From 5d0056c14235821c2409b56733695d968cb4b393 Mon Sep 17 00:00:00 2001
From: Cosmin Tanislav <demonsingur@gmail.com>
Date: Fri, 10 Sep 2021 02:24:56 +0300
Subject: [PATCH] sm8350-common: sepolicy: add inscreen fingerprint rules

---
 sepolicy/vendor/file_contexts              | 5 +++++
 sepolicy/vendor/hal_lineage_fod_default.te | 9 +++++++++
 2 files changed, 14 insertions(+)
 create mode 100644 sepolicy/vendor/hal_lineage_fod_default.te

diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index 7a1ee50..51b7e09 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -3,5 +3,10 @@
 /vendor/bin/batterysecret		u:object_r:batterysecret_exec:s0
 /mnt/vendor/persist/subsys(/.*)?                u:object_r:persist_subsys_file:s0
 
+# FOD
+/vendor/bin/hw/vendor\.lineage\.biometrics\.fingerprint\.inscreen@1.0-service\.xiaomi_sm8350            u:object_r:hal_lineage_fod_default_exec:s0
+/sys/devices/platform/soc/soc:qcom,dsi-display-primary/fod_hbm     u:object_r:vendor_sysfs_fod:s0
+/sys/devices/virtual/touch/tp_dev/fod_status                       u:object_r:vendor_sysfs_fod:s0
+
 # Power HAL
 /vendor/bin/hw/android\.hardware\.power@1\.3-service\.xiaomi_sm8350                                     u:object_r:hal_power_default_exec:s0
diff --git a/sepolicy/vendor/hal_lineage_fod_default.te b/sepolicy/vendor/hal_lineage_fod_default.te
new file mode 100644
index 0000000..4198197
--- /dev/null
+++ b/sepolicy/vendor/hal_lineage_fod_default.te
@@ -0,0 +1,9 @@
+type vendor_sysfs_fod, sysfs_type, fs_type;
+
+allow hal_lineage_fod_default vendor_sysfs_fod:file rw_file_perms;
+allow hal_lineage_fod_default vendor_sysfs_graphics:dir r_dir_perms;
+allow hal_lineage_fod_default vendor_sysfs_graphics:file rw_file_perms;
+
+binder_call(hal_lineage_fod_default, hal_fingerprint_default)
+
+hal_client_domain(hal_lineage_fod_default, hal_fingerprint)
-- 
GitLab