diff options
| author | padarshr <padarshr@codeaurora.org> | 2016-06-17 16:50:16 +0530 |
|---|---|---|
| committer | Gerrit - the friendly Code Review server <code-review@localhost> | 2016-07-28 06:51:37 -0700 |
| commit | c54e7f36f8cc02c926617ffa4974e2387bd79887 (patch) | |
| tree | 3a0fa4b0baeb0ad46789b87abc0fa4fffecbb9e9 | |
| parent | 6f069a192a7cb471df4f3a64abd1690be23a3c68 (diff) | |
| download | android_device_qcom_sepolicy-c54e7f36f8cc02c926617ffa4974e2387bd79887.tar.gz android_device_qcom_sepolicy-c54e7f36f8cc02c926617ffa4974e2387bd79887.tar.bz2 android_device_qcom_sepolicy-c54e7f36f8cc02c926617ffa4974e2387bd79887.zip | |
Add sepolicies for logdumpd module.
This change will add selinux rules to logdumpd module.
It allows logdumpd to read logd (to get logcat logs),
and write to 'logdump' partition.
Change-Id: I7be2cb1f663286dcb132c40d1109c28e09fda52d
| -rw-r--r-- | apq8084/file_contexts | 1 | ||||
| -rw-r--r-- | common/device.te | 3 | ||||
| -rw-r--r-- | common/file_contexts | 1 | ||||
| -rw-r--r-- | common/logdumpd.te | 44 | ||||
| -rw-r--r-- | msm8226/file_contexts | 1 | ||||
| -rw-r--r-- | msm8909/file_contexts | 2 | ||||
| -rw-r--r-- | msm8916/file_contexts | 1 | ||||
| -rw-r--r-- | msm8937/file_contexts | 1 | ||||
| -rw-r--r-- | msm8952/file_contexts | 2 | ||||
| -rw-r--r-- | msm8953/file_contexts | 1 | ||||
| -rwxr-xr-x | msm8960/file_contexts | 1 | ||||
| -rw-r--r-- | msm8974/file_contexts | 1 | ||||
| -rw-r--r-- | msm8992/file_contexts | 1 | ||||
| -rw-r--r-- | msm8994/file_contexts | 3 | ||||
| -rw-r--r-- | msm8996/file_contexts | 2 | ||||
| -rw-r--r-- | msmcobalt/file_contexts | 1 |
16 files changed, 66 insertions, 0 deletions
diff --git a/apq8084/file_contexts b/apq8084/file_contexts index c1ce3a9f..476c71ae 100644 --- a/apq8084/file_contexts +++ b/apq8084/file_contexts @@ -38,6 +38,7 @@ /dev/block/platform/msm_sdcc\.1/by-name/mdm1m9kefs2 u:object_r:efs_boot_dev:s0 /dev/block/platform/msm_sdcc\.1/by-name/mdm1m9kefs3 u:object_r:efs_boot_dev:s0 /dev/block/platform/msm_sdcc\.1/by-name/mdm1m9kefsc u:object_r:efs_boot_dev:s0 +/dev/block/platform/msm_sdcc\.1/by-name/logdump u:object_r:logdump_partition:s0 # qca data file for apq8084 target /data/misc/location/qca1530(/.*)? u:object_r:qca1530_data_file:s0 diff --git a/common/device.te b/common/device.te index fe81af03..443228d7 100644 --- a/common/device.te +++ b/common/device.te @@ -72,6 +72,9 @@ type mba_debug_dev, dev_type; #Misc partition type misc_partition, dev_type; +#logdump partition +type logdump_partition, dev_type; + #Bootselect partition type bootselect_device, dev_type; diff --git a/common/file_contexts b/common/file_contexts index 5de981ba..1ab0adb7 100644 --- a/common/file_contexts +++ b/common/file_contexts @@ -78,6 +78,7 @@ /dev/block/zram0 u:object_r:swap_block_device:s0 /dev/block/bootdevice/by-name/dip u:object_r:dip_device:s0 /dev/block/bootdevice/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/bootdevice/by-name/logdump u:object_r:logdump_partition:s0 ################################### # Dev socket nodes diff --git a/common/logdumpd.te b/common/logdumpd.te new file mode 100644 index 00000000..725f0981 --- /dev/null +++ b/common/logdumpd.te @@ -0,0 +1,44 @@ +# Copyright (c) 2016, The Linux Foundation. All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following +# disclaimer in the documentation and/or other materials provided +# with the distribution. +# * Neither the name of The Linux Foundation nor the names of its +# contributors may be used to endorse or promote products derived +# from this software without specific prior written permission. +# +# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR +# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE +# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN +# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +type logdumpd, domain; +type logdumpd_exec, exec_type, file_type; + +init_daemon_domain(logdumpd) + +# To set ctl property +unix_socket_connect(logdumpd, property, init) +allow logdumpd ctl_default_prop:property_service set; + +userdebug_or_eng(` +#logcat +allow logdumpd logcat_exec:file entrypoint; +read_logd( logdumpd ); +#logdump partition access +allow logdumpd block_device:dir r_dir_perms; +allow logdumpd logdump_partition:blk_file rw_file_perms; +') diff --git a/msm8226/file_contexts b/msm8226/file_contexts index af920294..89dd1840 100644 --- a/msm8226/file_contexts +++ b/msm8226/file_contexts @@ -34,5 +34,6 @@ /dev/block/platform/msm_sdcc\.1/by-name/ssd u:object_r:ssd_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/misc u:object_r:misc_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/logdump u:object_r:logdump_partition:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 diff --git a/msm8909/file_contexts b/msm8909/file_contexts index b3d5d57e..424d82b1 100644 --- a/msm8909/file_contexts +++ b/msm8909/file_contexts @@ -34,6 +34,7 @@ /dev/block/platform/soc.0/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 /dev/block/platform/soc.0/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 /dev/block/platform/soc.0/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc.0/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 @@ -45,3 +46,4 @@ /dev/block/platform/soc/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8916/file_contexts b/msm8916/file_contexts index fa498c3a..0c4b22e1 100644 --- a/msm8916/file_contexts +++ b/msm8916/file_contexts @@ -35,5 +35,6 @@ /dev/block/platform/soc.0/7824900.sdhci/by-name/ssd u:object_r:ssd_device:s0 /dev/block/platform/soc.0/7824900.sdhci/by-name/misc u:object_r:misc_block_device:s0 /dev/block/platform/soc.0/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/soc.0/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 diff --git a/msm8937/file_contexts b/msm8937/file_contexts index 598f6ae6..cb655dbd 100644 --- a/msm8937/file_contexts +++ b/msm8937/file_contexts @@ -43,3 +43,4 @@ /dev/block/platform/soc/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8952/file_contexts b/msm8952/file_contexts index 83618424..b03d222d 100644 --- a/msm8952/file_contexts +++ b/msm8952/file_contexts @@ -41,6 +41,7 @@ /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 /dev/block/platform/soc.0/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc.0/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 #Using soc instead of soc.0 to make it compatable with 3.18 kernel @@ -54,3 +55,4 @@ /dev/block/platform/soc/7824900.sdhci/by-name/userdata u:object_r:userdata_block_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 +/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8953/file_contexts b/msm8953/file_contexts index bb3f7fd2..24464cc9 100644 --- a/msm8953/file_contexts +++ b/msm8953/file_contexts @@ -43,3 +43,4 @@ /dev/block/platform/soc/7824900.sdhci/by-name/dip u:object_r:dip_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/mdtp u:object_r:mdtp_device:s0 /dev/block/platform/soc/7824900.sdhci/by-name/config u:object_r:frp_block_device:s0 +/dev/block/platform/soc/7824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8960/file_contexts b/msm8960/file_contexts index d5a3727e..4b74104b 100755 --- a/msm8960/file_contexts +++ b/msm8960/file_contexts @@ -14,6 +14,7 @@ /dev/block/platform/msm_sdcc.1/by-name/modemst1 u:object_r:modem_efs_partition_device:s0 /dev/block/platform/msm_sdcc.1/by-name/modemst2 u:object_r:modem_efs_partition_device:s0 /dev/block/platform/msm_sdcc.1/by-name/ssd u:object_r:ssd_device:s0 +/dev/block/platform/msm_sdcc.1/by-name/logdump