Merge changes I68aace66,Idf510e4a into sc-dev

* changes: gs101-sepolicy: Add twoshay permissions Add touch procfs and sysfs sepolicy
2021-03-11 09:16:51 +00:00 · 2021-03-11 09:16:51 +00:00 · ef6e91692a
commit ef6e91692a
parent db0ca5a3b2 8cac55487b
5 changed files with 23 additions and 1 deletions
--- a/whitechapel/vendor/google/device.te
+++ b/whitechapel/vendor/google/device.te
@ -30,6 +30,9 @@ type cpuctl_device, dev_type;
 # Bt Wifi Coexistence device
 type wb_coexistence_dev, dev_type;

+# Touch
+type touch_offload_device, dev_type;
+
 # LWIS (Lightweight Imaging Subsystem) devices, used by Lyric camera HAL
 type lwis_device, dev_type;

--- a/whitechapel/vendor/google/file_contexts
+++ b/whitechapel/vendor/google/file_contexts
@ -364,6 +364,10 @@
 /vendor/lib(64)?/hw/gralloc\.gs101\.so                                           u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/hw/vulkan\.gs101\.so                                            u:object_r:same_process_hal_file:s0

+# Touch
+/dev/touch_offload                                                               u:object_r:touch_offload_device:s0
+/vendor/bin/twoshay                                                              u:object_r:twoshay_exec:s0
+
 # Fingerprint
 /vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.goodix        u:object_r:hal_fingerprint_default_exec:s0
 /vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.fpc           u:object_r:hal_fingerprint_default_exec:s0
--- a/whitechapel/vendor/google/genfs_contexts
+++ b/whitechapel/vendor/google/genfs_contexts
@ -76,8 +76,10 @@ genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/6-001f/wakeup/wakeu
 genfscon sysfs /devices/platform/19000000.aoc/usb_control/wakeup/wakeup                       u:object_r:sysfs_wakeup:s0

 # Touch
-genfscon sysfs /class/spi_master/spi11/spi11.0                                  u:object_r:sysfs_touch:s0
+genfscon sysfs /devices/platform/10d40000.spi/spi_master/spi11/spi11.0          u:object_r:sysfs_touch:s0
+genfscon sysfs /devices/platform/10950000.spi/spi_master/spi6/spi6.0            u:object_r:sysfs_touch:s0
 genfscon proc  /fts/driver_test                                                 u:object_r:proc_touch:s0
+genfscon proc  /fts_ext/driver_test                                             u:object_r:proc_touch:s0
 genfscon sysfs /devices/virtual/sec/tsp                                         u:object_r:sysfs_touch:s0

 # EdgeTPU
--- a/whitechapel/vendor/google/hal_dumpstate_default.te
+++ b/whitechapel/vendor/google/hal_dumpstate_default.te
@ -44,6 +44,11 @@ allow hal_dumpstate_default aoc_device:chr_file rw_file_perms;
 allow hal_dumpstate_default sysfs_wifi:dir search;
 allow hal_dumpstate_default sysfs_wifi:file r_file_perms;

+# Touch sysfs interface
+allow hal_dumpstate_default sysfs_touch:dir r_dir_perms;
+allow hal_dumpstate_default sysfs_touch:file rw_file_perms;
+allow hal_dumpstate_default proc_touch:file rw_file_perms;
+
 allow hal_dumpstate_default sysfs_thermal:dir r_dir_perms;
 allow hal_dumpstate_default sysfs_thermal:file r_file_perms;
 allow hal_dumpstate_default sysfs_thermal:lnk_file read;
--- a/whitechapel/vendor/google/twoshay.te
+++ b/whitechapel/vendor/google/twoshay.te
@ -0,0 +1,8 @@
+type twoshay, domain;
+type twoshay_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(twoshay)
+
+allow twoshay touch_offload_device:chr_file rw_file_perms;
+allow twoshay twoshay:capability sys_nice;
+