From e5cc5f793758c0718362483d5cb2bd8f450d3bd7 Mon Sep 17 00:00:00 2001
From: Omer Osman <omerosman@google.com>
Date: Tue, 22 Feb 2022 22:04:15 +0000
Subject: [PATCH] Add hidraw device and Dynamic Sensor SE Linux policy

Test: Incoming HID data from Pixel Buds

Change-Id: I77489100e13d892fb7d3a7cee9734de044795dec
---
 whitechapel_pro/device.te              | 3 +++
 whitechapel_pro/file_contexts          | 4 ++++
 whitechapel_pro/hal_sensors_default.te | 6 ++++++
 whitechapel_pro/property.te            | 4 ++++
 whitechapel_pro/property_contexts      | 4 ++++
 5 files changed, 21 insertions(+)

diff --git a/whitechapel_pro/device.te b/whitechapel_pro/device.te
index 68bb8a47..6b81f2a1 100644
--- a/whitechapel_pro/device.te
+++ b/whitechapel_pro/device.te
@@ -23,3 +23,6 @@ type battery_history_device, dev_type;
 type st54spi_device, dev_type;
 type st33spi_device, dev_type;
 
+# Raw HID device
+type hidraw_device, dev_type;
+
diff --git a/whitechapel_pro/file_contexts b/whitechapel_pro/file_contexts
index efb7ce3b..67ceea77 100644
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@@ -222,3 +222,7 @@
 
 # USB
 /vendor/bin/hw/set_usb_irq\.sh  u:object_r:set-usb-irq-sh_exec:s0
+
+# Raw HID device
+/dev/hidraw[0-9]*                        u:object_r:hidraw_device:s0
+
diff --git a/whitechapel_pro/hal_sensors_default.te b/whitechapel_pro/hal_sensors_default.te
index f4231fb7..65f2db8a 100644
--- a/whitechapel_pro/hal_sensors_default.te
+++ b/whitechapel_pro/hal_sensors_default.te
@@ -12,6 +12,12 @@ allow hal_sensors_default chre_socket:sock_file write;
 # Allow create thread to watch AOC's device.
 allow hal_sensors_default device:dir r_dir_perms;
 
+# Allow access for dynamic sensor properties.
+get_prop(hal_sensors_default, vendor_dynamic_sensor_prop)
+
+# Allow access to raw HID devices for dynamic sensors.
+allow hal_sensors_default hidraw_device:chr_file rw_file_perms;
+
 # Allow SensorSuez to connect AIDL stats.
 allow hal_sensors_default fwk_stats_service:service_manager find;
 
diff --git a/whitechapel_pro/property.te b/whitechapel_pro/property.te
index 5ddaf882..00ffa07d 100644
--- a/whitechapel_pro/property.te
+++ b/whitechapel_pro/property.te
@@ -29,3 +29,7 @@ vendor_internal_prop(vendor_fingerprint_prop)
 
 # UWB calibration
 system_vendor_config_prop(vendor_uwb_calibration_prop)
+
+# Dynamic sensor
+vendor_internal_prop(vendor_dynamic_sensor_prop)
+
diff --git a/whitechapel_pro/property_contexts b/whitechapel_pro/property_contexts
index 58aaff88..cca975dd 100644
--- a/whitechapel_pro/property_contexts
+++ b/whitechapel_pro/property_contexts
@@ -96,3 +96,7 @@ vendor.gf.                                 u:object_r:vendor_fingerprint_prop:s0
 
 #uwb
 ro.vendor.uwb.calibration.                 u:object_r:vendor_uwb_calibration_prop:s0 exact string
+
+# Dynamic sensor
+vendor.dynamic_sensor.                     u:object_r:vendor_dynamic_sensor_prop:s0
+