tequilaOS/platform_system_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_system_sepolicy/public/healthd.te

61 lines
1.8 KiB
Text
Raw Normal View History

healthd: create SEPolicy for 'charger' and reduce healthd's scope healthd is being split into 'charger' and 'healthd' processes, that will never run together. 'charger' is to be run only in charge-only and recovery, while healthd runs with Android. While they both share much of battery monitoring code, they both now have reduced scope. E.g. 'charger', doesn't need to use binder anymore and healthd doesn't need to do charging ui animation. So, amend the SEPolicy for healthd to reduce it's scope and add a new one for charger. Test: Tested all modes {recovery, charger-only, android} with new policy Change-Id: If7f81875c605f7f07da4d23a313f308b9dde9ce8 Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit c73d0022ade4855ab72849e1fe97856c737fdcef)
2016-11-01 21:49:10 +01:00
# healthd - battery/charger monitoring service daemon
type healthd, domain;
type healthd_exec, exec_type, file_type;
healthd: add sepolicy Change-Id: Ic0351c69d67aa3a6f71f505408c53d642626ebb4
2013-06-03 23:09:54 +02:00
Allow /dev/klog access, drop mknod and __null__ access Allow vold, healthd, slideshow, and watchdogd access to /dev/kmsg. These processes log to the kernel dmesg ring buffer, so they need write access to that file. Addresses the following denials: avc: denied { write } for pid=134 comm="watchdogd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:watchdogd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 avc: denied { write } for pid=166 comm="healthd" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:healthd:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 avc: denied { write } for pid=180 comm="vold" name="kmsg" dev="tmpfs" ino=9248 scontext=u:r:vold:s0 tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0 These denials were triggered by the change in https://android-review.googlesource.com/151209 . Prior to that change, any code which called klog_init would (unnecessarily) create the device node themselves, rather than using the already existing device node. Drop special /dev/__null__ handling from watchdogd. As of https://android-review.googlesource.com/148288 , watchdogd no longer creates it's own /dev/null device, so it's unnecessary for us to allow for it. Drop mknod from healthd, slideshow, and watchdogd. healthd and slideshow only needed mknod to create /dev/__kmsg__, which is now obsolete. watchdogd only needed mknod to create /dev/__kmsg__ and /dev/__null__, which again is now obsolete. Bug: 21242418 Change-Id: If01c8001084575e7441253f0fa8b4179ae33f534
2015-06-06 16:42:37 +02:00
# Write to /dev/kmsg
allow healthd kmsg_device:chr_file rw_file_perms;
healthd: add sepolicy Change-Id: Ic0351c69d67aa3a6f71f505408c53d642626ebb4
2013-06-03 23:09:54 +02:00
healthd: grant perms from domain_deprecated In preparation of removing permissions from domain_deprecated. Addresses: avc: denied { read } for name="present" dev="sysfs" ino=5003 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file avc: denied { open } for path="/sys/devices/platform/htc_battery_max17050.8/power_supply/flounder-battery/present" dev="sysfs" ino=5003 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file Change-Id: Iaee5b79a45aedad98e08c670addbf444c984165e
