sm7325-common: Import stock charge_only_mode

Change-Id: I3542bac25ac2a161a165c55cbabe93ec75c04ce8
This commit is contained in:
Marc Bourgoin 2022-09-07 22:22:01 -06:00 committed by SGCMarkus
parent 6ad3cfa8ee
commit 032a78d43f
6 changed files with 148 additions and 1 deletions

94
sepolicy/vendor/charge_only.te vendored Normal file
View file

@ -0,0 +1,94 @@
type charge_only, domain;
type charge_only_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(charge_only)
# Read chargeonly_data_file
allow charge_only chargeonly_data_file:dir rw_dir_perms;
allow charge_only chargeonly_data_file:file create_file_perms;
# Write to /dev/kmsg
allow charge_only kmsg_device:chr_file rw_file_perms;
# Read access to pseudo filesystems.
r_dir_file(charge_only, sysfs_type)
r_dir_file(charge_only, rootfs)
r_dir_file(charge_only, cgroup)
# Self permissions
allow charge_only self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
# Wakelock
wakelock_use(charge_only)
# Allow access to sysfs
allow charge_only sysfs:dir { read open };
allow charge_only sysfs:file rw_file_perms;
# Allow access to wakelock sysfs
allow charge_only sysfs_wake_lock:file rw_file_perms;
# Allow access to battery info sysfs
allow charge_only sysfs_batteryinfo:file r_file_perms;
# Allow access to battery supply sysfs
allow charge_only sysfs_battery_supply:dir r_dir_perms;
allow charge_only sysfs_battery_supply:file r_file_perms;
allow charge_only sysfs_battery_supply:lnk_file r_file_perms;
# Allow access to usb supply sysfs
allow charge_only sysfs_usb_supply:dir r_dir_perms;
allow charge_only sysfs_usb_supply:file r_file_perms;
# Allow access to thermal sysfs
allow charge_only sysfs_thermal:dir r_dir_perms;
allow charge_only sysfs_thermal:file r_file_perms;
allow charge_only sysfs_thermal:lnk_file r_file_perms;
# Allow access to power sysfs
allow charge_only sysfs_power:file rw_file_perms;
# Allow access to graphics sysfs
allow charge_only sysfs_graphics:dir r_dir_perms;
allow charge_only sysfs_graphics:file rw_file_perms;
# Read /sys/fs/pstore/console-ramoops
# Don't worry about overly broad permissions for now, as there's
# only one file in /sys/fs/pstore
allow charge_only pstorefs:dir r_dir_perms;
allow charge_only pstorefs:file r_file_perms;
# Allow access to graphics dev
allow charge_only graphics_device:dir r_dir_perms;
allow charge_only graphics_device:chr_file rw_file_perms;
# Allow access to input dev
allow charge_only input_device:dir r_dir_perms;
allow charge_only input_device:chr_file r_file_perms;
# Allow access to tty dev
allow charge_only tty_device:chr_file rw_file_perms;
# Allow access to rtc dev
allow charge_only rtc_device:chr_file rw_file_perms;
# Allow access to proc_sysrq
allow charge_only proc_sysrq:file rw_file_perms;
# Allow access to persist dir
allow charge_only persist_chargeonly_file:dir r_dir_perms;
allow charge_only persist_chargeonly_file:file r_file_perms;
# Allow access to vendor dir
allow charge_only mnt_vendor_file:dir r_dir_perms;
# Exec shell scripts
allow charge_only vendor_shell_exec:file rx_file_perms;
# Socks
allow charge_only property_socket:sock_file write;
allow charge_only init:unix_stream_socket connectto;
# Props
get_prop(charge_only, powerctl_prop)
set_prop(charge_only, powerctl_prop)
get_prop(charge_only, vendor_display_prop)

View file

@ -1,6 +1,10 @@
# Camera
type vendor_persist_camera_file, file_type, vendor_persist_type;
# charge_only_mode
type chargeonly_data_file, file_type, data_file_type;
type persist_chargeonly_file, file_type, data_file_type;
# Cutback
type cutback_data_file, file_type, data_file_type;
type cutback_socket, file_type;

View file

@ -34,6 +34,11 @@
/sys/devices/virtual/input/input[0-9]+/offset u:object_r:vendor_sysfs_laser:s0
/sys/devices/virtual/input/input[0-9]+/xtalk u:object_r:vendor_sysfs_laser:s0
# Charger
/data/vendor/chargeonly(/.*)? u:object_r:chargeonly_data_file:s0
/(mnt/vendor/persist|persist)/chargeonly(/.*)? u:object_r:persist_chargeonly_file:s0
/(vendor|system/vendor)/bin/charge_only_mode u:object_r:charge_only_exec:s0
# Fingerprint
/(mnt/vendor/persist|persist)/fps(/.*)? u:object_r:vendor_persist_fps_file:s0
/(vendor|system/vendor)/bin/fpc_ident u:object_r:hal_fingerprint_default_exec:s0