Add policy for power off alarm files and propeties

Add policy for power off alarm files and properties to provide access
to system_server and init_shell.

CRs-Fixed: 1016751
Change-Id: I2e629c41c316623d7c8b6f1c77d0256a4027c053

6 files changed, 20 insertions, 1 deletions

diff --git a/common/file.te b/common/file.te
index 0c3fdc04..81a36f94 100644
--- a/common/file.te
+++ b/common/file.te
@@ -196,3 +196,5 @@ type dynamic_nv_data_file, file_type, data_file_type;
 
 # wififtmd socket file
 type wififtmd_socket, file_type;
+
+type persist_alarm_file, file_type;
diff --git a/common/file_contexts b/common/file_contexts
index 22941317..5de981ba 100644
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -337,6 +337,7 @@
 /persist/bluetooth(/.*)?                                            u:object_r:persist_bluetooth_file:s0
 /persist/drm(/.*)?                                                  u:object_r:persist_drm_file:s0
 /persist/sensors(/.*)?                                              u:object_r:sensors_persist_file:s0
+/persist/alarm(/.*)?                                                u:object_r:persist_alarm_file:s0
 /persist/data(/.*)?                                                 u:object_r:persist_drm_file:s0
 /persist/data/tz(/.*)?                                              u:object_r:persist_drm_file:s0
 /persist/data/sfs(/.*)?                                             u:object_r:persist_drm_file:s0
diff --git a/common/init_shell.te b/common/init_shell.te
index b2abbf97..f31d8ace 100644
--- a/common/init_shell.te
+++ b/common/init_shell.te
@@ -175,3 +175,6 @@ allow qti_init_shell configfs:dir r_dir_perms;
 
 #Allow read permissions to read adj
 allow qti_init_shell sysfs_lowmemorykiller:file read;
+
+allow qti_init_shell persist_alarm_file:dir r_dir_perms;
+allow qti_init_shell persist_alarm_file:file r_file_perms;
diff --git a/common/property.te b/common/property.te
index 56972b78..afe7b46b 100644
--- a/common/property.te
+++ b/common/property.te
@@ -81,3 +81,6 @@ type wififtmd_prop, property_type, core_property_type;
 
 # WIGIG
 type fst_prop, property_type, core_property_type;
+
+type alarm_handled_prop, property_type, core_property_type;
+type alarm_instance_prop, property_type, core_property_type;
diff --git a/common/property_contexts b/common/property_contexts
index 5fad507c..a85af439 100644
--- a/common/property_contexts
+++ b/common/property_contexts
@@ -75,3 +75,5 @@ wifi.ftmd.                 u:object_r:wififtmd_prop:s0
 ro.bluetooth.              u:object_r:bluetooth_prop:s0
 # WIGIG
 persist.fst.               u:object_r:fst_prop:s0
+ro.alarm_handled           u:object_r:alarm_handled_prop:s0
+ro.alarm_instance          u:object_r:alarm_instance_prop:s0
diff --git a/common/system_server.te b/common/system_server.te
index 3abb3fcd..2d6c41be 100644
--- a/common/system_server.te
+++ b/common/system_server.te
@@ -37,7 +37,12 @@ allow system_server {
 allow system_server qtitetherservice_service:service_manager find;
 
 #For ANT tty communication and to set wc_transport prop
-allow system_server { bluetooth_prop usf_prop }:property_service set;
+allow system_server {
+    bluetooth_prop
+    usf_prop
+    alarm_handled_prop
+    alarm_instance_prop
+}:property_service set;
 
 # required for ANT App to connectto wcnss_filter sockets
 allow system_server bluetooth:unix_stream_socket connectto;
@@ -149,3 +154,6 @@ allow system_server fingerprintd_data_file:dir { rw_dir_perms rmdir };
 
 #for Wifi module this is needed
 allow system_server system_file:system module_load;
+
+allow system_server persist_alarm_file:dir rw_dir_perms;
+allow system_server persist_alarm_file:file { rw_file_perms create };