From 3b375ccce4dc96ae6c8d0bbd73fedf6610eb3ec3 Mon Sep 17 00:00:00 2001
From: Shirayuki39 <lorddemecrius83@proton.me>
Date: Sun, 21 Jul 2024 19:31:50 +0800
Subject: [PATCH] LG8n: sepolicy: address hal_sensors denial relating to nvdata

07-21 14:22:10.256   966   966 I auditd  : type=1400 audit(0.0:445): avc: denied { search } for comm=android.hardwar name=/ dev=sdc8 ino=2 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:nvdata_file:s0 tclass=dir permissive=0
07-21 14:22:10.256   966   966 W android.hardwar: type=1400 audit(0.0:445): avc: denied { search } for name=/ dev=sdc8 ino=2 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:nvdata_file:s0 tclass=dir permissive=0

Signed-off-by: Shirayuki39 <lorddemecrius83@proton.me>
---
 sepolicy/vendor/hal_sensors_default.te | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sepolicy/vendor/hal_sensors_default.te b/sepolicy/vendor/hal_sensors_default.te
index be8748d..c8be4da 100644
--- a/sepolicy/vendor/hal_sensors_default.te
+++ b/sepolicy/vendor/hal_sensors_default.te
@@ -27,6 +27,8 @@ allow hal_sensors_default metadata_file:dir search;
 allow hal_sensors_default mnt_vendor_file:dir search;
 allow hal_sensors_default nvcfg_file:dir create_dir_perms;
 allow hal_sensors_default nvcfg_file:file create_file_perms;
+allow hal_sensors_default nvdata_file:dir { read search open };
+allow hal_sensors_default nvdata_file:file { read getattr open };
 allow hal_sensors_default sensor_data_file:dir create_dir_perms;
 allow hal_sensors_default sensor_data_file:dir search;
 allow hal_sensors_default sensor_data_file:file create_file_perms;