2021-02-25 11:02:53 +01:00
|
|
|
type system_suspend, domain, coredomain, system_suspend_server, system_suspend_internal_server;
|
2019-02-27 01:45:40 +01:00
|
|
|
|
|
|
|
type system_suspend_exec, system_file_type, exec_type, file_type;
|
|
|
|
init_daemon_domain(system_suspend)
|
|
|
|
|
2021-02-25 11:02:53 +01:00
|
|
|
# To serve ISuspendControlService.
|
2019-02-27 01:45:40 +01:00
|
|
|
binder_use(system_suspend)
|
|
|
|
add_service(system_suspend, system_suspend_control_service)
|
|
|
|
|
2021-07-20 17:13:38 +02:00
|
|
|
add_service(system_suspend, hal_system_suspend_service)
|
|
|
|
|
2019-02-27 01:45:40 +01:00
|
|
|
# Access to /sys/power/{ wakeup_count, state } suspend interface.
|
|
|
|
allow system_suspend sysfs_power:file rw_file_perms;
|
2019-02-07 22:29:39 +01:00
|
|
|
|
2020-10-16 09:22:44 +02:00
|
|
|
# Access to wakeup, suspend stats, and wakeup reasons.
|
2019-11-07 22:37:34 +01:00
|
|
|
r_dir_file(system_suspend, sysfs_suspend_stats)
|
|
|
|
r_dir_file(system_suspend, sysfs_wakeup)
|
2020-10-16 09:22:44 +02:00
|
|
|
r_dir_file(system_suspend, sysfs_wakeup_reasons)
|
2019-11-12 22:37:03 +01:00
|
|
|
# To resolve arbitrary sysfs paths from /sys/class/wakeup/* symlinks.
|
|
|
|
allow system_suspend sysfs_type:dir search;
|
2019-11-07 22:37:34 +01:00
|
|
|
|
2020-10-30 21:55:21 +01:00
|
|
|
# Access to suspend_hal system properties
|
|
|
|
get_prop(system_suspend, suspend_prop)
|
|
|
|
|
2020-10-14 21:49:20 +02:00
|
|
|
# To call BTAA registered callbacks
|
|
|
|
allow system_suspend bluetooth:binder call;
|
|
|
|
|
2020-11-24 01:03:55 +01:00
|
|
|
# For adding `dumpsys syspend_control` output to bugreport
|
|
|
|
allow system_suspend dumpstate:fd use;
|
|
|
|
allow system_suspend dumpstate:fifo_file write;
|
|
|
|
|
2022-12-14 22:02:50 +01:00
|
|
|
# Allow init to take kernel wakelock and system suspend to
|
|
|
|
# remove kenel wakelocks and the capability to access these
|
|
|
|
# files
|
|
|
|
allow init sysfs_wake_lock:file rw_file_perms;
|
|
|
|
allow init self:global_capability2_class_set block_suspend;
|
|
|
|
allow system_suspend sysfs_wake_lock:file rw_file_perms;
|
|
|
|
allow system_suspend self:global_capability2_class_set block_suspend;
|
|
|
|
|
2023-10-04 00:31:22 +02:00
|
|
|
# Allow init to set /sys/power/sync_on_suspend.
|
|
|
|
allow init sysfs_sync_on_suspend:file w_file_perms;
|
|
|
|
|
2019-02-07 22:29:39 +01:00
|
|
|
neverallow {
|
|
|
|
domain
|
|
|
|
-atrace # tracing
|
2020-10-14 02:31:01 +02:00
|
|
|
-bluetooth # support Bluetooth activity attribution (BTAA)
|
2019-02-07 22:29:39 +01:00
|
|
|
-dumpstate # bug reports
|
|
|
|
-system_suspend # implements system_suspend_control_service
|
|
|
|
-system_server # configures system_suspend via ISuspendControlService
|
|
|
|
-traceur_app # tracing
|
|
|
|
} system_suspend_control_service:service_manager find;
|