From d276b4349d75ade473846239c95e137d73bfcfab Mon Sep 17 00:00:00 2001
From: Tri Vo <trong@google.com>
Date: Mon, 16 Oct 2017 15:54:49 -0700
Subject: [PATCH] Remove access to 'sysfs' files from healtd and charger.

We rely on vendors to label all dependencies of healthd/charger under
/sys/class/power_supply with sysfs_batteryinfo type.

Bug: 65643247
Bug: 32659667
Test: boots without denials from healthd, to sysfs_batteryinfo or to
sysfs_msm_subsys.
Test: charging with device turned off works without /sys denials.

Change-Id: I893f309ecad8a0caf7d0b81f5f945725907255c2
---
 private/domain.te |  2 --
 public/charger.te |  4 ++--
 public/healthd.te | 11 ++++-------
 3 files changed, 6 insertions(+), 11 deletions(-)

diff --git a/private/domain.te b/private/domain.te
index e181988f9..ff7f1b3a7 100644
--- a/private/domain.te
+++ b/private/domain.te
@@ -35,9 +35,7 @@ full_treble_only(`
   # /sys
   neverallow {
     coredomain
-    -charger
     -dumpstate
-    -healthd
     -init
     -priv_app
     -storaged
diff --git a/public/charger.te b/public/charger.te
index 4577cbcec..ed6986769 100644
--- a/public/charger.te
+++ b/public/charger.te
@@ -6,7 +6,7 @@ type charger, domain;
 allow charger kmsg_device:chr_file rw_file_perms;
 
 # Read access to pseudo filesystems.
-r_dir_file(charger, sysfs_type)
+allow charger sysfs_type:dir search;
 r_dir_file(charger, rootfs)
 r_dir_file(charger, cgroup)
 
@@ -20,7 +20,7 @@ allow charger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
 # Read/write to /sys/power/state
 allow charger sysfs_power:file rw_file_perms;
 
-allow charger sysfs_batteryinfo:file r_file_perms;
+r_dir_file(charger, sysfs_batteryinfo)
 
 # Read /sys/fs/pstore/console-ramoops
 # Don't worry about overly broad permissions for now, as there's
diff --git a/public/healthd.te b/public/healthd.te
index 856a4b124..64c1723cc 100644
--- a/public/healthd.te
+++ b/public/healthd.te
@@ -6,7 +6,7 @@ type healthd_exec, exec_type, file_type;
 allow healthd kmsg_device:chr_file rw_file_perms;
 
 # Read access to pseudo filesystems.
-r_dir_file(healthd, sysfs_type)
+allow healthd sysfs_type:dir search;
 r_dir_file(healthd, rootfs)
 r_dir_file(healthd, cgroup)
 
@@ -26,16 +26,13 @@ binder_service(healthd)
 binder_call(healthd, system_server)
 hal_client_domain(healthd, hal_health)
 
-# Write to state file.
-# TODO:  Split into a separate type?
-allow healthd sysfs:file write;
+# Read/write to /sys/power/state
+allow healthd sysfs_power:file rw_file_perms;
 
 # TODO: added to match above sysfs rule. Remove me?
 allow healthd sysfs_usb:file write;
 
-allow healthd sysfs_batteryinfo:file r_file_perms;
-
-r_dir_file(healthd, sysfs_type)
+r_dir_file(healthd, sysfs_batteryinfo)
 
 ###
 ### healthd: charger mode
-- 
GitLab