From 45b906133f3c70eeccdffac04238e4a7d909f037 Mon Sep 17 00:00:00 2001
From: Cheney Ni <cheneyni@google.com>
Date: Fri, 24 Sep 2021 03:43:44 +0800
Subject: [PATCH] Bluetooth: Add Sepolicy for QTI default HAL (1/2)

Bug: 202113218
Test: manually
Change-Id: I589b5c1df9fad6541799c1ba370fe2359cc31831
---
 bluetooth/device.te                | 1 +
 bluetooth/file_contexts            | 5 +++++
 bluetooth/genfs_contexts           | 1 +
 bluetooth/hal_bluetooth_default.te | 9 +++++++++
 bluetooth/hwservice.te             | 2 ++
 bluetooth/hwservice_contexts       | 3 +++
 6 files changed, 21 insertions(+)
 create mode 100644 bluetooth/device.te
 create mode 100644 bluetooth/file_contexts
 create mode 100644 bluetooth/genfs_contexts
 create mode 100644 bluetooth/hal_bluetooth_default.te
 create mode 100644 bluetooth/hwservice.te
 create mode 100644 bluetooth/hwservice_contexts

diff --git a/bluetooth/device.te b/bluetooth/device.te
new file mode 100644
index 0000000..7ed13ad
--- /dev/null
+++ b/bluetooth/device.te
@@ -0,0 +1 @@
+type bt_device, dev_type;
diff --git a/bluetooth/file_contexts b/bluetooth/file_contexts
new file mode 100644
index 0000000..da02008
--- /dev/null
+++ b/bluetooth/file_contexts
@@ -0,0 +1,5 @@
+# Bluetooth
+/vendor/bin/hw/android\.hardware\.bluetooth@1\.0-service-qti  u:object_r:hal_bluetooth_default_exec:s0
+
+/dev/btpower                                    u:object_r:bt_device:s0
+/dev/ttySAC18                                   u:object_r:hci_attach_dev:s0
diff --git a/bluetooth/genfs_contexts b/bluetooth/genfs_contexts
new file mode 100644
index 0000000..2b2d437
--- /dev/null
+++ b/bluetooth/genfs_contexts
@@ -0,0 +1 @@
+genfscon sysfs /devices/platform/odm/odm:btqcom/rfkill/rfkill0/state                             u:object_r:sysfs_bluetooth_writable:s0
diff --git a/bluetooth/hal_bluetooth_default.te b/bluetooth/hal_bluetooth_default.te
new file mode 100644
index 0000000..dcd2b7f
--- /dev/null
+++ b/bluetooth/hal_bluetooth_default.te
@@ -0,0 +1,9 @@
+allow hal_bluetooth_default bt_device:chr_file rw_file_perms;
+
+add_hwservice(hal_bluetooth_default, hal_bluetooth_coexistence_hwservice)
+
+userdebug_or_eng(`
+  allow hal_bluetooth_default sscoredump_vendor_data_crashinfo_file:dir rw_dir_perms;
+  allow hal_bluetooth_default sscoredump_vendor_data_crashinfo_file:file { create_file_perms };
+  set_prop(hal_bluetooth_default, vendor_ssrdump_prop)
+')
diff --git a/bluetooth/hwservice.te b/bluetooth/hwservice.te
new file mode 100644
index 0000000..8a5ae49
--- /dev/null
+++ b/bluetooth/hwservice.te
@@ -0,0 +1,2 @@
+# Bluetooth HAL extension
+type hal_bluetooth_coexistence_hwservice, hwservice_manager_type, vendor_hwservice_type;
diff --git a/bluetooth/hwservice_contexts b/bluetooth/hwservice_contexts
new file mode 100644
index 0000000..edd952b
--- /dev/null
+++ b/bluetooth/hwservice_contexts
@@ -0,0 +1,3 @@
+# Bluetooth HAL extension
+hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance   u:object_r:hal_bluetooth_coexistence_hwservice:s0
+hardware.google.bluetooth.sar::IBluetoothSar                          u:object_r:hal_bluetooth_coexistence_hwservice:s0