From 7fe7e43582d53d88ae06a60a209e64c7f442c591 Mon Sep 17 00:00:00 2001
From: chungkai <chungkai@google.com>
Date: Mon, 6 Dec 2021 11:26:51 +0000
Subject: [PATCH] Fix avc denials for powerhal

Test: build pass
Bug: 208909174
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I565df75c22d66199e6966dfac4af2e19b88606a0
---
 tracking_denials/hal_power_default.te | 8 +-------
 whitechapel_pro/file.te               | 3 +++
 whitechapel_pro/genfs_contexts        | 3 +++
 whitechapel_pro/hal_power_default.te  | 3 ++-
 4 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/tracking_denials/hal_power_default.te b/tracking_denials/hal_power_default.te
index 13de8e91..b3e7c1d0 100644
--- a/tracking_denials/hal_power_default.te
+++ b/tracking_denials/hal_power_default.te
@@ -1,9 +1,3 @@
-# b/207062564
-dontaudit hal_power_default sysfs:file { open };
-dontaudit hal_power_default sysfs:file { write };
 # b/208909174
 dontaudit hal_power_default hal_power_default:capability { dac_read_search };
-dontaudit hal_power_default sysfs:file { getattr };
-dontaudit hal_power_default sysfs:file { read };
-dontaudit hal_power_default sysfs_vendor_sched:file { getattr };
-dontaudit hal_power_default sysfs_vendor_sched:file { read };
+
diff --git a/whitechapel_pro/file.te b/whitechapel_pro/file.te
index ab8e7bce..7b886d77 100644
--- a/whitechapel_pro/file.te
+++ b/whitechapel_pro/file.te
@@ -83,3 +83,6 @@ type modem_userdata_file, file_type;
 
 # SecureElement
 type sysfs_st33spi, sysfs_type, fs_type;
+
+# GPU
+type sysfs_gpu, sysfs_type, fs_type;
diff --git a/whitechapel_pro/genfs_contexts b/whitechapel_pro/genfs_contexts
index c82d97a6..ae434622 100644
--- a/whitechapel_pro/genfs_contexts
+++ b/whitechapel_pro/genfs_contexts
@@ -27,6 +27,9 @@ genfscon sysfs /devices/platform/acpm_stats                                    u
 # Broadcom
 genfscon sysfs /module/bcmdhd4389                                              u:object_r:sysfs_bcmdhd:s0
 
+# GPU
+genfscon sysfs /devices/platform/28000000.mali/hint_min_freq                   u:object_r:sysfs_gpu:s0
+
 # Fabric
 genfscon sysfs /devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/min_freq  u:object_r:sysfs_fabric:s0
 
diff --git a/whitechapel_pro/hal_power_default.te b/whitechapel_pro/hal_power_default.te
index fca47245..e8f427d5 100644
--- a/whitechapel_pro/hal_power_default.te
+++ b/whitechapel_pro/hal_power_default.te
@@ -2,4 +2,5 @@ allow hal_power_default sysfs_scsi_devices_0000:file rw_file_perms;
 allow hal_power_default sysfs_fs_f2fs:dir r_dir_perms;
 allow hal_power_default sysfs_fs_f2fs:file rw_file_perms;
 allow hal_power_default sysfs_display:file rw_file_perms;
-
+allow hal_power_default sysfs_vendor_sched:file r_file_perms;
+allow hal_power_default sysfs_gpu:file rw_file_perms;