| dcashman | cc39f63 | 2016-07-22 13:13:11 -0700 | [diff] [blame] | 1 | # type_transition must be private policy the domain_trans rules could stay |
| 2 | # public, but conceptually should go with this |
| 3 | init_daemon_domain(dumpstate) |
| 4 | |
| 5 | # Execute and transition to the vdc domain |
| 6 | domain_auto_trans(dumpstate, vdc_exec, vdc) |
| dcashman | 2e00e63 | 2016-10-12 14:58:09 -0700 | [diff] [blame^] | 7 | |
| 8 | # TODO: deal with tmpfs_domain pub/priv split properly |
| 9 | allow dumpstate dumpstate_tmpfs:file execute; |
| 10 | |
| 11 | # systrace support - allow atrace to run |
| 12 | allow dumpstate debugfs_tracing:dir r_dir_perms; |
| 13 | allow dumpstate debugfs_tracing:file rw_file_perms; |
| 14 | allow dumpstate debugfs_trace_marker:file getattr; |
| 15 | allow dumpstate atrace_exec:file rx_file_perms; |