diff --git a/sepolicy/vendor/capsense_reset.te b/sepolicy/vendor/capsense_reset.te new file mode 100644 index 0000000..09c1657 --- /dev/null +++ b/sepolicy/vendor/capsense_reset.te @@ -0,0 +1,12 @@ +type capsense_reset, domain; +type capsense_reset_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(capsense_reset) + +# Write to /dev/kmsg +allow capsense_reset kmsg_device:chr_file rw_file_perms; + +allow capsense_reset input_device:dir r_dir_perms; +allow capsense_reset input_device:chr_file r_file_perms; + +allow capsense_reset vendor_sysfs_sensors:dir r_dir_perms; +allow capsense_reset vendor_sysfs_sensors:file rw_file_perms; diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index d187350..8a3fe65 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -35,6 +35,9 @@ /sys/devices/virtual/input/input[0-9]+/offset u:object_r:vendor_sysfs_laser:s0 /sys/devices/virtual/input/input[0-9]+/xtalk u:object_r:vendor_sysfs_laser:s0 +# Capsense +/(vendor|system/vendor)/bin/capsense_reset u:object_r:capsense_reset_exec:s0 + # Charger /data/vendor/chargeonly(/.*)? u:object_r:chargeonly_vendor_data_file:s0 /(mnt/vendor/persist|persist)/chargeonly(/.*)? u:object_r:persist_chargeonly_file:s0 diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts index 46b4a49..3a04794 100644 --- a/sepolicy/vendor/genfs_contexts +++ b/sepolicy/vendor/genfs_contexts @@ -1,3 +1,6 @@ +# Capsense +genfscon sysfs /class/capsense u:object_r:vendor_sysfs_sensors:s0 + # Fingerprint genfscon sysfs /devices/platform/egis_input u:object_r:vendor_sysfs_fingerprint:s0 genfscon sysfs /devices/platform/egis_input/navigation_enable u:object_r:vendor_sysfs_fingerprint:s0