[ALPS04824757] mrdump: fix ioctl sepolicy

1. mrdump_tool was blocked by sepolicy by ioctl actions. 2. add 4 more items - FS_IOC_GETFLAGS - FS_IOC_SETFLAGS - F2FS_IOC_GET_PIN_FILE - F2FS_IOC_SET_PIN_FILE MTK-Commit-Id: 926484c7b945397752926c9a605e3e2cd4b7ae19 Change-Id: Idadd2f3a2525a3cff8bd8a7b91c8dc76f2482546 CR-Id: ALPS04824757 Feature: Memory RAM Dump (MRDUMP) (cherry picked from commit 81c51be3cfd29de37b3d4a02072813a4b4f25fa6)
2020-01-18 10:22:00 +08:00 · 2020-01-18 10:22:00 +08:00 · 945b222419
commit 945b222419
parent ba675f90bd
2 changed files with 14 additions and 2 deletions
--- a/non_plat/aee_aedv.te
+++ b/non_plat/aee_aedv.te
@ -306,8 +306,14 @@ allow aee_aedv metadata_file:dir search;
 allow aee_aedv self:capability linux_immutable;
 allow aee_aedv userdata_block_device:blk_file { read write open };
 allow aee_aedv para_block_device:blk_file rw_file_perms;
-allowxperm aee_aedv aee_dumpsys_vendor_file:file ioctl FS_IOC_FIEMAP;
 allow aee_aedv mrdump_device:blk_file rw_file_perms;
+allowxperm aee_aedv aee_dumpsys_vendor_file:file ioctl {
+  FS_IOC_GETFLAGS
+  FS_IOC_SETFLAGS
+  F2FS_IOC_GET_PIN_FILE
+  F2FS_IOC_SET_PIN_FILE
+  FS_IOC_FIEMAP
+};

 # Purpose: allow vendor aee read lowmemorykiller logs
 # file path: /sys/module/lowmemorykiller/parameters/
--- a/r_non_plat/aee_aedv.te
+++ b/r_non_plat/aee_aedv.te
@ -305,8 +305,14 @@ allow aee_aedv metadata_file:dir search;
 allow aee_aedv self:capability linux_immutable;
 allow aee_aedv userdata_block_device:blk_file { read write open };
 allow aee_aedv para_block_device:blk_file rw_file_perms;
-allowxperm aee_aedv aee_dumpsys_vendor_file:file ioctl FS_IOC_FIEMAP;
 allow aee_aedv mrdump_device:blk_file rw_file_perms;
+allowxperm aee_aedv aee_dumpsys_vendor_file:file ioctl {
+  FS_IOC_GETFLAGS
+  FS_IOC_SETFLAGS
+  F2FS_IOC_GET_PIN_FILE
+  F2FS_IOC_SET_PIN_FILE
+  FS_IOC_FIEMAP
+};

 # Purpose: allow vendor aee read lowmemorykiller logs
 # file path: /sys/module/lowmemorykiller/parameters/