From 2632c4a4b8f8332c88266a02ae4a989493b4224d Mon Sep 17 00:00:00 2001
From: Jeferson <jroliveira.oliveira301@gmail.com>
Date: Wed, 17 Feb 2021 15:29:49 +0100
Subject: [PATCH] sdm660-common: sepolicy: Adress system_server denials

Change-Id: I7ec0ccc4004a7cf74988e7994ec981e064ba0412
---
 sepolicy/vendor/system_server.te | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/sepolicy/vendor/system_server.te b/sepolicy/vendor/system_server.te
index f03abd1f..ca6c09da 100644
--- a/sepolicy/vendor/system_server.te
+++ b/sepolicy/vendor/system_server.te
@@ -3,7 +3,9 @@ allow system_server blkio_dev:dir search;
 allow system_server default_android_service:service_manager add;
 allow system_server exported_camera_prop:file read;
 allow system_server kernel:system syslog_read;
+allow system_server media_rw_data_file:dir { setattr };
 allow system_server sysfs_battery_supply:file rw_file_perms;
+allow system_server sysfs_kgsl:lnk_file { read };
 allow system_server sysfs_vibrator:file rw_file_perms;
 allow system_server thermal_service:service_manager find;
 allow system_server userspace_reboot_exported_prop:file read;
@@ -11,3 +13,8 @@ allow system_server vendor_camera_prop:file { getattr open read };
 allow system_server vendor_default_prop:file { getattr open read };
 allow system_server vendor_keylayout_file:dir search;
 allow system_server vendor_keylayout_file:file r_file_perms;
+allow system_server zygote:process { getpgid };
+
+get_prop(system_server, exported_camera_prop)
+get_prop(system_server, userspace_reboot_config_prop)
+get_prop(system_server, userspace_reboot_exported_prop)