| typeattribute logd coredomain; |
| |
| init_daemon_domain(logd) |
| |
| # Access device logging gating property |
| get_prop(logd, device_logging_prop) |
| |
| # logd is not allowed to write anywhere other than /data/misc/logd, and then |
| # only on userdebug or eng builds |
| neverallow logd { |
| file_type |
| -runtime_event_log_tags_file |
| # shell_data_file access is needed to dump bugreports |
| -shell_data_file |
| userdebug_or_eng(`-coredump_file -misc_logd_file') |
| with_native_coverage(`-method_trace_data_file') |
| }:file { create write append }; |
| |
| # protect the event-log-tags file |
| neverallow { |
| domain |
| -appdomain # covered below |
| -bootstat |
| -dumpstate |
| -init |
| -logd |
| userdebug_or_eng(`-logpersist') |
| -servicemanager |
| -system_server |
| -surfaceflinger |
| -zygote |
| } runtime_event_log_tags_file:file no_rw_file_perms; |
| |
| neverallow { |
| appdomain |
| -bluetooth |
| -platform_app |
| -priv_app |
| -radio |
| -shell |
| userdebug_or_eng(`-su') |
| -system_app |
| } runtime_event_log_tags_file:file no_rw_file_perms; |
| |
| # Only binder communication between logd and system_server is allowed |
| binder_use(logd) |
| binder_service(logd) |
| binder_call(logd, system_server) |
| |
| add_service(logd, logd_service) |
| allow logd logcat_service:service_manager find; |