From d6c1a50bbaa11e7a09117f42a6d2f92d37440cfa Mon Sep 17 00:00:00 2001
From: Jack Wu <wjack@google.com>
Date: Fri, 23 Jul 2021 14:28:04 +0800
Subject: [PATCH] sepolicy: gs101: allows pixelstat to access pca file nodes

07-23 14:24:45.512  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:45.512  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:11): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:12): avc: denied { read } for name="chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:13): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:14): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
07-23 14:24:57.536  1000  3001  3001 I pixelstats-vend: type=1400 audit(0.0:15): avc: denied { write } for name="chg_stats" dev="sysfs" ino=72245 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 194386750
Test: manually test, no avc: denied
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: I1a16edb5bb7820f62b3ce598aa50eba2d9455927
---
 whitechapel/vendor/google/file.te              | 3 +++
 whitechapel/vendor/google/genfs_contexts       | 2 ++
 whitechapel/vendor/google/pixelstats_vendor.te | 8 ++++----
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te
index e68107e7..85c8dcca 100644
--- a/whitechapel/vendor/google/file.te
+++ b/whitechapel/vendor/google/file.te
@@ -124,6 +124,9 @@ type tcpdump_vendor_data_file, file_type, data_file_type, mlstrustedobject;
 # Wireless
 type sysfs_wlc, sysfs_type, fs_type;
 
+# Pca
+type sysfs_pca, sysfs_type, fs_type;
+
 # Camera
 type persist_camera_file, file_type;
 type vendor_camera_tuning_file, vendor_file_type, file_type;
diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts
index 5e42bd1f..ade88791 100644
--- a/whitechapel/vendor/google/genfs_contexts
+++ b/whitechapel/vendor/google/genfs_contexts
@@ -26,6 +26,7 @@ genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-p9412/power_supply
 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0050/eeprom             u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0061/power_supply       u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0036/power_supply       u:object_r:sysfs_batteryinfo:s0
+genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-6/6-0057/chg_stats          u:object_r:sysfs_pca:s0
 
 genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/uwb/power_stats u:object_r:sysfs_power_stats:s0
 
@@ -33,6 +34,7 @@ genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/uwb/power
 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-p9412                    u:object_r:sysfs_wlc:s0
 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-p9412/power_supply       u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-0050/eeprom             u:object_r:sysfs_batteryinfo:s0
+genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-5/5-0057/chg_stats          u:object_r:sysfs_pca:s0
 
 # Storage
 genfscon debugfs /f2fs                                u:object_r:debugfs_f2fs:s0
diff --git a/whitechapel/vendor/google/pixelstats_vendor.te b/whitechapel/vendor/google/pixelstats_vendor.te
index 01eb843b..96bd9325 100644
--- a/whitechapel/vendor/google/pixelstats_vendor.te
+++ b/whitechapel/vendor/google/pixelstats_vendor.te
@@ -16,19 +16,19 @@ allow pixelstats_vendor fwk_stats_service:service_manager find;
 allow pixelstats_vendor sysfs_scsi_devices_0000:file rw_file_perms;
 allow pixelstats_vendor sysfs_pixelstats:file r_file_perms;
 
+# Wireless charge
 allow pixelstats_vendor sysfs_wlc:dir search;
 allow pixelstats_vendor sysfs_wlc:file rw_file_perms;
 
+# Pca charge
+allow pixelstats_vendor sysfs_pca:file rw_file_perms;
+
 # OrientationCollector
 allow pixelstats_vendor fwk_sensor_hwservice:hwservice_manager find;
 
 # Batery history
 allow pixelstats_vendor battery_history_device:chr_file r_file_perms;
 
-# Wireless charge
-allow pixelstats_vendor sysfs_wlc:dir search;
-allow pixelstats_vendor sysfs_wlc:file r_file_perms;
-
 # BCL
 allow pixelstats_vendor sysfs_bcl:dir search;
 allow pixelstats_vendor sysfs_bcl:file r_file_perms;