From f39a955d95f76da1838f63b6968540bbdc9ae025 Mon Sep 17 00:00:00 2001
From: Lucas Wei <lucaswei@google.com>
Date: Tue, 29 Oct 2024 07:10:23 +0000
Subject: [PATCH] Introduce Pixel mailbox module

Introduce Pixel mailbox module to dump debugging messages and integrate
with bugreport.
This patch also create sepolicy files to avoid avc denied.

avc:  denied  { search } for  comm="dump_mailbox" name="radio" dev="dm-57" ino=375 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1
avc:  denied  { search } for  comm="dump_mailbox" name="instances" dev="tracefs" ino=4203 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances:s0 tclass=dir permissive=1
avc:  denied  { read } for  comm="dump_mailbox" name="trace" dev="tracefs" ino=7250 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances:s0 tclass=file permissive=1
avc:  denied  { open } for  comm="dump_mailbox" path="/sys/kernel/tracing/instances/goog_cpm_mailbox/trace" dev="tracefs" ino=7187 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_traci
avc:  denied  { create } for  comm="dump_mailbox" name="goog_cpm_mailbox_trace" scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { write open } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=29097 scontext=u:r:dump_mailbox:s0 tcontex=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=29097 scontext=u:r:dump_mailbox:s0 tcontext=ut=5 audit_backlog_limit=64
=1
avc:  denied  { read } for  comm="dump_mailbox" name="trace" dev="tracefs" ino=5239 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances_mailbox:s0 tclass=file permissive=1
avc:  denied  { open } for  comm="dump_mailbox" path="/sys/kernel/tracing/instances/goog_cpm_mailbox/trace" dev="tracefs" ino=5239 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances_mailbox:s0 tclass=file permissive=1
avc:  denied  { create } for  comm="dump_mailbox" name="goog_cpm_mailbox_trace" scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { write open } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=30937 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/sys/kernel/tracing/instances/goog_cpm_mailbox/trace" dev="tracefs" ino=5239 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances_mailbox:s0 tclass=file permissive=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=30937 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { create } for  comm="dump_mailbox" name="goog_cpm_mailbox_trace" scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclas(6 results) 15:39:41 [4796/19306]
avc:  denied  { write open } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=32864 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=32864 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1

Flag: EXEMPT, add mailbox dump program to bugreport
Bug: 363168077
Change-Id: I622f37bf8f913df8d9b242ab206fc267d446753d
---
 mailbox/Android.bp                    | 21 ++++++++++++++++++
 mailbox/dump/dump_mailbox.cpp         | 32 +++++++++++++++++++++++++++
 mailbox/dump/sepolicy/dump_mailbox.te |  7 ++++++
 mailbox/dump/sepolicy/file.te         |  2 ++
 mailbox/dump/sepolicy/file_contexts   |  1 +
 mailbox/dump/sepolicy/genfs_contexts  |  2 ++
 mailbox/init.mailbox.rc               |  8 +++++++
 mailbox/mailbox.mk                    |  3 +++
 8 files changed, 76 insertions(+)
 create mode 100644 mailbox/Android.bp
 create mode 100644 mailbox/dump/dump_mailbox.cpp
 create mode 100644 mailbox/dump/sepolicy/dump_mailbox.te
 create mode 100644 mailbox/dump/sepolicy/file.te
 create mode 100644 mailbox/dump/sepolicy/file_contexts
 create mode 100644 mailbox/dump/sepolicy/genfs_contexts
 create mode 100644 mailbox/init.mailbox.rc
 create mode 100644 mailbox/mailbox.mk

