Fix FPS hwservice sepolicy issue

 avc:  denied  { find } for interface=com.fingerprints42.extension::IFingerprintEngineering sid=u:r:hal_fingerprint_capacitance:s0 pid=895 scontext=u:r:hal_fingerprint_capacitance:s0 tcontext=u:object_r:default_android_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 253533883
Test: make selinux_policy -j128
Change-Id: I745e01fa2337843a8f16dadb71a07706a6681284

3 files changed, 7 insertions, 0 deletions

diff --git a/fingerprint_capacitance/hal_fingerprint_capacitance.te b/fingerprint_capacitance/hal_fingerprint_capacitance.te
index 23b31e4..8cc623f 100644
--- a/fingerprint_capacitance/hal_fingerprint_capacitance.te
+++ b/fingerprint_capacitance/hal_fingerprint_capacitance.te
@@ -22,3 +22,7 @@ allow hal_fingerprint_capacitance fwk_stats_service:service_manager find;
 # allow fingerprint to access input_device
 allow hal_fingerprint_capacitance input_device:dir r_dir_perms;
 allow hal_fingerprint_capacitance input_device:chr_file rw_file_perms;
+
+# allow fingerprint to access hwservice
+hwbinder_use(hal_fingerprint_capacitance)
+add_hwservice(hal_fingerprint_capacitance, hal_fingerprint_capacitance_ext_hwservice)
diff --git a/fingerprint_capacitance/hwservice.te b/fingerprint_capacitance/hwservice.te
new file mode 100644
index 0000000..68c51ab
--- /dev/null
+++ b/fingerprint_capacitance/hwservice.te
@@ -0,0 +1 @@
+type hal_fingerprint_capacitance_ext_hwservice, hwservice_manager_type;
diff --git a/fingerprint_capacitance/hwservice_contexts b/fingerprint_capacitance/hwservice_contexts
new file mode 100644
index 0000000..ed09300
--- /dev/null
+++ b/fingerprint_capacitance/hwservice_contexts
@@ -0,0 +1,2 @@
+com.fingerprints42.extension::IFingerprintEngineering  u:object_r:hal_fingerprint_capacitance_ext_hwservice:s0
+com.fingerprints42.extension::IFingerprintSensorTest   u:object_r:hal_fingerprint_capacitance_ext_hwservice:s0