Merge "dmesgd: sepolicies"
diff --git a/private/dmesgd.te b/private/dmesgd.te
new file mode 100644
index 0000000..7a12882
--- /dev/null
+++ b/private/dmesgd.te
@@ -0,0 +1,15 @@
+type dmesgd, domain, coredomain;
+type dmesgd_exec, system_file_type, exec_type, file_type;
+
+init_daemon_domain(dmesgd)
+
+allow dmesgd dmesgd_data_file:dir create_dir_perms;
+allow dmesgd dmesgd_data_file:file create_file_perms;
+
+allow dmesgd kernel:system syslog_read;
+allow dmesgd shell_exec:file rx_file_perms;
+allow dmesgd toolbox_exec:file rx_file_perms;
+binder_use(dmesgd)
+binder_call(dmesgd, system_server)
+allow dmesgd dropbox_service:service_manager find;
+allow dmesgd proc_version:file r_file_perms;
diff --git a/private/file.te b/private/file.te
index 759fede..9dd0615 100644
--- a/private/file.te
+++ b/private/file.te
@@ -64,6 +64,9 @@
# /data/font/files
type font_data_file, file_type, data_file_type, core_data_file_type;
+# /data/misc/dmesgd
+type dmesgd_data_file, file_type, data_file_type, core_data_file_type;
+
# /data/misc/odrefresh
type odrefresh_data_file, file_type, data_file_type, core_data_file_type;
diff --git a/private/file_contexts b/private/file_contexts
index fabbf2b..16569ba 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -291,6 +291,7 @@
/system/bin/remount u:object_r:remount_exec:s0
/system/bin/dhcpcd u:object_r:dhcp_exec:s0
/system/bin/dhcpcd-6\.8\.2 u:object_r:dhcp_exec:s0
+/system/bin/dmesgd u:object_r:dmesgd_exec:s0
/system/bin/mtpd u:object_r:mtp_exec:s0
/system/bin/pppd u:object_r:ppp_exec:s0
/system/bin/racoon u:object_r:racoon_exec:s0
@@ -605,6 +606,7 @@
/data/misc/carrierid(/.*)? u:object_r:radio_data_file:s0
/data/misc/dhcp(/.*)? u:object_r:dhcp_data_file:s0
/data/misc/dhcp-6\.8\.2(/.*)? u:object_r:dhcp_data_file:s0
+/data/misc/dmesgd(/.*)? u:object_r:dmesgd_data_file:s0
/data/misc/emergencynumberdb(/.*)? u:object_r:emergency_data_file:s0
/data/misc/gatekeeper(/.*)? u:object_r:gatekeeper_data_file:s0
/data/misc/incidents(/.*)? u:object_r:incident_data_file:s0
diff --git a/private/property.te b/private/property.te
index c9c811a..3f02c83 100644
--- a/private/property.te
+++ b/private/property.te
@@ -12,6 +12,7 @@
system_internal_prop(device_config_configuration_prop)
system_internal_prop(device_config_connectivity_prop)
system_internal_prop(device_config_swcodec_native_prop)
+system_internal_prop(dmesgd_start_prop)
system_internal_prop(fastbootd_protocol_prop)
system_internal_prop(gsid_prop)
system_internal_prop(init_perf_lsm_hooks_prop)
diff --git a/private/property_contexts b/private/property_contexts
index b8709e8..7baf7d9 100644
--- a/private/property_contexts
+++ b/private/property_contexts
@@ -651,6 +651,8 @@
apexd.payload_metadata.path u:object_r:apexd_payload_metadata_prop:s0 exact string
apexd.status u:object_r:apexd_prop:s0 exact enum starting activated ready
+dmesgd.start u:object_r:dmesgd_start_prop:s0 exact bool
+
odsign.key.done u:object_r:odsign_prop:s0 exact bool
odsign.verification.done u:object_r:odsign_prop:s0 exact bool
odsign.verification.success u:object_r:odsign_prop:s0 exact bool
diff --git a/private/system_server.te b/private/system_server.te
index 6dd483d..fa66ff1 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -699,6 +699,7 @@
set_prop(system_server, surfaceflinger_color_prop)
set_prop(system_server, provisioned_prop)
set_prop(system_server, retaildemo_prop)
+set_prop(system_server, dmesgd_start_prop)
userdebug_or_eng(`set_prop(system_server, wifi_log_prop)')
# ctl interface
