Allow system server to access udc sysfs Needed for UsbDeviceManager to monitor usb gadget state Bug: 339241080 Test: no audit logs Change-Id: Ib94f82a8583ea744ee2a54069fa82c6ac8dcc43f

commit: f1c7e14215826f40a0e0a998d95148164d0ded0c [log] [tgz]
author: Roy Luo <royluo@google.com> Thu Nov 21 22:21:10 2024 +0000
committer: Roy Luo <royluo@google.com> Thu Nov 21 22:21:10 2024 +0000
tree: a034f310cd963c1ff86c65abf1e8f3386487ed76
parent: fde8d134411621a7706bcbba4bd53cca47d4e0df [diff] [blame]
diff --git a/private/system_server.te b/private/system_server.te
index aeeb566..e61f8b8 100644
--- a/private/system_server.te
+++ b/private/system_server.te

@@ -1280,6 +1280,11 @@
 # UsbDeviceManager uses /dev/usb-ffs
 allow system_server functionfs:dir search;
 allow system_server functionfs:file rw_file_perms;
+# To resolve arbitrary sysfs paths from /sys/class/udc/* symlinks.
+starting_at_board_api(202504, `
+allow system_server sysfs_type:dir search;
+r_dir_file(system_server, sysfs_udc)
+')
 
 # system_server contains time / time zone detection logic so reads the associated properties.
 get_prop(system_server, time_prop)
commit	f1c7e14215826f40a0e0a998d95148164d0ded0c	[log] [tgz]
author	Roy Luo <royluo@google.com>	Thu Nov 21 22:21:10 2024 +0000
committer	Roy Luo <royluo@google.com>	Thu Nov 21 22:21:10 2024 +0000
tree	a034f310cd963c1ff86c65abf1e8f3386487ed76
parent	fde8d134411621a7706bcbba4bd53cca47d4e0df [diff] [blame]