Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit bf5e6b1a authored by Treehugger Robot's avatar Treehugger Robot Committed by Gerrit Code Review
Browse files

Merge "Update filesystem permissions in atrace.rc to give selinux control."

parents 7c7a04c9 385f7ee9

cmds/atrace/atrace.rc

+76 −131
Original line number Diff line number Diff line
@@ -6,141 +6,86 @@ on post-fs 
    chmod 0222 /sys/kernel/debug/tracing/trace_marker

    chmod 0222 /sys/kernel/tracing/trace_marker



# Allow the shell group to enable (some) kernel tracing.

    chown root shell /sys/kernel/debug/tracing/trace_clock

    chown root shell /sys/kernel/tracing/trace_clock

    chown root shell /sys/kernel/debug/tracing/buffer_size_kb

    chown root shell /sys/kernel/tracing/buffer_size_kb

    chown root shell /sys/kernel/debug/tracing/options/overwrite

    chown root shell /sys/kernel/tracing/options/overwrite

    chown root shell /sys/kernel/debug/tracing/options/print-tgid

    chown root shell /sys/kernel/tracing/options/print-tgid

    chown root shell /sys/kernel/debug/tracing/saved_cmdlines_size

    chown root shell /sys/kernel/tracing/saved_cmdlines_size

    chown root shell /sys/kernel/debug/tracing/events/sched/sched_switch/enable

    chown root shell /sys/kernel/tracing/events/sched/sched_switch/enable

    chown root shell /sys/kernel/debug/tracing/events/sched/sched_wakeup/enable

    chown root shell /sys/kernel/tracing/events/sched/sched_wakeup/enable

    chown root shell /sys/kernel/debug/tracing/events/sched/sched_blocked_reason/enable

    chown root shell /sys/kernel/tracing/events/sched/sched_blocked_reason/enable

    chown root shell /sys/kernel/debug/tracing/events/sched/sched_cpu_hotplug/enable

    chown root shell /sys/kernel/tracing/events/sched/sched_cpu_hotplug/enable

    chown root shell /sys/kernel/debug/tracing/events/cgroup/enable

    chown root shell /sys/kernel/tracing/events/cgroup/enable

    chown root shell /sys/kernel/debug/tracing/events/power/cpu_frequency/enable

    chown root shell /sys/kernel/tracing/events/power/cpu_frequency/enable

    chown root shell /sys/kernel/debug/tracing/events/power/cpu_idle/enable

    chown root shell /sys/kernel/tracing/events/power/cpu_idle/enable

    chown root shell /sys/kernel/debug/tracing/events/power/clock_set_rate/enable

    chown root shell /sys/kernel/tracing/events/power/clock_set_rate/enable

    chown root shell /sys/kernel/debug/tracing/events/power/cpu_frequency_limits/enable

    chown root shell /sys/kernel/tracing/events/power/cpu_frequency_limits/enable

    chown root shell /sys/kernel/debug/tracing/events/cpufreq_interactive/enable

    chown root shell /sys/kernel/tracing/events/cpufreq_interactive/enable

    chown root shell /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/enable

    chown root shell /sys/kernel/tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/enable

    chown root shell /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_direct_reclaim_end/enable

    chown root shell /sys/kernel/tracing/events/vmscan/mm_vmscan_direct_reclaim_end/enable

    chown root shell /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_kswapd_wake/enable

    chown root shell /sys/kernel/tracing/events/vmscan/mm_vmscan_kswapd_wake/enable

    chown root shell /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_kswapd_sleep/enable

    chown root shell /sys/kernel/tracing/events/vmscan/mm_vmscan_kswapd_sleep/enable

    chown root shell /sys/kernel/debug/tracing/events/binder/binder_transaction/enable

    chown root shell /sys/kernel/tracing/events/binder/binder_transaction/enable

    chown root shell /sys/kernel/debug/tracing/events/binder/binder_transaction_received/enable

    chown root shell /sys/kernel/tracing/events/binder/binder_transaction_received/enable

