Merge "Allow incidentd to communicate with clients over pipes."

private/incidentd.te

@@ -151,6 +151,7 @@ neverallow {
   -dumpstate
   -incident
   -incidentd
+  -priv_app
   -statsd
   -system_app
   -system_server

private/priv_app.te

@@ -152,6 +152,12 @@ allow priv_app traced:fd use;
 allow priv_app traced_tmpfs:file { read write getattr map };
 unix_socket_connect(priv_app, traced_producer, traced)
 
+# Allow priv_apps to request and collect incident reports.
+# (Also requires DUMP and PACKAGE_USAGE_STATS permissions)
+allow priv_app incident_service:service_manager find;
+binder_call(priv_app, incidentd)
+allow priv_app incidentd:fifo_file { read write };
+
 # Allow heap profiling if the app opts in by being marked
 # profileable/debuggable.
 can_profile_heap(priv_app)

private/system_server.te

@@ -412,6 +412,10 @@ userdebug_or_eng(`
   allow system_server su:fifo_file append;
 ')
 
+# Allow system_server to read pipes from incidentd (used to deliver incident reports
+# to dropbox)
+allow system_server incidentd:fifo_file read;
+
 # Read /data/misc/incidents - only read. The fd will be sent over binder,
 # with no DAC access to it, for dropbox to read.
 allow system_server incident_data_file:file read;