From 727d070b13dbcfbc8debe0d7418429110782b192 Mon Sep 17 00:00:00 2001
From: Robb Glasser <rglasser@google.com>
Date: Fri, 18 Feb 2022 16:36:37 -0800
Subject: [PATCH] Fix sensors_hal selinux denials.

Bug: 214473093
Bug: 218930975
Bug: 210067282
Test: com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: Ifd865efd0544f246d1c188f3edce9f05f27313d2
---
 tracking_denials/hal_sensors_default.te | 6 ------
 whitechapel_pro/hal_sensors_default.te  | 1 +
 2 files changed, 1 insertion(+), 6 deletions(-)
 delete mode 100644 tracking_denials/hal_sensors_default.te

diff --git a/tracking_denials/hal_sensors_default.te b/tracking_denials/hal_sensors_default.te
deleted file mode 100644
index 8bff1569..00000000
--- a/tracking_denials/hal_sensors_default.te
+++ /dev/null
@@ -1,6 +0,0 @@
-# b/214473093
-dontaudit hal_sensors_default sensor_reg_data_file:file { getattr };
-dontaudit hal_sensors_default sensor_reg_data_file:file { open };
-dontaudit hal_sensors_default sensor_reg_data_file:file { read };
-# b/218930975
-dontaudit hal_sensors_default hal_graphics_composer_default:binder { call };
diff --git a/whitechapel_pro/hal_sensors_default.te b/whitechapel_pro/hal_sensors_default.te
index 7ad1d715..a29bb730 100644
--- a/whitechapel_pro/hal_sensors_default.te
+++ b/whitechapel_pro/hal_sensors_default.te
@@ -25,6 +25,7 @@ r_dir_file(hal_sensors_default, persist_camera_file)
 
 # Allow creation and writing of sensor registry data files.
 allow hal_sensors_default sensor_reg_data_file:dir r_dir_perms;
+allow hal_sensors_default sensor_reg_data_file:file r_file_perms;
 
 # Allow access to the display info for ALS.
 allow hal_sensors_default sysfs_display:file rw_file_perms;