Merge "Allow sensor hal to access Istats service."
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts
index fd3d5ff..c5a0e9e 100644
--- a/vendor/google/file_contexts
+++ b/vendor/google/file_contexts
@@ -53,7 +53,7 @@
/vendor/bin/init\.ramoops\.sh u:object_r:ramoops_exec:s0
/vendor/bin/modem_svc u:object_r:modem_svc_exec:s0
/vendor/bin/ramoops u:object_r:ramoops_exec:s0
-/vendor/bin/hw/android\.hardware\.dumpstate@1\.0-service\.coral u:object_r:hal_dumpstate_impl_exec:s0
+/vendor/bin/hw/android\.hardware\.dumpstate@1\.[01]-service\.coral u:object_r:hal_dumpstate_impl_exec:s0
/vendor/bin/ramdump u:object_r:ramdump_exec:s0
/vendor/bin/rlsservice u:object_r:rlsservice_exec:s0
/vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0
diff --git a/vendor/google/hal_dumpstate_impl.te b/vendor/google/hal_dumpstate_impl.te
index 8f8d432..450c2d2 100644
--- a/vendor/google/hal_dumpstate_impl.te
+++ b/vendor/google/hal_dumpstate_impl.te
@@ -71,12 +71,8 @@
# Access to modem files
userdebug_or_eng(`
- allow hal_dumpstate_impl modem_dump_file:dir create_dir_perms;
- allow hal_dumpstate_impl modem_dump_file:file create_file_perms;
allow hal_dumpstate_impl netmgrd_data_file:dir r_dir_perms;
allow hal_dumpstate_impl netmgrd_data_file:file r_file_perms;
- allow hal_dumpstate_impl vendor_radio_data_file:dir r_dir_perms;
- allow hal_dumpstate_impl vendor_radio_data_file:file r_file_perms;
allow hal_dumpstate_impl tcpdump_vendor_data_file:dir create_dir_perms;
allow hal_dumpstate_impl tcpdump_vendor_data_file:file create_file_perms;
allow hal_dumpstate_impl ssr_log_file:dir search;
@@ -84,9 +80,14 @@
allow hal_dumpstate_impl mpss_rfs_data_file:dir r_dir_perms;
allow hal_dumpstate_impl mpss_rfs_data_file:file r_file_perms;
- set_prop(hal_dumpstate_impl, vendor_modem_diag_prop)
set_prop(hal_dumpstate_impl, vendor_tcpdump_log_prop)
')
+allow hal_dumpstate_impl modem_dump_file:dir create_dir_perms;
+allow hal_dumpstate_impl modem_dump_file:file create_file_perms;
+allow hal_dumpstate_impl vendor_radio_data_file:dir r_dir_perms;
+allow hal_dumpstate_impl vendor_radio_data_file:file r_file_perms;
+
+set_prop(hal_dumpstate_impl, vendor_modem_diag_prop)
# Access to modem stat
domain_auto_trans(hal_dumpstate_impl, modem_svc_exec, modem_svc)
@@ -130,17 +131,23 @@
# Access to knowles framework info
allow hal_dumpstate_impl sysfs_knowles_info:file r_file_perms;
-dontaudit hal_dumpstate_impl modem_dump_file:dir create_dir_perms;
-dontaudit hal_dumpstate_impl modem_dump_file:file create_file_perms;
+#dump sensors log
+userdebug_or_eng(`
+ allow hal_dumpstate_impl sensors_vendor_data_file:dir r_dir_perms;
+ allow hal_dumpstate_impl sensors_vendor_data_file:file r_file_perms;
+')
+
+# Access to vendor logging property
+set_prop(hal_dumpstate_impl, vendor_logging_prop)
+
dontaudit hal_dumpstate_impl netmgrd_data_file:dir r_dir_perms;
dontaudit hal_dumpstate_impl netmgrd_data_file:file r_file_perms;
-dontaudit hal_dumpstate_impl vendor_radio_data_file:dir r_dir_perms;
-dontaudit hal_dumpstate_impl vendor_radio_data_file:file r_file_perms;
dontaudit hal_dumpstate_impl tcpdump_vendor_data_file:dir create_dir_perms;
dontaudit hal_dumpstate_impl tcpdump_vendor_data_file:file create_file_perms;
dontaudit hal_dumpstate_impl ssr_log_file:dir search;
dontaudit hal_dumpstate_impl ssr_log_file:file r_file_perms;
