From 9ed71eff4bed91653cba393ea6cb42f041d4e257 Mon Sep 17 00:00:00 2001
From: dcashman <dcashman@google.com>
Date: Mon, 14 Mar 2016 12:21:18 -0700
Subject: [PATCH] Mark batteryproperties service as app_api_service.
Applications do not explicitly request handles to the batteryproperties
service, but the BatteryManager obtains a reference to it and uses it
for its underlying property queries. Mark it as an app_api_service so
that all applications may use this API. Also remove the batterypropreg
service label, as this does not appear to be used and may have been a
duplication of batteryproperties. As a result, remove the
healthd_service type and replace it with a more specific
batteryproperties_service type.
Bug: 27442760
Change-Id: I5c0f9d7992ff2ec64adaeef22356e88fd0e8169c
---
healthd.te | 2 +-
service.te | 2 +-
service_contexts | 3 +--
system_server.te | 2 +-
untrusted_app.te | 1 -
5 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/healthd.te b/healthd.te
index 4f2a2eaad..f54d716a9 100644
--- a/healthd.te
+++ b/healthd.te
@@ -41,7 +41,7 @@ allow healthd self:process execmem;
allow healthd proc_sysrq:file rw_file_perms;
allow healthd self:capability sys_boot;
-allow healthd healthd_service:service_manager { add find };
+allow healthd batteryproperties_service:service_manager { add find };
# Healthd needs to tell init to continue the boot
# process when running in charger mode.
diff --git a/service.te b/service.te
index f819e40a6..fb5b9f4fa 100644
--- a/service.te
+++ b/service.te
@@ -3,7 +3,7 @@ type default_android_service, service_manager_type;
type drmserver_service, service_manager_type;
type gatekeeper_service, app_api_service, service_manager_type;
type fingerprintd_service, service_manager_type;
-type healthd_service, service_manager_type;
+type batteryproperties_service, app_api_service, service_manager_type;
type inputflinger_service, service_manager_type;
type keystore_service, service_manager_type;
type mediaserver_service, service_manager_type;
diff --git a/service_contexts b/service_contexts
index 8ff12f817..0e77818a1 100644
--- a/service_contexts
+++ b/service_contexts
@@ -10,8 +10,7 @@ appwidget u:object_r:appwidget_service:s0
assetatlas u:object_r:assetatlas_service:s0
audio u:object_r:audio_service:s0
backup u:object_r:backup_service:s0
-batteryproperties u:object_r:healthd_service:s0
-batterypropreg u:object_r:healthd_service:s0
+batteryproperties u:object_r:batteryproperties_service:s0
batterystats u:object_r:batterystats_service:s0
battery u:object_r:battery_service:s0
bluetooth_manager u:object_r:bluetooth_manager_service:s0
diff --git a/system_server.te b/system_server.te
index f03959e3e..be4bac10e 100644
--- a/system_server.te
+++ b/system_server.te
@@ -374,7 +374,7 @@ allow system_server sysfs_zram:dir search;
allow system_server sysfs_zram:file r_file_perms;
allow system_server drmserver_service:service_manager find;
-allow system_server healthd_service:service_manager find;
+allow system_server batteryproperties_service:service_manager find;
allow system_server keystore_service:service_manager find;
allow system_server gatekeeper_service:service_manager find;
allow system_server fingerprintd_service:service_manager find;
diff --git a/untrusted_app.te b/untrusted_app.te
index 697965170..b05627a5e 100644
--- a/untrusted_app.te
+++ b/untrusted_app.te
@@ -67,7 +67,6 @@ allow untrusted_app mnt_media_rw_file:dir search;
allow untrusted_app servicemanager:service_manager list;
allow untrusted_app drmserver_service:service_manager find;
-allow untrusted_app healthd_service:service_manager find;
allow untrusted_app mediaserver_service:service_manager find;
allow untrusted_app nfc_service:service_manager find;
allow untrusted_app radio_service:service_manager find;
--
GitLab