Allow shell read access to suspend mechanism
at /sys/power/mem_sleep. This is used to infer suspend mechanism used
by the device as part of CTS tests.
Test: adb shell cat /sys/power/mem_sleep
Bug: 378969936
Ignore-AOSP-First: Merging in internal main first to resolve sepolicy
conflicts in internal products.
Change-Id: I25652e46dd816a44137c1742f3709192569defa6
diff --git a/private/compat/202404/202404.cil b/private/compat/202404/202404.cil
index c78632b..e9c97e5 100644
--- a/private/compat/202404/202404.cil
+++ b/private/compat/202404/202404.cil
@@ -2475,7 +2475,7 @@
(typeattributeset surfaceflinger_tmpfs_202404 (surfaceflinger_tmpfs))
(typeattributeset suspend_prop_202404 (suspend_prop))
(typeattributeset swap_block_device_202404 (swap_block_device))
-(typeattributeset sysfs_202404 (sysfs sysfs_udc))
+(typeattributeset sysfs_202404 (sysfs sysfs_mem_sleep sysfs_udc))
(typeattributeset sysfs_android_usb_202404 (sysfs_android_usb))
(typeattributeset sysfs_batteryinfo_202404 (sysfs_batteryinfo))
(typeattributeset sysfs_bluetooth_writable_202404 (sysfs_bluetooth_writable))
diff --git a/private/file.te b/private/file.te
index 189fb47..9b4c152 100644
--- a/private/file.te
+++ b/private/file.te
@@ -256,5 +256,9 @@
type tee_service_contexts_file, system_file_type, file_type;
')
+until_board_api(202504, `
+ type sysfs_mem_sleep, fs_type, sysfs_type;
+')
+
## END Types added in 202504 in public/file.te
diff --git a/private/shell.te b/private/shell.te
index 890d6f4..2033f7e 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -444,6 +444,9 @@
# Allow reads (but not writes) of the MGLRU state
allow shell sysfs_lru_gen_enabled:file r_file_perms;
+# Allow reads (but not writes) of mem_sleep to determine suspend mechanism
+allow shell sysfs_mem_sleep:file r_file_perms;
+
# Allow communicating with the VM terminal.
userdebug_or_eng(`
allow shell vmlauncher_app_devpts:chr_file rw_file_perms;