1*e4a36f41SAndroid Build Coastguard Workertypeattribute dumpstate coredomain; 2*e4a36f41SAndroid Build Coastguard Worker 3*e4a36f41SAndroid Build Coastguard Workerinit_daemon_domain(dumpstate) 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Worker# Execute and transition to the vdc domain 6*e4a36f41SAndroid Build Coastguard Workerdomain_auto_trans(dumpstate, vdc_exec, vdc) 7*e4a36f41SAndroid Build Coastguard Worker 8*e4a36f41SAndroid Build Coastguard Worker# Acquire advisory lock on /system/etc/xtables.lock from ip[6]tables 9*e4a36f41SAndroid Build Coastguard Workerallow dumpstate system_file:file lock; 10*e4a36f41SAndroid Build Coastguard Worker 11*e4a36f41SAndroid Build Coastguard Workerallow dumpstate storaged_exec:file rx_file_perms; 12*e4a36f41SAndroid Build Coastguard Worker 13*e4a36f41SAndroid Build Coastguard Worker# /data/misc/wmtrace for wm traces 14*e4a36f41SAndroid Build Coastguard Workeruserdebug_or_eng(` 15*e4a36f41SAndroid Build Coastguard Worker allow dumpstate wm_trace_data_file:dir r_dir_perms; 16*e4a36f41SAndroid Build Coastguard Worker allow dumpstate wm_trace_data_file:file r_file_perms; 17*e4a36f41SAndroid Build Coastguard Worker') 18*e4a36f41SAndroid Build Coastguard Worker 19*e4a36f41SAndroid Build Coastguard Worker# Allow dumpstate to make binder calls to incidentd 20*e4a36f41SAndroid Build Coastguard Workerbinder_call(dumpstate, incidentd) 21*e4a36f41SAndroid Build Coastguard Worker 22*e4a36f41SAndroid Build Coastguard Worker# Allow dumpstate to make binder calls to storaged service 23*e4a36f41SAndroid Build Coastguard Workerbinder_call(dumpstate, storaged) 24*e4a36f41SAndroid Build Coastguard Worker 25*e4a36f41SAndroid Build Coastguard Worker# Allow dumpstate to make binder calls to statsd 26*e4a36f41SAndroid Build Coastguard Workerbinder_call(dumpstate, statsd) 27*e4a36f41SAndroid Build Coastguard Worker 28*e4a36f41SAndroid Build Coastguard Worker# Allow dumpstate to talk to gpuservice over binder 29*e4a36f41SAndroid Build Coastguard Workerbinder_call(dumpstate, gpuservice); 30*e4a36f41SAndroid Build Coastguard Worker 31*e4a36f41SAndroid Build Coastguard Worker# Allow dumpstate to talk to idmap over binder 32*e4a36f41SAndroid Build Coastguard Workerbinder_call(dumpstate, idmap); 33*e4a36f41SAndroid Build Coastguard Worker 34*e4a36f41SAndroid Build Coastguard Worker# Collect metrics on boot time created by init 35*e4a36f41SAndroid Build Coastguard Workerget_prop(dumpstate, boottime_prop) 36*e4a36f41SAndroid Build Coastguard Worker 37*e4a36f41SAndroid Build Coastguard Worker# Signal native processes to dump their stack. 38*e4a36f41SAndroid Build Coastguard Workerallow dumpstate { 39*e4a36f41SAndroid Build Coastguard Worker statsd 40*e4a36f41SAndroid Build Coastguard Worker netd 41*e4a36f41SAndroid Build Coastguard Worker}:process signal; 42*e4a36f41SAndroid Build Coastguard Worker 43*e4a36f41SAndroid Build Coastguard Worker# For collecting bugreports. 44*e4a36f41SAndroid Build Coastguard Workerallow dumpstate debugfs_wakeup_sources:file r_file_perms; 45*e4a36f41SAndroid Build Coastguard Workerallow dumpstate dev_type:blk_file getattr; 46*e4a36f41SAndroid Build Coastguard Workerallow dumpstate webview_zygote:process signal; 47*e4a36f41SAndroid Build Coastguard Workerdontaudit dumpstate perfprofd:binder call; 48*e4a36f41SAndroid Build Coastguard Workerdontaudit dumpstate update_engine:binder call; 49*e4a36f41SAndroid Build Coastguard Workerallow dumpstate proc_net_tcp_udp:file r_file_perms; 50*e4a36f41SAndroid Build Coastguard Worker 51*e4a36f41SAndroid Build Coastguard Worker# For comminucating with the system process to do confirmation ui. 52*e4a36f41SAndroid Build Coastguard Workerbinder_call(dumpstate, incidentcompanion_service) 53