From f81dd0c57886815b384fe209bdfa70f7b786957a Mon Sep 17 00:00:00 2001
From: Donghyun Cho <donghyun@google.com>
Date: Wed, 5 Apr 2017 11:20:48 +0900
Subject: [PATCH] Add sepolicy for tv.cec

Bug: 36562029
Test: m -j40 and CEC functionality works well
Change-Id: I5a693e65abdd5139a848d939149a475056cc41e8
---
 private/system_server.te     | 1 +
 public/attributes            | 3 +++
 public/hal_tv_cec.te         | 3 +++
 vendor/file_contexts         | 1 +
 vendor/hal_tv_cec_default.te | 5 +++++
 5 files changed, 13 insertions(+)
 create mode 100644 public/hal_tv_cec.te
 create mode 100644 vendor/hal_tv_cec_default.te

diff --git a/private/system_server.te b/private/system_server.te
index 430234313..7c3e2af4d 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -183,6 +183,7 @@ hal_client_domain(system_server, hal_power)
 hal_client_domain(system_server, hal_sensors)
 binder_call(system_server, hal_thermal)
 hal_client_domain(system_server, hal_thermal)
+hal_client_domain(system_server, hal_tv_cec)
 hal_client_domain(system_server, hal_tv_input)
 binder_call(system_server, hal_usb)
 hal_client_domain(system_server, hal_usb)
diff --git a/public/attributes b/public/attributes
index 6bb8346c3..6b78cd5ba 100644
--- a/public/attributes
+++ b/public/attributes
@@ -221,6 +221,9 @@ attribute hal_telephony_server;
 attribute hal_thermal;
 attribute hal_thermal_client;
 attribute hal_thermal_server;
+attribute hal_tv_cec;
+attribute hal_tv_cec_client;
+attribute hal_tv_cec_server;
 attribute hal_tv_input;
 attribute hal_tv_input_client;
 attribute hal_tv_input_server;
diff --git a/public/hal_tv_cec.te b/public/hal_tv_cec.te
new file mode 100644
index 000000000..aa85b926e
--- /dev/null
+++ b/public/hal_tv_cec.te
@@ -0,0 +1,3 @@
+# HwBinder IPC from clients into server, and callbacks
+binder_call(hal_tv_cec_client, hal_tv_cec_server)
+binder_call(hal_tv_cec_server, hal_tv_cec_client)
diff --git a/vendor/file_contexts b/vendor/file_contexts
index 5ccfab40c..a702f0865 100644
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@@ -25,6 +25,7 @@
 /(vendor|system/vendor)/bin/hw/android\.hardware\.sensors@1\.0-service        u:object_r:hal_sensors_default_exec:s0
 /(vendor|system/vendor)/bin/hw/rild                                           u:object_r:rild_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.thermal@1\.0-service        u:object_r:hal_thermal_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.cec@1\.0-service        u:object_r:hal_tv_cec_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.input@1\.0-service      u:object_r:hal_tv_input_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.usb@1\.0-service            u:object_r:hal_usb_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.vibrator@1\.0-service       u:object_r:hal_vibrator_default_exec:s0
diff --git a/vendor/hal_tv_cec_default.te b/vendor/hal_tv_cec_default.te
new file mode 100644
index 000000000..cf071e627
--- /dev/null
+++ b/vendor/hal_tv_cec_default.te
@@ -0,0 +1,5 @@
+type hal_tv_cec_default, domain;
+hal_server_domain(hal_tv_cec_default, hal_tv_cec)
+
+type hal_tv_cec_default_exec, exec_type, file_type;
+init_daemon_domain(hal_tv_cec_default)
-- 
GitLab