From 5cbed955d3024605aef0fe6ec1fa8243f9145a0b Mon Sep 17 00:00:00 2001
From: Josh Gao <jmgao@google.com>
Date: Wed, 15 Feb 2017 15:50:42 -0800
Subject: [PATCH] crash_dump: allow appending to pipes.

Bug: http://b/34978531
Bug: http://b/35209835
Test: debuggerd -b `pidof zygote`
Change-Id: I0611cd4f8d4893740ef8787df09d296b2f7ed97f
---
 public/crash_dump.te | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/public/crash_dump.te b/public/crash_dump.te
index a4e903b6c..a0e278a13 100644
--- a/public/crash_dump.te
+++ b/public/crash_dump.te
@@ -19,7 +19,10 @@ userdebug_or_eng(`
 
 # Use inherited file descriptors
 allow crash_dump domain:fd use;
-allow crash_dump domain:fifo_file write;
+
+# Write to the IPC pipe inherited from crashing processes.
+# Append to pipes given to us by processes requesting dumps (e.g. dumpstate)
+allow crash_dump domain:fifo_file { write append };
 
 r_dir_file(crash_dump, domain)
 allow crash_dump exec_type:file r_file_perms;
-- 
GitLab