From 3cfc7ea89f44f822cb44c87916b1847eecd44eb7 Mon Sep 17 00:00:00 2001
From: Colin Cross <ccross@android.com>
Date: Sat, 19 Jul 2014 09:43:22 -0700
Subject: [PATCH] sepolicy: allow charger to read
 /sys/fs/pstore/console-ramoops

Addresses the denial in charger mode:
[   17.993733] type=1400 audit(1405412231.119:4): avc:  denied  { search } for  pid=123 comm="charger" name="/" dev="pstore" ino=10287 scontext=u:r:healthd:s0 tcontext=u:object_r:pstorefs:s0 tclass=dir permissive=0

(cherry picked from commit bb96bffc379f8bb6d5d42ac1d044ae8a5502f108)

Change-Id: I2dde6adc3ff99df99409d4da3ef32c3987228801
---
 healthd.te | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/healthd.te b/healthd.te
index a788236cf..e7e165a84 100644
--- a/healthd.te
+++ b/healthd.te
@@ -22,6 +22,12 @@ allow healthd sysfs:file write;
 ### healthd: charger mode
 ###
 
+# Read /sys/fs/pstore/console-ramoops
+# Don't worry about overly broad permissions for now, as there's
+# only one file in /sys/fs/pstore
+allow healthd pstorefs:dir r_dir_perms;
+allow healthd pstorefs:file r_file_perms;
+
 allow healthd graphics_device:dir r_dir_perms;
 allow healthd graphics_device:chr_file rw_file_perms;
 allow healthd input_device:dir r_dir_perms;
-- 
GitLab