* commit 'cd978db20ed0d8dffb1686ef23b968d70561f7cf': Allow all domains access to /dev/qemu_trace.
This commit is contained in:
dcashman
Android Git Automerger
@@ -77,17 +77,13 @@ TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
|
|||||||
|
|
||||||
BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
|
BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
|
||||||
BOARD_SEPOLICY_UNION += \
|
BOARD_SEPOLICY_UNION += \
|
||||||
adbd.te \
|
|
||||||
app.te \
|
|
||||||
bootanim.te \
|
bootanim.te \
|
||||||
device.te \
|
device.te \
|
||||||
domain.te \
|
domain.te \
|
||||||
file.te \
|
file.te \
|
||||||
file_contexts \
|
file_contexts \
|
||||||
mediaserver.te \
|
|
||||||
qemud.te \
|
qemud.te \
|
||||||
rild.te \
|
rild.te \
|
||||||
shell.te \
|
shell.te \
|
||||||
surfaceflinger.te \
|
surfaceflinger.te \
|
||||||
system_server.te \
|
system_server.te
|
||||||
zygote.te
|
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
allow adbd qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
allow appdomain qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1,3 +1,2 @@
|
|||||||
allow bootanim self:process execmem;
|
allow bootanim self:process execmem;
|
||||||
allow bootanim ashmem_device:chr_file execute;
|
allow bootanim ashmem_device:chr_file execute;
|
||||||
allow bootanim qemu_device:chr_file rw_file_perms;
|
|
||||||
|
|||||||
@@ -1,2 +1,3 @@
|
|||||||
# For /sys/qemu_trace files in the emulator.
|
# For /sys/qemu_trace files in the emulator.
|
||||||
allow domain sysfs_writable:file rw_file_perms;
|
allow domain sysfs_writable:file rw_file_perms;
|
||||||
|
allow domain qemu_device:chr_file rw_file_perms;
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
allow mediaserver qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1,2 +1 @@
|
|||||||
allow rild qemu_device:chr_file rw_file_perms;
|
|
||||||
unix_socket_connect(rild, qemud, qemud)
|
unix_socket_connect(rild, qemud, qemud)
|
||||||
|
|||||||
@@ -1,3 +1,2 @@
|
|||||||
allow surfaceflinger self:process execmem;
|
allow surfaceflinger self:process execmem;
|
||||||
allow surfaceflinger ashmem_device:chr_file execute;
|
allow surfaceflinger ashmem_device:chr_file execute;
|
||||||
allow surfaceflinger qemu_device:chr_file rw_file_perms;
|
|
||||||
|
|||||||
@@ -1,2 +1 @@
|
|||||||
unix_socket_connect(system_server, qemud, qemud)
|
unix_socket_connect(system_server, qemud, qemud)
|
||||||
allow system_server qemu_device:chr_file rw_file_perms;
|
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
allow zygote qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -59,13 +59,11 @@ TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
|
|||||||
|
|
||||||
BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
|
BOARD_SEPOLICY_DIRS += build/target/board/generic/sepolicy
|
||||||
BOARD_SEPOLICY_UNION += \
|
BOARD_SEPOLICY_UNION += \
|
||||||
adbd.te \
|
|
||||||
bootanim.te \
|
bootanim.te \
|
||||||
device.te \
|
device.te \
|
||||||
domain.te \
|
domain.te \
|
||||||
file.te \
|
file.te \
|
||||||
file_contexts \
|
file_contexts \
|
||||||
mediaserver.te \
|
|
||||||
qemud.te \
|
qemud.te \
|
||||||
rild.te \
|
rild.te \
|
||||||
shell.te \
|
shell.te \
|
||||||
|
|||||||
@@ -44,8 +44,6 @@ TARGET_USERIMAGES_SPARSE_EXT_DISABLED := true
|
|||||||
|
|
||||||
BOARD_SEPOLICY_DIRS += build/target/board/generic_x86/sepolicy
|
BOARD_SEPOLICY_DIRS += build/target/board/generic_x86/sepolicy
|
||||||
BOARD_SEPOLICY_UNION += \
|
BOARD_SEPOLICY_UNION += \
|
||||||
app.te \
|
|
||||||
adbd.te \
|
|
||||||
bootanim.te \
|
bootanim.te \
|
||||||
device.te \
|
device.te \
|
||||||
domain.te \
|
domain.te \
|
||||||
@@ -53,10 +51,8 @@ BOARD_SEPOLICY_UNION += \
|
|||||||
file_contexts \
|
file_contexts \
|
||||||
healthd.te \
|
healthd.te \
|
||||||
installd.te \
|
installd.te \
|
||||||
mediaserver.te \
|
|
||||||
qemud.te \
|
qemud.te \
|
||||||
rild.te \
|
rild.te \
|
||||||
shell.te \
|
shell.te \
|
||||||
surfaceflinger.te \
|
surfaceflinger.te \
|
||||||
system_server.te \
|
system_server.te
|
||||||
zygote.te
|
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
allow adbd qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
allow appdomain qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1 +0,0 @@
|
|||||||
allow bootanim qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1,3 +1,4 @@
|
|||||||
# For /sys/qemu_trace files in the emulator.
|
# For /sys/qemu_trace files in the emulator.
|
||||||
allow domain sysfs_writable:file rw_file_perms;
|
allow domain sysfs_writable:file rw_file_perms;
|
||||||
allow domain cpuctl_device:dir search;
|
allow domain cpuctl_device:dir search;
|
||||||
|
allow domain qemu_device:chr_file rw_file_perms;
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
allow mediaserver qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1,2 +1 @@
|
|||||||
allow rild qemu_device:chr_file rw_file_perms;
|
|
||||||
unix_socket_connect(rild, qemud, qemud)
|
unix_socket_connect(rild, qemud, qemud)
|
||||||
|
|||||||
@@ -1 +0,0 @@
|
|||||||
allow surfaceflinger qemu_device:chr_file rw_file_perms;
|
|
||||||
@@ -1,3 +1,2 @@
|
|||||||
allow system_server self:process execmem;
|
allow system_server self:process execmem;
|
||||||
unix_socket_connect(system_server, qemud, qemud)
|
unix_socket_connect(system_server, qemud, qemud)
|
||||||
allow system_server qemu_device:chr_file rw_file_perms;
|
|
||||||
|
|||||||
@@ -1,3 +1,2 @@
|
|||||||
allow zygote self:process execmem;
|
allow zygote self:process execmem;
|
||||||
allow zygote self:capability sys_nice;
|
allow zygote self:capability sys_nice;
|
||||||
allow zygote qemu_device:chr_file rw_file_perms;
|
|
||||||
|
|||||||
Reference in New Issue
Block a user