Merge "Added SE-Policy rules for usbudev on Vendor-14"

generic/private/file_contexts

@@ -69,6 +69,7 @@
 /(system_ext|system/system_ext)/bin/qxrsplitauxservice  u:object_r:vendor_sys_sxrauxd_exec:s0
 /(system_ext|system/system_ext)/bin/qsguard  u:object_r:qsguard_exec:s0
 /system_ext/bin/virtual_keyboard     u:object_r:vendor_virtual_keyboard_exec:s0
+/system_ext/bin/usbudev                             u:object_r:vendor_usbudev_qti_exec:s0
 
 ####### data files ################
 /data/dpm(/.*)?                                 u:object_r:vendor_dpmd_data_file:s0

generic/private/usbudev.te

@@ -0,0 +1,16 @@
+# Copyright (c) 2024 Qualcomm Innovation Center, Inc. All rights reserved.
+# SPDX-License-Identifier: BSD-3-Clause-Clear
+
+#============= vendor_usbudev_qti ==============
+type vendor_usbudev_qti, domain, coredomain;
+type vendor_usbudev_qti_exec, system_file_type, exec_type, file_type;
+
+init_daemon_domain(vendor_usbudev_qti)
+allow vendor_usbudev_qti self:netlink_kobject_uevent_socket { bind create getopt read setopt };
+allow vendor_usbudev_qti toolbox_exec:file  rx_file_perms;
+allow vendor_usbudev_qti self:capability net_admin;
+allow vendor_usbudev_qti self:netlink_route_socket { bind create getattr setopt nlmsg_write read write };
+allow vendor_usbudev_qti self:udp_socket {create_socket_perms};
+allowxperm vendor_usbudev_qti self:udp_socket ioctl { SIOCSIFFLAGS  SIOCSIFADDR SIOCSIFNETMASK };
+allow vendor_usbudev_qti shell_exec:file { rx_file_perms };
+allow vendor_usbudev_qti system_file:file execute_no_trans;