From fc8f4f8f24eccb210734bbb263fb09b239aed031 Mon Sep 17 00:00:00 2001
From: Wilson Sung <wilsonsung@google.com>
Date: Thu, 23 Feb 2023 20:31:11 +0800
Subject: [PATCH] Allow hal_thermal_default to read iio/odpm sysfs nodes

Bug: 260366399
Bug: 261651187
Bug: 264204525
Change-Id: I7358b7740f6c30bd7b05e29e931a4c11226c6253
---
 tracking_denials/hal_thermal_default.te | 14 +-------------
 vendor/hal_thermal_default.te           |  2 ++
 2 files changed, 3 insertions(+), 13 deletions(-)
 create mode 100644 vendor/hal_thermal_default.te

diff --git a/tracking_denials/hal_thermal_default.te b/tracking_denials/hal_thermal_default.te
index bec1528e..7bca4bf5 100644
--- a/tracking_denials/hal_thermal_default.te
+++ b/tracking_denials/hal_thermal_default.te
@@ -1,16 +1,4 @@
-# b/260366399
-dontaudit hal_thermal_default sysfs:file { getattr };
-dontaudit hal_thermal_default sysfs:file { open };
-dontaudit hal_thermal_default sysfs:file { read };
-# b/261651187
-dontaudit hal_thermal_default sysfs_iio_devices:dir { open };
-dontaudit hal_thermal_default sysfs_iio_devices:dir { read };
-dontaudit hal_thermal_default sysfs_iio_devices:dir { search };
-# b/264204525
-dontaudit hal_thermal_default sysfs_odpm:file { getattr };
-dontaudit hal_thermal_default sysfs_odpm:file { open };
-dontaudit hal_thermal_default sysfs_odpm:file { read };
 # b/264490033
 userdebug_or_eng(`
   permissive hal_thermal_default;
-')
\ No newline at end of file
+')
diff --git a/vendor/hal_thermal_default.te b/vendor/hal_thermal_default.te
new file mode 100644
index 00000000..a573a2ae
--- /dev/null
+++ b/vendor/hal_thermal_default.te
@@ -0,0 +1,2 @@
+r_dir_file(hal_thermal_default, sysfs_iio_devices)
+r_dir_file(hal_thermal_default, sysfs_odpm)