2016-01-27 20:19:34 +01:00
# Read access to pseudo filesystems.
Remove access to 'sysfs' files from healtd and charger. We rely on vendors to label all dependencies of healthd/charger under /sys/class/power_supply with sysfs_batteryinfo type. Bug: 65643247 Bug: 32659667 Test: boots without denials from healthd, to sysfs_batteryinfo or to sysfs_msm_subsys. Test: charging with device turned off works without /sys denials. Change-Id: I893f309ecad8a0caf7d0b81f5f945725907255c2
2017-10-17 00:54:49 +02:00
allow healthd sysfs_type:dir search;
audit domain_deprecated perms for removal Grant permissions observed. Bug: 28760354 Change-Id: Ie63cda709319bbf635ef7bffbba3477c2cccc11b
2016-09-10 01:27:17 +02:00
r_dir_file(healthd, rootfs)
healthd: create SEPolicy for 'charger' and reduce healthd's scope healthd is being split into 'charger' and 'healthd' processes, that will never run together. 'charger' is to be run only in charge-only and recovery, while healthd runs with Android. While they both share much of battery monitoring code, they both now have reduced scope. E.g. 'charger', doesn't need to use binder anymore and healthd doesn't need to do charging ui animation. So, amend the SEPolicy for healthd to reduce it's scope and add a new one for charger. Test: Tested all modes {recovery, charger-only, android} with new policy Change-Id: If7f81875c605f7f07da4d23a313f308b9dde9ce8 Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit c73d0022ade4855ab72849e1fe97856c737fdcef)
2016-11-01 21:49:10 +01:00
r_dir_file(healthd, cgroup)
healthd: grant perms from domain_deprecated In preparation of removing permissions from domain_deprecated. Addresses: avc: denied { read } for name="present" dev="sysfs" ino=5003 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file avc: denied { open } for path="/sys/devices/platform/htc_battery_max17050.8/power_supply/flounder-battery/present" dev="sysfs" ino=5003 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file Change-Id: Iaee5b79a45aedad98e08c670addbf444c984165e
2016-01-27 20:19:34 +01:00
health: allow rules for passthrough health HAL - allows binder calls to hwservicemanager - allows healthd to read system_file for passthrough HAL Test: Tested healthd with and without a board specific health HAL on Angler. Bug: b/32724915 Change-Id: Icf621859f715cb44bce5d8d3b60320ef495d1543 Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit 32cacb42b91badbc8ee7634dfd7a88ca80ecf9b4)
2016-11-09 04:08:37 +01:00
# Read access to system files for passthrough HALs in
# /{system,vendor,odm}/lib[64]/hw/
r_dir_file(healthd, system_file)
sepolicy: Add rules for non-init namespaces In kernel 4.7, the capability and capability2 classes were split apart from cap_userns and cap2_userns (see kernel commit 8e4ff6f228e4722cac74db716e308d1da33d744f). Since then, Android cannot be run in a container with SELinux in enforcing mode. This change applies the existing capability rules to user namespaces as well as the root namespace so that Android running in a container behaves the same on pre- and post-4.7 kernels. This is essentially: 1. New global_capability_class_set and global_capability2_class_set that match capability+cap_userns and capability2+cap2_userns, respectively. 2. s/self:capability/self:global_capability_class_set/g 3. s/self:capability2/self:global_capability2_class_set/g 4. Add cap_userns and cap2_userns to the existing capability_class_set so that it covers all capabilities. This set was used by several neverallow and dontaudit rules, and I confirmed that the new classes are still appropriate. Test: diff new policy against old and confirm that all new rules add only cap_userns or cap2_userns; Boot ARC++ on a device with the 4.12 kernel. Bug: crbug.com/754831 Change-Id: I4007eb3a2ecd01b062c4c78d9afee71c530df95f
2017-11-09 23:51:26 +01:00
allow healthd self:global_capability_class_set { sys_tty_config };
allow healthd self:global_capability_class_set sys_boot;
healthd: create SEPolicy for 'charger' and reduce healthd's scope healthd is being split into 'charger' and 'healthd' processes, that will never run together. 'charger' is to be run only in charge-only and recovery, while healthd runs with Android. While they both share much of battery monitoring code, they both now have reduced scope. E.g. 'charger', doesn't need to use binder anymore and healthd doesn't need to do charging ui animation. So, amend the SEPolicy for healthd to reduce it's scope and add a new one for charger. Test: Tested all modes {recovery, charger-only, android} with new policy Change-Id: If7f81875c605f7f07da4d23a313f308b9dde9ce8 Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit c73d0022ade4855ab72849e1fe97856c737fdcef)
2016-11-01 21:49:10 +01:00
Enforce ioctl command whitelisting on all sockets Remove the ioctl permission for most socket types. For others, such as tcp/udp/rawip/unix_dgram/unix_stream set a default unprivileged whitelist that individual domains may extend (except where neverallowed like untrusted_app). Enforce via a neverallowxperm rule. Change-Id: I15548d830f8eff1fd4d64005c5769ca2be8d4ffe
2016-05-17 06:12:17 +02:00
allow healthd self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
