From 9f8d552411c9fab4ccf163db6d86b0795400809d Mon Sep 17 00:00:00 2001
From: Aaron Ding <aaronding@google.com>
Date: Wed, 2 Jun 2021 01:38:11 +0800
Subject: [PATCH] pixel-selinux: add SJTAG policies

This reverts commit b078284e5d4a1f17b191a9753d10a165dc3fe2eb.

Bug: 184768605
Change-Id: Ib0080e2ba3edf7fa654155fb4a7403d52ad2494a
---
 whitechapel/vendor/google/shell.te        | 6 ++++++
 whitechapel/vendor/google/ssr_detector.te | 2 ++
 2 files changed, 8 insertions(+)

diff --git a/whitechapel/vendor/google/shell.te b/whitechapel/vendor/google/shell.te
index 29274f5f..3dd4a705 100644
--- a/whitechapel/vendor/google/shell.te
+++ b/whitechapel/vendor/google/shell.te
@@ -1 +1,7 @@
 allow shell eco_service:service_manager find;
+
+# Allow access to the SJTAG kernel interface from the shell
+userdebug_or_eng(`
+  allow shell sysfs_sjtag:dir r_dir_perms;
+  allow shell sysfs_sjtag:file rw_file_perms;
+')
diff --git a/whitechapel/vendor/google/ssr_detector.te b/whitechapel/vendor/google/ssr_detector.te
index ff3c40f9..a70edece 100644
--- a/whitechapel/vendor/google/ssr_detector.te
+++ b/whitechapel/vendor/google/ssr_detector.te
@@ -12,6 +12,8 @@ userdebug_or_eng(`
   allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
   allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
   get_prop(ssr_detector_app, vendor_aoc_prop)
+  allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
+  allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
 ')
 
 get_prop(ssr_detector_app, vendor_ssrdump_prop)