sepolicy: Add spc service sepolicy

Change-Id: I17e184b2de250640c7e1fa5ca3363efaf39138b3
LineageOS · Jan 27, 2025 · 4fdf058 · 4fdf058
1 parent 3aee98f
commit 4fdf058
Show file tree

Hide file tree

Showing 7 changed files with 20 additions and 0 deletions.
diff --git a/sepolicy/qti/vendor/attributes b/sepolicy/qti/vendor/attributes
@@ -3,3 +3,4 @@ vendor_hal_attribute(disp)
 vendor_hal_attribute(idd)
 vendor_hal_attribute(miscta)
 vendor_hal_attribute(secd)
+vendor_hal_attribute(spc)
diff --git a/sepolicy/qti/vendor/file_contexts b/sepolicy/qti/vendor/file_contexts
@@ -34,6 +34,7 @@
 /(vendor|odm|vendor/odm)/bin/hw/vendor\.semc\.hardware\.display@(.*)?                          u:object_r:vendor_hal_disp_default_exec:s0
 /(vendor|odm|vendor/odm)/bin/hw/vendor\.semc\.hardware\.extlight-service\.somc                 u:object_r:hal_light_default_exec:s0
 /(vendor|odm|vendor/odm)/bin/hw/vendor\.semc\.hardware\.secd@1\.[0-9]-service                  u:object_r:vendor_hal_secd_default_exec:s0
+/(vendor|odm|vendor/odm)/bin/hw/vendor\.semc\.hardware\.spc-service                            u:object_r:vendor_hal_spc_default_exec:s0
 /(vendor|odm|vendor/odm)/bin/hw/vendor\.semc\.system\.idd@1\.[0-9]-service                     u:object_r:vendor_hal_idd_default_exec:s0
 /(vendor|odm|vendor/odm)/bin/hw/vendor\.somc\.hardware\.aidlmiscta-service\.somc               u:object_r:vendor_hal_miscta_default_exec:s0
 /(vendor|odm|vendor/odm)/bin/hw/vendor\.somc\.hardware\.camera\.provider@1\.0-service          u:object_r:hal_camera_default_exec:s0

diff --git a/sepolicy/qti/vendor/rild.te b/sepolicy/qti/vendor/rild.te
@@ -4,5 +4,7 @@ add_service(rild, somc_aidl_radio_service)
 unix_socket_connect(rild, tad, tad)
 
 binder_call(rild, vendor_hal_secd_default)
+binder_call(rild, vendor_hal_spc_default)
 
 allow rild vendor_hal_secd_hwservice:hwservice_manager find;
+allow rild vendor_hal_spc_service:service_manager find;
diff --git a/sepolicy/qti/vendor/service.te b/sepolicy/qti/vendor/service.te
@@ -2,3 +2,4 @@ type egis_diagnostic_service, service_manager_type;
 type hal_swiqi_service, service_manager_type, hal_service_type;
 type somc_aidl_radio_service, service_manager_type, hal_service_type;
 type vendor_hal_miscta_service, service_manager_type, hal_service_type;
+type vendor_hal_spc_service, service_manager_type, hal_service_type;
diff --git a/sepolicy/qti/vendor/service_contexts b/sepolicy/qti/vendor/service_contexts
@@ -1,6 +1,7 @@
 android.hardware.camera.provider.ICameraProvider/external/0        u:object_r:hal_camera_service:s0
 android.hardware.vibrator.IVibrator/dual                           u:object_r:hal_vibrator_service:s0
 vendor.nxp.nxpnfc_aidl.INxpNfc/default                             u:object_r:hal_nfc_service:s0
+vendor.semc.hardware.spc.ISpc/default                              u:object_r:vendor_hal_spc_service:s0
 vendor.semc.hardware.extlight.IExtLight/default                    u:object_r:hal_light_service:s0
 vendor.semc.hardware.fingerprint.IFingerprintDiagnostic/default    u:object_r:egis_diagnostic_service:s0
 vendor.somc.hardware.aidlmiscta.IMisctaGlobal/default              u:object_r:vendor_hal_miscta_service:s0

diff --git a/sepolicy/qti/vendor/vendor_hal_spc.te b/sepolicy/qti/vendor/vendor_hal_spc.te
@@ -0,0 +1,5 @@
+binder_call(vendor_hal_spc_client, vendor_hal_spc_server)
+binder_call(vendor_hal_spc_server, vendor_hal_spc_client)
+
+add_service(vendor_hal_spc_server, vendor_hal_spc_service)
+allow vendor_hal_spc_client vendor_hal_spc_service:service_manager find;
diff --git a/sepolicy/qti/vendor/vendor_hal_spc_default.te b/sepolicy/qti/vendor/vendor_hal_spc_default.te
@@ -0,0 +1,9 @@
+type vendor_hal_spc_default, domain;
+hal_server_domain(vendor_hal_spc_default, vendor_hal_spc)
+
+type vendor_hal_spc_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(vendor_hal_spc_default)
+
+binder_use(vendor_hal_spc_default)
+
+get_prop(vendor_hal_spc_default, vendor_tee_listener_prop)