1*e4a36f41SAndroid Build Coastguard Worker# A wrapper program that configures the process and executes a command. 2*e4a36f41SAndroid Build Coastguard Workertype art_exec, domain, coredomain; 3*e4a36f41SAndroid Build Coastguard Workertype art_exec_exec, system_file_type, exec_type, file_type; 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Worker# Usually, this program is executed in the caller's domain. For example, it is 6*e4a36f41SAndroid Build Coastguard Worker# executed in the `artd` domain when artd calls it. Domain transition will take 7*e4a36f41SAndroid Build Coastguard Worker# place as soon as it executes other programs. 8*e4a36f41SAndroid Build Coastguard Worker# The only exception is when called by init. In this case, it's executed in its 9*e4a36f41SAndroid Build Coastguard Worker# own domain because init should never execute a program without changing to 10*e4a36f41SAndroid Build Coastguard Worker# another domain. 11*e4a36f41SAndroid Build Coastguard Workerinit_daemon_domain(art_exec) 12*e4a36f41SAndroid Build Coastguard Worker 13*e4a36f41SAndroid Build Coastguard Worker# init calls this program to execute artd in a chroot environment for Pre-reboot 14*e4a36f41SAndroid Build Coastguard Worker# Dexopt. 15*e4a36f41SAndroid Build Coastguard Workerdomain_auto_trans(art_exec, artd_exec, artd) 16*e4a36f41SAndroid Build Coastguard Worker 17*e4a36f41SAndroid Build Coastguard Worker# "sys_chroot" is for chroot'ing into the chroot environment, created by 18*e4a36f41SAndroid Build Coastguard Worker# dexopt_chroot_setup. 19*e4a36f41SAndroid Build Coastguard Workerallow art_exec self:global_capability_class_set sys_chroot; 20*e4a36f41SAndroid Build Coastguard Worker 21*e4a36f41SAndroid Build Coastguard Worker# Allow finding artd in the chroot dir for Pre-reboot Dexopt. 22*e4a36f41SAndroid Build Coastguard Workerallow art_exec pre_reboot_dexopt_file:dir search; 23