    chown root shell /sys/kernel/debug/tracing/events/binder/binder_lock/enable

    chown root shell /sys/kernel/tracing/events/binder/binder_lock/enable

    chown root shell /sys/kernel/debug/tracing/events/binder/binder_locked/enable

    chown root shell /sys/kernel/tracing/events/binder/binder_locked/enable

    chown root shell /sys/kernel/debug/tracing/events/binder/binder_unlock/enable

    chown root shell /sys/kernel/tracing/events/binder/binder_unlock/enable

    chown root shell /sys/kernel/debug/tracing/events/lowmemorykiller/enable

    chown root shell /sys/kernel/tracing/events/lowmemorykiller/enable



    chown root shell /sys/kernel/debug/tracing/tracing_on

    chown root shell /sys/kernel/tracing/tracing_on



    chmod 0664 /sys/kernel/debug/tracing/trace_clock

    chmod 0664 /sys/kernel/tracing/trace_clock

    chmod 0664 /sys/kernel/debug/tracing/buffer_size_kb

    chmod 0664 /sys/kernel/tracing/buffer_size_kb

    chmod 0664 /sys/kernel/debug/tracing/options/overwrite

    chmod 0664 /sys/kernel/tracing/options/overwrite

    chmod 0664 /sys/kernel/debug/tracing/options/print-tgid

    chmod 0664 /sys/kernel/tracing/options/print-tgid

    chmod 0664 /sys/kernel/debug/tracing/saved_cmdlines_size

    chmod 0664 /sys/kernel/tracing/saved_cmdlines_size

    chmod 0664 /sys/kernel/debug/tracing/events/sched/sched_switch/enable

    chmod 0664 /sys/kernel/tracing/events/sched/sched_switch/enable

    chmod 0664 /sys/kernel/debug/tracing/events/sched/sched_wakeup/enable

    chmod 0664 /sys/kernel/tracing/events/sched/sched_wakeup/enable

    chmod 0664 /sys/kernel/debug/tracing/events/sched/sched_blocked_reason/enable

    chmod 0664 /sys/kernel/tracing/events/sched/sched_blocked_reason/enable

    chmod 0664 /sys/kernel/debug/tracing/events/sched/sched_cpu_hotplug/enable

    chmod 0664 /sys/kernel/tracing/events/sched/sched_cpu_hotplug/enable

    chmod 0664 /sys/kernel/debug/tracing/events/cgroup/enable

    chmod 0664 /sys/kernel/tracing/events/cgroup/enable

    chmod 0664 /sys/kernel/debug/tracing/events/power/cpu_frequency/enable

    chmod 0664 /sys/kernel/tracing/events/power/cpu_frequency/enable

    chmod 0664 /sys/kernel/debug/tracing/events/power/cpu_idle/enable

    chmod 0664 /sys/kernel/tracing/events/power/cpu_idle/enable

    chmod 0664 /sys/kernel/debug/tracing/events/power/clock_set_rate/enable

    chmod 0664 /sys/kernel/tracing/events/power/clock_set_rate/enable

    chmod 0664 /sys/kernel/debug/tracing/events/power/cpu_frequency_limits/enable

    chmod 0664 /sys/kernel/tracing/events/power/cpu_frequency_limits/enable

    chmod 0664 /sys/kernel/debug/tracing/events/cpufreq_interactive/enable

    chmod 0664 /sys/kernel/tracing/events/cpufreq_interactive/enable

    chmod 0664 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/enable

    chmod 0664 /sys/kernel/tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/enable

    chmod 0664 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_direct_reclaim_end/enable

    chmod 0664 /sys/kernel/tracing/events/vmscan/mm_vmscan_direct_reclaim_end/enable

    chmod 0664 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_kswapd_wake/enable

    chmod 0664 /sys/kernel/tracing/events/vmscan/mm_vmscan_kswapd_wake/enable

    chmod 0664 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_kswapd_sleep/enable

    chmod 0664 /sys/kernel/tracing/events/vmscan/mm_vmscan_kswapd_sleep/enable

    chmod 0664 /sys/kernel/debug/tracing/tracing_on

    chmod 0664 /sys/kernel/tracing/tracing_on

    chmod 0664 /sys/kernel/debug/tracing/events/binder/binder_transaction/enable

    chmod 0664 /sys/kernel/tracing/events/binder/binder_transaction/enable

    chmod 0664 /sys/kernel/debug/tracing/events/binder/binder_transaction_received/enable

