/sys/class/wakeup/wakeupN can point to an arbitrary path in sysfs. Add
"search" permission for path resolution.
Bug: 144095608
Test: m selinux_policy
Change-Id: I033d15b4ca56656f144189f5c2b1b885f30155a3
Android is moving away from debugfs. Information from /d/wakeup_sources
and /d/suspend_stats is now also exposed in sysfs under
/sys/class/wakeup/* and /sys/power/suspend_stats/* respectively:
https://lkml.org/lkml/2019/7/31/1349https://lkml.org/lkml/2019/8/6/1275
Allow SystemSuspend to read those sysfs nodes.
One caveat is that /sys/class/wakeup/wakeupN can be a symlink to a
device-specific location. In this case, device sepolicy should label
that the files appropriately. This is similar to how device policy
applies "sysfs_net" and "sysfs_batteryinfo" labels.
Bug: 144095608
Bug: 129087298
Test: boot cuttlefish; system_suspend is able to read
/sys/power/suspend_stats/* and /sys/class/wakeup/*
Change-Id: I350c88a271c0f422d0557aeb5e05e1537dc97bc9
Now that our tools are routed to system_suspend, there is no reason for
system_suspend to write to /sys/power/wake_[un]lock.
Bug: 128923994
Bug: 115946999
Test: boot blueline, no denials from system_suspend
Change-Id: I1097d30c050ce7d88677e07f4aaef07ce78dc958
System suspend service is not a HAL, so avoid using HAL-specific macros
and attributes.
Use system_suspend_server attribute for ISystemSuspend.hal permissions.
Use system_suspend type directly for internal .aidl interface
permissions.
Bug: 126259100
Test: m selinux_policy
Test: blueline boots; wakelocks can still be acquired; device suspends
if left alone.
Change-Id: Ie811e7da46023705c93ff4d76d15709a56706714
