From b4c639730b351f872c7a0a10295aff10619ff609 Mon Sep 17 00:00:00 2001
From: Jeff Vander Stoep <jeffv@google.com>
Date: Fri, 13 Oct 2017 10:26:44 -0700
Subject: [PATCH] shell: allow reading battery info dirs in /sys

Addresses:
avc: denied { search } for comm="sh" name="bms" dev="sysfs" ino=47908
scontext=u:r:shell:s0 tcontext=u:object_r:sysfs_batteryinfo:s0
tclass=dir

Test: build
Change-Id: I8a0197417c47feefba084e9c75933d28c5f6e5f1
---
 public/shell.te | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/public/shell.te b/public/shell.te
index 84e76f2a3..4ac663815 100644
--- a/public/shell.te
+++ b/public/shell.te
@@ -142,8 +142,9 @@ allow shell bootchart_data_file:file create_file_perms;
 allow shell self:process ptrace;
 
 # allow shell to get battery info
-allow shell sysfs_batteryinfo:file r_file_perms;
 allow shell sysfs:dir r_dir_perms;
+allow shell sysfs_batteryinfo:dir r_dir_perms;
+allow shell sysfs_batteryinfo:file r_file_perms;
 
 # Allow access to ion memory allocation device.
 allow shell ion_device:chr_file rw_file_perms;
-- 
GitLab