sepolicy: move pasr sepolicy files to common

Since the new memory hal for pasr-v2 will also be used for other
targets that share the same Android image, move all the sepolicy
files to common folder to make it target independent.
Also, update memory pasr hal, psi_service and powerservice_app to
use the updated attributes.

Change-Id: I8978ce2bfff34a9b43d4eacc10f4b5076567768c

qva/vendor/common/file.te

@@ -131,11 +131,14 @@ type vendor_sysfs_bootguestvm, fs_type, sysfs_type;
 #qspm-hal
 type vendor_qspmhal_data_file, file_type, data_file_type;
 
-#Memory offlining file types
+#System memory file types
 type vendor_sysfs_system_memory, sysfs_type, fs_type;
 
 type vendor_sysfs_qfprom, fs_type, sysfs_type;
 
+# Memory offlining file types
+type vendor_sysfs_mem_offline, sysfs_type, fs_type;
+
 #slub-debug
 type vendor_sysfs_slab_zshandle_storeuser, fs_type, sysfs_type;
 type vendor_sysfs_slab_zspage_storeuser, fs_type, sysfs_type;

qva/vendor/common/file_contexts

@@ -93,6 +93,8 @@
 /vendor/bin/hw/vendor\.qti\.hardware\.vibrator@1\.[0-3]-service                    u:object_r:hal_vibrator_default_exec:s0
 /vendor/bin/hw/vendor\.qti\.hardware\.vibrator\.service                            u:object_r:hal_vibrator_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.power\.pasrmanager\@1\.0-service       u:object_r:vendor_hal_pasrmanager_qti_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.qti\.memory\.pasrmanager\@1\.0-service      u:object_r:vendor_pasrmanager_memory_qti_exec:s0
+/(vendor|system/vendor)/bin/hw/vendor\.qti\.psiclient\@1\.0-service                u:object_r:vendor_psiservice_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.secure_element@1\.0-service            u:object_r:hal_secure_element_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.secure_element@1\.2-service            u:object_r:hal_secure_element_default_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.perf@2\.[0-2]-service        u:object_r:vendor_hal_perf_default_exec:s0

qva/vendor/common/genfs_contexts

@@ -43,6 +43,7 @@ genfscon sysfs /kernel/load_guestvm/boot_guestvm u:object_r:vendor_sysfs_bootgue
 
 genfscon sysfs /kernel/qvr_external_sensor u:object_r:vendor_sysfs_qvr_external_sensor:s0
 genfscon sysfs /devices/system/memory/ u:object_r:vendor_sysfs_system_memory:s0
+genfscon sysfs /kernel/mem-offline/ u:object_r:vendor_sysfs_mem_offline:s0
 
 genfscon sysfs /kernel/slab/zs_handle/store_user u:object_r:vendor_sysfs_slab_zshandle_storeuser:s0
 genfscon sysfs /kernel/slab/zspage/store_user u:object_r:vendor_sysfs_slab_zspage_storeuser:s0

qva/vendor/common/hal_pasrmanager_memory.te

@@ -31,16 +31,16 @@ type vendor_pasrmanager_memory_qti_exec, exec_type, vendor_file_type, file_type;
 
 # Allow permissions required for this HAL server to offer a
 # HAL implementation of the specified type over HwBinder
-hal_server_domain(vendor_pasrmanager_memory_qti, vendor_hal_pasrmanager_memory)
+hal_server_domain(vendor_pasrmanager_memory_qti, vendor_hal_mem_pasrmanager)
 
 # Started by init
 init_daemon_domain(vendor_pasrmanager_memory_qti)
 
 # Allow PASR clients to perform binder IPC to PASR HAL server
-binder_call(vendor_hal_pasrmanager_memory_client, vendor_hal_pasrmanager_memory_server)
+binder_call(vendor_hal_mem_pasrmanager_client, vendor_hal_mem_pasrmanager_server)
 
 # Add pasrmanager to hwservice_manager and allow it to be discovered
-hal_attribute_hwservice(vendor_hal_pasrmanager_memory, vendor_hal_pasrmanager_memory_hwservice)
+hal_attribute_hwservice(vendor_hal_mem_pasrmanager, vendor_hal_pasrmanager_memory_hwservice)
 
