Merge ab/6749736 in stage.

Bug: 167233921
Merged-In: I084e1ce2f7e37043485d67eca211a2bafc57c1d4
Change-Id: I39678cb2ee2352f49481fadc25a6244f990401b4
diff --git a/common/init-insmod-sh.te b/common/init-insmod-sh.te
index de1d408..16bc87c 100644
--- a/common/init-insmod-sh.te
+++ b/common/init-insmod-sh.te
@@ -8,6 +8,10 @@
 allow init-insmod-sh vendor_kernel_modules:system module_load;
 allow init-insmod-sh kernel:key search;
 
+# modprobe needs sys_nice and setsched for driver threads
+allow init-insmod-sh self:capability sys_nice;
+allow init-insmod-sh kernel:process setsched;
+
 # modprobe need proc_modules
 allow init-insmod-sh proc_modules:file r_file_perms;
 
diff --git a/flipendo/flipendo.te b/flipendo/flipendo.te
new file mode 100644
index 0000000..cdcffb2
--- /dev/null
+++ b/flipendo/flipendo.te
@@ -0,0 +1,17 @@
+type flipendo, domain, coredomain;
+
+app_domain(flipendo)
+
+# Access to Westworld logging service
+allow flipendo fwk_stats_hwservice:hwservice_manager find;
+binder_call(flipendo, stats_service_server)
+
+binder_call(flipendo, gpuservice)
+
+allow flipendo app_api_service:service_manager find;
+
+# Allows Flipendo to change app saturation
+allow flipendo color_display_service:service_manager find;
+
+# Access to PowerHal service
+hal_client_domain(flipendo, hal_power);
diff --git a/flipendo/seapp_contexts b/flipendo/seapp_contexts
new file mode 100644
index 0000000..773a179
--- /dev/null
+++ b/flipendo/seapp_contexts
@@ -0,0 +1,2 @@
+# Domain for Flipendo
+user=_app seinfo=platform name=com.google.android.flipendo domain=flipendo type=app_data_file levelFrom=all
\ No newline at end of file