Merge "Allow fingerprint to access sysfs_lhbm" into main

vendor/file.te

@@ -17,6 +17,7 @@ type sysfs_write_leds, sysfs_type, fs_type;
 type sysfs_fabric, sysfs_type, fs_type;
 type sysfs_em_profile, sysfs_type, fs_type;
 type sysfs_ospm, sysfs_type, fs_type;
+type sysfs_lhbm, sysfs_type, fs_type;
 
 # debugfs
 type vendor_regmap_debugfs, fs_type, debugfs_type;

vendor/genfs_contexts

@@ -408,6 +408,7 @@ genfscon sysfs /devices/platform/hdcp/hdcp2_fail_count
 genfscon sysfs /devices/platform/hdcp/hdcp1_success_count                                                 u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/hdcp/hdcp1_fail_count                                                    u:object_r:sysfs_display:s0
 genfscon sysfs /devices/platform/hdcp/hdcp0_count                                                         u:object_r:sysfs_display:s0
+genfscon sysfs /devices/platform/19440000.drmdsim/19440000.drmdsim.0/backlight/panel0-backlight/local_hbm_delay_frames  u:object_r:sysfs_lhbm:s0
 
 # ACPM
 genfscon sysfs /devices/platform/acpm_stats                                                            u:object_r:sysfs_acpm_stats:s0

vendor/hal_fingerprint_default.te

@@ -1,3 +1,4 @@
+# SE policies for fingerprint
 allow hal_fingerprint_default fingerprint_device:chr_file rw_file_perms;
 allow hal_fingerprint_default tee_device:chr_file rw_file_perms;
 allow hal_fingerprint_default self:netlink_socket create_socket_perms_no_ioctl;
@@ -56,3 +57,6 @@ allow hal_fingerprint_default persist_fingerprint_file:file create_file_perms;
 # TODO: b/297562630 - remove unecessary permissions once not needed
 allow hal_fingerprint_default vendor_fingerprint_data_file:dir create_dir_perms;
 allow hal_fingerprint_default vendor_fingerprint_data_file:file create_file_perms;
+
+# Allow fingerprint to rw lhbm files
+allow hal_fingerprint_default sysfs_lhbm:file rw_file_perms;