From 34278f05a06e10aa1417f57f2461bd5bb3f76ba0 Mon Sep 17 00:00:00 2001 From: lucaslin Date: Tue, 4 May 2021 10:30:22 +0800 Subject: [PATCH] Add sepolicy for dumpstate to access logs of tcpdump_logger Bug: 183467815 Test: 1. Enable tcpdump_logger always-on function 2. Dump bugreport 3. Pull dumpstate_board.bin and chagne it to zip 4. Unzip dumpstate_board.zip and check if tcpdump files are there. Change-Id: I178aca40d94602994eef619f05a26ceb78eeff1f --- whitechapel/vendor/google/hal_dumpstate_default.te | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/whitechapel/vendor/google/hal_dumpstate_default.te b/whitechapel/vendor/google/hal_dumpstate_default.te index c0871bb2..15a1ae5d 100644 --- a/whitechapel/vendor/google/hal_dumpstate_default.te +++ b/whitechapel/vendor/google/hal_dumpstate_default.te @@ -124,6 +124,9 @@ userdebug_or_eng(` allow hal_dumpstate_default sysfs_bcl:dir r_dir_perms; allow hal_dumpstate_default sysfs_bcl:file r_file_perms; allow hal_dumpstate_default sysfs_bcl:lnk_file read; + allow hal_dumpstate_default tcpdump_vendor_data_file:dir create_dir_perms; + allow hal_dumpstate_default tcpdump_vendor_data_file:file create_file_perms; + set_prop(hal_dumpstate_default, vendor_tcpdump_log_prop) ') dontaudit hal_dumpstate_default vendor_ion_debugfs:dir r_dir_perms; @@ -163,3 +166,7 @@ dontaudit hal_dumpstate_default sysfs_bcl:dir r_dir_perms; dontaudit hal_dumpstate_default sysfs_bcl:file r_file_perms; dontaudit hal_dumpstate_default rootfs:dir r_dir_perms; + +dontaudit hal_dumpstate_default tcpdump_vendor_data_file:dir create_dir_perms; +dontaudit hal_dumpstate_default tcpdump_vendor_data_file:file create_file_perms; +dontaudit hal_dumpstate_default vendor_tcpdump_log_prop:file r_file_perms;