zuma: Add selinux permission for fth

Fix the following avc denials: avc: denied { open } for path="/dev/fth_fd" dev="tmpfs" ino=1575 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1 avc: denied { read } for name="wakeup96" dev="sysfs" ino=101698 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0 Bug: 383048849 Test: ls -lZ /sys/devices/platform/odm//odm:fps_touch_handler/wakeup Test: authenticate fingerprint Flag: EXEMPT NDK Change-Id: Iec9de84c8faa6790f9f27c5875b5a822a02fcee9
2024-12-12 08:10:15 +00:00 · 2024-12-12 08:10:15 +00:00 · 9ea8cdc64f
commit 9ea8cdc64f
parent 2e5674bd21
2 changed files with 3 additions and 0 deletions
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@ -100,6 +100,7 @@ is_flag_disabled(RELEASE_AVF_ENABLE_DEVICE_ASSIGNMENT, `
 /dev/gxp                                                                    u:object_r:gxp_device:s0
 /dev/mali0                                                                  u:object_r:gpu_device:s0
 /dev/goodix_fp                                                              u:object_r:fingerprint_device:s0
+/dev/fth_fd                                                                 u:object_r:fingerprint_device:s0
 /dev/logbuffer_tcpm                                                         u:object_r:logbuffer_device:s0
 /dev/logbuffer_usbpd                                                        u:object_r:logbuffer_device:s0
 /dev/logbuffer_ssoc                                                         u:object_r:logbuffer_device:s0
--- a/vendor/genfs_contexts
+++ b/vendor/genfs_contexts
@ -290,6 +290,8 @@ genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup
 genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/wakeup/                                              u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/19450000.drmdsim/19450000.drmdsim.0/wakeup/                                              u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/110f0000.drmdp/wakeup                                                                    u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/odm/odm:fps_touch_handler/power/wakeup                                                   u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/odm/odm:fps_touch_handler/wakeup                                                         u:object_r:sysfs_wakeup:s0

 # Trusty
 genfscon sysfs /module/trusty_virtio/parameters/use_high_wq               u:object_r:sysfs_trusty:s0