1# bootstat command 2type bootstat, domain; 3type bootstat_exec, system_file_type, exec_type, file_type; 4 5read_runtime_log_tags(bootstat) 6 7# Allow persistent storage in /data/misc/bootstat. 8allow bootstat bootstat_data_file:dir rw_dir_perms; 9allow bootstat bootstat_data_file:file create_file_perms; 10 11allow bootstat metadata_file:dir search; 12allow bootstat metadata_bootstat_file:dir rw_dir_perms; 13allow bootstat metadata_bootstat_file:file create_file_perms; 14 15# ToDo: TBI move access for the following to a system health HAL 16 17# Allow access to /sys/fs/pstore/ and syslog 18allow bootstat pstorefs:dir search; 19allow bootstat pstorefs:file r_file_perms; 20allow bootstat kernel:system syslog_read; 21 22# Allow access to reading the logs to read aspects of system health 23read_logd(bootstat) 24 25# Allow bootstat write to statsd. 26unix_socket_send(bootstat, statsdw, statsd) 27 28neverallow { 29 domain 30 -bootstat 31 -init 32} system_boot_reason_prop:property_service set; 33