From 70e6dd395b719ad5fe61c912f27180f2679473d6 Mon Sep 17 00:00:00 2001
From: Jimmy Hu <hhhuuu@google.com>
Date: Thu, 18 May 2023 05:33:46 +0000
Subject: [PATCH] Set sepolicy for shell script of disabling contaminant
 detection

(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 263916675
Bug: 264231895
Test: setprop vendor.usb.contaminantdisable true
Change-Id: Ia451a6abc4a3c872c002efa323d06e9179bd656b
Signed-off-by: Jimmy Hu <hhhuuu@google.com>
---
 vendor/disable-contaminant-detection-sh.te | 7 +++++++
 vendor/file_contexts                       | 1 +
 vendor/genfs_contexts                      | 3 +++
 3 files changed, 11 insertions(+)
 create mode 100644 vendor/disable-contaminant-detection-sh.te

diff --git a/vendor/disable-contaminant-detection-sh.te b/vendor/disable-contaminant-detection-sh.te
new file mode 100644
index 00000000..95845a18
--- /dev/null
+++ b/vendor/disable-contaminant-detection-sh.te
@@ -0,0 +1,7 @@
+type disable-contaminant-detection-sh, domain;
+type disable-contaminant-detection-sh_exec, vendor_file_type, exec_type, file_type;
+init_daemon_domain(disable-contaminant-detection-sh)
+
+allow disable-contaminant-detection-sh vendor_toolbox_exec:file execute_no_trans;
+allow disable-contaminant-detection-sh sysfs_batteryinfo:dir r_dir_perms;
+allow disable-contaminant-detection-sh sysfs_batteryinfo:file rw_file_perms;
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 5befdac9..b5b1ebbe 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -28,6 +28,7 @@
 /vendor/bin/hw/android\.hardware\.security\.keymint-service\.rust\.trusty         u:object_r:hal_keymint_default_exec:s0
 /vendor/bin/ufs_firmware_update\.sh                                         u:object_r:ufs_firmware_update_exec:s0
 /vendor/bin/hw/android\.hardware\.memtrack-service\.pixel                   u:object_r:hal_memtrack_default_exec:s0
+/vendor/bin/hw/disable_contaminant_detection\.sh                            u:object_r:disable-contaminant-detection-sh_exec:s0
 
 # Vendor Firmwares
 /vendor/firmware(/.*)?                                                      u:object_r:vendor_fw_file:s0
diff --git a/vendor/genfs_contexts b/vendor/genfs_contexts
index 1dfb855e..0486491d 100644
--- a/vendor/genfs_contexts
+++ b/vendor/genfs_contexts
@@ -158,6 +158,9 @@ genfscon sysfs /devices/platform/13120000.pcie/link_stats/link_up_average
 genfscon sysfs /devices/platform/13120000.pcie/link_stats/link_up_failures              u:object_r:sysfs_pcie:s0
 genfscon sysfs /devices/platform/13120000.pcie/link_stats/pll_lock_average              u:object_r:sysfs_pcie:s0
 
+# disable contaminant detection
+genfscon sysfs /devices/platform/10cb0000.hsi2c                                         u:object_r:sysfs_batteryinfo:s0
+
 # Battery
 genfscon sysfs /devices/platform/google,battery/power_supply/battery                    u:object_r:sysfs_batteryinfo:s0
 genfscon sysfs /devices/platform/google,cpm                                             u:object_r:sysfs_batteryinfo:s0