Add permissions for read maxfg debugfs am: 03c6806df9 am: e74bb8aa68 am: da7ec50ce6 am: 2551e52dff
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/23577705
Change-Id: If5442c4db9f83cd567610aef87e0aca0fb516719
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/oriole-sepolicy.mk b/oriole-sepolicy.mk
new file mode 100644
index 0000000..a4f28b2
--- /dev/null
+++ b/oriole-sepolicy.mk
@@ -0,0 +1,2 @@
+# Oriole only sepolicy
+BOARD_SEPOLICY_DIRS += device/google/gs101-sepolicy/oriole
diff --git a/oriole/grilservice_app.te b/oriole/grilservice_app.te
new file mode 100644
index 0000000..ad0a779
--- /dev/null
+++ b/oriole/grilservice_app.te
@@ -0,0 +1 @@
+allow grilservice_app hal_bluetooth_coexistence_service:service_manager find;
diff --git a/raven/grilservice_app.te b/raven/grilservice_app.te
new file mode 100644
index 0000000..ad0a779
--- /dev/null
+++ b/raven/grilservice_app.te
@@ -0,0 +1 @@
+allow grilservice_app hal_bluetooth_coexistence_service:service_manager find;
diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map
index 2b30cb2..cd9f9cd 100644
--- a/tracking_denials/bug_map
+++ b/tracking_denials/bug_map
@@ -1,10 +1,2 @@
dump_stm sysfs_spi dir b/277989397
-hal_camera_default boot_status_prop file b/275002227
-hal_camera_default edgetpu_app_service service_manager b/275002227
-hal_drm_default default_prop file b/232714489
hal_power_default hal_power_default capability b/240632824
-incidentd debugfs_wakeup_sources file b/238263568
-incidentd incidentd anon_inode b/268146971
-rfsd vendor_rild_prop property_service b/269218654
-su modem_img_file filesystem b/238825802
-system_server system_userdir_file dir b/281814691
diff --git a/tracking_denials/hal_drm_widevine.te b/tracking_denials/hal_drm_widevine.te
index 01581ca..d1190b1 100644
--- a/tracking_denials/hal_drm_widevine.te
+++ b/tracking_denials/hal_drm_widevine.te
@@ -1,4 +1,2 @@
# b/223502652
dontaudit hal_drm_widevine vndbinder_device:chr_file { read };
-# b/232714489
-dontaudit hal_drm_widevine default_prop:file { read };
diff --git a/tracking_denials/hal_dumpstate_default.te b/tracking_denials/hal_dumpstate_default.te
deleted file mode 100644
index dbcd88e..0000000
--- a/tracking_denials/hal_dumpstate_default.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/277989067
-dontaudit hal_dumpstate_default vendor_shell_exec:file { execute_no_trans };
diff --git a/tracking_denials/surfaceflinger.te b/tracking_denials/surfaceflinger.te
deleted file mode 100644
index 2db24d7..0000000
--- a/tracking_denials/surfaceflinger.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# b/176868297
-dontaudit surfaceflinger hal_graphics_composer_default:dir search ;
diff --git a/tracking_denials/untrusted_app.te b/tracking_denials/untrusted_app.te
deleted file mode 100644
index 9b098f8..0000000
--- a/tracking_denials/untrusted_app.te
+++ /dev/null
@@ -1,4 +0,0 @@
-# b/184593993
-dontaudit untrusted_app vendor_camera_prop:file { read };
-dontaudit untrusted_app vendor_camera_prop:file { read };
-dontaudit untrusted_app vendor_camera_prop:file { read };