Merge 8569f71b88fafd7061f120677e0bf446e4fc5ce1 on remote branch
Change-Id: I1c1e45d37872a1c5a0e8ff18582e942fbd7cb504
diff --git a/legacy/vendor/common/app.te b/legacy/vendor/common/app.te
index 684da80..b642238 100644
--- a/legacy/vendor/common/app.te
+++ b/legacy/vendor/common/app.te
@@ -24,6 +24,10 @@
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
#Allow all apps to open and send ioctl to qdsp device
allow appdomain qdsp_device:chr_file r_file_perms;
@@ -39,3 +43,6 @@
# Allow all apps to open and send ioctl to npu device
allow appdomain npu_device:chr_file r_file_perms;
+
+#Allow all apps to have read access to vendor_display_prop
+get_prop(appdomain, vendor_display_prop)
diff --git a/legacy/vendor/common/file.te b/legacy/vendor/common/file.te
index 23b8f12..17c5230 100644
--- a/legacy/vendor/common/file.te
+++ b/legacy/vendor/common/file.te
@@ -24,6 +24,10 @@
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
# Default type for anything under /firmware.
type firmware_file, file_type, contextmount_type, vendor_file_type;
@@ -419,3 +423,6 @@
#slub-debug
type sysfs_slab_zshandle_storeuser, fs_type, sysfs_type;
type sysfs_slab_zspage_storeuser, fs_type, sysfs_type;
+
+#ril socket
+type vendor_rild_socket, file_type;
diff --git a/legacy/vendor/common/file_contexts b/legacy/vendor/common/file_contexts
index f2a21c4..322175f 100644
--- a/legacy/vendor/common/file_contexts
+++ b/legacy/vendor/common/file_contexts
@@ -24,7 +24,10 @@
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
###################################
# Dev nodes
#
@@ -151,6 +154,7 @@
/dev/socket/rild3 u:object_r:rild_socket:s0
/dev/socket/rild3-debug u:object_r:rild_debug_socket:s0
/dev/socket/rild-debug3 u:object_r:rild_debug_socket:s0
+/dev/socket/qcrild(/.*)? u:object_r:vendor_rild_socket:s0
/dev/socket/msm_irqbalance u:object_r:vendor_msm_irqbalance_socket:s0
/dev/socket/mlid u:object_r:mlid_socket:s0
/dev/socket/ssgqmig u:object_r:ssgqmig_socket:s0
diff --git a/legacy/vendor/sdm660/hal_gnss_qti.te b/legacy/vendor/sdm660/hal_gnss_qti.te
new file mode 100644
index 0000000..6cdc4b8
--- /dev/null
+++ b/legacy/vendor/sdm660/hal_gnss_qti.te
@@ -0,0 +1,9 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# generic/vendor_hal_gnss_qti.te - generic sepolicy rules for vendor_location hidl
+
+#Allow Gnss HAL to access ril socket
+allow hal_gnss_qti vendor_rild_socket:dir search;
+allow hal_gnss_qti vendor_rild_socket:sock_file write;
+unix_socket_connect(hal_gnss_qti, rild, rild)
diff --git a/legacy/vendor/sdm660/location.te b/legacy/vendor/sdm660/location.te
new file mode 100644
index 0000000..077b165
--- /dev/null
+++ b/legacy/vendor/sdm660/location.te
@@ -0,0 +1,7 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# generic/vendor_location.te - sepolicy rules for generic vendor_location modules
+
+# allows location to access ssgtzd socket
+allow location ssgtzd_socket:sock_file write;
diff --git a/legacy/vendor/sdm660/location_app.te b/legacy/vendor/sdm660/location_app.te
index 0d0273b..6bf6da9 100644
--- a/legacy/vendor/sdm660/location_app.te
+++ b/legacy/vendor/sdm660/location_app.te
@@ -24,5 +24,10 @@
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
allow vendor_location_app sysfs_kgsl_gpu_model:file r_file_perms;
+dontaudit vendor_location_app default_android_service:service_manager {find};
diff --git a/legacy/vendor/sdm660/rild.te b/legacy/vendor/sdm660/rild.te
new file mode 100644
index 0000000..5facef3
--- /dev/null
+++ b/legacy/vendor/sdm660/rild.te
@@ -0,0 +1,8 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# rild.te - sepolicy rules for legacy ril module
+
+# allows rild to create rild0 and rild1 sockets
+allow rild vendor_rild_socket:dir w_dir_perms;
+allow rild vendor_rild_socket:sock_file create_file_perms;