diff --git a/sepolicy/OWNERS b/sepolicy/OWNERS new file mode 100644 index 00000000..791abb4a --- /dev/null +++ b/sepolicy/OWNERS @@ -0,0 +1,3 @@ +include platform/system/sepolicy:/OWNERS + +rurumihong@google.com diff --git a/sepolicy/caiman-sepolicy.mk b/sepolicy/caiman-sepolicy.mk new file mode 100644 index 00000000..f5ea59bc --- /dev/null +++ b/sepolicy/caiman-sepolicy.mk @@ -0,0 +1,2 @@ +# sepolicy that are shared among devices using ZumaPro +BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/caiman diff --git a/sepolicy/caiman/README.txt b/sepolicy/caiman/README.txt new file mode 100644 index 00000000..67a320fd --- /dev/null +++ b/sepolicy/caiman/README.txt @@ -0,0 +1,2 @@ +This folder holds sepolicy exclusively for one device. For example, genfs_contexts +paths that are affected by device tree. diff --git a/sepolicy/caiman/file_contexts b/sepolicy/caiman/file_contexts new file mode 100644 index 00000000..cdb38af4 --- /dev/null +++ b/sepolicy/caiman/file_contexts @@ -0,0 +1,16 @@ +# Devices +/dev/lwis-act-cornerfolk u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-eeprom-djinn u:object_r:lwis_device:s0 +/dev/lwis-eeprom-humbaba u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-flash-lm3644 u:object_r:lwis_device:s0 +/dev/lwis-ois-djinn u:object_r:lwis_device:s0 +/dev/lwis-ois-humbaba u:object_r:lwis_device:s0 +/dev/lwis-sensor-boitata u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-tele u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-tof-tarasque u:object_r:lwis_device:s0 diff --git a/sepolicy/caiman/genfs_contexts b/sepolicy/caiman/genfs_contexts new file mode 100644 index 00000000..5037ba8c --- /dev/null +++ b/sepolicy/caiman/genfs_contexts @@ -0,0 +1,8 @@ +# WLC +genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-003b u:object_r:sysfs_wlc:s0 + +#Wakeup node +genfscon sysfs /devices/platform/odm/odm:qcom,qbt-handler/power/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/110f0000.drmdp/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/power/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0 diff --git a/sepolicy/caiman/grilservice_app.te b/sepolicy/caiman/grilservice_app.te new file mode 100644 index 00000000..3c9a3785 --- /dev/null +++ b/sepolicy/caiman/grilservice_app.te @@ -0,0 +1,7 @@ +allow grilservice_app hal_radio_ext_service:service_manager find; +binder_call(grilservice_app, hal_radio_ext) + +binder_use(grilservice_app) +allow grilservice_app gril_antenna_tuning_service:service_manager find; +binder_call(grilservice_app, gril_antenna_tuning_service) +binder_call(grilservice_app, twoshay) diff --git a/sepolicy/caiman/system_app.te b/sepolicy/caiman/system_app.te new file mode 100644 index 00000000..e1a7d523 --- /dev/null +++ b/sepolicy/caiman/system_app.te @@ -0,0 +1,2 @@ +# TODO (b/306087355) Remove this and make it specific to the app +hal_client_domain(system_app, hal_fingerprint) diff --git a/sepolicy/caiman/vendor_init.te b/sepolicy/caiman/vendor_init.te new file mode 100644 index 00000000..f9105c1c --- /dev/null +++ b/sepolicy/caiman/vendor_init.te @@ -0,0 +1,7 @@ +# Display +set_prop(vendor_init, vendor_display_prop) + +# Vendor Ims Service property - Set the audio path for PDK build +userdebug_or_eng(` + set_prop(vendor_init, vendor_imssvc_prop) +') diff --git a/sepolicy/komodo-sepolicy.mk b/sepolicy/komodo-sepolicy.mk new file mode 100644 index 00000000..d54783f6 --- /dev/null +++ b/sepolicy/komodo-sepolicy.mk @@ -0,0 +1,2 @@ +# sepolicy that are shared among devices using ZumaPro +BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/komodo diff --git a/sepolicy/komodo/README.txt b/sepolicy/komodo/README.txt new file mode 100644 index 00000000..67a320fd --- /dev/null +++ b/sepolicy/komodo/README.txt @@ -0,0 +1,2 @@ +This folder holds sepolicy exclusively for one device. For example, genfs_contexts +paths that are affected by device tree. diff --git a/sepolicy/komodo/file_contexts b/sepolicy/komodo/file_contexts new file mode 100644 index 00000000..cdb38af4 --- /dev/null +++ b/sepolicy/komodo/file_contexts @@ -0,0 +1,16 @@ +# Devices +/dev/lwis-act-cornerfolk u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-eeprom-djinn u:object_r:lwis_device:s0 +/dev/lwis-eeprom-humbaba u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-flash-lm3644 u:object_r:lwis_device:s0 +/dev/lwis-ois-djinn u:object_r:lwis_device:s0 +/dev/lwis-ois-humbaba u:object_r:lwis_device:s0 +/dev/lwis-sensor-boitata u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-tele u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-tof-tarasque u:object_r:lwis_device:s0 diff --git a/sepolicy/komodo/genfs_contexts b/sepolicy/komodo/genfs_contexts new file mode 100644 index 00000000..5037ba8c --- /dev/null +++ b/sepolicy/komodo/genfs_contexts @@ -0,0 +1,8 @@ +# WLC +genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-003b u:object_r:sysfs_wlc:s0 + +#Wakeup node +genfscon sysfs /devices/platform/odm/odm:qcom,qbt-handler/power/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/110f0000.drmdp/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/power/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0 diff --git a/sepolicy/komodo/grilservice_app.te b/sepolicy/komodo/grilservice_app.te new file mode 100644 index 00000000..3c9a3785 --- /dev/null +++ b/sepolicy/komodo/grilservice_app.te @@ -0,0 +1,7 @@ +allow grilservice_app hal_radio_ext_service:service_manager find; +binder_call(grilservice_app, hal_radio_ext) + +binder_use(grilservice_app) +allow grilservice_app gril_antenna_tuning_service:service_manager find; +binder_call(grilservice_app, gril_antenna_tuning_service) +binder_call(grilservice_app, twoshay) diff --git a/sepolicy/komodo/system_app.te b/sepolicy/komodo/system_app.te new file mode 100644 index 00000000..e1a7d523 --- /dev/null +++ b/sepolicy/komodo/system_app.te @@ -0,0 +1,2 @@ +# TODO (b/306087355) Remove this and make it specific to the app +hal_client_domain(system_app, hal_fingerprint) diff --git a/sepolicy/komodo/vendor_init.te b/sepolicy/komodo/vendor_init.te new file mode 100644 index 00000000..00bc124b --- /dev/null +++ b/sepolicy/komodo/vendor_init.te @@ -0,0 +1,4 @@ +# Vendor Ims Service property - Set the audio path for PDK build +userdebug_or_eng(` + set_prop(vendor_init, vendor_imssvc_prop) +') diff --git a/sepolicy/ripcurrent24-sepolicy.mk b/sepolicy/ripcurrent24-sepolicy.mk new file mode 100644 index 00000000..aa9182b4 --- /dev/null +++ b/sepolicy/ripcurrent24-sepolicy.mk @@ -0,0 +1,2 @@ +# sepolicy that are shared among devices using ZumaPro +BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/ripcurrent24 diff --git a/sepolicy/ripcurrent24/README.txt b/sepolicy/ripcurrent24/README.txt new file mode 100644 index 00000000..67a320fd --- /dev/null +++ b/sepolicy/ripcurrent24/README.txt @@ -0,0 +1,2 @@ +This folder holds sepolicy exclusively for one device. For example, genfs_contexts +paths that are affected by device tree. diff --git a/sepolicy/ripcurrent24/file_contexts b/sepolicy/ripcurrent24/file_contexts new file mode 100644 index 00000000..1143d5fd --- /dev/null +++ b/sepolicy/ripcurrent24/file_contexts @@ -0,0 +1,44 @@ +# Devices +/dev/lwis-act-cornerfolk u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-nautilus u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-oksoko u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-oksoko-nautilus