1type crash_dump, domain; 2type crash_dump_exec, exec_type, file_type; 3 4allow crash_dump { 5 domain 6 -init 7 -crash_dump 8 -keystore 9 -logd 10}:process { ptrace signal sigchld sigstop sigkill }; 11 12# crash_dump might inherit CAP_SYS_PTRACE from a privileged process, 13# which will result in an audit log even when it's allowed to trace. 14dontaudit crash_dump self:capability { sys_ptrace }; 15 16userdebug_or_eng(` 17 allow crash_dump logd:process { ptrace signal sigchld sigstop sigkill }; 18') 19 20# Use inherited file descriptors 21allow crash_dump domain:fd use; 22 23# Write to the IPC pipe inherited from crashing processes. 24# Append to pipes given to us by processes requesting dumps (e.g. dumpstate) 25allow crash_dump domain:fifo_file { write append }; 26 27r_dir_file(crash_dump, domain) 28allow crash_dump exec_type:file r_file_perms; 29 30# Read /data/dalvik-cache. 31allow crash_dump dalvikcache_data_file:dir { search getattr }; 32allow crash_dump dalvikcache_data_file:file r_file_perms; 33 34# Read APK files. 35r_dir_file(crash_dump, apk_data_file); 36 37# Read all /vendor 38r_dir_file(crash_dump, { vendor_file same_process_hal_file }) 39 40# Talk to tombstoned 41unix_socket_connect(crash_dump, tombstoned_crash, tombstoned) 42 43# Talk to ActivityManager. 44unix_socket_connect(crash_dump, system_ndebug, system_server) 45 46# Append to ANR files. 47allow crash_dump anr_data_file:file { append getattr }; 48 49# Append to tombstone files. 50allow crash_dump tombstone_data_file:file { append getattr }; 51 52read_logd(crash_dump) 53 54### 55### neverallow assertions 56### 57 58# A domain transition must occur for crash_dump to get the privileges needed to trace the process. 59# Do not allow the execution of crash_dump without a domain transition. 60neverallow domain crash_dump_exec:file execute_no_trans; 61