From 8843e8e1f9805eb9f3d601b12369ed03a1f1306d Mon Sep 17 00:00:00 2001
From: Chenjie Luo <cjluo@google.com>
Date: Fri, 3 Nov 2017 09:38:18 -0700
Subject: [PATCH] Add easel sepolicy.

Test: easelmanager_client_example
Change-Id: Iaed2e346b469ce907f7f1ffe0012d8c5840af385
---
 sepolicy/vendor/easel.te            | 13 +++++++++++++
 sepolicy/vendor/file_contexts       |  1 +
 sepolicy/vendor/vndservice.te       |  1 +
 sepolicy/vendor/vndservice_contexts |  1 +
 4 files changed, 16 insertions(+)
 create mode 100644 sepolicy/vendor/easel.te

diff --git a/sepolicy/vendor/easel.te b/sepolicy/vendor/easel.te
new file mode 100644
index 00000000..b83fb2bb
--- /dev/null
+++ b/sepolicy/vendor/easel.te
@@ -0,0 +1,13 @@
+# easel service
+type easel, domain;
+type easel_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(easel)
+
+add_service(easel, easel_service)
+
+vndbinder_use(easel)
+
+# access easel dev nodes
+allow easel easel_device:chr_file rw_file_perms;
+allow easel sysfs_easel:file rw_file_perms;
\ No newline at end of file
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index b8309679..6beea189 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -155,6 +155,7 @@
 /vendor/bin/qmuxd               u:object_r:qmuxd_exec:s0
 /vendor/bin/cnd                 u:object_r:cnd_exec:s0
 /vendor/bin/ATFWD-daemon        u:object_r:atfwd_exec:s0
+/vendor/bin/easelmanagerd       u:object_r:easel_exec:s0
 # Remove after b/38447389
 /vendor/bin/esed                u:object_r:esed_exec:s0
 # Rename to android.hardware.[XXX] after b/38447431
diff --git a/sepolicy/vendor/vndservice.te b/sepolicy/vendor/vndservice.te
index 44c45ca5..487a6007 100644
--- a/sepolicy/vendor/vndservice.te
+++ b/sepolicy/vendor/vndservice.te
@@ -1,2 +1,3 @@
 type qdisplay_service,             vndservice_manager_type;
 type per_mgr_service,              vndservice_manager_type;
+type easel_service,                vndservice_manager_type;
\ No newline at end of file
diff --git a/sepolicy/vendor/vndservice_contexts b/sepolicy/vendor/vndservice_contexts
index 1db4aa0c..4db2ed80 100644
--- a/sepolicy/vendor/vndservice_contexts
+++ b/sepolicy/vendor/vndservice_contexts
@@ -1,2 +1,3 @@
 display.qservice                        u:object_r:qdisplay_service:s0
 vendor.qcom.PeripheralManager           u:object_r:per_mgr_service:s0
+easelmanager                            u:object_r:easel_service:s0