From 7b6ff9bc564e809e9c5e8bafb12c755380b1b35a Mon Sep 17 00:00:00 2001 From: Maggie White Date: Mon, 31 Jul 2017 21:00:11 -0700 Subject: [PATCH] Add sysfs thermal permissions for dumpstate Dumpstate currently cannot print temperature readings because it doesn't have permissions to read thermal sensor values via sysfs. This commit adds read permissions for sysfs_thermal. Test: adb bugreport Bug: 63602647 Change-Id: I21dd6f7bcaabaff722c8847b0958c725d661f489 --- sepolicy/vendor/file_contexts | 3 +++ sepolicy/vendor/genfs_contexts | 2 +- sepolicy/vendor/hal_dumpstate_impl.te | 4 +--- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index 04703df4..c9591c08 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -229,6 +229,9 @@ /vendor/lib(64)?/libadsprpc\.so u:object_r:same_process_hal_file:s0 /vendor/lib/dsp/fastrpc_shell_0 u:object_r:hexagon_halide_file:s0 +# thermal sysfs files +/sys/class/thermal(/.*)? u:object_r:sysfs_thermal:s0 + # data files /data/vendor/netmgr(/.*)? u:object_r:netmgr_data_file:s0 /data/vendor/location(/.*)? u:object_r:location_data_file:s0 diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts index d5fee6b7..6a11f611 100644 --- a/sepolicy/vendor/genfs_contexts +++ b/sepolicy/vendor/genfs_contexts @@ -1,3 +1,4 @@ +# TODO: genfs doesn't apply correctly to linked files (b/64270911) genfscon proc /debug/fwdump u:object_r:proc_wifi_dbg:s0 genfscon proc /debugdriver/driverdump u:object_r:proc_wifi_dbg:s0 genfscon proc /ath_pktlog/cld u:object_r:proc_wifi_dbg:s0 @@ -15,7 +16,6 @@ genfscon sysfs /devices/soc/1da4000.ufshc/host0/target0:0:0/0:0:0:0 u:object_r:s genfscon sysfs /class/rfkill/rfkill0/state u:object_r:sysfs_bluetooth_writable:s0 -genfscon sysfs /class/thermal u:object_r:sysfs_thermal:s0 genfscon sysfs /class/uio u:object_r:sysfs_uio:s0 genfscon sysfs /devices/soc/1da4000.ufshc/clkscale_enable u:object_r:sysfs_clkscale:s0 genfscon sysfs /devices/soc/soc:bt_wcn3990 u:object_r:sysfs_bluetooth_writable:s0 diff --git a/sepolicy/vendor/hal_dumpstate_impl.te b/sepolicy/vendor/hal_dumpstate_impl.te index 0cdaa309..38461d20 100644 --- a/sepolicy/vendor/hal_dumpstate_impl.te +++ b/sepolicy/vendor/hal_dumpstate_impl.te @@ -33,9 +33,7 @@ r_dir_file(hal_dumpstate_impl, sysfs_uio) r_dir_file(hal_dumpstate_impl, sysfs_rmtfs) r_dir_file(hal_dumpstate_impl, sysfs_msm_subsys) r_dir_file(hal_dumpstate_impl, sysfs_soc) - -allow hal_dumpstate_impl sysfs_thermal:dir search; -allow hal_dumpstate_impl sysfs_thermal:file r_file_perms; +r_dir_file(hal_dumpstate_impl, sysfs_thermal) allow hal_dumpstate_impl debugfs_ion:dir r_dir_perms; allow hal_dumpstate_impl debugfs_ion:file r_file_perms;