From 8d9e4a522f46409d23352472cab5cb6b8a9c538a Mon Sep 17 00:00:00 2001
From: swintegrator <swintegrator@mediatek.com>
Date: Sat, 18 Jan 2020 10:20:08 +0800
Subject: [PATCH] [ALPS04784782] Add SELinux sepolicy for TEEI OS communication

Add hal_graphics_allocator_default SELinux sepolicy to
enable normal/secure world communication.

This is used for secure memory allocation from graphics allocator HAL
to TEEI OS.

MTK-Commit-Id: a47f2e49b8c563fdc457443e46af591a2691a441

Change-Id: I2bdc87303310f5acdd85f0491e58644b26963838
CR-Id: ALPS04784782
Feature: Microtrust TEEI
---
 non_plat/hal_graphics_allocator_default.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/non_plat/hal_graphics_allocator_default.te b/non_plat/hal_graphics_allocator_default.te
index 4814d6c..2aaead1 100644
--- a/non_plat/hal_graphics_allocator_default.te
+++ b/non_plat/hal_graphics_allocator_default.te
@@ -21,3 +21,6 @@ allow hal_graphics_allocator_default debugfs_tracing:file open;
 allow hal_graphics_allocator_default proc_ged:file r_file_perms;
 allowxperm hal_graphics_allocator_default proc_ged:file ioctl { proc_ged_ioctls };
 
+#============= hal_graphics_allocator_default ==============
+allow hal_graphics_allocator_default teei_client_device:chr_file rw_file_perms;
+allow hal_graphics_allocator_default mobicore_user_device:chr_file rw_file_perms;