Sepolicy: add pixelstats/HardwareInfo sepolicy

avc denials to fix (after apply ag/17120763) [ 50.171564] type=1400 audit(1647222380.884:28): avc: denied { read } for comm="pixelstats-vend" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 [ 54.519375] type=1400 audit(1647222385.228:29): avc: denied { read } for comm="id.hardwareinfo" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 app=com.google.android.hardwareinfo Bug: 222019890 Test: manually check debug logcat Change-Id: I0e4f3f3a66783383b0d1327cec4dcd145ae9a7af
2022-03-08 16:27:45 +08:00 · 2022-03-08 16:27:45 +08:00 · 38c2803c54
commit 38c2803c54
parent 6d25430600
4 changed files with 8 additions and 0 deletions
--- a/whitechapel_pro/device.te
+++ b/whitechapel_pro/device.te
@ -17,6 +17,7 @@ type sensor_direct_heap_device, dmabuf_heap_device_type, dev_type;
 type faceauth_heap_device, dmabuf_heap_device_type, dev_type;
 type vframe_heap_device, dmabuf_heap_device_type, dev_type;
 type vscaler_heap_device, dmabuf_heap_device_type, dev_type;
+type battery_history_device, dev_type;

 # SecureElement SPI device
 type st54spi_device, dev_type;
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@ -202,6 +202,7 @@
 /data/per_boot(/.*)?                                                        u:object_r:per_boot_file:s0
 /data/vendor/sensors/registry(/.*)?                                         u:object_r:sensor_reg_data_file:s0
 /data/vendor/uwb(/.*)?                                                      u:object_r:uwb_data_vendor:s0
+/dev/battery_history                                                        u:object_r:battery_history_device:s0

 # Persist
 /mnt/vendor/persist/battery(/.*)?                                           u:object_r:persist_battery_file:s0
--- a/whitechapel_pro/hardware_info_app.te
+++ b/whitechapel_pro/hardware_info_app.te
@ -27,3 +27,6 @@ userdebug_or_eng(`
  allow hardware_info_app vendor_maxfg_debugfs:dir search;
  allow hardware_info_app vendor_maxfg_debugfs:file r_file_perms;
 ')
+
+# Batery history
+allow hardware_info_app battery_history_device:chr_file r_file_perms;
--- a/whitechapel_pro/pixelstats_vendor.te
+++ b/whitechapel_pro/pixelstats_vendor.te
@ -6,3 +6,6 @@ allow pixelstats_vendor sysfs_pixelstats:file r_file_perms;
 # Wireless charge
 allow pixelstats_vendor sysfs_wlc:dir search;
 allow pixelstats_vendor sysfs_wlc:file rw_file_perms;
+
+# Batery history
+allow pixelstats_vendor battery_history_device:chr_file r_file_perms;