sm7125-common: Sepolicy bringup for T

Change-Id: Ia7930b6ea149777a01eee3e13ff32c5d7234903e
2 years ago · 82b1fa0ddf
parent 5d9f802e48
commit 82b1fa0ddf
10 changed files with 27 additions and 1 deletions
--- a/sepolicy/public/property.te
+++ b/sepolicy/public/property.te
@ -0,0 +1,2 @@
+# Fingerprint
+system_public_prop(vendor_fingerprint_prop)
--- a/sepolicy/vendor/genfs_contexts
+++ b/sepolicy/vendor/genfs_contexts
@ -16,6 +16,9 @@ genfscon sysfs /devices/platform/soc/a84000.i2c/i2c-23/23-0049/input/
 genfscon sysfs /module/qpnp_power_on/parameters/                                                            u:object_r:sysfs_power_writable:s0
 genfscon sysfs /module/lpm_levels/parameters/                                                               u:object_r:sysfs_power_writable:s0
 genfscon sysfs /devices/platform/soc/8804000.sdhci/mmc_host/mmc0/mmc0:0001/block/mmcblk0/                   u:object_r:vendor_sysfs_mmc_host:s0
+genfscon sysfs /devices/platform/soc/1d84000.ufshc/host0/target0:0:0/0:0:0:0/block/sda/queue/discard_max_bytes u:object_r:vendor_sysfs_mmc_host:s0
+genfscon sysfs /devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon0/state                             u:object_r:sysfs_graphics:s0
+genfscon sysfs /devices/platform/soc/88e0000.qcom,msm-eud/extcon/extcon2/cable.1/name                       u:object_r:sysfs_graphics:s0
 genfscon sysfs /devices/virtual/lcd/panel/                                                                  u:object_r:sysfs_lcd_writable:s0
 genfscon sysfs /devices/platform/soc/9800000.qcom,npu/subsys6/                                              u:object_r:sysfs_npu:s0
 genfscon sysfs /devices/platform/soc/soc:battery/power_supply/                                              u:object_r:sysfs_battery:s0
--- a/sepolicy/vendor/hal_fingerprint_default.te
+++ b/sepolicy/vendor/hal_fingerprint_default.te
@ -27,3 +27,6 @@ allow hal_fingerprint_default biometrics_vendor_data_file:dir { read write open
 # /sys/class/sec/tsp/
 allow hal_fingerprint_default sysfs_sec_touchscreen:dir search;
 allow hal_fingerprint_default sysfs_touchscreen_writable:file { write open getattr };
+
+# vendor.finger.down
+set_prop(hal_fingerprint_default, vendor_fingerprint_prop)
--- a/sepolicy/vendor/hal_lineage_livedisplay_sysfs.te
+++ b/sepolicy/vendor/hal_lineage_livedisplay_sysfs.te
@ -7,4 +7,4 @@ allow hal_lineage_livedisplay_sysfs sysfs_mdnie_writable:file { read write open
 allow hal_lineage_livedisplay_sysfs vendor_sysfs_graphics:file write;

 allow hal_lineage_livedisplay_sysfs vendor_display_vendor_data_file:dir { write add_name search };
-allow hal_lineage_livedisplay_sysfs vendor_display_vendor_data_file:file { write open create getattr };
+allow hal_lineage_livedisplay_sysfs vendor_display_vendor_data_file:file { read write open create getattr };
--- a/sepolicy/vendor/hal_power_default.te
+++ b/sepolicy/vendor/hal_power_default.te
@ -38,3 +38,7 @@ allow hal_power_default vendor_sysfs_devfreq:file { write open };
 allow hal_power_default property_socket:sock_file write;
 unix_socket_connect(hal_power_default, property, init)
 set_prop(hal_power_default, vendor_power_prop)
+
+# for lcd_onoff node
+allow hal_power_default { sysfs_sensors vendor_sysfs_sensors }:dir search;
+allow hal_power_default sysfs_sensors:file { open write };
--- a/sepolicy/vendor/hal_sensors_default.te
+++ b/sepolicy/vendor/hal_sensors_default.te
@ -1,5 +1,7 @@
 # hal_sensors_default.te

+binder_call(hal_sensors_default, system_server)
+
 # /dev/iio:device1
 allow hal_sensors_default iio_device:chr_file r_file_perms;

--- a/sepolicy/vendor/network_stack.te
+++ b/sepolicy/vendor/network_stack.te
@ -0,0 +1 @@
+allow network_stack proc_net:file { read getattr open };
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@ -3,11 +3,15 @@ vendor.audio_hal.                                u:object_r:vendor_audio_prop:s0

 # Bluetooth
 vendor.bluetooth_fw_ver                          u:object_r:vendor_bluetooth_prop:s0
+vendor.bluetooth_nv_ver                          u:object_r:vendor_bluetooth_prop:s0
 persist.vendor.bt.                               u:object_r:vendor_bluetooth_prop:s0

 # fastcharge
 persist.vendor.sec.fastchg_enabled               u:object_r:vendor_fastcharge_prop:s0

+# Fingerprint
+vendor.finger.down                               u:object_r:vendor_fingerprint_prop:s0
+
 # Perf
 ro.vendor.extension_library                      u:object_r:vendor_mpctl_prop:s0

--- a/sepolicy/vendor/system_app.te
+++ b/sepolicy/vendor/system_app.te
@ -10,3 +10,7 @@ binder_call(system_app, hal_vibrator_default)
 # MDNIE
 allow system_app sysfs_mdnie_writable:dir search;
 allow system_app sysfs_mdnie_writable:file { open write getattr };
+
+# UDFPS
+set_prop(system_app, vendor_fingerprint_prop)
+get_prop(system_app, vendor_fingerprint_prop)
--- a/sepolicy/vendor/system_server.te
+++ b/sepolicy/vendor/system_server.te
@ -1,3 +1,6 @@
 # system_server.te

 allow system_server proc_last_kmsg:file r_file_perms;
+
+# /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon0/state
+allow system_server sysfs_graphics:file { read getattr open };
				`@ -0,0 +1 @@`
				`allow network_stack proc_net:file { read getattr open };`