Revert "sepolicy: remove all remaining qtaguid stuff."
This reverts commit af08bd3aa81e801bb4dafa65a579183e2be685f4.
Reason for revert: Broke <device>-next-userdebug builds
Bug: 357439147
Change-Id: I094353bde91e71c5d92777f6d152ad193f039277
diff --git a/private/compat/202404/202404.cil b/private/compat/202404/202404.cil
index b6caa7c..869deb6 100644
--- a/private/compat/202404/202404.cil
+++ b/private/compat/202404/202404.cil
@@ -1,9 +1,3 @@
-;; types removed from current policy
-;; (technically qtaguid is useless since Android S, api=31)
-(type proc_qtaguid_ctrl)
-(type proc_qtaguid_stat)
-(type qtaguid_device)
-
;; This type may or may not already exist in vendor policy. Re-define it here (duplicate
;; definitions in CIL will be ignored) - so we can reference it in 202404.cil.
(type vendor_hidraw_device)
diff --git a/private/dumpstate.te b/private/dumpstate.te
index bdfd7a3..20341e4 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -403,6 +403,8 @@
proc_net_type
proc_pipe_conf
proc_pagetypeinfo
+ proc_qtaguid_ctrl
+ proc_qtaguid_stat
proc_slabinfo
proc_version
proc_vmallocinfo
diff --git a/private/file_contexts b/private/file_contexts
index 7a503eb..76f412a 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -219,6 +219,7 @@
/dev/video[0-9]* u:object_r:video_device:s0
/dev/vndbinder u:object_r:vndbinder_device:s0
/dev/watchdog u:object_r:watchdog_device:s0
+/dev/xt_qtaguid u:object_r:qtaguid_device:s0
/dev/zero u:object_r:zero_device:s0
/dev/__properties__ u:object_r:properties_device:s0
/dev/__properties__/appcompat_override u:object_r:properties_device:s0
diff --git a/private/genfs_contexts b/private/genfs_contexts
index 5b2aaf8..de2b139 100644
--- a/private/genfs_contexts
+++ b/private/genfs_contexts
@@ -27,6 +27,8 @@
genfscon proc /net u:object_r:proc_net:s0
genfscon proc /net/tcp u:object_r:proc_net_tcp_udp:s0
genfscon proc /net/udp u:object_r:proc_net_tcp_udp:s0
+genfscon proc /net/xt_qtaguid/ctrl u:object_r:proc_qtaguid_ctrl:s0
+genfscon proc /net/xt_qtaguid/ u:object_r:proc_qtaguid_stat:s0
genfscon proc /cpuinfo u:object_r:proc_cpuinfo:s0
genfscon proc /pagetypeinfo u:object_r:proc_pagetypeinfo:s0
genfscon proc /pressure/cpu u:object_r:proc_pressure_cpu:s0
diff --git a/private/init.te b/private/init.te
index cca5900..e4bafd8 100644
--- a/private/init.te
+++ b/private/init.te
@@ -557,8 +557,10 @@
proc_kmsg
proc_net
proc_pagetypeinfo
+ proc_qtaguid_stat
proc_slabinfo
proc_sysrq
+ proc_qtaguid_ctrl
proc_vmallocinfo
}:file setattr;
diff --git a/private/system_server.te b/private/system_server.te
index aff3cb6..1c9f732 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -1179,6 +1179,7 @@
r_dir_file(system_server, proc_asound)
r_dir_file(system_server, proc_net_type)
+r_dir_file(system_server, proc_qtaguid_stat)
allow system_server {
proc_cmdline
proc_loadavg