Allow init-gadgethal to set permission for USB HAL
Bug: 154895956
Bug: 154895957
Test: check permission setting
Change-Id: I5a4519400fddfee8b453c080c41a08eebde456f7
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts
index 91705b2..7147e8b 100644
--- a/vendor/google/file_contexts
+++ b/vendor/google/file_contexts
@@ -50,6 +50,7 @@
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.fpc u:object_r:hal_fingerprint_default_exec:s0
/vendor/bin/init\.qti\.chg_policy\.sh u:object_r:init_qti_chg_policy_exec:s0
/vendor/bin/init\.modem\.sh u:object_r:init_modem_exec:s0
+/vendor/bin/init\.gadgethal\.sh u:object_r:init_gadgethal_exec:s0
/mnt/vendor/persist/battery(/.*)? u:object_r:persist_battery_file:s0
/mnt/vendor/persist/haptics(/.*)? u:object_r:persist_haptics_file:s0
diff --git a/vendor/google/init_gadgethal.te b/vendor/google/init_gadgethal.te
new file mode 100644
index 0000000..b59e17a
--- /dev/null
+++ b/vendor/google/init_gadgethal.te
@@ -0,0 +1,11 @@
+type init_gadgethal, domain;
+type init_gadgethal_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(init_gadgethal)
+
+allow init_gadgethal vendor_toolbox_exec:file execute_no_trans;
+
+allow init_gadgethal configfs:dir create_dir_perms;
+allow init_gadgethal configfs:file { read setattr getattr };
+allow init_gadgethal configfs:lnk_file { read setattr getattr };
+allow init_gadgethal self:capability chown;
