[ALPS04991295] relable aee_aed/aee_aed64 to crash_dump

replace all rules about aee_aed with crash_dump

Change-Id: I961afb2ed493860166694bca6b636635053c723d
CR-Id: ALPS04991295
Feature: Android Exception Engine(AEE)

17 files changed, 206 insertions, 218 deletions

diff --git a/non_plat/aee_aed.te b/non_plat/aee_aed.te
deleted file mode 100644
index 9c1d19b..0000000
--- a/non_plat/aee_aed.te
+++ /dev/null
@@ -1,69 +0,0 @@
-# ==============================================
-# Policy File of /system/bin/aee_aed Executable File
-
-# ==============================================
-# MTK Policy Rule
-# ==============================================
-
-# Date : WK14.32
-# Operation : AEE UT
-# Purpose : for AEE module
-allow aee_aed aed_device:chr_file rw_file_perms;
-allow aee_aed expdb_device:chr_file rw_file_perms;
-allow aee_aed expdb_block_device:blk_file rw_file_perms;
-allow aee_aed etb_device:chr_file rw_file_perms;
-
-# open/dev/mtd/mtd12 failed(expdb)
-allow aee_aed mtd_device:dir create_dir_perms;
-allow aee_aed mtd_device:chr_file rw_file_perms;
-
-# NE flow: /dev/RT_Monitor
-allow aee_aed RT_Monitor_device:chr_file r_file_perms;
-
-#data/aee_exp
-allow aee_aed aee_exp_data_file:dir create_dir_perms;
-allow aee_aed aee_exp_data_file:file create_file_perms;
-
-#data/dumpsys
-allow aee_aed aee_dumpsys_data_file:dir create_dir_perms;
-allow aee_aed aee_dumpsys_data_file:file create_file_perms;
-
-#/data/core
-allow aee_aed aee_core_data_file:dir create_dir_perms;
-allow aee_aed aee_core_data_file:file create_file_perms;
-
-# /data/data_tmpfs_log
-allow aee_aed data_tmpfs_log_file:dir create_dir_perms;
-allow aee_aed data_tmpfs_log_file:file create_file_perms;
-
-# Purpose: aee_aed set property
-set_prop(aee_aed, persist_mtk_aee_prop);
-set_prop(aee_aed, persist_aee_prop);
-set_prop(aee_aed, debug_mtk_aee_prop);
-
-# /proc/lk_env
-allow aee_aed proc_lk_env:file rw_file_perms;
-
-# Purpose: Allow aee_aed to read /proc/pid/exe
-#allow aee_aed exec_type:file r_file_perms;
-
-# Purpose: Allow aee_aed to read /proc/cpu/alignment
-allow aee_aed proc_cpu_alignment:file { write open };
-
-# Purpose: Allow aee_aed to access /sys/devices/virtual/timed_output/vibrator/enable
-allow aee_aed sysfs_vibrator_setting:dir search;
-allow aee_aed sysfs_vibrator_setting:file w_file_perms;
-allow aee_aed sysfs_vibrator:dir search;
-allow aee_aed sysfs_leds:dir search;
-
-# Purpose: Allow aee_aed to read /proc/kpageflags
-allow aee_aed proc_kpageflags:file r_file_perms;
-
-# temp solution
-get_prop(aee_aed, vendor_default_prop)
-
-hal_client_domain(aee_aed, mtk_hal_aee)
-
-# Purpose: create /data/aee_exp at runtime
-allow aee_aed file_contexts_file:file r_file_perms;
-allow aee_aed aee_exp_data_file:dir relabelto;
diff --git a/non_plat/aee_core_forwarder.te b/non_plat/aee_core_forwarder.te
index 6bba652..2619bf6 100644
--- a/non_plat/aee_core_forwarder.te
+++ b/non_plat/aee_core_forwarder.te
@@ -13,6 +13,6 @@ get_prop(aee_core_forwarder, hwservicemanager_prop)
 # Operation : Migration
 # Purpose : interface=android.system.suspend::ISystemSuspend for aee_core_forwarder
 wakelock_use(aee_core_forwarder)
-allow aee_core_forwarder aee_aed:unix_stream_socket connectto;
+allow aee_core_forwarder crash_dump:unix_stream_socket connectto;
 allow aee_core_forwarder aee_core_data_file:dir r_dir_perms;
 hwbinder_use(aee_core_forwarder)
diff --git a/non_plat/audioserver.te b/non_plat/audioserver.te
index e4451c8..71f7b4f 100644
--- a/non_plat/audioserver.te
+++ b/non_plat/audioserver.te
@@ -50,7 +50,7 @@ allow audioserver proc_ged:file rw_file_perms;
 
