From af3eaf0d20afcec549aab34fc0cde3376177fb71 Mon Sep 17 00:00:00 2001
From: Jin Qian <jinqian@google.com>
Date: Thu, 23 Mar 2017 12:28:20 -0700
Subject: [PATCH] storaged: allow shell to call dumpsys storaged

Test: adb kill-server && adb shell dumpsys storaged
Bug: 36492915
Change-Id: I3a1a2ad2f016ddd5770d585cae82c8be69001df9
---
 private/shell.te    | 3 +++
 private/storaged.te | 4 ++++
 2 files changed, 7 insertions(+)

diff --git a/private/shell.te b/private/shell.te
index aab0a15c3..c24bfd329 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -10,3 +10,6 @@ allow shell atrace_exec:file rx_file_perms;
 # Run app_process.
 # XXX Transition into its own domain?
 app_domain(shell)
+
+# allow shell to call dumpsys storaged
+binder_call(shell, storaged)
diff --git a/private/storaged.te b/private/storaged.te
index 3dbabf6f2..698999f51 100644
--- a/private/storaged.te
+++ b/private/storaged.te
@@ -21,6 +21,10 @@ userdebug_or_eng(`
   allow storaged debugfs_mmc:file r_file_perms;
 ')
 
+# Needed to provide debug dump output via dumpsys pipes.
+allow storaged shell:fd use;
+allow storaged shell:fifo_file write;
+
 # Binder permissions
 add_service(storaged, storaged_service)
 
-- 
GitLab