Merge "pixel-selinux: add SJTAG policies" into sc-dev am: 73b7ad4a3c

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14604512

Change-Id: I462cc640fc849f81ecf49e3f39e802e7ab5fa483

whitechapel/vendor/google/file.te

@@ -35,7 +35,6 @@ type vendor_maxfg_debugfs, fs_type, debugfs_type;
 type vendor_charger_debugfs, fs_type, debugfs_type;
 type vendor_votable_debugfs, fs_type, debugfs_type;
 type vendor_battery_debugfs, fs_type, debugfs_type;
-type vendor_sjtag_debugfs, fs_type, debugfs_type;
 
 # Exynos sysfs
 type sysfs_exynos_bts, sysfs_type, fs_type;
@@ -208,3 +207,6 @@ type sysfs_pixelstats, fs_type, sysfs_type;
 
 # WLC FW
 type vendor_wlc_fwupdata_file, vendor_file_type, file_type;
+
+# SJTAG
+type sysfs_sjtag, fs_type, sysfs_type;

whitechapel/vendor/google/genfs_contexts

@@ -329,7 +329,6 @@ genfscon debugfs /usb
 genfscon debugfs /google_charger                                                                          u:object_r:vendor_charger_debugfs:s0
 genfscon debugfs /gvotables                                                                               u:object_r:vendor_votable_debugfs:s0
 genfscon debugfs /google_battery                                                                          u:object_r:vendor_battery_debugfs:s0
-genfscon debugfs /sjtag                                                                                   u:object_r:vendor_sjtag_debugfs:s0
 
 # tracefs
 genfscon tracefs /events/dmabuf_heap/dma_heap_stat                                                        u:object_r:debugfs_tracing:s0
@@ -354,3 +353,7 @@ genfscon sysfs /devices/platform/audiometrics/speaker_heartbeat        u:object_
 genfscon sysfs /devices/platform/audiometrics/speaker_temp             u:object_r:sysfs_pixelstats:s0
 genfscon sysfs /devices/platform/audiometrics/mic_broken_degrade       u:object_r:sysfs_pixelstats:s0
 genfscon sysfs /devices/platform/audiometrics/codec_crashed_counter    u:object_r:sysfs_pixelstats:s0
+
+# SJTAG
+genfscon sysfs /devices/platform/sjtag_ap/interface                    u:object_r:sysfs_sjtag:s0
+genfscon sysfs /devices/platform/sjtag_gsa/interface                   u:object_r:sysfs_sjtag:s0

whitechapel/vendor/google/shell.te

@@ -2,6 +2,6 @@ allow shell eco_service:service_manager find;
 
 # Allow access to the SJTAG kernel interface from the shell
 userdebug_or_eng(`
-  allow shell vendor_sjtag_debugfs:dir r_dir_perms;
+  allow shell sysfs_sjtag:dir r_dir_perms;
-  allow shell vendor_sjtag_debugfs:file rw_file_perms;
+  allow shell sysfs_sjtag:file rw_file_perms;
 ')

whitechapel/vendor/google/ssr_detector.te

@@ -12,8 +12,8 @@ userdebug_or_eng(`
   allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
   allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
   get_prop(ssr_detector_app, vendor_aoc_prop)
-  allow ssr_detector_app vendor_sjtag_debugfs:dir r_dir_perms;
+  allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
-  allow ssr_detector_app vendor_sjtag_debugfs:file rw_file_perms;
+  allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
 ')
 
 get_prop(ssr_detector_app, vendor_ssrdump_prop)