 # Date : WK16.48
 # Purpose: Allow to trigger AEE dump
-allow audioserver aee_aed:unix_stream_socket connectto;
+allow audioserver crash_dump:unix_stream_socket connectto;
 
 # Date: 2019/06/14
 # Operation : Migration
diff --git a/non_plat/crash_dump.te b/non_plat/crash_dump.te
index 0b10ad5..3dda418 100644
--- a/non_plat/crash_dump.te
+++ b/non_plat/crash_dump.te
@@ -1,2 +1,73 @@
+# ==============================================
+# MTK Policy Rule
+# ==============================================
+
 allow crash_dump aee_exp_data_file:file rw_file_perms;
 allow crash_dump aee_exp_data_file:dir r_dir_perms;
+
+# Date : WK14.32
+# Operation : AEE UT
+# Purpose : for AEE module
+allow crash_dump aed_device:chr_file rw_file_perms;
+allow crash_dump expdb_device:chr_file rw_file_perms;
+allow crash_dump expdb_block_device:blk_file rw_file_perms;
+allow crash_dump etb_device:chr_file rw_file_perms;
+
+# open/dev/mtd/mtd12 failed(expdb)
+allow crash_dump mtd_device:dir create_dir_perms;
+allow crash_dump mtd_device:chr_file rw_file_perms;
+
+# NE flow: /dev/RT_Monitor
+allow crash_dump RT_Monitor_device:chr_file r_file_perms;
+
+#data/aee_exp
+allow crash_dump aee_exp_data_file:dir create_dir_perms;
+allow crash_dump aee_exp_data_file:file create_file_perms;
+
+#data/dumpsys
+allow crash_dump aee_dumpsys_data_file:dir create_dir_perms;
+allow crash_dump aee_dumpsys_data_file:file create_file_perms;
+
+#/data/core
+allow crash_dump aee_core_data_file:dir create_dir_perms;
+allow crash_dump aee_core_data_file:file create_file_perms;
+
+# /data/data_tmpfs_log
+allow crash_dump data_tmpfs_log_file:dir create_dir_perms;
+allow crash_dump data_tmpfs_log_file:file create_file_perms;
+
+# Purpose: crash_dump set property
+set_prop(crash_dump, persist_mtk_aee_prop);
+set_prop(crash_dump, persist_aee_prop);
+set_prop(crash_dump, debug_mtk_aee_prop);
+
+# /proc/lk_env
+allow crash_dump proc_lk_env:file rw_file_perms;
+
+# Purpose: Allow crash_dump to read /proc/pid/exe
+#allow crash_dump exec_type:file r_file_perms;
+
+# Purpose: Allow crash_dump to read /proc/cpu/alignment
+allow crash_dump proc_cpu_alignment:file { write open };
+
+# Purpose: Allow crash_dump to access /sys/devices/virtual/timed_output/vibrator/enable
+allow crash_dump sysfs_vibrator_setting:dir search;
+allow crash_dump sysfs_vibrator_setting:file w_file_perms;
+allow crash_dump sysfs_vibrator:dir search;
+allow crash_dump sysfs_leds:dir search;
+
+# Purpose: Allow crash_dump to read /proc/kpageflags
+allow crash_dump proc_kpageflags:file r_file_perms;
+
+# temp solution
+get_prop(crash_dump, vendor_default_prop)
+
+hal_client_domain(crash_dump, mtk_hal_aee)
+
+# Purpose: create /data/aee_exp at runtime
+allow crash_dump file_contexts_file:file r_file_perms;
+allow crash_dump aee_exp_data_file:dir relabelto;
+
+allow crash_dump proc_ppm:dir r_dir_perms;
+allow crash_dump proc_ppm:file rw_file_perms;
+allow crash_dump selinuxfs:file r_file_perms;
diff --git a/non_plat/dumpstate.te b/non_plat/dumpstate.te
index 3243d93..badbe56 100644
--- a/non_plat/dumpstate.te
+++ b/non_plat/dumpstate.te
@@ -60,8 +60,8 @@ allow dumpstate sf_rtt_file:dir { search getattr };
 # Purpose : type=1400 audit(0.0:81356): avc: denied { use } for path="/system/bin/linker"
 #           dev="mmcblk0p26" ino=250 scontext=u:r:dumpstate:s0
 #           tcontext=u:r:aee_aed:s0 tclass=fd permissive=0
-allow dumpstate aee_aed:fd use;
-allow dumpstate aee_aed:unix_stream_socket { read write ioctl };
+allow dumpstate crash_dump:fd use;
+allow dumpstate crash_dump:unix_stream_socket { read write ioctl connectto };
 
