HAX: Enable access to diag on user builds

This should be temporary. Some components (radio and display, mostly) still rely on diag for logging, and its absence makes the whole subsystem spin and break things. Pending fixing those components, re-enable diag. Change-Id: Ic6badb3f89d08ef247455bc669392bea53c33bab
2014-11-28 20:19:00 +00:00
parent 43d959cbfb
commit 9c9e8b69b6
5 changed files with 12 additions and 9 deletions
--- a/common/diag.te
+++ b/common/diag.te
@@ -1,13 +1,15 @@
 type diag, domain;
 type diag_exec, exec_type, file_type;
-userdebug_or_eng(`
+# Our BSPs still use diag for logging on a ton of components.
+# Allow access in user builds for now.
+#userdebug_or_eng(`
  domain_auto_trans(shell, diag_exec, diag)
  domain_auto_trans(adbd, diag_exec, diag)
  file_type_auto_trans(diag, system_data_file, diag_data_file);
  allow diag diag_device:chr_file {ioctl read write open getattr};
  allow diag devpts:chr_file {ioctl read write open getattr};
  allow diag shell:fd {use};
-  allow diag su:fd {use};
+  #allow diag su:fd {use};
  allow diag cgroup:dir { create add_name };
  allow diag console_device:chr_file { read write };
  allow diag port:tcp_socket name_connect;
@@ -25,4 +27,4 @@ userdebug_or_eng(`
  allow diag persist_drm_file:file create_file_perms;
  # allow access to qseecom for drmdiagapp
  allow sectest tee_device:chr_file rw_file_perms;
-')
+#')
--- a/common/domain.te
+++ b/common/domain.te
@@ -1,6 +1,6 @@
-userdebug_or_eng(`
+#userdebug_or_eng(`
  allow domain diag_device:chr_file rw_file_perms;
-')
+#')

 r_dir_file(domain, sysfs_socinfo);
 r_dir_file(domain, sysfs_esoc);
--- a/common/mm-pp-daemon.te
+++ b/common/mm-pp-daemon.te
@@ -16,7 +16,8 @@ allow mm-pp-daemon persist_file:dir search;
 allow mm-pp-daemon display_config:file rw_file_perms;
 allow mm-pp-daemon system_prop:property_service set;
 #Calibration can only be done on userdebug or eng builds
-userdebug_or_eng(`
+#Enable on user builds too. This is causing mayhem for gfx
+#userdebug_or_eng(`
    # Display calibration service opens /dev/diag in order to communicate with the
    # target device
    allow mm-pp-daemon diag_device:chr_file rw_file_perms;
@@ -40,4 +41,4 @@ userdebug_or_eng(`
    # calibration
    allow mm-pp-daemon sysfs:file rw_file_perms;
    unix_socket_connect(mm-pp-daemon, property, init)
-')
+#')
--- a/common/rild.te
+++ b/common/rild.te
@@ -13,7 +13,7 @@ allow rild sysfs_ssr:lnk_file { read open };

 allow rild mediaserver:binder { transfer call };

-#allow rild diag_device:chr_file { open read write };
+allow rild diag_device:chr_file { open read write };
 allow rild rild_socket:chr_file { open read write };

 allow rild sysfs_ssr:dir r_dir_perms;
--- a/common/sensors.te
+++ b/common/sensors.te
@@ -50,5 +50,5 @@ allow sensors device_latency:chr_file w_file_perms;
 # Access to tests from userdebug/eng builds
 userdebug_or_eng(`
  domain_auto_trans(shell, sensors_exec, sensors)
-  allow sensors diag_device:chr_file rw_file_perms;
 ')
+allow sensors diag_device:chr_file rw_file_perms;