    chmod 0664 /sys/kernel/tracing/events/binder/binder_transaction_received/enable

    chmod 0664 /sys/kernel/debug/tracing/events/binder/binder_lock/enable

    chmod 0664 /sys/kernel/tracing/events/binder/binder_lock/enable

    chmod 0664 /sys/kernel/debug/tracing/events/binder/binder_locked/enable

    chmod 0664 /sys/kernel/tracing/events/binder/binder_locked/enable

    chmod 0664 /sys/kernel/debug/tracing/events/binder/binder_unlock/enable

    chmod 0664 /sys/kernel/tracing/events/binder/binder_unlock/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/i2c_read/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/i2c_read/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/i2c_write/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/i2c_write/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/i2c_result/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/i2c_result/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/i2c_reply/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/i2c_reply/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/smbus_read/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/smbus_read/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/smbus_write/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/smbus_write/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/smbus_result/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/smbus_result/enable

    chmod 0664 /sys/kernel/debug/tracing/events/i2c/smbus_reply/enable

    chmod 0664 /sys/kernel/tracing/events/i2c/smbus_reply/enable

    chmod 0664 /sys/kernel/debug/tracing/events/lowmemorykiller/enable

    chmod 0664 /sys/kernel/tracing/events/lowmemorykiller/enable

# Grant unix world read/write permissions to kernel tracepoints.

# Access control to these files is now entirely in selinux policy.

    chmod 0666 /sys/kernel/debug/tracing/trace_clock

    chmod 0666 /sys/kernel/tracing/trace_clock

    chmod 0666 /sys/kernel/debug/tracing/buffer_size_kb

    chmod 0666 /sys/kernel/tracing/buffer_size_kb

    chmod 0666 /sys/kernel/debug/tracing/options/overwrite

    chmod 0666 /sys/kernel/tracing/options/overwrite

    chmod 0666 /sys/kernel/debug/tracing/options/print-tgid

    chmod 0666 /sys/kernel/tracing/options/print-tgid

    chmod 0666 /sys/kernel/debug/tracing/saved_cmdlines_size

    chmod 0666 /sys/kernel/tracing/saved_cmdlines_size

    chmod 0666 /sys/kernel/debug/tracing/events/sched/sched_switch/enable

    chmod 0666 /sys/kernel/tracing/events/sched/sched_switch/enable

    chmod 0666 /sys/kernel/debug/tracing/events/sched/sched_wakeup/enable

    chmod 0666 /sys/kernel/tracing/events/sched/sched_wakeup/enable

    chmod 0666 /sys/kernel/debug/tracing/events/sched/sched_blocked_reason/enable

    chmod 0666 /sys/kernel/tracing/events/sched/sched_blocked_reason/enable

    chmod 0666 /sys/kernel/debug/tracing/events/sched/sched_cpu_hotplug/enable

    chmod 0666 /sys/kernel/tracing/events/sched/sched_cpu_hotplug/enable

    chmod 0666 /sys/kernel/debug/tracing/events/cgroup/enable

    chmod 0666 /sys/kernel/tracing/events/cgroup/enable

    chmod 0666 /sys/kernel/debug/tracing/events/power/cpu_frequency/enable

    chmod 0666 /sys/kernel/tracing/events/power/cpu_frequency/enable

    chmod 0666 /sys/kernel/debug/tracing/events/power/cpu_idle/enable

    chmod 0666 /sys/kernel/tracing/events/power/cpu_idle/enable

    chmod 0666 /sys/kernel/debug/tracing/events/power/clock_set_rate/enable

    chmod 0666 /sys/kernel/tracing/events/power/clock_set_rate/enable

    chmod 0666 /sys/kernel/debug/tracing/events/power/cpu_frequency_limits/enable

    chmod 0666 /sys/kernel/tracing/events/power/cpu_frequency_limits/enable

    chmod 0666 /sys/kernel/debug/tracing/events/cpufreq_interactive/enable

    chmod 0666 /sys/kernel/tracing/events/cpufreq_interactive/enable

    chmod 0666 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/enable

    chmod 0666 /sys/kernel/tracing/events/vmscan/mm_vmscan_direct_reclaim_begin/enable

    chmod 0666 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_direct_reclaim_end/enable

    chmod 0666 /sys/kernel/tracing/events/vmscan/mm_vmscan_direct_reclaim_end/enable

    chmod 0666 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_kswapd_wake/enable

    chmod 0666 /sys/kernel/tracing/events/vmscan/mm_vmscan_kswapd_wake/enable

    chmod 0666 /sys/kernel/debug/tracing/events/vmscan/mm_vmscan_kswapd_sleep/enable

    chmod 0666 /sys/kernel/tracing/events/vmscan/mm_vmscan_kswapd_sleep/enable

    chmod 0666 /sys/kernel/debug/tracing/tracing_on

    chmod 0666 /sys/kernel/tracing/tracing_on

    chmod 0666 /sys/kernel/debug/tracing/events/binder/binder_transaction/enable

    chmod 0666 /sys/kernel/tracing/events/binder/binder_transaction/enable

    chmod 0666 /sys/kernel/debug/tracing/events/binder/binder_transaction_received/enable

