Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 973877dbc1298ee59dce08397ce8425580cbbbb5^! / .
commit973877dbc1298ee59dce08397ce8425580cbbbb5[log] [tgz]
authorNick Kralevich <nnk@google.com>Mon Oct 20 21:56:02 2014 -0700
committerNick Kralevich <nnk@google.com>Tue Oct 21 16:15:52 2014 +0000
treeaf4aa012f12521191fbfdd8063414a92ea99a65a
parentbeb279c7ea23abc77641e891a76e9bceb6f38883 [diff]
Allow adbd to write to /data/adb

adbd writes debugging information to /data/adb
when persist.adb.trace_mask is set. Allow it.

Bug: https://code.google.com/p/android/issues/detail?id=72895
Change-Id: Ia5af09045e9f72a95325b429c30a5ae78e104bdc
diff --git a/adbd.te b/adbd.te
index 9d3d30d..c21e703 100644
--- a/adbd.te
+++ b/adbd.te

@@ -60,6 +60,14 @@
 allow adbd adb_keys_file:dir search;
 allow adbd adb_keys_file:file r_file_perms;
 
+userdebug_or_eng(`
+  # Write debugging information to /data/adb
+  # when persist.adb.trace_mask is set
+  # https://code.google.com/p/android/issues/detail?id=72895
+  allow adbd adb_data_file:dir rw_dir_perms;
+  allow adbd adb_data_file:file create_file_perms;
+')
+
 # ndk-gdb invokes adb forward to forward the gdbserver socket.
 allow adbd app_data_file:dir search;
 allow adbd app_data_file:sock_file write;

diff --git a/file.te b/file.te
index cc11677..5c91cf0 100644
--- a/file.te
+++ b/file.te

@@ -52,6 +52,8 @@
 type install_data_file, file_type, data_file_type;
 # /data/drm - DRM plugin data
 type drm_data_file, file_type, data_file_type;
+# /data/adb - adb debugging files
+type adb_data_file, file_type, data_file_type;
 # /data/anr - ANR traces
 type anr_data_file, file_type, data_file_type, mlstrustedobject;
 # /data/tombstones - core dumps

diff --git a/file_contexts b/file_contexts
index 416d783..1d81cbf 100644
--- a/file_contexts
+++ b/file_contexts

@@ -189,6 +189,7 @@
 /data/resource-cache(/.*)? u:object_r:resourcecache_data_file:s0
 /data/dalvik-cache(/.*)? u:object_r:dalvikcache_data_file:s0
 /data/dalvik-cache/profiles(/.*)? u:object_r:dalvikcache_profiles_data_file:s0
+/data/adb(/.*)?		u:object_r:adb_data_file:s0
 /data/anr(/.*)?		u:object_r:anr_data_file:s0
 /data/app(/.*)?                       u:object_r:apk_data_file:s0
 /data/app/vmdl.*\.tmp(/.*)?           u:object_r:apk_tmp_file:s0