diff --git a/mailbox/Android.bp b/mailbox/Android.bp
new file mode 100644
index 0000000..6969685
--- /dev/null
+++ b/mailbox/Android.bp
@@ -0,0 +1,21 @@
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_binary {
+    name: "dump_mailbox",
+    srcs: ["dump/dump_mailbox.cpp"],
+    init_rc: ["init.mailbox.rc"],
+    cflags: [
+        "-Wall",
+        "-Wextra",
+        "-Werror",
+    ],
+    shared_libs: [
+        "libbase",
+        "libdump",
+        "liblog",
+    ],
+    vendor: true,
+    relative_install_path: "dump",
+}
diff --git a/mailbox/dump/dump_mailbox.cpp b/mailbox/dump/dump_mailbox.cpp
new file mode 100644
index 0000000..8f63b30
--- /dev/null
+++ b/mailbox/dump/dump_mailbox.cpp
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <dump/pixel_dump.h>
+#include <android-base/file.h>
+
+int main() {
+    std::string outputDir = concatenatePath(BUGREPORT_PACKING_DIR, "mailbox");
+    if (mkdir(outputDir.c_str(), 0777) == -1) {
+        printf("Unable to create folder: %s\n", outputDir.c_str());
+        return 0;
+    }
+
+    copyFile("/sys/kernel/tracing/instances/goog_cpm_mailbox/trace",
+             concatenatePath(outputDir.c_str(), "goog_cpm_mailbox_trace").c_str());
+    copyFile("/sys/kernel/tracing/instances/goog_nq_mailbox/trace",
+             concatenatePath(outputDir.c_str(), "goog_nq_mailbox_trace").c_str());
+
+    return 0;
+}
diff --git a/mailbox/dump/sepolicy/dump_mailbox.te b/mailbox/dump/sepolicy/dump_mailbox.te
new file mode 100644
index 0000000..64f184c
--- /dev/null
+++ b/mailbox/dump/sepolicy/dump_mailbox.te
@@ -0,0 +1,7 @@
+#
+pixel_bugreport(dump_mailbox)
+allow dump_mailbox radio_vendor_data_file:dir create_dir_perms;
+allow dump_mailbox radio_vendor_data_file:file create_file_perms;
+allow dump_mailbox debugfs_tracing_instances:file r_file_perms;
+allow dump_mailbox debugfs_tracing_instances:dir search;
+allow dump_mailbox debugfs_tracing_instances_mailbox:file r_file_perms;
diff --git a/mailbox/dump/sepolicy/file.te b/mailbox/dump/sepolicy/file.te
new file mode 100644
index 0000000..5bb7bc4
--- /dev/null
+++ b/mailbox/dump/sepolicy/file.te
@@ -0,0 +1,2 @@
+#
+type debugfs_tracing_instances_mailbox, sysfs_type, fs_type;
diff --git a/mailbox/dump/sepolicy/file_contexts b/mailbox/dump/sepolicy/file_contexts
new file mode 100644
index 0000000..b9bea15
--- /dev/null
+++ b/mailbox/dump/sepolicy/file_contexts
@@ -0,0 +1 @@
+/vendor/bin/dump/dump_mailbox     u:object_r:dump_mailbox_exec:s0
diff --git a/mailbox/dump/sepolicy/genfs_contexts b/mailbox/dump/sepolicy/genfs_contexts
new file mode 100644
index 0000000..0bac5e8
--- /dev/null
+++ b/mailbox/dump/sepolicy/genfs_contexts
@@ -0,0 +1,2 @@
+genfscon tracefs /instances/goog_cpm_mailbox/trace u:object_r:debugfs_tracing_instances_mailbox:s0
+genfscon tracefs /instances/goog_nq_mailbox/trace  u:object_r:debugfs_tracing_instances_mailbox:s0
diff --git a/mailbox/init.mailbox.rc b/mailbox/init.mailbox.rc
new file mode 100644
index 0000000..7659290
--- /dev/null
+++ b/mailbox/init.mailbox.rc
@@ -0,0 +1,8 @@
+on property:sys.boot_completed=1
+    chown system system /sys/kernel/tracing/instances/goog_cpm_mailbox
+    chown system system /sys/kernel/tracing/instances/goog_cpm_mailbox/trace
+    write /sys/kernel/tracing/instances/goog_cpm_mailbox/buffer_size_kb 512
+
+    chown system system /sys/kernel/tracing/instances/goog_nq_mailbox
+    chown system system /sys/kernel/tracing/instances/goog_nq_mailbox/trace
+    write /sys/kernel/tracing/instances/goog_nq_mailbox/buffer_size_kb 512
diff --git a/mailbox/mailbox.mk b/mailbox/mailbox.mk
new file mode 100644
index 0000000..aeefb9a
--- /dev/null
+++ b/mailbox/mailbox.mk
@@ -0,0 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/mailbox/dump/sepolicy
+
+PRODUCT_PACKAGES += dump_mailbox