Allow shell read access to suspend mechanism
The sysfs node /sys/power/mem_sleep can be used to infer suspend
mechanism used by the device as part of CTS tests.
Test: adb shell cat /sys/power/mem_sleep
Bug: 378969936
Merged-In: I5bf2c5da6b5346e5b58f83cb6bab6875a8c0fea2
Change-Id: I25652e46dd816a44137c1742f3709192569defa6
diff --git a/compat/plat_sepolicy_genfs_202504.cil b/compat/plat_sepolicy_genfs_202504.cil
index 79cc732..d78194f 100644
--- a/compat/plat_sepolicy_genfs_202504.cil
+++ b/compat/plat_sepolicy_genfs_202504.cil
@@ -1 +1,2 @@
(genfscon sysfs "/class/udc" (u object_r sysfs_udc ((s0) (s0))))
+(genfscon sysfs "/power/mem_sleep" (u object_r sysfs_mem_sleep ((s0) (s0))))
diff --git a/private/compat/202404/202404.cil b/private/compat/202404/202404.cil
index c78632b..e9c97e5 100644
--- a/private/compat/202404/202404.cil
+++ b/private/compat/202404/202404.cil
@@ -2475,7 +2475,7 @@
(typeattributeset surfaceflinger_tmpfs_202404 (surfaceflinger_tmpfs))
(typeattributeset suspend_prop_202404 (suspend_prop))
(typeattributeset swap_block_device_202404 (swap_block_device))
-(typeattributeset sysfs_202404 (sysfs sysfs_udc))
+(typeattributeset sysfs_202404 (sysfs sysfs_mem_sleep sysfs_udc))
(typeattributeset sysfs_android_usb_202404 (sysfs_android_usb))
(typeattributeset sysfs_batteryinfo_202404 (sysfs_batteryinfo))
(typeattributeset sysfs_bluetooth_writable_202404 (sysfs_bluetooth_writable))
diff --git a/private/file.te b/private/file.te
index 856af1d..af1ed8b 100644
--- a/private/file.te
+++ b/private/file.te
@@ -259,5 +259,9 @@
type tee_service_contexts_file, system_file_type, file_type;
')
+until_board_api(202504, `
+ type sysfs_mem_sleep, fs_type, sysfs_type;
+')
+
## END Types added in 202504 in public/file.te
diff --git a/private/shell.te b/private/shell.te
index 890d6f4..2033f7e 100644
--- a/private/shell.te
+++ b/private/shell.te
@@ -444,6 +444,9 @@
# Allow reads (but not writes) of the MGLRU state
allow shell sysfs_lru_gen_enabled:file r_file_perms;
+# Allow reads (but not writes) of mem_sleep to determine suspend mechanism
+allow shell sysfs_mem_sleep:file r_file_perms;
+
# Allow communicating with the VM terminal.
userdebug_or_eng(`
allow shell vmlauncher_app_devpts:chr_file rw_file_perms;
diff --git a/public/file.te b/public/file.te
index 94483a3..4fca64e 100644
--- a/public/file.te
+++ b/public/file.te
@@ -124,6 +124,11 @@
type sysfs_net, fs_type, sysfs_type;
type sysfs_power, fs_type, sysfs_type;
type sysfs_rtc, fs_type, sysfs_type;
+
+starting_at_board_api(202504, `
+ type sysfs_mem_sleep, fs_type, sysfs_type;
+')
+
type sysfs_suspend_stats, fs_type, sysfs_type;
type sysfs_switch, fs_type, sysfs_type;
type sysfs_sync_on_suspend, fs_type, sysfs_type;
