commit 589bb6f36900946003beea7516f64516e0614de4
author Yifan Hong <elsk@google.com> Mon Feb 03 17:01:49 2020 -0800
committer Yifan Hong <elsk@google.com> Tue Feb 04 10:09:24 2020 -0800
tree 1c7bf1a9885fc42791f3099cb361d53ecba677f5
parent 28dd9a1d5374a7341d5af2a2b09a8b8c4c075237

snapshotctl better logging

Test: snapshotctl merge --log-to-file
Bug: 148818798
Change-Id: I0e9c8ebb6632a56670a566f7a541e52e0bd24b08

private/compat/29.0/29.0.ignore.cil

diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 149c6ee..cfd0c77 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil
@@ -70,6 +70,7 @@
     rebootescrow_hal_prop
     service_manager_service
     simpleperf
+    snapshotctl_log_data_file
     soundtrigger_middleware_service
     sysfs_dm_verity
     system_config_service

private/file_contexts

diff --git a/private/file_contexts b/private/file_contexts
index be1453a..e3dad7b 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -543,6 +543,7 @@
 /data/misc/recovery(/.*)?       u:object_r:recovery_data_file:s0
 /data/misc/shared_relro(/.*)?   u:object_r:shared_relro_file:s0
 /data/misc/sms(/.*)?            u:object_r:radio_data_file:s0
+/data/misc/snapshotctl_log(/.*)?      u:object_r:snapshotctl_log_data_file:s0
 /data/misc/stats-active-metric(/.*)? u:object_r:stats_data_file:s0
 /data/misc/stats-data(/.*)?     u:object_r:stats_data_file:s0
 /data/misc/stats-service(/.*)?  u:object_r:stats_data_file:s0

private/snapshotctl.te

diff --git a/private/snapshotctl.te b/private/snapshotctl.te
index 0f0313c..5127803 100644
--- a/private/snapshotctl.te
+++ b/private/snapshotctl.te
@@ -34,3 +34,7 @@
 # Snapshotctl talk to boot control HAL to set merge status.
 hwbinder_use(snapshotctl)
 hal_client_domain(snapshotctl, hal_bootctl)
+
+# Logging
+allow snapshotctl snapshotctl_log_data_file:dir rw_dir_perms;
+allow snapshotctl snapshotctl_log_data_file:file create_file_perms;

public/dumpstate.te

diff --git a/public/dumpstate.te b/public/dumpstate.te
index 824be5d..f01b1dd 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te
@@ -314,6 +314,10 @@
 # Allow dumpstate to kill vendor dumpstate service by init
 set_prop(dumpstate, ctl_dumpstate_prop)
 
+#Access /data/misc/snapshotctl_log
+allow dumpstate snapshotctl_log_data_file:dir r_dir_perms;
+allow dumpstate snapshotctl_log_data_file:file r_file_perms;
+
 ###
 ### neverallow rules
 ###

public/file.te

diff --git a/public/file.te b/public/file.te
index b2909ff..adb5766 100644
--- a/public/file.te
+++ b/public/file.te
@@ -368,6 +368,7 @@
 type radio_data_file, file_type, data_file_type, core_data_file_type, mlstrustedobject;
 type recovery_data_file, file_type, data_file_type, core_data_file_type;
 type shared_relro_file, file_type, data_file_type, core_data_file_type;
+type snapshotctl_log_data_file, file_type, data_file_type, core_data_file_type;
 type stats_data_file, file_type, data_file_type, core_data_file_type;
 type systemkeys_data_file, file_type, data_file_type, core_data_file_type;
 type textclassifier_data_file, file_type, data_file_type, core_data_file_type;