From b29cf7645ac03683bc048c25890c417c7e083384 Mon Sep 17 00:00:00 2001
From: Dinesh Yadav <dkyadav@google.com>
Date: Mon, 10 Jul 2023 05:10:03 +0000
Subject: [PATCH] [Cleanup]: Move gxp sepolicies to gs-common for P22

These policies are moved to gs-common as part of ag/24002524

Bug: 288368306
Change-Id: If7466983009021c642db998e1c30071ee548846e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
---
 whitechapel_pro/debug_camera_app.te   | 5 +++--
 whitechapel_pro/device.te             | 1 -
 whitechapel_pro/file_contexts         | 3 ---
 whitechapel_pro/google_camera_app.te  | 3 ++-
 whitechapel_pro/gxp_logging.te        | 9 ---------
 whitechapel_pro/hal_camera_default.te | 3 ---
 6 files changed, 5 insertions(+), 19 deletions(-)
 delete mode 100644 whitechapel_pro/gxp_logging.te

diff --git a/whitechapel_pro/debug_camera_app.te b/whitechapel_pro/debug_camera_app.te
index 5342fb74..cdd58c9b 100644
--- a/whitechapel_pro/debug_camera_app.te
+++ b/whitechapel_pro/debug_camera_app.te
@@ -11,8 +11,9 @@ userdebug_or_eng(`
 	allow debug_camera_app mediametrics_service:service_manager find;
 	allow debug_camera_app mediaserver_service:service_manager find;
 
-	# Allows camera app to access the GXP device.
+	# Allows camera app to access the GXP device and properties.
 	allow debug_camera_app gxp_device:chr_file rw_file_perms;
+	get_prop(debug_camera_app, vendor_gxp_prop)
 
 	# Allows camera app to search for GXP firmware file.
 	allow debug_camera_app vendor_fw_file:dir search;
@@ -24,4 +25,4 @@ userdebug_or_eng(`
 	# Allows GCA-Eng to find and access the EdgeTPU.
 	allow debug_camera_app edgetpu_app_service:service_manager find;
 	allow debug_camera_app edgetpu_device:chr_file { getattr read write ioctl map };
-')
\ No newline at end of file
+')
diff --git a/whitechapel_pro/device.te b/whitechapel_pro/device.te
index b66248a7..93059b7f 100644
--- a/whitechapel_pro/device.te
+++ b/whitechapel_pro/device.te
@@ -12,7 +12,6 @@ type lwis_device, dev_type;
 type logbuffer_device, dev_type;
 type rls_device, dev_type;
 type fingerprint_device, dev_type;
-type gxp_device, dev_type, mlstrustedobject;
 type sensor_direct_heap_device, dmabuf_heap_device_type, dev_type;
 type faceauth_heap_device, dmabuf_heap_device_type, dev_type;
 type vframe_heap_device, dmabuf_heap_device_type, dev_type;
diff --git a/whitechapel_pro/file_contexts b/whitechapel_pro/file_contexts
index 8819cdc3..91662c8b 100644
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@@ -35,7 +35,6 @@
 /vendor/bin/hw/vendor\.google\.wireless_charger@1\.3-service-vendor         u:object_r:hal_wlc_exec:s0
 /vendor/bin/hw/android\.hardware\.usb-service                               u:object_r:hal_usb_impl_exec:s0
 /vendor/bin/hw/android\.hardware\.usb\.gadget-service                       u:object_r:hal_usb_gadget_impl_exec:s0
-/vendor/bin/hw/android\.hardware\.gxp\.logging@service-gxp-logging          u:object_r:gxp_logging_exec:s0
 /vendor/bin/hw/rild_exynos                                                  u:object_r:rild_exec:s0
 /vendor/bin/hw/android\.hardware\.qorvo\.uwb\.service                       u:object_r:hal_uwb_vendor_default_exec:s0
 /vendor/bin/rlsservice                                                      u:object_r:rlsservice_exec:s0
@@ -61,8 +60,6 @@
 /vendor/lib(64)?/android\.frameworks\.stats-V1-ndk\.so                      u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/vendor-pixelatoms-cpp\.so                                  u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/libprotobuf-cpp-lite-(\d+\.){2,3}so                        u:object_r:same_process_hal_file:s0
-/vendor/lib(64)?/libgxp\.so                                                 u:object_r:same_process_hal_file:s0
-/vendor/lib(64)?/gxp_metrics_logger\.so                                     u:object_r:same_process_hal_file:s0
 
 # Graphics
 /vendor/lib(64)?/hw/gralloc\.gs201\.so                                      u:object_r:same_process_hal_file:s0
diff --git a/whitechapel_pro/google_camera_app.te b/whitechapel_pro/google_camera_app.te
index d73cd3db..8cdbaa30 100644
--- a/whitechapel_pro/google_camera_app.te
+++ b/whitechapel_pro/google_camera_app.te
@@ -9,8 +9,9 @@ allow google_camera_app mediaextractor_service:service_manager find;
 allow google_camera_app mediametrics_service:service_manager find;
 allow google_camera_app mediaserver_service:service_manager find;
 
-# Allows camera app to access the GXP device.
+# Allows camera app to access the GXP device and properties.
 allow google_camera_app gxp_device:chr_file rw_file_perms;
+get_prop(google_camera_app, vendor_gxp_prop)
 
 # Allows camera app to search for GXP firmware file.
 allow google_camera_app vendor_fw_file:dir search;
diff --git a/whitechapel_pro/gxp_logging.te b/whitechapel_pro/gxp_logging.te
deleted file mode 100644
index 107942d1..00000000
--- a/whitechapel_pro/gxp_logging.te
+++ /dev/null
@@ -1,9 +0,0 @@
-type gxp_logging, domain;
-type gxp_logging_exec, exec_type, vendor_file_type, file_type;
-init_daemon_domain(gxp_logging)
-
-# The logging service accesses /dev/gxp
-allow gxp_logging gxp_device:chr_file rw_file_perms;
-
-# Allow gxp tracing service to send packets to Perfetto
-userdebug_or_eng(`perfetto_producer(gxp_logging)')
diff --git a/whitechapel_pro/hal_camera_default.te b/whitechapel_pro/hal_camera_default.te
index 05909984..c16b2481 100644
--- a/whitechapel_pro/hal_camera_default.te
+++ b/whitechapel_pro/hal_camera_default.te
@@ -28,9 +28,6 @@ binder_call(hal_camera_default, edgetpu_vendor_server)
 allow hal_camera_default edgetpu_app_service:service_manager find;
 binder_call(hal_camera_default, edgetpu_app_server)
 
-# Allow the camera hal to access the GXP device.
-allow hal_camera_default gxp_device:chr_file rw_file_perms;
-
 # Allow access to data files used by the camera HAL
 allow hal_camera_default mnt_vendor_file:dir search;
 allow hal_camera_default persist_file:dir search;