Merge "shell: neverallow access to 'proc' label."
diff --git a/private/compat/26.0/26.0.ignore.cil b/private/compat/26.0/26.0.ignore.cil
index fdc672a..edbf97f 100644
--- a/private/compat/26.0/26.0.ignore.cil
+++ b/private/compat/26.0/26.0.ignore.cil
@@ -42,7 +42,8 @@
wpantund
wpantund_exec
wpantund_service
- wpantund_tmpfs))
+ wpantund_tmpfs
+ wm_trace_data_file))
;; private_objects - a collection of types that were labeled differently in
;; older policy, but that should not remain accessible to vendor policy.
diff --git a/private/dumpstate.te b/private/dumpstate.te
index b8f8152..24a57de 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -18,6 +18,12 @@
allow dumpstate atrace_exec:file rx_file_perms;
allow dumpstate storaged_exec:file rx_file_perms;
+# /data/misc/wmtrace for wm traces
+userdebug_or_eng(`
+ allow dumpstate wm_trace_data_file:dir r_dir_perms;
+ allow dumpstate wm_trace_data_file:file r_file_perms;
+')
+
# Allow dumpstate to make binder calls to storaged service
binder_call(dumpstate, storaged)
diff --git a/private/file.te b/private/file.te
index 6994202..5b4dbc8 100644
--- a/private/file.te
+++ b/private/file.te
@@ -3,3 +3,6 @@
# /data/misc/storaged
type storaged_data_file, file_type, data_file_type, core_data_file_type;
+
+# /data/misc/wmtrace for wm traces
+type wm_trace_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/private/file_contexts b/private/file_contexts
index 05c36c3..b93168b 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -390,6 +390,7 @@
/data/misc/update_engine_log(/.*)? u:object_r:update_engine_log_data_file:s0
/data/system/heapdump(/.*)? u:object_r:heapdump_data_file:s0
/data/misc/trace(/.*)? u:object_r:method_trace_data_file:s0
+/data/misc/wmtrace(/.*)? u:object_r:wm_trace_data_file:s0
# TODO(calin) label profile reference differently so that only
# profman run as a special user can write to them
/data/misc/profiles/cur(/.*)? u:object_r:user_profile_data_file:s0
diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index ed67597..5fbd9ab 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -52,6 +52,12 @@
allow surfaceflinger appdomain:fd use;
allow surfaceflinger app_data_file:file { read write };
+# Allow writing surface traces to /data/misc/wmtrace.
+userdebug_or_eng(`
+ allow surfaceflinger wm_trace_data_file:dir rw_dir_perms;
+ allow surfaceflinger wm_trace_data_file:file { getattr setattr create w_file_perms };
+')
+
# Use socket supplied by adbd, for cmd gpu vkjson etc.
allow surfaceflinger adbd:unix_stream_socket { read write getattr };
diff --git a/private/system_server.te b/private/system_server.te
index d2a0c5e..e2b5720 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -641,6 +641,10 @@
# Allow system server to read dmesg
allow system_server kernel:system syslog_read;
+
+ # Allow writing window traces in /data/misc/wmtrace.
+ allow system_server wm_trace_data_file:dir rw_dir_perms;
+ allow system_server wm_trace_data_file:file { getattr setattr create w_file_perms };
')
# For AppFuse.
diff --git a/public/netd.te b/public/netd.te
index a8a32be..ab01fd8 100644
--- a/public/netd.te
+++ b/public/netd.te
@@ -37,6 +37,8 @@
# TODO: Add proper rules to prevent other process to access qtaguid_proc file after migration
# complete
allow netd qtaguid_proc:file rw_file_perms;
+# Allow netd to read /dev/qtaguid. This is the same privilege level that normal apps have.
+allow netd qtaguid_device:chr_file r_file_perms;
r_dir_file(netd, proc_net)
# For /proc/sys/net/ipv[46]/route/flush.