1typeattribute runas_app coredomain; 2 3app_domain(runas_app) 4untrusted_app_domain(runas_app) 5net_domain(runas_app) 6bluetooth_domain(runas_app) 7 8# The ability to call exec() on files in the apps home directories 9# when using run-as on a debuggable app. Used to run lldb/ndk-gdb/simpleperf, 10# which are copied to the apps home directories. 11allow runas_app app_data_file:file execute_no_trans; 12 13# Allow lldb/ndk-gdb/simpleperf to read maps of debuggable app processes. 14r_dir_file(runas_app, untrusted_app_all) 15 16# Allow lldb/ndk-gdb/simpleperf to ptrace attach to debuggable app processes. 17allow runas_app untrusted_app_all:process { ptrace signal sigstop }; 18allow runas_app untrusted_app_all:unix_stream_socket connectto; 19 20# Allow executing system image simpleperf without a domain transition. 21allow runas_app simpleperf_exec:file rx_file_perms; 22 23# Suppress denial logspam when simpleperf is trying to find a matching process 24# by scanning /proc/<pid>/cmdline files. The /proc/<pid> directories are within 25# the same domain as their respective process, most of which this domain is not 26# allowed to see. 27dontaudit runas_app domain:dir search; 28 29# Allow runas_app to call perf_event_open for profiling debuggable app 30# processes, but not the whole system. 31allow runas_app self:perf_event { open read write kernel }; 32neverallow runas_app self:perf_event ~{ open read write kernel }; 33