From 5307ee113a201e89dc5e11f376d35e651bfa74c6 Mon Sep 17 00:00:00 2001 From: Deokgyu Yang Date: Mon, 7 Feb 2022 23:42:30 +0900 Subject: [PATCH] gts3l-common: sepolicy: Add touch HAL policies Signed-off-by: Deokgyu Yang Change-Id: I8f6f3757d7e16080ddf2e7b4dbb977912fe38a17 --- sepolicy/file.te | 1 + sepolicy/file_contexts | 2 ++ sepolicy/hal_lineage_touch_default.te | 5 +++++ sepolicy/hal_power_default.te | 2 ++ sepolicy/init.te | 3 +++ 5 files changed, 13 insertions(+) create mode 100644 sepolicy/hal_lineage_touch_default.te diff --git a/sepolicy/file.te b/sepolicy/file.te index 5361867..40bac24 100644 --- a/sepolicy/file.te +++ b/sepolicy/file.te @@ -55,4 +55,5 @@ type sysfs_sec_keypad, fs_type, sysfs_type; type sysfs_sec_switch, fs_type, sysfs_type; type sysfs_tsp, fs_type, sysfs_type; type sysfs_wifi, fs_type, sysfs_type; +type sysfs_touchkey, fs_type, sysfs_type; type dsp_file, fs_type, contextmount_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 05b0415..5216c4d 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -178,6 +178,7 @@ /(vendor|system/vendor)/bin/hw/android\.hardware\.usb@1\.2-service-qti u:object_r:hal_usb_default_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.lineage\.fastcharge@1\.0-service\.samsung u:object_r:hal_lineage_fastcharge_default_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.lineage\.livedisplay@2\.0-service\.gts3l u:object_r:hal_lineage_livedisplay_sysfs_exec:s0 +/(vendor|system/vendor)/bin/hw/vendor\.lineage\.touch@1\.0-service\.gts3l u:object_r:hal_lineage_touch_default_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.samsung\.hardware\.miscpower@1\.0-service u:object_r:hal_power_default_exec:s0 # Rootfs @@ -195,6 +196,7 @@ /sys/class/power_supply/battery(/.*)? -- u:object_r:sysfs_batteryinfo:s0 /sys/class/rfkill/rfkill[0-9]+/state -- u:object_r:sysfs_bluetooth_writable:s0 /sys/class/rfkill/rfkill[0-9]+/type -- u:object_r:sysfs_bluetooth_writable:s0 +/sys/class/sec/sec_touchkey(/.*)? u:object_r:sysfs_touchkey:s0 /sys/devices/platform/soc/soc:battery/power_supply(/.*)? -- u:object_r:sysfs_batteryinfo:s0 /sys/devices/virtual/audio/earjack/state u:object_r:sysfs_audio_writable:s0 /sys/devices/virtual/camera(/.*)? u:object_r:sysfs_camera_writable:s0 diff --git a/sepolicy/hal_lineage_touch_default.te b/sepolicy/hal_lineage_touch_default.te new file mode 100644 index 0000000..667037a --- /dev/null +++ b/sepolicy/hal_lineage_touch_default.te @@ -0,0 +1,5 @@ +allow hal_lineage_touch_default sysfs_touchkey:dir search; +allow hal_lineage_touch_default sysfs_touchkey:lnk_file read; +allow hal_lineage_touch_default sysfs_touchkey:file { open read write }; + +allow hal_lineage_touch_default sysfs:file { open read write }; diff --git a/sepolicy/hal_power_default.te b/sepolicy/hal_power_default.te index b5cd898..ed1620e 100644 --- a/sepolicy/hal_power_default.te +++ b/sepolicy/hal_power_default.te @@ -9,4 +9,6 @@ allow hal_power_default sysfs_tsp:dir r_dir_perms; allow hal_power_default sysfs_tsp:file rw_file_perms; allow hal_power_default sysfs_tsp:lnk_file read; +allow hal_power_default sysfs_touchkey:lnk_file read; + allow hal_power_default sysfs:file { open read write }; diff --git a/sepolicy/init.te b/sepolicy/init.te index ad3e4b8..04f77a3 100644 --- a/sepolicy/init.te +++ b/sepolicy/init.te @@ -28,4 +28,7 @@ allow init self:netlink_socket { create read bind }; allow init self:tcp_socket { bind create }; allow init sysfs:dir create; + allow init sysfs:file { open setattr write }; + +allow init sysfs_touchkey:lnk_file read;