[ALPS03841705] AEE porting on Android P about selinux

[Detail] add some rules MTK-Commit-Id: 350fa2869fe9390bcb7ca562af5230a2ad711640 Change-Id: Ib4966ae42233270eb7a65ab036903791767b5ec8 CR-Id: ALPS03841705 Feature: Android Exception Engine(AEE)
2020-01-18 09:52:43 +08:00 · 2020-01-18 09:52:43 +08:00 · c058e72a5b
commit c058e72a5b
parent 38f6afbf14
2 changed files with 7 additions and 4 deletions
--- a/non_plat/aee_aedv.te
+++ b/non_plat/aee_aedv.te
@ -357,8 +357,8 @@ allow aee_aedv sysfs_lowmemorykiller:file r_file_perms;
 allow aee_aedv sysfs_scp:dir r_dir_perms;
 allow aee_aedv sysfs_scp:file r_file_perms;

-# Purpose: allow aee_aedv self to fsetid/sys_nice/chown/fowner
-allow aee_aedv self:capability { fsetid sys_nice chown fowner };
+# Purpose: allow aee_aedv self to fsetid/sys_nice/chown/fowner/kill
+allow aee_aedv self:capability { fsetid sys_nice chown fowner kill };

 # Purpose: allow aee_aedv to read /proc/buddyinfo
 allow aee_aedv proc_buddyinfo:file r_file_perms;
--- a/plat_private/aee_aed.te
+++ b/plat_private/aee_aed.te
@ -138,8 +138,8 @@ allow aee_aed crash_dump:file r_file_perms;
 # Purpose : allow aee_aed to read /proc/version
 allow aee_aed proc_version:file { read open };

-# Purpose : allow aee_aed self to sys_nice/chown
-allow aee_aed self:capability { sys_nice chown fowner};
+# Purpose : allow aee_aed self to sys_nice/chown/kill
+allow aee_aed self:capability { sys_nice chown fowner kill };

 # Purpose: Allow aee_aed to write /sys/kernel/debug/tracing/snapshot
 userdebug_or_eng(`allow aee_aed debugfs_tracing_debug:file { write open };')
@ -148,3 +148,6 @@ userdebug_or_eng(`allow aee_aed debugfs_tracing_debug:file { write open };')
 userdebug_or_eng(`
  allow aee_aed self:capability { sys_ptrace dac_override dac_read_search };
 ')
+
+# Purpose: Allow aee_aed to read/write /sys/kernel/debug/tracing/tracing_on
+userdebug_or_eng(` allow aee_aed debugfs_tracing:file { r_file_perms write };')