1*e4a36f41SAndroid Build Coastguard Workertype charger, domain; 2*e4a36f41SAndroid Build Coastguard Workertype charger_exec, system_file_type, exec_type, file_type; 3*e4a36f41SAndroid Build Coastguard Worker 4*e4a36f41SAndroid Build Coastguard Worker# Write to /dev/kmsg 5*e4a36f41SAndroid Build Coastguard Workerallow charger kmsg_device:chr_file rw_file_perms; 6*e4a36f41SAndroid Build Coastguard Worker 7*e4a36f41SAndroid Build Coastguard Worker# Read access to pseudo filesystems. 8*e4a36f41SAndroid Build Coastguard Workerr_dir_file(charger, rootfs) 9*e4a36f41SAndroid Build Coastguard Workerr_dir_file(charger, cgroup) 10*e4a36f41SAndroid Build Coastguard Workerr_dir_file(charger, cgroup_v2) 11*e4a36f41SAndroid Build Coastguard Worker 12*e4a36f41SAndroid Build Coastguard Worker# Allow to read /sys/class/power_supply directory 13*e4a36f41SAndroid Build Coastguard Workerallow charger sysfs_type:dir r_dir_perms; 14*e4a36f41SAndroid Build Coastguard Worker 15*e4a36f41SAndroid Build Coastguard Workerallow charger self:global_capability_class_set { sys_tty_config }; 16*e4a36f41SAndroid Build Coastguard Workerallow charger self:global_capability_class_set sys_boot; 17*e4a36f41SAndroid Build Coastguard Worker 18*e4a36f41SAndroid Build Coastguard Workerwakelock_use(charger) 19*e4a36f41SAndroid Build Coastguard Worker 20*e4a36f41SAndroid Build Coastguard Workerallow charger self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 21*e4a36f41SAndroid Build Coastguard Worker 22*e4a36f41SAndroid Build Coastguard Worker# Read/write to /sys/power/state 23*e4a36f41SAndroid Build Coastguard Workerallow charger sysfs_power:file rw_file_perms; 24*e4a36f41SAndroid Build Coastguard Worker 25*e4a36f41SAndroid Build Coastguard Workerr_dir_file(charger, sysfs_batteryinfo) 26*e4a36f41SAndroid Build Coastguard Worker 27*e4a36f41SAndroid Build Coastguard Worker# Read /sys/fs/pstore/console-ramoops 28*e4a36f41SAndroid Build Coastguard Worker# Don't worry about overly broad permissions for now, as there's 29*e4a36f41SAndroid Build Coastguard Worker# only one file in /sys/fs/pstore 30*e4a36f41SAndroid Build Coastguard Workerallow charger pstorefs:dir r_dir_perms; 31*e4a36f41SAndroid Build Coastguard Workerallow charger pstorefs:file r_file_perms; 32*e4a36f41SAndroid Build Coastguard Worker 33*e4a36f41SAndroid Build Coastguard Workerallow charger graphics_device:dir r_dir_perms; 34*e4a36f41SAndroid Build Coastguard Workerallow charger graphics_device:chr_file rw_file_perms; 35*e4a36f41SAndroid Build Coastguard Workerallow charger input_device:dir r_dir_perms; 36*e4a36f41SAndroid Build Coastguard Workerallow charger input_device:chr_file r_file_perms; 37*e4a36f41SAndroid Build Coastguard Workerallow charger tty_device:chr_file rw_file_perms; 38*e4a36f41SAndroid Build Coastguard Workerallow charger proc_sysrq:file rw_file_perms; 39*e4a36f41SAndroid Build Coastguard Worker 40*e4a36f41SAndroid Build Coastguard Workerhal_client_domain(charger, hal_health) 41