sepolicy: qti: Add rules for vendor.oplus.hardware.oplusSensor

Change-Id: I3f51f2586e0af11749bd2cdb5a744b7b2fcb283d

sepolicy/qti/vendor/attributes

@@ -0,0 +1 @@
+vendor_hal_attribute(oplusSensor)

sepolicy/qti/vendor/file.te

@@ -18,6 +18,8 @@ type vendor_proc_engineer, fs_type, proc_type;
 type vendor_proc_fingerprint, fs_type, proc_type;
 
 # Sensors
+type vendor_proc_eng_cali_file, fs_type, proc_type;
+type vendor_proc_oplus_als_file, fs_type, proc_type;
 type vendor_sysfs_sensor_fb, fs_type, sysfs_type;
 
 # Versioning

sepolicy/qti/vendor/file_contexts

@@ -55,8 +55,9 @@
 /dev/block/platform/soc/1d84000\.ufshc/by-name/oplusreserve4    u:object_r:vendor_reserve_partition:s0
 
 # Sensors
-/(odm|vendor/odm)/bin/oplus_sensor_fb    u:object_r:vendor_sensors_exec:s0
-/dev/ssc_interactive                     u:object_r:ssc_interactive_device:s0
+/(odm|vendor/odm)/bin/hw/vendor\.oplus\.hardware\.oplusSensor@1\.0-service    u:object_r:vendor_hal_oplusSensor_default_exec:s0
+/(odm|vendor/odm)/bin/oplus_sensor_fb                                         u:object_r:vendor_sensors_exec:s0
+/dev/ssc_interactive                                                          u:object_r:ssc_interactive_device:s0
 
 # Spunvm
 /dev/block/platform/soc/1d84000\.ufshc/by-name/spunvm    u:object_r:vendor_efs_boot_dev:s0

sepolicy/qti/vendor/genfs_contexts

@@ -20,6 +20,8 @@ genfscon proc /oplus_rf    u:object_r:vendor_proc_engineer:s0
 genfscon proc /fp_id    u:object_r:vendor_proc_fingerprint:s0
 
 # Sensors
+genfscon proc /sensor/als_cali                        u:object_r:vendor_proc_oplus_als_file:s0
+genfscon proc /sensor/pressure_cali                   u:object_r:vendor_proc_eng_cali_file:s0
 genfscon sysfs /devices/platform/soc/soc:sensor_fb    u:object_r:vendor_sysfs_sensor_fb:s0
 
 # Versioning

sepolicy/qti/vendor/hwservice.te

@@ -1,2 +1,5 @@
 # ORMS
 type vendor_hal_orms_hwservice, hwservice_manager_type, protected_hwservice;
+
+# Sensors
+type vendor_hal_oplusSensor_hwservice, hwservice_manager_type, protected_hwservice;

sepolicy/qti/vendor/hwservice_contexts

@@ -12,6 +12,9 @@ vendor.oplus.hardware.commondcs::ICommonDcsHalService                   u:object
 # ORMS
 vendor.oplus.hardware.orms::IOrmsHalProxy    u:object_r:vendor_hal_orms_hwservice:s0
 
+# Sensors
+vendor.oplus.hardware.oplusSensor::ISensorFeature    u:object_r:vendor_hal_oplusSensor_hwservice:s0
+
 # Telephony
 vendor.oplus.hardware.appradio::IOplusAppRadio    u:object_r:hal_telephony_hwservice:s0
 vendor.oplus.hardware.ims::IOplusImsRadio         u:object_r:hal_telephony_hwservice:s0

sepolicy/qti/vendor/te_macros

@@ -1,3 +1,12 @@
+#####################################
+# vendor_hal_attribute(hal_name)
+# Add an attribute for vendor hal implementations.
+define(`vendor_hal_attribute', `
+attribute vendor_hal_$1;
+attribute vendor_hal_$1_client;
+attribute vendor_hal_$1_server;
+')
+
 #####################################
 # rw_dir_file(domain, type)
 # Allow the specified domain to read directories and rw files

sepolicy/qti/vendor/vendor_hal_oplusSensor_default.te

@@ -0,0 +1,20 @@
+type vendor_hal_oplusSensor_default, domain;
+hal_server_domain(vendor_hal_oplusSensor_default, vendor_hal_oplusSensor)
+
+type vendor_hal_oplusSensor_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(vendor_hal_oplusSensor_default)
+
+binder_call(vendor_hal_oplusSensor_client, vendor_hal_oplusSensor_server)
+binder_call(vendor_hal_oplusSensor_server, vendor_hal_oplusSensor_client)
+
+hal_attribute_hwservice(vendor_hal_oplusSensor, vendor_hal_oplusSensor_hwservice)
+
+allow vendor_hal_oplusSensor_default vendor_reserve_partition:blk_file r_file_perms;
+
+allow vendor_hal_oplusSensor_default mnt_vendor_file:dir search;
+
+r_dir_file(vendor_hal_oplusSensor_default, vendor_persist_engineer_file)
+r_dir_file(vendor_hal_oplusSensor_default, vendor_persist_sensors_file)
+r_dir_file(vendor_hal_oplusSensor_default, vendor_proc_oplus_version)
+rw_dir_file(vendor_hal_oplusSensor_default, vendor_proc_eng_cali_file)
+rw_dir_file(vendor_hal_oplusSensor_default, vendor_proc_oplus_als_file)