From 24cfe388c5f6e0c25a42dd3a252a1b0102b981ae Mon Sep 17 00:00:00 2001 From: Wasb Liu Date: Mon, 14 Nov 2022 09:49:24 +0000 Subject: [PATCH] hal_health_default: updated sepolicy allow android.hardware.health service to access persist_battery_file 11-14 13:53:39.242 872 872 W android.hardwar: type=1400 audit(0.0:17): avc: denied { search } for name="battery" dev="sda1" ino=84 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=dir permissive=0 Bug: 258535661 Test: check for no avc denied on persist_battery_file Change-Id: I7564b03339e17f9eea4aa5a8feda31bcfdd6100c Signed-off-by: Wasb Liu --- whitechapel_pro/hal_health_default.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/whitechapel_pro/hal_health_default.te b/whitechapel_pro/hal_health_default.te index d953d4b2..6c3c6940 100644 --- a/whitechapel_pro/hal_health_default.te +++ b/whitechapel_pro/hal_health_default.te @@ -1,5 +1,7 @@ allow hal_health_default mnt_vendor_file:dir search; allow hal_health_default persist_file:dir search; +allow hal_health_default persist_battery_file:file create_file_perms; +allow hal_health_default persist_battery_file:dir rw_dir_perms; set_prop(hal_health_default, vendor_battery_defender_prop)