1# init_debug_policy is its own domain. 2type init_debug_policy, domain, coredomain; 3type init_debug_policy_exec, system_file_type, exec_type, file_type; 4 5# Transition from init -> init_debug_policy_exec 6init_daemon_domain(init_debug_policy); 7 8# init_debug_policy is using bootstrap bionic 9use_bootstrap_libs(init_debug_policy) 10 11# Allow init_debug_policy to write /dev/kmsg (specified by stdio_to_kmsg) 12allow init_debug_policy kmsg_debug_device:chr_file w_file_perms; 13 14# Allow init_debug_policy to use xxd and set/getprop 15allow init_debug_policy toolbox_exec:file rx_file_perms; 16 17# Allow init_debug_policy to set ro.debuggable to enable/disable adb root 18set_prop(init_debug_policy, debuggable_prop) 19 20# Allow init_debug_policy to set ro.log.file_logger.path to enable/disable console log 21set_prop(init_debug_policy, log_prop) 22 23# Allow init_debug_policy to get ro.boot.microdroid.debuggable and ro.boot.adb.enabled 24get_prop(init_debug_policy, bootloader_prop) 25 26# Allow init_debug_policy to set init_debug_policy.adbd.enabled 27set_prop(init_debug_policy, init_debug_policy_prop) 28 29# Allow init_debug_policy to read AVF debug policy 30r_dir_file(init_debug_policy, proc_dt_avf) 31r_dir_file(init_debug_policy, sysfs_dt_avf) 32