healthd: create SEPolicy for 'charger' and reduce healthd's scope healthd is being split into 'charger' and 'healthd' processes, that will never run together. 'charger' is to be run only in charge-only and recovery, while healthd runs with Android. While they both share much of battery monitoring code, they both now have reduced scope. E.g. 'charger', doesn't need to use binder anymore and healthd doesn't need to do charging ui animation. So, amend the SEPolicy for healthd to reduce it's scope and add a new one for charger. Test: Tested all modes {recovery, charger-only, android} with new policy Change-Id: If7f81875c605f7f07da4d23a313f308b9dde9ce8 Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit c73d0022ade4855ab72849e1fe97856c737fdcef)
2016-11-01 21:49:10 +01:00
healthd: restore healthd sepolicy for charger mode Test: Boot charge-only and android on sailfish Bug: https://b/33672744 Change-Id: I6a25e90a716ec0ca46b5ba5edad860aa0eebafef Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit 3b25e384108c20741313fb356ed25e0c515e5b6b)
2016-12-15 21:36:45 +01:00
wakelock_use(healthd)
Confine healthd, but leave it permissive for now. Remove unconfined_domain() and add the allow rules required for operation of healthd. Restore the permissive declaration until I8a3e0db15ec5f4eb05d455a57e8446a8c2b484c2 is applied to the 3.4 kernel. Resolves the following denials in 4.4: type=1400 audit(1383590167.750:14): avc: denied { read } for pid=49 comm="healthd" path="/sbin/healthd" dev="rootfs" ino=1232 scontext=u:r:healthd:s0 tcontext=u:object_r:rootfs:s0 tclass=file type=1400 audit(1383590167.750:15): avc: denied { mknod } for pid=49 comm="healthd" capability=27 scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability type=1400 audit(1383590167.750:16): avc: denied { create } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket type=1400 audit(1383590167.750:17): avc: denied { setopt } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket type=1400 audit(1383590167.750:17): avc: denied { net_admin } for pid=49 comm="healthd" capability=12 scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability type=1400 audit(1383590167.750:18): avc: denied { bind } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket shell@generic:/ $ type=1400 audit(1383590168.800:21): avc: denied { call } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:servicemanager:s0 tclass=binder type=1400 audit(1383590168.800:22): avc: denied { transfer } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:servicemanager:s0 tclass=binder type=1400 audit(1383590168.800:23): avc: denied { 0x10 } for pid=49 comm="healthd" capability=36 scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability2 type=1400 audit(1383590168.800:24): avc: denied { read } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket type=1400 audit(1383590212.320:161): avc: denied { call } for pid=376 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:healthd:s0 tclass=binder type=1400 audit(1383590212.320:161): avc: denied { transfer } for pid=376 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:healthd:s0 tclass=binder type=1400 audit(1383590212.320:162): avc: denied { call } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:system_server:s0 tclass=binder type=1400 audit(1383590275.930:463): avc: denied { call } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:system_server:s0 tclass=binder Change-Id: Iacd058edfa1e913a8f24ce8937d2d76c928d6740 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-04 15:53:46 +01:00
binder_use(healthd)
initial dumpstate domain Add the necessary rules to support dumpstate. Start off initially in permissive until it has more testing. Dumpstate is triggered by running "adb bugreport" Change-Id: Ic17a60cca1f6f40daa4f2c51e9ad6009ef36cfbd
2013-12-14 07:19:45 +01:00
binder_service(healthd)
Confine healthd, but leave it permissive for now. Remove unconfined_domain() and add the allow rules required for operation of healthd. Restore the permissive declaration until I8a3e0db15ec5f4eb05d455a57e8446a8c2b484c2 is applied to the 3.4 kernel. Resolves the following denials in 4.4: type=1400 audit(1383590167.750:14): avc: denied { read } for pid=49 comm="healthd" path="/sbin/healthd" dev="rootfs" ino=1232 scontext=u:r:healthd:s0 tcontext=u:object_r:rootfs:s0 tclass=file type=1400 audit(1383590167.750:15): avc: denied { mknod } for pid=49 comm="healthd" capability=27 scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability type=1400 audit(1383590167.750:16): avc: denied { create } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket type=1400 audit(1383590167.750:17): avc: denied { setopt } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket type=1400 audit(1383590167.750:17): avc: denied { net_admin } for pid=49 comm="healthd" capability=12 scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability type=1400 audit(1383590167.750:18): avc: denied { bind } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket shell@generic:/ $ type=1400 audit(1383590168.800:21): avc: denied { call } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:servicemanager:s0 tclass=binder type=1400 audit(1383590168.800:22): avc: denied { transfer } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:servicemanager:s0 tclass=binder type=1400 audit(1383590168.800:23): avc: denied { 0x10 } for pid=49 comm="healthd" capability=36 scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability2 type=1400 audit(1383590168.800:24): avc: denied { read } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=netlink_kobject_uevent_socket type=1400 audit(1383590212.320:161): avc: denied { call } for pid=376 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:healthd:s0 tclass=binder type=1400 audit(1383590212.320:161): avc: denied { transfer } for pid=376 comm="system_server" scontext=u:r:system_server:s0 tcontext=u:r:healthd:s0 tclass=binder type=1400 audit(1383590212.320:162): avc: denied { call } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:system_server:s0 tclass=binder type=1400 audit(1383590275.930:463): avc: denied { call } for pid=49 comm="healthd" scontext=u:r:healthd:s0 tcontext=u:r:system_server:s0 tclass=binder Change-Id: Iacd058edfa1e913a8f24ce8937d2d76c928d6740 Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2013-11-04 15:53:46 +01:00
