From c6f62897b6ba5bb5b9da053f0654bfa76c3a2582 Mon Sep 17 00:00:00 2001 From: "bo.shang" Date: Sat, 18 Jan 2020 10:18:19 +0800 Subject: [PATCH] [ALPS04721702] Save log into data partition 1. Add SELinux permission MTK-Commit-Id: 49d711749e59016b1e46233c4569c9d22d957f3d Change-Id: If172698697fa5005f4548328665ea6c4739315c8 CR-Id: ALPS04721702 Feature: Modem Log Tool --- non_plat/emdlogger.te | 4 ---- non_plat/mdlogger.te | 4 ---- plat_private/cmddumper.te | 5 ++++- plat_private/emdlogger.te | 5 +++++ plat_private/mdlogger.te | 4 ++++ plat_private/netdiag.te | 1 - 6 files changed, 13 insertions(+), 10 deletions(-) diff --git a/non_plat/emdlogger.te b/non_plat/emdlogger.te index 20b7d3c..6b1dbaf 100644 --- a/non_plat/emdlogger.te +++ b/non_plat/emdlogger.te @@ -86,10 +86,6 @@ allow emdlogger aee_aed:unix_stream_socket connectto; allow emdlogger para_block_device:blk_file { read open write }; allow emdlogger proc_lk_env:file { read write ioctl open }; -#Android O for created file in data - - file_type_auto_trans(emdlogger, system_data_file, mdlog_data_file) - ## purpose: avc: denied { read } for name="plat_file_contexts" allow emdlogger file_contexts_file:file { read getattr open map}; diff --git a/non_plat/mdlogger.te b/non_plat/mdlogger.te index af2a834..cfda1d6 100644 --- a/non_plat/mdlogger.te +++ b/non_plat/mdlogger.te @@ -46,10 +46,6 @@ allow mdlogger media_rw_data_file:dir { create_dir_perms }; #security issue control allow mdlogger aee_aed:unix_stream_socket connectto; -#Android O for created file in data - - file_type_auto_trans(mdlogger, system_data_file, mdlog_data_file) - ## purpose: avc: denied { read } for name="plat_file_contexts" allow emdlogger file_contexts_file:file { read getattr open}; diff --git a/plat_private/cmddumper.te b/plat_private/cmddumper.te index 7e1a3d9..3dc20b8 100644 --- a/plat_private/cmddumper.te +++ b/plat_private/cmddumper.te @@ -33,4 +33,7 @@ allow cmddumper media_rw_data_file:dir { create_dir_perms }; # purpose: access plat_file_contexts allow cmddumper file_contexts_file:file { read getattr open }; - +## Save C2K modem log into data +allow cmddumper debuglog_data_file:dir {relabelto create_dir_perms}; +allow cmddumper debuglog_data_file:file create_file_perms; +allow cmddumper system_data_file:dir create_dir_perms; diff --git a/plat_private/emdlogger.te b/plat_private/emdlogger.te index c81fe15..cd91357 100755 --- a/plat_private/emdlogger.te +++ b/plat_private/emdlogger.te @@ -78,3 +78,8 @@ allow emdlogger vendor_default_prop:file { read getattr open }; ## purpose: read modem db and filter folder and file allow emdlogger mddb_filter_data_file:dir { r_dir_perms }; allow emdlogger mddb_filter_data_file:file { r_file_perms }; + +# save log into /data/debuglogger +allow emdlogger debuglog_data_file:dir {relabelto create_dir_perms}; +allow emdlogger debuglog_data_file:file create_file_perms; +allow emdlogger system_data_file:dir create_dir_perms; diff --git a/plat_private/mdlogger.te b/plat_private/mdlogger.te index b1ffcd6..ad6990a 100644 --- a/plat_private/mdlogger.te +++ b/plat_private/mdlogger.te @@ -51,3 +51,7 @@ allow mdlogger system_file:dir read; ## purpose: read modem db and filter folder and file allow mdlogger mddb_filter_data_file:dir { r_dir_perms }; allow mdlogger mddb_filter_data_file:file { r_file_perms }; +## Save modem log into data +allow mdlogger debuglog_data_file:dir {relabelto create_dir_perms}; +allow mdlogger debuglog_data_file:file create_file_perms; +allow mdlogger system_data_file:dir create_dir_perms; diff --git a/plat_private/netdiag.te b/plat_private/netdiag.te index 8ce5fd6..834dcf8 100755 --- a/plat_private/netdiag.te +++ b/plat_private/netdiag.te @@ -101,4 +101,3 @@ allow netdiag debuglog_data_file:dir {relabelto create_dir_perms}; allow netdiag debuglog_data_file:file create_file_perms; allow netdiag system_data_file:dir { create_dir_perms relabelfrom }; allow netdiag file_contexts_file:file { r_file_perms }; -file_type_auto_trans(netdiag, system_data_file, debuglog_data_file)