From 53ee1c09b908f405099b4efe46978e2693524d5e Mon Sep 17 00:00:00 2001
From: Adam Shih <adamshih@google.com>
Date: Fri, 28 Oct 2022 11:59:23 +0800
Subject: [PATCH] review cbd

Bug: 254378739
Test: boot with cbd launched
Change-Id: I9c89c0fc3b40957bc60dd7854788d49e498fc0cd
---
 legacy/whitechapel_pro/file.te            | 1 -
 legacy/whitechapel_pro/file_contexts      | 2 --
 legacy/whitechapel_pro/init.te            | 3 ---
 {legacy/whitechapel_pro => vendor}/cbd.te | 0
 vendor/file.te                            | 3 +++
 vendor/file_contexts                      | 2 ++
 vendor/init.te                            | 3 +++
 7 files changed, 8 insertions(+), 6 deletions(-)
 rename {legacy/whitechapel_pro => vendor}/cbd.te (100%)

diff --git a/legacy/whitechapel_pro/file.te b/legacy/whitechapel_pro/file.te
index dad2e39a..df636896 100644
--- a/legacy/whitechapel_pro/file.te
+++ b/legacy/whitechapel_pro/file.te
@@ -49,7 +49,6 @@ type vendor_page_pinner_debugfs, fs_type, debugfs_type;
 # persist
 type persist_battery_file, file_type, vendor_persist_type;
 type persist_camera_file, file_type, vendor_persist_type;
-type persist_modem_file, file_type, vendor_persist_type;
 type persist_sensor_reg_file, file_type, vendor_persist_type;
 type persist_ss_file, file_type, vendor_persist_type;
 type persist_uwb_file, file_type, vendor_persist_type;
diff --git a/legacy/whitechapel_pro/file_contexts b/legacy/whitechapel_pro/file_contexts
index 641988bc..0e2949d4 100644
--- a/legacy/whitechapel_pro/file_contexts
+++ b/legacy/whitechapel_pro/file_contexts
@@ -3,7 +3,6 @@
 /vendor/bin/sced                                                            u:object_r:sced_exec:s0
 /vendor/bin/vcd                                                             u:object_r:vcd_exec:s0
 /vendor/bin/chre                                                            u:object_r:chre_exec:s0
-/vendor/bin/cbd                                                             u:object_r:cbd_exec:s0
 /vendor/bin/bipchmgr                                                        u:object_r:bipchmgr_exec:s0
 /vendor/bin/storageproxyd                                                   u:object_r:tee_exec:s0
 /vendor/bin/init\.radio\.sh                                                 u:object_r:init_radio_exec:s0
@@ -191,7 +190,6 @@
 # Persist
 /mnt/vendor/persist/battery(/.*)?                                           u:object_r:persist_battery_file:s0
 /mnt/vendor/persist/camera(/.*)?                                            u:object_r:persist_camera_file:s0
-/mnt/vendor/persist/modem(/.*)?                                             u:object_r:persist_modem_file:s0
 /mnt/vendor/persist/sensors/registry(/.*)?                                  u:object_r:persist_sensor_reg_file:s0
 /mnt/vendor/persist/ss(/.*)?                                                u:object_r:persist_ss_file:s0
 /mnt/vendor/persist/uwb(/.*)?                                               u:object_r:persist_uwb_file:s0
diff --git a/legacy/whitechapel_pro/init.te b/legacy/whitechapel_pro/init.te
index 4c83126d..55441c21 100644
--- a/legacy/whitechapel_pro/init.te
+++ b/legacy/whitechapel_pro/init.te
@@ -1,6 +1,4 @@
-allow init modem_img_file:dir mounton;
 allow init mnt_vendor_file:dir mounton;
-allow init modem_img_file:filesystem { getattr mount relabelfrom };
 allow init custom_ab_block_device:lnk_file relabelto;
 
 # This is needed for chaining a boot partition vbmeta
@@ -11,7 +9,6 @@ allow init custom_ab_block_device:lnk_file relabelto;
 allow init boot_block_device:lnk_file relabelto;
 
 allow init persist_file:dir mounton;
-allow init modem_userdata_file:dir mounton;
 allow init ram_device:blk_file w_file_perms;
 allow init sysfs_scsi_devices_0000:file w_file_perms;
 
diff --git a/legacy/whitechapel_pro/cbd.te b/vendor/cbd.te
similarity index 100%
rename from legacy/whitechapel_pro/cbd.te
rename to vendor/cbd.te
diff --git a/vendor/file.te b/vendor/file.te
index 3a3bf56c..572e093e 100644
--- a/vendor/file.te
+++ b/vendor/file.te
@@ -9,6 +9,9 @@ userdebug_or_eng(`
   typeattribute vendor_slog_file mlstrustedobject;
 ')
 
+# persist
+type persist_modem_file, file_type, vendor_persist_type;
+
 # Modem
 type modem_efs_file, file_type;
 type modem_userdata_file, file_type;
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 0a33599d..d3398c52 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -2,6 +2,7 @@
 /vendor/bin/rfsd                                                            u:object_r:rfsd_exec:s0
 /vendor/bin/modem_logging_control                                           u:object_r:modem_logging_control_exec:s0
 /vendor/bin/modem_svc_sit                                                   u:object_r:modem_svc_sit_exec:s0
+/vendor/bin/cbd                                                             u:object_r:cbd_exec:s0
 
 # Data
 /data/vendor/log/rfsd(/.*)?                                                 u:object_r:vendor_rfsd_log_file:s0
@@ -15,6 +16,7 @@
 /mnt/vendor/efs_backup(/.*)?                                                u:object_r:modem_efs_file:s0
 /mnt/vendor/modem_img(/.*)?                                                 u:object_r:modem_img_file:s0
 /mnt/vendor/modem_userdata(/.*)?                                            u:object_r:modem_userdata_file:s0
+/mnt/vendor/persist/modem(/.*)?                                             u:object_r:persist_modem_file:s0
 
 # Vendor Firmwares
 /vendor/firmware(/.*)?                                                      u:object_r:vendor_fw_file:s0
diff --git a/vendor/init.te b/vendor/init.te
index 2e722093..eb9e465e 100644
--- a/vendor/init.te
+++ b/vendor/init.te
@@ -1 +1,4 @@
 allow init modem_efs_file:dir mounton;
+allow init modem_userdata_file:dir mounton;
+allow init modem_img_file:dir mounton;
+allow init modem_img_file:filesystem { getattr mount relabelfrom };