copy sepolicy from previous project on location

Bug: 143854052
Test: flash selinux modules to device and find avc errors gone
Change-Id: I340ba999dd292e74d9e825395b9ad16816aee8c9

1 files changed, 43 insertions, 0 deletions

diff --git a/vendor/qcom/common/location.te b/vendor/qcom/common/location.te
index 267faf3..af5f83d 100644
--- a/vendor/qcom/common/location.te
+++ b/vendor/qcom/common/location.te
@@ -1,3 +1,46 @@
+# location - Location daemon
 type location, domain;
 type location_exec, exec_type, vendor_file_type, file_type;
+
 init_daemon_domain(location)
+
+allow location self:capability setgid;
+
+# files in /sys
+r_dir_file(location, sysfs_soc)
+r_dir_file(location, sysfs_esoc)
+r_dir_file(location, sysfs_msm_subsys)
+r_dir_file(location, sysfs_ssr)
+
+# Execute /vendor/bin/lowi-server
+allow location location_exec:file rx_file_perms;
+
+# Enable standard network access (for XTRA download)
+net_domain(location)
+
+## And some additional network access
+allow location self:{
+    netlink_generic_socket
+    qipcrtr_socket
+} create_socket_perms_no_ioctl;
+allowxperm location self:udp_socket ioctl { SIOCGIFINDEX SIOCGIFHWADDR SIOCIWFIRSTPRIV_05 };
+
+# /data/vendor/location
+allow location location_data_file:dir create_dir_perms;
+allow location location_data_file:file create_file_perms;
+
+# /data/vendor/wifi/wpa
+allow location wpa_data_file:dir rw_dir_perms;
+allow location wpa_data_file:sock_file create_file_perms;
+allow location hal_wifi_supplicant_default:unix_dgram_socket sendto;
+
+# /dev/socket/location
+allow location location_socket:sock_file create_file_perms;
+allow location location_socket:dir w_dir_perms;
+
+allow location hal_gnss_qti:unix_dgram_socket sendto;
+
+userdebug_or_eng(`
+  allow location diag_device:chr_file rw_file_perms;
+')
+