| Dan Cashman | 91d398d | 2017-09-26 12:58:29 -0700 | [diff] [blame] | 1 | # Domain for atrace process spawned by boottrace service. |
| 2 | |
| 3 | type atrace_exec, exec_type, file_type; |
| 4 | |
| 5 | userdebug_or_eng(` |
| 6 | type atrace, domain, coredomain, domain_deprecated; |
| 7 | |
| 8 | init_daemon_domain(atrace) |
| 9 | |
| 10 | # boottrace services uses /data/misc/boottrace/categories |
| 11 | allow atrace boottrace_data_file:dir search; |
| 12 | allow atrace boottrace_data_file:file r_file_perms; |
| 13 | |
| 14 | # atrace reads the files in /sys/kernel/debug/tracing/ |
| 15 | allow atrace debugfs_tracing:file r_file_perms; |
| 16 | |
| 17 | # atrace sets debug.atrace.* properties |
| 18 | set_prop(atrace, debug_prop) |
| 19 | |
| 20 | # atrace pokes all the binder-enabled processes at startup. |
| 21 | binder_use(atrace) |
| 22 | allow atrace healthd:binder call; |
| 23 | allow atrace surfaceflinger:binder call; |
| 24 | ') |