Merge "DiagnosticsTool permissions for accessing touch calibration interface" into udc-qpr-dev am: 8b350cc57d
Original change: https://googleplex-android-review.googlesource.com/c/device/google/shusky-sepolicy/+/24813119
Change-Id: Id1fdba7bbc23db1783c6b856fed5d1d9e7091e1c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/husky-sepolicy.mk b/husky-sepolicy.mk
index 1a8c79b..73742a8 100644
--- a/husky-sepolicy.mk
+++ b/husky-sepolicy.mk
@@ -1,3 +1,5 @@
# sepolicy exclusively for husky.
BOARD_SEPOLICY_DIRS += device/google/shusky-sepolicy/husky
+# unresolved SELinux error log with bug tracking
+BOARD_SEPOLICY_DIRS += device/google/shusky-sepolicy/tracking_denials
diff --git a/shiba-sepolicy.mk b/shiba-sepolicy.mk
index 23f811f..114c114 100644
--- a/shiba-sepolicy.mk
+++ b/shiba-sepolicy.mk
@@ -1,3 +1,5 @@
# sepolicy exclusively for shiba.
BOARD_SEPOLICY_DIRS += device/google/shusky-sepolicy/shiba
+# unresolved SELinux error log with bug tracking
+BOARD_SEPOLICY_DIRS += device/google/shusky-sepolicy/tracking_denials
diff --git a/tracking_denials/file.te b/tracking_denials/file.te
new file mode 100644
index 0000000..e348a15
--- /dev/null
+++ b/tracking_denials/file.te
@@ -0,0 +1,2 @@
+# b/301300623
+typeattribute sysfs_touch_gti mlstrustedobject;
diff --git a/tracking_denials/priv_app.te b/tracking_denials/priv_app.te
new file mode 100644
index 0000000..6e25d2e
--- /dev/null
+++ b/tracking_denials/priv_app.te
@@ -0,0 +1,4 @@
+# b/301300623
+allow priv_app app_api_service:service_manager find;
+allow priv_app sysfs_touch_gti:file rw_file_perms;
+allow priv_app sysfs_touch_gti:file { getattr open read write };
