From 7af3dca98da7db2ba0f52af8b305ce56fabd520a Mon Sep 17 00:00:00 2001
From: Erik Staats <estaats@google.com>
Date: Wed, 8 Mar 2023 20:25:11 +0000
Subject: [PATCH] Add umfw_stat_dump

Bug: 272323547
Test: Verified UmfwStat tables are dumped in bug report.
Change-Id: Ib21c380cd25787ccd8b72f4f7a347e8d28bd4f16
---
 umfw_stat/Android.bp                 | 36 ++++++++++++++++++++++++++++
 umfw_stat/dump_umfw_stat.cpp         | 33 +++++++++++++++++++++++++
 umfw_stat/sepolicy/dump_umfw_stat.te | 27 +++++++++++++++++++++
 umfw_stat/sepolicy/file.te           | 21 ++++++++++++++++
 umfw_stat/sepolicy/file_contexts     | 22 +++++++++++++++++
 umfw_stat/umfw_stat.mk               | 27 +++++++++++++++++++++
 6 files changed, 166 insertions(+)
 create mode 100644 umfw_stat/Android.bp
 create mode 100644 umfw_stat/dump_umfw_stat.cpp
 create mode 100644 umfw_stat/sepolicy/dump_umfw_stat.te
 create mode 100644 umfw_stat/sepolicy/file.te
 create mode 100644 umfw_stat/sepolicy/file_contexts
 create mode 100644 umfw_stat/umfw_stat.mk

diff --git a/umfw_stat/Android.bp b/umfw_stat/Android.bp
new file mode 100644
index 0000000..765c4be
--- /dev/null
+++ b/umfw_stat/Android.bp
@@ -0,0 +1,36 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+// Package defs.
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+// UmfwStat dump tool binary.
+cc_binary {
+    name: "dump_umfw_stat",
+    srcs: ["dump_umfw_stat.cpp"],
+    cflags: [
+        "-Wall",
+        "-Werror",
+        "-Wextra",
+    ],
+    shared_libs: [
+        "libdump",
+    ],
+    vendor: true,
+    relative_install_path: "dump",
+}
diff --git a/umfw_stat/dump_umfw_stat.cpp b/umfw_stat/dump_umfw_stat.cpp
new file mode 100644
index 0000000..63478cd
--- /dev/null
+++ b/umfw_stat/dump_umfw_stat.cpp
@@ -0,0 +1,33 @@
+//
+// Copyright (C) 2023 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+//
+// UmfwStat dump tool.
+//
+
+#include <dump/pixel_dump.h>
+
+int main() {
+  // Set stdout to be unbuffered.
+  setbuf(stdout, NULL);
+
+  // Dump AoC statistics.
+  // TODO(b/272300997): Add timeouts for requests.
+  runCommand("AoC statistics", "timeout 5 /vendor/bin/umfw_stat_tool get_all");
+
+  return 0;
+}
+
diff --git a/umfw_stat/sepolicy/dump_umfw_stat.te b/umfw_stat/sepolicy/dump_umfw_stat.te
new file mode 100644
index 0000000..dac2d25
--- /dev/null
+++ b/umfw_stat/sepolicy/dump_umfw_stat.te
@@ -0,0 +1,27 @@
+#
+# Copyright (C) 2023 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# UmfwStat dump tool type enforcing file.
+#
+
+pixel_bugreport(dump_umfw_stat)
+allow dump_umfw_stat aoc_device:chr_file rw_file_perms;
+allow dump_umfw_stat device:dir r_dir_perms;
+allow dump_umfw_stat vendor_shell_exec:file execute_no_trans;
+allow dump_umfw_stat vendor_umfw_stat_tool:file execute_no_trans;
+allow dump_umfw_stat vendor_toolbox_exec:file execute_no_trans;
+
diff --git a/umfw_stat/sepolicy/file.te b/umfw_stat/sepolicy/file.te
new file mode 100644
index 0000000..239ce5a
--- /dev/null
+++ b/umfw_stat/sepolicy/file.te
@@ -0,0 +1,21 @@
+#
+# Copyright (C) 2023 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# UmfwStat type enforcing file.
+#
+
+type vendor_umfw_stat_tool, vendor_file_type, file_type;
diff --git a/umfw_stat/sepolicy/file_contexts b/umfw_stat/sepolicy/file_contexts
new file mode 100644
index 0000000..876ba67
--- /dev/null
+++ b/umfw_stat/sepolicy/file_contexts
@@ -0,0 +1,22 @@
+#
+# Copyright (C) 2023 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# UmfwStat security contexts.
+#
+
+/vendor/bin/dump/dump_umfw_stat     u:object_r:dump_umfw_stat_exec:s0
+/vendor/bin/umfw_stat_tool          u:object_r:vendor_umfw_stat_tool:s0
diff --git a/umfw_stat/umfw_stat.mk b/umfw_stat/umfw_stat.mk
new file mode 100644
index 0000000..102e63f
--- /dev/null
+++ b/umfw_stat/umfw_stat.mk
@@ -0,0 +1,27 @@
+#
+# Copyright (C) 2023 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# UmfwStat product makefile.
+#
+
+# Add UmfwStat product packages.
+PRODUCT_PACKAGES += dump_umfw_stat
+PRODUCT_PACKAGES += umfw_stat_tool
+
+# Add UmfwStat SELinx policy.
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/umfw_stat/sepolicy
+