summaryrefslogtreecommitdiff
path: root/whitechapel/vendor/google/hal_sensors_default.te
diff options
context:
space:
mode:
Diffstat (limited to 'whitechapel/vendor/google/hal_sensors_default.te')
-rw-r--r--whitechapel/vendor/google/hal_sensors_default.te24
1 files changed, 24 insertions, 0 deletions
diff --git a/whitechapel/vendor/google/hal_sensors_default.te b/whitechapel/vendor/google/hal_sensors_default.te
new file mode 100644
index 0000000..57763d1
--- /dev/null
+++ b/whitechapel/vendor/google/hal_sensors_default.te
@@ -0,0 +1,24 @@
+#
+# USF sensor HAL SELinux type enforcements.
+#
+
+# Allow reading of camera persist files.
+r_dir_file(hal_sensors_default, persist_camera_file)
+
+# Allow access to the files of CDT information.
+r_dir_file(hal_sensors_default, sysfs_chosen)
+
+# Allow access for dynamic sensor properties.
+get_prop(hal_sensors_default, vendor_dynamic_sensor_prop)
+
+# Allow access to raw HID devices for dynamic sensors.
+allow hal_sensors_default hidraw_device:chr_file rw_file_perms;
+
+# Allow sensor HAL to access the display service HAL
+allow hal_sensors_default hal_pixel_display_service:service_manager find;
+
+# Allow sensor HAL to access the graphics composer.
+binder_call(hal_sensors_default, hal_graphics_composer_default)
+
+# Allow access to the power supply files for MagCC.
+allow hal_sensors_default sysfs_wlc:dir r_dir_perms;
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-06 07:09:29 +0000