commit eacb1095a850d46ef573550445c4ebd114923bb5
author Changyeon Jo <changyeon@google.com> Thu Feb 10 14:09:02 2022 +0000
committer Changyeon Jo <changyeon@google.com> Thu Feb 10 17:21:54 2022 +0000
tree 93ffa95d737beaa57abcf693aee552a9c35ce7ff
parent 8c12609bceef06fdc045729ad5bf3b07efb56e97

Revert^2 "Updates sepolicy for EVS HAL"

418f41ad13eced0ad509e7315af1b26cfa3eca8c

Bug: 216727303
Test: m -j selinux_policy on failed targets reported
      in b/218802298
Change-Id: Iec8fd2a1e9073bf3dc679e308407572a8fcf44d9

private/automotive_display_service.te

diff --git a/private/automotive_display_service.te b/private/automotive_display_service.te
index c909986..db20696 100644
--- a/private/automotive_display_service.te
+++ b/private/automotive_display_service.te
@@ -39,3 +39,6 @@
 
 # Allow to add a service to the servicemanager
 add_service(automotive_display_service, fwk_automotive_display_service);
+
+# Allow to communicate with EVS services
+binder_call(automotive_display_service, hal_evs)

private/compat/32.0/32.0.ignore.cil

diff --git a/private/compat/32.0/32.0.ignore.cil b/private/compat/32.0/32.0.ignore.cil
index d1ff7cd..d146ae3 100644
--- a/private/compat/32.0/32.0.ignore.cil
+++ b/private/compat/32.0/32.0.ignore.cil
@@ -27,6 +27,7 @@
     gesture_prop
     hal_contexthub_service
     hal_camera_service
+    hal_evs_service
     hal_dice_service
     hal_drm_service
     hal_dumpstate_service

private/service_contexts

diff --git a/private/service_contexts b/private/service_contexts
index dfd7795..4fb4b29 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -1,4 +1,6 @@
 android.hardware.authsecret.IAuthSecret/default                      u:object_r:hal_authsecret_service:s0
+android.hardware.automotive.evs.IEvsEnumerator/hw/0                  u:object_r:hal_evs_service:s0
+android.hardware.automotive.evs.IEvsEnumerator/hw/1                  u:object_r:hal_evs_service:s0
 android.hardware.automotive.vehicle.IVehicle/default                 u:object_r:hal_vehicle_service:s0
 android.hardware.automotive.audiocontrol.IAudioControl/default       u:object_r:hal_audiocontrol_service:s0
 android.hardware.biometrics.face.IFace/default                       u:object_r:hal_face_service:s0

private/surfaceflinger.te

diff --git a/private/surfaceflinger.te b/private/surfaceflinger.te
index 1c7f657..bc7543b 100644
--- a/private/surfaceflinger.te
+++ b/private/surfaceflinger.te
@@ -125,6 +125,9 @@
 # TODO(146461633): remove this once native pullers talk to StatsManagerService
 binder_call(surfaceflinger, statsd);
 
+# Allow to use files supplied by hal_evs
+allow surfaceflinger hal_evs:fd use;
+
 # Allow pushing jank event atoms to statsd
 userdebug_or_eng(`
     unix_socket_send(surfaceflinger, statsdw, statsd)