1# HwBinder IPC from client to server, and callbacks 2binder_call(hal_health_client, hal_health_server) 3binder_call(hal_health_server, hal_health_client) 4 5hal_attribute_hwservice(hal_health, hal_health_hwservice) 6hal_attribute_service(hal_health, hal_health_service) 7 8# Common rules for a health service. 9 10# Allow to listen to uevents for updates 11allow hal_health_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; 12 13# Allow to read /sys/class/power_supply directory 14allow hal_health_server sysfs:dir r_dir_perms; 15 16# Allow to read files under /sys/class/power_supply. Implementations typically have symlinks 17# to vendor specific files. Vendors should mark sysfs_batteryinfo on all files read by health 18# HAL service. 19r_dir_file(hal_health_server, sysfs_batteryinfo) 20 21# Allow to wake up to send periodic events 22wakelock_use(hal_health_server) 23 24# Write to /dev/kmsg 25allow hal_health_server kmsg_device:chr_file { getattr w_file_perms }; 26 27# Allow to use timerfd to wake itself up periodically to send health info. 28allow hal_health_server self:capability2 wake_alarm; 29 30# Use bpf programs 31allow hal_health_server fs_bpf_vendor:dir search; 32allow hal_health_server fs_bpf_vendor:file read; 33allow hal_health_server bpfloader:bpf prog_run; 34