Ensure taking a bugreport generates no denials. This commit adds new SELinux permissions and neverallow rules so that taking a bugreport does not produce any denials. Bug: 73256908 Test: Captured bugreports on Sailfish and Walleye and verified that there were no denials. Merged-In: If3f2093a2b51934938e3d7e5c42036b2e2bf6de9 Change-Id: I10882e7adda0bb51bf373e0e62fda0acc8ad34eb

commit: 03ff9f91c148e51e18b3bdf81d2aa52dfb171067 [log] [tgz]
author: Joel Galenson <jgalenson@google.com> Wed Feb 14 14:32:38 2018 -0800
committer: Joel Galenson <jgalenson@google.com> Mon Mar 05 12:23:25 2018 -0800
tree: 81b70702f3e130cf260ce53c79f60b1d0553734c
parent: 1d4015457555bc645d2efa3f21deb3fb36302441 [diff] [blame]
diff --git a/private/storaged.te b/private/storaged.te
index a1e6802..7fe6286 100644
--- a/private/storaged.te
+++ b/private/storaged.te

@@ -53,6 +53,9 @@
 # running as root. See b/35323867 #3.
 dontaudit storaged self:global_capability_class_set dac_override;
 
+# For collecting bugreports.
+allow storaged dumpstate:fifo_file write;
+
 ###
 ### neverallow
 ###
commit	03ff9f91c148e51e18b3bdf81d2aa52dfb171067	[log] [tgz]
author	Joel Galenson <jgalenson@google.com>	Wed Feb 14 14:32:38 2018 -0800
committer	Joel Galenson <jgalenson@google.com>	Mon Mar 05 12:23:25 2018 -0800
tree	81b70702f3e130cf260ce53c79f60b1d0553734c
parent	1d4015457555bc645d2efa3f21deb3fb36302441 [diff] [blame]