From 023d43829a355f25facbf89538bfeaa7800c6104 Mon Sep 17 00:00:00 2001
From: Cheng Chang <chengcha@google.com>
Date: Tue, 11 Jun 2024 06:21:24 +0000
Subject: [PATCH 1/2] gps: Move type declaration to device folder

Bug: 343280252
Test: b/343280252 compile and abtd test
Change-Id: I1cbcce4452b149764876643722a0b37a18dc1b46
---
 gps/lsi/sepolicy/file.te             | 5 -----
 gps/lsi/sepolicy/property.te         | 1 -
 gps/lsi/sepolicy/property_contexts   | 2 --
 gps/pixel/sepolicy/hal_gnss_pixel.te | 6 ------
 4 files changed, 14 deletions(-)
 delete mode 100644 gps/lsi/sepolicy/file.te
 delete mode 100644 gps/lsi/sepolicy/property.te
 delete mode 100644 gps/lsi/sepolicy/property_contexts

diff --git a/gps/lsi/sepolicy/file.te b/gps/lsi/sepolicy/file.te
deleted file mode 100644
index 246700a..0000000
--- a/gps/lsi/sepolicy/file.te
+++ /dev/null
@@ -1,5 +0,0 @@
-type vendor_gps_file, file_type, data_file_type;
-type sysfs_gps, sysfs_type, fs_type;
-userdebug_or_eng(`
-  typeattribute vendor_gps_file mlstrustedobject;
-')
diff --git a/gps/lsi/sepolicy/property.te b/gps/lsi/sepolicy/property.te
deleted file mode 100644
index 6b62560..0000000
--- a/gps/lsi/sepolicy/property.te
+++ /dev/null
@@ -1 +0,0 @@
-vendor_internal_prop(vendor_gps_prop)
diff --git a/gps/lsi/sepolicy/property_contexts b/gps/lsi/sepolicy/property_contexts
deleted file mode 100644
index 4546116..0000000
--- a/gps/lsi/sepolicy/property_contexts
+++ /dev/null
@@ -1,2 +0,0 @@
-vendor.gps.                                u:object_r:vendor_gps_prop:s0
-persist.vendor.gps.                        u:object_r:vendor_gps_prop:s0
diff --git a/gps/pixel/sepolicy/hal_gnss_pixel.te b/gps/pixel/sepolicy/hal_gnss_pixel.te
index 512ecc9..20fc7b1 100644
--- a/gps/pixel/sepolicy/hal_gnss_pixel.te
+++ b/gps/pixel/sepolicy/hal_gnss_pixel.te
@@ -1,9 +1,3 @@
-type hal_gnss_pixel, domain;
-hal_server_domain(hal_gnss_pixel, hal_gnss)
-
-type hal_gnss_pixel_exec, exec_type, vendor_file_type, file_type;
-init_daemon_domain(hal_gnss_pixel)
-
 #IPC between pixel and vendor HAL
 binder_call(hal_gnss_pixel, hal_gnss_default)
 

From fe8968a08a6a8ead53a363dd2626f818a017dce3 Mon Sep 17 00:00:00 2001
From: chenkris <chenkris@google.com>
Date: Mon, 10 Jun 2024 03:14:00 +0000
Subject: [PATCH 2/2] gs-common: add fingerprint dump

Bug: 346450599
Test: adb bugreport
Change-Id: I224171a532bba537c11e53cf46be0042038b7732
---
 fingerprint/Android.bp                   | 21 +++++++++++++
 fingerprint/dump_fingerprint.cpp         | 39 ++++++++++++++++++++++++
 fingerprint/fingerprint.mk               |  3 ++
 fingerprint/init.fingerprint.dump.rc     |  2 ++
 fingerprint/sepolicy/dump_fingerprint.te |  5 +++
 fingerprint/sepolicy/file_contexts       |  2 ++
 fingerprint/sepolicy/hal_fingerprint.te  |  1 +
 7 files changed, 73 insertions(+)
 create mode 100644 fingerprint/Android.bp
 create mode 100644 fingerprint/dump_fingerprint.cpp
 create mode 100644 fingerprint/fingerprint.mk
 create mode 100644 fingerprint/init.fingerprint.dump.rc
 create mode 100644 fingerprint/sepolicy/dump_fingerprint.te
 create mode 100644 fingerprint/sepolicy/file_contexts
 create mode 100644 fingerprint/sepolicy/hal_fingerprint.te

