From 5e8b518a770f000490ab10265fd3a29ec25b9037 Mon Sep 17 00:00:00 2001
From: Wilson Sung <wilsonsung@google.com>
Date: Mon, 18 Mar 2024 02:58:47 +0000
Subject: [PATCH 1/2] Update SELinux error

Test: SELinuxUncheckedDenialBootTest
Bug: 329380904
Merged-In: I5ef59058c7c7487a8a9cb238767e019631c5ac63
Change-Id: I5ef59058c7c7487a8a9cb238767e019631c5ac63
---
 tracking_denials/bug_map | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map
index 671bcae6..8bfda1e5 100644
--- a/tracking_denials/bug_map
+++ b/tracking_denials/bug_map
@@ -9,6 +9,7 @@ kernel dm_device blk_file b/315907959
 kernel tmpfs chr_file b/315907959
 rild default_prop file b/315720636
 rild default_prop file b/315720725
+shell sysfs_net file b/329380904
 surfaceflinger selinuxfs file b/313804340
 untrusted_app nativetest_data_file dir b/305600845
 untrusted_app shell_test_data_file dir b/305600845

From 2034e36abbb870da145acd246a5602a04134d627 Mon Sep 17 00:00:00 2001
From: Spade Lee <spadelee@google.com>
Date: Thu, 21 Mar 2024 00:29:41 +0000
Subject: [PATCH 2/2] pixelstats_vendor: add logbuffer_device r_file_perms

avc: denied { read } for name="logbuffer_maxfg_monitor" dev="tmpfs" ino=1034 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=0

Bug: 329174074
Test: no denied log, and able to read logbuffer in pixelstats_vendor
Signed-off-by: Spade Lee <spadelee@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:66d3a4ef4e33553862de92119cd2345b777df1f6)
Merged-In: I2c6069f43d17114f937657724dc34e43cf3d48fe
Change-Id: I2c6069f43d17114f937657724dc34e43cf3d48fe
---
 whitechapel/vendor/google/pixelstats_vendor.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/whitechapel/vendor/google/pixelstats_vendor.te b/whitechapel/vendor/google/pixelstats_vendor.te
index 7496a7ce..33e9511c 100644
--- a/whitechapel/vendor/google/pixelstats_vendor.te
+++ b/whitechapel/vendor/google/pixelstats_vendor.te
@@ -25,6 +25,7 @@ allow pixelstats_vendor fwk_sensor_service:service_manager find;
 
 # Batery history
 allow pixelstats_vendor battery_history_device:chr_file r_file_perms;
+allow pixelstats_vendor logbuffer_device:chr_file r_file_perms;
 
 #vendor-metrics
 r_dir_file(pixelstats_vendor, sysfs_vendor_metrics)