From 276c0764fc270d71787c9f177f94092adeee379d Mon Sep 17 00:00:00 2001
From: "bo.shang" <bo.shang@mediatek.com>
Date: Sat, 18 Jan 2020 09:55:57 +0800
Subject: [PATCH] [ALPS03943443] Modem Log start USB logging fail

    Fix SELinux errors:
   1. Set vendor property
   2. Set USB property

[Solution] Add permission

MTK-Commit-Id: f9bea7ca32b8ca70e6f015d786753a43491810aa

Change-Id: I3e7cfc80eb34c3430a059b57afa1474ee49e75b1
CR-Id: ALPS03943443
Feature: Modem Log Tool
---
 non_plat/emdlogger.te      | 3 +++
 non_plat/mdlogger.te       | 7 ++++++-
 non_plat/property.te       | 3 +++
 non_plat/property_contexts | 4 ++++
 non_plat/vendor_init.te    | 3 ++-
 plat_private/emdlogger.te  | 3 ++-
 plat_private/netdiag.te    | 2 +-
 7 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/non_plat/emdlogger.te b/non_plat/emdlogger.te
index a2e483a..ad002dc 100644
--- a/non_plat/emdlogger.te
+++ b/non_plat/emdlogger.te
@@ -110,3 +110,6 @@ allow emdlogger node:tcp_socket node_bind;
 set_prop(emdlogger, vendor_mdl_prop)
 set_prop(emdlogger, vendor_mdl_start_prop)
 set_prop(emdlogger, debug_mdlogger_prop)
+set_prop(emdlogger, vendor_usb_prop)
+set_prop(emdlogger, persist_mdlog_prop)
+set_prop(emdlogger, vendor_mdl_pulllog_prop)
diff --git a/non_plat/mdlogger.te b/non_plat/mdlogger.te
index 52bc958..e8f4767 100644
--- a/non_plat/mdlogger.te
+++ b/non_plat/mdlogger.te
@@ -56,4 +56,9 @@ allow emdlogger file_contexts_file:file { read getattr open};
 
 #permission for read boot mode
 #avc: denied { open }  path="/sys/devices/virtual/BOOT/BOOT/boot/boot_mode" dev="sysfs"
-allow mdlogger sysfs_boot_mode:file { read open };
\ No newline at end of file
+allow mdlogger sysfs_boot_mode:file { read open };
+
+# Android P migration
+set_prop(mdlogger, vendor_mdl_prop)
+set_prop(mdlogger, debug_mdlogger_prop)
+set_prop(mdlogger, persist_mdlog_prop)
diff --git a/non_plat/property.te b/non_plat/property.te
index 260948a..966a8b0 100644
--- a/non_plat/property.te
+++ b/non_plat/property.te
@@ -42,6 +42,9 @@ type mtk_wifi_prop, property_type, mtk_core_property_type;
 type debug_mdlogger_prop, property_type, mtk_core_property_type;
 type vendor_mdl_prop, property_type, mtk_core_property_type;
 type vendor_mdl_start_prop, property_type, mtk_core_property_type;
+type vendor_usb_prop, property_type, mtk_core_property_type;
+type persist_mdlog_prop, property_type, mtk_core_property_type;
+type vendor_mdl_pulllog_prop, property_type, mtk_core_property_type;
 
 #=============allow AEE==============
 type persist_mtk_aee_prop, property_type, mtk_core_property_type;
diff --git a/non_plat/property_contexts b/non_plat/property_contexts
index 5322139..51c5a30 100644
--- a/non_plat/property_contexts
+++ b/non_plat/property_contexts
@@ -32,6 +32,10 @@ mtk_wifi. u:object_r:mtk_wifi_prop:s0
 vendor.mdlogger u:object_r:debug_mdlogger_prop:s0
 vendor.mdl u:object_r:vendor_mdl_prop:s0
 vendor.starting.mode  u:object_r:vendor_mdl_start_prop:s0
+vendor.usb. u:object_r:vendor_usb_prop:s0
+persist.vendor.mdl u:object_r:persist_mdlog_prop:s0
+vendor.pullmdlog u:object_r:vendor_mdl_pulllog_prop:s0
+
 
 #=============allow AEE==============
 # persist.vendor.mtk.aee.mode && persist.vendor.mtk.aee.dal
diff --git a/non_plat/vendor_init.te b/non_plat/vendor_init.te
index 68deb48..bc4b264 100644
--- a/non_plat/vendor_init.te
+++ b/non_plat/vendor_init.te
@@ -20,5 +20,6 @@ allow vendor_init unlabeled:dir { relabelfrom getattr setattr search };
 allow vendor_init vendor_file:system module_load;
 
 allow vendor_init kmsg_device:chr_file unlink;
-set_prop(vendor_init, persist_mtk_aee_prop);
+set_prop(vendor_init, persist_mtk_aee_prop)
 set_prop(vendor_init, ro_mtk_aee_prop)
+set_prop(vendor_init, vendor_usb_prop)
diff --git a/plat_private/emdlogger.te b/plat_private/emdlogger.te
index 4053c75..1934f8e 100755
--- a/plat_private/emdlogger.te
+++ b/plat_private/emdlogger.te
@@ -74,8 +74,9 @@ allow emdlogger file_contexts_file:file { read getattr open };
 #avc: denied { read } for name="u:object_r:vendor_default_prop:s0"
 allow emdlogger proc_cmdline:file { read getattr open };
 allow emdlogger sysfs_dt_firmware_android:dir search;
-allow emdlogger sysfs_dt_firmware_android:file read;
+allow emdlogger sysfs_dt_firmware_android:file { read open getattr };
 allow emdlogger system_file:dir open;
 allow emdlogger vendor_default_prop:file { read getattr open };
+allow emdlogger mota_sysfile:dir search;
 
 
diff --git a/plat_private/netdiag.te b/plat_private/netdiag.te
index e783b0c..6a2e306 100755
--- a/plat_private/netdiag.te
+++ b/plat_private/netdiag.te
@@ -101,6 +101,6 @@ allow netdiag self:udp_socket { ioctl create };
 #allow netdiag atm_mdmode_prop:file { getattr open };
 #allow netdiag bluetooth_a2dp_offload_prop:file { getattr open };
 #allow netdiag bluetooth_prop:file open;
-allow netdiag proc_qtaguid_stat:dir { read open };
+allow netdiag proc_qtaguid_stat:dir { read open search };
 allow netdiag proc_qtaguid_stat:file { read getattr open };
 allow netdiag vendor_default_prop:file  { read getattr open };