All hal policies expressed as attributes.
Bug: 32123421
Bug: 32905206
Test: compiles, nfc works
Change-Id: Ibf72ef70255573e4df0863ea640354b3c37eb47d
diff --git a/private/file_contexts b/private/file_contexts
index 4547b6a..ccb441a 100644
--- a/private/file_contexts
+++ b/private/file_contexts
@@ -228,19 +228,19 @@
/system/bin/webview_zygote64 u:object_r:webview_zygote_exec:s0
/system/fake-lib(64)?/libart.* u:object_r:libart_file:s0
/system/lib(64)?/libart.* u:object_r:libart_file:s0
-/system/bin/hw/android\.hardware\.audio@2\.0-service u:object_r:hal_audio_exec:s0
+/system/bin/hw/android\.hardware\.audio@2\.0-service u:object_r:hal_audio_default_exec:s0
/system/bin/hw/android\.hardware\.boot@1\.0-service u:object_r:hal_boot_exec:s0
-/system/bin/hw/android\.hardware\.ir@1\.0-service u:object_r:hal_ir_default_exec:s0
-/system/bin/hw/android\.hardware\.graphics\.allocator@2\.0-service u:object_r:hal_graphics_allocator_exec:s0
-/system/bin/hw/android\.hardware\.graphics\.composer@2\.1-service u:object_r:hal_graphics_composer_exec:s0
+/system/bin/hw/android\.hardware\.graphics\.allocator@2\.0-service u:object_r:hal_graphics_allocator_default_exec:s0
+/system/bin/hw/android\.hardware\.graphics\.composer@2\.1-service u:object_r:hal_graphics_composer_default_exec:s0
+/system/bin/hw/android\.hardware\.ir@1\.0-service u:object_r:hal_ir_default_exec:s0
/system/bin/hw/android\.hardware\.light@2\.0-service u:object_r:hal_light_default_exec:s0
-/system/bin/hw/android\.hardware\.memtrack@1\.0-service u:object_r:hal_memtrack_exec:s0
-/system/bin/hw/android\.hardware\.nfc@1\.0-service u:object_r:hal_nfc_exec:s0
-/system/bin/hw/android\.hardware\.power@1\.0-service u:object_r:hal_power_exec:s0
-/system/bin/hw/android\.hardware\.thermal@1\.0-service u:object_r:hal_thermal_exec:s0
-/system/bin/hw/android\.hardware\.vibrator@1\.0-service u:object_r:hal_vibrator_exec:s0
-/system/bin/hw/android\.hardware\.vr@1\.0-service u:object_r:hal_vr_exec:s0
-/system/bin/hw/android\.hardware\.wifi@1\.0-service u:object_r:hal_wifi_exec:s0
+/system/bin/hw/android\.hardware\.memtrack@1\.0-service u:object_r:hal_memtrack_default_exec:s0
+/system/bin/hw/android\.hardware\.nfc@1\.0-service u:object_r:hal_nfc_default_exec:s0
+/system/bin/hw/android\.hardware\.power@1\.0-service u:object_r:hal_power_default_exec:s0
+/system/bin/hw/android\.hardware\.thermal@1\.0-service u:object_r:hal_thermal_default_exec:s0
+/system/bin/hw/android\.hardware\.vibrator@1\.0-service u:object_r:hal_vibrator_default_exec:s0
+/system/bin/hw/android\.hardware\.vr@1\.0-service u:object_r:hal_vr_default_exec:s0
+/system/bin/hw/android\.hardware\.wifi@1\.0-service u:object_r:hal_wifi_default_exec:s0
#############################
# Vendor files
diff --git a/private/hal_audio.te b/private/hal_audio.te
deleted file mode 100644
index 0a3c170..0000000
--- a/private/hal_audio.te
+++ /dev/null
@@ -1,3 +0,0 @@
-# type_transition must be private policy the domain_trans rules could stay
-# public, but conceptually should go with this
-init_daemon_domain(hal_audio)
diff --git a/private/hal_audio_default.te b/private/hal_audio_default.te
new file mode 100644
index 0000000..bbbd419
--- /dev/null
+++ b/private/hal_audio_default.te
@@ -0,0 +1,4 @@
+type hal_audio_default, hal_audio, domain;
+type hal_audio_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_audio_default)
diff --git a/private/hal_graphics_allocator.te b/private/hal_graphics_allocator.te
deleted file mode 100644
index d00cf68..0000000
--- a/private/hal_graphics_allocator.te
+++ /dev/null
@@ -1 +0,0 @@
-init_daemon_domain(hal_graphics_allocator)
diff --git a/private/hal_graphics_allocator_default.te b/private/hal_graphics_allocator_default.te
new file mode 100644
index 0000000..36dcca3
--- /dev/null
+++ b/private/hal_graphics_allocator_default.te
@@ -0,0 +1,4 @@
+type hal_graphics_allocator_default, hal_graphics_allocator, domain;
+type hal_graphics_allocator_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_graphics_allocator_default)
diff --git a/private/hal_graphics_composer.te b/private/hal_graphics_composer.te
deleted file mode 100644
index 128171f..0000000
--- a/private/hal_graphics_composer.te
+++ /dev/null
@@ -1 +0,0 @@
-init_daemon_domain(hal_graphics_composer)
diff --git a/private/hal_graphics_composer_default.te b/private/hal_graphics_composer_default.te
new file mode 100644
index 0000000..9ddf71f
--- /dev/null
+++ b/private/hal_graphics_composer_default.te
@@ -0,0 +1,4 @@
+type hal_graphics_composer_default, hal_graphics_composer, domain;
+type hal_graphics_composer_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_graphics_composer_default)
