Add sepolicy for dumpstate to zip tcpdump into bugreport

Bug: 264490014 Test: 1. Enable tcpdump_logger always-on function 2. Dump bugreport 3. Pull dumpstate_board.bin and chagne it to zip 4. Unzip dumpstate_board.zip and check if tcpdump files are there. Change-Id: I420f26f17260dff34617c8c723f126ee9e56bb27
2023-04-24 02:20:40 +00:00 · 2023-04-24 02:20:40 +00:00 · 6a41ee1f21
commit 6a41ee1f21
parent 6c4c5cdf26
3 changed files with 9 additions and 0 deletions
--- a/radio/sepolicy/dump_radio.te
+++ b/radio/sepolicy/dump_radio.te
@ -3,6 +3,8 @@ pixel_bugreport(dump_radio)
 userdebug_or_eng(`
  allow dump_radio radio_vendor_data_file:dir create_dir_perms;
  allow dump_radio radio_vendor_data_file:file create_file_perms;
+  allow dump_radio tcpdump_vendor_data_file:dir r_dir_perms;
+  allow dump_radio tcpdump_vendor_data_file:file r_file_perms;
  get_prop(dump_radio, vendor_rild_prop)
  get_prop(dump_radio vendor_tcpdump_log_prop)
 ')
--- a/radio/sepolicy/file.te
+++ b/radio/sepolicy/file.te
@ -0,0 +1,6 @@
+# Data
+type tcpdump_vendor_data_file, file_type, data_file_type;
+
+userdebug_or_eng(`
+  typeattribute tcpdump_vendor_data_file mlstrustedobject;
+')
--- a/radio/sepolicy/file_contexts
+++ b/radio/sepolicy/file_contexts
@ -1 +1,2 @@
 /vendor/bin/dump/dump_radio           u:object_r:dump_radio_exec:s0
+/data/vendor/tcpdump_logger(/.*)?     u:object_r:tcpdump_vendor_data_file:s0