From c31ec37715a992ceb9039c4e5e168f52226630bc Mon Sep 17 00:00:00 2001
From: Rick Chen <rickctchen@google.com>
Date: Fri, 13 Oct 2023 00:22:14 +0800
Subject: [PATCH] hal_sensors_default: Add permission to AOC reset sysfs node.

[21675.099727] type=1400 audit(1697127034.684:751): avc:  denied  { write } for  comm="binder:912_1" name="reset" dev="sysfs" ino=102250 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_reset:s0 tclass=file permissive=0

Bug: 304681766
Test: Modify sensor HAL to trigger SSR when init.
      No avc denied log when sensor HAL access AOC reset sysfs node.
Change-Id: Iede0fa94a627c5e0d3166bec05ef7041154d8efe
Signed-off-by: Rick Chen <rickctchen@google.com>
---
 vendor/hal_sensors_default.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/vendor/hal_sensors_default.te b/vendor/hal_sensors_default.te
index fe24c8a8..7dcf5022 100644
--- a/vendor/hal_sensors_default.te
+++ b/vendor/hal_sensors_default.te
@@ -62,3 +62,6 @@ allow hal_sensors_default sysfs_chosen:file r_file_perms;
 # Allow display_info_service access to the backlight driver.
 allow hal_sensors_default sysfs_leds:dir search;
 allow hal_sensors_default sysfs_leds:file r_file_perms;
+
+# Allow sensor HAL to reset AOC.
+allow hal_sensors_default sysfs_aoc_reset:file rw_file_perms;