From 7238f50dd0aadb321d8f9edc83698ee4b671be4b Mon Sep 17 00:00:00 2001
From: Robbin Chiu <robbin.chiu@mediatek.com>
Date: Sat, 18 Jan 2020 10:12:09 +0800
Subject: [PATCH] [ALPS04419955] WMT: stp_dump moving to vendor

[Solution]
Set SEPolicy for stp_dump

MTK-Commit-Id: 5caf8dd3780faaf3c8933406756ef7298560590c

Change-Id: I3f2ac66941eb5f54f4b2079fbeef15e1ebe1e2b6
Signed-off-by: Robbin Chiu <robbin.chiu@mediatek.com>
CR-Id: ALPS04419955
Feature: [Module]WMT Driver
---
 non_plat/aee_aedv.te   |  3 +++
 non_plat/file.te       |  4 ++--
 non_plat/file_contexts |  6 ++++--
 non_plat/property.te   |  2 +-
 non_plat/radio.te      |  4 ----
 non_plat/stp_dump3.te  | 12 +++++-------
 6 files changed, 15 insertions(+), 16 deletions(-)

diff --git a/non_plat/aee_aedv.te b/non_plat/aee_aedv.te
index 6881909..497459c 100644
--- a/non_plat/aee_aedv.te
+++ b/non_plat/aee_aedv.te
@@ -411,3 +411,6 @@ allow aee_aedv aee_dipdebug_vendor_file:dir r_dir_perms;
 allow aee_aedv aee_dipdebug_vendor_file:file r_file_perms;
 allow aee_aedv proc_isp_p2:dir r_dir_perms;
 allow aee_aedv proc_isp_p2:file r_file_perms;
+
+allow aee_aedv connsyslog_data_vendor_file:file r_file_perms;
+allow aee_aedv connsyslog_data_vendor_file:dir r_dir_perms;
\ No newline at end of file
diff --git a/non_plat/file.te b/non_plat/file.te
index 8123ca8..1be904f 100644
--- a/non_plat/file.te
+++ b/non_plat/file.te
@@ -110,7 +110,7 @@ type nvcfg_file, file_type, data_file_type;
 type cct_data_file, file_type, data_file_type;
 type mediaserver_data_file, file_type, data_file_type;
 type mediacodec_data_file, file_type, data_file_type;
-
+type connsyslog_data_vendor_file, file_type, data_file_type;
 
 #mobilelog data/misc/mblog
 type logmisc_data_file, file_type, data_file_type, core_data_file_type;
@@ -141,7 +141,7 @@ type ccci_cfg_file, file_type, data_file_type;
 type c2k_file, file_type, data_file_type;
 #For sensor
 type sensor_data_file, file_type, data_file_type;
-type stp_dump_data_file, file_type, data_file_type, core_data_file_type;
+type stp_dump_data_file, file_type, data_file_type;
 type sysfs_keypad_file, fs_type, sysfs_type;
 type rild_via_socket, file_type;
 type rpc_socket, file_type;
diff --git a/non_plat/file_contexts b/non_plat/file_contexts
index 8ad380a..5451ec4 100644
--- a/non_plat/file_contexts
+++ b/non_plat/file_contexts
@@ -62,7 +62,7 @@
 /data/vendor/powerhal(/.*)? u:object_r:mtk_powerhal_data_file:s0
 #/data/vendor/nfc(/.*)? u:object_r:nfc_data_file:s0
 /data/connsyslog(/.*)?  u:object_r:consyslog_data_file:s0
-/data/misc/stp_dump(/.*)? u:object_r:stp_dump_data_file:s0
+/data/vendor/stp_dump(/.*)? u:object_r:stp_dump_data_file:s0
 /data/vendor/mediadrm(/.*)?      u:object_r:mediadrm_vendor_data_file:s0
 /data/vendor/dipdebug(/.*)?    u:object_r:aee_dipdebug_vendor_file:s0
 
@@ -77,6 +77,8 @@
 # Wallpaper file for smartbook
 /data/system/users/[0-9]+/smartbook_wallpaper   u:object_r:wallpaper_file:s0
 