 # private define
 # allow dumpstate config_gz:file read;
diff --git a/non_plat/emdlogger.te b/non_plat/emdlogger.te
index a026832..58cc8ca 100644
--- a/non_plat/emdlogger.te
+++ b/non_plat/emdlogger.te
@@ -75,7 +75,7 @@ allow emdlogger media_rw_data_file:dir { create_dir_perms };
 #avc: denied { connectto } for path=006165653A72747464 scontext=u:r:emdlogger:s0
 #tcontext=u:object_r:aee_aed_socket:s0 tclass=unix_stream_socket permissive=0
 #security issue control
-allow emdlogger aee_aed:unix_stream_socket connectto;
+allow emdlogger crash_dump:unix_stream_socket connectto;
 
 # For dynamic CCB buffer feature
 #avc: denied { read write } for name="lk_env" dev="proc" ino=4026532192
diff --git a/non_plat/mdlogger.te b/non_plat/mdlogger.te
index 4d3cf3e..55f524a 100644
--- a/non_plat/mdlogger.te
+++ b/non_plat/mdlogger.te
@@ -42,7 +42,7 @@ allow mdlogger media_rw_data_file:dir { create_dir_perms };
 #avc: denied { connectto } for path=006165653A72747464 scontext=u:r:mdlogger:s0
 #tcontext=u:object_r:aee_aed_socket:s0 tclass=unix_stream_socket permissive=0
 #security issue control
-allow mdlogger aee_aed:unix_stream_socket connectto;
+allow mdlogger crash_dump:unix_stream_socket connectto;
 
 ## purpose: avc: denied { read } for name="plat_file_contexts"
 allow emdlogger file_contexts_file:file { read getattr open};
diff --git a/non_plat/mobile_log_d.te b/non_plat/mobile_log_d.te
index 0caa870..36bbf63 100644
--- a/non_plat/mobile_log_d.te
+++ b/non_plat/mobile_log_d.te
@@ -43,7 +43,7 @@ set_prop(mobile_log_d, mobile_log_prop)
 
 # Date: 2016/11/11
 # purpose: allow MobileLog to access aee socket
-allow mobile_log_d aee_aed:unix_stream_socket connectto;
+allow mobile_log_d crash_dump:unix_stream_socket connectto;
 
