From 34d32ea1647655ee8dbf4faa19992a8a625c40d9 Mon Sep 17 00:00:00 2001 From: Mark Salyzyn <salyzyn@google.com> Date: Mon, 15 Dec 2014 12:01:35 -0800 Subject: [PATCH] selinux: add pstore Used to record the Android log messages, then on reboot provide a means to triage user-space actitivies leading up to a panic. A companion to the pstore console logs. Change-Id: I9b94ee3d5e94e0c4590ba8453b4ac1ebdfc7603f --- device.te | 1 + file_contexts | 1 + shell.te | 5 ++++- te_macros | 1 + 4 files changed, 7 insertions(+), 1 deletion(-) diff --git a/device.te b/device.te index 20e95a5da..9ff30d5bc 100644 --- a/device.te +++ b/device.te @@ -9,6 +9,7 @@ type block_device, dev_type; type camera_device, dev_type; type dm_device, dev_type; type loop_device, dev_type; +type pmsg_device, dev_type, mlstrustedobject; type radio_device, dev_type; type ram_device, dev_type; type vold_device, dev_type; diff --git a/file_contexts b/file_contexts index a7337593c..04fa4c729 100644 --- a/file_contexts +++ b/file_contexts @@ -66,6 +66,7 @@ /dev/mpuirq u:object_r:gps_device:s0 /dev/mtd(/.*)? u:object_r:mtd_device:s0 /dev/mtp_usb u:object_r:mtp_device:s0 +/dev/pmsg0 u:object_r:pmsg_device:s0 /dev/pn544 u:object_r:nfc_device:s0 /dev/ppp u:object_r:ppp_device:s0 /dev/ptmx u:object_r:ptmx_device:s0 diff --git a/shell.te b/shell.te index 3e30adc85..a69d47561 100644 --- a/shell.te +++ b/shell.te @@ -9,9 +9,12 @@ net_domain(shell) # XXX Transition into its own domain? app_domain(shell) -# logd access +# logcat read_logd(shell) control_logd(shell) +# logcat -L (directly, or via dumpstate) +allow shell pstorefs:dir search; +allow shell pstorefs:file r_file_perms; # read files in /data/anr allow shell anr_data_file:dir r_dir_perms; diff --git a/te_macros b/te_macros index 016333eba..b665f3ff0 100644 --- a/te_macros +++ b/te_macros @@ -328,6 +328,7 @@ userdebug_or_eng(` allow $1 logd_debug:file w_file_perms; ') unix_socket_send($1, logdw, logd) +allow $1 pmsg_device:chr_file w_file_perms; ') ##################################### -- GitLab