 # Allow access for pasrmanager for reading "/system/devices/memory/*"
 allow vendor_pasrmanager_memory_qti vendor_sysfs_system_memory:file rw_file_perms;

qva/vendor/common/hwservice.te

@@ -28,6 +28,7 @@
 type vendor_hal_dpmqmi_hwservice, hwservice_manager_type, protected_hwservice;
 type vendor_hal_iop_hwservice, hwservice_manager_type, protected_hwservice;
 type vendor_hal_pasrmanager_hwservice, hwservice_manager_type, protected_hwservice;
+type vendor_hal_pasrmanager_memory_hwservice, hwservice_manager_type, protected_hwservice;
 type vendor_wifidisplayhalservice_hwservice , hwservice_manager_type, protected_hwservice;
 type vendor_agm_hwservice, hwservice_manager_type, protected_hwservice;
 type vendor_hal_alarm_qti_hwservice , hwservice_manager_type, protected_hwservice;

qva/vendor/common/hwservice_contexts

@@ -38,6 +38,7 @@ vendor.qti.hardware.fstman::IFstManager                      u:object_r:vendor_h
 vendor.qti.hardware.qteeconnector::IAppConnector             u:object_r:vendor_hal_qteeconnector_hwservice:s0
 vendor.qti.hardware.qteeconnector::IGPAppConnector           u:object_r:vendor_hal_qteeconnector_hwservice:s0
 vendor.qti.power.pasrmanager::IPasrManager                   u:object_r:vendor_hal_pasrmanager_hwservice:s0
+vendor.qti.memory.pasrmanager::IPasrManager                  u:object_r:vendor_hal_pasrmanager_memory_hwservice:s0
 com.qualcomm.qti.bluetooth_audio::IBluetoothAudio            u:object_r:hal_audio_hwservice:s0
 vendor.qti.hardware.btconfigstore::IBTConfigStore            u:object_r:vendor_hal_btconfigstore_hwservice:s0
 vendor.qti.hardware.bluetooth_dun::IBluetoothDunServer       u:object_r:vendor_hal_bluetooth_dun_hwservice:s0

qva/vendor/common/powerservice_app.te

@@ -37,4 +37,7 @@ allow vendor_powerservice_app app_api_service:service_manager find;
 get_prop(vendor_powerservice_app, vendor_pasr_prop)
 
 # allow Power service to interact with pasr memory hal
-hal_client_domain(vendor_powerservice_app, vendor_hal_pasrmanager_memory)
+hal_client_domain(vendor_powerservice_app, vendor_hal_mem_pasrmanager)
+
+# allow Power service to interact with pasr power hal
+hal_client_domain(vendor_powerservice_app, vendor_hal_pasrmanager)

qva/vendor/common/property.te

@@ -98,3 +98,6 @@ vendor_restricted_prop(vendor_slm_prop);
 
 #mwqem property
 vendor_restricted_prop(vendor_mwqem_prop);
+
+#pasr property
+vendor_internal_prop(vendor_pasr_prop);

qva/vendor/common/property_contexts

@@ -133,3 +133,7 @@ persist.vendor.slm.                          u:object_r:vendor_slm_prop:s0
 
 #MWQEM
 persist.vendor.mwqem.                        u:object_r:vendor_mwqem_prop:s0
+
+#pasr property
+vendor.pasr.                                 u:object_r:vendor_pasr_prop:s0
+ro.vendor.pasr.                              u:object_r:vendor_pasr_prop:s0

qva/vendor/common/psi_service.te

@@ -33,7 +33,7 @@ type vendor_psiservice_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(vendor_psiservice)
 
 # Allow PSI Service to be a client of PASR HAL
-hal_client_domain(vendor_psiservice, vendor_hal_pasrmanager_memory)
+hal_client_domain(vendor_psiservice, vendor_hal_mem_pasrmanager)
 
 # Read /proc/zoneinfo
 allow vendor_psiservice proc_zoneinfo:file r_file_perms;

qva/vendor/common/seapp_contexts

@@ -27,3 +27,6 @@
 
 #Add new domain for perfdump app
 user=system seinfo=platform name=com.qualcomm.qti.perfdump domain=vendor_perfdump_app type=system_app_data_file
+
+#Add new domain for powerservice app
+user=_app seinfo=platform name=.pasr domain=vendor_powerservice_app type=app_data_file levelFrom=all

qva/vendor/common/vendor_init.te

@@ -56,3 +56,6 @@ set_prop(vendor_init, vendor_confqmaa)
 set_prop(vendor_init, vendor_disable_spu_prop)
 
 set_prop(vendor_init, vendor_persist_dpm_prop)
+
+# Allow vendor_init to set vendor_pasr_prop
+set_prop(vendor_init, vendor_pasr_prop)

