From 035fcc46ccf5ae864e9a30888faf7c2822ea77e1 Mon Sep 17 00:00:00 2001
From: Calin Juravle <calin@google.com>
Date: Thu, 3 May 2018 20:14:51 -0700
Subject: [PATCH] Allow system server to record its own profile

On userdebug builds we can now profile system server without disabling
selinux. This is the final piece, and allows the system server to save its
own profile.

Test: manual, on a device with system server profiling enabled
Bug: 73313191

(cherry picked from commit 71d8467b75c8bf46352f59c88c3e1c2db32197ae)

Change-Id: I93e7e01bfbd3146a8cfd26a1f6e88b640e9c4e0f
---
 prebuilts/api/28.0/private/system_server.te | 7 ++++++-
 private/system_server.te                    | 7 ++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/prebuilts/api/28.0/private/system_server.te b/prebuilts/api/28.0/private/system_server.te
index 9830bd6a9..f3c154d0c 100644
--- a/prebuilts/api/28.0/private/system_server.te
+++ b/prebuilts/api/28.0/private/system_server.te
@@ -770,9 +770,14 @@ allow system_server netd:bpf map_read;
 # Allow system_server to open profile snapshots for read.
 # System server never reads the actual content. It passes the descriptor to
 # to privileged apps which acquire the permissions to inspect the profiles.
-allow system_server user_profile_data_file:dir { search };
+allow system_server user_profile_data_file:dir { getattr search };
 allow system_server user_profile_data_file:file { getattr open read };
 
+# On userdebug build we may profile system server. Allow it to write and create its own profile.
+userdebug_or_eng(`
+  allow system_server user_profile_data_file:file create_file_perms;
+')
+
 userdebug_or_eng(`
   # Allow system server to notify mediaextractor of the plugin update.
   allow system_server mediaextractor_update_service:service_manager find;
diff --git a/private/system_server.te b/private/system_server.te
index 5c2335e7f..7e2f26654 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -772,9 +772,14 @@ allow system_server netd:bpf map_read;
 # Allow system_server to open profile snapshots for read.
 # System server never reads the actual content. It passes the descriptor to
 # to privileged apps which acquire the permissions to inspect the profiles.
-allow system_server user_profile_data_file:dir { search };
+allow system_server user_profile_data_file:dir { getattr search };
 allow system_server user_profile_data_file:file { getattr open read };
 
+# On userdebug build we may profile system server. Allow it to write and create its own profile.
+userdebug_or_eng(`
+  allow system_server user_profile_data_file:file create_file_perms;
+')
+
 userdebug_or_eng(`
   # Allow system server to notify mediaextractor of the plugin update.
   allow system_server mediaextractor_update_service:service_manager find;