From db470146e8f115be41068f984c33822b1c8b9b8d Mon Sep 17 00:00:00 2001
From: Danny Wood <danwood76@gmail.com>
Date: Fri, 7 Dec 2018 12:17:33 +0000
Subject: [PATCH] universal7580: sswap: Add Sepolicy and fix init script

Change-Id: I3c6d7bafcabd0d7d12d63fdadb7853e91084c81c
---
 ramdisk/etc/init.samsungexynos7580.rc |  2 +-
 sepolicy/file_contexts                |  3 +++
 sepolicy/sswap.te                     | 20 ++++++++++++++++++++
 3 files changed, 24 insertions(+), 1 deletion(-)
 create mode 100644 sepolicy/sswap.te

diff --git a/ramdisk/etc/init.samsungexynos7580.rc b/ramdisk/etc/init.samsungexynos7580.rc
index a0b057e..44d9620 100644
--- a/ramdisk/etc/init.samsungexynos7580.rc
+++ b/ramdisk/etc/init.samsungexynos7580.rc
@@ -904,7 +904,7 @@ on property:sys.mobicoredaemon.enable=true
     start cs_service
     write /proc/iccc_ready 1
 
-service sswap /sbin/sswap -s -f 1024
+service sswap /system/bin/sswap -s -f 1024
       class core
       user root
       group root
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 6df9525..05c7a35 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -27,6 +27,8 @@
 /dev/gnss_ipc                u:object_r:gps_device:s0
 /dev/ttySAC[0-1]*            u:object_r:gps_device:s0
 
+/dev/block/vnswap0           u:object_r:sswap_device:s0
+
 /dev/block/mmcblk0p[0-9]*    u:object_r:emmcblk_device:s0
 
 /dev/block/mmcblk0p10        u:object_r:boot_block_device:s0
@@ -162,3 +164,4 @@
 
 /system/bin/cbd              u:object_r:cpboot-daemon_exec:s0
 /system/bin/gpsd             u:object_r:gpsd_exec:s0
+/system/bin/sswap            u:object_r:sswap_exec:s0
diff --git a/sepolicy/sswap.te b/sepolicy/sswap.te
new file mode 100644
index 0000000..363cde7
--- /dev/null
+++ b/sepolicy/sswap.te
@@ -0,0 +1,20 @@
+type sswap, domain;
+type sswap_exec, exec_type, file_type;
+type sswap_device, dev_type;
+
+init_daemon_domain(sswap);
+
+allow sswap sswap_device:blk_file { read write open };
+allow sswap rootfs:file { entrypoint read };
+allow sswap sysfs:file { write open read };
+allow sswap block_device:dir search;
+allow sswap self:capability sys_admin;
+
+allow sswap proc:file { open getattr read };
+allow sswap proc_meminfo:file { open read getattr };
+allow sswap property_socket:sock_file write;
+allow sswap init:unix_stream_socket connectto;
+
+allow sswap properties_device:dir { read open };
+allow sswap proc_stat:dir { read open getattr };
+allow sswap proc_stat:file { read open getattr };
-- 
2.20.1