From 07931872beba6931ef44ab971849c1a7fbd1fdd6 Mon Sep 17 00:00:00 2001
From: Arne Coucheron <arco68@gmail.com>
Date: Tue, 15 Dec 2020 00:53:55 +0100
Subject: [PATCH] msm8974-common: sepolicy: Resolve last_kmsg denials

Change-Id: Ib6a00d0c14eb03f1e16b24471736a0b84371152c
---
 sepolicy/common/file.te          | 1 +
 sepolicy/common/genfs_contexts   | 1 +
 sepolicy/common/init.te          | 1 +
 sepolicy/common/system_server.te | 2 ++
 4 files changed, 5 insertions(+)

diff --git a/sepolicy/common/file.te b/sepolicy/common/file.te
index 0886d23..9691ce6 100644
--- a/sepolicy/common/file.te
+++ b/sepolicy/common/file.te
@@ -1,6 +1,7 @@
 type alarm_device, dev_type, mlstrustedobject;
 
 type proc_bt_sleep, fs_type, proc_type;
+type proc_last_kmsg, fs_type, proc_type;
 
 type sysfs_camera, fs_type, sysfs_type;
 type sysfs_hal_pwr, fs_type, sysfs_type;
diff --git a/sepolicy/common/genfs_contexts b/sepolicy/common/genfs_contexts
index f74675b..d272c46 100644
--- a/sepolicy/common/genfs_contexts
+++ b/sepolicy/common/genfs_contexts
@@ -1 +1,2 @@
 genfscon proc /bluetooth/sleep u:object_r:proc_bt_sleep:s0
+genfscon proc /last_kmsg u:object_r:proc_last_kmsg:s0
diff --git a/sepolicy/common/init.te b/sepolicy/common/init.te
index 27cde41..0f407b3 100644
--- a/sepolicy/common/init.te
+++ b/sepolicy/common/init.te
@@ -1 +1,2 @@
 allow init efs_file:dir mounton;
+allow init proc_last_kmsg:file { r_file_perms setattr };
diff --git a/sepolicy/common/system_server.te b/sepolicy/common/system_server.te
index edeb857..2c66830 100644
--- a/sepolicy/common/system_server.te
+++ b/sepolicy/common/system_server.te
@@ -8,5 +8,7 @@ allow system_server {
     qti_debugfs
 }:file r_file_perms;
 
+allow system_server proc_last_kmsg:file r_file_perms;
+
 get_prop(system_server, userspace_reboot_config_prop);
 get_prop(system_server, userspace_reboot_exported_prop);