From 6516f369ff2b4a201104fcfa30bf79ef7ebe84d8 Mon Sep 17 00:00:00 2001
From: labib <labib@google.com>
Date: Mon, 22 Mar 2021 05:12:40 +0800
Subject: [PATCH] Add se-policy for new GRIL service and RadioExt hal APIs

Bug: 172294179
Change-Id: I556657928caa441b3530bb371902d5f4ce0be257
---
 whitechapel/vendor/google/genfs_contexts          | 2 ++
 whitechapel/vendor/google/grilservice_app.te      | 4 +++-
 whitechapel/vendor/google/hal_radioext_default.te | 5 +++++
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts
index dee5a5ac..8a99abbb 100644
--- a/whitechapel/vendor/google/genfs_contexts
+++ b/whitechapel/vendor/google/genfs_contexts
@@ -103,6 +103,8 @@ genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby
 # Display
 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/gamma       u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/gamma       u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock                       u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/1c2d0000.drmdsim/hs_clock                       u:object_r:sysfs_display:s0
 
 # Modem
 genfscon sysfs /devices/platform/cp-tm1/cp_temp                                u:object_r:sysfs_modem:s0
diff --git a/whitechapel/vendor/google/grilservice_app.te b/whitechapel/vendor/google/grilservice_app.te
index 9eb8b8e0..9b4eb3d3 100644
--- a/whitechapel/vendor/google/grilservice_app.te
+++ b/whitechapel/vendor/google/grilservice_app.te
@@ -1,8 +1,10 @@
 type grilservice_app, domain;
 app_domain(grilservice_app)
 
+allow grilservice_app app_api_service:service_manager find;
+allow grilservice_app hal_bluetooth_coexistence_hwservice:hwservice_manager find;
 allow grilservice_app hal_radioext_hwservice:hwservice_manager find;
 allow grilservice_app hal_wifi_ext_hwservice:hwservice_manager find;
-allow grilservice_app app_api_service:service_manager find;
+binder_call(grilservice_app, hal_bluetooth_btlinux)
 binder_call(grilservice_app, hal_radioext_default)
 binder_call(grilservice_app, hal_wifi_ext)
diff --git a/whitechapel/vendor/google/hal_radioext_default.te b/whitechapel/vendor/google/hal_radioext_default.te
index 666d8db4..6ad0d042 100644
--- a/whitechapel/vendor/google/hal_radioext_default.te
+++ b/whitechapel/vendor/google/hal_radioext_default.te
@@ -10,3 +10,8 @@ binder_call(hal_radioext_default, grilservice_app)
 
 # RW /dev/oem_ipc0
 allow hal_radioext_default radio_device:chr_file rw_file_perms;
+
+# RW MIPI Freq files
+allow hal_radioext_default radio_vendor_data_file:dir create_dir_perms;
+allow hal_radioext_default radio_vendor_data_file:file create_file_perms;
+allow hal_radioext_default sysfs_display:file rw_file_perms;
\ No newline at end of file