From 32cacb42b91badbc8ee7634dfd7a88ca80ecf9b4 Mon Sep 17 00:00:00 2001
From: Sandeep Patil <sspatil@google.com>
Date: Tue, 8 Nov 2016 19:08:37 -0800
Subject: [PATCH] health: allow rules for passthrough health HAL

- allows binder calls to hwservicemanager
- allows healthd to read system_file for passthrough HAL

Test: Tested healthd with and without a board specific health HAL on
Angler.

Bug: b/32724915

Change-Id: Icf621859f715cb44bce5d8d3b60320ef495d1543
Signed-off-by: Sandeep Patil <sspatil@google.com>
---
 public/healthd.te | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/public/healthd.te b/public/healthd.te
index cbc5c46a6..482eaeeb2 100644
--- a/public/healthd.te
+++ b/public/healthd.te
@@ -10,6 +10,10 @@ r_dir_file(healthd, sysfs_type)
 r_dir_file(healthd, rootfs)
 r_dir_file(healthd, cgroup)
 
+# Read access to system files for passthrough HALs in
+# /{system,vendor,odm}/lib[64]/hw/
+r_dir_file(healthd, system_file)
+
 allow healthd self:capability { net_admin sys_tty_config };
 
 wakelock_use(healthd)
@@ -19,6 +23,7 @@ allow healthd self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
 binder_use(healthd)
 binder_service(healthd)
 binder_call(healthd, system_server)
+binder_call(healthd, hwservicemanager)
 
 allow healthd sysfs_batteryinfo:file r_file_perms;
 allow healthd batteryproperties_service:service_manager { add find };
-- 
GitLab