1type hal_dumpstate_impl, domain; 2hal_server_domain(hal_dumpstate_impl, hal_dumpstate) 3 4type hal_dumpstate_impl_exec, exec_type, vendor_file_type, file_type; 5init_daemon_domain(hal_dumpstate_impl) 6 7# Execute dump scripts from vendor partition 8allow hal_dumpstate_impl vendor_shell_exec:file rx_file_perms; 9allow hal_dumpstate_impl vendor_toolbox_exec:file rx_file_perms; 10 11# Allow to read pixel-trace trace file 12allow hal_dumpstate_impl debugfs_tracing_instances:dir search; 13allow hal_dumpstate_impl debugfs_tracing_instances:file r_file_perms; 14 15userdebug_or_eng(` 16 # smlog_dump 17 domain_auto_trans(hal_dumpstate_impl, smlog_dump_exec, smlog_dump) 18 allow hal_dumpstate_impl netmgr_data_file:dir r_dir_perms; 19 allow hal_dumpstate_impl netmgr_data_file:file r_file_perms; 20 allow hal_dumpstate_impl sysfs_usb_device:dir r_dir_perms; 21 allow hal_dumpstate_impl sysfs_usb_device:file r_file_perms; 22 allow hal_dumpstate_impl ssr_log_file:dir search; 23 allow hal_dumpstate_impl ssr_log_file:file r_file_perms; 24 allow hal_dumpstate_impl tcpdump_vendor_data_file:dir create_dir_perms; 25 allow hal_dumpstate_impl tcpdump_vendor_data_file:file create_file_perms; 26 27 set_prop(hal_dumpstate_impl, vendor_tcpdump_log_prop) 28 29 #Dump perfstatsd 30 allow hal_dumpstate_impl perfstatsd_exec:file rx_file_perms; 31 allow hal_dumpstate_impl perfstatsd_service:service_manager find; 32 binder_call(hal_dumpstate_impl, perfstatsd) 33 34 # Dump sensors log 35 allow hal_dumpstate_impl sensors_vendor_data_file:dir r_dir_perms; 36 allow hal_dumpstate_impl sensors_vendor_data_file:file r_file_perms; 37') 38 39# Citadel communication must be via citadeld 40vndbinder_use(hal_dumpstate_impl) 41binder_call(hal_dumpstate_impl, citadeld) 42allow hal_dumpstate_impl citadeld_service:service_manager find; 43 44allow hal_dumpstate_impl modem_dump_file:dir create_dir_perms; 45allow hal_dumpstate_impl modem_dump_file:file create_file_perms; 46allow hal_dumpstate_impl radio_vendor_data_file:dir r_dir_perms; 47allow hal_dumpstate_impl radio_vendor_data_file:file r_file_perms; 48 49set_prop(hal_dumpstate_impl, vendor_modem_diag_prop) 50 51# modem stat 52domain_auto_trans(hal_dumpstate_impl, modem_svc_exec, modem_svc) 53allow hal_dumpstate_impl modem_stat_data_file:file r_file_perms; 54 55allow hal_dumpstate_impl uio_device:chr_file rw_file_perms; 56r_dir_file(hal_dumpstate_impl, sysfs_uio) 57r_dir_file(hal_dumpstate_impl, sysfs_rmtfs) 58r_dir_file(hal_dumpstate_impl, sysfs_msm_subsys) 59r_dir_file(hal_dumpstate_impl, sysfs_soc) 60r_dir_file(hal_dumpstate_impl, sysfs_thermal) 61r_dir_file(hal_dumpstate_impl, sysfs_easel) 62 63allow hal_dumpstate_impl sysfs_rpm:file r_file_perms; 64allow hal_dumpstate_impl sysfs_system_sleep_stats:file r_file_perms; 65 66allow hal_dumpstate_impl debugfs_ion:dir r_dir_perms; 67allow hal_dumpstate_impl debugfs_ion:file r_file_perms; 68allow hal_dumpstate_impl debugfs_wlan:dir r_dir_perms; 69allow hal_dumpstate_impl debugfs_wlan:file r_file_perms; 70allow hal_dumpstate_impl debugfs_icnss:dir r_dir_perms; 71allow hal_dumpstate_impl debugfs_icnss:file r_file_perms; 72allow hal_dumpstate_impl debugfs_ipc:dir r_dir_perms; 73allow hal_dumpstate_impl debugfs_ipc:file r_file_perms; 74allow hal_dumpstate_impl debugfs_f2fs:dir r_dir_perms; 75allow hal_dumpstate_impl debugfs_f2fs:file r_file_perms; 76allow hal_dumpstate_impl debugfs_tzdbg:dir search; 77allow hal_dumpstate_impl debugfs_tzdbg:file r_file_perms; 78allow hal_dumpstate_impl debugfs_ufs:dir r_dir_perms; 79allow hal_dumpstate_impl debugfs_ufs:file r_file_perms; 80allow hal_dumpstate_impl debugfs_mmc:dir r_dir_perms; 81allow hal_dumpstate_impl debugfs_mmc:file r_file_perms; 82allow hal_dumpstate_impl sysfs_esim:file r_file_perms; 83allow hal_dumpstate_impl sysfs_mmc:dir r_dir_perms; 84allow hal_dumpstate_impl sysfs_mmc:file r_file_perms; 85allow hal_dumpstate_impl proc_stat:file r_file_perms; 86allow hal_dumpstate_impl proc_f2fs:dir r_dir_perms; 