Allow dumpstate to dump backtraces of certain native processes.
The list of processes comes from frameworks/native/cmds/dumpstate/utils.c.
dumpstate calls dump_backtrace_to_file() for each such process, which
asks debuggerd to dump the backtrace.
Resolves denials such as:
avc: denied { dump_backtrace } for scontext=u:r:dumpstate:s0 tcontext=u:r:surfaceflinger:s0 tclass=debuggerd
avc: denied { dump_backtrace } for scontext=u:r:dumpstate:s0 tcontext=u:r:drmserver:s0 tclass=debuggerd
avc: denied { dump_backtrace } for scontext=u:r:dumpstate:s0 tcontext=u:r:mediaserver:s0 tclass=debuggerd
avc: denied { dump_backtrace } for scontext=u:r:dumpstate:s0 tcontext=u:r:sdcardd:s0 tclass=debuggerd
Change-Id: Idbfb0fef0aac138073b7217b7dbad826a1193098
Signed-off-by:
Stephen Smalley <sds@tycho.nsa.gov>
Please register or sign in to comment