 # purpose: send log to com port
 allow mobile_log_d ttyGS_device:chr_file { read write ioctl open };
diff --git a/non_plat/radio.te b/non_plat/radio.te
index 9f6077e..ac42f1f 100644
--- a/non_plat/radio.te
+++ b/non_plat/radio.te
@@ -224,7 +224,7 @@ set_prop(radio, persist_xcap_rawurl_prop)
 # Date : 2019/05/08
 # Operation : label aee_aed sockets
 # Purpose : Engineering mode need access for aee commmand
-allow radio aee_aed:unix_stream_socket connectto;
+allow radio crash_dump:unix_stream_socket connectto;
 
 # Date : 2019/05/23
 # Operation : Get subpimc reigster status
diff --git a/non_plat/shell.te b/non_plat/shell.te
index b292564..5346726 100644
--- a/non_plat/shell.te
+++ b/non_plat/shell.te
@@ -4,7 +4,7 @@
 
 # Date : WK16.46
 # Purpose : allow shell to switch aee mode
-allow shell aee_aed:unix_stream_socket connectto;
+allow shell crash_dump:unix_stream_socket connectto;
 
 # Date : WK17.35
 # Purpose : allow shell to dump the debugging information of camera hal.
diff --git a/non_plat/system_server.te b/non_plat/system_server.te
index beeb30a..919f663 100644
--- a/non_plat/system_server.te
+++ b/non_plat/system_server.te
@@ -112,7 +112,7 @@ allow system_server wifi_prop:file { read getattr open };
 #           path=00636F6D2E6D746B2E6165652E6165645F3634
 #           scontext=u:r:system_server:s0 tcontext=u:r:aee_aed:s0
 #           tclass=unix_stream_socket permissive=0
-allow system_server aee_aed:unix_stream_socket connectto;
+allow system_server crash_dump:unix_stream_socket connectto;
 
