From 4099f606812d218efd9a47e0aa97aeac35b9610f Mon Sep 17 00:00:00 2001
From: lucaslin <lucaslin@google.com>
Date: Mon, 3 May 2021 16:29:18 +0800
Subject: [PATCH 1/2] Add sepolicy for tcpdump_logger to access wlan_logs
 folder

tcpdump cannot be zipped into wlan logs when using tcpdump_logger
on-demand function is because tcpdump_logger doesn't have access
of wlan_logs folder.
Add related sepolicies to fix it.

Bug: 183467815
Test: 1. Set logger to wlan
      2. Enable tcpdump_logger on-demand
      3. Start logging
      4. Stop logging
      5. Pull wlan_logs
      6. Check if tcpdump.pcap is zipped into the zip file
Change-Id: Ib1b6c8cbd4512acdbe756d11bfe6f540e16c8db6
---
 whitechapel/vendor/google/tcpdump_logger.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/whitechapel/vendor/google/tcpdump_logger.te b/whitechapel/vendor/google/tcpdump_logger.te
index 329414b6..f017cedf 100644
--- a/whitechapel/vendor/google/tcpdump_logger.te
+++ b/whitechapel/vendor/google/tcpdump_logger.te
@@ -13,6 +13,8 @@ userdebug_or_eng(`
   allow tcpdump_logger tcpdump_vendor_data_file:file create_file_perms;
   allow tcpdump_logger radio_vendor_data_file:file create_file_perms;
   allow tcpdump_logger radio_vendor_data_file:dir create_dir_perms;
+  allow tcpdump_logger wifi_logging_data_file:file create_file_perms;
+  allow tcpdump_logger wifi_logging_data_file:dir create_dir_perms;
 
   set_prop(tcpdump_logger, vendor_tcpdump_log_prop)
 ')

From 34278f05a06e10aa1417f57f2461bd5bb3f76ba0 Mon Sep 17 00:00:00 2001
From: lucaslin <lucaslin@google.com>
Date: Tue, 4 May 2021 10:30:22 +0800
Subject: [PATCH 2/2] Add sepolicy for dumpstate to access logs of
 tcpdump_logger

Bug: 183467815
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I178aca40d94602994eef619f05a26ceb78eeff1f
---
 whitechapel/vendor/google/hal_dumpstate_default.te | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/whitechapel/vendor/google/hal_dumpstate_default.te b/whitechapel/vendor/google/hal_dumpstate_default.te
index c0871bb2..15a1ae5d 100644
--- a/whitechapel/vendor/google/hal_dumpstate_default.te
+++ b/whitechapel/vendor/google/hal_dumpstate_default.te
@@ -124,6 +124,9 @@ userdebug_or_eng(`
   allow hal_dumpstate_default sysfs_bcl:dir r_dir_perms;
   allow hal_dumpstate_default sysfs_bcl:file r_file_perms;
   allow hal_dumpstate_default sysfs_bcl:lnk_file read;
+  allow hal_dumpstate_default tcpdump_vendor_data_file:dir create_dir_perms;
+  allow hal_dumpstate_default tcpdump_vendor_data_file:file create_file_perms;
+  set_prop(hal_dumpstate_default, vendor_tcpdump_log_prop)
 ')
 
 dontaudit hal_dumpstate_default vendor_ion_debugfs:dir r_dir_perms;
@@ -163,3 +166,7 @@ dontaudit hal_dumpstate_default sysfs_bcl:dir r_dir_perms;
 dontaudit hal_dumpstate_default sysfs_bcl:file r_file_perms;
 
 dontaudit hal_dumpstate_default rootfs:dir r_dir_perms;
+
+dontaudit hal_dumpstate_default tcpdump_vendor_data_file:dir create_dir_perms;
+dontaudit hal_dumpstate_default tcpdump_vendor_data_file:file create_file_perms;
+dontaudit hal_dumpstate_default vendor_tcpdump_log_prop:file r_file_perms;