sepolicy: allow PowerStats HAL to access below sysfs

aoc, acpm_stats, cpu, edgetpu, iio_devices, odpm, wifi and ufs (All avc logs are listed in b/207598247#comment2) Bug: 207062210 Bug: 207571335 Bug: 207720720 Bug: 207598247 Test: dump power stats with no relevant avc error Change-Id: I9c99af2d06461a2f86ef02d76b3aa8ea669e58e9 Signed-off-by: Darren Hsu <darrenhsu@google.com>
2022-01-21 15:01:52 +08:00 · 2022-01-21 15:01:52 +08:00 · 89f14a9496
commit 89f14a9496
parent a7e3b39ca4
4 changed files with 25 additions and 31 deletions
--- a/tracking_denials/hal_power_stats_default.te
+++ b/tracking_denials/hal_power_stats_default.te
@ -1,25 +0,0 @@
-# b/207062210
-dontaudit hal_power_stats_default sysfs:file { getattr };
-dontaudit hal_power_stats_default sysfs:file { open };
-dontaudit hal_power_stats_default sysfs:file { read };
-dontaudit hal_power_stats_default sysfs_edgetpu:dir { search };
-dontaudit hal_power_stats_default sysfs_edgetpu:file { getattr };
-dontaudit hal_power_stats_default sysfs_edgetpu:file { open };
-dontaudit hal_power_stats_default sysfs_edgetpu:file { read };
-dontaudit hal_power_stats_default sysfs_iio_devices:dir { read open };
-dontaudit hal_power_stats_default sysfs_iio_devices:dir { read };
-dontaudit hal_power_stats_default sysfs_iio_devices:dir { search };
-# b/207571335
-dontaudit hal_power_stats_default sysfs_acpm_stats:dir { search };
-dontaudit hal_power_stats_default sysfs_acpm_stats:file { read };
-dontaudit hal_power_stats_default sysfs_aoc:dir { search };
-dontaudit hal_power_stats_default sysfs_aoc:file { getattr };
-dontaudit hal_power_stats_default sysfs_aoc:file { open };
-dontaudit hal_power_stats_default sysfs_aoc:file { read };
-# b/207720720
-dontaudit hal_power_stats_default sysfs_acpm_stats:file { getattr };
-dontaudit hal_power_stats_default sysfs_acpm_stats:file { open };
-dontaudit hal_power_stats_default sysfs_wifi:dir { search };
-dontaudit hal_power_stats_default sysfs_wifi:file { getattr };
-dontaudit hal_power_stats_default sysfs_wifi:file { open };
-dontaudit hal_power_stats_default sysfs_wifi:file { read };
--- a/whitechapel_pro/file.te
+++ b/whitechapel_pro/file.te
@ -42,6 +42,7 @@ type sysfs_wlc, sysfs_type, fs_type;
 type sysfs_chargelevel, sysfs_type, fs_type;
 type sysfs_mfc, sysfs_type, fs_type;
 type sysfs_cpu, sysfs_type, fs_type;
+type sysfs_odpm, sysfs_type, fs_type;

 # debugfs
 type debugfs_f2fs, debugfs_type, fs_type;
--- a/whitechapel_pro/genfs_contexts
+++ b/whitechapel_pro/genfs_contexts
@ -21,6 +21,8 @@ genfscon sysfs /devices/platform/17000050.devfreq_cam/devfreq/17000050.devfreq_c
 genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/time_in_state       u:object_r:sysfs_cpu:s0
 genfscon sysfs /devices/platform/17000070.devfreq_mfc/devfreq/17000070.devfreq_mfc/time_in_state       u:object_r:sysfs_cpu:s0
 genfscon sysfs /devices/platform/17000080.devfreq_bo/devfreq/17000080.devfreq_bo/time_in_state         u:object_r:sysfs_cpu:s0
+genfscon sysfs /devices/platform/28000000.mali/time_in_state                                           u:object_r:sysfs_cpu:s0
+genfscon sysfs /devices/platform/28000000.mali/uid_time_in_state                                       u:object_r:sysfs_cpu:s0

