From dee1f2e57dd55a8c7e0b73ca0fd39e8c8325dd16 Mon Sep 17 00:00:00 2001
From: Wiwit Rifa'i <wiwitrifai@google.com>
Date: Tue, 16 Aug 2022 14:02:21 +0800
Subject: [PATCH] Add SE policies for HWC logs

Bug: 230361290
Change-Id: Ibca7f791bc4950bb6c1e4fd7ed5cbe5a98b48a5e
---
 whitechapel_pro/file.te                          | 1 +
 whitechapel_pro/file_contexts                    | 1 +
 whitechapel_pro/hal_dumpstate_default.te         | 3 +++
 whitechapel_pro/hal_graphics_composer_default.te | 4 ++++
 4 files changed, 9 insertions(+)

diff --git a/whitechapel_pro/file.te b/whitechapel_pro/file.te
index daa580c4..de840a73 100644
--- a/whitechapel_pro/file.te
+++ b/whitechapel_pro/file.te
@@ -1,6 +1,7 @@
 # Data
 type rild_vendor_data_file, file_type, data_file_type;
 type vendor_log_file, file_type, data_file_type;
+type vendor_hwc_log_file, file_type, data_file_type;
 type vendor_rfsd_log_file, file_type, data_file_type;
 type modem_stat_data_file, file_type, data_file_type;
 type vendor_slog_file, file_type, data_file_type;
diff --git a/whitechapel_pro/file_contexts b/whitechapel_pro/file_contexts
index 745e0a7c..aab6d2d0 100644
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@@ -192,6 +192,7 @@
 /data/vendor/radio(/.*)?                                                    u:object_r:radio_vendor_data_file:s0
 /data/vendor/modem_stat(/.*)?                                               u:object_r:modem_stat_data_file:s0
 /data/vendor/log(/.*)?                                                      u:object_r:vendor_log_file:s0
+/data/vendor/log/hwc(/.*)?                                                  u:object_r:vendor_hwc_log_file:s0
 /data/vendor/log/rfsd(/.*)?                                                 u:object_r:vendor_rfsd_log_file:s0
 /data/vendor/rild(/.*)?                                                     u:object_r:rild_vendor_data_file:s0
 /data/vendor/ss(/.*)?                                                       u:object_r:tee_data_file:s0
diff --git a/whitechapel_pro/hal_dumpstate_default.te b/whitechapel_pro/hal_dumpstate_default.te
index 4f0922fa..82fb1a3d 100644
--- a/whitechapel_pro/hal_dumpstate_default.te
+++ b/whitechapel_pro/hal_dumpstate_default.te
@@ -6,6 +6,9 @@ allow hal_dumpstate_default sysfs_cpu:file r_file_perms;
 allow hal_dumpstate_default vendor_usf_reg_edit:file execute_no_trans;
 allow hal_dumpstate_default vendor_usf_stats:file execute_no_trans;
 
+allow hal_dumpstate_default vendor_hwc_log_file:dir r_dir_perms;
+allow hal_dumpstate_default vendor_hwc_log_file:file r_file_perms;
+
 allow hal_dumpstate_default vendor_rfsd_log_file:dir r_dir_perms;
 allow hal_dumpstate_default vendor_rfsd_log_file:file r_file_perms;
 
diff --git a/whitechapel_pro/hal_graphics_composer_default.te b/whitechapel_pro/hal_graphics_composer_default.te
index 61972c75..24966746 100644
--- a/whitechapel_pro/hal_graphics_composer_default.te
+++ b/whitechapel_pro/hal_graphics_composer_default.te
@@ -52,3 +52,7 @@ vndbinder_use(hal_graphics_composer_default)
 
 # allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags
 get_prop(hal_graphics_composer_default, device_config_surface_flinger_native_boot_prop)
+
+# allow HWC to write log file
+allow hal_graphics_composer_default vendor_hwc_log_file:dir rw_dir_perms;
+allow hal_graphics_composer_default vendor_hwc_log_file:file create_file_perms;