sm7125: Sepolicy bringup

Also switch to BOARD_VENDOR_SEPOLICY_DIRS Change-Id: Ib6ef720ca69b90b846f11cca4311b36658a834b6
3 years ago · ecbf93d116
parent c4f3363a47
commit ecbf93d116
8 changed files with 3 additions and 16 deletions
--- a/BoardConfigCommon.mk
+++ b/BoardConfigCommon.mk
@ -200,7 +200,7 @@ TARGET_RECOVERY_FSTAB := $(COMMON_PATH)/rootdir/etc/fstab.default

 # SePolicy
 include device/qcom/sepolicy_vndr/SEPolicy.mk
-BOARD_SEPOLICY_DIRS += $(COMMON_PATH)/sepolicy/vendor
+BOARD_VENDOR_SEPOLICY_DIRS += $(COMMON_PATH)/sepolicy/vendor

 # Treble
 BOARD_VNDK_VERSION := current
--- a/sepolicy/vendor/factory_ssc.te
+++ b/sepolicy/vendor/factory_ssc.te
@ -10,5 +10,3 @@ allow factory_ssc self:netlink_socket { create bind write read };
 allow factory_ssc efs_file:file { read open };

 allow factory_ssc property_socket:sock_file write;
-
-set_prop(factory_ssc, vendor_sensors_prop)
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@ -9,8 +9,8 @@
 /sys/devices/virtual/lcd/panel(/.*)?										u:object_r:sysfs_lcd_writable:s0
 /sys/devices/virtual/mdnie(/.*)?									    --  u:object_r:sysfs_mdnie_writable:s0

-/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.3-service\.widevine                    u:object_r:vendor_hal_drm_widevine_exec:s0
-/(vendor|system/vendor)/bin/hw/android\.hardware\.sensors@2\.1-service.samsung-multihal                    u:object_r:hal_sensors_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.drm@1\.3-service\.widevine					u:object_r:vendor_hal_drm_widevine_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.sensors@2\.1-service.samsung-multihal			u:object_r:hal_sensors_default_exec:s0
 /(vendor|system/vendor)/bin/factory\.ssc									u:object_r:factory_ssc_exec:s0
 /(vendor|system/vendor)/bin/secril_config_svc									u:object_r:vendor_secril_config_svc_exec:s0
 /(vendor|system/vendor)/bin/hw/android.hardware.keymaster@4.0-service.samsung				u:object_r:hal_keymaster_default_exec:s0
--- a/sepolicy/vendor/hal_fingerprint_default.te
+++ b/sepolicy/vendor/hal_fingerprint_default.te
@ -1,5 +1,3 @@
-allow hal_fingerprint_default default_android_hwservice:hwservice_manager { add find };
-
 allow hal_fingerprint_default {
    fingerprint_device
    tee_device
--- a/sepolicy/vendor/hal_lineage_fastcharge_default.te
+++ b/sepolicy/vendor/hal_lineage_fastcharge_default.te
@ -1,4 +0,0 @@
-allow hal_lineage_fastcharge_default sysfs_sec_switch:dir search;
-allow hal_lineage_fastcharge_default sysfs_sec_switch:file rw_file_perms;
-
-set_prop(hal_lineage_fastcharge, sec_fastcharge_prop)
--- a/sepolicy/vendor/kernel.te
+++ b/sepolicy/vendor/kernel.te
@ -1 +0,0 @@
-allow kernel vendor_sysfs_sensors:dir search;
--- a/sepolicy/vendor/property.te
+++ b/sepolicy/vendor/property.te
@ -1 +0,0 @@
-type sec_fastcharge_prop, property_type;
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@ -4,6 +4,3 @@ vendor.sensor.file.permission                    u:object_r:vendor_sensors_prop:
 # RIL
 ro.vendor.multisim.				u:object_r:vendor_radio_prop:s0
 ro.vendor.radio.				u:object_r:vendor_radio_prop:s0
-
-# Fastcharge
-persist.vendor.sec.fastchg_enabled		u:object_r:sec_fastcharge_prop:s0
				`@ -1 +0,0 @@`
				`allow kernel vendor_sysfs_sensors:dir search;`