    chmod 0666 /sys/kernel/tracing/events/binder/binder_transaction_received/enable

    chmod 0666 /sys/kernel/debug/tracing/events/binder/binder_lock/enable

    chmod 0666 /sys/kernel/tracing/events/binder/binder_lock/enable

    chmod 0666 /sys/kernel/debug/tracing/events/binder/binder_locked/enable

    chmod 0666 /sys/kernel/tracing/events/binder/binder_locked/enable

    chmod 0666 /sys/kernel/debug/tracing/events/binder/binder_unlock/enable

    chmod 0666 /sys/kernel/tracing/events/binder/binder_unlock/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/i2c_read/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/i2c_read/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/i2c_write/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/i2c_write/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/i2c_result/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/i2c_result/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/i2c_reply/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/i2c_reply/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/smbus_read/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/smbus_read/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/smbus_write/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/smbus_write/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/smbus_result/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/smbus_result/enable

    chmod 0666 /sys/kernel/debug/tracing/events/i2c/smbus_reply/enable

    chmod 0666 /sys/kernel/tracing/events/i2c/smbus_reply/enable

    chmod 0666 /sys/kernel/debug/tracing/events/lowmemorykiller/enable

    chmod 0666 /sys/kernel/tracing/events/lowmemorykiller/enable



# Tracing disabled by default

    write /sys/kernel/debug/tracing/tracing_on 0

    write /sys/kernel/tracing/tracing_on 0



# Allow only the shell group to read and truncate the kernel trace.

    chown root shell /sys/kernel/debug/tracing/trace

    chown root shell /sys/kernel/tracing/trace

    chmod 0660 /sys/kernel/debug/tracing/trace

    chmod 0660 /sys/kernel/tracing/trace

# Read and truncate the kernel trace.

    chmod 0666 /sys/kernel/debug/tracing/trace

    chmod 0666 /sys/kernel/tracing/trace



on property:persist.debug.atrace.boottrace=1

    start boottrace

cmds/atrace/atrace_userdebug.rc

+34 −38
Original line number Diff line number Diff line 
## Permissions to allow additional system-wide tracing to the kernel trace buffer.

## The default list of permissions is set in frameworks/native/cmds/atrace/atrace.rc



# Allow the shell group to enable kernel tracepoints:

# Grant unix world read/write permissions to enable kernel tracepoints.

# Access control to these files is now entirely in selinux policy.



on post-fs

    chown root shell /sys/kernel/debug/tracing/events/sync/enable

    chown root shell /sys/kernel/debug/tracing/events/workqueue/enable

    chown root shell /sys/kernel/debug/tracing/events/regulator/enable

    chown root shell /sys/kernel/debug/tracing/events/pagecache/enable

    chmod 0666 /sys/kernel/tracing/events/sync/enable

    chmod 0666 /sys/kernel/debug/tracing/events/sync/enable

    chmod 0666 /sys/kernel/tracing/events/workqueue/enable

    chmod 0666 /sys/kernel/debug/tracing/events/workqueue/enable

    chmod 0666 /sys/kernel/tracing/events/regulator/enable

    chmod 0666 /sys/kernel/debug/tracing/events/regulator/enable

    chmod 0666 /sys/kernel/tracing/events/pagecache/enable

    chmod 0666 /sys/kernel/debug/tracing/events/pagecache/enable



    # irq

    chown root shell /sys/kernel/debug/tracing/events/irq/enable

    chown root shell /sys/kernel/debug/tracing/events/ipi/enable

    chmod 0666 /sys/kernel/tracing/events/irq/enable

    chmod 0666 /sys/kernel/debug/tracing/events/irq/enable

    chmod 0666 /sys/kernel/tracing/events/ipi/enable

    chmod 0666 /sys/kernel/debug/tracing/events/ipi/enable



    # disk

    chown root shell /sys/kernel/debug/tracing/events/f2fs/f2fs_sync_file_enter/enable

    chown root shell /sys/kernel/debug/tracing/events/f2fs/f2fs_sync_file_exit/enable

