From 7d245967c13c775b60d4a420a439c8c7ff05f2a1 Mon Sep 17 00:00:00 2001 From: Ravi Jain Date: Fri, 8 Mar 2024 09:13:38 +0000 Subject: [PATCH] dumpstate: touch: Add touch_predump for stm 10-01 21:39:00.372 11262 11262 I sh : type=1400 audit(0.0:20): avc: denied { write } for name="driver_test" dev="proc" ino=4026536282 scontext=u:r:predump_touch:s0 tcontext=u:object_r:proc_touch:s0 tclass=file permissive=1 10-01 21:39:00.432 11265 11265 I cat : type=1400 audit(0.0:22): avc: denied { search } for name="spi20.0" dev="sysfs" ino=55787 scontext=u:r:predump_touch:s0 tcontext=u:object_r:sysfs_touch:s0 tclass=dir permissive=1 10-01 21:39:00.444 11262 11262 I sh : type=1400 audit(0.0:25): avc: denied { write } for name="stm_fts_cmd" dev="sysfs" ino=112798 scontext=u:r:predump_touch:s0 tcontext=u:object_r:sysfs_touch:s0 tclass=file permissive=1 Test: b/318578275 Test: Flash on dogfood device and check touch dump logs Bug: 287907308 Flag: EXEMPT bugfix Change-Id: I9dade94f96879a269b5db2ebbe9595ea0e099acc --- touch/stm/Android.bp | 7 +++++++ touch/stm/predump_sepolicy/file.te | 3 +++ touch/stm/predump_sepolicy/file_contexts | 2 ++ touch/stm/predump_sepolicy/genfs_contexts | 7 +++++++ touch/stm/predump_sepolicy/predump_touch.te | 6 ++++++ touch/stm/predump_sepolicy/property.te | 2 ++ touch/stm/predump_sepolicy/property_contexts | 2 ++ touch/stm/predump_sepolicy/vendor_init.te | 2 ++ touch/stm/predump_stm20.mk | 6 ++++++ touch/stm/predump_stm6.mk | 6 ++++++ 10 files changed, 43 insertions(+) create mode 100644 touch/stm/predump_sepolicy/file.te create mode 100644 touch/stm/predump_sepolicy/file_contexts create mode 100644 touch/stm/predump_sepolicy/genfs_contexts create mode 100644 touch/stm/predump_sepolicy/predump_touch.te create mode 100644 touch/stm/predump_sepolicy/property.te create mode 100644 touch/stm/predump_sepolicy/property_contexts create mode 100644 touch/stm/predump_sepolicy/vendor_init.te create mode 100644 touch/stm/predump_stm20.mk create mode 100644 touch/stm/predump_stm6.mk diff --git a/touch/stm/Android.bp b/touch/stm/Android.bp index 1727f07..0d64fd6 100644 --- a/touch/stm/Android.bp +++ b/touch/stm/Android.bp @@ -8,3 +8,10 @@ sh_binary { vendor: true, sub_dir: "dump", } + +sh_binary { + name: "predump_stm.sh", + src: "dump_stm.sh", + vendor: true, + sub_dir: "dump_touch", +} diff --git a/touch/stm/predump_sepolicy/file.te b/touch/stm/predump_sepolicy/file.te new file mode 100644 index 0000000..7f298c3 --- /dev/null +++ b/touch/stm/predump_sepolicy/file.te @@ -0,0 +1,3 @@ +# touch predump script +type proc_touch, proc_type, fs_type; +type sysfs_touch, sysfs_type, fs_type; diff --git a/touch/stm/predump_sepolicy/file_contexts b/touch/stm/predump_sepolicy/file_contexts new file mode 100644 index 0000000..2667543 --- /dev/null +++ b/touch/stm/predump_sepolicy/file_contexts @@ -0,0 +1,2 @@ +/vendor/bin/dump_touch/predump_stm\.sh u:object_r:predump_touch_exec:s0 + diff --git a/touch/stm/predump_sepolicy/genfs_contexts b/touch/stm/predump_sepolicy/genfs_contexts new file mode 100644 index 0000000..2ed8978 --- /dev/null +++ b/touch/stm/predump_sepolicy/genfs_contexts @@ -0,0 +1,7 @@ +genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0 u:object_r:sysfs_touch:s0 +genfscon sysfs /devices/platform/10d40000.spi/spi_master/spi11/spi11.0 u:object_r:sysfs_touch:s0 +genfscon sysfs /devices/platform/10950000.spi/spi_master/spi6/spi6.0 u:object_r:sysfs_touch:s0 + +genfscon proc /fts/driver_test u:object_r:proc_touch:s0 +genfscon proc /fts_ext/driver_test u:object_r:proc_touch:s0 + diff --git a/touch/stm/predump_sepolicy/predump_touch.te b/touch/stm/predump_sepolicy/predump_touch.te new file mode 100644 index 0000000..f0f458c --- /dev/null +++ b/touch/stm/predump_sepolicy/predump_touch.te @@ -0,0 +1,6 @@ +# touch predump script +allow predump_touch proc_touch:file rw_file_perms; +allow predump_touch sysfs_touch:dir search; +allow predump_touch sysfs_touch:file rw_file_perms; + +get_prop(predump_touch vendor_touch_dump_path_prop) diff --git a/touch/stm/predump_sepolicy/property.te b/touch/stm/predump_sepolicy/property.te new file mode 100644 index 0000000..612c855 --- /dev/null +++ b/touch/stm/predump_sepolicy/property.te @@ -0,0 +1,2 @@ +# touch predump script +vendor_internal_prop(vendor_touch_dump_path_prop) diff --git a/touch/stm/predump_sepolicy/property_contexts b/touch/stm/predump_sepolicy/property_contexts new file mode 100644 index 0000000..db9fd5a --- /dev/null +++ b/touch/stm/predump_sepolicy/property_contexts @@ -0,0 +1,2 @@ +ro.vendor.touch.dump. u:object_r:vendor_touch_dump_path_prop:s0 + diff --git a/touch/stm/predump_sepolicy/vendor_init.te b/touch/stm/predump_sepolicy/vendor_init.te new file mode 100644 index 0000000..9017c5b --- /dev/null +++ b/touch/stm/predump_sepolicy/vendor_init.te @@ -0,0 +1,2 @@ +# touch predump script +set_prop(vendor_init, vendor_touch_dump_path_prop) diff --git a/touch/stm/predump_stm20.mk b/touch/stm/predump_stm20.mk new file mode 100644 index 0000000..cdf3e35 --- /dev/null +++ b/touch/stm/predump_stm20.mk @@ -0,0 +1,6 @@ +PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.sys=/sys/class/spi_master/spi20/spi20.0 +PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.proc=/proc/fts/driver_test + +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/stm/predump_sepolicy + +PRODUCT_PACKAGES += predump_stm.sh diff --git a/touch/stm/predump_stm6.mk b/touch/stm/predump_stm6.mk new file mode 100644 index 0000000..2cbde2c --- /dev/null +++ b/touch/stm/predump_stm6.mk @@ -0,0 +1,6 @@ +PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.sys=/sys/class/spi_master/spi6/spi6.0 +PRODUCT_VENDOR_PROPERTIES += ro.vendor.touch.dump.proc=/proc/fts_ext/driver_test + +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/stm/predump_sepolicy + +PRODUCT_PACKAGES += predump_stm.sh