selinux: rfs_access: fix tftp_server denials when operating on tombstones file

am: a82169492c

Change-Id: I5bc498049242cd64f676166404901d57d1e4122a

sepolicy/vendor/file.te

@@ -79,6 +79,9 @@ type sensors_vendor_data_file, file_type, data_file_type;
 type audio_vendor_data_file, file_type, data_file_type;
 type mediadrm_vendor_data_file, file_type, data_file_type;
 
+# Tombstone vendor data
+type tombstone_vendor_data_file, file_type, data_file_type;
+
 #diag sysfs files
 type sysfs_diag, fs_type, sysfs_type;
 

sepolicy/vendor/file_contexts

@@ -256,6 +256,7 @@
 /data/vendor/sensors(/.*)?             u:object_r:sensors_vendor_data_file:s0
 /data/vendor/audio(/.*)?               u:object_r:audio_vendor_data_file:s0
 /data/vendor/mediadrm(/.*)?            u:object_r:mediadrm_vendor_data_file:s0
+/data/vendor/tombstones(/.*)?          u:object_r:tombstone_vendor_data_file:s0
 /data/vendor_ce/[0-9]+/ramoops(/.*)?   u:object_r:ramoops_vendor_data_file:s0
 
 # /

sepolicy/vendor/rfs_access.te

@@ -16,3 +16,7 @@ allow rfs_access persist_rfs_file:dir create_dir_perms;
 allow rfs_access persist_rfs_file:file create_file_perms;
 
 allow rfs_access self:socket create_socket_perms_no_ioctl;
+
+# For ramdump entries in /data/vendor/tombstones
+allow rfs_access tombstone_vendor_data_file:dir create_dir_perms;
+allow rfs_access tombstone_vendor_data_file:file create_file_perms;