Allow dumpsys from serial console

Trying to run dumpsys from the serial console generates the
following errors:

  shell@device:/ # dumpsys power
  [ 3244.099015] binder: 2259:2259 transaction failed 29201, size 28-8
  [ 3244.099291] type=1400 audit(1403313679.642:12): avc: denied { read write } for pid=2259 comm="dumpsys" path="/dev/console" dev="tmpfs" ino=6188 scontext=u:r:system_server:s0 tcontext=u:object_r:console_device:s0 tclass=chr_file permissive=0
  Error dumping service info: (Unknown error -2147483646) power

and the operation fails. Allow binderservicedomains to perform
writes to /dev/console.

Bug: 15779131
Change-Id: Iff55ab09c3a4d40e12d49ff2308bf147f9cb6937

1 files changed, 2 insertions, 1 deletions

diff --git a/binderservicedomain.te b/binderservicedomain.te
index db2f93f..2533fbe 100644
--- a/binderservicedomain.te
+++ b/binderservicedomain.te
@@ -5,8 +5,9 @@ allow binderservicedomain dumpstate:fd use;
 allow binderservicedomain dumpstate:unix_stream_socket { read write getopt getattr };
 allow binderservicedomain shell_data_file:file { getattr write };
 
-# Allow dumpsys to work from adb shell
+# Allow dumpsys to work from adb shell or the serial console
 allow binderservicedomain devpts:chr_file rw_file_perms;
+allow binderservicedomain console_device:chr_file rw_file_perms;
 
 # Receive and write to a pipe received over Binder from an app.
 allow binderservicedomain appdomain:fd use;