1typeattribute profman coredomain; 2typeattribute profman artd_subprocess_type; 3 4# Allow profman to read APKs and profile files next to them by FDs passed from 5# other programs. In addition, allow profman to acquire flocks on those files. 6allow profman { 7 system_file 8 apk_data_file 9 apk_tmp_file 10 vendor_app_file 11}:file { getattr read map lock }; 12 13# Allow profman to use file descriptors passed from privileged programs. 14allow profman { artd installd }:fd use; 15 16# Allow profman to read from memfd created by artd. 17# profman needs to read the embedded profile that artd extracts from an APK, 18# which is passed by a memfd. 19allow profman artd_tmpfs:file { getattr read map lock }; 20 21allow profman user_profile_data_file:file { getattr read write lock map }; 22 23# Dumping profile info opens the application APK file for pretty printing. 24allow profman asec_apk_file:file { read map }; 25allow profman apk_data_file:file { getattr read map }; 26allow profman apk_data_file:dir { getattr read search }; 27allow profman apk_tmp_file:dir { getattr read search }; 28 29allow profman oemfs:file { read map }; 30# Reading an APK opens a ZipArchive, which unpack to tmpfs. 31allow profman tmpfs:file { read map }; 32allow profman profman_dump_data_file:file { write map }; 33 34# Allow profman to analyze profiles for the secondary dex files. These 35# are application dex files reported back to the framework when using 36# BaseDexClassLoader. 37allow profman { privapp_data_file app_data_file }:file { getattr read write lock map }; 38allow profman { privapp_data_file app_data_file }:dir { getattr read search }; 39 40# Allow query ART device config properties 41get_prop(profman, device_config_runtime_native_prop) 42get_prop(profman, device_config_runtime_native_boot_prop) 43 44### 45### neverallow rules 46### 47 48neverallow profman app_data_file_type:notdevfile_class_set open; 49