From 1f52307ccbfa970b0eb01aa08317c0544b41f79e Mon Sep 17 00:00:00 2001
From: "Kevin F. Haggerty" <haggertk@lineageos.org>
Date: Wed, 14 Nov 2018 20:08:14 -0700
Subject: [PATCH] msm8974-common: sepolicy: Label sysfs_sensors, resolve
 denials

* avc: denied { read } for name="ssp_sensor" dev="sysfs" ino=27809
  scontext=u:r:init:s0 tcontext=u:object_r:sysfs_sensors:s0
  tclass=lnk_file permissive=1
* avc: denied { setattr } for name="temperature" dev="sysfs" ino=10861
  scontext=u:r:init:s0 tcontext=u:object_r:sysfs_sensors:s0
  tclass=file permissive=0

Change-Id: I2e4a436704ed019af153da880d7becbde4b0ab11
---
 sepolicy/common/file_contexts | 3 +++
 sepolicy/common/init.te       | 2 ++
 2 files changed, 5 insertions(+)

diff --git a/sepolicy/common/file_contexts b/sepolicy/common/file_contexts
index b0dd684..41993b2 100644
--- a/sepolicy/common/file_contexts
+++ b/sepolicy/common/file_contexts
@@ -82,3 +82,6 @@
 /sys/devices/virtual/sec/sec_touchkey(/.*)?             u:object_r:sysfs_sec_touchkey:s0
 /sys/devices/virtual/sec/switch(/.*)?                   u:object_r:sysfs_sec_switch:s0
 /sys/devices/virtual/sec/tsp(/.*)?                      u:object_r:sysfs_sec_tsp:s0
+
+# sysfs - sensors
+/sys/devices/virtual/sensors(/.*)?                      u:object_r:sysfs_sensors:s0
diff --git a/sepolicy/common/init.te b/sepolicy/common/init.te
index 08935c1..3ae4c48 100644
--- a/sepolicy/common/init.te
+++ b/sepolicy/common/init.te
@@ -1,6 +1,7 @@
 allow init {
     sysfs_iio
     sysfs_sec_tsp
+    sysfs_sensors
 }:lnk_file read;
 
 allow init sysfs_input:file rw_file_perms;
@@ -24,6 +25,7 @@ allow init {
     sysfs_sec_thermistor
     sysfs_sec_touchkey
     sysfs_sec_tsp
+    sysfs_sensors
 }:file setattr;
 
 allow init {