1typeattribute shell coredomain; 2 3# allow shell input injection 4allow shell uhid_device:chr_file rw_file_perms; 5 6# systrace support - allow atrace to run 7allow shell debugfs_tracing_debug:dir r_dir_perms; 8allow shell debugfs_tracing:dir r_dir_perms; 9allow shell debugfs_tracing:file rw_file_perms; 10allow shell debugfs_trace_marker:file getattr; 11allow shell atrace_exec:file rx_file_perms; 12 13userdebug_or_eng(` 14 allow shell debugfs_tracing_debug:file rw_file_perms; 15') 16 17# read config.gz for CTS purposes 18allow shell config_gz:file r_file_perms; 19 20# Run app_process. 21# XXX Transition into its own domain? 22app_domain(shell) 23 24# allow shell to call dumpsys storaged 25binder_call(shell, storaged) 26 27# Perform SELinux access checks, needed for CTS 28selinux_check_access(shell) 29selinux_check_context(shell) 30 31# Control Perfetto traced and obtain traces from it. 32# Needed for Studio and debugging. 33unix_socket_connect(shell, traced_consumer, traced) 34 35# Allow shell binaries to write trace data to Perfetto. Used for testing and 36# cmdline utils. 37perfetto_producer(shell) 38 39domain_auto_trans(shell, vendor_shell_exec, vendor_shell) 40 41# Allow shell binaries to exec the perfetto cmdline util and have that 42# transition into its own domain, so that it behaves consistently to 43# when exec()-d by statsd. 44domain_auto_trans(shell, perfetto_exec, perfetto) 45# Allow to send SIGINT to perfetto when daemonized. 46allow shell perfetto:process signal; 47 48# Allow shell to run adb shell cmd stats commands. Needed for CTS. 49binder_call(shell, statsd); 50 51# Allow shell to read and unlink traces stored in /data/misc/perfetto-traces. 52allow shell perfetto_traces_data_file:dir rw_dir_perms; 53allow shell perfetto_traces_data_file:file { r_file_perms unlink }; 54 55# Allow shell to run adb shell cmd gpu commands. 56binder_call(shell, gpuservice); 57 58# Allow shell to use atrace HAL 59hal_client_domain(shell, hal_atrace) 60 61# For hostside tests such as CTS listening ports test. 62allow shell proc_net_tcp_udp:file r_file_perms; 63 64# The dl.exec_linker* tests need to execute /system/bin/linker 65# b/124789393 66allow shell system_linker_exec:file rx_file_perms; 67 68# Renderscript host side tests depend on being able to execute 69# /system/bin/bcc (b/126388046) 70allow shell rs_exec:file rx_file_perms; 71 72# Allow shell to start and comminicate with lpdumpd. 73set_prop(shell, lpdumpd_prop); 74binder_call(shell, lpdumpd) 75 76# Allow shell to set and read value of properties used for CTS tests of 77# userspace reboot 78set_prop(shell, userspace_reboot_test_prop) 79 80# Allow shell to get encryption policy of /data/local/tmp/, for CTS 81allowxperm shell shell_data_file:dir ioctl { 82 FS_IOC_GET_ENCRYPTION_POLICY 83 FS_IOC_GET_ENCRYPTION_POLICY_EX 84}; 85 86# Allow shell to execute simpleperf without a domain transition. 87allow shell simpleperf_exec:file rx_file_perms; 88 89# Allow shell to call perf_event_open for profiling other shell processes, but 90# not the whole system. 91allow shell self:perf_event { open read write kernel }; 92neverallow shell self:perf_event ~{ open read write kernel }; 93 94# Allow to read graphics related properties. 95get_prop(shell, graphics_config_prop)