Allow system_suspend to server the suspend AIDL hal service.
Bug: 170260236
Test: Check logcat for supend avc denials
Change-Id: Ie4c07e2e8d75fd4b12e55db15511060e09be59cf
(cherry picked from commit 0e903620a5)
The suspend_control_aidl_interface is updated, renamed, and splitted
into android.system.suspend.control and
android.system.suspend.control.internal. This resulted in two suspend
services, update sepolicy to support this change.
Test: m
Bug: 171598743
Change-Id: I695bde405672af834fe662242347e62079f2e25f
This allows the SystemSuspend to read wakeup reasons from
sysfs_wakeup_reasons.
Test: Local test verified SystemSuspend can access sysfs_wakeup_reasons
Bug: 171021049
Change-Id: Ic5d723a989edbcbd55ff497a55ce8384ba1f226c
This allows the SystemSuspend to serve Bluetooth registered callbacks
for BTAA purpose.
Test: Local test verified registered callbacks been serviced
Bug: 170315554
Change-Id: I358b6732fdb663dcffd2647b6d6fa9727be5564e
This allows the Bluetooth to communicate with the SystemSuspend to
obtain system wakeup and wakelock information for Bluetooth activity
attribution (BTAA) processing.
BTAA is a process unit within the Bluetooth stack to aggregate
Bluetooth traffics, wakeup, and wakelocks into per-app, per-device, and
activity based statistical information.
Test: Local test verified Bluetooth can acquire suspend_control
Bug: 170315554
Change-Id: I7417132793c1000a8e3136c300cf8c1ba9cc3a14
/sys/class/wakeup/wakeupN can point to an arbitrary path in sysfs. Add
"search" permission for path resolution.
Bug: 144095608
Test: m selinux_policy
Change-Id: I033d15b4ca56656f144189f5c2b1b885f30155a3
Android is moving away from debugfs. Information from /d/wakeup_sources
and /d/suspend_stats is now also exposed in sysfs under
/sys/class/wakeup/* and /sys/power/suspend_stats/* respectively:
https://lkml.org/lkml/2019/7/31/1349https://lkml.org/lkml/2019/8/6/1275
Allow SystemSuspend to read those sysfs nodes.
One caveat is that /sys/class/wakeup/wakeupN can be a symlink to a
device-specific location. In this case, device sepolicy should label
that the files appropriately. This is similar to how device policy
applies "sysfs_net" and "sysfs_batteryinfo" labels.
Bug: 144095608
Bug: 129087298
Test: boot cuttlefish; system_suspend is able to read
/sys/power/suspend_stats/* and /sys/class/wakeup/*
Change-Id: I350c88a271c0f422d0557aeb5e05e1537dc97bc9
Now that our tools are routed to system_suspend, there is no reason for
system_suspend to write to /sys/power/wake_[un]lock.
Bug: 128923994
Bug: 115946999
Test: boot blueline, no denials from system_suspend
Change-Id: I1097d30c050ce7d88677e07f4aaef07ce78dc958
System suspend service is not a HAL, so avoid using HAL-specific macros
and attributes.
Use system_suspend_server attribute for ISystemSuspend.hal permissions.
Use system_suspend type directly for internal .aidl interface
permissions.
Bug: 126259100
Test: m selinux_policy
Test: blueline boots; wakelocks can still be acquired; device suspends
if left alone.
Change-Id: Ie811e7da46023705c93ff4d76d15709a56706714
