[ALPS04419955] WMT: stp_dump moving to vendor

[Solution] Set SEPolicy for stp_dump MTK-Commit-Id: 5caf8dd3780faaf3c8933406756ef7298560590c Change-Id: I3f2ac66941eb5f54f4b2079fbeef15e1ebe1e2b6 Signed-off-by: Robbin Chiu <robbin.chiu@mediatek.com> CR-Id: ALPS04419955 Feature: [Module]WMT Driver
2020-01-18 10:12:09 +08:00 · 2020-01-18 10:12:09 +08:00 · 7238f50dd0
commit 7238f50dd0
parent 203b3d02de
6 changed files with 15 additions and 16 deletions
--- a/non_plat/aee_aedv.te
+++ b/non_plat/aee_aedv.te
@ -411,3 +411,6 @@ allow aee_aedv aee_dipdebug_vendor_file:dir r_dir_perms;
 allow aee_aedv aee_dipdebug_vendor_file:file r_file_perms;
 allow aee_aedv proc_isp_p2:dir r_dir_perms;
 allow aee_aedv proc_isp_p2:file r_file_perms;
+
+allow aee_aedv connsyslog_data_vendor_file:file r_file_perms;
+allow aee_aedv connsyslog_data_vendor_file:dir r_dir_perms;
--- a/non_plat/file.te
+++ b/non_plat/file.te
@ -110,7 +110,7 @@ type nvcfg_file, file_type, data_file_type;
 type cct_data_file, file_type, data_file_type;
 type mediaserver_data_file, file_type, data_file_type;
 type mediacodec_data_file, file_type, data_file_type;
-
+type connsyslog_data_vendor_file, file_type, data_file_type;

 #mobilelog data/misc/mblog
 type logmisc_data_file, file_type, data_file_type, core_data_file_type;
@ -141,7 +141,7 @@ type ccci_cfg_file, file_type, data_file_type;
 type c2k_file, file_type, data_file_type;
 #For sensor
 type sensor_data_file, file_type, data_file_type;
-type stp_dump_data_file, file_type, data_file_type, core_data_file_type;
+type stp_dump_data_file, file_type, data_file_type;
 type sysfs_keypad_file, fs_type, sysfs_type;
 type rild_via_socket, file_type;
 type rpc_socket, file_type;
--- a/non_plat/file_contexts
+++ b/non_plat/file_contexts
@ -62,7 +62,7 @@
 /data/vendor/powerhal(/.*)? u:object_r:mtk_powerhal_data_file:s0
 #/data/vendor/nfc(/.*)? u:object_r:nfc_data_file:s0
 /data/connsyslog(/.*)?  u:object_r:consyslog_data_file:s0
-/data/misc/stp_dump(/.*)? u:object_r:stp_dump_data_file:s0
+/data/vendor/stp_dump(/.*)? u:object_r:stp_dump_data_file:s0
 /data/vendor/mediadrm(/.*)?      u:object_r:mediadrm_vendor_data_file:s0
 /data/vendor/dipdebug(/.*)?    u:object_r:aee_dipdebug_vendor_file:s0

@ -77,6 +77,8 @@
 # Wallpaper file for smartbook
 /data/system/users/[0-9]+/smartbook_wallpaper   u:object_r:wallpaper_file:s0

+/data/vendor/connsyslog(/.*)? u:object_r:connsyslog_data_vendor_file:s0
+
 # nvdata
 /mnt/vendor/nvdata(/.*)? u:object_r:nvdata_file:s0
 /mnt/vendor/nvcfg(/.*)? u:object_r:nvcfg_file:s0
@ -517,7 +519,7 @@
 # System files
 #
 /(system\/vendor|vendor)/bin/audiocmdservice_atci u:object_r:audiocmdservice_atci_exec:s0
-/system/bin/stp_dump3 u:object_r:stp_dump3_exec:s0
+/(system\/vendor|vendor)/bin/stp_dump3 u:object_r:stp_dump3_exec:s0
 /(system\/vendor|vendor)/bin/wmt_launcher u:object_r:mtk_wmt_launcher_exec:s0
 /(system\/vendor|vendor)/bin/ccci_fsd u:object_r:ccci_fsd_exec:s0
 /(system\/vendor|vendor)/bin/fuelgauged u:object_r:fuelgauged_exec:s0
--- a/non_plat/property.te
+++ b/non_plat/property.te
@ -93,7 +93,7 @@ type audiohal_prop, property_type, mtk_core_property_type;

 #=============allow wmt==============
 type wmt_prop, property_type, mtk_core_property_type;
-type coredump_prop, property_type, extended_core_property_type;
+type coredump_prop, property_type, mtk_core_property_type;

 #=============allow sensor==============
 type ctl_emcsmdlogger_prop, property_type;
--- a/non_plat/radio.te
+++ b/non_plat/radio.te
@ -206,10 +206,6 @@ get_prop(radio, persist_mtk_aeev_prop);
 # Purpose : Allow EM to set sys property
 set_prop(radio, mtk_em_sys_prop)

-# Date :  2018/09/06
-# Purpose : Allow EM set wcn coredump prop
-set_prop(radio, coredump_prop)
-
 # Date : 2018/11/01
 # Purpose : mtk EM c2k bypass read usb file
 allow radio sys_usb_rawbulk:file { r_file_perms };
--- a/non_plat/stp_dump3.te
+++ b/non_plat/stp_dump3.te
@ -6,9 +6,8 @@
 # Type Declaration
 # ==============================================

-type stp_dump3_exec, system_file_type, exec_type, file_type;
+type stp_dump3_exec, vendor_file_type, exec_type, file_type;
 type stp_dump3, domain;
-typeattribute stp_dump3 coredomain;

 # ==============================================
 # Android Policy Rule
@ -21,14 +20,10 @@ typeattribute stp_dump3 coredomain;
 # ==============================================
 # MTK Policy Rule
 # ==============================================
-file_type_auto_trans(stp_dump3,system_data_file,stp_dump_data_file)
+file_type_auto_trans(stp_dump3,vendor_data_file,stp_dump_data_file)
 allow stp_dump3 self:capability { net_admin fowner chown fsetid };
 allow stp_dump3 self:netlink_socket { read write getattr bind create setopt };
 allow stp_dump3 self:netlink_generic_socket { read write getattr bind create setopt };
-allow stp_dump3 media_rw_data_file:dir { add_name setattr };
-allow stp_dump3 media_rw_data_file:dir rmdir;
-allow stp_dump3 media_rw_data_file:dir { open read write create setattr getattr add_name remove_name search};
-allow stp_dump3 media_rw_data_file:file { open read write create setattr getattr append unlink rename};
 allow stp_dump3 wmtdetect_device:chr_file { read write ioctl open };
 allow stp_dump3 stpwmt_device:chr_file { read write ioctl open };
 allow stp_dump3 tmpfs:lnk_file r_file_perms;
@ -42,5 +37,8 @@ allow stp_dump3 sdcard_type:file { open read write create setattr getattr append
 allow stp_dump3 sdcard_type:file create_file_perms;
 allow stp_dump3 stp_dump_data_file:dir create_dir_perms;
 allow stp_dump3 stp_dump_data_file:file create_file_perms;
+allow stp_dump3 connsyslog_data_vendor_file:dir create_dir_perms;
+allow stp_dump3 connsyslog_data_vendor_file:file create_file_perms;
+allow stp_dump3 vendor_data_file:dir create_dir_perms;
 get_prop(stp_dump3, coredump_prop)
 init_daemon_domain(stp_dump3)