From 027ec20696a46ee9e5fd0d89a8d98a89ca916a2f Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Mon, 14 Mar 2016 12:21:18 -0700
Subject: [PATCH] Mark batteryproperties service as app_api_service.
Applications do not explicitly request handles to the batteryproperties
service, but the BatteryManager obtains a reference to it and uses it
for its underlying property queries. Mark it as an app_api_service so
that all applications may use this API. Also remove the batterypropreg
service label, as this does not appear to be used and may have been a
duplication of batteryproperties. As a result, remove the
healthd_service type and replace it with a more specific
batteryproperties_service type.
(cherry-picked from commit: 9ed71eff4bed91653cba393ea6cb42f041d4e257)
Bug: 27442760
Change-Id: I537c17c09145b302728377bf856c1147e4cc37e9
---
healthd.te | 2 +-
service.te | 2 +-
service_contexts | 3 +--
system_server.te | 2 +-
untrusted_app.te | 1 -
5 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/healthd.te b/healthd.te
index 4f2a2eaad..f54d716a9 100644
--- a/healthd.te
+++ b/healthd.te
@@ -41,7 +41,7 @@ allow healthd self:process execmem;
allow healthd proc_sysrq:file rw_file_perms;
allow healthd self:capability sys_boot;
-allow healthd healthd_service:service_manager { add find };
+allow healthd batteryproperties_service:service_manager { add find };
# Healthd needs to tell init to continue the boot
# process when running in charger mode.
diff --git a/service.te b/service.te
index 9a4da4b4f..3c3d82526 100644
--- a/service.te
+++ b/service.te
@@ -5,7 +5,7 @@ type default_android_service, service_manager_type;
type drmserver_service, service_manager_type;
type gatekeeper_service, app_api_service, service_manager_type;
type fingerprintd_service, service_manager_type;
-type healthd_service, service_manager_type;
+type batteryproperties_service, app_api_service, service_manager_type;
type inputflinger_service, service_manager_type;
type keystore_service, service_manager_type;
type mediaserver_service, service_manager_type;
diff --git a/service_contexts b/service_contexts
index 681521d77..8bd4e0cc2 100644
--- a/service_contexts
+++ b/service_contexts
@@ -10,8 +10,7 @@ appwidget u:object_r:appwidget_service:s0
assetatlas u:object_r:assetatlas_service:s0
audio u:object_r:audio_service:s0
backup u:object_r:backup_service:s0
-batteryproperties u:object_r:healthd_service:s0
-batterypropreg u:object_r:healthd_service:s0
+batteryproperties u:object_r:batteryproperties_service:s0
batterystats u:object_r:batterystats_service:s0
battery u:object_r:battery_service:s0
bluetooth_manager u:object_r:bluetooth_manager_service:s0
diff --git a/system_server.te b/system_server.te
index fc0ad8e0b..11c40edda 100644
--- a/system_server.te
+++ b/system_server.te
@@ -403,7 +403,7 @@ allow system_server sysfs_zram:file r_file_perms;
allow system_server audioserver_service:service_manager find;
allow system_server cameraserver_service:service_manager find;
allow system_server drmserver_service:service_manager find;
-allow system_server healthd_service:service_manager find;
+allow system_server batteryproperties_service:service_manager find;
allow system_server keystore_service:service_manager find;
allow system_server gatekeeper_service:service_manager find;
allow system_server fingerprintd_service:service_manager find;
diff --git a/untrusted_app.te b/untrusted_app.te
index 34e592981..07b754f91 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -69,7 +69,6 @@ allow untrusted_app servicemanager:service_manager list;
allow untrusted_app audioserver_service:service_manager find;
allow untrusted_app cameraserver_service:service_manager find;
allow untrusted_app drmserver_service:service_manager find;
-allow untrusted_app healthd_service:service_manager find;
allow untrusted_app mediaserver_service:service_manager find;
allow untrusted_app mediaextractor_service:service_manager find;
allow untrusted_app mediacodec_service:service_manager find;
--
GitLab