+/data/vendor/connsyslog(/.*)? u:object_r:connsyslog_data_vendor_file:s0
+
 # nvdata
 /mnt/vendor/nvdata(/.*)? u:object_r:nvdata_file:s0
 /mnt/vendor/nvcfg(/.*)? u:object_r:nvcfg_file:s0
@@ -517,7 +519,7 @@
 # System files
 #
 /(system\/vendor|vendor)/bin/audiocmdservice_atci u:object_r:audiocmdservice_atci_exec:s0
-/system/bin/stp_dump3 u:object_r:stp_dump3_exec:s0
+/(system\/vendor|vendor)/bin/stp_dump3 u:object_r:stp_dump3_exec:s0
 /(system\/vendor|vendor)/bin/wmt_launcher u:object_r:mtk_wmt_launcher_exec:s0
 /(system\/vendor|vendor)/bin/ccci_fsd u:object_r:ccci_fsd_exec:s0
 /(system\/vendor|vendor)/bin/fuelgauged u:object_r:fuelgauged_exec:s0
diff --git a/non_plat/property.te b/non_plat/property.te
index 17cc99e..fcb6fd6 100644
--- a/non_plat/property.te
+++ b/non_plat/property.te
@@ -93,7 +93,7 @@ type audiohal_prop, property_type, mtk_core_property_type;
 
 #=============allow wmt==============
 type wmt_prop, property_type, mtk_core_property_type;
-type coredump_prop, property_type, extended_core_property_type;
+type coredump_prop, property_type, mtk_core_property_type;
 
 #=============allow sensor==============
 type ctl_emcsmdlogger_prop, property_type;
diff --git a/non_plat/radio.te b/non_plat/radio.te
index bb32b94..8f0d479 100644
--- a/non_plat/radio.te
+++ b/non_plat/radio.te
@@ -206,10 +206,6 @@ get_prop(radio, persist_mtk_aeev_prop);
 # Purpose : Allow EM to set sys property
 set_prop(radio, mtk_em_sys_prop)
 
-# Date :  2018/09/06
-# Purpose : Allow EM set wcn coredump prop
-set_prop(radio, coredump_prop)
-
 # Date : 2018/11/01
 # Purpose : mtk EM c2k bypass read usb file
 allow radio sys_usb_rawbulk:file { r_file_perms };
diff --git a/non_plat/stp_dump3.te b/non_plat/stp_dump3.te
index 426f6ea..7ce2b67 100644
--- a/non_plat/stp_dump3.te
+++ b/non_plat/stp_dump3.te
@@ -6,9 +6,8 @@
 # Type Declaration
 # ==============================================
 
-type stp_dump3_exec, system_file_type, exec_type, file_type;
+type stp_dump3_exec, vendor_file_type, exec_type, file_type;
 type stp_dump3, domain;
-typeattribute stp_dump3 coredomain;
 
 # ==============================================
 # Android Policy Rule
@@ -21,14 +20,10 @@ typeattribute stp_dump3 coredomain;
 # ==============================================
 # MTK Policy Rule
 # ==============================================
-file_type_auto_trans(stp_dump3,system_data_file,stp_dump_data_file)
+file_type_auto_trans(stp_dump3,vendor_data_file,stp_dump_data_file)
 allow stp_dump3 self:capability { net_admin fowner chown fsetid };
 allow stp_dump3 self:netlink_socket { read write getattr bind create setopt };
 allow stp_dump3 self:netlink_generic_socket { read write getattr bind create setopt };
-allow stp_dump3 media_rw_data_file:dir { add_name setattr };
-allow stp_dump3 media_rw_data_file:dir rmdir;
-allow stp_dump3 media_rw_data_file:dir { open read write create setattr getattr add_name remove_name search};
-allow stp_dump3 media_rw_data_file:file { open read write create setattr getattr append unlink rename};
 allow stp_dump3 wmtdetect_device:chr_file { read write ioctl open };
 allow stp_dump3 stpwmt_device:chr_file { read write ioctl open };
 allow stp_dump3 tmpfs:lnk_file r_file_perms;
@@ -42,5 +37,8 @@ allow stp_dump3 sdcard_type:file { open read write create setattr getattr append
 allow stp_dump3 sdcard_type:file create_file_perms;
 allow stp_dump3 stp_dump_data_file:dir create_dir_perms;
 allow stp_dump3 stp_dump_data_file:file create_file_perms;
+allow stp_dump3 connsyslog_data_vendor_file:dir create_dir_perms;
+allow stp_dump3 connsyslog_data_vendor_file:file create_file_perms;
+allow stp_dump3 vendor_data_file:dir create_dir_perms;
 get_prop(stp_dump3, coredump_prop)
 init_daemon_domain(stp_dump3)