From f71ff2ba7c1990d51cabcb27d61c127a46d5948e Mon Sep 17 00:00:00 2001
From: Cheng Chang <chengcha@google.com>
Date: Fri, 30 Aug 2024 04:03:47 +0000
Subject: [PATCH] gps: Allow gnss hal access vendor_gps_prop

avc:  denied  { read } for  name="u:object_r:vendor_gps_prop:s0" dev="tmpfs" ino=421 scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_prop:s0 tclass=file permissive=0

Bug: 335354369
Test: Check avc logcat.
Change-Id: Idfc885c6d54a9a5160643ff53f3e278ee067b286
---
 gps/pixel/sepolicy/hal_gnss_pixel.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/gps/pixel/sepolicy/hal_gnss_pixel.te b/gps/pixel/sepolicy/hal_gnss_pixel.te
index cc63702..e3e4d92 100644
--- a/gps/pixel/sepolicy/hal_gnss_pixel.te
+++ b/gps/pixel/sepolicy/hal_gnss_pixel.te
@@ -10,6 +10,9 @@ allow hal_gnss_pixel sysfs_gps:file rw_file_perms;
 # Allow access to CHRE multiclient HAL.
 get_prop(hal_gnss_pixel, vendor_chre_hal_prop)
 
+# Allow read vendor gps prop.
+get_prop(hal_gnss_pixel, vendor_gps_prop)
+
 # Allow binder to CHRE.
 binder_call(hal_gnss_pixel, hal_contexthub_default)
 allow hal_gnss_pixel hal_contexthub_service:service_manager find;