open files under /data/anr/ and these permissions will be withdrawn in a future change. Bug: 32064548 Test: Manual (cherry picked from commit a8832dabc7f3b7b2381760d2b95f81abf78db709) (cherry picked from commit 11bfcc1e96d9ede3d5aaa586630d154e73a7214a) Change-Id: Icc60d227331c8eee70a9389ff1e7e78772f37e6f

commit: f194aad2086444baa6c16095ef99c4d8d835b79b [log] [tgz]
author: Narayan Kamath <narayan@google.com> Mon May 15 18:39:16 2017 +0100
committer: Narayan Kamath <narayan@google.com> Wed May 31 10:01:48 2017 +0000
tree: 59e9fd6fc0e9454c273607ea4eb2ba9dd318f56c
parent: 19e71b7bea05a3980789e0a6fab1799d2d47cce7 [diff] [blame]
diff --git a/private/file_contexts b/private/file_contexts
index 7384ce8..d211bd8 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -144,6 +144,7 @@
 /dev/socket/rild	u:object_r:rild_socket:s0
 /dev/socket/rild-debug	u:object_r:rild_debug_socket:s0
 /dev/socket/tombstoned_crash u:object_r:tombstoned_crash_socket:s0
+/dev/socket/tombstoned_java_trace u:object_r:tombstoned_java_trace_socket:s0
 /dev/socket/tombstoned_intercept u:object_r:tombstoned_intercept_socket:s0
 /dev/socket/uncrypt	u:object_r:uncrypt_socket:s0
 /dev/socket/vold	u:object_r:vold_socket:s0
commit	f194aad2086444baa6c16095ef99c4d8d835b79b	[log] [tgz]
author	Narayan Kamath <narayan@google.com>	Mon May 15 18:39:16 2017 +0100
committer	Narayan Kamath <narayan@google.com>	Wed May 31 10:01:48 2017 +0000
tree	59e9fd6fc0e9454c273607ea4eb2ba9dd318f56c
parent	19e71b7bea05a3980789e0a6fab1799d2d47cce7 [diff] [blame]