diff --git a/vendor/file.te b/vendor/file.te index b97b93d..4c01d25 100644 --- a/vendor/file.te +++ b/vendor/file.te @@ -3,6 +3,7 @@ type persist_display_file, file_type, vendor_persist_type; type persist_battery_file, file_type, vendor_persist_type; type persist_camera_file, file_type, vendor_persist_type; type persist_sensor_reg_file, file_type, vendor_persist_type; +type persist_fingerprint_file, file_type, vendor_persist_type; #sysfs type sysfs_power_dump, sysfs_type, fs_type; @@ -36,6 +37,7 @@ type vendor_bt_data_file, file_type, data_file_type; # Data type sensor_reg_data_file, file_type, data_file_type; type chre_data_file, file_type, data_file_type; +type vendor_fingerprint_data_file, file_type, data_file_type; # Vendor sched files userdebug_or_eng(` diff --git a/vendor/file_contexts b/vendor/file_contexts index 1b60fe3..8e8fb4a 100644 --- a/vendor/file_contexts +++ b/vendor/file_contexts @@ -3,9 +3,7 @@ /vendor/bin/hw/android\.hardware\.boot@1\.2-service-zumapro u:object_r:hal_bootctl_default_exec:s0 /vendor/bin/hw/android\.hardware\.gxp\.logging@service-gxp-logging u:object_r:gxp_logging_exec:s0 /vendor/bin/hw/android\.hardware\.power\.stats-service\.pixel u:object_r:hal_power_stats_default_exec:s0 -/vendor/bin/hw/android\.hardware\.secure_element-service\.thales u:object_r:hal_secure_element_st54spi_aidl_exec:s0 -/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.goodix u:object_r:hal_fingerprint_default_exec:s0 -/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.goodix u:object_r:hal_fingerprint_default_exec:s0 +/vendor/bin/hw/android\.hardware\.secure_element-service\.thales u:object_r:hal_secure_element_st54spi_aidl_exec:s0 /vendor/bin/hw/android\.hardware\.usb-service u:object_r:hal_usb_impl_exec:s0 /vendor/bin/hw/android\.hardware\.usb\.gadget-service u:object_r:hal_usb_gadget_impl_exec:s0 /vendor/bin/hw/android\.hardware\.secure_element@1\.2-uicc-service u:object_r:hal_secure_element_uicc_exec:s0 @@ -25,9 +23,10 @@ /vendor/bin/chre u:object_r:chre_exec:s0 /vendor/bin/init\.uwb\.calib\.sh u:object_r:vendor_uwb_init_exec:s0 /vendor/bin/hw/android\.hardware\.security\.keymint-service\.trusty u:object_r:hal_keymint_default_exec:s0 -/vendor/bin/hw/android\.hardware\.security\.keymint-service\.rust\.trusty u:object_r:hal_keymint_default_exec:s0 +/vendor/bin/hw/android\.hardware\.security\.keymint-service\.rust\.trusty u:object_r:hal_keymint_default_exec:s0 /vendor/bin/ufs_firmware_update\.sh u:object_r:ufs_firmware_update_exec:s0 /vendor/bin/hw/android\.hardware\.memtrack-service\.pixel u:object_r:hal_memtrack_default_exec:s0 +/vendor/bin/hw/qfp-daemon u:object_r:hal_fingerprint_default_exec:s0 # Vendor Firmwares /vendor/firmware(/.*)? u:object_r:vendor_fw_file:s0 @@ -41,12 +40,14 @@ # Vendor /data/vendor/bluetooth(/.*)? u:object_r:vendor_bt_data_file:s0 /data/vendor/chre(/.*)? u:object_r:chre_data_file:s0 +/data/vendor/misc/qti_fp(/.*)? u:object_r:vendor_fingerprint_data_file:s0 # persist /mnt/vendor/persist/camera(/.*)? u:object_r:persist_camera_file:s0 /mnt/vendor/persist/display(/.*)? u:object_r:persist_display_file:s0 /mnt/vendor/persist/battery(/.*)? u:object_r:persist_battery_file:s0 /mnt/vendor/persist/ss(/.*)? u:object_r:persist_ss_file:s0 +/mnt/vendor/persist/qti_fp(/.