| dcashman | cc39f63 | 2016-07-22 13:13:11 -0700 | [diff] [blame] | 1 | # type_transition must be private policy the domain_trans rules could stay |
| 2 | # public, but conceptually should go with this |
| 3 | init_daemon_domain(dumpstate) |
| 4 | |
| 5 | # Execute and transition to the vdc domain |
| 6 | domain_auto_trans(dumpstate, vdc_exec, vdc) |
| dcashman | 2e00e63 | 2016-10-12 14:58:09 -0700 | [diff] [blame] | 7 | |
| 8 | # TODO: deal with tmpfs_domain pub/priv split properly |
| 9 | allow dumpstate dumpstate_tmpfs:file execute; |
| 10 | |
| 11 | # systrace support - allow atrace to run |
| 12 | allow dumpstate debugfs_tracing:dir r_dir_perms; |
| 13 | allow dumpstate debugfs_tracing:file rw_file_perms; |
| 14 | allow dumpstate debugfs_trace_marker:file getattr; |
| 15 | allow dumpstate atrace_exec:file rx_file_perms; |
| ynwang | e68d2d2 | 2016-07-01 12:18:54 -0700 | [diff] [blame] | 16 | allow dumpstate storaged_exec:file rx_file_perms; |
| 17 | |
| 18 | # Allow dumpstate to make binder calls to storaged service |
| 19 | binder_call(dumpstate, storaged) |
| Keun-young Park | 43e8fae | 2017-03-03 13:13:25 -0800 | [diff] [blame^] | 20 | |
| 21 | # Collect metrics on boot time created by init |
| 22 | get_prop(dumpstate, boottime_prop) |