From 66f8039b5d938c884171e66d3986e8ae61d02f02 Mon Sep 17 00:00:00 2001
From: Ted Lin <tedlin@google.com>
Date: Fri, 24 Dec 2021 14:49:47 +0800
Subject: [PATCH] HardwareInfo: Add sepolicy for battery

12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:11): avc: denied { getattr } for path="/sys/devices/platform/google,battery/power_supply/battery/serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/google,battery/power_supply/battery/serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:9): avc: denied { read } for name="serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug:208909060
Test: adb bugreport
Change-Id: Ide376401ada800718acf35db11ce79a5e63fe75d
Signed-off-by: Ted Lin <tedlin@google.com>
---
 tracking_denials/hardware_info_app.te | 4 ----
 whitechapel_pro/hardware_info_app.te  | 4 ++++
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/tracking_denials/hardware_info_app.te b/tracking_denials/hardware_info_app.te
index 58b70ca5..1c5ae7ed 100644
--- a/tracking_denials/hardware_info_app.te
+++ b/tracking_denials/hardware_info_app.te
@@ -3,8 +3,4 @@ dontaudit hardware_info_app sysfs:file { getattr };
 dontaudit hardware_info_app sysfs:file { open };
 dontaudit hardware_info_app sysfs:file { read };
 # b/208909060
-dontaudit hardware_info_app sysfs_batteryinfo:dir { search };
-dontaudit hardware_info_app sysfs_batteryinfo:file { getattr };
-dontaudit hardware_info_app sysfs_batteryinfo:file { open };
-dontaudit hardware_info_app sysfs_batteryinfo:file { read };
 dontaudit hardware_info_app vendor_regmap_debugfs:dir { search };
diff --git a/whitechapel_pro/hardware_info_app.te b/whitechapel_pro/hardware_info_app.te
index d89c53ab..57a90358 100644
--- a/whitechapel_pro/hardware_info_app.te
+++ b/whitechapel_pro/hardware_info_app.te
@@ -9,3 +9,7 @@ allow hardware_info_app sysfs_scsi_devices_0000:file r_file_perms;
 
 # Audio
 allow hardware_info_app sysfs_pixelstats:file r_file_perms;
+
+# Batteryinfo
+allow hardware_info_app sysfs_batteryinfo:dir search;
+allow hardware_info_app sysfs_batteryinfo:file r_file_perms;