From 2f89f8a47a6250e31e761780538401df383f128e Mon Sep 17 00:00:00 2001
From: Nixy Hsu <nixy.hsu@mediatek.com>
Date: Sat, 18 Jan 2020 10:19:30 +0800
Subject: [PATCH] [ALPS04754649] gz: add mtee trusty selinux perms

fix sysfs permission for dumpstate under selinux.

MTK-Commit-Id: bca4ec3babf362b7f9d21b7c1ea8290f55d8d74c

Change-Id: I26cfbb4e959f0dbd89d46d6088284f36e6450c42
CR-Id: ALPS04754649
Feature: GenieZone
Signed-off-by: Nixy Hsu <nixy.hsu@mediatek.com>
---
 non_plat/dumpstate.te   | 3 +++
 non_plat/file.te        | 3 +++
 non_plat/genfs_contexts | 5 ++++-
 3 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/non_plat/dumpstate.te b/non_plat/dumpstate.te
index 4e23ee0..573ec58 100644
--- a/non_plat/dumpstate.te
+++ b/non_plat/dumpstate.te
@@ -174,3 +174,6 @@ allow dumpstate sysfs_adsp:file r_file_perms;
 
 #Purpose: Allow dumpstate to read /sys/kernel/debug/smi_mon
 allow dumpstate debugfs_smi_mon:file r_file_perms;
+
+# MTEE Trusty
+allow dumpstate mtee_trusty_file:file rw_file_perms;
diff --git a/non_plat/file.te b/non_plat/file.te
index a8db089..bec6021 100644
--- a/non_plat/file.te
+++ b/non_plat/file.te
@@ -385,3 +385,6 @@ type vcodec_file, file_type, data_file_type;
 
 # Date : 2019/08/24
 type sysfs_sensor, fs_type, sysfs_type;
+
+#MTEE trusty
+type mtee_trusty_file, fs_type, sysfs_type;
diff --git a/non_plat/genfs_contexts b/non_plat/genfs_contexts
index 118dd9e..6d18b6f 100644
--- a/non_plat/genfs_contexts
+++ b/non_plat/genfs_contexts
@@ -216,4 +216,7 @@ genfscon fuseblk / u:object_r:fuseblk:s0
 
 # 2019/08/24
 genfscon sysfs /class/sensor u:object_r:sysfs_sensor:s0
-genfscon sysfs /devices/virtual/sensor u:object_r:sysfs_sensor:s0
\ No newline at end of file
+genfscon sysfs /devices/virtual/sensor u:object_r:sysfs_sensor:s0
+
+# MTEE trusty
+genfscon sysfs /devices/platform/trusty u:object_r:mtee_trusty_file:s0