meta-qti-auto-sepolicy: Add sepolicy rules for sensors

Add sepolicy rules for calculating rotational
matrix and sensor position for sensor.

Change-Id: I3a641686babd71daa15c196564c9d1854ac544d7

recipes-security/auto-sepolicy/common/device/sensor_hal_daemon.fc

@@ -28,3 +28,4 @@
 /usr/bin/sensor_hal_daemon       --     gen_context(system_u:object_r:sensor_hal_daemon_exec_t,s0)
 /etc/sensors.conf                --     gen_context(system_u:object_r:sensor_hal_daemon_conf_t,s0)
 /dev/socket/sensor_client(/.*)?         gen_context(system_u:object_r:sensor_hal_daemon_socket_t,s0)
+/data/sensorhal/hal_config	--	gen_context(system_u:object_r:sensor_util_t,s0)

recipes-security/auto-sepolicy/common/device/sensor_hal_daemon.if

@@ -33,7 +33,11 @@ interface(`sensor_dev_socket',`
         type socket_device_t;
         type power_manager_daemon_t;
         type power_socket_t;
+	type data_t;
+	type sensor_util_t;
     ')
+allow $1 data_t:dir read;
+allow $1 sensor_util_t:file { read getattr open };
 allow $1 sensor_hal_daemon_socket_t:dir { read getattr open };
 allow $1 socket_device_t:dir search;
 allow $1 sensor_hal_daemon_socket_t:dir { write search add_name };

recipes-security/auto-sepolicy/common/device/sensor_hal_daemon.te

@@ -31,6 +31,16 @@ type sensor_hal_daemon_t;
 type sensor_hal_daemon_exec_t;
 type sensor_hal_daemon_socket_t;
 type sensor_hal_daemon_conf_t;
+type sensor_util_t;
+
+gen_require(`
+	type fs_t;
+	type setfiles_t;
+	type unconfined_t;
+')
+allow sensor_util_t fs_t:filesystem associate;
+allow setfiles_t sensor_util_t:file relabelto;
+allow unconfined_t sensor_util_t:file { read write getattr open };
 
 init_vendor_domain(sensor_hal_daemon_t, sensor_hal_daemon_exec_t)
 unconfined_allow_systemctl_cmds(sensor_hal_daemon_exec_t)