From a4fa4427bc2f646b47ade202c969df088d3f0ba5 Mon Sep 17 00:00:00 2001
From: Boon Jun Soh <boonjun@google.com>
Date: Fri, 8 Dec 2023 18:54:45 +0800
Subject: [PATCH] Fix rlsservice sepolicy

Allows bugreport generation

Bug: 315255760
Bug: 309379465
Test: abd bugreport & ensure lack of rls avc denied logs
Change-Id: Ic390d6ddd6bac78e5979c78bc6d02262f08b3468
---
 tracking_denials/bug_map      | 1 -
 whitechapel_pro/dumpstate.te  | 2 +-
 whitechapel_pro/rlsservice.te | 4 ++++
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map
index 17977519..39726296 100644
--- a/tracking_denials/bug_map
+++ b/tracking_denials/bug_map
@@ -1,4 +1,3 @@
-dumpstate rlsservice binder b/309379465
 hal_face_default traced_producer_socket sock_file b/305600808
 hal_power_default hal_power_default capability b/237492146
 incidentd debugfs_wakeup_sources file b/282626428
diff --git a/whitechapel_pro/dumpstate.te b/whitechapel_pro/dumpstate.te
index eaab9b2f..da71a845 100644
--- a/whitechapel_pro/dumpstate.te
+++ b/whitechapel_pro/dumpstate.te
@@ -13,4 +13,4 @@ allow dumpstate modem_efs_file:dir r_dir_perms;
 allow dumpstate modem_userdata_file:dir r_dir_perms;
 allow dumpstate modem_img_file:dir r_dir_perms;
 allow dumpstate fuse:dir search;
-
+allow dumpstate rlsservice:binder call;
\ No newline at end of file
diff --git a/whitechapel_pro/rlsservice.te b/whitechapel_pro/rlsservice.te
index 967389a1..e531b0d6 100644
--- a/whitechapel_pro/rlsservice.te
+++ b/whitechapel_pro/rlsservice.te
@@ -32,3 +32,7 @@ allow rlsservice apex_info_file:file r_file_perms;
 
 # Allow read camera property
 get_prop(rlsservice, vendor_camera_prop);
+
+# Allow rlsservice bugreport generation
+allow rlsservice dumpstate:fd use;
+allow rlsservice dumpstate:fifo_file write;
\ No newline at end of file