From 62aee3b41b30151eee5a3eb1b3a95efaa329d94c Mon Sep 17 00:00:00 2001 From: Steven Moreland <smoreland@google.com> Date: Wed, 4 Jan 2017 17:56:04 -0800 Subject: [PATCH] hal_light: add permission to sys/class/leds. /sys/class/leds is the standard location for linux files dealing with leds, however the exact contents of this directory is non-standard (hence the need for a hal). Bug: 32022100 Test: compiles and works for the subset of common files Change-Id: I7571d7267d5ed531c4cf95599d5f2acc22287ef4 --- private/file_contexts | 1 + public/file.te | 1 + public/hal_light.te | 4 ++++ 3 files changed, 6 insertions(+) diff --git a/private/file_contexts b/private/file_contexts index 0ca1c5880..16ecbf047 100644 --- a/private/file_contexts +++ b/private/file_contexts @@ -419,6 +419,7 @@ ############################# # sysfs files # +/sys/class/leds(/.*)? u:object_r:sysfs_leds:s0 /sys/devices/platform/nfc-power/nfc_power -- u:object_r:sysfs_nfc_power_writable:s0 /sys/devices/system/cpu(/.*)? u:object_r:sysfs_devices_system_cpu:s0 /sys/devices/virtual/block/zram\d+(/.*)? u:object_r:sysfs_zram:s0 diff --git a/public/file.te b/public/file.te index a11394815..527e496bf 100644 --- a/public/file.te +++ b/public/file.te @@ -32,6 +32,7 @@ type sysfs, fs_type, sysfs_type, mlstrustedobject; type sysfs_uio, sysfs_type, fs_type; type sysfs_batteryinfo, fs_type, sysfs_type; type sysfs_bluetooth_writable, fs_type, sysfs_type, mlstrustedobject; +type sysfs_leds, fs_type, sysfs_type; type sysfs_hwrandom, fs_type, sysfs_type; type sysfs_nfc_power_writable, fs_type, sysfs_type, mlstrustedobject; type sysfs_wake_lock, fs_type, sysfs_type; diff --git a/public/hal_light.te b/public/hal_light.te index 4fb38b8c7..145b02e7f 100644 --- a/public/hal_light.te +++ b/public/hal_light.te @@ -1,2 +1,6 @@ # call into system_server process (callbacks) binder_call(hal_light, system_server) + +allow hal_light sysfs_leds:lnk_file read; +allow hal_light sysfs_leds:file rw_file_perms; +allow hal_light sysfs_leds:dir r_dir_perms; -- GitLab