move aoc settings to gs-common
Bug: 248426917
Test: boot with aoc launched
Change-Id: I7f3e65f9b27510bff657ca46c9688932a0352437
diff --git a/aoc/sepolicy/hal_audio_default.te b/aoc/sepolicy/hal_audio_default.te
new file mode 100644
index 0000000..aa462bf
--- /dev/null
+++ b/aoc/sepolicy/hal_audio_default.te
@@ -0,0 +1,35 @@
+vndbinder_use(hal_audio_default)
+hwbinder_use(hal_audio_default)
+
+allow hal_audio_default audio_vendor_data_file:dir rw_dir_perms;
+allow hal_audio_default audio_vendor_data_file:file create_file_perms;
+
+r_dir_file(hal_audio_default, aoc_audio_file);
+r_dir_file(hal_audio_default, mnt_vendor_file);
+r_dir_file(hal_audio_default, persist_audio_file);
+
+allow hal_audio_default persist_file:dir search;
+allow hal_audio_default aoc_device:file rw_file_perms;
+allow hal_audio_default aoc_device:chr_file rw_file_perms;
+
+allow hal_audio_default hal_audio_ext_hwservice:hwservice_manager { find add };
+
+allow hal_audio_default amcs_device:file rw_file_perms;
+allow hal_audio_default amcs_device:chr_file rw_file_perms;
+allow hal_audio_default sysfs_pixelstats:file rw_file_perms;
+
+#allow access to DMABUF Heaps for AAudio API
+allow hal_audio_default dmabuf_heap_device:chr_file r_file_perms;
+
+set_prop(hal_audio_default, vendor_audio_prop);
+
+hal_client_domain(hal_audio_default, hal_health);
+hal_client_domain(hal_audio_default, hal_thermal);
+allow hal_audio_default fwk_sensor_hwservice:hwservice_manager find;
+
+userdebug_or_eng(`
+ allow hal_audio_default self:unix_stream_socket create_stream_socket_perms;
+ allow hal_audio_default audio_vendor_data_file:sock_file { create unlink };
+')
+
+wakelock_use(hal_audio_default);