From a4babcf2bedabe8a56200062a322ff287b00e8e1 Mon Sep 17 00:00:00 2001
From: Vinay Kalia <vinaykalia@google.com>
Date: Fri, 19 Oct 2018 13:19:36 -0700
Subject: [PATCH] Add power.stats HAL 1.0 sepolicy

BUG: 117424656
BUG: 111185513
Test: run vts -m VtsHalPowerStatsV1_0Target

Change-Id: Icb0790219df4189c0dabbe41221e69e56d000755
---
 private/app_neverallows.te          | 1 +
 private/compat/28.0/28.0.ignore.cil | 1 +
 private/hwservice_contexts          | 1 +
 private/system_server.te            | 1 +
 public/attributes                   | 1 +
 public/hal_power_stats.te           | 5 +++++
 public/hwservice.te                 | 1 +
 vendor/file_contexts                | 1 +
 vendor/hal_power_stats_default.te   | 5 +++++
 9 files changed, 17 insertions(+)
 create mode 100644 public/hal_power_stats.te
 create mode 100644 vendor/hal_power_stats_default.te

diff --git a/private/app_neverallows.te b/private/app_neverallows.te
index c1f9a2b01..340ec947e 100644
--- a/private/app_neverallows.te
+++ b/private/app_neverallows.te
@@ -217,6 +217,7 @@ neverallow all_untrusted_apps {
   hal_nfc_hwservice
   hal_oemlock_hwservice
   hal_power_hwservice
+  hal_power_stats_hwservice
   hal_secure_element_hwservice
   hal_sensors_hwservice
   hal_telephony_hwservice
diff --git a/private/compat/28.0/28.0.ignore.cil b/private/compat/28.0/28.0.ignore.cil
index 24edae68a..3ad2ccddd 100644
--- a/private/compat/28.0/28.0.ignore.cil
+++ b/private/compat/28.0/28.0.ignore.cil
@@ -23,6 +23,7 @@
     color_display_service
     hal_atrace_hwservice
     hal_health_storage_hwservice
+    hal_power_stats_hwservice
     hal_system_suspend_default
     hal_system_suspend_default_exec
     hal_system_suspend_default_tmpfs
diff --git a/private/hwservice_contexts b/private/hwservice_contexts
index 6c00f35a3..356353dd8 100644
--- a/private/hwservice_contexts
+++ b/private/hwservice_contexts
@@ -41,6 +41,7 @@ android.hardware.neuralnetworks::IDevice                        u:object_r:hal_n
 android.hardware.nfc::INfc                                      u:object_r:hal_nfc_hwservice:s0
 android.hardware.oemlock::IOemLock                              u:object_r:hal_oemlock_hwservice:s0
 android.hardware.power::IPower                                  u:object_r:hal_power_hwservice:s0
+android.hardware.power.stats::IPowerStats                       u:object_r:hal_power_stats_hwservice:s0
 android.hardware.radio.config::IRadioConfig                     u:object_r:hal_telephony_hwservice:s0
 android.hardware.radio.deprecated::IOemHook                     u:object_r:hal_telephony_hwservice:s0
 android.hardware.radio::IRadio                                  u:object_r:hal_telephony_hwservice:s0
diff --git a/private/system_server.te b/private/system_server.te
index c18f4e5fa..bf2d1f1ad 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -209,6 +209,7 @@ hal_client_domain(system_server, hal_neuralnetworks)
 hal_client_domain(system_server, hal_oemlock)
 hal_client_domain(system_server, hal_omx)
 hal_client_domain(system_server, hal_power)
+hal_client_domain(system_server, hal_power_stats)
 hal_client_domain(system_server, hal_sensors)
 hal_client_domain(system_server, hal_system_suspend)
 hal_client_domain(system_server, hal_tetheroffload)
diff --git a/public/attributes b/public/attributes
index f56919a8b..963e3c82e 100644
--- a/public/attributes
+++ b/public/attributes
@@ -274,6 +274,7 @@ hal_attribute(nfc);
 hal_attribute(oemlock);
 hal_attribute(omx);
 hal_attribute(power);
+hal_attribute(power_stats);
 hal_attribute(secure_element);
 hal_attribute(sensors);
 hal_attribute(system_suspend);
diff --git a/public/hal_power_stats.te b/public/hal_power_stats.te
new file mode 100644
index 000000000..2c04008bd
--- /dev/null
+++ b/public/hal_power_stats.te
@@ -0,0 +1,5 @@
+# HwBinder IPC from client to server, and callbacks
+binder_call(hal_power_stats_client, hal_power_stats_server)
+binder_call(hal_power_stats_server, hal_power_stats_client)
+
+hal_attribute_hwservice(hal_power_stats, hal_power_stats_hwservice)
diff --git a/public/hwservice.te b/public/hwservice.te
index e5c254ec0..41b039692 100644
--- a/public/hwservice.te
+++ b/public/hwservice.te
@@ -37,6 +37,7 @@ type hal_nfc_hwservice, hwservice_manager_type;
 type hal_oemlock_hwservice, hwservice_manager_type;
 type hal_omx_hwservice, hwservice_manager_type;
 type hal_power_hwservice, hwservice_manager_type;
+type hal_power_stats_hwservice, hwservice_manager_type;
 type hal_renderscript_hwservice, hwservice_manager_type, same_process_hwservice;
 type hal_secure_element_hwservice, hwservice_manager_type;
 type hal_sensors_hwservice, hwservice_manager_type;
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 44198cc42..58a42e054 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -38,6 +38,7 @@
 /(vendor|system/vendor)/bin/hw/android\.hardware\.nfc@1\.1-service            u:object_r:hal_nfc_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.media\.omx@1\.0-service            u:object_r:mediacodec_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.power@1\.0-service          u:object_r:hal_power_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.power\.stats@1\.0-service   u:object_r:hal_power_stats_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.radio\.config@1\.0-service  u:object_r:hal_radio_config_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.radio@1\.2-radio-service    u:object_r:hal_radio_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.radio@1\.2-sap-service    u:object_r:hal_radio_default_exec:s0
diff --git a/vendor/hal_power_stats_default.te b/vendor/hal_power_stats_default.te
new file mode 100644
index 000000000..b7a2c023a
--- /dev/null
+++ b/vendor/hal_power_stats_default.te
@@ -0,0 +1,5 @@
+type hal_power_stats_default, domain;
+hal_server_domain(hal_power_stats_default, hal_power_stats)
+
+type hal_power_stats_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_power_stats_default)
-- 
GitLab