From 0218941cb86c12e1a97faa8ff4e3f436342ac917 Mon Sep 17 00:00:00 2001
From: Adam Shih <adamshih@google.com>
Date: Mon, 15 Mar 2021 11:00:41 +0800
Subject: [PATCH] allow df to collect partition info

Bug: 179310854
Test: do bugreport and the error disappear
Change-Id: I9fdcbb27742a70f3b796c668c3e0d4688d36b4d8
---
 tracking_denials/dumpstate.te          | 38 +++-----------------------
 whitechapel/vendor/google/dumpstate.te |  5 ++++
 2 files changed, 9 insertions(+), 34 deletions(-)

diff --git a/tracking_denials/dumpstate.te b/tracking_denials/dumpstate.te
index 6c6d8ec7..1f3ef62e 100644
--- a/tracking_denials/dumpstate.te
+++ b/tracking_denials/dumpstate.te
@@ -1,35 +1,5 @@
-# ag/13067824
-dontaudit dumpstate fuse:dir r_dir_perms;
-# b/174618507
-dontaudit dumpstate default_android_service:service_manager { find };
-dontaudit dumpstate vold:binder { call };
-dontaudit dumpstate modem_userdata_file:dir { getattr };
-dontaudit dumpstate modem_efs_file:dir { getattr };
-dontaudit dumpstate vold:binder { call };
-dontaudit dumpstate modem_userdata_file:dir { getattr };
-dontaudit dumpstate hal_drm_clearkey:process { signal };
-dontaudit dumpstate hal_drm_clearkey:process { signal };
-dontaudit dumpstate modem_efs_file:dir { getattr };
-# b/177778645
-dontaudit dumpstate ramdump_vendor_mnt_file:filesystem { getattr };
-dontaudit dumpstate ramdump_vendor_mnt_file:filesystem { getattr };
-dontaudit dumpstate ramdump_vendor_mnt_file:dir { getattr };
-dontaudit dumpstate ramdump_vendor_mnt_file:dir { getattr };
-# b/177860804
-dontaudit dumpstate incident:process { sigkill };
-dontaudit dumpstate incident:process { signal };
-dontaudit dumpstate incident:process { sigkill };
-dontaudit dumpstate incident:process { signal };
 # b/179310854
-dontaudit dumpstate unlabeled:dir { getattr };
-dontaudit dumpstate unlabeled:dir { getattr };
-# b/180963249
-dontaudit dumpstate hal_neuralnetworks_armnn:process { signal };
-dontaudit dumpstate hal_neuralnetworks_armnn:process { signal };
-# b/181915316
-dontaudit dumpstate vendor_dmabuf_debugfs:file { read };
-dontaudit dumpstate vendor_dmabuf_debugfs:file { open };
-dontaudit dumpstate vendor_dmabuf_debugfs:file { getattr };
-dontaudit dumpstate vendor_dmabuf_debugfs:file { getattr };
-dontaudit dumpstate vendor_dmabuf_debugfs:file { read };
-dontaudit dumpstate vendor_dmabuf_debugfs:file { open };
+dontaudit dumpstate hal_neuralnetworks_armnn:process signal;
+dontaudit dumpstate hal_power_stats_vendor_service:service_manager find;
+dontaudit dumpstate vendor_dmabuf_debugfs:file { getattr open read };
+dontaudit dumpstate vold:binder call;
diff --git a/whitechapel/vendor/google/dumpstate.te b/whitechapel/vendor/google/dumpstate.te
index fb325056..462492cc 100644
--- a/whitechapel/vendor/google/dumpstate.te
+++ b/whitechapel/vendor/google/dumpstate.te
@@ -2,3 +2,8 @@ dump_hal(hal_telephony)
 
 allow dumpstate sysfs_scsi_devices_0000:file r_file_perms;
 allow dumpstate persist_file:dir r_dir_perms;
+
+allow dumpstate modem_efs_file:dir getattr;
+allow dumpstate modem_img_file:dir getattr;
+allow dumpstate modem_userdata_file:dir getattr;
+allow dumpstate fuse:dir search;