Merge 8569f71b88fafd7061f120677e0bf446e4fc5ce1 on remote branch

Change-Id: I1c1e45d37872a1c5a0e8ff18582e942fbd7cb504
diff --git a/legacy/vendor/common/app.te b/legacy/vendor/common/app.te
index 684da80..b642238 100644
--- a/legacy/vendor/common/app.te
+++ b/legacy/vendor/common/app.te
@@ -24,6 +24,10 @@
 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
 
 #Allow all apps to open and send ioctl to qdsp device
 allow appdomain qdsp_device:chr_file r_file_perms;
@@ -39,3 +43,6 @@
 
 # Allow all apps to open and send ioctl to npu device
 allow appdomain npu_device:chr_file r_file_perms;
+
+#Allow all apps to have read access to vendor_display_prop
+get_prop(appdomain, vendor_display_prop)
diff --git a/legacy/vendor/common/file.te b/legacy/vendor/common/file.te
index 23b8f12..17c5230 100644
--- a/legacy/vendor/common/file.te
+++ b/legacy/vendor/common/file.te
@@ -24,6 +24,10 @@
 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
 
 # Default type for anything under /firmware.
 type firmware_file,  file_type, contextmount_type, vendor_file_type;
@@ -419,3 +423,6 @@
 #slub-debug
 type sysfs_slab_zshandle_storeuser, fs_type, sysfs_type;
 type sysfs_slab_zspage_storeuser, fs_type, sysfs_type;
+
+#ril socket
+type vendor_rild_socket, file_type;
diff --git a/legacy/vendor/common/file_contexts b/legacy/vendor/common/file_contexts
index f2a21c4..322175f 100644
--- a/legacy/vendor/common/file_contexts
+++ b/legacy/vendor/common/file_contexts
@@ -24,7 +24,10 @@
 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
 ###################################
 # Dev nodes
 #
@@ -151,6 +154,7 @@
 /dev/socket/rild3                               u:object_r:rild_socket:s0
 /dev/socket/rild3-debug                         u:object_r:rild_debug_socket:s0
 /dev/socket/rild-debug3                         u:object_r:rild_debug_socket:s0
+/dev/socket/qcrild(/.*)?                        u:object_r:vendor_rild_socket:s0
 /dev/socket/msm_irqbalance                      u:object_r:vendor_msm_irqbalance_socket:s0
 /dev/socket/mlid                                u:object_r:mlid_socket:s0
 /dev/socket/ssgqmig                             u:object_r:ssgqmig_socket:s0
diff --git a/legacy/vendor/sdm660/hal_gnss_qti.te b/legacy/vendor/sdm660/hal_gnss_qti.te
new file mode 100644
index 0000000..6cdc4b8
--- /dev/null
+++ b/legacy/vendor/sdm660/hal_gnss_qti.te
@@ -0,0 +1,9 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# generic/vendor_hal_gnss_qti.te - generic sepolicy rules for vendor_location hidl
+
+#Allow Gnss HAL to access ril socket
+allow hal_gnss_qti vendor_rild_socket:dir search;
+allow hal_gnss_qti vendor_rild_socket:sock_file write;
+unix_socket_connect(hal_gnss_qti, rild, rild)
diff --git a/legacy/vendor/sdm660/location.te b/legacy/vendor/sdm660/location.te
new file mode 100644
index 0000000..077b165
--- /dev/null
+++ b/legacy/vendor/sdm660/location.te
@@ -0,0 +1,7 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# generic/vendor_location.te - sepolicy rules for generic vendor_location modules
+
+# allows location to access ssgtzd socket
+allow location ssgtzd_socket:sock_file write;
diff --git a/legacy/vendor/sdm660/location_app.te b/legacy/vendor/sdm660/location_app.te
index 0d0273b..6bf6da9 100644
--- a/legacy/vendor/sdm660/location_app.te
+++ b/legacy/vendor/sdm660/location_app.te
@@ -24,5 +24,10 @@
 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+#
+# Changes from Qualcomm Innovation Center are provided under the following license:
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
 
 allow vendor_location_app sysfs_kgsl_gpu_model:file r_file_perms;
+dontaudit vendor_location_app default_android_service:service_manager {find};
diff --git a/legacy/vendor/sdm660/rild.te b/legacy/vendor/sdm660/rild.te
new file mode 100644
index 0000000..5facef3
--- /dev/null
+++ b/legacy/vendor/sdm660/rild.te
@@ -0,0 +1,8 @@
+# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+# rild.te - sepolicy rules for legacy ril module
+
+# allows rild to create rild0 and rild1 sockets
+allow rild vendor_rild_socket:dir w_dir_perms;
+allow rild vendor_rild_socket:sock_file create_file_perms;