Merge "add sepolicy rules for bluetooth common hal dumpstate" into main
diff --git a/bluetooth/dump/dumplog.mk b/bluetooth/dump/dumplog.mk
index d47d4ec..51c3b3c 100644
--- a/bluetooth/dump/dumplog.mk
+++ b/bluetooth/dump/dumplog.mk
@@ -1 +1,3 @@
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/bluetooth/dump/sepolicy/
+
PRODUCT_PACKAGES_DEBUG += dump_bt
diff --git a/bluetooth/dump/sepolicy/dump.te b/bluetooth/dump/sepolicy/dump.te
new file mode 100644
index 0000000..fdd123e
--- /dev/null
+++ b/bluetooth/dump/sepolicy/dump.te
@@ -0,0 +1,12 @@
+# pixel bluetooth common hal service
+pixel_bugreport(dump_bt)
+
+allow hal_dumpstate_default vendor_bt_data_file:dir { open read search };
+allow hal_dumpstate_default vendor_bt_data_file:file read;
+allow dump_bt radio_vendor_data_file:dir create_dir_perms;
+allow dump_bt radio_vendor_data_file:file create_file_perms;
+allow dump_bt vendor_bt_data_file:dir r_dir_perms;
+allow dump_bt vendor_bt_data_file:file r_file_perms;
+allow dump_bt sscoredump_vendor_data_crashinfo_file:dir search;
+allow dump_bt sscoredump_vendor_data_coredump_file:dir r_dir_perms;
+allow dump_bt sscoredump_vendor_data_coredump_file:file r_file_perms;
diff --git a/bluetooth/dump/sepolicy/file_contexts b/bluetooth/dump/sepolicy/file_contexts
new file mode 100644
index 0000000..da28d10
--- /dev/null
+++ b/bluetooth/dump/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+# bt common hal dump_bt service
+/vendor/bin/dump/dump_bt u:object_r:dump_bt_exec:s0