From 12401b8d1833de33dba29eb0839259be9d0596a5 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Wed, 27 Jan 2016 11:19:34 -0800
Subject: [PATCH] healthd: grant perms from domain_deprecated

In preparation of removing permissions from domain_deprecated.

Addresses:
avc: denied { read } for name="present" dev="sysfs" ino=5003 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file
avc: denied { open } for path="/sys/devices/platform/htc_battery_max17050.8/power_supply/flounder-battery/present" dev="sysfs" ino=5003 scontext=u:r:healthd:s0 tcontext=u:object_r:sysfs:s0 tclass=file

Change-Id: Iaee5b79a45aedad98e08c670addbf444c984165e
---
 healthd.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/healthd.te b/healthd.te
index d09eab490..4f2a2eaad 100644
--- a/healthd.te
+++ b/healthd.te
@@ -5,6 +5,9 @@ type healthd, domain, domain_deprecated;
 # Write to /dev/kmsg
 allow healthd kmsg_device:chr_file rw_file_perms;
 
+# Read access to pseudo filesystems.
+r_dir_file(healthd, sysfs)
+
 allow healthd self:capability { net_admin sys_tty_config };
 wakelock_use(healthd)
 allow healthd self:netlink_kobject_uevent_socket create_socket_perms;
-- 
GitLab