cm: sepolicy: Create standard policy for LiveDisplay
Change-Id: Icb0047f261861c8fae99ffa4e9053de8d3aa8c73
diff --git a/sepolicy/file.te b/sepolicy/file.te
index a07d48a..d7d6b42 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -11,3 +11,6 @@
# Persistent property storage
type persist_property_file, file_type;
+
+# Knobs for LiveDisplay
+type livedisplay_sysfs, sysfs_type, file_type;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 4e53379..7deb3a4 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -34,3 +34,9 @@
# Persistent properties
/persist/properties u:object_r:persist_property_file:s0
+
+# LiveDisplay
+/sys/devices/virtual/graphics/fb0/aco u:object_r:livedisplay_sysfs:s0
+/sys/devices/virtual/graphics/fb0/cabc u:object_r:livedisplay_sysfs:s0
+/sys/devices/virtual/graphics/fb0/rgb u:object_r:livedisplay_sysfs:s0
+/sys/devices/virtual/graphics/fb0/sre u:object_r:livedisplay_sysfs:s0
diff --git a/sepolicy/livedisplay.te b/sepolicy/livedisplay.te
new file mode 100644
index 0000000..a260e07
--- /dev/null
+++ b/sepolicy/livedisplay.te
@@ -0,0 +1,2 @@
+# Various knobs used by LiveDisplay
+allow system_server livedisplay_sysfs:file rw_file_perms;
diff --git a/sepolicy/sepolicy.mk b/sepolicy/sepolicy.mk
index f3fdca2..7955d8f 100644
--- a/sepolicy/sepolicy.mk
+++ b/sepolicy/sepolicy.mk
@@ -18,6 +18,7 @@
healthd.te \
hostapd.te \
installd.te \
+ livedisplay.te \
netd.te \
property.te \
recovery.te \