Add sepolicy for biometric fingerprint virtual hal Bug: 326227403 Test: atest BiometricsE2eTests:BiometricPromptAuthSuccessTest -c Change-Id: I35eb767db4e5ff0a1c748b7c98d7a8b48ba782d4

commit: 89eb05f5529e3a7ce79510fd69a6603e64c46475 [log] [tgz]
author: Jeff Pu <jeffpu@google.com> Wed Sep 04 19:59:32 2024 -0400
committer: Jeff Pu <jeffpu@google.com> Wed Sep 04 21:53:02 2024 -0400
tree: 713bc639c6e064ceacee26d37de021fa7909e2af
parent: 6faa2e157508422482e8436b4848dd2c81a2c4f3 [diff]
diff --git a/private/compat/202404/202404.ignore.cil b/private/compat/202404/202404.ignore.cil
index bd9bc84..710c8cc 100644
--- a/private/compat/202404/202404.ignore.cil
+++ b/private/compat/202404/202404.ignore.cil

@@ -15,4 +15,6 @@
     supervision_service
     sysfs_udc
     app_function_service
+    virtual_fingerprint
+    virtual_fingerprint_exec
   ))

diff --git a/private/hal_fingerprint.te b/private/hal_fingerprint.te
index a1d68be..3295cc7 100644
--- a/private/hal_fingerprint.te
+++ b/private/hal_fingerprint.te

@@ -15,6 +15,6 @@
 
 r_dir_file(hal_fingerprint, cgroup)
 r_dir_file(hal_fingerprint, cgroup_v2)
-r_dir_file(hal_fingerprint, sysfs)
+r_dir_file({hal_fingerprint -coredomain}, sysfs)
 
 

diff --git a/private/service_contexts b/private/service_contexts
index 71abb42..5fdae3c 100644
--- a/private/service_contexts
+++ b/private/service_contexts

@@ -28,6 +28,7 @@
 android.hardware.biometrics.face.IFace/virtual                       u:object_r:hal_face_service:s0
 android.hardware.biometrics.fingerprint.IFingerprint/default         u:object_r:hal_fingerprint_service:s0
 android.hardware.biometrics.fingerprint.IFingerprint/virtual         u:object_r:hal_fingerprint_service:s0
+android.hardware.biometrics.fingerprint.virtualhal.IVirtualHal/virtual u:object_r:hal_fingerprint_service:s0
 android.hardware.bluetooth.IBluetoothHci/default                     u:object_r:hal_bluetooth_service:s0
 android.hardware.bluetooth.finder.IBluetoothFinder/default           u:object_r:hal_bluetooth_service:s0
 is_flag_enabled(RELEASE_HARDWARE_BLUETOOTH_RANGING_SERVICE, `

diff --git a/private/virtual_fingerprint.te b/private/virtual_fingerprint.te
new file mode 100644
index 0000000..61bff28
--- /dev/null
+++ b/private/virtual_fingerprint.te

@@ -0,0 +1,7 @@
+# biometric virtual fingerprint sensor
+type virtual_fingerprint, domain;
+type virtual_fingerprint_exec, system_file_type, exec_type, file_type;
+hal_server_domain(virtual_fingerprint, hal_fingerprint)
+typeattribute virtual_fingerprint coredomain;
+init_daemon_domain(virtual_fingerprint)
+set_prop(virtual_fingerprint, virtual_fingerprint_hal_prop)
commit	89eb05f5529e3a7ce79510fd69a6603e64c46475	[log] [tgz]
author	Jeff Pu <jeffpu@google.com>	Wed Sep 04 19:59:32 2024 -0400
committer	Jeff Pu <jeffpu@google.com>	Wed Sep 04 21:53:02 2024 -0400
tree	713bc639c6e064ceacee26d37de021fa7909e2af
parent	6faa2e157508422482e8436b4848dd2c81a2c4f3 [diff]