t0lte: fix RIL

The KK ks crashed when setting ril.ks.status property, we work around
this by using the D2 ks (which does not set this property) and wrapping it
with a bash script because D2's ks does not support some flags passed
by T0's qcks. We use the bash script to set the ril.ks.status property so qcks
knows it can continue.

Change-Id: Icc1a64b93edc38bc477acc953595280929a46549

10 files changed, 17 insertions, 8 deletions

diff --git a/selinux/debuggerd.te b/selinux/debuggerd.te
index 1a03fb4..a32d652 100644
--- a/selinux/debuggerd.te
+++ b/selinux/debuggerd.te
@@ -1,2 +1,2 @@
-allow debuggerd log_device:chr_file { read open };
-allow debuggerd log_device:dir search;
+allow debuggerd log_device:chr_file { read open write };
+allow debuggerd log_device:dir { search };
\ No newline at end of file
diff --git a/selinux/file_contexts b/selinux/file_contexts
index 4409611..23031d4 100644
--- a/selinux/file_contexts
+++ b/selinux/file_contexts
@@ -54,8 +54,7 @@
 /efs/FactoryApp/keystr                  u:object_r:efs_file:s0
 /efs/FactoryApp/factorymode             u:object_r:efs_file:s0
 /efs/FactoryApp/serial_no               u:object_r:efs_file:s0
-/data/misc/radio/ramdumpmode.txt        u:object_r:radio_data_file:s0
-/data/misc/radio/dlnk                   u:object_r:radio_data_file:s0
+/data/misc/radio(/.*)?                  u:object_r:radio_data_file:s0
 
 # Binaries
 /system/bin/qmuxd                       u:object_r:qmuxd_exec:s0
@@ -72,9 +71,11 @@
 # Block devices
 /dev/block/mmcblk0(.*)                  u:object_r:boot_block_device:s0
 /dev/block/mmcblk0p3                    u:object_r:efs_block_device:s0
+/dev/block/mmcblk0p11                   u:object_r:efs_block_device:s0
 /dev/block/mmcblk0p12                   u:object_r:cache_block_device:s0
 /dev/block/mmcblk0p13                   u:object_r:system_block_device:s0
 /dev/block/mmcblk0p16                   u:object_r:userdata_block_device:s0
+/dev/block/mmcblk0p17                   u:object_r:efs_block_device:s0
 
 # Audio related
 /data/local/audio(/.*)?                 u:object_r:volume_data_file:s0
diff --git a/selinux/init.te b/selinux/init.te
index 77e8963..6a22ee7 100644
--- a/selinux/init.te
+++ b/selinux/init.te
@@ -4,14 +4,17 @@ allow init init:process { execmem };
 allow init init:capability { sys_module };
 allow init radio_efs_file:filesystem { relabelto };
 allow init app_data_file:dir { read open setattr getattr relabelfrom };
+allow init property_socket:sock_file { write };
 
 allow init kernel:system syslog_read;
 allow init init:packet_socket { create bind write read };
 allow init init:rawip_socket { create setopt write };
+allow init tmpfs:lnk_file { create };
+allow init sysfs:lnk_file { setattr };
 
 #allow init_shell init:packet_socket { read write };
 allow init log_device:chr_file { write };
 allow init kernel:system { module_request };
 #allow init system_file:file execute_no_trans;
 allow init block_device:lnk_file { setattr };
-domain_trans(init, rootfs, SMD-daemon)
+domain_trans(init, rootfs, SMD-daemon)
\ No newline at end of file
diff --git a/selinux/installd.te b/selinux/installd.te
new file mode 100644
index 0000000..25e813d
--- /dev/null
+++ b/selinux/installd.te
@@ -0,0 +1 @@
+allow installd log_device:chr_file { open write };
\ No newline at end of file
diff --git a/selinux/kickstart.te b/selinux/kickstart.te
index 773c264..001d53a 100755
--- a/selinux/kickstart.te
+++ b/selinux/kickstart.te
@@ -10,6 +10,7 @@ init_daemon_domain(kickstart)
 
 # Spawn /system/bin/efsks and /system/bin/ks
 allow kickstart kickstart_exec:file { open execute_no_trans getattr };
+allow kickstart rild_exec:file { open execute_no_trans getattr };
 
 # Run dd on m9kefs[123] block devices; write to /data/qcks/
 # Run cat on firmware and m9kefs[123] data; write to /data/qcks/
@@ -46,8 +47,7 @@ allow kickstart sysfs:file rw_file_perms;
 allow kickstart unlabeled:file { setattr getattr read write open };
 allow kickstart vfat:file { getattr read open };
 allow kickstart kickstart:process { execmem };
-#allow kickstart usbfs:filesystem { mount };
 allow kickstart usbfs:dir { search };
-#allow kickstart system_file:file { entrypoint };
 allow kickstart vfat:dir { search };
 allow kickstart log_device:chr_file { open write };
+allow kickstart rild_exec:file { getattr execute read open };
\ No newline at end of file
diff --git a/selinux/lmkd.te b/selinux/lmkd.te
new file mode 100644
index 0000000..d088a9c
--- /dev/null
+++ b/selinux/lmkd.te
@@ -0,0 +1 @@
+allow lmkd log_device:chr_file { open };
\ No newline at end of file
diff --git a/selinux/logd.te b/selinux/logd.te
index 5ed43b6..981754b 100644
--- a/selinux/logd.te
+++ b/selinux/logd.te
@@ -1,2 +1,3 @@
 #allow logd location_app:dir r_dir_perms;
 #allow logd location_app:file r_file_perms;
+allow logd log_device:chr_file { open write };
\ No newline at end of file
diff --git a/selinux/qmuxd.te b/selinux/qmuxd.te
index 9ce6f57..2f3bd59 100644
--- a/selinux/qmuxd.te
+++ b/selinux/qmuxd.te
@@ -49,3 +49,4 @@ allow qmuxd mhi_device:chr_file rw_file_perms;
 
 allow qmuxd qmuxd:process { execmem };
 allow qmuxd radio_device:chr_file { read write open };
+allow qmuxd log_device:chr_file { open write };
\ No newline at end of file
diff --git a/selinux/radio.te b/selinux/radio.te
index e697ef9..dfc04dd 100644
--- a/selinux/radio.te
+++ b/selinux/radio.te
@@ -2,4 +2,4 @@
 qmux_socket(radio) ;
 
 allow radio secril-daemon:unix_stream_socket { connectto };
-allow radio log_device:chr_file { write };
+allow radio log_device:chr_file { write open };
diff --git a/selinux/tzdatacheck.te b/selinux/tzdatacheck.te
new file mode 100644
index 0000000..adba900
--- /dev/null
+++ b/selinux/tzdatacheck.te
@@ -0,0 +1 @@
+allow tzdatacheck log_device:chr_file { write open };
\ No newline at end of file