Merge changes Ieee1d7de,Ie7780128 into rvc-dev am: f885ab3 am: b393f60

rsavitski · android-build-merge-worker-robot · commit 90c65f103b94 · 2020-06-29T18:38:03.000Z
Original change: https://googleplex-android-review.googlesource.com/c/platform/system/sepolicy/+/11956180 Change-Id: I3193d54ecc40200b7cdda33ce9550cd13d989e1f
diff --git a/prebuilts/api/30.0/private/adbd.te b/prebuilts/api/30.0/private/adbd.te
@@ -180,6 +180,11 @@ r_dir_file(adbd, apk_data_file)
 
 allow adbd rootfs:dir r_dir_perms;
 
+# Allow killing child "perfetto" binary processes, which auto-transition to
+# their own domain. Allows propagating termination of "adb shell perfetto ..."
+# invocations.
+allow adbd perfetto:process signal;
+
 # Allow to pull Perfetto traces.
 allow adbd perfetto_traces_data_file:file r_file_perms;
 allow adbd perfetto_traces_data_file:dir r_dir_perms;
diff --git a/prebuilts/api/30.0/private/perfetto.te b/prebuilts/api/30.0/private/perfetto.te
@@ -47,6 +47,16 @@ allow perfetto devpts:chr_file rw_file_perms;
 allow perfetto incident_service:service_manager find;
 binder_call(perfetto, incidentd)
 
+# perfetto log formatter calls isatty() on its stderr. Denial when running
+# under adbd is harmless. Avoid generating denial logs.
+dontaudit perfetto adbd:unix_stream_socket getattr;
+dontauditxperm perfetto adbd:unix_stream_socket ioctl unpriv_tty_ioctls;
+# As above, when adbd is running in "su" domain (only the ioctl is denied in
+# practice).
+dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
+# Similarly, CTS tests end up hitting a denial on shell pipes.
+dontauditxperm perfetto shell:fifo_file ioctl unpriv_tty_ioctls;
+
 ###
 ### Neverallow rules
 ###
diff --git a/private/adbd.te b/private/adbd.te
@@ -180,6 +180,11 @@ r_dir_file(adbd, apk_data_file)
 
 allow adbd rootfs:dir r_dir_perms;
 
+# Allow killing child "perfetto" binary processes, which auto-transition to
+# their own domain. Allows propagating termination of "adb shell perfetto ..."
+# invocations.
+allow adbd perfetto:process signal;
+
 # Allow to pull Perfetto traces.
 allow adbd perfetto_traces_data_file:file r_file_perms;
 allow adbd perfetto_traces_data_file:dir r_dir_perms;
diff --git a/private/perfetto.te b/private/perfetto.te
@@ -47,6 +47,16 @@ allow perfetto devpts:chr_file rw_file_perms;
 allow perfetto incident_service:service_manager find;
 binder_call(perfetto, incidentd)
 
+# perfetto log formatter calls isatty() on its stderr. Denial when running
+# under adbd is harmless. Avoid generating denial logs.
+dontaudit perfetto adbd:unix_stream_socket getattr;
+dontauditxperm perfetto adbd:unix_stream_socket ioctl unpriv_tty_ioctls;
+# As above, when adbd is running in "su" domain (only the ioctl is denied in
+# practice).
+dontauditxperm perfetto su:unix_stream_socket ioctl unpriv_tty_ioctls;
+# Similarly, CTS tests end up hitting a denial on shell pipes.
+dontauditxperm perfetto shell:fifo_file ioctl unpriv_tty_ioctls;
+
 ###
 ### Neverallow rules
 ###
