From 5beeb81e65cbe89ee35d2171150374a2b8754658 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Wed, 16 Dec 2015 12:50:06 -0800
Subject: [PATCH] init.te: allow writing to
 /sys/kernel/debug/tracing/tracing_on

Needed to disable tracing. See frameworks/native/cmds/atrace/atrace.rc

Also allow shell getattr access to the tracing file. That way
"ls -la" returns something meaningful.

Bug: 26217098
Change-Id: I4eee1aff1127db8945612133c8ae16c34cfbb786
---
 init.te  | 3 +++
 shell.te | 1 +
 2 files changed, 4 insertions(+)

diff --git a/init.te b/init.te
index 464f088df..555fc30a7 100644
--- a/init.te
+++ b/init.te
@@ -108,6 +108,9 @@ allow init { sysfs_type debugfs_type }:{ dir file lnk_file } relabelto;
 allow init dev_type:dir create_dir_perms;
 allow init dev_type:lnk_file create;
 
+# Disable tracing by writing to /sys/kernel/debug/tracing/tracing_on
+allow init debugfs_tracing:file w_file_perms;
+
 # chown/chmod on pseudo files.
 allow init { fs_type -contextmount_type -sdcard_type -rootfs }:file { open read setattr };
 allow init { fs_type -contextmount_type -sdcard_type -rootfs }:dir  { open read setattr search };
diff --git a/shell.te b/shell.te
index ebd702bf6..f87027daf 100644
--- a/shell.te
+++ b/shell.te
@@ -71,6 +71,7 @@ set_prop(shell, powerctl_prop)
 # systrace support - allow atrace to run
 allow shell debugfs_tracing:dir r_dir_perms;
 allow shell debugfs_tracing:file rw_file_perms;
+allow shell debugfs_trace_marker:file getattr;
 allow shell atrace_exec:file rx_file_perms;
 
 userdebug_or_eng(`
-- 
GitLab