75806ef3c5
Ideally, public should only contain APIs (types / attributes) for
vendor. The other statements like allow/neverallow/typeattributes are
regarded as implementation detail for platform and should be in private.
Bug: 232023812
Test: m selinux_policy
Test: diff <(git diff --staged | grep "^-" | cut -b2- | sort) \
<(git diff --staged | grep "^+" | cut -b2- | sort)
Test: remove comments on plat_sepolicy.cil, replace base_typeattr_*
to base_typeattr and then compare old and new plat_sepolicy.cil
Change-Id: I5e7d2da4465ab0216de6bacdf03077d37f6ffe12
33 lines
1.2 KiB
Text
33 lines
1.2 KiB
Text
# HwBinder IPC from client to server, and callbacks
|
|
binder_call(hal_health_client, hal_health_server)
|
|
binder_call(hal_health_server, hal_health_client)
|
|
|
|
hal_attribute_hwservice(hal_health, hal_health_hwservice)
|
|
hal_attribute_service(hal_health, hal_health_service)
|
|
|
|
# Common rules for a health service.
|
|
|
|
# Allow to listen to uevents for updates
|
|
allow hal_health_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
|
|
|
|
# Allow to read /sys/class/power_supply directory
|
|
allow hal_health_server sysfs:dir r_dir_perms;
|
|
|
|
# Allow to read files under /sys/class/power_supply. Implementations typically have symlinks
|
|
# to vendor specific files. Vendors should mark sysfs_batteryinfo on all files read by health
|
|
# HAL service.
|
|
r_dir_file(hal_health_server, sysfs_batteryinfo)
|
|
|
|
# Allow to wake up to send periodic events
|
|
wakelock_use(hal_health_server)
|
|
|
|
# Write to /dev/kmsg
|
|
allow hal_health_server kmsg_device:chr_file { getattr w_file_perms };
|
|
|
|
# Allow to use timerfd to wake itself up periodically to send health info.
|
|
allow hal_health_server self:capability2 wake_alarm;
|
|
|
|
# Use bpf programs
|
|
allow hal_health_server fs_bpf_vendor:dir search;
|
|
allow hal_health_server fs_bpf_vendor:file read;
|
|
allow hal_health_server bpfloader:bpf prog_run;
|