Merge "[SELinux] Fix hal_uwb_default dev access errors" into udc-d1-dev

tracking_denials/hal_uwb_default.te

@@ -1,7 +1,3 @@
-# b/260366065
-dontaudit hal_uwb_default device:chr_file { ioctl };
-dontaudit hal_uwb_default device:chr_file { open };
-dontaudit hal_uwb_default device:chr_file { read write };
 # b/264489750
 userdebug_or_eng(`
   permissive hal_uwb_default;

vendor/device.te

@@ -7,6 +7,7 @@ type ufs_internal_block_device, dev_type;
 type logbuffer_device, dev_type;
 type gxp_device, dev_type, mlstrustedobject;
 type fingerprint_device, dev_type;
+type uci_device, dev_type;
 
 # Dmabuf heaps
 type sensor_direct_heap_device, dmabuf_heap_device_type, dev_type;

vendor/file_contexts

@@ -160,4 +160,4 @@
 /dev/dma_heap/vframe-secure                                                 u:object_r:video_secure_heap_device:s0
 /dev/dma_heap/vscaler-secure                                                u:object_r:video_secure_heap_device:s0
 /dev/dma_heap/vstream-secure                                                u:object_r:video_secure_heap_device:s0
-
+/dev/uci                                                                    u:object_r:uci_device:s0

vendor/hal_uwb_vendor_default.te

@@ -1,4 +1,5 @@
 type hal_uwb_vendor_default, domain;
 type hal_uwb_vendor_default_exec, vendor_file_type, exec_type, file_type;
+allow hal_uwb_default uci_device:chr_file rw_file_perms;
 init_daemon_domain(hal_uwb_vendor_default)