sensors: Move USF related sepolicy to gs-common.

Bug: 305120274
Test: Compile pass. Flash the build to ZUMA devices and no sensor
      related avc denied log.
Change-Id: I6911992b59802b62ffd206fd53e678da65ef1363
Signed-off-by: Rick Chen <rickctchen@google.com>

legacy/whitechapel_pro/file.te

@@ -3,7 +3,6 @@ type updated_wifi_firmware_data_file, file_type, data_file_type;
 type vendor_misc_data_file, file_type, data_file_type;
 type per_boot_file, file_type, data_file_type, core_data_file_type;
 type powerstats_vendor_data_file, file_type, data_file_type;
-type sensor_debug_data_file, file_type, data_file_type;
 
 # sysfs
 type bootdevice_sysdev, dev_type;

legacy/whitechapel_pro/file_contexts

@@ -40,9 +40,5 @@
 /data/vendor/firmware/wifi(/.*)?                                            u:object_r:updated_wifi_firmware_data_file:s0
 /data/vendor/misc(/.*)?                                                     u:object_r:vendor_misc_data_file:s0
 /data/per_boot(/.*)?                                                        u:object_r:per_boot_file:s0
-/data/vendor/sensors/registry(/.*)?                                         u:object_r:sensor_reg_data_file:s0
 /dev/battery_history                                                        u:object_r:battery_history_device:s0
 /data/vendor/powerstats(/.*)?                                               u:object_r:powerstats_vendor_data_file:s0
-
-# Persist
-/mnt/vendor/persist/sensors/registry(/.*)?                                  u:object_r:persist_sensor_reg_file:s0

legacy/whitechapel_pro/te_macros

@@ -1,14 +0,0 @@
-#
-# USF SELinux type enforcement macros.
-#
-
-#
-# usf_low_latency_transport(domain)
-#
-# Allows domain use of the USF low latency transport.
-#
-define(`usf_low_latency_transport', `
-  allow $1 hal_graphics_mapper_hwservice:hwservice_manager find;
-  hal_client_domain($1, hal_graphics_allocator)
-')
-

vendor/file.te

@@ -2,7 +2,6 @@
 type persist_display_file, file_type, vendor_persist_type;
 type persist_battery_file, file_type, vendor_persist_type;
 type persist_camera_file, file_type, vendor_persist_type;
-type persist_sensor_reg_file, file_type, vendor_persist_type;
 type persist_uwb_file, file_type, vendor_persist_type;
 
 #sysfs
@@ -39,7 +38,6 @@ type vendor_bt_data_file, file_type, data_file_type;
 type sysfs_bt_uart, sysfs_type, fs_type;
 
 # Data
-type sensor_reg_data_file, file_type, data_file_type;
 type uwb_vendor_data_file, file_type, data_file_type, app_data_file_type;
 type uwb_data_vendor, file_type, data_file_type;
 type chre_data_file, file_type, data_file_type;

vendor/hal_sensors_default.te

@@ -1,67 +1,26 @@
-# Allow access to the AoC communication driver.
-allow hal_sensors_default aoc_device:chr_file rw_file_perms;
+# Allow reading of camera persist files.
+r_dir_file(hal_sensors_default, persist_camera_file)
 
-# Allow create thread to watch AOC's device.
-allow hal_sensors_default device:dir r_dir_perms;
-
-# Allow access to CHRE socket to connect to nanoapps.
-allow hal_sensors_default chre:unix_stream_socket connectto;
-allow hal_sensors_default chre_socket:sock_file write;
-
-# Allow SensorSuez to connect AIDL stats.
-allow hal_sensors_default fwk_stats_service:service_manager find;
-
-# Allow sensor HAL to access the graphics composer.
-binder_call(hal_sensors_default, hal_graphics_composer_default);
-
-# Allow sensor HAL to access the display service HAL
-allow hal_sensors_default hal_pixel_display_service:service_manager find;
+# Allow access to the files of CDT information.
+r_dir_file(hal_sensors_default, sysfs_chosen)
 
 # Allow sensor HAL to access the thermal service HAL
 hal_client_domain(hal_sensors_default, hal_thermal);
 
-# Allow reading of sensor registry persist files and camera persist files.
-allow hal_sensors_default mnt_vendor_file:dir search;
-allow hal_sensors_default persist_file:dir search;
-allow hal_sensors_default persist_file:file r_file_perms;
-allow hal_sensors_default persist_sensor_reg_file:dir r_dir_perms;
-allow hal_sensors_default persist_sensor_reg_file:file r_file_perms;
-r_dir_file(hal_sensors_default, persist_camera_file)
-
-# Allow creation and writing of sensor registry data files.
-allow hal_sensors_default sensor_reg_data_file:dir rw_dir_perms;
-allow hal_sensors_default sensor_reg_data_file:file create_file_perms;
-
-# Allow access to the sysfs_aoc.
-allow hal_sensors_default sysfs_aoc:dir search;
-allow hal_sensors_default sysfs_aoc:file r_file_perms;
-
-# Allow access to the AoC clock and kernel boot time sys FS node. This is needed
-# to synchronize the AP and AoC clock timestamps.
-allow hal_sensors_default sysfs_aoc_boottime:file r_file_perms;
-
 # Allow display_info_service access to the backlight driver.
 allow hal_sensors_default sysfs_write_leds:file rw_file_perms;
 
-# Allow access to sensor service for sensor_listener.
-binder_call(hal_sensors_default, system_server);
-
 # Allow access for dynamic sensor properties.
 get_prop(hal_sensors_default, vendor_dynamic_sensor_prop)
 
 # Allow access to raw HID devices for dynamic sensors.
 allow hal_sensors_default hidraw_device:chr_file rw_file_perms;
 
-# Allow access to the display info for ALS.
-allow hal_sensors_default sysfs_display:file rw_file_perms;
+# Allow sensor HAL to access the display service HAL
+allow hal_sensors_default hal_pixel_display_service:service_manager find;
 
-# Allow access to the files of CDT information.
-allow hal_sensors_default sysfs_chosen:dir search;
-allow hal_sensors_default sysfs_chosen:file r_file_perms;
+# Allow sensor HAL to access the graphics composer.
+binder_call(hal_sensors_default, hal_graphics_composer_default)
 
-# Allow display_info_service access to the backlight driver.
-allow hal_sensors_default sysfs_leds:dir search;
-allow hal_sensors_default sysfs_leds:file r_file_perms;
-
-# Allow sensor HAL to reset AOC.
-allow hal_sensors_default sysfs_aoc_reset:file rw_file_perms;
+# Allow access to the power supply files for MagCC.
+allow hal_sensors_default sysfs_wlc:dir r_dir_perms;