Gitiles
Code Review Sign In
review.blissroms.org / platform_device_qcom_sepolicy / 136e6638acac2caf08ee2850f0f1b1d97941a823^! / .
commit136e6638acac2caf08ee2850f0f1b1d97941a823[log] [tgz]
authorAvijit Kanti Das <avijitnsec@codeaurora.org>Mon Oct 27 12:30:14 2014 -0700
committerAvijit Kanti Das <avijitnsec@codeaurora.org>Thu Oct 30 10:58:59 2014 -0700
treea9af92109cd87783c3532988f762af4c4c5772e7
parente908bd59a052ed14536b7b49f0af1f8871404206 [diff]
Seandroid: Adding policy for ssr.

Adding policy for ssr_diag and subsystem_ramdump

Change-Id: Ifcf04dd8db700b62dd81b4df82467ec785068405

diff --git a/Android.mk b/Android.mk
index 3304665..d185e05 100644
--- a/Android.mk
+++ b/Android.mk

@@ -77,6 +77,8 @@
        ipacm.te \
        dpmd.te \
        ssr_setup.te \
+       subsystem_ramdump.te \
+       ssr_diag.te \
        sectest.te \
        location.te \
        location_app.te \

diff --git a/common/device.te b/common/device.te
index 8f7a308..6e4c540 100644
--- a/common/device.te
+++ b/common/device.te

@@ -45,6 +45,9 @@
 #SSR device
 type ssr_device, dev_type;
 
+#Ramdump device
+type ramdump_device, dev_type;
+
 #Kickstart bridge devices
 type ksbridgehsic_device, dev_type;
 

diff --git a/common/file_contexts b/common/file_contexts
index 66f6884..6b1b26e 100755
--- a/common/file_contexts
+++ b/common/file_contexts

@@ -37,6 +37,7 @@
 /dev/block/bootdevice/by-name/mdm1m9kefs3       u:object_r:efs_boot_dev:s0
 /dev/block/bootdevice/by-name/mdm1m9kefsc       u:object_r:efs_boot_dev:s0
 /dev/subsys_.*                                  u:object_r:ssr_device:s0
+/dev/ramdump_.*                                 u:object_r:ramdump_device:s0
 /dev/esoc.*                                     u:object_r:esoc_device:s0
 /dev/ks_hsic_bridge                             u:object_r:ksbridgehsic_device:s0
 /dev/efs_hsic_bridge                            u:object_r:efsbridgehsic_device:s0
@@ -125,6 +126,8 @@
 /system/bin/ipacm-diag                          u:object_r:ipacm-diag_exec:s0
 /system/bin/dpmd                                u:object_r:dpmd_exec:s0
 /system/bin/ssr_setup                           u:object_r:ssr_setup_exec:s0
+/system/bin/subsystem_ramdump                   u:object_r:subsystem_ramdump_exec:s0
+/system/bin/ssr_diag                            u:object_r:ssr_diag_exec:s0
 /system/bin/loc_launcher                        u:object_r:location_exec:s0
 /system/bin/quipc_main                          u:object_r:location_exec:s0
 /system/bin/ipepb                               u:object_r:location_exec:s0

diff --git a/common/ssr_diag.te b/common/ssr_diag.te
new file mode 100755
index 0000000..62fa587
--- /dev/null
+++ b/common/ssr_diag.te

@@ -0,0 +1,8 @@
+type ssr_diag, domain;
+type ssr_diag_exec, exec_type, file_type;
+init_daemon_domain(ssr_diag);
+
+userdebug_or_eng(`
+  allow ssr_diag diag_device:chr_file rw_file_perms;
+  allow ssr_diag sysfs:file rw_file_perms;
+')

diff --git a/common/subsystem_ramdump.te b/common/subsystem_ramdump.te
new file mode 100755
index 0000000..6113b0a
--- /dev/null
+++ b/common/subsystem_ramdump.te

@@ -0,0 +1,8 @@
+type subsystem_ramdump, domain;
+type subsystem_ramdump_exec, exec_type, file_type;
+init_daemon_domain(subsystem_ramdump);
+
+userdebug_or_eng(`
+  allow subsystem_ramdump ramdump_device:chr_file r_file_perms;
+  allow subsystem_ramdump sysfs:file w_file_perms;
+')