From a7f57c0aa496d4c2d143102ea7d8219e1f73cea2 Mon Sep 17 00:00:00 2001
From: Anand S <anandzzz360@gmail.com>
Date: Sat, 10 Aug 2024 20:16:00 +0530
Subject: [PATCH] sm6375-common: sepolicy: Allow binder calls from fp hal to
 health hal

* I health@2.1-serv: type=1400 audit(0.0:860): avc:  denied  { call } for  scontext=u:r:hal_health_default:s0 tcontext=u:r:hal_fingerprint_default:s0 tclass=binder permissive=0

Change-Id: Ifc834b3ef0f07ebf94ecb1f3c7163f8b9959b0f1
---
 sepolicy/vendor/hal_fingerprint_default.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sepolicy/vendor/hal_fingerprint_default.te b/sepolicy/vendor/hal_fingerprint_default.te
index 82c3465..07cb76d 100644
--- a/sepolicy/vendor/hal_fingerprint_default.te
+++ b/sepolicy/vendor/hal_fingerprint_default.te
@@ -20,6 +20,7 @@ allow hal_fingerprint_default vendor_data_tzstorage_file:dir rw_dir_perms;
 allow hal_fingerprint_default vendor_data_tzstorage_file:file create_file_perms;
 
 binder_call(hal_fingerprint_default, hal_fingerprint_default)
+binder_call(hal_fingerprint_default, hal_health_default)
 binder_call(hal_fingerprint_default, vendor_hal_perf_default)
 
 allow hal_fingerprint_default vendor_hal_perf_hwservice:hwservice_manager find;