From 914a7fb95ac43d237fb97ca9a11cf3a4111828f6 Mon Sep 17 00:00:00 2001
From: Josh Gao <jmgao@google.com>
Date: Wed, 27 Sep 2017 16:16:19 -0700
Subject: [PATCH] crash_dump: allow reading from pipes.

Bug: http://b/63989615
Test: mma
Change-Id: I41506ecb0400867230502181c1aad7e51ce16d70
---
 public/crash_dump.te | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/public/crash_dump.te b/public/crash_dump.te
index d70b15065..74bff8060 100644
--- a/public/crash_dump.te
+++ b/public/crash_dump.te
@@ -23,9 +23,11 @@ userdebug_or_eng(`
 # Use inherited file descriptors
 allow crash_dump domain:fd use;
 
-# Write to the IPC pipe inherited from crashing processes.
+# Read/write IPC pipes inherited from crashing processes.
+allow crash_dump domain:fifo_file { read write };
+
 # Append to pipes given to us by processes requesting dumps (e.g. dumpstate)
-allow crash_dump domain:fifo_file { write append };
+allow crash_dump domain:fifo_file { append };
 
 r_dir_file(crash_dump, domain)
 allow crash_dump exec_type:file r_file_perms;
-- 
GitLab