| typeattribute shell coredomain; |
| |
| # allow shell input injection |
| allow shell uhid_device:chr_file rw_file_perms; |
| |
| # systrace support - allow atrace to run |
| allow shell debugfs_tracing_debug:dir r_dir_perms; |
| allow shell debugfs_tracing:dir r_dir_perms; |
| allow shell debugfs_tracing:file rw_file_perms; |
| allow shell debugfs_trace_marker:file getattr; |
| allow shell atrace_exec:file rx_file_perms; |
| |
| userdebug_or_eng(` |
| allow shell debugfs_tracing_debug:file rw_file_perms; |
| ') |
| |
| # read config.gz for CTS purposes |
| allow shell config_gz:file r_file_perms; |
| |
| # Run app_process. |
| # XXX Transition into its own domain? |
| app_domain(shell) |
| |
| # allow shell to call dumpsys storaged |
| binder_call(shell, storaged) |
| |
| # Perform SELinux access checks, needed for CTS |
| selinux_check_access(shell) |
| selinux_check_context(shell) |
| |
| # Control Perfetto traced and obtain traces from it. |
| # Needed for Studio and debugging. |
| unix_socket_connect(shell, traced_consumer, traced) |
| |
| # Allow shell binaries to write trace data to Perfetto. Used for testing and |
| # cmdline utils. |
| perfetto_producer(shell) |
| |
| domain_auto_trans(shell, vendor_shell_exec, vendor_shell) |
| |
| # Allow shell binaries to exec the perfetto cmdline util and have that |
| # transition into its own domain, so that it behaves consistently to |
| # when exec()-d by statsd. |
| domain_auto_trans(shell, perfetto_exec, perfetto) |
| # Allow to send SIGINT to perfetto when daemonized. |
| allow shell perfetto:process signal; |
| |
| # Allow shell to run adb shell cmd stats commands. Needed for CTS. |
| binder_call(shell, statsd); |
| |
| # Allow shell to read and unlink traces stored in /data/misc/perfetto-traces. |
| allow shell perfetto_traces_data_file:dir rw_dir_perms; |
| allow shell perfetto_traces_data_file:file { r_file_perms unlink }; |
| |
| # Allow shell to run adb shell cmd gpu commands. |
| binder_call(shell, gpuservice); |
| |
| # Allow shell to use atrace HAL |
| hal_client_domain(shell, hal_atrace) |
| |
| # For hostside tests such as CTS listening ports test. |
| allow shell proc_net_tcp_udp:file r_file_perms; |
| |
| # The dl.exec_linker* tests need to execute /system/bin/linker |
| # b/124789393 |
| allow shell system_linker_exec:file rx_file_perms; |
| |
| # Renderscript host side tests depend on being able to execute |
| # /system/bin/bcc (b/126388046) |
| allow shell rs_exec:file rx_file_perms; |
| |
| # Allow shell to start and comminicate with lpdumpd. |
| set_prop(shell, lpdumpd_prop); |
| binder_call(shell, lpdumpd) |
| |
| # Allow shell to set and read value of properties used for CTS tests of |
| # userspace reboot |
| set_prop(shell, userspace_reboot_test_prop) |
| |
| # Allow shell to get encryption policy of /data/local/tmp/, for CTS |
| allowxperm shell shell_data_file:dir ioctl { |
| FS_IOC_GET_ENCRYPTION_POLICY |
| FS_IOC_GET_ENCRYPTION_POLICY_EX |
| }; |
| |
| # Allow shell to execute simpleperf without a domain transition. |
| allow shell simpleperf_exec:file rx_file_perms; |
| |
| # Allow shell to call perf_event_open for profiling other shell processes, but |
| # not the whole system. |
| allow shell self:perf_event { open read write kernel }; |
| neverallow shell self:perf_event ~{ open read write kernel }; |
| |
| # Allow to read graphics related properties. |
| get_prop(shell, graphics_config_prop) |