qva/vendor/lahaina/attributes

@@ -1,30 +0,0 @@
-# Copyright (c) 2020, The Linux Foundation. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#     * Redistributions of source code must retain the above copyright
-#       notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above
-#       copyright notice, this list of conditions and the following
-#       disclaimer in the documentation and/or other materials provided
-#       with the distribution.
-#     * Neither the name of The Linux Foundation nor the names of its
-#       contributors may be used to endorse or promote products derived
-#       from this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
-# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
-# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
-# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
-# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
-# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-attribute vendor_hal_pasrmanager_memory;
-attribute vendor_hal_pasrmanager_memory_client;
-attribute vendor_hal_pasrmanager_memory_server;

qva/vendor/lahaina/file.te

@@ -27,6 +27,3 @@
 
 # vendor biometricsface data file
 type vendor_biometricsface_data_file, file_type, data_file_type;
-
-# Memory offlining file types
-type vendor_sysfs_mem_offline, sysfs_type, fs_type;

qva/vendor/lahaina/file_contexts

@@ -28,6 +28,4 @@
 /(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face@1\.0-service    u:object_r:vendor_biometricsface_exec:s0
 
 /data/vendor/face3d_dir(/.*)?                                       u:object_r:vendor_biometricsface_data_file:s0
-/(vendor|system/vendor)/bin/hw/vendor\.qti\.memory\.pasrmanager\@1\.0-service      u:object_r:vendor_pasrmanager_memory_qti_exec:s0
-/(vendor|system/vendor)/bin/hw/vendor\.qti\.psiclient\@1\.0-service                u:object_r:vendor_psiservice_exec:s0
 /(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.eid@1\.0-service             u:object_r:vendor_hal_eid_qti_exec:s0

qva/vendor/lahaina/genfs_contexts

@@ -25,7 +25,5 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-genfscon sysfs /kernel/mem-offline/ u:object_r:vendor_sysfs_mem_offline:s0
-
 #net sysfs
 genfscon sysfs /devices/platform/soc/1c00000.qcom,pcie/pci0000:00/0000:00:00.0/0000:01:00.0/net u:object_r:sysfs_net:s0

qva/vendor/lahaina/hwservice.te

@@ -25,5 +25,4 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-type vendor_hal_pasrmanager_memory_hwservice, hwservice_manager_type, protected_hwservice;
 type vendor_hal_eid_hwservice, hwservice_manager_type, protected_hwservice;

qva/vendor/lahaina/hwservice_contexts

@@ -25,5 +25,4 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-vendor.qti.memory.pasrmanager::IPasrManager                  u:object_r:vendor_hal_pasrmanager_memory_hwservice:s0
 vendor.qti.hardware.eid::IEid                                u:object_r:vendor_hal_eid_hwservice:s0

qva/vendor/lahaina/property.te

@@ -27,6 +27,3 @@
 
 #face3d
 vendor_internal_prop(vendor_face3d_producer_prop);
-
-#pasr property
-vendor_internal_prop(vendor_pasr_prop);

qva/vendor/lahaina/property_contexts

@@ -27,7 +27,3 @@
 
 #face3d
 persist.vendor.biometricsface.pr u:object_r:vendor_face3d_producer_prop:s0
-
-#pasr property
-vendor.pasr.                                 u:object_r:vendor_pasr_prop:s0
-ro.vendor.pasr.                              u:object_r:vendor_pasr_prop:s0

qva/vendor/lahaina/seapp_contexts

@@ -25,8 +25,5 @@
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 
-#Add new domain for powerservice app
-user=_app seinfo=platform name=.pasr domain=vendor_powerservice_app type=app_data_file levelFrom=all
-
 #Add new domain for eid app
 user=system seinfo=platform name=.eidservices domain=vendor_eid_app type=system_app_data_file

qva/vendor/lahaina/vendor_init.te

@@ -1,29 +0,0 @@
-# Copyright (c) 2020, The Linux Foundation. All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions are
-# met:
-#     * Redistributions of source code must retain the above copyright
-#       notice, this list of conditions and the following disclaimer.
-#     * Redistributions in binary form must reproduce the above
-#       copyright notice, this list of conditions and the following
-#       disclaimer in the documentation and/or other materials provided
-#       with the distribution.
-#     * Neither the name of The Linux Foundation nor the names of its
-#       contributors may be used to endorse or promote products derived
-#       from this software without specific prior written permission.
-#
-# THIS SOFTWARE IS PROVIDED"AS IS" AND ANY EXPRESS OR IMPLIED
-# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
-# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
-# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
-# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
-# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
-# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
-# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
-# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-# Allow vendor_init to set vendor_pasr_prop
-set_prop(vendor_init, vendor_pasr_prop)