dontaudit hal_dumpstate_impl mpss_rfs_data_file:dir r_dir_perms;
dontaudit hal_dumpstate_impl mpss_rfs_data_file:file r_file_perms;
-dontaudit hal_dumpstate_impl vendor_modem_diag_prop:file r_file_perms;
dontaudit hal_dumpstate_impl vendor_tcpdump_log_prop:file r_file_perms;
+dontaudit hal_dumpstate_impl sensors_vendor_data_file:dir r_dir_perms;
+dontaudit hal_dumpstate_impl sensors_vendor_data_file:file r_file_perms;
diff --git a/vendor/google/vendor_init.te b/vendor/google/vendor_init.te
index 95aba95..678826e 100644
--- a/vendor/google/vendor_init.te
+++ b/vendor/google/vendor_init.te
@@ -29,3 +29,5 @@
# Allow vendor_init to write vendor_tcpdump_log_prop on userdebug or eng ROM
set_prop(vendor_init, vendor_tcpdump_log_prop)
')
+
+set_prop(vendor_init, vendor_logging_prop)
diff --git a/vendor/qcom/common/diag.te b/vendor/qcom/common/diag.te
index afaa9e0..3ad8432 100644
--- a/vendor/qcom/common/diag.te
+++ b/vendor/qcom/common/diag.te
@@ -1,5 +1,4 @@
type diag, domain;
type diag_exec, exec_type, vendor_file_type, file_type;
-userdebug_or_eng(`
- init_daemon_domain(diag)
-')
+
+init_daemon_domain(diag)
diff --git a/vendor/qcom/common/kernel.te b/vendor/qcom/common/kernel.te
index 20294c4..2a6ca76 100644
--- a/vendor/qcom/common/kernel.te
+++ b/vendor/qcom/common/kernel.te
@@ -1,7 +1,5 @@
# For diag over socket
-userdebug_or_eng(`
- allow kernel self:qipcrtr_socket create;
-')
+allow kernel self:qipcrtr_socket create;
allow kernel debugfs_batteryinfo:dir search;
allow kernel debugfs_wlan:dir search;
diff --git a/vendor/qcom/common/property.te b/vendor/qcom/common/property.te
index 6c421ba..10260fe 100644
--- a/vendor/qcom/common/property.te
+++ b/vendor/qcom/common/property.te
@@ -161,3 +161,7 @@
# Ramdump properties
type vendor_ramdump_prop, property_type;
+
+# vendor logging property
+type vendor_logging_prop, property_type;
+
diff --git a/vendor/qcom/common/property_contexts b/vendor/qcom/common/property_contexts
index 66b12ed..bbea264 100644
--- a/vendor/qcom/common/property_contexts
+++ b/vendor/qcom/common/property_contexts
@@ -80,3 +80,6 @@
persist.vendor.data.netmgr.log_to_file u:object_r:vendor_default_prop:s0
persist.vendor.ims. u:object_r:qcom_ims_prop:s0
persist.vendor.qti.telephony.vt_cam_interface u:object_r:public_vendor_default_prop:s0
+
+# Vendor logging prop
+persist.vendor.logging_enabled u:object_r:vendor_logging_prop:s0
diff --git a/vendor/qcom/common/qlogd.te b/vendor/qcom/common/qlogd.te
index d18b6d6..c023983 100644
--- a/vendor/qcom/common/qlogd.te
+++ b/vendor/qcom/common/qlogd.te
@@ -5,14 +5,12 @@
# make transition from init to its domain
init_daemon_domain(qlogd)
-userdebug_or_eng(`
- allow qlogd diag_device:chr_file rw_file_perms;
+allow qlogd diag_device:chr_file rw_file_perms;
- allow qlogd vendor_radio_data_file:file create_file_perms;
- allow qlogd vendor_radio_data_file:dir create_dir_perms;
+allow qlogd vendor_radio_data_file:file create_file_perms;
+allow qlogd vendor_radio_data_file:dir create_dir_perms;
- set_prop(qlogd, vendor_modem_diag_prop)
+set_prop(qlogd, vendor_modem_diag_prop)
- allow qlogd self:socket create_socket_perms;
- allowxperm qlogd self:socket ioctl msm_sock_ipc_ioctls;
-')
+allow qlogd self:socket create_socket_perms;
+allowxperm qlogd self:socket ioctl msm_sock_ipc_ioctls;
