From 0b7ed7df4732cf93e3a85b1c73f05f82f8a0ca18 Mon Sep 17 00:00:00 2001
From: mtk11285 <weiwei.zhang@mediatek.com>
Date: Sat, 18 Jan 2020 10:13:14 +0800
Subject: [PATCH] [ALPS03806577] add DropBoxReceiver feature

1. allow dropboxreceiver to receive dropbox message
2. allow aee_aed to read packages.list

MTK-Commit-Id: 03d7fff0159d697f13fd574b132503ba6063cfab

Change-Id: Id717233c2ade4b0b8c3d6a8319647ff6e783a60a
CR-Id: ALPS03806577
Feature: Android Exception Engine(AEE)
---
 plat_private/aee_aed.te       | 9 +++++++++
 plat_private/system_app.te    | 5 ++++-
 plat_private/system_server.te | 4 ++++
 3 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/plat_private/aee_aed.te b/plat_private/aee_aed.te
index 70b6b1e..72f9468 100644
--- a/plat_private/aee_aed.te
+++ b/plat_private/aee_aed.te
@@ -132,3 +132,12 @@ userdebug_or_eng(`allow aee_aed debugfs_tracing_debug:file { write open };')
 
 # Purpose: Allow aee_aed to read/write /sys/kernel/debug/tracing/tracing_on
 #userdebug_or_eng(` allow aee_aed debugfs_tracing:file { r_file_perms write };')
+
+# Purpose: receive dropbox message
+allow aee_aed dropbox_data_file:file {getattr read};
+allow aee_aed dropbox_service:service_manager find;
+allow aee_aed servicemanager:binder call;
+allow aee_aed system_server:binder call;
+
+# Purpose: allow aee_aed to read packages.list
+allow aee_aed packages_list_file:file r_file_perms;
diff --git a/plat_private/system_app.te b/plat_private/system_app.te
index 757a464..0dd6fc5 100644
--- a/plat_private/system_app.te
+++ b/plat_private/system_app.te
@@ -14,4 +14,7 @@ allow system_app media_rw_data_file:file {r_file_perms w_file_perms};
 
 #Dat: 2017/07/13
 #Purpose: allow system app to read/open system data file
-allow system_app system_data_file:dir { read open };
\ No newline at end of file
+allow system_app system_data_file:dir { read open };
+
+# Purpose: receive dropbox message
+allow system_app aee_aed:unix_stream_socket connectto;
diff --git a/plat_private/system_server.te b/plat_private/system_server.te
index 56a75e4..72201ee 100644
--- a/plat_private/system_server.te
+++ b/plat_private/system_server.te
@@ -3,3 +3,7 @@
 dontaudit system_server appdomain:file w_file_perms;
 allow system_server ota_package_file:dir getattr;
 allow uncrypt uncrypt:capability fowner;
+
+# Purpose: receive dropbox message
+allow system_server aee_aed:fifo_file w_file_perms;
+allow system_server aee_aed:fd use;