sm6150-common: sepolicy: Import changes for Dolby Atmos

Change-Id: I6999d3a5c6edcf6f85ada7d0077149be639f814d
Signed-off-by: Mesquita <mesquita@aospa.co>
Signed-off-by: basamaryan <basam.aryan@gmail.com>
Signed-off-by: donjohanliebert <donjohanliebert@gmail.com>

sepolicy/vendor/attributes

@@ -0,0 +1,4 @@
+# HALs
+attribute hal_dms;
+attribute hal_dms_client;
+attribute hal_dms_server;

sepolicy/vendor/file_contexts

@@ -18,6 +18,7 @@
 
 # Data files
 /data/per_boot(/.*)?                                                 u:object_r:per_boot_file:s0
+/data/vendor/dolby(/.*)?                                             u:object_r:vendor_data_file:s0
 
 # Display
 /dev/xiaomi-touch                                                    u:object_r:touchfeature_device:s0
@@ -38,6 +39,7 @@
 
 # HALs
 /(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.3-service\.xiaomi u:object_r:hal_fingerprint_default_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.dolby\.hardware\.dms@2\.0-service   u:object_r:hal_dms_default_exec:s0
 /vendor/bin/hw/android\.hardware\.light-service\.xiaomi                    u:object_r:hal_light_default_exec:s0
 /vendor/bin/hw/vendor\.lineage\.livedisplay@2\.1-service\.xiaomi_sm6150    u:object_r:hal_lineage_livedisplay_qti_exec:s0
 /vendor/bin/hw/vendor\.xiaomi\.hardware\.motor@1\.0-service                u:object_r:hal_motor_default_exec:s0

sepolicy/vendor/hal_audio_default.te

@@ -10,3 +10,7 @@ get_prop(hal_audio_default, elliptic_ultrasound_prop)
 allow hal_audio_default audio_socket:sock_file rw_file_perms;
 
 dontaudit hal_audio_default sysfs:dir read;
+
+# Dolby
+allow hal_audio_default hal_dms_hwservice:hwservice_manager find;
+binder_call(hal_audio_default, hal_dms_default)

sepolicy/vendor/hal_dms.te

@@ -0,0 +1,6 @@
+# HwBinder IPC from client to server, and callbacks
+binder_call(hal_dms_client, hal_dms_server)
+binder_call(hal_dms_server, hal_dms_client)
+
+add_hwservice(hal_dms_server, hal_dms_hwservice)
+allow hal_dms_client hal_dms_hwservice:hwservice_manager find;

sepolicy/vendor/hal_dms_default.te

@@ -0,0 +1,10 @@
+type hal_dms_default, domain;
+hal_server_domain(hal_dms_default, hal_dms)
+type hal_dms_default_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(hal_dms_default)
+
+allow hal_dms_default vendor_data_file:file { rw_file_perms create unlink };
+allow hal_dms_default vendor_data_file:dir { rw_file_perms add_name remove_name };
+allow hal_dms_default mediacodec:binder call;
+binder_call(hal_dms_default, hal_audio_default)
+binder_call(hal_dms_default, platform_app)

sepolicy/vendor/hwservice.te

@@ -0,0 +1,2 @@
+# Dolby
+type hal_dms_hwservice, hwservice_manager_type;

sepolicy/vendor/hwservice_contexts

@@ -1,3 +1,4 @@
+vendor.dolby.hardware.dms::IDms u:object_r:hal_dms_hwservice:s0
 vendor.goodix.hardware.biometrics.fingerprint::IGoodixFingerprintDaemon u:object_r:hal_fingerprint_hwservice_xiaomi:s0
 vendor.sw.swfingerprint::ISwfingerprint u:object_r:hal_swfingerprint_hwservice:s0
 vendor.xiaomi.hardware.fingerprintextension::IXiaomiFingerprint u:object_r:hal_fingerprint_hwservice_xiaomi:s0

sepolicy/vendor/mediacodec.te

@@ -0,0 +1,5 @@
+allow mediacodec hal_dms_hwservice:hwservice_manager find;
+binder_call(mediacodec, hal_dms_default)
+
+allow mediacodec hal_dms_default:binder { call transfer };
+allow mediacodec hal_dms_server:binder { call transfer };