From 86776d4e107af86cdf4aaa5c2a759807be1a121e Mon Sep 17 00:00:00 2001
From: eddielan <eddielan@google.com>
Date: Thu, 1 Jun 2023 05:24:31 +0000
Subject: [PATCH] fps: Allow fp to access sensor_servie & property

ELinux : avc:  denied  { find } for pid=826 uid=1000
name=android.frameworks.sensorservice.ISensorManager/default
scontext=u:r:hal_fingerprint_capacitance:s0
tcontext=u:object_r:fwk_sensor_service:s0
tclass=service_manager permissive=0

avc:  denied  { read } for  name="u:object_r:vendor_fingerprint_prop:s0"
dev="tmpfs" ino=380
scontext=u:r:hal_fingerprint_capacitance:s0
tcontext=u:object_r:vendor_fingerprint_prop:s0
tclass=file permissive=0

Bug: 279363703
Test: make selinux_policy -j112
Change-Id: Idd3fe8100a3982a0a0279e44e0be439a16961543
---
 fingerprint_capacitance/hal_fingerprint_capacitance.te | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/fingerprint_capacitance/hal_fingerprint_capacitance.te b/fingerprint_capacitance/hal_fingerprint_capacitance.te
index 1f62633..06a1ac1 100644
--- a/fingerprint_capacitance/hal_fingerprint_capacitance.te
+++ b/fingerprint_capacitance/hal_fingerprint_capacitance.te
@@ -25,3 +25,9 @@ add_hwservice(hal_fingerprint_capacitance, hal_fingerprint_capacitance_ext_hwser
 
 # allow fingerprint to access servicemanager
 binder_call(hal_fingerprint_capacitance, servicemanager)
+
+# allow fingerprint to access fwk sensor hwservice
+allow hal_fingerprint_capacitance fwk_sensor_service:service_manager find;
+
+# allow fingerprint to access fingerprint property
+set_prop(hal_fingerprint_capacitance, vendor_fingerprint_prop)