commit 68d67a0fd16f5167506429b3a8c14434943da264
author Mark Salyzyn <salyzyn@google.com> Mon Jun 06 12:18:46 2016 -0700
committer Mark Salyzyn <salyzyn@google.com> Tue Jun 07 11:01:23 2016 -0700
tree 570a9fe8c1a6d9718a9cd277b8fd53ee8b68229d
parent 38ac77e4c2b3c3212446de2f5ccc42a4311e65fc

logpersist: reserve persist.logd.logpersistd

shell, system_app and logd access granted on debug builds only

Bug: 28936216
Change-Id: Ib9648e8565cc0ea0077cf0950b0e4ac6fe0a3135

logd.te

diff --git a/logd.te b/logd.te
index 97bbd8b..bc97a37 100644
--- a/logd.te
+++ b/logd.te
@@ -28,6 +28,7 @@
 
 # Access device logging gating property
 get_prop(logd, device_logging_prop)
+userdebug_or_eng(`get_prop(logd, logpersistd_logging_prop)')
 
 r_dir_file(logd, domain)
 

property.te

diff --git a/property.te b/property.te
index 26d15ff..6d3ba4f 100644
--- a/property.te
+++ b/property.te
@@ -23,6 +23,7 @@
 type ctl_console_prop, property_type;
 type audio_prop, property_type, core_property_type;
 type logd_prop, property_type, core_property_type;
+type logpersistd_logging_prop, property_type;
 type mmc_prop, property_type;
 type restorecon_prop, property_type, core_property_type;
 type security_prop, property_type, core_property_type;

property_contexts

diff --git a/property_contexts b/property_contexts
index 06e9cc8..d48473b 100644
--- a/property_contexts
+++ b/property_contexts
@@ -42,6 +42,7 @@
 persist.debug.          u:object_r:persist_debug_prop:s0
 persist.logd.           u:object_r:logd_prop:s0
 persist.logd.security   u:object_r:device_logging_prop:s0
+persist.logd.logpersistd        u:object_r:logpersistd_logging_prop:s0
 persist.log.tag         u:object_r:logd_prop:s0
 persist.mmc.            u:object_r:mmc_prop:s0
 persist.sys.            u:object_r:system_prop:s0

shell.te

diff --git a/shell.te b/shell.te
index 610ed3f..c263f0c 100644
--- a/shell.te
+++ b/shell.te
@@ -63,6 +63,7 @@
 set_prop(shell, dumpstate_prop)
 set_prop(shell, debug_prop)
 set_prop(shell, powerctl_prop)
+userdebug_or_eng(`set_prop(shell, logpersistd_logging_prop)')
 
 # systrace support - allow atrace to run
 allow shell debugfs_tracing:dir r_dir_perms;

system_app.te

diff --git a/system_app.te b/system_app.te
index 355f6d4..4c9c136 100644
--- a/system_app.te
+++ b/system_app.te
@@ -29,6 +29,7 @@
 set_prop(system_app, logd_prop)
 set_prop(system_app, net_radio_prop)
 set_prop(system_app, system_radio_prop)
+userdebug_or_eng(`set_prop(system_app, logpersistd_logging_prop)')
 auditallow system_app net_radio_prop:property_service set;
 auditallow system_app system_radio_prop:property_service set;