From: Andreas Schneider Date: Wed, 25 Mar 2020 17:02:06 +0000 (+0100) Subject: common: Allow the power hal to access its sysfs nodes X-Git-Url: https://git.stricted.de/?a=commitdiff_plain;h=8d2ee06d2f1e352d99643cd6657f27cd021ad394;p=GitHub%2FLineageOS%2Fandroid_device_samsung_slsi_sepolicy.git common: Allow the power hal to access its sysfs nodes Change-Id: I27b94e8502500bb646d1afb104c390151fec6584 --- diff --git a/common/vendor/file.te b/common/vendor/file.te index 1fb97e3..ee01cbf 100644 --- a/common/vendor/file.te +++ b/common/vendor/file.te @@ -6,10 +6,16 @@ type conn_vendor_data_file, file_type, data_file_type; type wifi_vendor_data_file, file_type, data_file_type; ### SYSFS +type sysfs_battery, sysfs_type, r_fs_type, fs_type; type sysfs_fingerprint, sysfs_type, r_fs_type, fs_type; +type sysfs_input, sysfs_type, r_fs_type, fs_type; +type sysfs_sec_touchscreen, sysfs_type, r_fs_type, fs_type; type sysfs_wifi, sysfs_type, r_fs_type, fs_type; type sysfs_backlight_writable, sysfs_type, rw_fs_type, fs_type; +type sysfs_battery_writable, sysfs_type, rw_fs_type, fs_type; +type sysfs_power_writable, sysfs_type, rw_fs_type, fs_type; +type sysfs_touchscreen_writable, sysfs_type, rw_fs_type, fs_type; type sysfs_wifi_writable, sysfs_type, rw_fs_type, fs_type; ### VENDOR diff --git a/common/vendor/genfs_contexts b/common/vendor/genfs_contexts index 3b60017..646923e 100644 --- a/common/vendor/genfs_contexts +++ b/common/vendor/genfs_contexts @@ -3,19 +3,32 @@ ### SYSFS genfscon sysfs /class/backlight/ u:object_r:sysfs_backlight_writable:s0 genfscon sysfs /class/fingerprint/fingerprint u:object_r:sysfs_fingerprint:s0 +genfscon sysfs /class/input u:object_r:sysfs_input:s0 +genfscon sysfs /class/power_supply u:object_r:sysfs_battery:s0 +genfscon sysfs /class/sec/tsp u:object_r:sysfs_sec_touchscreen:s0 genfscon sysfs /class/timed_output/vibrator/intensity u:object_r:sysfs_vibrator:s0 genfscon sysfs /class/timed_output/vibrator/multi_freq u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/battery/power_supply u:object_r:sysfs_battery:s0 +genfscon sysfs /devices/platform/battery/power_supply/battery/lcd u:object_r:sysfs_battery_writable:s0 genfscon sysfs /devices/platform/panel@0/backlight/panel/brightness u:object_r:sysfs_backlight_writable:s0 genfscon sysfs /devices/platform/panel@0/backlight/panel/max_brightness u:object_r:sysfs_backlight_writable:s0 genfscon sysfs /devices/virtual/fingerprint/fingerprint u:object_r:sysfs_fingerprint:s0 +genfscon sysfs /devices/virtual/input u:object_r:sysfs_input:s0 +genfscon sysfs /devices/virtual/sec/tsp u:object_r:sysfs_sec_touchscreen:s0 +genfscon sysfs /devices/virtual/sec/tsp/cmd u:object_r:sysfs_touchscreen_writable:s0 +genfscon sysfs /devices/virtual/sec/tsp/ear_detect_enable u:object_r:sysfs_touchscreen_writable:s0 +genfscon sysfs /devices/virtual/timed_output/vibrator/cp_trigger_index u:object_r:sysfs_vibrator:s0 genfscon sysfs /devices/virtual/timed_output/vibrator/intensity u:object_r:sysfs_vibrator:s0 genfscon sysfs /devices/virtual/timed_output/vibrator/multi_freq u:object_r:sysfs_vibrator:s0 -genfscon sysfs /devices/virtual/timed_output/vibrator/cp_trigger_index u:object_r:sysfs_vibrator:s0 genfscon sysfs /module/dhd/parameters u:object_r:sysfs_wifi_writable:s0 +genfscon sysfs /power/cpufreq_max_limit u:object_r:sysfs_power_writable:s0 +genfscon sysfs /power/cpufreq_min_limit u:object_r:sysfs_power_writable:s0 +genfscon sysfs /power/cpuhotplug/max_online_cpu u:object_r:sysfs_power_writable:s0 + genfscon sysfs /wifi u:object_r:sysfs_wifi:s0 genfscon sysfs /wifi/cid u:object_r:sysfs_wifi_writable:s0 genfscon sysfs /wifi/mac_addr u:object_r:sysfs_wifi_writable:s0 diff --git a/common/vendor/hal_power_default.te b/common/vendor/hal_power_default.te new file mode 100644 index 0000000..eb3def4 --- /dev/null +++ b/common/vendor/hal_power_default.te @@ -0,0 +1,16 @@ +# hal_power_default.te + +# /sys/class/input/ +allow hal_power_default sysfs_input:dir r_dir_perms; + +# /sys/class/power/ +allow hal_power_default sysfs_power:dir r_dir_perms; +allow hal_power_default sysfs_power:file r_file_perms; +allow hal_power_default sysfs_power_writable:file rw_file_perms; + +# /sys/class/sec/tsp/input/ +allow hal_power_default sysfs_sec_touchscreen:dir r_dir_perms; +allow hal_power_default sysfs_sec_touchscreen:lnk_file r_file_perms; + +# /sys/class/sec/tsp/input/{cmd,enabled} +allow hal_power_default sysfs_touchscreen_writable:file rw_file_perms;