    chown root shell /sys/kernel/debug/tracing/events/f2fs/f2fs_write_begin/enable

    chown root shell /sys/kernel/debug/tracing/events/f2fs/f2fs_write_end/enable

    chown root shell /sys/kernel/debug/tracing/events/ext4/ext4_da_write_begin/enable

    chown root shell /sys/kernel/debug/tracing/events/ext4/ext4_da_write_end/enable

    chown root shell /sys/kernel/debug/tracing/events/ext4/ext4_sync_file_enter/enable

    chown root shell /sys/kernel/debug/tracing/events/ext4/ext4_sync_file_exit/enable

    chown root shell /sys/kernel/debug/tracing/events/block/block_rq_issue/enable

    chown root shell /sys/kernel/debug/tracing/events/block/block_rq_complete/enable



    chmod 0664 /sys/kernel/debug/tracing/events/sync/enable

    chmod 0664 /sys/kernel/debug/tracing/events/workqueue/enable

    chmod 0664 /sys/kernel/debug/tracing/events/regulator/enable

    chmod 0664 /sys/kernel/debug/tracing/events/pagecache/enable



    # irq

    chmod 0664 /sys/kernel/debug/tracing/events/irq/enable

    chmod 0664 /sys/kernel/debug/tracing/events/ipi/enable



    # disk

    chmod 0664 /sys/kernel/debug/tracing/events/f2fs/f2fs_sync_file_enter/enable

    chmod 0664 /sys/kernel/debug/tracing/events/f2fs/f2fs_sync_file_exit/enable

    chmod 0664 /sys/kernel/debug/tracing/events/f2fs/f2fs_write_begin/enable

    chmod 0664 /sys/kernel/debug/tracing/events/f2fs/f2fs_write_end/enable

    chmod 0664 /sys/kernel/debug/tracing/events/ext4/ext4_da_write_begin/enable

    chmod 0664 /sys/kernel/debug/tracing/events/ext4/ext4_da_write_end/enable

    chmod 0664 /sys/kernel/debug/tracing/events/ext4/ext4_sync_file_enter/enable

    chmod 0664 /sys/kernel/debug/tracing/events/ext4/ext4_sync_file_exit/enable

    chmod 0664 /sys/kernel/debug/tracing/events/block/block_rq_issue/enable

    chmod 0664 /sys/kernel/debug/tracing/events/block/block_rq_complete/enable
 
    chmod 0666 /sys/kernel/tracing/events/f2fs/f2fs_sync_file_enter/enable

    chmod 0666 /sys/kernel/debug/tracing/events/f2fs/f2fs_sync_file_enter/enable

    chmod 0666 /sys/kernel/tracing/events/f2fs/f2fs_sync_file_exit/enable

    chmod 0666 /sys/kernel/debug/tracing/events/f2fs/f2fs_sync_file_exit/enable

    chmod 0666 /sys/kernel/tracing/events/f2fs/f2fs_write_begin/enable

    chmod 0666 /sys/kernel/debug/tracing/events/f2fs/f2fs_write_begin/enable

    chmod 0666 /sys/kernel/tracing/events/f2fs/f2fs_write_end/enable

    chmod 0666 /sys/kernel/debug/tracing/events/f2fs/f2fs_write_end/enable

    chmod 0666 /sys/kernel/tracing/events/ext4/ext4_da_write_begin/enable

    chmod 0666 /sys/kernel/debug/tracing/events/ext4/ext4_da_write_begin/enable

    chmod 0666 /sys/kernel/tracing/events/ext4/ext4_da_write_end/enable

    chmod 0666 /sys/kernel/debug/tracing/events/ext4/ext4_da_write_end/enable

    chmod 0666 /sys/kernel/tracing/events/ext4/ext4_sync_file_enter/enable

    chmod 0666 /sys/kernel/debug/tracing/events/ext4/ext4_sync_file_enter/enable

    chmod 0666 /sys/kernel/tracing/events/ext4/ext4_sync_file_exit/enable

    chmod 0666 /sys/kernel/debug/tracing/events/ext4/ext4_sync_file_exit/enable

    chmod 0666 /sys/kernel/tracing/events/block/block_rq_issue/enable

    chmod 0666 /sys/kernel/debug/tracing/events/block/block_rq_issue/enable

    chmod 0666 /sys/kernel/tracing/events/block/block_rq_complete/enable

    chmod 0666 /sys/kernel/debug/tracing/events/block/block_rq_complete/enable