Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 3e4d97b15818d00f5064507b103e680c6cb85ad3^! / . / private
commit3e4d97b15818d00f5064507b103e680c6cb85ad3[log] [tgz]
authorBenjamin Schwartz <bsschwar@google.com>Fri Oct 30 13:55:21 2020 -0700
committerBenjamin Schwartz <bsschwar@google.com>Mon Nov 09 15:47:12 2020 -0800
treedc97fdeb83811ce7d5d4ad3305fc2c0dcd697046
parentdd92be827120c8b5e7910daababfd3167aa03a3c [diff]
Added read only suspend hal properties

Bug: 170587692
Test: Inspected logs to confirm android.system.suspend can access the
properties

Change-Id: Ie6a84afe490df0d2b11ff4f06588c7bca68d9850

diff --git a/private/property.te b/private/property.te
index bf73c3d..10cfb49 100644
--- a/private/property.te
+++ b/private/property.te

@@ -16,6 +16,7 @@
 system_internal_prop(netd_stable_secret_prop)
 system_internal_prop(pm_prop)
 system_internal_prop(system_adbd_prop)
+system_internal_prop(suspend_prop)
 system_internal_prop(traced_perf_enabled_prop)
 system_internal_prop(userspace_reboot_log_prop)
 system_internal_prop(userspace_reboot_test_prop)
@@ -284,6 +285,13 @@
   } {
     wifi_prop
   }:file no_rw_file_perms;
+
+  neverallow {
+    domain
+    -init
+  } {
+    suspend_prop
+  }:property_service set;
 ')
 
 compatible_property_only(`

diff --git a/private/property_contexts b/private/property_contexts
index 1399ff4..0beff0d 100644
--- a/private/property_contexts
+++ b/private/property_contexts

@@ -95,6 +95,15 @@
 sys.lmk.                u:object_r:system_lmk_prop:s0
 sys.trace.              u:object_r:system_trace_prop:s0
 
+# Suspend service properties
+suspend.max_sleep_time_millis u:object_r:suspend_prop:s0 exact uint
+suspend.base_sleep_time_millis u:object_r:suspend_prop:s0 exact uint
+suspend.backoff_threshold_count u:object_r:suspend_prop:s0 exact uint
+suspend.short_suspend_threshold_millis u:object_r:suspend_prop:s0 exact uint
+suspend.sleep_time_scale_factor u:object_r:suspend_prop:s0 exact double
+suspend.failed_suspend_backoff_enabled u:object_r:suspend_prop:s0 exact bool
+suspend.short_suspend_backoff_enabled u:object_r:suspend_prop:s0 exact bool
+
 # Fastbootd protocol control property
 fastbootd.protocol    u:object_r:fastbootd_protocol_prop:s0 exact enum usb tcp
 

diff --git a/private/system_suspend.te b/private/system_suspend.te
index 217548f..857fea8 100644
--- a/private/system_suspend.te
+++ b/private/system_suspend.te

@@ -18,6 +18,9 @@
 # To resolve arbitrary sysfs paths from /sys/class/wakeup/* symlinks.
 allow system_suspend sysfs_type:dir search;
 
+# Access to suspend_hal system properties
+get_prop(system_suspend, suspend_prop)
+
 # To call BTAA registered callbacks
 allow system_suspend bluetooth:binder call;