From a34781ae1578302f2b9b6c9cd109453448db6279 Mon Sep 17 00:00:00 2001
From: Narayan Kamath <narayan@google.com>
Date: Tue, 30 May 2017 17:52:46 +0100
Subject: [PATCH] SEPolicy: Allow app / system_server to write to dumpstate
 pipes.

tombstoned allows dumpstate to install "intercepts" to java trace
requests for a given process. When an "intercept" is installed, all
trace output is redirected to a pipe provided by dumpstate instead
of the default location (usually in /data/anr or /data/tombstone).

Note that these processes are already granted "write" and "getattr"
on dumpstate:fifo_file in order to communicate with dumpstate; this
change adds "append" to the existing set of permissions.

Bug: 32064548
Test: manual
Change-Id: Iccbd78c59071252fef318589f3e55ece51a3c64c
---
 private/app.te           | 6 +++++-
 private/system_server.te | 4 +++-
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/private/app.te b/private/app.te
index d65fea4ee..c87bd84f6 100644
--- a/private/app.te
+++ b/private/app.te
@@ -121,9 +121,13 @@ allow appdomain anr_data_file:file { open append };
 # domain socket.
 #
 # Allow apps to connect and write to the tombstoned java trace socket in
-# order to dump their traces.
+# order to dump their traces. Also allow them to append traces to pipes
+# created by dumptrace. (Also see the rules below where they are given
+# additional permissions to dumpstate pipes for other aspects of bug report
+# creation).
 unix_socket_connect(appdomain, tombstoned_java_trace, tombstoned)
 allow appdomain tombstoned:fd use;
+allow appdomain dumpstate:fifo_file append;
 
 # Allow apps to send dump information to dumpstate
 allow appdomain dumpstate:fd use;
diff --git a/private/system_server.te b/private/system_server.te
index d12671b59..849ce0a69 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -315,9 +315,11 @@ allow system_server anr_data_file:file create_file_perms;
 # domain socket.
 #
 # Allow system_server to connect and write to the tombstoned java trace socket in
-# order to dump its traces.
+# order to dump its traces. Also allow the system server to write its traces to
+# dumpstate during bugreport capture.
 unix_socket_connect(system_server, tombstoned_java_trace, tombstoned)
 allow system_server tombstoned:fd use;
+allow system_server dumpstate:fifo_file append;
 
 # Read /data/misc/incidents - only read. The fd will be sent over binder,
 # with no DAC access to it, for dropbox to read.
-- 
GitLab