From 6572ac2fa30d7ba0d5e4b6a9d504deb72141944f Mon Sep 17 00:00:00 2001 From: Huaiming Li Date: Sat, 18 Jan 2020 10:11:11 +0800 Subject: [PATCH 1/2] [ALPS04383536] AEE: add some new rules add some new rules for not exit files in basic/non_plat/, allow dumpstate to open/read files MTK-Commit-Id: 7d8021e582f9c10b7f9574f4fcdadee0be5d3c99 Change-Id: Ifc1ca446ce6cd40e36835acaf52ca5a12efedcdb CR-Id: ALPS04383536 Feature: Android Exception Engine(AEE) --- non_plat/dumpstate.te | 15 +++++++++++++++ non_plat/file.te | 5 +++++ non_plat/file_contexts | 7 +++++++ 3 files changed, 27 insertions(+) diff --git a/non_plat/dumpstate.te b/non_plat/dumpstate.te index 38e7fc3..8f8ffb5 100644 --- a/non_plat/dumpstate.te +++ b/non_plat/dumpstate.te @@ -131,3 +131,18 @@ allow dumpstate proc_cmdq_debug:file r_file_perms; #Purpose: Allow dumpstate to read /proc/cpuhvfs/dbg_repo allow dumpstate proc_dbg_repo:file r_file_perms; + +#Purpose: Allow dumpstate to read /proc/isp_p2/isp_p2_dump +allow dumpstate proc_isp_p2_dump:file r_file_perms; + +#Purpose: Allow dumpstate to read /proc/isp_p2/isp_p2_kedump +allow dumpstate proc_isp_p2_kedump:file r_file_perms; + +#Purpose: Allow dumpstate to read /proc/mali/memory_usage +allow dumpstate proc_memory_usage:file r_file_perms; + +#Purpose: Allow dumpstate to read /proc/mtk_es_reg_dump +allow dumpstate proc_mtk_es_reg_dump:file r_file_perms; + +#Purpose: Allow dumpstate to read /sys/power/mtkpasr/execstate +allow dumpstate sysfs_execstate:file r_file_perms; diff --git a/non_plat/file.te b/non_plat/file.te index d5290f4..c3cbfe8 100644 --- a/non_plat/file.te +++ b/non_plat/file.te @@ -71,6 +71,11 @@ type proc_kpageflags, fs_type, proc_type; type proc_slabtrace, fs_type, proc_type; type proc_cmdq_debug, fs_type, proc_type; type proc_dbg_repo, fs_type, proc_type; +type proc_isp_p2_dump, fs_type, proc_type; +type proc_isp_p2_kedump, fs_type, proc_type; +type proc_memory_usage, fs_type, proc_type; +type proc_mtk_es_reg_dump, fs_type, proc_type; +type sysfs_execstate, fs_type, sysfs_type; type sysfs_therm, fs_type, sysfs_type; type sysfs_fps, fs_type, sysfs_type; type sysfs_ccci, fs_type, sysfs_type; diff --git a/non_plat/file_contexts b/non_plat/file_contexts index 7e7256d..e8458a5 100644 --- a/non_plat/file_contexts +++ b/non_plat/file_contexts @@ -625,3 +625,10 @@ # Date: 2018/07/06 # Purpose for same-process HAL files and their dependencies: libGLES_mali.so need libm4u.so on mali GPU. /vendor/lib(64)?/libm4u\.so u:object_r:same_process_hal_file:s0 + +# Purpose dump not exit file +/proc/isp_p2/isp_p2_dump u:object_r:proc_isp_p2_dump:s0 +/proc/isp_p2/isp_p2_kedump u:object_r:proc_isp_p2_kedump:s0 +/proc/mali/memory_usage u:object_r:proc_memory_usage:s0 +/proc/mtk_es_reg_dump u:object_r:proc_mtk_es_reg_dump:s0 +/sys/power/mtkpasr/execstate u:object_r:sysfs_execstate:s0 From 2cd4f9278585e21586d8fcb475d8a5877ca006c7 Mon Sep 17 00:00:00 2001 From: Huaiming Li Date: Sat, 18 Jan 2020 10:11:12 +0800 Subject: [PATCH 2/2] [ALPS04383536] debugfs_tracing_debug allow rule add debugfs_tracing_debug allow rule for aee_aedv MTK-Commit-Id: b41cff1758cf4f62b8e177cb51f885056b476f17 Change-Id: I4981c061795d745628eae68f56b8697990f8005f CR-Id: ALPS04383536 Feature: Android Exception Engine(AEE) --- non_plat/aee_aedv.te | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/non_plat/aee_aedv.te b/non_plat/aee_aedv.te index 33a452f..5f71197 100644 --- a/non_plat/aee_aedv.te +++ b/non_plat/aee_aedv.te @@ -388,9 +388,9 @@ allow aee_aedv sysfs_vcore_debug:file r_file_perms; allow aee_aedv sysfs_boot_mode:file r_file_perms; #Purpose: Allow aee_aedv to read/write /sys/kernel/debug/tracing/buffer_total_size_kb -#userdebug_or_eng(` -# allow aee_aedv debugfs_tracing_debug:file { r_file_perms write }; -#') +userdebug_or_eng(` +allow aee_aedv debugfs_tracing_debug:file { rw_file_perms }; +') #Purpose: Allow aee_aedv to read /sys/mtk_memcfg/slabtrace allow aee_aedv proc_slabtrace:file r_file_perms;