From 76d70460ea4bb301d97ddd7f75fbbd68e2aaa0cf Mon Sep 17 00:00:00 2001
From: Carmen Jackson <carmenjackson@google.com>
Date: Fri, 19 Oct 2018 17:01:24 -0700
Subject: [PATCH] Allow the Traceur app to start Perfetto.

Bug: 116754732
Test: Started a trace in Traceur using Perfetto successfully.

Change-Id: I217857bf1f43f1b7b24454687d1f26b9d5c6c56a
---
 private/traceur_app.te | 7 +++++++
 public/file.te         | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/private/traceur_app.te b/private/traceur_app.te
index a3c435ce5..94841df10 100644
--- a/private/traceur_app.te
+++ b/private/traceur_app.te
@@ -12,4 +12,11 @@ allow traceur_app trace_data_file:file create_file_perms;
 allow traceur_app trace_data_file:dir rw_dir_perms;
 allow traceur_app atrace_exec:file rx_file_perms;
 
+# To exec the perfetto cmdline client and pass it the trace config on
+# stdint through a pipe.
+allow traceur_app perfetto_exec:file rx_file_perms;
+
+# Allow to access traced's privileged consumer socket.
+unix_socket_connect(traceur_app, traced_consumer, traced)
+
 dontaudit traceur_app debugfs_tracing_debug:file audit_access;
diff --git a/public/file.te b/public/file.te
index cb0c5434a..597204a40 100644
--- a/public/file.te
+++ b/public/file.te
@@ -390,7 +390,7 @@ type tombstoned_crash_socket, file_type, coredomain_socket, mlstrustedobject;
 type tombstoned_java_trace_socket, file_type, mlstrustedobject;
 type tombstoned_intercept_socket, file_type, coredomain_socket;
 type traced_producer_socket, file_type, coredomain_socket, mlstrustedobject;
-type traced_consumer_socket, file_type, coredomain_socket;
+type traced_consumer_socket, file_type, coredomain_socket, mlstrustedobject;
 type uncrypt_socket, file_type, coredomain_socket;
 type wpa_socket, file_type, data_file_type, core_data_file_type;
 type zygote_socket, file_type, coredomain_socket;
-- 
GitLab