From aa160dff7d60552704ff60db538359c9b89823d6 Mon Sep 17 00:00:00 2001
From: Alcatraz323 <alcatraz32323@gmail.com>
Date: Sat, 1 Jul 2023 10:09:06 +0800
Subject: [PATCH] sdm660-common: sepolicy: cleanup mismatched file & fix
 bluetooh, fsck denial

* fsck_untrusted(fsck.exfat) is for external sd, and access for sysfs is neverallowed

Signed-off-by: pix106 <sbordenave@gmail.com>
---
 sepolicy/vendor/fsck_untrusted.te    | 1 +
 sepolicy/vendor/hal_bluetooh_qti.te  | 1 -
 sepolicy/vendor/hal_bluetooth_qti.te | 3 +++
 sepolicy/vendor/property.te          | 1 +
 sepolicy/vendor/property_contexts    | 3 +++
 5 files changed, 8 insertions(+), 1 deletion(-)
 delete mode 100644 sepolicy/vendor/hal_bluetooh_qti.te

diff --git a/sepolicy/vendor/fsck_untrusted.te b/sepolicy/vendor/fsck_untrusted.te
index 4149f497..43e0202d 100644
--- a/sepolicy/vendor/fsck_untrusted.te
+++ b/sepolicy/vendor/fsck_untrusted.te
@@ -1 +1,2 @@
 allow fsck_untrusted sysfs:file { getattr };
+dontaudit fsck_untrusted sysfs:file { read };
\ No newline at end of file
diff --git a/sepolicy/vendor/hal_bluetooh_qti.te b/sepolicy/vendor/hal_bluetooh_qti.te
deleted file mode 100644
index 9f6f810f..00000000
--- a/sepolicy/vendor/hal_bluetooh_qti.te
+++ /dev/null
@@ -1 +0,0 @@
-allow hal_bluetooth_qti self:qipcrtr_socket create;
diff --git a/sepolicy/vendor/hal_bluetooth_qti.te b/sepolicy/vendor/hal_bluetooth_qti.te
index ebf5fbcf..d4111a49 100644
--- a/sepolicy/vendor/hal_bluetooth_qti.te
+++ b/sepolicy/vendor/hal_bluetooth_qti.te
@@ -1,2 +1,5 @@
 allow hal_bluetooth_qti diag_device:chr_file rw_file_perms;
 allow hal_bluetooth_qti ramdump_vendor_data_file:dir rw_dir_perms;
+allow hal_bluetooth_qti self:qipcrtr_socket create;
+
+get_prop(hal_bluetooth_qti, hal_bluetooth_qti_prop)
diff --git a/sepolicy/vendor/property.te b/sepolicy/vendor/property.te
index 6255d221..92ff86bc 100644
--- a/sepolicy/vendor/property.te
+++ b/sepolicy/vendor/property.te
@@ -5,3 +5,4 @@ vendor_restricted_prop(vendor_camera_prop);
 vendor_internal_prop(dirac_prop);
 vendor_internal_prop(vendor_power_prop)
 vendor_internal_prop(thermal_engine_prop);
+vendor_public_prop(hal_bluetooth_qti_prop);
diff --git a/sepolicy/vendor/property_contexts b/sepolicy/vendor/property_contexts
index dc46340b..47b4a0d4 100644
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@@ -6,6 +6,9 @@ audio_hal.period_multiplier             u:object_r:vendor_default_prop:s0
 persist.audio.fluence.voicecomm         u:object_r:vendor_default_prop:s0
 ro.audio.usb.period_us                  u:object_r:vendor_default_prop:s0
 
+# Bluetooth
+ro.hsm.model.num                        u:object_r:hal_bluetooth_qti_prop:s0
+
 # Camera
 camera.clientname                           u:object_r:vendor_camera_prop:s0
 camera.cpp.dumpvideopayload                 u:object_r:vendor_camera_prop:s0