From 23e1f4c7d3a5a6840cbddf5e990d1e659005d14d Mon Sep 17 00:00:00 2001
From: Florian Mayer <fmayer@google.com>
Date: Fri, 21 Dec 2018 13:29:55 +0000
Subject: [PATCH] Make heapprofd work with MLS.

Arbitrary apps need to connect to heapprofd in order to send samples.

Relevant denial trying to profile com.google.android.inputmethod.latin
on userdebug:

12-20 14:50:20.420 25219 25219 I heapprofd: type=1400 audit(0.0:1006): avc: denied { read } for path="/proc/24819/mem" dev="proc" ino=244219 scontext=u:r:heapprofd:s0 tcontext=u:r:untrusted_app_27:s0:c133,c256,c512,c768 tclass=file permissive=1

Bug: 121370989

Test: m
Test: flash walleye
Test: profile com.google.android.inputmethod.latin

Change-Id: Iee82c8c49951e5a5726cd5ab0b9e8fa71226c802
---
 private/heapprofd.te | 3 +++
 public/file.te       | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/private/heapprofd.te b/private/heapprofd.te
index b7013d7c0..5a179907d 100644
--- a/private/heapprofd.te
+++ b/private/heapprofd.te
@@ -6,6 +6,9 @@ init_daemon_domain(heapprofd)
 set_prop(heapprofd, heapprofd_prop);
 
 userdebug_or_eng(`
+  # TODO(fmayer): We will also need this on user to read /proc/<pid>/cmdline
+  # and send signals.
+  typeattribute heapprofd mlstrustedsubject;
   # Allow to send signal to processes.
   # This excludes SIGKILL, SIGSTOP and SIGCHLD,
   # which are controlled by separate permissions.
diff --git a/public/file.te b/public/file.te
index 99a2c0d0e..2a5e6f429 100644
--- a/public/file.te
+++ b/public/file.te
@@ -395,7 +395,7 @@ type traced_consumer_socket, file_type, coredomain_socket, mlstrustedobject;
 type uncrypt_socket, file_type, coredomain_socket;
 type wpa_socket, file_type, data_file_type, core_data_file_type;
 type zygote_socket, file_type, coredomain_socket;
-type heapprofd_socket, file_type, coredomain_socket;
+type heapprofd_socket, file_type, coredomain_socket, mlstrustedobject;
 # UART (for GPS) control proc file
 type gps_control, file_type;
 
-- 
GitLab