From c93767f073ce44bc6af6bd91e6bdabe9b339e6ec Mon Sep 17 00:00:00 2001
From: Ahmed Harhash <email@lacentix.me>
Date: Thu, 7 Apr 2022 03:54:32 +0200
Subject: [PATCH 1/2] avicii: sepolicy: Allow CameraMDMHIDL to execute

* 04-07 03:35:05.521 10035 10035 W init: type=1400 audit(0.0:26621): avc: denied { execute } for name="vendor.oneplus.hardware.CameraMDMHIDL@1.0-service" dev="dm-7" ino=166 scontext=u:r:init:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=0

Change-Id: I2c553893b2411c21c596ae3a3b1016266cc79fa3
---
 sepolicy/vendor/file_contexts | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index 1dd237d..6c44d79 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -27,13 +27,14 @@
 /dev/silead_fp            u:object_r:fingerprintd_device:s0
 
 # HALs
-/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.oneplus_lito           u:object_r:hal_fingerprint_default_exec:s0
-/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.oneplus_lito                             u:object_r:hal_light_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.oneplus_lito              u:object_r:hal_fingerprint_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.light@2\.0-service\.oneplus_lito                                u:object_r:hal_light_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.neuralnetworks@1\.2-service-qti                                 u:object_r:hal_neuralnetworks_default_exec:s0
-/(vendor|system/vendor)/bin/hw/android\.hardware\.vibrator@1\.2-service\.oneplus_lito                          u:object_r:hal_vibrator_default_exec:s0
-/(vendor|system/vendor)/bin/hw/vendor\.lineage\.biometrics\.fingerprint\.inscreen@1.0-service\.oneplus_lito    u:object_r:hal_fod_lito_exec:s0
-/(vendor|system/vendor)/bin/hw/vendor\.lineage\.livedisplay@2\.0-service\.oneplus_lito                         u:object_r:hal_livedisplay_lito_exec:s0
-/(vendor|system/vendor)/bin/hw/vendor\.lineage\.touch@1\.0-service\.oneplus_lito                               u:object_r:hal_lineage_touch_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.vibrator@1\.2-service\.oneplus_lito                             u:object_r:hal_vibrator_default_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.lineage\.biometrics\.fingerprint\.inscreen@1.0-service\.oneplus_lito       u:object_r:hal_fod_lito_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.lineage\.livedisplay@2\.0-service\.oneplus_lito                            u:object_r:hal_livedisplay_lito_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.lineage\.touch@1\.0-service\.oneplus_lito                                  u:object_r:hal_lineage_touch_default_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.CameraMDMHIDL@1\.0-service                              u:object_r:hal_cameraHIDL_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.camera\.CameraHIDL@1\.0-service                                   u:object_r:hal_cameraHIDL_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.display@1\.0-service                                    u:object_r:hal_display_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.drmkey@1\.0-service                                     u:object_r:hal_drm_widevine_exec:s0
-- 
GitLab


From 85ae767d4c1499c41aab021555a2e8ee878edd91 Mon Sep 17 00:00:00 2001
From: Ahmed Harhash <email@lacentix.me>
Date: Thu, 7 Apr 2022 08:51:54 +0200
Subject: [PATCH 2/2] avicii: sepolicy: Allow
 vendor.oneplus.hardware.camera@1.0-service to execute

* 04-07 08:43:32.216 10931 10931 W init    : type=1400 audit(0.0:20353):
avc: denied { execute } for
name="vendor.oneplus.hardware.camera@1.0-service" dev="dm-7" ino=167
scontext=u:r:init:s0 tcontext=u:object_r:vendor_file:s0 tclass=file
permissive=0

Change-Id: I3d1bdb7ba018354c97bd55b84112cf03beb3f1a2
---
 sepolicy/vendor/file_contexts | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index 6c44d79..472f842 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -36,6 +36,7 @@
 /(vendor|system/vendor)/bin/hw/vendor\.lineage\.touch@1\.0-service\.oneplus_lito                                  u:object_r:hal_lineage_touch_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.CameraMDMHIDL@1\.0-service                              u:object_r:hal_cameraHIDL_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.camera\.CameraHIDL@1\.0-service                                   u:object_r:hal_cameraHIDL_default_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.camera@1\.0-service                                     u:object_r:hal_cameraHIDL_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.display@1\.0-service                                    u:object_r:hal_display_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.drmkey@1\.0-service                                     u:object_r:hal_drm_widevine_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.oneplus\.hardware\.ifaa@2\.0-service                                       u:object_r:hal_ifaa_default_exec:s0
-- 
GitLab