sepolicy: gs101: allows pixelstat to access audio metrics nodes

audio.service: type=1400 audit(0.0:30): avc: denied { read write } for name="amcs" dev="tmpfs" ino=739 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:amcs_device:s0 tclass=chr_file permissive=0

pixelstats-vend: type=1400 audit(0.0:9): avc: denied { read } for name="speaker_impedance" dev="sysfs" ino=67611 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

HwBinder:696_2: type=1400 audit(0.0:8): avc: denied { open } for path="/dev/amcs" dev="tmpfs" ino=766 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:amcs_device:s0 tclass=chr_file permissive=0

Bug: 171854614
Test: manually test, no avc: denied.
Change-Id: I82ebd22f167200ab3cf59e6525ef43c0be8f722a

whitechapel/vendor/google/device.te

@@ -56,3 +56,7 @@ type aoc_device, dev_type;
 
 # Fingerprint device
 type fingerprint_device, dev_type;
+
+# AMCS device
+type amcs_device, dev_type;
+

whitechapel/vendor/google/file.te

@@ -197,3 +197,6 @@ type sysfs_lhbm, sysfs_type, fs_type, mlstrustedobject;
 
 # UWB vendor
 type uwb_vendor_data_file, file_type, data_file_type, app_data_file_type;
+
+# PixelStats_vendor
+type sysfs_pixelstats, fs_type, sysfs_type;

whitechapel/vendor/google/file_contexts

@@ -315,6 +315,7 @@
 /dev/acd-debug                      u:object_r:aoc_device:s0
 /dev/acd-audio_tap[0-9]*            u:object_r:aoc_device:s0
 /dev/acd-audio_dcdoff_ref           u:object_r:aoc_device:s0
+/dev/amcs                           u:object_r:amcs_device:s0
 
 # Trusty
 /vendor/bin/securedpud.slider        u:object_r:securedpud_slider_exec:s0

whitechapel/vendor/google/genfs_contexts

@@ -285,3 +285,12 @@ genfscon sysfs /devices/platform/wlan/sscoredump/sscd_wlan/report_count
 
 # mediacodec
 genfscon sysfs /devices/platform/mfc/video4linux/video                                                  u:object_r:sysfs_video:s0
+
+# pixelstat_vendor
+genfscon sysfs /devices/platform/audiometrics/codec_state              u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/hs_codec_state           u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_impedance        u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_excursion        u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_heartbeat        u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_temp             u:object_r:sysfs_pixelstats:s0
+

whitechapel/vendor/google/hal_audio_default.te

@@ -14,6 +14,10 @@ allow hal_audio_default aoc_device:chr_file rw_file_perms;
 
 allow hal_audio_default hal_audio_ext_hwservice:hwservice_manager { find add };
 
+allow hal_audio_default amcs_device:file rw_file_perms;
+allow hal_audio_default amcs_device:chr_file rw_file_perms;
+allow hal_audio_default sysfs_pixelstats:file rw_file_perms;
+
 #allow access to DMABUF Heaps for AAudio API
 allow hal_audio_default dmabuf_heap_device:chr_file r_file_perms;
 

whitechapel/vendor/google/pixelstats_vendor.te

@@ -14,3 +14,4 @@ binder_use(pixelstats_vendor);
 allow pixelstats_vendor fwk_stats_service:service_manager find;
 
 allow pixelstats_vendor sysfs_scsi_devices_0000:file rw_file_perms;
+allow pixelstats_vendor sysfs_pixelstats:file r_file_perms;