diff --git a/touch/twoshay/sepolicy/device.te b/touch/twoshay/sepolicy/device.te new file mode 100644 index 0000000..d3ce622 --- /dev/null +++ b/touch/twoshay/sepolicy/device.te @@ -0,0 +1 @@ +type touch_offload_device, dev_type; diff --git a/touch/twoshay/sepolicy/dumpstate.te b/touch/twoshay/sepolicy/dumpstate.te new file mode 100644 index 0000000..90f14b8 --- /dev/null +++ b/touch/twoshay/sepolicy/dumpstate.te @@ -0,0 +1,2 @@ +allow dumpstate touch_context_service:service_manager find; +binder_call(dumpstate, twoshay) diff --git a/touch/twoshay/sepolicy/file_contexts b/touch/twoshay/sepolicy/file_contexts new file mode 100644 index 0000000..09728be --- /dev/null +++ b/touch/twoshay/sepolicy/file_contexts @@ -0,0 +1,2 @@ +/dev/touch_offload u:object_r:touch_offload_device:s0 +/vendor/bin/twoshay u:object_r:twoshay_exec:s0 diff --git a/touch/twoshay/sepolicy/hal_dumpstate_default.te b/touch/twoshay/sepolicy/hal_dumpstate_default.te new file mode 100644 index 0000000..81edc36 --- /dev/null +++ b/touch/twoshay/sepolicy/hal_dumpstate_default.te @@ -0,0 +1,2 @@ +allow hal_dumpstate_default touch_context_service:service_manager find; +binder_call(hal_dumpstate_default, twoshay) diff --git a/touch/twoshay/sepolicy/platform_app.te b/touch/twoshay/sepolicy/platform_app.te new file mode 100644 index 0000000..ac997a9 --- /dev/null +++ b/touch/twoshay/sepolicy/platform_app.te @@ -0,0 +1,4 @@ +allow platform_app gril_antenna_tuning_service:service_manager find; +allow platform_app screen_protector_detector_service:service_manager find; +allow platform_app touch_context_service:service_manager find; +binder_call(platform_app, twoshay) diff --git a/touch/twoshay/sepolicy/service.te b/touch/twoshay/sepolicy/service.te new file mode 100644 index 0000000..4aa064d --- /dev/null +++ b/touch/twoshay/sepolicy/service.te @@ -0,0 +1,3 @@ +type gril_antenna_tuning_service, service_manager_type, hal_service_type; +type screen_protector_detector_service, service_manager_type, hal_service_type; +type touch_context_service, service_manager_type, hal_service_type; diff --git a/touch/twoshay/sepolicy/service_contexts b/touch/twoshay/sepolicy/service_contexts new file mode 100644 index 0000000..f6aa1db --- /dev/null +++ b/touch/twoshay/sepolicy/service_contexts @@ -0,0 +1,3 @@ +com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0 +com.google.input.algos.gril.IGrilAntennaTuningService/default u:object_r:gril_antenna_tuning_service:s0 +com.google.input.algos.spd.IScreenProtectorDetectorService/default u:object_r:screen_protector_detector_service:s0 diff --git a/touch/twoshay/sepolicy/touchflow_debug/file_contexts b/touch/twoshay/sepolicy/touchflow_debug/file_contexts new file mode 100644 index 0000000..17dfe62 --- /dev/null +++ b/touch/twoshay/sepolicy/touchflow_debug/file_contexts @@ -0,0 +1,2 @@ +/vendor/bin/hw/android\.hardware\.input\.processor-reflector u:object_r:hal_input_processor_default_exec:s0 +/vendor/bin/twoshay_touchflow u:object_r:twoshay_exec:s0 diff --git a/touch/twoshay/sepolicy/twoshay.te b/touch/twoshay/sepolicy/twoshay.te new file mode 100644 index 0000000..cd317a0 --- /dev/null +++ b/touch/twoshay/sepolicy/twoshay.te @@ -0,0 +1,27 @@ +type twoshay, domain; +type twoshay_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(twoshay) + +allow twoshay touch_offload_device:chr_file rw_file_perms; +allow twoshay twoshay:capability sys_nice; + +binder_use(twoshay) +add_service(twoshay, gril_antenna_tuning_service) +add_service(twoshay, screen_protector_detector_service) +add_service(twoshay, touch_context_service) + +binder_call(twoshay, platform_app) + +allow twoshay fwk_stats_service:service_manager find; +binder_call(twoshay, stats_service_server) + +# Allow dumpsys output in bugreports. +allow twoshay dumpstate:fd use; +allow twoshay dumpstate:fifo_file write; + +# b/198755236 +dontaudit twoshay twoshay:capability dac_override; + +# b/226830650 +dontaudit twoshay boot_status_prop:file read; diff --git a/touch/twoshay/twoshay.mk b/touch/twoshay/twoshay.mk new file mode 100644 index 0000000..20bf1ba --- /dev/null +++ b/touch/twoshay/twoshay.mk @@ -0,0 +1,3 @@ +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/touch/twoshay/sepolicy +PRODUCT_PACKAGES += twoshay +PRODUCT_SOONG_NAMESPACES += vendor/google/input/twoshay