From 85b1b4d5e13c01e2fb4137c183a48b9f391e583f Mon Sep 17 00:00:00 2001
From: Jie Song <jies@google.com>
Date: Tue, 25 Apr 2017 13:55:49 -0700
Subject: [PATCH] Adding allows for smlog and dumpstate

1. Adding allows for smlog and dumpstate
2. Moving log path to data/vendor

Bug: 37169733
Test: Verify modem logs in bugreport
Change-Id: Ifaef1976bc7b88afdd3ee2a7ef82a78853c5ee14
---
 sepolicy/dumpstate.te          | 4 ++--
 sepolicy/file.te               | 4 +---
 sepolicy/file_contexts         | 2 ++
 sepolicy/hal_dumpstate_impl.te | 4 ++--
 sepolicy/smlog_dump.te         | 8 ++++++--
 5 files changed, 13 insertions(+), 9 deletions(-)

diff --git a/sepolicy/dumpstate.te b/sepolicy/dumpstate.te
index 5047acb9..b907c410 100644
--- a/sepolicy/dumpstate.te
+++ b/sepolicy/dumpstate.te
@@ -1,4 +1,4 @@
 userdebug_or_eng(`
-  allow dumpstate smlog_dump_file:dir create_dir_perms;
-  allow dumpstate smlog_dump_file:file create_file_perms;
+  allow dumpstate modem_dump_file:dir create_dir_perms;
+  allow dumpstate modem_dump_file:file create_file_perms;
 ')
diff --git a/sepolicy/file.te b/sepolicy/file.te
index 872ee20c..3d2d7b76 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -13,9 +13,6 @@ type debugfs_rpm, debugfs_type, fs_type;
 type debugfs_rmt_storage, debugfs_type, fs_type;
 type debugfs_usb, debugfs_type, fs_type;
 
-type smlog_dump_file, file_type, data_file_type;
-
-
 # /proc
 type proc_wifi_dbg, fs_type;
 
@@ -43,6 +40,7 @@ type nfc_vendor_data_file, file_type, data_file_type;
 type radio_vendor_data_file, file_type, data_file_type, mlstrustedobject;
 type cnss_vendor_data_file, file_type, data_file_type, mlstrustedobject;
 type ramdump_vendor_data_file, file_type, data_file_type, mlstrustedobject;
+type modem_dump_file, file_type, data_file_type;
 
 type vendor_firmware_file, vendor_file_type, file_type;
 
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 89714bb6..fb0a6b4c 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -184,6 +184,7 @@
 /vendor/bin/port-bridge         u:object_r:port-bridge_exec:s0
 /vendor/bin/qti                 u:object_r:qti_exec:s0
 /vendor/bin/ramdump             u:object_r:ramdump_exec:s0
+/vendor/bin/smlog_dump          u:object_r:smlog_dump_exec:s0
 /vendor/bin/wcnss_filter        u:object_r:wcnss_filter_exec:s0
 /vendor/bin/loc_launcher        u:object_r:location_exec:s0
 /vendor/bin/lowi-server         u:object_r:location_exec:s0
@@ -242,6 +243,7 @@
 /data/vendor/radio(/.*)?               u:object_r:radio_vendor_data_file:s0
 /data/vendor/wifi(/.*)?                u:object_r:cnss_vendor_data_file:s0
 /data/vendor/ramdump(/.*)?             u:object_r:ramdump_vendor_data_file:s0
+/data/vendor/modem_dump(/.*)?          u:object_r:modem_dump_file:s0
 
 # /
 /tombstones             u:object_r:rootfs:s0
diff --git a/sepolicy/hal_dumpstate_impl.te b/sepolicy/hal_dumpstate_impl.te
index 1807a7e7..7e8d0b4e 100644
--- a/sepolicy/hal_dumpstate_impl.te
+++ b/sepolicy/hal_dumpstate_impl.te
@@ -11,8 +11,8 @@ allow hal_dumpstate_impl toolbox_exec:file rx_file_perms;
 userdebug_or_eng(`
   # smlog_dump
   domain_auto_trans(hal_dumpstate_impl, smlog_dump_exec, smlog_dump)
-  allow hal_dumpstate_impl smlog_dump_file:dir create_dir_perms;
-  allow hal_dumpstate_impl smlog_dump_file:file create_file_perms;
+  allow hal_dumpstate_impl modem_dump_file:dir create_dir_perms;
+  allow hal_dumpstate_impl modem_dump_file:file create_file_perms;
   allow hal_dumpstate_impl radio_data_file:dir r_dir_perms;
   allow hal_dumpstate_impl radio_vendor_data_file:dir r_dir_perms;
   allow hal_dumpstate_impl netmgr_data_file:dir r_dir_perms;
diff --git a/sepolicy/smlog_dump.te b/sepolicy/smlog_dump.te
index 13cda860..ece406b7 100644
--- a/sepolicy/smlog_dump.te
+++ b/sepolicy/smlog_dump.te
@@ -2,8 +2,8 @@ type smlog_dump_exec, exec_type, vendor_file_type, file_type;
 
 userdebug_or_eng(`
   type smlog_dump, domain;
-  allow smlog_dump smlog_dump_file:dir r_dir_perms;
-  allow smlog_dump smlog_dump_file:file create_file_perms;
+  allow smlog_dump modem_dump_file:dir create_dir_perms;
+  allow smlog_dump modem_dump_file:file create_file_perms;
   r_dir_file(smlog_dump, sysfs_uio)
   r_dir_file(smlog_dump, sysfs_rmtfs)
 
@@ -12,6 +12,7 @@ userdebug_or_eng(`
   allow smlog_dump rild:fd use;
   allow smlog_dump rild:fifo_file { read write };
   allow smlog_dump rild:unix_stream_socket { read write };
+  allow smlog_dump rild:netlink_generic_socket { read write };
   allow smlog_dump self:socket create_socket_perms;
   allowxperm smlog_dump self:socket ioctl msm_sock_ipc_ioctls;
   allow smlog_dump sysfs:dir r_dir_perms;
@@ -20,4 +21,7 @@ userdebug_or_eng(`
   allow smlog_dump sysfs_msm_subsys:lnk_file read;
   allow smlog_dump sysfs_soc:dir search;
   allow smlog_dump sysfs_soc:file r_file_perms;
+  allow smlog_dump dumpstate:fd use;
+  allow smlog_dump hal_dumpstate_impl:fd use;
+  allow smlog_dump uio_device:chr_file rw_file_perms;
 ')