Nexus Logger: add the sepolicy and condition for property change
1) add condition to run cnss_diag based on property value
2) add sepolicy to save the log file and conf into /data/cnss_diag
3) add sepoiicy required to run cnss_diag in cnss_diag.te
Bug: 31185979
Change-Id: I33ea066ef3745e97dd1b46e7c2c28ac6d2a5aa6d
Signed-off-by: Ecco Park <eccopark@google.com>
diff --git a/init.common.diag.rc.userdebug b/init.common.diag.rc.userdebug
index d84a0c6..ba4f5e0 100644
--- a/init.common.diag.rc.userdebug
+++ b/init.common.diag.rc.userdebug
@@ -3,6 +3,8 @@
on post-fs-data
# Modem logging collection
mkdir /data/diag_logs 0777 system system
+ # WLAN logging collection
+ mkdir /data/cnss_diag 0777 system system
# Copy OEM adb_keys if /data/misc/adb/adb_keys does not exist
copy /data/misc/adb/adb_keys /data/misc/adb/adb_keys_temp
@@ -88,3 +90,23 @@
write /sys/class/android_usb/android0/enable 1
start adbd
setprop sys.usb.state ${sys.usb.config}
+
+on property:persist.sys.cnss.diag_qxdm=true
+ start cnss_diag
+
+on property:persist.sys.cnss.diag_qxdm=false
+ stop cnss_diag
+
+on property:persist.sys.cnss.diag_txt=true
+ start cnss_diag_txt
+
+on property:persist.sys.cnss.diag_txt=false
+ stop cnss_diag_txt
+
+service cnss_diag_txt /system/bin/cnss_diag -s -f -m /data/cnss_diag/cnss_diag.conf
+ class late_start
+ user root
+ group root
+ disabled
+ oneshot
+
diff --git a/sepolicy/cnss_diag.te b/sepolicy/cnss_diag.te
index 16ad79a..e45a4dd 100644
--- a/sepolicy/cnss_diag.te
+++ b/sepolicy/cnss_diag.te
@@ -18,4 +18,6 @@
userdebug_or_eng(`
allow cnss_diag diag_device:chr_file rw_file_perms;
+ allow cnss_diag cnss_diag_data_file:dir create_dir_perms;
+ allow cnss_diag cnss_diag_data_file:file create_file_perms;
')
diff --git a/sepolicy/file.te b/sepolicy/file.te
index 0489a8f..d1f69c5 100755
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -5,6 +5,7 @@
# /data
type diag_logs, file_type, data_file_type, mlstrustedobject;
+type cnss_diag_data_file, file_type, data_file_type, mlstrustedobject;
type location_data_file, file_type, data_file_type;
type perfd_data_file, file_type, data_file_type;
type ramdump_data_file, file_type, data_file_type;
@@ -49,4 +50,4 @@
# msm_irqbalance
type proc_irq, fs_type;
-type irqbalance_socket, file_type;
\ No newline at end of file
+type irqbalance_socket, file_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 816afc0..4797b69 100755
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -162,6 +162,7 @@
# /data
/data/diag_logs(/.*)? u:object_r:diag_logs:s0
+/data/cnss_diag(/.*)? u:object_r:cnss_diag_data_file:s0
/data/nfc(/.*)? u:object_r:nfc_data_file:s0
/data/time(/.*)? u:object_r:time_data_file:s0
/data/ramdump(/.*)? u:object_r:ramdump_data_file:s0
diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te
index 16f2126..eee5d35 100644
--- a/sepolicy/platform_app.te
+++ b/sepolicy/platform_app.te
@@ -3,4 +3,9 @@
allow platform_app diag_logs:dir rw_dir_perms;
allow platform_app diag_logs:file create_file_perms;
allow platform_app diag_device:chr_file rw_file_perms;
+ allow platform_app cnss_diag_data_file:dir create_dir_perms;
+ allow platform_app cnss_diag_data_file:file create_file_perms;
+ dontaudit platform_app proc_sysrq:file getattr;
+ dontaudit platform_app proc_iomem:file getattr;
+ set_prop(platform_app, cnss_diag_prop);
')
diff --git a/sepolicy/property.te b/sepolicy/property.te
index 612b860..05f8d45 100644
--- a/sepolicy/property.te
+++ b/sepolicy/property.te
@@ -4,3 +4,4 @@
type hw_sku_prop, property_type;
type mid_prop, property_type;
type ssr_prop, property_type;
+type cnss_diag_prop, property_type;
diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
index 77515e1..a6d34e4 100644
--- a/sepolicy/property_contexts
+++ b/sepolicy/property_contexts
@@ -8,3 +8,4 @@
ro.boot.hardware.sku u:object_r:hw_sku_prop:s0
ro.boot.mid u:object_r:mid_prop:s0
debug.ssrdump u:object_r:ssr_prop:s0
+persist.sys.cnss. u:object_r:cnss_diag_prop:s0