binder_call(healthd, system_server)
Annotate most remaining HALs with _client/_server This switches most remaining HALs to the _client/_server approach. To unblock efforts blocked on majority of HALs having to use this model, this change does not remove unnecessary rules from clients of these HALs. That work will be performed in follow-up commits. This commit only adds allow rules and thus does not break existing functionality. The HALs not yet on the _client/_server model after this commit are: * Allocator HAL, because it's non-trivial to declare all apps except isolated apps as clients of this HAL, which they are. * Boot HAL, because it's still on the non-attributized model and I'm waiting for update_engine folks to answer a couple of questions which will let me refactor the policy of this HAL. Test: mmm system/sepolicy Test: Device boots, no new denials Test: Device boots in recovery mode, no new denials Bug: 34170079 Change-Id: I03e6bcec2fa02f14bdf17d11f7367b62c68a14b9
2017-03-17 02:48:40 +01:00
hal_client_domain(healthd, hal_health)
fix healthd charger mode. Healthd has an optional "charger" mode. The device boots into a minimally running mode, and healthd displays the battery indicator. Without this patch, when a manta device boots into charger mode, the screen will never turn off and the battery indicator will not move. From reviewing the healthd code, it looks like this may affect lots of devices, not just manta. I'm adding this change to the generic policy. Steps to reproduce: 1) Make sure the device is unplugged. 2) Boot into a normal system. 3) Shutdown the system normally using the power button. 4) After shutdown, plugin the power cord. 5) Device will boot into charger mode. Battery icon will display. 6) Press the button to reboot into a normal mode. 7) Examine /proc/last_kmsg and look for denials. Addresses the following denials: [ 3.908457] type=1400 audit(1390866386.620:3): avc: denied { read write } for pid=98 comm="charger" name="fb0" dev="tmpfs" ino=4286 scontext=u:r:healthd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file [ 3.909085] type=1400 audit(1390866386.620:4): avc: denied { open } for pid=98 comm="charger" name="fb0" dev="tmpfs" ino=4286 scontext=u:r:healthd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file [ 3.909749] type=1400 audit(1390866386.620:5): avc: denied { ioctl } for pid=98 comm="charger" path="/dev/graphics/fb0" dev="tmpfs" ino=4286 scontext=u:r:healthd:s0 tcontext=u:object_r:graphics_device:s0 tclass=chr_file [ 4.889857] type=1400 audit(1390866387.605:6): avc: denied { read } for pid=98 comm="charger" name="input" dev="tmpfs" ino=4153 scontext=u:r:healthd:s0 tcontext=u:object_r:input_device:s0 tclass=dir [ 4.890873] type=1400 audit(1390866387.605:7): avc: denied { open } for pid=98 comm="charger" name="input" dev="tmpfs" ino=4153 scontext=u:r:healthd:s0 tcontext=u:object_r:input_device:s0 tclass=dir [ 4.891949] type=1400 audit(1390866387.605:8): avc: denied { search } for pid=98 comm="charger" name="input" dev="tmpfs" ino=4153 scontext=u:r:healthd:s0 tcontext=u:object_r:input_device:s0 tclass=dir [ 4.892677] type=1400 audit(1390866387.605:9): avc: denied { read } for pid=98 comm="charger" name="event2" dev="tmpfs" ino=4279 scontext=u:r:healthd:s0 tcontext=u:object_r:input_device:s0 tclass=chr_file [ 4.893576] type=1400 audit(1390866387.605:10): avc: denied { open } for pid=98 comm="charger" name="event2" dev="tmpfs" ino=4279 scontext=u:r:healthd:s0 tcontext=u:object_r:input_device:s0 tclass=chr_file [ 7.288104] type=1400 audit(1390866389.999:12): avc: denied { execmem } for pid=98 comm="charger" scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=process [ 7.288574] type=1400 audit(1390866389.999:13): avc: denied { execute } for pid=98 comm="charger" path="/dev/ashmem" dev="tmpfs" ino=4113 scontext=u:r:healthd:s0 tcontext=u:object_r:ashmem_device:s0 tclass=chr_file Change-Id: I0118e08514caa0ad11d2aa7562c9846a96779a21
2014-01-28 01:15:00 +01:00
Remove access to 'sysfs' files from healtd and charger. We rely on vendors to label all dependencies of healthd/charger under /sys/class/power_supply with sysfs_batteryinfo type. Bug: 65643247 Bug: 32659667 Test: boots without denials from healthd, to sysfs_batteryinfo or to sysfs_msm_subsys. Test: charging with device turned off works without /sys denials. Change-Id: I893f309ecad8a0caf7d0b81f5f945725907255c2
2017-10-17 00:54:49 +02:00
# Read/write to /sys/power/state
allow healthd sysfs_power:file rw_file_perms;
healthd: restore healthd sepolicy for charger mode Test: Boot charge-only and android on sailfish Bug: https://b/33672744 Change-Id: I6a25e90a716ec0ca46b5ba5edad860aa0eebafef Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit 3b25e384108c20741313fb356ed25e0c515e5b6b)
