Merge "sepolicy: Add policies for TLOC Daemon."
diff --git a/common/file_contexts b/common/file_contexts
index 6665841..dc61a78 100644
--- a/common/file_contexts
+++ b/common/file_contexts
@@ -196,6 +196,7 @@
/system/vendor/bin/qti u:object_r:qti_exec:s0
/system/bin/wcnss_service u:object_r:wcnss_service_exec:s0
/system/vendor/bin/hbtp_daemon u:object_r:hbtp_exec:s0
+/system/vendor/bin/touch_fusion u:object_r:touchfusion_exec:s0
/system/bin/seempd u:object_r:seempd_exec:s0
/system/bin/sapd u:object_r:sapd_exec:s0
/system/bin/btsnoop u:object_r:btsnoop_exec:s0
diff --git a/common/init.te b/common/init.te
index 6835232..c4c0932 100644
--- a/common/init.te
+++ b/common/init.te
@@ -14,8 +14,3 @@
#For sdcard
allow init tmpfs:lnk_file create_file_perms;
-
-#Certain domains needs LD_PRELOAD passed from init
-#allow it for most domain. Do not honor LD_PRELOAD
-#for lmkd
-allow init { domain -lmkd }:process noatsecure;
diff --git a/common/init_shell.te b/common/init_shell.te
index c74d6ce..0a91b68 100644
--- a/common/init_shell.te
+++ b/common/init_shell.te
@@ -68,6 +68,7 @@
ctl_netmgrd_prop
ctl_port-bridge_prop
sf_lcd_density_prop
+ opengles_prop
mdm_helper_prop
fm_prop
usf_prop
diff --git a/common/location.te b/common/location.te
index f7cc6fc..805130c 100644
--- a/common/location.te
+++ b/common/location.te
@@ -34,6 +34,13 @@
# For interfacing with the device sensorservice
allow location sensorservice_service:service_manager find;
+#wifi
+allow location wifi_data_file:dir r_dir_perms;
+unix_socket_send(wpa, location, location)
+allow location wpa:unix_dgram_socket sendto;
+allow location wpa_socket:dir rw_dir_perms;
+allow location wpa_socket:sock_file create_file_perms;
+
r_dir_file(location, rfs_shared_hlos_file)
dontaudit location domain:dir r_dir_perms;
diff --git a/common/property.te b/common/property.te
index d674729..1d83d8c 100644
--- a/common/property.te
+++ b/common/property.te
@@ -17,6 +17,7 @@
type msm_irqbalance_prop, property_type;
type camera_prop, property_type;
type sf_lcd_density_prop, property_type;
+type opengles_prop, property_type;
type mdm_helper_prop, property_type;
type mpdecision_prop, property_type;
diff --git a/common/property_contexts b/common/property_contexts
index c3106c4..8f52c1b 100644
--- a/common/property_contexts
+++ b/common/property_contexts
@@ -23,6 +23,7 @@
camera. u:object_r:camera_prop:s0
persist.camera. u:object_r:camera_prop:s0
sf.lcd_density u:object_r:sf_lcd_density_prop:s0
+opengles.version u:object_r:opengles_prop:s0
qualcomm.bt.hci_transport u:object_r:bluetooth_prop:s0
ctl.mdm_helper u:object_r:mdm_helper_prop:s0
ctl.mpdecision u:object_r:mpdecision_prop:s0
diff --git a/common/touchfusion.te b/common/touchfusion.te
new file mode 100644
index 0000000..744aa90
--- /dev/null
+++ b/common/touchfusion.te
@@ -0,0 +1,47 @@
+# Copyright (c) 2015, The Linux Foundation. All rights reserved.
+
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+# * Neither the name of The Linux Foundation nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+# Policies for touchfusion
+type touchfusion, domain;
+
+type touchfusion_exec, exec_type, file_type;
+
+init_daemon_domain(touchfusion)
+
+domain_auto_trans(kernel, touchfusion_exec, touchfusion);
+
+allow touchfusion kmsg_device:chr_file rw_file_perms;
+
+allow touchfusion graphics_device:dir r_dir_perms;
+
+allow touchfusion self:netlink_socket create_socket_perms;
+
+allow touchfusion graphics_device:chr_file rw_file_perms;
+
+userdebug_or_eng(`
+allow touchfusion self:capability { sys_nice net_admin };
+')