| Alex Klyubin | f5446eb | 2017-03-23 14:27:32 -0700 | [diff] [blame] | 1 | typeattribute tombstoned coredomain; |
| 2 | |
| Josh Gao | cb3eb4e | 2016-10-19 14:39:30 -0700 | [diff] [blame] | 3 | init_daemon_domain(tombstoned) |
| Inseob Kim | 14a71fb | 2020-07-07 13:35:34 +0900 | [diff] [blame] | 4 | |
| 5 | get_prop(tombstoned, tombstone_config_prop) |
| 6 | |
| Inseob Kim | 75806ef | 2024-03-27 17:18:41 +0900 | [diff] [blame^] | 7 | # Write to arbitrary pipes given to us. |
| 8 | allow tombstoned domain:fd use; |
| 9 | allow tombstoned domain:fifo_file write; |
| 10 | |
| 11 | allow tombstoned domain:dir r_dir_perms; |
| 12 | allow tombstoned domain:file r_file_perms; |
| 13 | allow tombstoned tombstone_data_file:dir rw_dir_perms; |
| 14 | allow tombstoned tombstone_data_file:file { create_file_perms link }; |
| 15 | |
| 16 | # Changes for the new stack dumping mechanism. Each trace goes into a |
| 17 | # separate file, and these files are managed by tombstoned. |
| 18 | allow tombstoned anr_data_file:dir rw_dir_perms; |
| 19 | allow tombstoned anr_data_file:file { append create getattr open link unlink }; |
| 20 | |
| 21 | ### |
| 22 | ### Neverallow rules |
| 23 | ### |
| 24 | |
| Inseob Kim | 14a71fb | 2020-07-07 13:35:34 +0900 | [diff] [blame] | 25 | neverallow { |
| Inseob Kim | 85acf6e | 2021-03-10 10:42:23 +0900 | [diff] [blame] | 26 | domain |
| Inseob Kim | 14a71fb | 2020-07-07 13:35:34 +0900 | [diff] [blame] | 27 | -init |
| 28 | -vendor_init |
| 29 | -dumpstate |
| 30 | -tombstoned |
| 31 | } tombstone_config_prop:file no_rw_file_perms; |