 #Dat: 2017/02/14
 #Purpose: allow get telephony Sensitive property
diff --git a/plat_private/aee_aed.te b/plat_private/aee_aed.te
deleted file mode 100644
index bc3c436..0000000
--- a/plat_private/aee_aed.te
+++ /dev/null
@@ -1,132 +0,0 @@
-# ==============================================
-# Policy File of /system/bin/aee_aed Executable File
-
-# ==============================================
-# Type Declaration
-# ==============================================
-type aee_aed_exec, system_file_type, exec_type, file_type;
-typeattribute aee_aed coredomain;
-typeattribute aee_aed mlstrustedsubject;
-
-init_daemon_domain(aee_aed)
-
-# ==============================================
-# MTK Policy Rule
-# ==============================================
-
-# AED start: /dev/block/expdb
-allow aee_aed block_device:dir search;
-
-# aee db dir and db files
-allow aee_aed sdcard_type:dir create_dir_perms;
-allow aee_aed sdcard_type:file create_file_perms;
-
-#data/anr
-allow aee_aed anr_data_file:dir create_dir_perms;
-allow aee_aed anr_data_file:file create_file_perms;
-
-allow aee_aed domain:process { sigkill getattr getsched signal };
-allow aee_aed domain:lnk_file getattr;
-
-#core-pattern
-allow aee_aed usermodehelper:file r_file_perms;
-
-#suid_dumpable. this is neverallow
-#allow aee_aed proc_security:file r_file_perms;
-
-#allow aee_aed call binaries labeled "system_file" under /system/bin/
-allow aee_aed system_file:file execute_no_trans;
-
-allow aee_aed init:process getsched;
-allow aee_aed kernel:process getsched;
-
-# Date: W15.34
-# Operation: Migration
-# Purpose: For pagemap & pageflags information in NE DB
-userdebug_or_eng(`allow aee_aed self:capability sys_admin;')
-
-# Purpose: allow aee_aed to access toolbox
-allow aee_aed toolbox_exec:file rx_file_perms;
-
-# Purpose: mnt/user/*
-allow aee_aed mnt_user_file:dir search;
-allow aee_aed mnt_user_file:lnk_file read;
-
-allow aee_aed storage_file:dir search;
-allow aee_aed storage_file:lnk_file read;
-
-# Date : WK17.09
-# Operation : AEE UT for Android O
-# Purpose : for AEE module to dump files
-domain_auto_trans(aee_aed, dumpstate_exec, dumpstate)
-
-# Purpose : aee_aed communicate with aee_core_forwarder
-# allow aee_aed aee_core_forwarder:dir search;
-# allow aee_aed aee_core_forwarder:file { read getattr open };
-
-userdebug_or_eng(`
-  allow aee_aed su:dir {search read open };
-  allow aee_aed su:file { read getattr open };
-')
-
-# /data/tombstone
-allow aee_aed tombstone_data_file:dir w_dir_perms;
-allow aee_aed tombstone_data_file:file create_file_perms;
-
-# /proc/pid/
-allow aee_aed self:capability { fowner chown fsetid sys_nice sys_resource net_admin sys_module setgid setuid kill };
-
-# system(cmd) aee_dumpstate aee_archive
-allow aee_aed shell_exec:file rx_file_perms;
-
-# PROCESS_FILE_STATE
-allow aee_aed dumpstate:unix_stream_socket { read write ioctl };
-allow aee_aed dumpstate:dir search;
-allow aee_aed dumpstate:file r_file_perms;
-
-allow aee_aed logdr_socket:sock_file write;
-allow aee_aed logd:unix_stream_socket connectto;
-#allow aee_aed system_ndebug_socket:sock_file write;
-
-# vibrator
-allow aee_aed sysfs_vibrator:file w_file_perms;
-
-# Data : 2017/03/22
-# Operation : add NE flow rule for Android O
-# Purpose : make aee_aed can get specific process NE info
-allow aee_aed domain:dir r_dir_perms;
-allow aee_aed domain:{ file lnk_file } r_file_perms;
-
-allow aee_aed dalvikcache_data_file:dir r_dir_perms;
-#allow aee_aed zygote_exec:file r_file_perms;
-#allow aee_aed init_exec:file r_file_perms;
-
-# Data : 2017/04/06
-# Operation : add selinux rule for crash_dump notify aee_aed
-# Purpose : make aee_aed can get notify from crash_dump
-allow aee_aed crash_dump:dir search;
-allow aee_aed crash_dump:file r_file_perms;
-
-# Purpose : allow aee_aed to read /proc/version
-allow aee_aed proc_version:file { read open };
-
-# Purpose : allow aee_aed self to sys_nice/chown/kill
-allow aee_aed self:capability { sys_nice chown fowner kill };
-
-# Purpose: Allow aee_aed to write /sys/kernel/debug/tracing/snapshot
-userdebug_or_eng(`allow aee_aed debugfs_tracing_debug:file { write open };')
-
-# Purpose: Allow aee_aed to read/write /sys/kernel/debug/tracing/tracing_on
-#userdebug_or_eng(` allow aee_aed debugfs_tracing:file { r_file_perms write };')
-
-# Purpose: receive dropbox message
-allow aee_aed dropbox_data_file:file {getattr read};
-allow aee_aed dropbox_service:service_manager find;
-allow aee_aed servicemanager:binder call;
-allow aee_aed system_server:binder call;
-
-# Purpose: allow aee_aed to read packages.list
-allow aee_aed packages_list_file:file r_file_perms;
-
-# Purpose: Allow aee_aed to read /proc/*/exe
-allow aee_aed system_file_type:file r_file_perms;
diff --git a/plat_private/aee_core_forwarder.te b/plat_private/aee_core_forwarder.te
index d335d99..961646c 100644
--- a/plat_private/aee_core_forwarder.te
+++ b/plat_private/aee_core_forwarder.te
@@ -97,4 +97,4 @@ allow aee_core_forwarder self:capability sys_nice;
 get_prop(aee_core_forwarder, hwservicemanager_prop)
 
