1type system_suspend, domain, coredomain, system_suspend_server; 2 3type system_suspend_exec, system_file_type, exec_type, file_type; 4init_daemon_domain(system_suspend) 5 6# To serve ISuspendControlService.aidl. 7binder_use(system_suspend) 8add_service(system_suspend, system_suspend_control_service) 9 10# Access to /sys/power/{ wakeup_count, state } suspend interface. 11allow system_suspend sysfs_power:file rw_file_perms; 12 13# Access to wakeup and suspend stats. 14r_dir_file(system_suspend, sysfs_suspend_stats) 15r_dir_file(system_suspend, sysfs_wakeup) 16# To resolve arbitrary sysfs paths from /sys/class/wakeup/* symlinks. 17allow system_suspend sysfs_type:dir search; 18 19neverallow { 20 domain 21 -atrace # tracing 22 -dumpstate # bug reports 23 -system_suspend # implements system_suspend_control_service 24 -system_server # configures system_suspend via ISuspendControlService 25 -traceur_app # tracing 26} system_suspend_control_service:service_manager find; 27