recovery: allow to talk to health HAL. On non-A/B devices, recovery needs to check if battery is okay before applying the update. This requires talking to the AIDL health HAL if the device uses AIDL health HAL. Test: manually calling GetBatteryInfo and check for denials Bug: 170338625 Bug: 177269435 Change-Id: Ia89353cfff023376a4176c0582312bdcab00b5e6

commit: 0ad8b6a1d2b0e525611a510e15f7546450c41269 [log] [tgz]
author: Yifan Hong <elsk@google.com> Tue Nov 30 16:44:27 2021 -0800
committer: Yifan Hong <elsk@google.com> Tue Nov 30 16:44:42 2021 -0800
tree: ff1366747ae2bbdceb18b96f48558612f17adc2e
parent: b8f39c49f5ef7f6d8e7ce5d31bb8f010eb16c0c2 [diff]
diff --git a/public/recovery.te b/public/recovery.te
index 33658e8..b4b4109 100755
--- a/public/recovery.te
+++ b/public/recovery.te

@@ -9,9 +9,12 @@
 recovery_only(`
   # Allow recovery to perform an update as update_engine would do.
   typeattribute recovery update_engine_common;
-  # Recovery can only use HALs in passthrough mode
+  # Recovery can use HIDL HALs in passthrough mode
   passthrough_hal_client_domain(recovery, hal_bootctl)
 
+  # Recovery can use AIDL HALs in binder mode
+  hal_client_domain(recovery, hal_health)
+
   allow recovery self:global_capability_class_set {
     chown
     dac_override
commit	0ad8b6a1d2b0e525611a510e15f7546450c41269	[log] [tgz]
author	Yifan Hong <elsk@google.com>	Tue Nov 30 16:44:27 2021 -0800
committer	Yifan Hong <elsk@google.com>	Tue Nov 30 16:44:42 2021 -0800
tree	ff1366747ae2bbdceb18b96f48558612f17adc2e
parent	b8f39c49f5ef7f6d8e7ce5d31bb8f010eb16c0c2 [diff]