1 type ss_ramdump, domain, domain_deprecated; 2 type ss_ramdump_exec, exec_type, file_type; 3 4 # Started by init 5 init_daemon_domain(ss_ramdump) 6 7 # read the contents of the /dev directory 8 allow ss_ramdump device:dir r_dir_perms; 9 10 userdebug_or_eng(` 11 # Read /dev/ramdump_* character devices 12 allow ss_ramdump ramdump_device:chr_file r_file_perms; 13 14 # Create files in /data/tombstones, for example 15 # /data/tombstones/ramdump_venus.elf 16 allow ss_ramdump tombstone_data_file:dir rw_dir_perms; 17 allow ss_ramdump tombstone_data_file:file rw_file_perms; 18 19 # Needed to allow UID=root to access /data/tombstones, 20 # which is owned by UID=system 21 allow ss_ramdump self:capability dac_override; 22 ') 23
