From 38c2803c5453724a55d8cb4ea0eb3d8e728e3f26 Mon Sep 17 00:00:00 2001
From: Denny cy Lee <dennycylee@google.com>
Date: Tue, 8 Mar 2022 16:27:45 +0800
Subject: [PATCH] Sepolicy: add pixelstats/HardwareInfo sepolicy

avc denials to fix (after apply ag/17120763)
[   50.171564] type=1400 audit(1647222380.884:28): avc: denied { read } for comm="pixelstats-vend" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
[   54.519375] type=1400 audit(1647222385.228:29): avc: denied { read } for comm="id.hardwareinfo" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 app=com.google.android.hardwareinfo

Bug: 222019890
Test: manually check debug logcat
Change-Id: I0e4f3f3a66783383b0d1327cec4dcd145ae9a7af
---
 whitechapel_pro/device.te            | 1 +
 whitechapel_pro/file_contexts        | 1 +
 whitechapel_pro/hardware_info_app.te | 3 +++
 whitechapel_pro/pixelstats_vendor.te | 3 +++
 4 files changed, 8 insertions(+)

diff --git a/whitechapel_pro/device.te b/whitechapel_pro/device.te
index d327aa60..68bb8a47 100644
--- a/whitechapel_pro/device.te
+++ b/whitechapel_pro/device.te
@@ -17,6 +17,7 @@ type sensor_direct_heap_device, dmabuf_heap_device_type, dev_type;
 type faceauth_heap_device, dmabuf_heap_device_type, dev_type;
 type vframe_heap_device, dmabuf_heap_device_type, dev_type;
 type vscaler_heap_device, dmabuf_heap_device_type, dev_type;
+type battery_history_device, dev_type;
 
 # SecureElement SPI device
 type st54spi_device, dev_type;
diff --git a/whitechapel_pro/file_contexts b/whitechapel_pro/file_contexts
index 51a23da5..c658ab6b 100644
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@@ -202,6 +202,7 @@
 /data/per_boot(/.*)?                                                        u:object_r:per_boot_file:s0
 /data/vendor/sensors/registry(/.*)?                                         u:object_r:sensor_reg_data_file:s0
 /data/vendor/uwb(/.*)?                                                      u:object_r:uwb_data_vendor:s0
+/dev/battery_history                                                        u:object_r:battery_history_device:s0
 
 # Persist
 /mnt/vendor/persist/battery(/.*)?                                           u:object_r:persist_battery_file:s0
diff --git a/whitechapel_pro/hardware_info_app.te b/whitechapel_pro/hardware_info_app.te
index ef9c2306..38f79c80 100644
--- a/whitechapel_pro/hardware_info_app.te
+++ b/whitechapel_pro/hardware_info_app.te
@@ -27,3 +27,6 @@ userdebug_or_eng(`
   allow hardware_info_app vendor_maxfg_debugfs:dir search;
   allow hardware_info_app vendor_maxfg_debugfs:file r_file_perms;
 ')
+
+# Batery history
+allow hardware_info_app battery_history_device:chr_file r_file_perms;
diff --git a/whitechapel_pro/pixelstats_vendor.te b/whitechapel_pro/pixelstats_vendor.te
index a88db935..645b6ae2 100644
--- a/whitechapel_pro/pixelstats_vendor.te
+++ b/whitechapel_pro/pixelstats_vendor.te
@@ -6,3 +6,6 @@ allow pixelstats_vendor sysfs_pixelstats:file r_file_perms;
 # Wireless charge
 allow pixelstats_vendor sysfs_wlc:dir search;
 allow pixelstats_vendor sysfs_wlc:file rw_file_perms;
+
+# Batery history
+allow pixelstats_vendor battery_history_device:chr_file r_file_perms;