From 492f8a39f4bc1de0fbd79adfd416e0df496d0b17 Mon Sep 17 00:00:00 2001
From: William Tai <williamtai@google.com>
Date: Thu, 20 Jan 2022 15:59:40 +0800
Subject: [PATCH] allow android.hardware.power.stats-service.pixel to access
 sysfs_leds

01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:8): avc: denied { search } for name="backlight" dev="sysfs" ino=69387 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:9): avc: denied { read } for name="state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

Bug: 214473005
Test: no avc denied error during bootup
Change-Id: I5b8a232202a8f1c5b10878c10be9bec3329fb7ad
---
 tracking_denials/hal_power_stats_default.te | 4 ----
 whitechapel_pro/hal_power_stats_default.te  | 2 ++
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/tracking_denials/hal_power_stats_default.te b/tracking_denials/hal_power_stats_default.te
index 7a5fff14..ff6abb06 100644
--- a/tracking_denials/hal_power_stats_default.te
+++ b/tracking_denials/hal_power_stats_default.te
@@ -25,7 +25,3 @@ dontaudit hal_power_stats_default sysfs_wifi:dir { search };
 dontaudit hal_power_stats_default sysfs_wifi:file { getattr };
 dontaudit hal_power_stats_default sysfs_wifi:file { open };
 dontaudit hal_power_stats_default sysfs_wifi:file { read };
-# b/214473005
-dontaudit hal_power_stats_default sysfs_leds:dir { search };
-dontaudit hal_power_stats_default sysfs_leds:file { open };
-dontaudit hal_power_stats_default sysfs_leds:file { read };
diff --git a/whitechapel_pro/hal_power_stats_default.te b/whitechapel_pro/hal_power_stats_default.te
index aa17ffe1..7733ffdb 100644
--- a/whitechapel_pro/hal_power_stats_default.te
+++ b/whitechapel_pro/hal_power_stats_default.te
@@ -3,3 +3,5 @@ allow hal_power_stats_default sysfs_scsi_devices_0000:file r_file_perms;
 
 # allowed to access dislay stats sysfs node
 allow hal_power_stats_default sysfs_display:file r_file_perms;
+
+r_dir_file(hal_power_stats_default, sysfs_leds)