From 270eab4eb862078ebdb3fd504534e74f87ef5331 Mon Sep 17 00:00:00 2001
From: "hua.tian" <hua.tian@mediatek.com>
Date: Sat, 18 Jan 2020 10:14:56 +0800
Subject: [PATCH] [ALPS04649268] Save mobile log in data partition in meta mode

Add SELINUX policy for mobile_log_d to save log in /data/debuglogger
and for getting log from adb.

MTK-Commit-Id: 8775f10bd89be7ac112cbc56daf422814f0f385f

Change-Id: I39e5e1d0ccb2381ef302c187ff83a9e9cb0fa959
CR-Id: ALPS04649268
Feature: Mobile Log Tool
---
 non_plat/adbd.te         | 2 ++
 non_plat/file.te         | 2 ++
 non_plat/file_contexts   | 1 +
 non_plat/mobile_log_d.te | 5 +++++
 non_plat/shell.te        | 2 ++
 5 files changed, 12 insertions(+)

diff --git a/non_plat/adbd.te b/non_plat/adbd.te
index b431979..a2bae62 100644
--- a/non_plat/adbd.te
+++ b/non_plat/adbd.te
@@ -11,3 +11,5 @@ allow adbd aee_dumpsys_data_file:file r_file_perms;
 allow adbd aee_exp_data_file:dir r_dir_perms;
 allow adbd aee_exp_data_file:file r_file_perms;
 allow adbd gpu_device:dir search;
+allow adbd debuglog_data_file:dir r_dir_perms;
+allow adbd debuglog_data_file:file r_file_perms;
diff --git a/non_plat/file.te b/non_plat/file.te
index 95bf953..42305ea 100644
--- a/non_plat/file.te
+++ b/non_plat/file.te
@@ -118,6 +118,8 @@ type logmisc_data_file, file_type, data_file_type, core_data_file_type;
 #mobilelog data/log_temp
 type logtemp_data_file, file_type, data_file_type, core_data_file_type;
 
+type debuglog_data_file, file_type, data_file_type, core_data_file_type;
+
 # NE core_forwarder
 type aee_core_data_file, file_type, data_file_type, core_data_file_type;
 type aee_core_vendor_file, file_type, data_file_type;
diff --git a/non_plat/file_contexts b/non_plat/file_contexts
index a102ba4..93908a3 100644
--- a/non_plat/file_contexts
+++ b/non_plat/file_contexts
@@ -37,6 +37,7 @@
 /data/extmdl(/.*)? u:object_r:mdlog_data_file:s0
 #/data/http-proxy-cfg(/.*)? u:object_r:http_proxy_cfg_data_file:s0
 /data/log_temp(/.*)? u:object_r:logtemp_data_file:s0
+/data/debuglogger(/.*)? u:object_r:debuglog_data_file:s0
 #/data/lost\+found(/.*)? u:object_r:lost_found_data_file:s0
 /data/mdlog(/.*)? u:object_r:mdlog_data_file:s0
 /data/mdl(/.*)? u:object_r:mdlog_data_file:s0
diff --git a/non_plat/mobile_log_d.te b/non_plat/mobile_log_d.te
index 109a671..a779673 100644
--- a/non_plat/mobile_log_d.te
+++ b/non_plat/mobile_log_d.te
@@ -60,3 +60,8 @@ allow mobile_log_d node:tcp_socket node_bind;
 # purpose: allow mobile_log_d to read system property init.svc.vendor.
 get_prop(mobile_log_d, vendor_default_prop)
 
+#data/debuglog
+allow mobile_log_d debuglog_data_file:dir {relabelto create_dir_perms};
+allow mobile_log_d debuglog_data_file:file create_file_perms;
+allow mobile_log_d system_data_file:dir create_dir_perms;
+file_type_auto_trans(mobile_log_d, system_data_file, debuglog_data_file)
diff --git a/non_plat/shell.te b/non_plat/shell.te
index b292564..2ab7e1b 100644
--- a/non_plat/shell.te
+++ b/non_plat/shell.te
@@ -18,6 +18,8 @@ allow shell aee_exp_vendor_file:dir r_dir_perms;
 allow shell aee_exp_vendor_file:file r_file_perms;
 allow shell aee_exp_data_file:dir r_dir_perms;
 allow shell aee_exp_data_file:file r_file_perms;
+allow shell debuglog_data_file:dir r_dir_perms;
+allow shell debuglog_data_file:file r_file_perms;
 
 get_prop(shell, mobile_log_prop)
 get_prop(shell, persist_mtk_aee_prop);