Add umfw_stat_dump
Bug: 272323547
Test: Verified UmfwStat tables are dumped in bug report.
Change-Id: Ib21c380cd25787ccd8b72f4f7a347e8d28bd4f16
diff --git a/umfw_stat/sepolicy/dump_umfw_stat.te b/umfw_stat/sepolicy/dump_umfw_stat.te
new file mode 100644
index 0000000..dac2d25
--- /dev/null
+++ b/umfw_stat/sepolicy/dump_umfw_stat.te
@@ -0,0 +1,27 @@
+#
+# Copyright (C) 2023 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# UmfwStat dump tool type enforcing file.
+#
+
+pixel_bugreport(dump_umfw_stat)
+allow dump_umfw_stat aoc_device:chr_file rw_file_perms;
+allow dump_umfw_stat device:dir r_dir_perms;
+allow dump_umfw_stat vendor_shell_exec:file execute_no_trans;
+allow dump_umfw_stat vendor_umfw_stat_tool:file execute_no_trans;
+allow dump_umfw_stat vendor_toolbox_exec:file execute_no_trans;
+
diff --git a/umfw_stat/sepolicy/file.te b/umfw_stat/sepolicy/file.te
new file mode 100644
index 0000000..239ce5a
--- /dev/null
+++ b/umfw_stat/sepolicy/file.te
@@ -0,0 +1,21 @@
+#
+# Copyright (C) 2023 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# UmfwStat type enforcing file.
+#
+
+type vendor_umfw_stat_tool, vendor_file_type, file_type;
diff --git a/umfw_stat/sepolicy/file_contexts b/umfw_stat/sepolicy/file_contexts
new file mode 100644
index 0000000..876ba67
--- /dev/null
+++ b/umfw_stat/sepolicy/file_contexts
@@ -0,0 +1,22 @@
+#
+# Copyright (C) 2023 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+
+#
+# UmfwStat security contexts.
+#
+
+/vendor/bin/dump/dump_umfw_stat u:object_r:dump_umfw_stat_exec:s0
+/vendor/bin/umfw_stat_tool u:object_r:vendor_umfw_stat_tool:s0