From 3458ec135e9c5bcb07b6768cc0f8a0ba2b188fa1 Mon Sep 17 00:00:00 2001
From: Josh Gao <jmgao@google.com>
Date: Tue, 28 Mar 2017 13:09:37 -0700
Subject: [PATCH] Add /dev/kmsg_debug.

Add /dev/kmsg_debug on userdebug devices, to allow crash_dump to log
crashes to dmesg when logd isn't up yet (or is the one crashing).

(Originally commited in a015186fab804b4cc8f7d26221451b5340db11ce)
Bug: 36574794
Bug: 62101480
Test: Builds and boots.
Change-Id: I249e11291c58fee77098dec3fd3271ea23363ac9
---
 prebuilts/api/26.0/26.0.ignore.cil | 5 +++++
 private/file_contexts              | 1 +
 public/crash_dump.te               | 3 +++
 public/device.te                   | 1 +
 public/init.te                     | 4 ++++
 5 files changed, 14 insertions(+)
 create mode 100644 prebuilts/api/26.0/26.0.ignore.cil

diff --git a/prebuilts/api/26.0/26.0.ignore.cil b/prebuilts/api/26.0/26.0.ignore.cil
new file mode 100644
index 000000000..990c3ff72
--- /dev/null
+++ b/prebuilts/api/26.0/26.0.ignore.cil
@@ -0,0 +1,5 @@
+;; new_objects - a collection of types that have been introduced that have no
+;;   analogue in older policy.  Thus, we do not need to map these types to
+;;   previous ones.  Add here to pass checkapi tests.
+(typeattribute new_objects)
+(typeattributeset new_objects (kmsg_debug_device))
diff --git a/private/file_contexts b/private/file_contexts
index 40b66cd9c..85080b567 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -107,6 +107,7 @@
 /dev/ptmx		u:object_r:ptmx_device:s0
 /dev/pvrsrvkm		u:object_r:gpu_device:s0
 /dev/kmsg		u:object_r:kmsg_device:s0
+/dev/kmsg_debug	u:object_r:kmsg_debug_device:s0
 /dev/null		u:object_r:null_device:s0
 /dev/nvhdcp1		u:object_r:video_device:s0
 /dev/random		u:object_r:random_device:s0
diff --git a/public/crash_dump.te b/public/crash_dump.te
index ee617a171..c101b34d6 100644
--- a/public/crash_dump.te
+++ b/public/crash_dump.te
@@ -15,6 +15,9 @@ dontaudit crash_dump self:capability { sys_ptrace };
 
 userdebug_or_eng(`
   allow crash_dump logd:process { ptrace signal sigchld sigstop sigkill };
+
+  # Let crash_dump write to /dev/kmsg_debug crashes that happen before logd comes up.
+  allow crash_dump kmsg_debug_device:chr_file { open append };
 ')
 
 # Use inherited file descriptors
diff --git a/public/device.te b/public/device.te
index 15799b89a..9fedc184c 100644
--- a/public/device.te
+++ b/public/device.te
@@ -37,6 +37,7 @@ type mtp_device, dev_type, mlstrustedobject;
 type nfc_device, dev_type;
 type ptmx_device, dev_type, mlstrustedobject;
 type kmsg_device, dev_type;
+type kmsg_debug_device, dev_type;
 type null_device, dev_type, mlstrustedobject;
 type random_device, dev_type, mlstrustedobject;
 type sensors_device, dev_type;
diff --git a/public/init.te b/public/init.te
index 01d308afd..2271618d4 100644
--- a/public/init.te
+++ b/public/init.te
@@ -13,6 +13,10 @@ allow init tmpfs:chr_file { create setattr unlink rw_file_perms };
 # /dev/kmsg
 allow init tmpfs:chr_file relabelfrom;
 allow init kmsg_device:chr_file { write relabelto };
+# /dev/kmsg_debug
+userdebug_or_eng(`
+  allow init kmsg_debug_device:chr_file { write relabelto };
+')
 # /dev/__properties__
 allow init properties_device:dir relabelto;
 allow init properties_serial:file { write relabelto };