From 1d7f89fa18472e660fede8bd51d6ee96f57c323a Mon Sep 17 00:00:00 2001
From: Bruno Martins <bgcngm@gmail.com>
Date: Sun, 24 Dec 2017 00:54:36 +0000
Subject: msm8996-common: sepolicy: Add debug rules for rmt_storage

Change-Id: Ie0c94ac657127b1653afbbb82b06789dfe34032d
---
 sepolicy/file.te        | 1 +
 sepolicy/genfs_contexts | 4 +---
 sepolicy/rmt_storage.te | 6 +++++-
 3 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/sepolicy/file.te b/sepolicy/file.te
index 0039865..86b1097 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -1,3 +1,4 @@
+type debugfs_rmt, debugfs_type, fs_type;
 type fpc_data_file, data_file_type, file_type;
 type nv_data_file, file_type, data_file_type;
 type sysfs_fpc_irq, sysfs_type, fs_type;
diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts
index 3ffc13b..aa1c304 100644
--- a/sepolicy/genfs_contexts
+++ b/sepolicy/genfs_contexts
@@ -1,3 +1 @@
-genfscon debugfs /rmt_storage/rmts     u:object_r:qti_debugfs:s0
-
-genfscon debugfs /msm_core             u:object_r:qti_debugfs:s0 
+genfscon debugfs /rmt_storage          u:object_r:debugfs_rmt:s0
diff --git a/sepolicy/rmt_storage.te b/sepolicy/rmt_storage.te
index 5e6c045..3f531cb 100644
--- a/sepolicy/rmt_storage.te
+++ b/sepolicy/rmt_storage.te
@@ -1 +1,5 @@
-allow rmt_storage rmt_storage:capability sys_admin;
+# debugfs access
+userdebug_or_eng(`
+  allow rmt_storage debugfs_rmt:dir search;
+  allow rmt_storage debugfs_rmt:file rw_file_perms;
+')
-- 
cgit v1.2.3