device_google_wahoo/sepolicy/hal_dumpstate_impl.te

type hal_dumpstate_impl, domain, vendor_executes_system_violators;
hal_server_domain(hal_dumpstate_impl, hal_dumpstate)

type hal_dumpstate_impl_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_dumpstate_impl)

# Execute dump scripts
allow hal_dumpstate_impl shell_exec:file rx_file_perms;
allow hal_dumpstate_impl toolbox_exec:file rx_file_perms;

userdebug_or_eng(`
  # smlog_dump
  domain_auto_trans(hal_dumpstate_impl, smlog_dump_exec, smlog_dump)
  allow hal_dumpstate_impl modem_dump_file:dir create_dir_perms;
  allow hal_dumpstate_impl modem_dump_file:file create_file_perms;
  allow hal_dumpstate_impl radio_data_file:dir r_dir_perms;
  allow hal_dumpstate_impl radio_vendor_data_file:dir r_dir_perms;
  allow hal_dumpstate_impl netmgr_data_file:dir r_dir_perms;
  allow hal_dumpstate_impl radio_data_file:file r_file_perms;
  allow hal_dumpstate_impl radio_vendor_data_file:file r_file_perms;
  allow hal_dumpstate_impl netmgr_data_file:file r_file_perms;
  allow hal_dumpstate_impl debugfs_ipc:dir r_dir_perms;
  allow hal_dumpstate_impl debugfs_ipc:file r_file_perms;

  set_prop(hal_dumpstate_impl, modem_diag_prop)
')

allow hal_dumpstate_impl uio_device:chr_file rw_file_perms;
r_dir_file(hal_dumpstate_impl, sysfs_uio)
r_dir_file(hal_dumpstate_impl, sysfs_rmtfs)
r_dir_file(hal_dumpstate_impl, sysfs_msm_subsys)

allow hal_dumpstate_impl sysfs_thermal:dir search;
allow hal_dumpstate_impl sysfs_thermal:file r_file_perms;

allow hal_dumpstate_impl debugfs_ion:dir r_dir_perms;
allow hal_dumpstate_impl debugfs_ion:file r_file_perms;
allow hal_dumpstate_impl debugfs_rpm:file r_file_perms;
allow hal_dumpstate_impl debugfs_ipc:file r_file_perms;
allow hal_dumpstate_impl proc_stat:file r_file_perms;

# Access to files for dumping
allow hal_dumpstate_impl  sysfs:dir r_dir_perms;
# rpm stat
# usb logs
userdebug_or_eng(`allow hal_dumpstate_impl debugfs_usb:file r_file_perms;')