87allow hal_dumpstate_impl proc_f2fs:file r_file_perms; 88allow hal_dumpstate_impl block_device:dir r_dir_perms; 89 90# Access to files for dumping 91allow hal_dumpstate_impl sysfs:dir r_dir_perms; 92# usb logs 93allow hal_dumpstate_impl debugfs_usb:file r_file_perms; 94 95#Access display debug data 96allow hal_dumpstate_impl display_vendor_data_file:dir r_dir_perms; 97allow hal_dumpstate_impl display_vendor_data_file:file r_file_perms; 98 99# Access to touch firmware info 100allow hal_dumpstate_impl sysfs_touch:dir r_dir_perms; 101allow hal_dumpstate_impl sysfs_touch:file rw_file_perms; 102 103# Access to touch proc node 104allow hal_dumpstate_impl proc_touch:file rw_file_perms; 105 106# Access to WLC firmware info 107allow hal_dumpstate_impl sysfs_wlc:dir r_dir_perms; 108allow hal_dumpstate_impl sysfs_wlc:file r_file_perms; 109 110# Access to UFS info 111allow hal_dumpstate_impl sysfs_scsi_devices_0000:dir r_dir_perms; 112allow hal_dumpstate_impl sysfs_scsi_devices_0000:file r_file_perms; 113 114# Access to MPSS RFS info 115userdebug_or_eng(` 116allow hal_dumpstate_impl mpss_rfs_data_file:dir r_dir_perms; 117allow hal_dumpstate_impl mpss_rfs_data_file:file r_file_perms; 118') 119 120# For collecting bugreports. 121allow hal_dumpstate_impl debugfs_system_ion_heap:file r_file_perms; 122allow hal_dumpstate_impl shell_data_file:file getattr; 123allow hal_dumpstate_impl sysfs_system_sleep_stats:file r_file_perms; 124# For '/vendor/bin/sh -c getprop | grep vendor.sys.modem.diag' 125allow hal_dumpstate_impl vendor_file:file execute_no_trans; 126userdebug_or_eng(`allow hal_dumpstate_impl debugfs_dma_bufinfo:file r_file_perms;') 127dontaudit hal_dumpstate_impl debugfs_dma_bufinfo:file r_file_perms; 128 129#Dumpstats fastrpc buffer 130allow hal_dumpstate_impl sysfs_fastrpc:file r_file_perms; 131 132# Query and dump power supply nodes 133allow hal_dumpstate_impl sysfs_batteryinfo:dir search; 134allow hal_dumpstate_impl sysfs_batteryinfo:file r_file_perms; 135allow hal_dumpstate_impl sysfs_chargelevel:dir search; 136allow hal_dumpstate_impl sysfs_chargelevel:file r_file_perms; 137 138# Dump QCOM FG content 139allow hal_dumpstate_impl debugfs_fg_sram:dir search; 140allow hal_dumpstate_impl debugfs_fg_sram:file rw_file_perms; 141 142# Dump Maxim FG content 143allow hal_dumpstate_impl debugfs_maxfg:dir search; 144allow hal_dumpstate_impl debugfs_maxfg:file r_file_perms; 145 146# Dump PMIC data 147allow hal_dumpstate_impl debugfs_pmic:dir r_dir_perms; 148allow hal_dumpstate_impl debugfs_pmic:file r_file_perms; 149 150allow hal_dumpstate_impl dumpstate:fifo_file write; 151 152# Access to vendor logging property 153set_prop(hal_dumpstate_impl, vendor_logging_prop) 154 155dontaudit hal_dumpstate_impl sensors_vendor_data_file:dir r_dir_perms; 156dontaudit hal_dumpstate_impl sensors_vendor_data_file:file r_file_perms; 157dontaudit hal_dumpstate_impl binder_device:chr_file rw_file_perms; 158dontaudit hal_dumpstate_impl vndbinder_device:chr_file rw_file_perms; 159dontaudit hal_dumpstate_impl property_socket:sock_file rw_file_perms; 160dontaudit hal_dumpstate_impl netmgr_data_file:dir r_dir_perms; 161dontaudit hal_dumpstate_impl netmgr_data_file:file r_file_perms; 162dontaudit hal_dumpstate_impl vendor_tcpdump_log_prop:file rw_file_perms; 163dontaudit hal_dumpstate_impl sysfs_usb_device:dir r_dir_perms; 164dontaudit hal_dumpstate_impl sysfs_usb_device:file r_file_perms; 165dontaudit hal_dumpstate_impl ssr_log_file:dir search; 166dontaudit hal_dumpstate_impl ssr_log_file:file r_file_perms; 167dontaudit hal_dumpstate_impl tcpdump_vendor_data_file:dir create_dir_perms; 168dontaudit hal_dumpstate_impl tcpdump_vendor_data_file:file create_file_perms; 169dontaudit hal_dumpstate_impl perfstatsd_exec:file rx_file_perms; 170dontaudit hal_dumpstate_impl perfstatsd_service:service_manager find; 171dontaudit hal_dumpstate_impl mpss_rfs_data_file:dir r_dir_perms; 172dontaudit hal_dumpstate_impl mpss_rfs_data_file:file r_file_perms; 173