diff --git a/private/hal_ir_default.te b/private/hal_ir_default.te
index 0ccd436..1f3d694 100644
--- a/private/hal_ir_default.te
+++ b/private/hal_ir_default.te
@@ -1,5 +1,4 @@
type hal_ir_default, hal_ir, domain;
type hal_ir_default_exec, exec_type, file_type;
-# may be started by init
init_daemon_domain(hal_ir_default)
diff --git a/private/hal_light_default.te b/private/hal_light_default.te
index 8ac8037..aee44d9 100644
--- a/private/hal_light_default.te
+++ b/private/hal_light_default.te
@@ -1,5 +1,4 @@
type hal_light_default, hal_light, domain;
type hal_light_default_exec, exec_type, file_type;
-# may be started by init
init_daemon_domain(hal_light_default)
diff --git a/private/hal_memtrack.te b/private/hal_memtrack.te
deleted file mode 100644
index 89c7b8e..0000000
--- a/private/hal_memtrack.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# may be started by init
-init_daemon_domain(hal_memtrack)
diff --git a/private/hal_memtrack_default.te b/private/hal_memtrack_default.te
new file mode 100644
index 0000000..113ee18
--- /dev/null
+++ b/private/hal_memtrack_default.te
@@ -0,0 +1,4 @@
+type hal_memtrack_default, hal_memtrack, domain;
+type hal_memtrack_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_memtrack_default)
diff --git a/private/hal_nfc.te b/private/hal_nfc.te
deleted file mode 100644
index 0d0f246..0000000
--- a/private/hal_nfc.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# may be started by init
-init_daemon_domain(hal_nfc)
diff --git a/private/hal_nfc_default.te b/private/hal_nfc_default.te
new file mode 100644
index 0000000..1f7c4ed
--- /dev/null
+++ b/private/hal_nfc_default.te
@@ -0,0 +1,4 @@
+type hal_nfc_default, hal_nfc, domain;
+type hal_nfc_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_nfc_default)
diff --git a/private/hal_power.te b/private/hal_power.te
deleted file mode 100644
index a564d40..0000000
--- a/private/hal_power.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# may be started by init
-init_daemon_domain(hal_power)
diff --git a/private/hal_power_default.te b/private/hal_power_default.te
new file mode 100644
index 0000000..e61375d
--- /dev/null
+++ b/private/hal_power_default.te
@@ -0,0 +1,4 @@
+type hal_power_default, hal_power, domain;
+type hal_power_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_power_default)
diff --git a/private/hal_thermal.te b/private/hal_thermal.te
deleted file mode 100644
index 2623e3f..0000000
--- a/private/hal_thermal.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# May be started by init
-init_daemon_domain(hal_thermal)
diff --git a/private/hal_thermal_default.te b/private/hal_thermal_default.te
new file mode 100644
index 0000000..a2ff70e
--- /dev/null
+++ b/private/hal_thermal_default.te
@@ -0,0 +1,4 @@
+type hal_thermal_default, hal_thermal, domain;
+type hal_thermal_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_thermal_default)
diff --git a/private/hal_vibrator.te b/private/hal_vibrator.te
deleted file mode 100644
index ceba155..0000000
--- a/private/hal_vibrator.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# may be started by init
-init_daemon_domain(hal_vibrator)
diff --git a/private/hal_vibrator_default.te b/private/hal_vibrator_default.te
new file mode 100644
index 0000000..e633953
--- /dev/null
+++ b/private/hal_vibrator_default.te
@@ -0,0 +1,4 @@
+type hal_vibrator_default, hal_vibrator, domain;
+type hal_vibrator_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_vibrator_default)
diff --git a/private/hal_vr.te b/private/hal_vr.te
deleted file mode 100644
index cc632f6..0000000
--- a/private/hal_vr.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# may be started by init
-init_daemon_domain(hal_vr)
diff --git a/private/hal_vr_default.te b/private/hal_vr_default.te
new file mode 100644
index 0000000..ba85157
--- /dev/null
+++ b/private/hal_vr_default.te
@@ -0,0 +1,4 @@
+type hal_vr_default, hal_vr, domain;
+type hal_vr_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_vr_default)
diff --git a/private/hal_wifi.te b/private/hal_wifi.te
deleted file mode 100644
index 7c1b7b6..0000000
--- a/private/hal_wifi.te
+++ /dev/null
@@ -1,3 +0,0 @@
-# type_transition must be private policy the domain_trans rules could stay
-# public, but conceptually should go with this
-init_daemon_domain(hal_wifi)
diff --git a/private/hal_wifi_default.te b/private/hal_wifi_default.te
new file mode 100644
index 0000000..a32a907
--- /dev/null
+++ b/private/hal_wifi_default.te
@@ -0,0 +1,4 @@
+type hal_wifi_default, hal_wifi, domain;
+type hal_wifi_default_exec, exec_type, file_type;
+
+init_daemon_domain(hal_wifi_default)