From c8012152e444d30a19dc0b744aca30254b1188d9 Mon Sep 17 00:00:00 2001
From: Nick Kralevich <nnk@google.com>
Date: Fri, 14 Mar 2014 15:37:25 -0700
Subject: [PATCH] Allow healthd sys_tty_config

healthd performs privileged ioctls on the tty device
when in charger mode. Allow it.

This fixes a bug where off charging mode is forcing the device
to reboot into recovery.

Addresses the following denial:

type=1400 audit(15080631.900:4): avc:  denied  { sys_tty_config } for  pid=130 comm="healthd" capability=26  scontext=u:r:healthd:s0 tcontext=u:r:healthd:s0 tclass=capability

Bug: 13472365
Change-Id: I402987baf62ba0017e79e30e370850c32c286a6a
---
 healthd.te | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/healthd.te b/healthd.te
index 62a20e8bc..ba80dadc3 100644
--- a/healthd.te
+++ b/healthd.te
@@ -8,7 +8,7 @@ write_klog(healthd)
 # open fd inherited by healthd.
 allow healthd tmpfs:chr_file { read write };
 
-allow healthd self:capability { net_admin mknod };
+allow healthd self:capability { net_admin mknod sys_tty_config };
 allow healthd self:capability2 block_suspend;
 allow healthd self:netlink_kobject_uevent_socket create_socket_perms;
 binder_use(healthd)
-- 
GitLab