From 9255fe5091ddba34bbead9c2321813d6956ffbbb Mon Sep 17 00:00:00 2001
From: Denny cy Lee <dennycylee@google.com>
Date: Mon, 18 May 2020 17:16:40 +0800
Subject: Pixelstats: Add sepolicy for WLC metrics

1)Branch sepolicy
2)Add sepolicy for WLC metrics

Bug: 157535660
Test: No "avc denied" log for pixelstats_vendor.
Change-Id: Ia1df5930a9067b9bfa59f812624523b863f7072b
---
 vendor/google/pixelstats_vendor.te | 28 ++++++++++++++++++++++++++++
 vendor/google/system_server.te     |  2 ++
 2 files changed, 30 insertions(+)
 create mode 100644 vendor/google/pixelstats_vendor.te
 create mode 100644 vendor/google/system_server.te

diff --git a/vendor/google/pixelstats_vendor.te b/vendor/google/pixelstats_vendor.te
new file mode 100644
index 0000000..2028ffe
--- /dev/null
+++ b/vendor/google/pixelstats_vendor.te
@@ -0,0 +1,28 @@
+# pixelstats vendor
+type pixelstats_vendor, domain;
+
+type pixelstats_vendor_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(pixelstats_vendor)
+r_dir_file(pixelstats_vendor, sysfs_pixelstats)
+
+unix_socket_connect(pixelstats_vendor, chre, chre)
+
+get_prop(pixelstats_vendor, hwservicemanager_prop)
+hwbinder_use(pixelstats_vendor)
+allow pixelstats_vendor hal_pixelstats_hwservice:hwservice_manager find;
+binder_call(pixelstats_vendor, pixelstats_system)
+
+allow pixelstats_vendor fwk_stats_hwservice:hwservice_manager find;
+binder_call(pixelstats_vendor, statsd)
+
+allow pixelstats_vendor sysfs_scsi_devices_0000:file rw_file_perms;
+r_dir_file(pixelstats_vendor, sysfs_batteryinfo)
+# UeventListener
+allow pixelstats_vendor self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
+
+# wlc
+allow pixelstats_vendor sysfs_wlc:dir search;
+
+# OrientationCollector
+allow pixelstats_vendor fwk_sensor_hwservice:hwservice_manager find;
+binder_call(pixelstats_vendor, system_server)
diff --git a/vendor/google/system_server.te b/vendor/google/system_server.te
new file mode 100644
index 0000000..2adcf05
--- /dev/null
+++ b/vendor/google/system_server.te
@@ -0,0 +1,2 @@
+# pixelstats_vendor/OrientationCollector
+binder_call(system_server, pixelstats_vendor)
-- 
cgit v1.2.3