From 59f29edf9259012639d097f8781769b39bb9f4bb Mon Sep 17 00:00:00 2001
From: Lily Lin <chiayinglin@google.com>
Date: Thu, 28 Apr 2022 19:04:18 +0800
Subject: [PATCH] Add selinux permissions to r/w sysfs st33spi_state

Bug: 228655141
Test: Confirm can read/write st33spi_state
Change-Id: I65299414d6268580dc532170759459147378418b
---
 whitechapel/vendor/google/euiccpixel_app.te | 4 ++++
 whitechapel/vendor/google/file.te           | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/whitechapel/vendor/google/euiccpixel_app.te b/whitechapel/vendor/google/euiccpixel_app.te
index db71a871..8763117f 100644
--- a/whitechapel/vendor/google/euiccpixel_app.te
+++ b/whitechapel/vendor/google/euiccpixel_app.te
@@ -21,5 +21,9 @@ userdebug_or_eng(`
     # Access to directly upgrade firmware on st33spi_device used for engineering devices
     typeattribute st33spi_device mlstrustedobject;
     allow euiccpixel_app st33spi_device:chr_file rw_file_perms;
+
+    allow euiccpixel_app sysfs_st33spi:dir search;
+    allow euiccpixel_app sysfs_st33spi:file rw_file_perms;
+    allow euiccpixel_app sysfs_touch:dir search;
 ')
 
diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te
index 704e0753..673bc785 100644
--- a/whitechapel/vendor/google/file.te
+++ b/whitechapel/vendor/google/file.te
@@ -203,6 +203,9 @@ userdebug_or_eng(`
 
 # SecureElement
 type sysfs_st33spi, sysfs_type, fs_type;
+userdebug_or_eng(`
+    typeattribute sysfs_st33spi mlstrustedobject;
+')
 
 # Trusty
 type sysfs_trusty, sysfs_type, fs_type;