Merge "Add charger_vendor type"

commit: 0ce3e70c84e056127ffbf65b86b86a2cad521e09 [log] [tgz]
author: Treehugger Robot <treehugger-gerrit@google.com> Fri Dec 10 02:16:55 2021 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Fri Dec 10 02:16:55 2021 +0000
tree: 2ebb0fcec936b9eeb266eee12995b7b406be77ab
parent: 8bc0b045557719de74dc9314cdb12fe01efb5ae6 [diff]
parent: 035ce4b7f4ab47857691239d9d2e1fa635cdc06e [diff]
diff --git a/private/charger_type.te b/private/charger_type.te
index cb699de..3647496 100644
--- a/private/charger_type.te
+++ b/private/charger_type.te

@@ -15,18 +15,18 @@
     -vendor_init
 } charger_config_prop:property_service set;
 
-# charger_status_prop: Only init, vendor_init, charger, and hal_health_server
+# charger_status_prop: Only init, vendor_init, charger, and charger_vendor
 # are allowed to set it
 neverallow {
     domain
     -init
     -vendor_init
     -charger
-    -hal_health_server
+    -charger_vendor
 } charger_status_prop:property_service set;
 
 # Both charger_config_prop and charger_status_prop:
-# Only init, vendor_init, dumpstate, charger, and hal_health_server
+# Only init, vendor_init, dumpstate, charger, and charger_vendor
 # are allowed to read it
 neverallow {
     domain
@@ -34,5 +34,5 @@
     -dumpstate
     -vendor_init
     -charger
-    -hal_health_server
+    -charger_vendor
 } { charger_config_prop charger_status_prop }:file no_rw_file_perms;

diff --git a/private/compat/32.0/32.0.ignore.cil b/private/compat/32.0/32.0.ignore.cil
index 6eb9e46..2845373 100644
--- a/private/compat/32.0/32.0.ignore.cil
+++ b/private/compat/32.0/32.0.ignore.cil

@@ -8,6 +8,7 @@
     apexd_select_prop
     artd_service
     attestation_verification_service
+    charger_vendor
     device_config_nnapi_native_prop
     dice_maintenance_service
     dice_node_service

diff --git a/public/charger_vendor.te b/public/charger_vendor.te
new file mode 100644
index 0000000..2dd106f
--- /dev/null
+++ b/public/charger_vendor.te

@@ -0,0 +1,4 @@
+# Context when health HAL runs charger mode
+
+type charger_vendor, charger_type, domain;
+hal_server_domain(charger_vendor, hal_health)

diff --git a/vendor/hal_health_default.te b/vendor/hal_health_default.te
index 9b2b921..a48c7b8 100644
--- a/vendor/hal_health_default.te
+++ b/vendor/hal_health_default.te

@@ -4,3 +4,7 @@
 
 type hal_health_default_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(hal_health_default)
+
+# When executing the service in offline-charging mode,
+# allow to transition to charger_vendor domain.
+domain_trans(init, hal_health_default_exec, charger_vendor)
commit	0ce3e70c84e056127ffbf65b86b86a2cad521e09	[log] [tgz]
author	Treehugger Robot <treehugger-gerrit@google.com>	Fri Dec 10 02:16:55 2021 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Fri Dec 10 02:16:55 2021 +0000
tree	2ebb0fcec936b9eeb266eee12995b7b406be77ab
parent	8bc0b045557719de74dc9314cdb12fe01efb5ae6 [diff]
parent	035ce4b7f4ab47857691239d9d2e1fa635cdc06e [diff]