u:object_r:logdump_partition:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/socket/mpdecision u:object_r:mpdecision_socket:s0 ################################### diff --git a/msm8974/file_contexts b/msm8974/file_contexts index 4027d668..4de2687e 100644 --- a/msm8974/file_contexts +++ b/msm8974/file_contexts @@ -34,5 +34,6 @@ /dev/block/platform/msm_sdcc\.1/by-name/ssd u:object_r:ssd_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/misc u:object_r:misc_block_device:s0 /dev/block/platform/msm_sdcc\.1/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/msm_sdcc\.1/by-name/logdump u:object_r:logdump_partition:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 diff --git a/msm8992/file_contexts b/msm8992/file_contexts index b9c55809..a765bc11 100644 --- a/msm8992/file_contexts +++ b/msm8992/file_contexts @@ -38,5 +38,6 @@ /dev/block/platform/soc.0/f9824900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 /dev/block/platform/soc.0/f9824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 /dev/block/platform/soc.0/f9824900.sdhci/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc.0/f9824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 /dev/block/mmcblk0rpmb u:object_r:rpmb_device:s0 /dev/block/mmcblk0 u:object_r:root_block_device:s0 diff --git a/msm8994/file_contexts b/msm8994/file_contexts index 1ef01673..5697413a 100644 --- a/msm8994/file_contexts +++ b/msm8994/file_contexts @@ -43,6 +43,8 @@ /dev/block/platform/soc.0/fc594000.ufshc/by-name/recovery u:object_r:recovery_block_device:s0 /dev/block/platform/soc.0/fc594000.ufshc/by-name/cache u:object_r:cache_block_device:s0 /dev/block/platform/soc.0/fc594000.ufshc/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc.0/fc594000.ufshc/by-name/logdump u:object_r:logdump_partition:s0 + # eMMC devices /dev/block/platform/soc.0/f9824900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 @@ -56,3 +58,4 @@ /dev/block/platform/soc.0/f9824900.sdhci/by-name/recovery u:object_r:recovery_block_device:s0 /dev/block/platform/soc.0/f9824900.sdhci/by-name/cache u:object_r:cache_block_device:s0 /dev/block/platform/soc.0/f9824900.sdhci/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/soc.0/f9824900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 diff --git a/msm8996/file_contexts b/msm8996/file_contexts index e23ab341..af12a6d3 100644 --- a/msm8996/file_contexts +++ b/msm8996/file_contexts @@ -53,6 +53,7 @@ /dev/block/platform/soc/624000.ufshc/by-name/mdm1m9kefs2 u:object_r:efs_boot_dev:s0 /dev/block/platform/soc/624000.ufshc/by-name/mdm1m9kefs3 u:object_r:efs_boot_dev:s0 /dev/block/platform/soc/624000.ufshc/by-name/mdm1m9kefsc u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/624000.ufshc/by-name/logdump u:object_r:logdump_partition:s0 # eMMC devices /dev/block/platform/soc/7464900.sdhci/by-name/fsc u:object_r:modem_efs_partition_device:s0 @@ -75,6 +76,7 @@ /dev/block/platform/soc/7464900.sdhci/by-name/mdm1m9kefs2 u:object_r:efs_boot_dev:s0 /dev/block/platform/soc/7464900.sdhci/by-name/mdm1m9kefs3 u:object_r:efs_boot_dev:s0 /dev/block/platform/soc/7464900.sdhci/by-name/mdm1m9kefsc u:object_r:efs_boot_dev:s0 +/dev/block/platform/soc/7464900.sdhci/by-name/logdump u:object_r:logdump_partition:s0 ################################### # Dev socket nodes diff --git a/msmcobalt/file_contexts b/msmcobalt/file_contexts index c43a2c34..fb794c02 100644 --- a/msmcobalt/file_contexts +++ b/msmcobalt/file_contexts @@ -31,3 +31,4 @@ /dev/block/platform/soc/1da4000.ufshc/by-name/system u:object_r:system_block_device:s0 /dev/block/platform/soc/1da4000.ufshc/by-name/userdata u:object_r:userdata_block_device:s0 /dev/block/platform/soc/1da4000.ufshc/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/soc/1da4000.ufshc/by-name/logdump u:object_r:logdump_partition:s0 |