sepolicy: qti: Add support for horae service

Service required for thermal management, as it reports and updates shell
temperature to /proc/shell-temp.

Change-Id: I02e2ddeda461cbb2ead1348edc6ebf57b8f7fdde

sepolicy/qti/private/compat/32.0/32.0.ignore.cil

@@ -5,6 +5,8 @@
 (typeattribute new_objects)
 (typeattributeset new_objects
   ( new_objects
+    horae
+    proc_horae
     system_fingerprint_prop
     system_oplus_iris_prop
     system_oplus_project_prop

sepolicy/qti/private/compat/33.0/33.0.ignore.cil

@@ -5,6 +5,8 @@
 (typeattribute new_objects)
 (typeattributeset new_objects
   ( new_objects
+    horae
+    proc_horae
     system_fingerprint_prop
     system_oplus_iris_prop
     system_oplus_project_prop

sepolicy/qti/private/file_contexts

@@ -0,0 +1,2 @@
+# Horae
+/system_ext/bin/horae    u:object_r:horae_exec:s0

sepolicy/qti/private/horae.te

@@ -0,0 +1,19 @@
+type horae_exec, exec_type, system_file_type, file_type;
+
+init_daemon_domain(horae)
+
+hal_client_domain(horae, hal_health)
+
+add_service(horae, horae_service)
+
+binder_call(horae, servicemanager)
+binder_call(horae, system_server)
+
+unix_socket_send(horae, statsdw, statsd)
+
+allow horae horae_service:service_manager find;
+allow horae osense_service:service_manager find;
+allow horae surfaceflinger_service:service_manager find;
+allow horae thermal_service:service_manager find;
+
+rw_dir_file(horae, proc_horae)

sepolicy/qti/private/service.te

@@ -0,0 +1,5 @@
+# Horae
+type horae_service, system_api_service, service_manager_type;
+
+# OSENSE
+type osense_service, system_server_service, service_manager_type;

sepolicy/qti/private/service_contexts

@@ -0,0 +1,5 @@
+# Horae
+horae    u:object_r:horae_service:s0
+
+# OSENSE
+osensemanager   u:object_r:osense_service:s0

sepolicy/qti/private/surfaceflinger.te

@@ -0,0 +1 @@
+binder_call(surfaceflinger, horae)

sepolicy/qti/public/file.te

@@ -1,2 +1,5 @@
 # Engineering
 type vendor_persist_engineer_file, file_type;
+
+# Horae
+type proc_horae, fs_type, proc_type;

sepolicy/qti/public/genfs_contexts

@@ -0,0 +1,2 @@
+# Horae
+genfscon proc /shell-temp    u:object_r:proc_horae:s0

sepolicy/qti/public/type.te

@@ -0,0 +1,2 @@
+# Horae
+type horae, domain, mlstrustedobject, coredomain;

sepolicy/qti/vendor/file.te

@@ -70,7 +70,6 @@ type vendor_sysfs_tof, fs_type, sysfs_type;
 # Touch
 type oplus_touchdaemon_socket, file_type;
 type vendor_persist_oplus_touch_file, file_type, data_file_type;
-type vendor_proc_oplus_touch, fs_type, proc_type;
 
 # Ultrasound
 type vendor_proc_ultrasound, fs_type, proc_type;

sepolicy/qti/vendor/genfs_contexts

@@ -77,7 +77,6 @@ genfscon sysfs /module/stmvl53l1      u:object_r:vendor_sysfs_tof:s0
 
 # Touch
 genfscon proc /bus/input/devices    u:object_r:proc_bus_input:s0
-genfscon proc /shell-temp           u:object_r:vendor_proc_oplus_touch:s0
 
 # Ultrasound
 genfscon proc /ultrasound    u:object_r:vendor_proc_ultrasound:s0

sepolicy/qti/vendor/horae.te

@@ -0,0 +1,3 @@
+hal_client_domain(horae, vendor_hal_oplus_charger)
+
+r_dir_file(horae, vendor_proc_oplus_version)

sepolicy/qti/vendor/oplus_touchdaemon.te

@@ -25,9 +25,9 @@ allow oplus_touchdaemon vendor_persist_oplus_touch_file:dir rw_dir_perms;
 allow oplus_touchdaemon vendor_persist_oplus_touch_file:file create_file_perms;
 
 rw_dir_file(oplus_touchdaemon, proc_bus_input)
+rw_dir_file(oplus_touchdaemon, proc_horae)
 rw_dir_file(oplus_touchdaemon, vendor_data_file)
 rw_dir_file(oplus_touchdaemon, vendor_proc_display)
-rw_dir_file(oplus_touchdaemon, vendor_proc_oplus_touch)
 
 set_prop(oplus_touchdaemon, system_oplus_touch_prop)
 set_prop(oplus_touchdaemon, vendor_oplus_touch_prop)

sepolicy/qti/vendor/service.te

@@ -32,7 +32,6 @@ type hal_oplus_olc_aidl_service, hal_service_type, service_manager_type;
 
 # OSENSE
 type hal_oplus_osense_aidl_service, hal_service_type, service_manager_type;
-type osense_service, system_server_service, service_manager_type;
 
 # Performance
 type hal_oplus_performance_aidl_service, hal_service_type, service_manager_type;

sepolicy/qti/vendor/service_contexts

@@ -31,7 +31,6 @@ vendor.oplus.hardware.biometrics.fingerprintpay.IFingerprintPay/default    u:obj
 vendor.oplus.hardware.olc2.IOplusLogCore/default    u:object_r:hal_oplus_olc_aidl_service:s0
 
 # OSENSE
-osensemanager                                                         u:object_r:osense_service:s0
 vendor.oplus.hardware.osense.client.IOsenseAidlHalReporter/default    u:object_r:hal_oplus_osense_aidl_service:s0
 
 # Performance