| Joe Onorato | 41f93db | 2016-11-20 23:23:04 -0800 | [diff] [blame] | 1 | type incident_exec, exec_type, file_type; |
| 2 | |
| 3 | # switch to incident domain for incident command |
| 4 | domain_auto_trans(shell, incident_exec, incident) |
| 5 | |
| 6 | # allow incident access to stdout from its parent shell. |
| 7 | allow incident shell:fd use; |
| 8 | |
| 9 | # allow incident to communicate use, read and write over the adb |
| 10 | # connection. |
| 11 | allow incident adbd:fd use; |
| 12 | allow incident adbd:unix_stream_socket { read write }; |
| 13 | |
| 14 | # allow adbd to reap incident |
| 15 | allow incident adbd:process { sigchld }; |
| 16 | |
| 17 | # Allow the incident command to talk to the incidentd over the binder, and get |
| 18 | # back the incident report data from a ParcelFileDescriptor. |
| 19 | binder_use(incident) |
| 20 | allow incident incident_service:service_manager find; |
| 21 | binder_call(incident, incidentd) |
| 22 | allow incident incidentd:fifo_file write; |
| 23 | |