zenfone6: Add sepolicy for Glove and Gestures
diff --git a/sepolicy/private/file.te b/sepolicy/private/file.te
index d5662e6..76f08bc 100644
--- a/sepolicy/private/file.te
+++ b/sepolicy/private/file.te
@@ -5,14 +5,5 @@
type xrom_file, file_type;
# Offscreen Gestures
-type fts_gesture_mode, fs_type;
-type fts_gesture_c_mode, fs_type;
-type fts_gesture_e_mode, fs_type;
-type fts_gesture_v_mode, fs_type;
-type fts_gesture_s_mode, fs_type;
-type fts_gesture_w_mode, fs_type;
-type fts_gesture_z_mode, fs_type;
-type fts_gesture_left_mode, fs_type;
-type fts_gesture_right_mode, fs_type;
-type fts_gesture_up_mode, fs_type;
-type fts_gesture_down_mode, fs_type;
\ No newline at end of file
+type sysfs_gesture, sysfs_type, fs_type;
+type sysfs_touchscreen, sysfs_type, fs_type;
\ No newline at end of file
diff --git a/sepolicy/private/file_contexts b/sepolicy/private/file_contexts
index cdb17a7..119b803 100644
--- a/sepolicy/private/file_contexts
+++ b/sepolicy/private/file_contexts
@@ -9,6 +9,10 @@
# Audio
/system/etc/audio_policy_configuration.xml u:object_r:vendor_configs_file:s0
+# Gestures
+/sys/devices/platform/soc/c80000.i2c/i2c-4/4-0038/fts_glove_mode u:object_r:sysfs_gesture:s0
+/sys/devices/platform/soc/c80000.i2c/i2c-4/4-0038/fts_gesture_.* u:object_r:sysfs_gesture:s0
+
# Modules
/system/lib/modules/wlan\.ko u:object_r:vendor_file:s0
/system/lib64/hw/lights\.msmnile\.so u:object_r:vendor_file:s0
diff --git a/sepolicy/private/genfs_contexts b/sepolicy/private/genfs_contexts
new file mode 100644
index 0000000..a1c4307
--- /dev/null
+++ b/sepolicy/private/genfs_contexts
@@ -0,0 +1 @@
+genfscon sysfs /devices/platform/soc/c80000.i2c/i2c-4/4-0038/dclick_mode u:object_r:sysfs_touchscreen:s0
\ No newline at end of file
diff --git a/sepolicy/private/init.te b/sepolicy/private/init.te
index 7a9434c..5c71641 100644
--- a/sepolicy/private/init.te
+++ b/sepolicy/private/init.te
@@ -1,2 +1,6 @@
+# Allow init to chown/chmod on pseudo files in /sys
+allow init sysfs_touchscreen:file { rw_file_perms setattr };
+allow init sysfs_gesture:file { rw_file_perms setattr };
+
# Allow init to mount vendor configs
allow init vendor_configs_file:file mounton;
\ No newline at end of file
diff --git a/sepolicy/private/system_app.te b/sepolicy/private/system_app.te
index ca8d554..b73fb60 100644
--- a/sepolicy/private/system_app.te
+++ b/sepolicy/private/system_app.te
@@ -1,27 +1 @@
-allow system_app {
- fts_gesture_mode
- -fts_gesture_c_mode
- -fts_gesture_e_mode
- -fts_gesture_v_mode
- -fts_gesture_s_mode
- -fts_gesture_w_mode
- -fts_gesture_z_mode
- -fts_gesture_up_mode
- -fts_gesture_down_mode
- -fts_gesture_left_mode
- -fts_gesture_right_mode
-}:file { open write };
-
-allow system_app {
- fts_gesture_mode
- -fts_gesture_c_mode
- -fts_gesture_e_mode
- -fts_gesture_v_mode
- -fts_gesture_s_mode
- -fts_gesture_w_mode
- -fts_gesture_z_mode
- -fts_gesture_up_mode
- -fts_gesture_down_mode
- -fts_gesture_left_mode
- -fts_gesture_right_mode
-}:file getattr;
\ No newline at end of file
+allow system_app sysfs_gesture:file { rw_file_perms setattr };
\ No newline at end of file
diff --git a/sepolicy/private/system_server.te b/sepolicy/private/system_server.te
new file mode 100644
index 0000000..c865e8c
--- /dev/null
+++ b/sepolicy/private/system_server.te
@@ -0,0 +1,2 @@
+allow system_server sysfs_touchscreen:file rw_file_perms;
+allow system_server sysfs_gesture:file rw_file_perms;
\ No newline at end of file