 # Purpose : allow aee_core_forwarder to connect aee_aed socket
-allow aee_core_forwarder aee_aed:unix_stream_socket connectto;
+allow aee_core_forwarder crash_dump:unix_stream_socket connectto;
diff --git a/plat_private/crash_dump.te b/plat_private/crash_dump.te
index bd905cb..98b8cb7 100644
--- a/plat_private/crash_dump.te
+++ b/plat_private/crash_dump.te
@@ -1,2 +1,120 @@
-allow crash_dump aee_aed:unix_stream_socket connectto;
+# ==============================================
+# MTK Policy Rule
+# ==============================================
 
+# AED start: /dev/block/expdb
+allow crash_dump block_device:dir search;
+
+# aee db dir and db files
+allow crash_dump sdcard_type:dir create_dir_perms;
+allow crash_dump sdcard_type:file create_file_perms;
+
+#data/anr
+allow crash_dump anr_data_file:dir create_dir_perms;
+allow crash_dump anr_data_file:file create_file_perms;
+
+allow crash_dump domain:process { getattr getsched };
+allow crash_dump domain:lnk_file getattr;
+
+#core-pattern
+allow crash_dump usermodehelper:file r_file_perms;
+
+#suid_dumpable. this is neverallow
+#allow crash_dump proc_security:file r_file_perms;
+
+#allow crash_dump call binaries labeled "system_file" under /system/bin/
+allow crash_dump system_file:file execute_no_trans;
+
+allow crash_dump init:process getsched;
+allow crash_dump kernel:process getsched;
+
+# Date: W15.34
+# Operation: Migration
+# Purpose: For pagemap & pageflags information in NE DB
+userdebug_or_eng(`allow crash_dump self:capability sys_admin;')
+
+# Purpose: allow crash_dump to access toolbox
+allow crash_dump toolbox_exec:file rx_file_perms;
+
+# Purpose: mnt/user/*
+allow crash_dump mnt_user_file:dir search;
+allow crash_dump mnt_user_file:lnk_file read;
+
+allow crash_dump storage_file:dir search;
+allow crash_dump storage_file:lnk_file read;
+
+# Date : WK17.09
+# Operation : AEE UT for Android O
+# Purpose : for AEE module to dump files
+domain_auto_trans(crash_dump, dumpstate_exec, dumpstate)
+
+# Purpose : crash_dump communicate with aee_core_forwarder
+# allow crash_dump aee_core_forwarder:dir search;
+# allow crash_dump aee_core_forwarder:file { read getattr open };
+
+userdebug_or_eng(`
+  allow crash_dump su:dir {search read open };
+  allow crash_dump su:file { read getattr open };
+')
+
+# /data/tombstone
+allow crash_dump tombstone_data_file:dir w_dir_perms;
+allow crash_dump tombstone_data_file:file create_file_perms;
+
+# /proc/pid/
+allow crash_dump self:capability { fowner chown fsetid sys_nice sys_resource net_admin sys_module setgid setuid kill };
+
+# system(cmd) aee_dumpstate aee_archive
+allow crash_dump shell_exec:file rx_file_perms;
+
+# PROCESS_FILE_STATE
+allow crash_dump dumpstate:unix_stream_socket { read write ioctl };
+allow crash_dump dumpstate:dir search;
+allow crash_dump dumpstate:file r_file_perms;
+
+allow crash_dump logdr_socket:sock_file write;
+allow crash_dump logd:unix_stream_socket connectto;
+#allow crash_dump system_ndebug_socket:sock_file write;
+
+# vibrator
+allow crash_dump sysfs_vibrator:file w_file_perms;
+
+# Data : 2017/03/22
+# Operation : add NE flow rule for Android O
+# Purpose : make crash_dump can get specific process NE info
+allow crash_dump domain:dir r_dir_perms;
