From 2e50fd967ff0ae2f91de2ea02323ce306f33290d Mon Sep 17 00:00:00 2001
From: Andrew Scull <ascull@google.com>
Date: Tue, 14 Mar 2017 11:28:26 +0000
Subject: [PATCH] Add eSE daemon.

It managed the eSE by accessing the driver through the /dev/pn81a node.

Test: Boot brings up esed which connects to the eSE.
Bug: 35628284
Change-Id: I6fa3384169adb60095585856accd53bc61d06cf4
---
 device.mk              | 4 ++++
 sepolicy/device.te     | 1 +
 sepolicy/esed.te       | 6 ++++++
 sepolicy/file_contexts | 2 ++
 ueventd.hardware.rc    | 3 +++
 5 files changed, 16 insertions(+)
 create mode 100644 sepolicy/esed.te

diff --git a/device.mk b/device.mk
index 6a72f2c8..d1ec49ba 100644
--- a/device.mk
+++ b/device.mk
@@ -240,6 +240,10 @@ PRODUCT_PACKAGES += \
     android.hardware.light@2.0-impl \
     android.hardware.light@2.0-service
 
+# eSE applet HALs
+PRODUCT_PACKAGES += \
+    esed
+
 # gatekeeper HAL
 PRODUCT_PACKAGES +=                         \
     android.hardware.gatekeeper@1.0-impl    \
diff --git a/sepolicy/device.te b/sepolicy/device.te
index d5e6d7e0..4e34a6a7 100644
--- a/sepolicy/device.te
+++ b/sepolicy/device.te
@@ -8,6 +8,7 @@ type easel_device, dev_type;
 type hbtp_device, dev_type;
 type ipa_dev, dev_type;
 type modem_block_device, dev_type;
+type pn81a_device, dev_type;
 type qsee_ipc_irq_spss_device, dev_type;
 type qdsp_device, dev_type, mlstrustedobject;
 type ramdump_device, dev_type;
diff --git a/sepolicy/esed.te b/sepolicy/esed.te
new file mode 100644
index 00000000..99708214
--- /dev/null
+++ b/sepolicy/esed.te
@@ -0,0 +1,6 @@
+type esed, domain;
+type esed_exec, exec_type, file_type;
+
+allow esed pn81a_device:chr_file rw_file_perms;
+
+init_daemon_domain(esed)
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 4cc7c49c..a4b6506b 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -32,6 +32,7 @@
 /dev/sensors                                    u:object_r:sensors_device:s0
 /dev/mnh_sm                                     u:object_r:easel_device:s0
 /dev/easelcomm-client                           u:object_r:easel_device:s0
+/dev/pn81a                                      u:object_r:pn81a_device:s0
 
 # dev socket nodes
 /dev/socket/chre                                u:object_r:chre_socket:s0
@@ -181,6 +182,7 @@
 /vendor/bin/imscmservice        u:object_r:imscm_exec:s0
 /vendor/bin/qmuxd               u:object_r:qmuxd_exec:s0
 /vendor/bin/cnd                 u:object_r:cnd_exec:s0
+/vendor/bin/esed                u:object_r:esed_exec:s0
 /vendor/bin/hw/android\.hardware\.usb@1\.0-service.device            u:object_r:hal_usb_default_exec:s0
 /vendor/bin/chre                u:object_r:chre_exec:s0
 /vendor/bin/folio_daemon        u:object_r:folio_daemon_exec:s0
diff --git a/ueventd.hardware.rc b/ueventd.hardware.rc
index 9cd19aa5..076d792f 100644
--- a/ueventd.hardware.rc
+++ b/ueventd.hardware.rc
@@ -96,6 +96,9 @@
 #nfc permissions
 /dev/nq-nci               0660    nfc         nfc
 
+# eSE device
+/dev/pn81a                0660   ese        ese
+
 # fpc fingerprint
 /sys/devices/soc/soc:fp_fpc*        irq               0600  system system
 /sys/devices/soc/soc:fp_fpc*        wakeup_enable     0200  system system