otter: sepolicy: Initial changes
Change-Id: Iac2a2bfaef40b5337139df2472386764747ce5d8
diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te
index 78e72d7..2608763 100644
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -1,2 +1,5 @@
+# Fingerprint
type fingerprint_data_file, file_type, data_file_type;
+
+# Touchscreen
type vendor_sysfs_touchpanel, fs_type, sysfs_type;
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index 2319552..416b688 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -1,2 +1,10 @@
+# Fingerprint
+/dev/goodix_fp u:object_r:fingerprint_device:s0
+
+# NFC
+/dev/tms_nfc u:object_r:nfc_device:s0
+/vendor/bin/hw/android\.hardware\.nfc@1\.2-service-tms u:object_r:hal_nfc_default_exec:s0
+
# Vibrator
/vendor/bin/hw/vendor\.qti\.hardware\.vibrator\.service\.otter u:object_r:hal_vibrator_default_exec:s0
+/vendor/bin/vibratorcal u:object_r:vendor_vibratorcal_exec:s0
diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts
new file mode 100644
index 0000000..03d6e89
--- /dev/null
+++ b/sepolicy/vendor/genfs_contexts
@@ -0,0 +1,5 @@
+# Vibrator
+genfscon sysfs /devices/platform/soc/a84000.i2c/i2c-2/2-005a/leds/drv26xx_haptic u:object_r:sysfs_leds:s0
+
+# Wakeup
+genfscon sysfs /devices/platform/soc/a84000.i2c/i2c-2/2-0028/wakeup u:object_r:sysfs_wakeup:s0
diff --git a/sepolicy/vendor/hal_fingerprint_default.te b/sepolicy/vendor/hal_fingerprint_default.te
new file mode 100644
index 0000000..11ea706
--- /dev/null
+++ b/sepolicy/vendor/hal_fingerprint_default.te
@@ -0,0 +1,8 @@
+allow hal_fingerprint_default fingerprint_device:chr_file rw_file_perms;
+
+allow hal_fingerprint_default tee_device:chr_file rw_file_perms;
+
+allow hal_fingerprint_default self:netlink_socket create_socket_perms_no_ioctl;
+
+# gf.debug.fp_vendor
+dontaudit hal_fingerprint_default default_prop:property_service set;
diff --git a/sepolicy/vendor/hal_nfc_default.te b/sepolicy/vendor/hal_nfc_default.te
new file mode 100644
index 0000000..e7d2ff7
--- /dev/null
+++ b/sepolicy/vendor/hal_nfc_default.te
@@ -0,0 +1 @@
+allow hal_nfc_default tmsnfc_hwservice:hwservice_manager { add find };
diff --git a/sepolicy/vendor/hwservice.te b/sepolicy/vendor/hwservice.te
new file mode 100644
index 0000000..b297548
--- /dev/null
+++ b/sepolicy/vendor/hwservice.te
@@ -0,0 +1,2 @@
+# NFC
+type tmsnfc_hwservice, hwservice_manager_type;
diff --git a/sepolicy/vendor/hwservice_contexts b/sepolicy/vendor/hwservice_contexts
new file mode 100644
index 0000000..fe2d438
--- /dev/null
+++ b/sepolicy/vendor/hwservice_contexts
@@ -0,0 +1,5 @@
+# Fingerprint
+vendor.goodix.hardware.biometrics.fingerprint::IGoodixFingerprintDaemon u:object_r:hal_fingerprint_hwservice:s0
+
+# NFC
+vendor.tms.tmsnfc::ITmsNfc u:object_r:tmsnfc_hwservice:s0
diff --git a/sepolicy/vendor/tee.te b/sepolicy/vendor/tee.te
new file mode 100644
index 0000000..d33b0b5
--- /dev/null
+++ b/sepolicy/vendor/tee.te
@@ -0,0 +1 @@
+allow tee mnt_vendor_file:file r_file_perms;
diff --git a/sepolicy/vendor/vibratorcal.te b/sepolicy/vendor/vibratorcal.te
new file mode 100644
index 0000000..fa7da62
--- /dev/null
+++ b/sepolicy/vendor/vibratorcal.te
@@ -0,0 +1,11 @@
+type vendor_vibratorcal, domain;
+type vendor_vibratorcal_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(vendor_vibratorcal)
+
+allow vendor_vibratorcal mnt_vendor_file:dir search;
+allow vendor_vibratorcal vendor_persist_data_file:dir rw_dir_perms;
+allow vendor_vibratorcal vendor_persist_data_file:file create_file_perms;
+
+allow vendor_vibratorcal sysfs_leds:dir search;
+allow vendor_vibratorcal sysfs_leds:file rw_file_perms;