 # Touch
 genfscon sysfs /devices/platform/10d10000.spi/spi_master/spi0/spi0.0/synaptics_tcm.0/sysfs   u:object_r:sysfs_touch:s0
@ -52,9 +54,20 @@ genfscon sysfs /devices/platform/mfc-core/sscoredump/sscd_mfc-core/report_count
 genfscon sysfs /devices/platform/wlan/sscoredump/sscd_wlan/report_count                                 u:object_r:sysfs_sscoredump_subsystem_report_count:s0

 # Power Stats
-genfscon sysfs /devices/platform/cpif/modem/power_stats                                                 u:object_r:sysfs_power_stats:s0
-genfscon sysfs /devices/platform/11920000.pcie/power_stats                                              u:object_r:sysfs_power_stats:s0
-genfscon sysfs /devices/platform/14520000.pcie/power_stats                                              u:object_r:sysfs_power_stats:s0
+genfscon sysfs /devices/platform/cpif/modem/power_stats                       u:object_r:sysfs_power_stats:s0
+genfscon sysfs /devices/platform/11920000.pcie/power_stats                    u:object_r:sysfs_power_stats:s0
+genfscon sysfs /devices/platform/14520000.pcie/power_stats                    u:object_r:sysfs_power_stats:s0
+genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-st21nfc/power_stats u:object_r:sysfs_power_stats:s0
+
+# Power ODPM
+genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-7/i2c-s2mpg12mfd/s2mpg12-meter/s2mpg12-odpm/iio:device0/name          u:object_r:sysfs_odpm:s0
+genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-7/i2c-s2mpg12mfd/s2mpg12-meter/s2mpg12-odpm/iio:device0/energy_value  u:object_r:sysfs_odpm:s0
+genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-7/i2c-s2mpg12mfd/s2mpg12-meter/s2mpg12-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0
+genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-7/i2c-s2mpg12mfd/s2mpg12-meter/s2mpg12-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0
+genfscon sysfs /devices/platform/acpm_mfd_bus@18110000/i2c-8/i2c-s2mpg13mfd/s2mpg13-meter/s2mpg13-odpm/iio:device1/name          u:object_r:sysfs_odpm:s0
+genfscon sysfs /devices/platform/acpm_mfd_bus@18110000/i2c-8/i2c-s2mpg13mfd/s2mpg13-meter/s2mpg13-odpm/iio:device1/energy_value  u:object_r:sysfs_odpm:s0
+genfscon sysfs /devices/platform/acpm_mfd_bus@18110000/i2c-8/i2c-s2mpg13mfd/s2mpg13-meter/s2mpg13-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0
+genfscon sysfs /devices/platform/acpm_mfd_bus@18110000/i2c-8/i2c-s2mpg13mfd/s2mpg13-meter/s2mpg13-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0

 # Devfreq current frequency
 genfscon sysfs /devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/cur_freq             u:object_r:sysfs_devfreq_cur:s0
--- a/whitechapel_pro/hal_power_stats_default.te
+++ b/whitechapel_pro/hal_power_stats_default.te
@ -1,10 +1,15 @@
-allow hal_power_stats_default sysfs_scsi_devices_0000:dir r_dir_perms;
-allow hal_power_stats_default sysfs_scsi_devices_0000:file r_file_perms;
-
 # allowed to access dislay stats sysfs node
 allow hal_power_stats_default sysfs_display:file r_file_perms;

+r_dir_file(hal_power_stats_default, sysfs_aoc)
+r_dir_file(hal_power_stats_default, sysfs_acpm_stats)
+r_dir_file(hal_power_stats_default, sysfs_cpu)
+r_dir_file(hal_power_stats_default, sysfs_edgetpu)
+r_dir_file(hal_power_stats_default, sysfs_iio_devices)
 r_dir_file(hal_power_stats_default, sysfs_leds)
+r_dir_file(hal_power_stats_default, sysfs_odpm)
+r_dir_file(hal_power_stats_default, sysfs_scsi_devices_0000)
+r_dir_file(hal_power_stats_default, sysfs_wifi)

 # getStateResidency AIDL callback for Bluetooth HAL
 binder_call(hal_power_stats_default, hal_bluetooth_btlinux)