1*e4a36f41SAndroid Build Coastguard Worker# bootstat command 2*e4a36f41SAndroid Build Coastguard Workertype bootstat, domain; 3*e4a36f41SAndroid Build Coastguard Workertype bootstat_exec, system_file_type, exec_type, file_type; 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Workerread_runtime_log_tags(bootstat) 6*e4a36f41SAndroid Build Coastguard Worker 7*e4a36f41SAndroid Build Coastguard Worker# Allow persistent storage in /data/misc/bootstat. 8*e4a36f41SAndroid Build Coastguard Workerallow bootstat bootstat_data_file:dir rw_dir_perms; 9*e4a36f41SAndroid Build Coastguard Workerallow bootstat bootstat_data_file:file create_file_perms; 10*e4a36f41SAndroid Build Coastguard Worker 11*e4a36f41SAndroid Build Coastguard Workerallow bootstat metadata_file:dir search; 12*e4a36f41SAndroid Build Coastguard Workerallow bootstat metadata_bootstat_file:dir rw_dir_perms; 13*e4a36f41SAndroid Build Coastguard Workerallow bootstat metadata_bootstat_file:file create_file_perms; 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Worker# ToDo: TBI move access for the following to a system health HAL 16*e4a36f41SAndroid Build Coastguard Worker 17*e4a36f41SAndroid Build Coastguard Worker# Allow access to /sys/fs/pstore/ and syslog 18*e4a36f41SAndroid Build Coastguard Workerallow bootstat pstorefs:dir search; 19*e4a36f41SAndroid Build Coastguard Workerallow bootstat pstorefs:file r_file_perms; 20*e4a36f41SAndroid Build Coastguard Workerallow bootstat kernel:system syslog_read; 21*e4a36f41SAndroid Build Coastguard Worker 22*e4a36f41SAndroid Build Coastguard Worker# Allow access to reading the logs to read aspects of system health 23*e4a36f41SAndroid Build Coastguard Workerread_logd(bootstat) 24*e4a36f41SAndroid Build Coastguard Worker 25*e4a36f41SAndroid Build Coastguard Worker# Allow bootstat write to statsd. 26*e4a36f41SAndroid Build Coastguard Workerunix_socket_send(bootstat, statsdw, statsd) 27*e4a36f41SAndroid Build Coastguard Worker 28*e4a36f41SAndroid Build Coastguard Workerneverallow { 29*e4a36f41SAndroid Build Coastguard Worker domain 30*e4a36f41SAndroid Build Coastguard Worker -bootstat 31*e4a36f41SAndroid Build Coastguard Worker -init 32*e4a36f41SAndroid Build Coastguard Worker} system_boot_reason_prop:property_service set; 33