| Dan Cashman | 8058248 | 2017-12-06 09:20:27 -0800 | [diff] [blame] | 1 | # Domain for atrace process spawned by boottrace service. |
| 2 | |
| 3 | type atrace_exec, exec_type, file_type; |
| 4 | |
| 5 | userdebug_or_eng(` |
| 6 | type atrace, domain, coredomain, domain_deprecated; |
| 7 | |
| 8 | init_daemon_domain(atrace) |
| 9 | |
| 10 | # boottrace services uses /data/misc/boottrace/categories |
| 11 | allow atrace boottrace_data_file:dir search; |
| 12 | allow atrace boottrace_data_file:file r_file_perms; |
| 13 | |
| 14 | # Allow atrace to access tracefs. |
| 15 | allow atrace debugfs_tracing:dir r_dir_perms; |
| 16 | allow atrace debugfs_tracing:file rw_file_perms; |
| 17 | allow atrace debugfs_tracing_debug:file rw_file_perms; |
| 18 | allow atrace debugfs_trace_marker:file getattr; |
| 19 | |
| 20 | # atrace sets debug.atrace.* properties |
| 21 | set_prop(atrace, debug_prop) |
| 22 | |
| 23 | # atrace pokes all the binder-enabled processes at startup. |
| 24 | binder_use(atrace) |
| 25 | allow atrace healthd:binder call; |
| 26 | allow atrace surfaceflinger:binder call; |
| 27 | ') |