Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common.

Browse source 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
Change-Id: I455630b347f9f234365fec371142582d2cc0640a
This commit is contained in:
Enzo Liao 2024-03-14 15:28:29 +08:00
parent 15352500d0
commit 2761dbe28b
4 changed files with 0 additions and 54 deletions
Download patch file Download diff file Expand all files Collapse all files

24
legacy/zuma/vendor/ramdump_app.te vendored
View file

@ -1,24 +0,0 @@
type ramdump_app, domain;
userdebug_or_eng(`
app_domain(ramdump_app)
allow ramdump_app app_api_service:service_manager find;
allow ramdump_app ramdump_vendor_data_file:file create_file_perms;
allow ramdump_app ramdump_vendor_data_file:dir create_dir_perms;
set_prop(ramdump_app, vendor_ramdump_prop)
get_prop(ramdump_app, system_boot_reason_prop)
# To access ramdumpfs.
allow ramdump_app mnt_vendor_file:dir search;
allow ramdump_app ramdump_vendor_mnt_file:dir create_dir_perms;
allow ramdump_app ramdump_vendor_mnt_file:file create_file_perms;
# To access subsystem ramdump files and dirs.
allow ramdump_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
allow ramdump_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
allow ramdump_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
allow ramdump_app sscoredump_vendor_data_coredump_file:file r_file_perms;
')

3
radio/seapp_contexts
View file

@ -1,6 +1,3 @@
# Sub System Ramdump
user=system seinfo=platform name=com.google.SSRestartDetector domain=ssr_detector_app type=system_app_data_file levelFrom=user
# CBRS setup app # CBRS setup app
user=_app seinfo=platform name=com.google.googlecbrs domain=cbrs_setup_app type=app_data_file levelFrom=user user=_app seinfo=platform name=com.google.googlecbrs domain=cbrs_setup_app type=app_data_file levelFrom=user

24
radio/ssr_detector.te
View file

@ -1,24 +0,0 @@
type ssr_detector_app, domain;
app_domain(ssr_detector_app)
allow ssr_detector_app app_api_service:service_manager find;
allow ssr_detector_app radio_service:service_manager find;
allow ssr_detector_app system_app_data_file:dir create_dir_perms;
allow ssr_detector_app system_app_data_file:file create_file_perms;
allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
userdebug_or_eng(`
allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
get_prop(ssr_detector_app, vendor_aoc_prop)
allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
allow ssr_detector_app proc_vendor_sched:dir search;
allow ssr_detector_app proc_vendor_sched:file rw_file_perms;
allow ssr_detector_app cgroup:file write;
')
get_prop(ssr_detector_app, vendor_ssrdump_prop)
get_prop(ssr_detector_app, vendor_wifi_version)

3
tracking_denials/seapp_contexts
View file

@ -1,9 +1,6 @@
# Domain for EuiccSupportPixel # Domain for EuiccSupportPixel
user=_app isPrivApp=true seinfo=EuiccSupportPixel name=com.google.euiccpixel domain=euiccpixel_app type=app_data_file levelFrom=all user=_app isPrivApp=true seinfo=EuiccSupportPixel name=com.google.euiccpixel domain=euiccpixel_app type=app_data_file levelFrom=all
# coredump/ramdump
user=_app seinfo=platform name=com.android.ramdump domain=ramdump_app type=app_data_file levelFrom=all
# Domain for connectivity monitor # Domain for connectivity monitor
user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all