rfs_access: Limit and specify tombstone_rfs_vendor_data_file label for rfs_access am: fe77ce7472

am: 866d206666

Change-Id: Ib692ebdf056639c83c08bcb7a087942391e1e1f8

sepolicy/vendor/file.te

@@ -79,8 +79,8 @@ type sensors_vendor_data_file, file_type, data_file_type;
 type audio_vendor_data_file, file_type, data_file_type;
 type mediadrm_vendor_data_file, file_type, data_file_type;
 
-# Tombstone vendor data
-type tombstone_vendor_data_file, file_type, data_file_type;
+# Tombstone RFS vendor data
+type tombstone_rfs_vendor_data_file, file_type, data_file_type;
 
 #diag sysfs files
 type sysfs_diag, fs_type, sysfs_type;

sepolicy/vendor/file_contexts

@@ -256,7 +256,7 @@
 /data/vendor/sensors(/.*)?             u:object_r:sensors_vendor_data_file:s0
 /data/vendor/audio(/.*)?               u:object_r:audio_vendor_data_file:s0
 /data/vendor/mediadrm(/.*)?            u:object_r:mediadrm_vendor_data_file:s0
-/data/vendor/tombstones(/.*)?          u:object_r:tombstone_vendor_data_file:s0
+/data/vendor/tombstones/rfs(/.*)?      u:object_r:tombstone_rfs_vendor_data_file:s0
 /data/vendor_ce/[0-9]+/ramoops(/.*)?   u:object_r:ramoops_vendor_data_file:s0
 
 # /

sepolicy/vendor/rfs_access.te

@@ -18,5 +18,5 @@ allow rfs_access persist_rfs_file:file create_file_perms;
 allow rfs_access self:socket create_socket_perms_no_ioctl;
 
 # For ramdump entries in /data/vendor/tombstones
-allow rfs_access tombstone_vendor_data_file:dir create_dir_perms;
-allow rfs_access tombstone_vendor_data_file:file create_file_perms;
+allow rfs_access tombstone_rfs_vendor_data_file:dir create_dir_perms;
+allow rfs_access tombstone_rfs_vendor_data_file:file create_file_perms;