+allow crash_dump domain:{ file lnk_file } r_file_perms;
+
+allow crash_dump dalvikcache_data_file:dir r_dir_perms;
+#allow crash_dump zygote_exec:file r_file_perms;
+#allow crash_dump init_exec:file r_file_perms;
+
+# Data : 2017/04/06
+# Operation : add selinux rule for crash_dump notify crash_dump
+# Purpose : make crash_dump can get notify from crash_dump
+allow crash_dump crash_dump:dir search;
+allow crash_dump crash_dump:file r_file_perms;
+
+# Purpose : allow crash_dump to read /proc/version
+allow crash_dump proc_version:file { read open };
+
+# Purpose : allow crash_dump self to sys_nice/chown/kill
+allow crash_dump self:capability { sys_nice chown fowner kill };
+
+# Purpose: Allow crash_dump to write /sys/kernel/debug/tracing/snapshot
+userdebug_or_eng(`allow crash_dump debugfs_tracing_debug:file { write open };')
+
+# Purpose: Allow crash_dump to read/write /sys/kernel/debug/tracing/tracing_on
+#userdebug_or_eng(` allow crash_dump debugfs_tracing:file { r_file_perms write };')
+
+# Purpose: receive dropbox message
+allow crash_dump dropbox_data_file:file {getattr read};
+allow crash_dump dropbox_service:service_manager find;
+allow crash_dump servicemanager:binder call;
+allow crash_dump system_server:binder call;
+
+# Purpose: allow crash_dump to read packages.list
+allow crash_dump packages_list_file:file r_file_perms;
+
+# Purpose: Allow crash_dump to read /proc/*/exe
+allow crash_dump system_file_type:file r_file_perms;
diff --git a/plat_private/file_contexts b/plat_private/file_contexts
index 370df31..0c199e0 100644
--- a/plat_private/file_contexts
+++ b/plat_private/file_contexts
@@ -23,8 +23,8 @@
 /system/bin/loghidlsysservice u:object_r:loghidlsysservice_exec:s0
 /system/bin/cmddumper u:object_r:cmddumper_exec:s0
 /system/bin/em_svr u:object_r:em_svr_exec:s0
-/system/bin/aee_aed u:object_r:aee_aed_exec:s0
-/system/bin/aee_aed64 u:object_r:aee_aed_exec:s0
+/system/bin/aee_aed u:object_r:crash_dump_exec:s0
+/system/bin/aee_aed64 u:object_r:crash_dump_exec:s0
 /system/bin/aee_dumpstate u:object_r:dumpstate_exec:s0
 /system/bin/lbs_dbg u:object_r:lbs_dbg_exec:s0
 /system/bin/connsyslogger u:object_r:connsyslogger_exec:s0
diff --git a/plat_private/system_app.te b/plat_private/system_app.te
index 6d45fbe..08f80fa 100644
--- a/plat_private/system_app.te
+++ b/plat_private/system_app.te
@@ -13,4 +13,4 @@ allow system_app media_rw_data_file:dir {r_dir_perms w_dir_perms};
 allow system_app media_rw_data_file:file {r_file_perms w_file_perms};
 
 # Purpose: receive dropbox message
-allow system_app aee_aed:unix_stream_socket connectto;
+allow system_app system_server:unix_stream_socket connectto;
diff --git a/plat_private/system_server.te b/plat_private/system_server.te
index c606c5c..d9b7134 100644
--- a/plat_private/system_server.te
+++ b/plat_private/system_server.te
@@ -5,8 +5,8 @@ allow system_server ota_package_file:dir getattr;
 allow uncrypt uncrypt:capability fowner;
 
 # Purpose: receive dropbox message
-allow system_server aee_aed:fifo_file w_file_perms;
-allow system_server aee_aed:fd use;
+allow system_server crash_dump:fifo_file w_file_perms;
+allow system_server crash_dump:fd use;
 
 #Date:2019/10/10
 #Operation:Q Migration