u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-sandworm u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-act-jotnar u:object_r:lwis_device:s0 +/dev/lwis-act-slenderman u:object_r:lwis_device:s0 +/dev/lwis-act-slenderman-sandworm u:object_r:lwis_device:s0 +/dev/lwis-eeprom-djinn u:object_r:lwis_device:s0 +/dev/lwis-eeprom-djinn-nautilus u:object_r:lwis_device:s0 +/dev/lwis-eeprom-gargoyle u:object_r:lwis_device:s0 +/dev/lwis-eeprom-humbaba u:object_r:lwis_device:s0 +/dev/lwis-eeprom-humbaba-taotie u:object_r:lwis_device:s0 +/dev/lwis-eeprom-jotnar u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-oksoko u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-oksoko-nautilus u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-sandworm u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-flash-lm3644 u:object_r:lwis_device:s0 +/dev/lwis-ois-djinn u:object_r:lwis_device:s0 +/dev/lwis-ois-djinn-nautilus u:object_r:lwis_device:s0 +/dev/lwis-ois-gargoyle u:object_r:lwis_device:s0 +/dev/lwis-ois-humbaba u:object_r:lwis_device:s0 +/dev/lwis-ois-humbaba-taotie u:object_r:lwis_device:s0 +/dev/lwis-ois-jotnar u:object_r:lwis_device:s0 +/dev/lwis-sensor-boitata u:object_r:lwis_device:s0 +/dev/lwis-sensor-boitata-nautilus u:object_r:lwis_device:s0 +/dev/lwis-sensor-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-sensor-dokkaebi-nautilus u:object_r:lwis_device:s0 +/dev/lwis-sensor-kraken u:object_r:lwis_device:s0 +/dev/lwis-sensor-nagual u:object_r:lwis_device:s0 +/dev/lwis-sensor-oksoko u:object_r:lwis_device:s0 +/dev/lwis-sensor-oksoko-nautilus u:object_r:lwis_device:s0 +/dev/lwis-sensor-sandworm u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-tele u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-tof-tarasque u:object_r:lwis_device:s0 diff --git a/sepolicy/ripcurrent24/genfs_contexts b/sepolicy/ripcurrent24/genfs_contexts new file mode 100644 index 00000000..77df5e2b --- /dev/null +++ b/sepolicy/ripcurrent24/genfs_contexts @@ -0,0 +1,11 @@ +# Haptics +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-6/6-0042 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-5/5-0042 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-4/4-0042 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-6/6-0043 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-5/5-0043 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-4/4-0043 u:object_r:sysfs_vibrator:s0 + +# WLC +genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-003b u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-0061 u:object_r:sysfs_wlc:s0 diff --git a/sepolicy/ripcurrent24/system_app.te b/sepolicy/ripcurrent24/system_app.te new file mode 100644 index 00000000..e1a7d523 --- /dev/null +++ b/sepolicy/ripcurrent24/system_app.te @@ -0,0 +1,2 @@ +# TODO (b/306087355) Remove this and make it specific to the app +hal_client_domain(system_app, hal_fingerprint) diff --git a/sepolicy/ripcurrent24/vendor_init.te b/sepolicy/ripcurrent24/vendor_init.te new file mode 100644 index 00000000..00bc124b --- /dev/null +++ b/sepolicy/ripcurrent24/vendor_init.te @@ -0,0 +1,4 @@ +# Vendor Ims Service property - Set the audio path for PDK build +userdebug_or_eng(` + set_prop(vendor_init, vendor_imssvc_prop) +') diff --git a/sepolicy/ripcurrentpro-sepolicy.mk b/sepolicy/ripcurrentpro-sepolicy.mk new file mode 100644 index 00000000..88167b20 --- /dev/null +++ b/sepolicy/ripcurrentpro-sepolicy.mk @@ -0,0 +1,3 @@ +# sepolicy that are shared among devices using ZumaPro +BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/ripcurrentpro + diff --git a/sepolicy/ripcurrentpro/README.txt b/sepolicy/ripcurrentpro/README.txt new file mode 100644 index 00000000..67a320fd --- /dev/null +++ b/sepolicy/ripcurrentpro/README.txt @@ -0,0 +1,2 @@ +This folder holds sepolicy exclusively for one device. For example, genfs_contexts +paths that are affected by device tree. diff --git a/sepolicy/ripcurrentpro/file_contexts b/sepolicy/ripcurrentpro/file_contexts new file mode 100644 index 00000000..1143d5fd --- /dev/null +++ b/sepolicy/ripcurrentpro/file_contexts @@ -0,0 +1,44 @@ +# Devices +/dev/lwis-act-cornerfolk u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-nautilus u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-oksoko u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-oksoko-nautilus u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-sandworm u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-act-jotnar u:object_r:lwis_device:s0 +/dev/lwis-act-slenderman u:object_r:lwis_device:s0 +/dev/lwis-act-slenderman-sandworm u:object_r:lwis_device:s0 +/dev/lwis-eeprom-djinn u:object_r:lwis_device:s0 +/dev/lwis-eeprom-djinn-nautilus u:object_r:lwis_device:s0 +/dev/lwis-eeprom-gargoyle u:object_r:lwis_device:s0 +/dev/lwis-eeprom-humbaba u:object_r:lwis_device:s0 +/dev/lwis-eeprom-humbaba-taotie u:object_r:lwis_device:s0 +/dev/lwis-eeprom-jotnar u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-oksoko u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-oksoko-nautilus u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-sandworm u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-flash-lm3644 u:object_r:lwis_device:s0 +/dev/lwis-ois-djinn u:object_r:lwis_device:s0 +/dev/lwis-ois-djinn-nautilus u:object_r:lwis_device:s0 +/dev/lwis-ois-gargoyle u:object_r:lwis_device:s0 +/dev/lwis-ois-humbaba u:object_r:lwis_device:s0 +/dev/lwis-ois-humbaba-taotie u:object_r:lwis_device:s0 +/dev/lwis-ois-jotnar u:object_r:lwis_device:s0 +/dev/lwis-sensor-boitata u:object_r:lwis_device:s0 +/dev/lwis-sensor-boitata-nautilus u:object_r:lwis_device:s0 +/dev/lwis-sensor-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-sensor-dokkaebi-nautilus u:object_r:lwis_device:s0 +/dev/lwis-sensor-kraken u:object_r:lwis_device:s0 +/dev/lwis-sensor-nagual u:object_r:lwis_device:s0 +/dev/lwis-sensor-oksoko u:object_r:lwis_device:s0 +/dev/lwis-sensor-oksoko-nautilus u:object_r:lwis_device:s0 +/dev/lwis-sensor-sandworm u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-front u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-tele u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-tof-tarasque u:object_r:lwis_device:s0 diff --git a/sepolicy/ripcurrentpro/genfs_contexts b/sepolicy/ripcurrentpro/genfs_contexts new file mode 100644 index 00000000..763c61e8 --- /dev/null +++ b/sepolicy/ripcurrentpro/genfs_contexts @@ -0,0 +1,7 @@ +# Haptics +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-0/0-0043 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10c80000.hsi2c/i2c-0/0-0042 u:object_r:sysfs_vibrator:s0 + +# WLC +genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-003b u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10c90000.hsi2c/i2c-9/9-0061 u:object_r:sysfs_wlc:s0 diff --git a/sepolicy/ripcurrentpro/system_app.te b/sepolicy/ripcurrentpro/system_app.te new file mode 100644 index 00000000..e1a7d523 --- /dev/null +++ b/sepolicy/ripcurrentpro/system_app.te @@ -0,0 +1,2 @@ +# TODO (b/306087355) Remove this and make it specific to the app +hal_client_domain(system_app, hal_fingerprint) diff --git a/sepolicy/ripcurrentpro/vendor_init.te b/sepolicy/ripcurrentpro/vendor_init.te new file mode 100644 index 00000000..00bc124b --- /dev/null +++ b/sepolicy/ripcurrentpro/vendor_init.te @@ -0,0 +1,4 @@ +# Vendor Ims Service property - Set the audio path for PDK build +userdebug_or_eng(` + set_prop(vendor_init, vendor_imssvc_prop) +') diff --git a/sepolicy/tokay-sepolicy.mk b/sepolicy/tokay-sepolicy.mk new file mode 100644 index 00000000..9183880d --- /dev/null +++ b/sepolicy/tokay-sepolicy.mk @@ -0,0 +1,2 @@ +# sepolicy that are shared among devices using ZumaPro +BOARD_SEPOLICY_DIRS += device/google/caimito-sepolicy/tokay diff --git a/sepolicy/tokay/README.txt b/sepolicy/tokay/README.txt new file mode 100644 index 00000000..67a320fd --- /dev/null +++ b/sepolicy/tokay/README.txt @@ -0,0 +1,2 @@ +This folder holds sepolicy exclusively for one device. For example, genfs_contexts +paths that are affected by device tree. diff --git a/sepolicy/tokay/file_contexts b/sepolicy/tokay/file_contexts new file mode 100644 index 00000000..e49723d6 --- /dev/null +++ b/sepolicy/tokay/file_contexts @@ -0,0 +1,13 @@ +# Devices +/dev/lwis-act-cornerfolk u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-act-cornerfolk-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-eeprom-djinn u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-eeprom-smaug-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-flash-lm3644 u:object_r:lwis_device:s0 +/dev/lwis-ois-djinn u:object_r:lwis_device:s0 +/dev/lwis-sensor-boitata u:object_r:lwis_device:s0 +/dev/lwis-sensor-dokkaebi u:object_r:lwis_device:s0 +/dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 +/dev/lwis-tof-tarasque u:object_r:lwis_device:s0 diff --git a/sepolicy/tokay/genfs_contexts b/sepolicy/tokay/genfs_contexts new file mode 100644 index 00000000..5037ba8c --- /dev/null +++ b/sepolicy/tokay/genfs_contexts @@ -0,0 +1,8 @@ +# WLC +genfscon sysfs /devices/platform/10ca0000.hsi2c/i2c-10/10-003b u:object_r:sysfs_wlc:s0 + +#Wakeup node +genfscon sysfs /devices/platform/odm/odm:qcom,qbt-handler/power/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/110f0000.drmdp/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/power/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/111d0000.spi/spi_master/spi20/spi20.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0 diff --git a/sepolicy/tokay/grilservice_app.te b/sepolicy/tokay/grilservice_app.te new file mode 100644 index 00000000..3c9a3785 --- /dev/null +++ b/sepolicy/tokay/grilservice_app.te @@ -0,0 +1,7 @@ +allow grilservice_app hal_radio_ext_service:service_manager find; +binder_call(grilservice_app, hal_radio_ext) + +binder_use(grilservice_app) +allow grilservice_app gril_antenna_tuning_service:service_manager find; +binder_call(grilservice_app, gril_antenna_tuning_service) +binder_call(grilservice_app, twoshay) diff --git a/sepolicy/tokay/system_app.te b/sepolicy/tokay/system_app.te new file mode 100644 index 00000000..e1a7d523 --- /dev/null +++ b/sepolicy/tokay/system_app.te @@ -0,0 +1,2 @@ +# TODO (b/306087355) Remove this and make it specific to the app +hal_client_domain(system_app, hal_fingerprint) diff --git a/sepolicy/tokay/vendor_init.te b/sepolicy/tokay/vendor_init.te new file mode 100644 index 00000000..00bc124b --- /dev/null +++ b/sepolicy/tokay/vendor_init.te @@ -0,0 +1,4 @@ +# Vendor Ims Service property - Set the audio path for PDK build +userdebug_or_eng(` + set_prop(vendor_init, vendor_imssvc_prop) +') diff --git a/sepolicy/tracking_denials/README.txt b/sepolicy/tracking_denials/README.txt new file mode 100644 index 00000000..6cfc62df --- /dev/null +++ b/sepolicy/tracking_denials/README.txt @@ -0,0 +1,2 @@ +This folder stores known errors detected by PTS. Be sure to remove relevant +files to reproduce error log on latest ROMs. diff --git a/sepolicy/tracking_denials/bug_map b/sepolicy/tracking_denials/bug_map new file mode 100644 index 00000000..8b137891 --- /dev/null +++ b/sepolicy/tracking_denials/bug_map @@ -0,0 +1 @@ +