From 8cc3f28ac13b881f2c6672c34ba3f9641c0a31eb Mon Sep 17 00:00:00 2001
From: Adam Shih <adamshih@google.com>
Date: Fri, 29 Oct 2021 10:47:01 +0800
Subject: [PATCH] fix wlc_hwservice access

10-29 10:38:01.270   440   440 E SELinux : avc:  denied  { find } for pid=1594 uid=10210 name=com.google.input.ITouchContextService/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:touch_service:s0 tclass=service_manager permissive=1
10-29 10:38:01.277   440   440 E SELinux : avc:  denied  { find } for pid=1594 uid=10210 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=1
Bug: 202906787
Test: boot with no relevant error

Change-Id: I47ea0f1dfe6f3f7b024d4512e0ccd94bc0da93a1
---
 tracking_denials/platform_app.te | 2 --
 whitechapel_pro/platform_app.te  | 2 ++
 whitechapel_pro/service.te       | 1 +
 whitechapel_pro/service_contexts | 1 +
 4 files changed, 4 insertions(+), 2 deletions(-)
 delete mode 100644 tracking_denials/platform_app.te
 create mode 100644 whitechapel_pro/platform_app.te

diff --git a/tracking_denials/platform_app.te b/tracking_denials/platform_app.te
deleted file mode 100644
index 3ded10b4..00000000
--- a/tracking_denials/platform_app.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/202906787
-dontaudit platform_app hal_wlc_hwservice:hwservice_manager { find };
diff --git a/whitechapel_pro/platform_app.te b/whitechapel_pro/platform_app.te
new file mode 100644
index 00000000..58499c98
--- /dev/null
+++ b/whitechapel_pro/platform_app.te
@@ -0,0 +1,2 @@
+allow platform_app hal_pixel_display_service:service_manager find;
+allow platform_app hal_wlc_hwservice:hwservice_manager find;
diff --git a/whitechapel_pro/service.te b/whitechapel_pro/service.te
index 9c935e9c..abeeedcd 100644
--- a/whitechapel_pro/service.te
+++ b/whitechapel_pro/service.te
@@ -1 +1,2 @@
 type hal_pixel_display_service, service_manager_type, vendor_service;
+type touch_service, service_manager_type, vendor_service;
diff --git a/whitechapel_pro/service_contexts b/whitechapel_pro/service_contexts
index 9592f86f..cb6af7cc 100644
--- a/whitechapel_pro/service_contexts
+++ b/whitechapel_pro/service_contexts
@@ -1 +1,2 @@
 com.google.hardware.pixel.display.IDisplay/default         u:object_r:hal_pixel_display_service:s0
+com.google.input.ITouchContextService/default              u:object_r:touch_service:s0