2016-12-15 21:36:45 +01:00
# TODO: added to match above sysfs rule. Remove me?
allow healthd sysfs_usb:file write;
Remove access to 'sysfs' files from healtd and charger. We rely on vendors to label all dependencies of healthd/charger under /sys/class/power_supply with sysfs_batteryinfo type. Bug: 65643247 Bug: 32659667 Test: boots without denials from healthd, to sysfs_batteryinfo or to sysfs_msm_subsys. Test: charging with device turned off works without /sys denials. Change-Id: I893f309ecad8a0caf7d0b81f5f945725907255c2
2017-10-17 00:54:49 +02:00
r_dir_file(healthd, sysfs_batteryinfo)
healthd: restore healthd sepolicy for charger mode Test: Boot charge-only and android on sailfish Bug: https://b/33672744 Change-Id: I6a25e90a716ec0ca46b5ba5edad860aa0eebafef Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit 3b25e384108c20741313fb356ed25e0c515e5b6b)
2016-12-15 21:36:45 +01:00
###
### healthd: charger mode
###
# Read /sys/fs/pstore/console-ramoops
# Don't worry about overly broad permissions for now, as there's
# only one file in /sys/fs/pstore
allow healthd pstorefs:dir r_dir_perms;
allow healthd pstorefs:file r_file_perms;
allow healthd graphics_device:dir r_dir_perms;
allow healthd graphics_device:chr_file rw_file_perms;
allow healthd input_device:dir r_dir_perms;
allow healthd input_device:chr_file r_file_perms;
allow healthd tty_device:chr_file rw_file_perms;
allow healthd ashmem_device:chr_file execute;
allow healthd self:process execmem;
allow healthd proc_sysrq:file rw_file_perms;
te_macros: introduce add_service() macro Introduce the add_service() macro which wraps up add/find permissions for the source domain with a neverallow preventing others from adding it. Only a particular domain should add a particular service. Use the add_service() macro to automatically add a neverallow that prevents other domains from adding the service. mediadrmserver was adding services labeled mediaserver_service. Drop the add permission as it should just need the find permission. Additionally, the macro adds the { add find } permission which causes some existing neverallow's to assert. Adjust those neverallow's so "self" can always find. Test: compile and run on hikey and emulator. No new denials were found, and all services, where applicable, seem to be running OK. Change-Id: Ibbd2a5304edd5f8b877bc86852b0694732be993c Signed-off-by: William Roberts <william.c.roberts@intel.com>
2017-01-19 22:23:52 +01:00
add_service(healthd, batteryproperties_service)
Add access control for each service_manager action. Add SELinux MAC for the service manager actions list and find. Add the list and find verbs to the service_manager class. Add policy requirements for service_manager to enforce policies to binder_use macro. Change-Id: I224b1c6a6e21e3cdeb23badfc35c82a37558f964
2014-07-07 22:56:27 +02:00
healthd: restore healthd sepolicy for charger mode Test: Boot charge-only and android on sailfish Bug: https://b/33672744 Change-Id: I6a25e90a716ec0ca46b5ba5edad860aa0eebafef Signed-off-by: Sandeep Patil <sspatil@google.com> (cherry picked from commit 3b25e384108c20741313fb356ed25e0c515e5b6b)
2016-12-15 21:36:45 +01:00
# Healthd needs to tell init to continue the boot
# process when running in charger mode.
set_prop(healthd, system_prop)
Reference in a new issue Copy permalink