From 5aeb1b9e4556177eb6d85b5458390a967a452d0a Mon Sep 17 00:00:00 2001
From: Rick Yiu <rickyiu@google.com>
Date: Sat, 22 May 2021 13:17:04 +0800
Subject: [PATCH] gs101-sepolicy: Allow dumping vendor groups values

Fix:
avc: denied { read } for name="vendor_sched" dev="sysfs" ino=45566 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0

avc: denied { read } for name="dump_task_group_ta" dev="proc" ino=4026532542 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0

Bug: 172112042
Test: dump data as expected
Change-Id: I9945953dba4afddd34c1535c12193b1f00fdcef9
---
 whitechapel/vendor/google/file.te                  | 1 +
 whitechapel/vendor/google/genfs_contexts           | 2 ++
 whitechapel/vendor/google/hal_dumpstate_default.te | 4 ++++
 3 files changed, 7 insertions(+)

diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te
index 257d1cea..2125c4be 100644
--- a/whitechapel/vendor/google/file.te
+++ b/whitechapel/vendor/google/file.te
@@ -144,6 +144,7 @@ type sysfs_edgetpu, sysfs_type, fs_type;
 
 # Vendor sched files
 type sysfs_vendor_sched, sysfs_type, fs_type;
+type proc_vendor_sched, proc_type, fs_type;
 
 # GPS
 type vendor_gps_file, file_type, data_file_type;
diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts
index 1fa2a451..6be99dbd 100644
--- a/whitechapel/vendor/google/genfs_contexts
+++ b/whitechapel/vendor/google/genfs_contexts
@@ -164,6 +164,8 @@ genfscon sysfs /kernel/vendor_sched/uclamp_threshold                           u
 genfscon sysfs /kernel/vendor_sched/uclamp_util_diff_stats                     u:object_r:sysfs_vendor_sched:s0
 genfscon sysfs /kernel/vendor_sched/util_threshold                             u:object_r:sysfs_vendor_sched:s0
 
+genfscon proc  /vendor_sched                                                   u:object_r:proc_vendor_sched:s0
+
 # GPS
 genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby   u:object_r:sysfs_gps:s0
 
diff --git a/whitechapel/vendor/google/hal_dumpstate_default.te b/whitechapel/vendor/google/hal_dumpstate_default.te
index 38381b15..a0bbd3a9 100644
--- a/whitechapel/vendor/google/hal_dumpstate_default.te
+++ b/whitechapel/vendor/google/hal_dumpstate_default.te
@@ -91,6 +91,10 @@ binder_call(hal_dumpstate_default, citadeld);
 allow hal_dumpstate_default vendor_displaycolor_service:service_manager find;
 binder_call(hal_dumpstate_default, hal_graphics_composer_default);
 
+allow hal_dumpstate_default sysfs_vendor_sched:file read;
+allow hal_dumpstate_default proc_vendor_sched:dir r_dir_perms;
+allow hal_dumpstate_default proc_vendor_sched:file r_file_perms;
+
 userdebug_or_eng(`
   allow hal_dumpstate_default mnt_vendor_file:dir search;
   allow hal_dumpstate_default ramdump_vendor_mnt_file:dir search;