• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1# perfprofd - perf profile collection daemon
2type perfprofd, domain;
3type perfprofd_exec, system_file_type, exec_type, file_type;
4
5userdebug_or_eng(`
6
7  typeattribute perfprofd coredomain;
8  typeattribute perfprofd mlstrustedsubject;
9
10  # perfprofd access to sysfs directory structure.
11  allow perfprofd sysfs_type:dir search;
12
13  # perfprofd needs to control CPU hot-plug in order to avoid kernel
14  # perfevents problems in cases where CPU goes on/off during measurement;
15  # this means read access to /sys/devices/system/cpu/possible
16  # and read/write access to /sys/devices/system/cpu/cpu*/online
17  allow perfprofd sysfs_devices_system_cpu:file rw_file_perms;
18
19  # perfprofd checks for the existence of and then invokes simpleperf;
20  # simpleperf retains perfprofd domain after exec
21  allow perfprofd system_file:file rx_file_perms;
22
23  # perfprofd reads a config file from /data/data/com.google.android.gms/files
24  allow perfprofd { privapp_data_file app_data_file }:file r_file_perms;
25  allow perfprofd { privapp_data_file app_data_file }:dir search;
26  allow perfprofd self:global_capability_class_set { dac_override dac_read_search };
27
28  # perfprofd opens a file for writing in /data/misc/perfprofd
29  allow perfprofd perfprofd_data_file:file create_file_perms;
30  allow perfprofd perfprofd_data_file:dir rw_dir_perms;
31
32  # perfprofd uses the system log
33  read_logd(perfprofd);
34  write_logd(perfprofd);
35
36  # perfprofd inspects /sys/power/wake_unlock
37  wakelock_use(perfprofd);
38
39  # perfprofd looks at thermals.
40  allow perfprofd sysfs_thermal:dir r_dir_perms;
41
42  # perfprofd gets charging status.
43  hal_client_domain(perfprofd, hal_health)
44
45  # simpleperf reads kernel notes.
46  allow perfprofd sysfs_kernel_notes:file r_file_perms;
47
48  # Simpleperf & perfprofd query a range of proc stats.
49  allow perfprofd proc_loadavg:file r_file_perms;
50  allow perfprofd proc_stat:file r_file_perms;
51  allow perfprofd proc_modules:file r_file_perms;
52
53  # simpleperf writes to perf_event_paranoid under /proc.
54  allow perfprofd proc_perf:file write;
55
56  # Simpleperf: kptr_restrict. This would be required to dump kernel symbols.
57  dontaudit perfprofd proc_security:file *;
58
59  # simpleperf uses ioctl() to turn on kernel perf events measurements
60  allow perfprofd self:global_capability_class_set sys_admin;
61
62  # simpleperf needs to examine /proc to collect task/thread info
63  r_dir_file(perfprofd, domain)
64
65  # simpleperf needs to access /proc/<pid>/exec
66  allow perfprofd self:global_capability_class_set { sys_resource sys_ptrace };
67  neverallow perfprofd domain:process ptrace;
68
69  # simpleperf needs open/read any file that turns up in a profile
70  # to see whether it has a build ID
71  allow perfprofd exec_type:file r_file_perms;
72  # App & ART artifacts.
73  r_dir_file(perfprofd, apk_data_file)
74  r_dir_file(perfprofd, dalvikcache_data_file)
75  # Vendor libraries.
76  r_dir_file(perfprofd, vendor_file)
77  # Vendor apps.
78  r_dir_file(perfprofd, vendor_app_file)
79  # SP HAL files.
80  r_dir_file(perfprofd, same_process_hal_file)
81
82  # simpleperf will set security.perf_harden to enable access to perf_event_open()
83  set_prop(perfprofd, shell_prop)
84
85  # simpleperf examines debugfs on startup to collect tracepoint event types
86  r_dir_file(perfprofd, debugfs_tracing)
87  r_dir_file(perfprofd, debugfs_tracing_debug)
88
89  # simpleperf is going to execute "sleep"
90  allow perfprofd toolbox_exec:file rx_file_perms;
91  # simpleperf is going to execute "mv" on a temp file
92  allow perfprofd shell_exec:file rx_file_perms;
93
94  # needed for simpleperf on some kernels
95  allow perfprofd self:global_capability_class_set ipc_lock;
96
97  # simpleperf attempts to put a temp file into /data/local/tmp. Do not allow,
98  # use the fallback cwd code, do not spam the log. But ensure this is correctly
99  # removed at some point. b/70232908.
100  dontaudit perfprofd shell_data_file:dir *;
101  dontaudit perfprofd shell_data_file:file *;
102
103  # Allow perfprofd to publish a binder service and make binder calls.
104  binder_use(perfprofd)
105  add_service(perfprofd, perfprofd_service)
106
107  # Use devpts for streams from cmd.
108  #
109  # This is normally granted to binderservicedomain, but this service
110  # has tighter restrictions on the callers (see below), so must enable
111  # this manually.
112  allow perfprofd devpts:chr_file rw_file_perms;
113
114  # Use socket & pipe supplied by su, for cmd perfprofd dump.
115  allow perfprofd su:unix_stream_socket { read write getattr sendto };
116  allow perfprofd su:fifo_file r_file_perms;
117
118  # Allow perfprofd to submit to dropbox.
119  allow perfprofd dropbox_service:service_manager find;
120  binder_call(perfprofd, system_server)
121')
122