From 2e9c05d5e075c6714bc08d8ce098391f88456427 Mon Sep 17 00:00:00 2001
From: bengris32 <bengris32@protonmail.ch>
Date: Wed, 31 Aug 2022 10:05:28 +0100
Subject: [PATCH] sepolicy: basic: non_plat: Seperate Core NFC data from vendor
 * Required to pass new SEPolicy tests.

Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: I9d137c9e156692b798161afae7e61b604d839cda
---
 basic/non_plat/file.te            | 1 +
 basic/non_plat/file_contexts      | 2 +-
 basic/non_plat/hal_nfc_default.te | 6 ++----
 3 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/basic/non_plat/file.te b/basic/non_plat/file.te
index b7220ad..696f1b1 100644
--- a/basic/non_plat/file.te
+++ b/basic/non_plat/file.te
@@ -436,6 +436,7 @@ type cct_data_file, file_type, data_file_type;
 type mediaserver_data_file, file_type, data_file_type;
 type mediacodec_data_file, file_type, data_file_type;
 type connsyslog_data_vendor_file, file_type, data_file_type;
+type nfc_data_vendor_file, file_type, data_file_type;
 
 # AAO
 type data_vendor_aao_file, file_type, data_file_type;
diff --git a/basic/non_plat/file_contexts b/basic/non_plat/file_contexts
index 59e82fd..f22d38f 100644
--- a/basic/non_plat/file_contexts
+++ b/basic/non_plat/file_contexts
@@ -25,7 +25,7 @@
 /data/mdl(/.*)?                     u:object_r:mdlog_data_file:s0
 /data/mdl3(/.*)?                    u:object_r:mdlog_data_file:s0
 /data/nfc(/.*)?                     u:object_r:nfc_data_file:s0
-/data/vendor/nfc(/.*)?                     u:object_r:nfc_data_file:s0
+/data/vendor/nfc(/.*)?              u:object_r:nfc_data_vendor_file:s0
 /data/nfc_socket(/.*)?              u:object_r:nfc_socket_file:s0
 /data/vendor/nfc_socket(/.*)?       u:object_r:vendor_nfc_socket_file:s0
 /data/vendor/md3(/.*)?              u:object_r:c2k_file:s0
diff --git a/basic/non_plat/hal_nfc_default.te b/basic/non_plat/hal_nfc_default.te
index 0799c7d..4be08d9 100644
--- a/basic/non_plat/hal_nfc_default.te
+++ b/basic/non_plat/hal_nfc_default.te
@@ -1,4 +1,2 @@
-typeattribute hal_nfc_default data_between_core_and_vendor_violators;
-
-allow hal_nfc_default nfc_data_file:dir rw_dir_perms;
-allow hal_nfc_default nfc_data_file:file { create_file_perms rw_file_perms };
+allow hal_nfc_default nfc_data_vendor_file:dir rw_dir_perms;
+allow hal_nfc_default nfc_data_vendor_file:file { create_file_perms rw_file_perms };