diff --git a/fingerprint/Android.bp b/fingerprint/Android.bp
new file mode 100644
index 0000000..b5bd008
--- /dev/null
+++ b/fingerprint/Android.bp
@@ -0,0 +1,21 @@
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_binary {
+    name: "dump_fingerprint",
+    srcs: ["dump_fingerprint.cpp"],
+    init_rc: ["init.fingerprint.dump.rc"],
+    cflags: [
+        "-Wall",
+        "-Wextra",
+        "-Werror",
+    ],
+    shared_libs: [
+        "libbase",
+        "libdump",
+        "liblog",
+    ],
+    vendor: true,
+    relative_install_path: "dump",
+}
diff --git a/fingerprint/dump_fingerprint.cpp b/fingerprint/dump_fingerprint.cpp
new file mode 100644
index 0000000..1c8c7cd
--- /dev/null
+++ b/fingerprint/dump_fingerprint.cpp
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2024 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#include <android-base/file.h>
+#include <dump/pixel_dump.h>
+#include <log/log.h>
+#include <stdio.h>
+#include <string.h>
+
+static constexpr const char *kTombstonesDirPath = "/data/vendor/tombstones/fingerprint/";
+
+int main() {
+    printf("------ Fingerprint tombstones ------\n");
+    std::unique_ptr<DIR, decltype(&closedir)> tombstones_dir(opendir(kTombstonesDirPath), closedir);
+    if (tombstones_dir) {
+        dirent *entry;
+        while ((entry = readdir(tombstones_dir.get())) != nullptr) {
+            std::string file_name(entry->d_name);
+            if (!strcmp(file_name.c_str(), ".") || !strcmp(file_name.c_str(), ".."))
+                continue;
+            std::string file_path(kTombstonesDirPath + file_name);
+            dumpFileContent(file_name.c_str(), file_path.c_str());
+        }
+    }
+
+    return 0;
+}
diff --git a/fingerprint/fingerprint.mk b/fingerprint/fingerprint.mk
new file mode 100644
index 0000000..fb3ceda
--- /dev/null
+++ b/fingerprint/fingerprint.mk
@@ -0,0 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/fingerprint/sepolicy
+
+PRODUCT_PACKAGES += dump_fingerprint
diff --git a/fingerprint/init.fingerprint.dump.rc b/fingerprint/init.fingerprint.dump.rc
new file mode 100644
index 0000000..f00cdc4
--- /dev/null
+++ b/fingerprint/init.fingerprint.dump.rc
@@ -0,0 +1,2 @@
+on post-fs-data
+    mkdir /data/vendor/tombstones/fingerprint 0770 system system
diff --git a/fingerprint/sepolicy/dump_fingerprint.te b/fingerprint/sepolicy/dump_fingerprint.te
new file mode 100644
index 0000000..9af033b
--- /dev/null
+++ b/fingerprint/sepolicy/dump_fingerprint.te
@@ -0,0 +1,5 @@
+pixel_bugreport(dump_fingerprint)
+
+allow dump_fingerprint fingerprint_vendor_data_file:dir r_dir_perms;
+allow dump_fingerprint fingerprint_vendor_data_file:file r_file_perms;
+
diff --git a/fingerprint/sepolicy/file_contexts b/fingerprint/sepolicy/file_contexts
new file mode 100644
index 0000000..a035703
--- /dev/null
+++ b/fingerprint/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+/vendor/bin/dump/dump_fingerprint          u:object_r:dump_fingerprint_exec:s0
+/data/vendor/tombstones/fingerprint(/.*)?  u:object_r:fingerprint_vendor_data_file:s0
diff --git a/fingerprint/sepolicy/hal_fingerprint.te b/fingerprint/sepolicy/hal_fingerprint.te
new file mode 100644
index 0000000..6e1af7e
--- /dev/null
+++ b/fingerprint/sepolicy/hal_fingerprint.te
@@ -0,0 +1 @@
+allow hal_fingerprint trusty_log_device:chr_file r_file_perms;