*)? u:object_r:persist_fingerprint_file:s0 # Devices /dev/bbd_pwrstat u:object_r:power_stats_device:s0 @@ -89,7 +90,6 @@ /dev/block/platform/13200000\.ufs/by-name/ufs_internal u:object_r:ufs_internal_block_device:s0 /dev/gxp u:object_r:gxp_device:s0 /dev/mali0 u:object_r:gpu_device:s0 -/dev/goodix_fp u:object_r:fingerprint_device:s0 /dev/logbuffer_tcpm u:object_r:logbuffer_device:s0 /dev/logbuffer_usbpd u:object_r:logbuffer_device:s0 /dev/logbuffer_ssoc u:object_r:logbuffer_device:s0 @@ -210,3 +210,5 @@ /dev/dma_heap/gcma_camera u:object_r:gcma_camera_heap_device:s0 /dev/dma_heap/gcma_camera-uncached u:object_r:gcma_camera_heap_device:s0 /dev/uci u:object_r:uci_device:s0 +/dev/qbt_ipc u:object_r:fingerprint_device:s0 +/dev/qbt_fd u:object_r:fingerprint_device:s0 diff --git a/vendor/genfs_contexts b/vendor/genfs_contexts index e5e1b33..5e3243e 100644 --- a/vendor/genfs_contexts +++ b/vendor/genfs_contexts @@ -496,6 +496,7 @@ genfscon sysfs /devices/platform/gpio_keys/wakeup/wakeup genfscon sysfs /devices/platform/sound-aoc/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/virtual/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/odm/odm:qcom,qbt-handler/wakeup u:object_r:sysfs_wakeup:s0 # Trusty genfscon sysfs /module/trusty_virtio/parameters/use_high_wq u:object_r:sysfs_trusty:s0 diff --git a/vendor/hal_fingerprint_default.te b/vendor/hal_fingerprint_default.te index 6aa57dd..c60c609 100644 --- a/vendor/hal_fingerprint_default.te +++ b/vendor/hal_fingerprint_default.te @@ -37,3 +37,23 @@ hal_client_domain(hal_fingerprint_default, hal_thermal); # allow fingerprint to read sysfs_leds allow hal_fingerprint_default sysfs_leds:file r_file_perms; allow hal_fingerprint_default sysfs_leds:dir r_dir_perms; + +# allow fingerprint to wakeup to trigger calibration scans and sleep after +allow hal_fingerprint_default self:capability2 wake_alarm; +allow hal_fingerprint_default self:capability2 block_suspend; + +# allow fingerprint to search for files +# TODO: b/297562630 - remove unecessary permissions once not needed +allow hal_fingerprint_default mnt_vendor_file:dir search; +allow hal_fingerprint_default vendor_misc_data_file:dir search; +allow hal_fingerprint_default persist_file:dir search; + +# allow fingerprint to rw config and calibration files in persist +# TODO: b/297562630 - remove unecessary permissions once not needed +allow hal_fingerprint_default persist_fingerprint_file:dir search; +allow hal_fingerprint_default persist_fingerprint_file:file create_file_perms; + +# allow fingerprint to rw data files +# TODO: b/297562630 - remove unecessary permissions once not needed +allow hal_fingerprint_default vendor_fingerprint_data_file:dir create_dir_perms; +allow hal_fingerprint_default vendor_fingerprint_data_file:file create_file_perms; diff --git a/vendor/hwservice_contexts b/vendor/hwservice_contexts index 9f86e04..dd24a5f 100644 --- a/vendor/hwservice_contexts +++ b/vendor/hwservice_contexts @@ -1,2 +1,2 @@ # Fingerprint -vendor.goodix.hardware.biometrics.fingerprint::IGoodixFingerprintDaemon u:object_r:hal_fingerprint_ext_hwservice:s0 +vendor.qti.hardware.fingerprint::IQtiExtendedFingerprint u:object_r:hal_fingerprint_ext_hwservice:s0 diff --git a/vendor/property_contexts b/vendor/property_contexts index e837a5c..f456434 100644 --- a/vendor/property_contexts +++ b/vendor/property_contexts @@ -6,6 +6,7 @@ vendor.camera.fatp. u:object_r:vendor_camera_fatp_prop:s0 # Fingerprint vendor.fingerprint. u:object_r:vendor_fingerprint_prop:s0 vendor.gf. u:object_r:vendor_fingerprint_prop:s0 +persist.vendor.qfp. u:object_r:vendor_fingerprint_prop:s0 # Battery vendor.battery.defender. u:object_r:vendor_battery_defender_prop:s0