From 3dc01cbd483824ae43ed7385fa098f06c50fd87e Mon Sep 17 00:00:00 2001 From: Wayne Lin Date: Sat, 13 Jan 2024 00:35:50 +0800 Subject: [PATCH] gps: refine iGNSS build system - sepolicy Bug: 318310869 Bug: 315915958 Test: build pass and GPS function works Change-Id: I6329298f89a03a10dc9c8e1579baa4060d85c30c --- caiman/file_contexts | 11 ----------- caiman/gnss_check.te | 9 --------- caiman/gnssd.te | 23 ----------------------- caiman/hal_gnss_default.te | 3 --- caiman/rild.te | 1 - caiman/sctd.te | 3 --- caiman/spad.te | 3 --- caiman/swcnd.te | 3 --- komodo/file_contexts | 11 ----------- komodo/gnss_check.te | 9 --------- komodo/gnssd.te | 23 ----------------------- komodo/hal_gnss_default.te | 3 --- komodo/rild.te | 1 - komodo/sctd.te | 3 --- komodo/spad.te | 3 --- komodo/swcnd.te | 3 --- ripcurrent24/file_contexts | 11 ----------- ripcurrent24/gnss_check.te | 9 --------- ripcurrent24/gnssd.te | 23 ----------------------- ripcurrent24/hal_gnss_default.te | 3 --- ripcurrent24/rild.te | 1 - ripcurrent24/sctd.te | 3 --- ripcurrent24/spad.te | 3 --- ripcurrent24/swcnd.te | 3 --- tokay/file_contexts | 11 ----------- tokay/gnss_check.te | 9 --------- tokay/gnssd.te | 23 ----------------------- tokay/hal_gnss_default.te | 3 --- tokay/rild.te | 1 - tokay/sctd.te | 3 --- tokay/spad.te | 3 --- tokay/swcnd.te | 3 --- 32 files changed, 224 deletions(-) delete mode 100644 caiman/gnss_check.te delete mode 100644 caiman/gnssd.te delete mode 100644 caiman/hal_gnss_default.te delete mode 100644 caiman/rild.te delete mode 100644 caiman/sctd.te delete mode 100644 caiman/spad.te delete mode 100644 caiman/swcnd.te delete mode 100644 komodo/gnss_check.te delete mode 100644 komodo/gnssd.te delete mode 100644 komodo/hal_gnss_default.te delete mode 100644 komodo/rild.te delete mode 100644 komodo/sctd.te delete mode 100644 komodo/spad.te delete mode 100644 komodo/swcnd.te delete mode 100644 ripcurrent24/gnss_check.te delete mode 100644 ripcurrent24/gnssd.te delete mode 100644 ripcurrent24/hal_gnss_default.te delete mode 100644 ripcurrent24/rild.te delete mode 100644 ripcurrent24/sctd.te delete mode 100644 ripcurrent24/spad.te delete mode 100644 ripcurrent24/swcnd.te delete mode 100644 tokay/gnss_check.te delete mode 100644 tokay/gnssd.te delete mode 100644 tokay/hal_gnss_default.te delete mode 100644 tokay/rild.te delete mode 100644 tokay/sctd.te delete mode 100644 tokay/spad.te delete mode 100644 tokay/swcnd.te diff --git a/caiman/file_contexts b/caiman/file_contexts index 2cc3a039..cdb38af4 100644 --- a/caiman/file_contexts +++ b/caiman/file_contexts @@ -14,14 +14,3 @@ /dev/lwis-sensor-taotie-tele u:object_r:lwis_device:s0 /dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 /dev/lwis-tof-tarasque u:object_r:lwis_device:s0 -# GPS -/dev/gnss_ipc u:object_r:vendor_gnss_device:s0 -/dev/gnss_boot u:object_r:vendor_gnss_device:s0 -/dev/gnss_dump u:object_r:vendor_gnss_device:s0 - -/vendor/bin/hw/gnssd u:object_r:gnssd_exec:s0 -/vendor/bin/hw/sctd u:object_r:sctd_exec:s0 -/vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0 -/vendor/bin/hw/spad u:object_r:spad_exec:s0 -/vendor/bin/hw/gnss-aidl-service_IGnssV2_ISlsiGnssV1 u:object_r:hal_gnss_default_exec:s0 -/vendor/bin/gnss_check\.sh u:object_r:gnss_check_exec:s0 diff --git a/caiman/gnss_check.te b/caiman/gnss_check.te deleted file mode 100644 index 31d0944f..00000000 --- a/caiman/gnss_check.te +++ /dev/null @@ -1,9 +0,0 @@ -type gnss_check, domain; -type gnss_check_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(gnss_check); - -allow gnss_check vendor_toolbox_exec:file { execute_no_trans }; - -set_prop(gnss_check, ctl_stop_prop); -set_prop(gnss_check, ctl_start_prop); diff --git a/caiman/gnssd.te b/caiman/gnssd.te deleted file mode 100644 index ea16762b..00000000 --- a/caiman/gnssd.te +++ /dev/null @@ -1,23 +0,0 @@ -type gnssd, domain; -type gnssd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(gnssd); - -# Allow gnssd to access rild -binder_call(gnssd, rild); -# binder_call(gnssd, hwservicemanager) -allow gnssd hal_exynos_rild_hwservice:hwservice_manager find; -allow gnssd radio_device:chr_file rw_file_perms; - -# Allow gnssd to acess gnss device -allow gnssd vendor_gnss_device:chr_file rw_file_perms; -allow gnssd vendor_gps_file:dir create_dir_perms; -allow gnssd vendor_gps_file:file create_file_perms; -allow gnssd vendor_gps_file:fifo_file create_file_perms; - -get_prop(gnssd, bootanim_system_prop) - -# Allow gnssd to obtain wakelock -wakelock_use(gnssd) - -# Allow a base set of permissions required for network access. -net_domain(gnssd); diff --git a/caiman/hal_gnss_default.te b/caiman/hal_gnss_default.te deleted file mode 100644 index bf1a5645..00000000 --- a/caiman/hal_gnss_default.te +++ /dev/null @@ -1,3 +0,0 @@ -binder_call(hal_gnss_default, gnssd); - -allow hal_gnss_default gnssd:unix_stream_socket connectto; diff --git a/caiman/rild.te b/caiman/rild.te deleted file mode 100644 index c620a19b..00000000 --- a/caiman/rild.te +++ /dev/null @@ -1 +0,0 @@ -binder_call(rild, gnssd) diff --git a/caiman/sctd.te b/caiman/sctd.te deleted file mode 100644 index 8966ef8a..00000000 --- a/caiman/sctd.te +++ /dev/null @@ -1,3 +0,0 @@ -type sctd, domain; -type sctd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(sctd); diff --git a/caiman/spad.te b/caiman/spad.te deleted file mode 100644 index eaf8b1c8..00000000 --- a/caiman/spad.te +++ /dev/null @@ -1,3 +0,0 @@ -type spad, domain; -type spad_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(spad); diff --git a/caiman/swcnd.te b/caiman/swcnd.te deleted file mode 100644 index c366cad8..00000000 --- a/caiman/swcnd.te +++ /dev/null @@ -1,3 +0,0 @@ -type swcnd, domain; -type swcnd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(swcnd); diff --git a/komodo/file_contexts b/komodo/file_contexts index 2cc3a039..cdb38af4 100644 --- a/komodo/file_contexts +++ b/komodo/file_contexts @@ -14,14 +14,3 @@ /dev/lwis-sensor-taotie-tele u:object_r:lwis_device:s0 /dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 /dev/lwis-tof-tarasque u:object_r:lwis_device:s0 -# GPS -/dev/gnss_ipc u:object_r:vendor_gnss_device:s0 -/dev/gnss_boot u:object_r:vendor_gnss_device:s0 -/dev/gnss_dump u:object_r:vendor_gnss_device:s0 - -/vendor/bin/hw/gnssd u:object_r:gnssd_exec:s0 -/vendor/bin/hw/sctd u:object_r:sctd_exec:s0 -/vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0 -/vendor/bin/hw/spad u:object_r:spad_exec:s0 -/vendor/bin/hw/gnss-aidl-service_IGnssV2_ISlsiGnssV1 u:object_r:hal_gnss_default_exec:s0 -/vendor/bin/gnss_check\.sh u:object_r:gnss_check_exec:s0 diff --git a/komodo/gnss_check.te b/komodo/gnss_check.te deleted file mode 100644 index 31d0944f..00000000 --- a/komodo/gnss_check.te +++ /dev/null @@ -1,9 +0,0 @@ -type gnss_check, domain; -type gnss_check_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(gnss_check); - -allow gnss_check vendor_toolbox_exec:file { execute_no_trans }; - -set_prop(gnss_check, ctl_stop_prop); -set_prop(gnss_check, ctl_start_prop); diff --git a/komodo/gnssd.te b/komodo/gnssd.te deleted file mode 100644 index ea16762b..00000000 --- a/komodo/gnssd.te +++ /dev/null @@ -1,23 +0,0 @@ -type gnssd, domain; -type gnssd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(gnssd); - -# Allow gnssd to access rild -binder_call(gnssd, rild); -# binder_call(gnssd, hwservicemanager) -allow gnssd hal_exynos_rild_hwservice:hwservice_manager find; -allow gnssd radio_device:chr_file rw_file_perms; - -# Allow gnssd to acess gnss device -allow gnssd vendor_gnss_device:chr_file rw_file_perms; -allow gnssd vendor_gps_file:dir create_dir_perms; -allow gnssd vendor_gps_file:file create_file_perms; -allow gnssd vendor_gps_file:fifo_file create_file_perms; - -get_prop(gnssd, bootanim_system_prop) - -# Allow gnssd to obtain wakelock -wakelock_use(gnssd) - -# Allow a base set of permissions required for network access. -net_domain(gnssd); diff --git a/komodo/hal_gnss_default.te b/komodo/hal_gnss_default.te deleted file mode 100644 index bf1a5645..00000000 --- a/komodo/hal_gnss_default.te +++ /dev/null @@ -1,3 +0,0 @@ -binder_call(hal_gnss_default, gnssd); - -allow hal_gnss_default gnssd:unix_stream_socket connectto; diff --git a/komodo/rild.te b/komodo/rild.te deleted file mode 100644 index c620a19b..00000000 --- a/komodo/rild.te +++ /dev/null @@ -1 +0,0 @@ -binder_call(rild, gnssd) diff --git a/komodo/sctd.te b/komodo/sctd.te deleted file mode 100644 index 8966ef8a..00000000 --- a/komodo/sctd.te +++ /dev/null @@ -1,3 +0,0 @@ -type sctd, domain; -type sctd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(sctd); diff --git a/komodo/spad.te b/komodo/spad.te deleted file mode 100644 index eaf8b1c8..00000000 --- a/komodo/spad.te +++ /dev/null @@ -1,3 +0,0 @@ -type spad, domain; -type spad_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(spad); diff --git a/komodo/swcnd.te b/komodo/swcnd.te deleted file mode 100644 index c366cad8..00000000 --- a/komodo/swcnd.te +++ /dev/null @@ -1,3 +0,0 @@ -type swcnd, domain; -type swcnd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(swcnd); diff --git a/ripcurrent24/file_contexts b/ripcurrent24/file_contexts index 9fd7a3b5..1143d5fd 100644 --- a/ripcurrent24/file_contexts +++ b/ripcurrent24/file_contexts @@ -42,14 +42,3 @@ /dev/lwis-sensor-taotie-tele u:object_r:lwis_device:s0 /dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 /dev/lwis-tof-tarasque u:object_r:lwis_device:s0 -# GPS -/dev/gnss_ipc u:object_r:vendor_gnss_device:s0 -/dev/gnss_boot u:object_r:vendor_gnss_device:s0 -/dev/gnss_dump u:object_r:vendor_gnss_device:s0 - -/vendor/bin/hw/gnssd u:object_r:gnssd_exec:s0 -/vendor/bin/hw/sctd u:object_r:sctd_exec:s0 -/vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0 -/vendor/bin/hw/spad u:object_r:spad_exec:s0 -/vendor/bin/hw/gnss-aidl-service_IGnssV2_ISlsiGnssV1 u:object_r:hal_gnss_default_exec:s0 -/vendor/bin/gnss_check\.sh u:object_r:gnss_check_exec:s0 diff --git a/ripcurrent24/gnss_check.te b/ripcurrent24/gnss_check.te deleted file mode 100644 index 31d0944f..00000000 --- a/ripcurrent24/gnss_check.te +++ /dev/null @@ -1,9 +0,0 @@ -type gnss_check, domain; -type gnss_check_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(gnss_check); - -allow gnss_check vendor_toolbox_exec:file { execute_no_trans }; - -set_prop(gnss_check, ctl_stop_prop); -set_prop(gnss_check, ctl_start_prop); diff --git a/ripcurrent24/gnssd.te b/ripcurrent24/gnssd.te deleted file mode 100644 index ea16762b..00000000 --- a/ripcurrent24/gnssd.te +++ /dev/null @@ -1,23 +0,0 @@ -type gnssd, domain; -type gnssd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(gnssd); - -# Allow gnssd to access rild -binder_call(gnssd, rild); -# binder_call(gnssd, hwservicemanager) -allow gnssd hal_exynos_rild_hwservice:hwservice_manager find; -allow gnssd radio_device:chr_file rw_file_perms; - -# Allow gnssd to acess gnss device -allow gnssd vendor_gnss_device:chr_file rw_file_perms; -allow gnssd vendor_gps_file:dir create_dir_perms; -allow gnssd vendor_gps_file:file create_file_perms; -allow gnssd vendor_gps_file:fifo_file create_file_perms; - -get_prop(gnssd, bootanim_system_prop) - -# Allow gnssd to obtain wakelock -wakelock_use(gnssd) - -# Allow a base set of permissions required for network access. -net_domain(gnssd); diff --git a/ripcurrent24/hal_gnss_default.te b/ripcurrent24/hal_gnss_default.te deleted file mode 100644 index bf1a5645..00000000 --- a/ripcurrent24/hal_gnss_default.te +++ /dev/null @@ -1,3 +0,0 @@ -binder_call(hal_gnss_default, gnssd); - -allow hal_gnss_default gnssd:unix_stream_socket connectto; diff --git a/ripcurrent24/rild.te b/ripcurrent24/rild.te deleted file mode 100644 index c620a19b..00000000 --- a/ripcurrent24/rild.te +++ /dev/null @@ -1 +0,0 @@ -binder_call(rild, gnssd) diff --git a/ripcurrent24/sctd.te b/ripcurrent24/sctd.te deleted file mode 100644 index 8966ef8a..00000000 --- a/ripcurrent24/sctd.te +++ /dev/null @@ -1,3 +0,0 @@ -type sctd, domain; -type sctd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(sctd); diff --git a/ripcurrent24/spad.te b/ripcurrent24/spad.te deleted file mode 100644 index eaf8b1c8..00000000 --- a/ripcurrent24/spad.te +++ /dev/null @@ -1,3 +0,0 @@ -type spad, domain; -type spad_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(spad); diff --git a/ripcurrent24/swcnd.te b/ripcurrent24/swcnd.te deleted file mode 100644 index c366cad8..00000000 --- a/ripcurrent24/swcnd.te +++ /dev/null @@ -1,3 +0,0 @@ -type swcnd, domain; -type swcnd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(swcnd); diff --git a/tokay/file_contexts b/tokay/file_contexts index 9c7fe8a5..025e3799 100644 --- a/tokay/file_contexts +++ b/tokay/file_contexts @@ -10,14 +10,3 @@ /dev/lwis-sensor-boitata u:object_r:lwis_device:s0 /dev/lwis-sensor-dokkaebi u:object_r:lwis_device:s0 /dev/lwis-sensor-taotie-uw u:object_r:lwis_device:s0 -# GPS -/dev/gnss_ipc u:object_r:vendor_gnss_device:s0 -/dev/gnss_boot u:object_r:vendor_gnss_device:s0 -/dev/gnss_dump u:object_r:vendor_gnss_device:s0 - -/vendor/bin/hw/gnssd u:object_r:gnssd_exec:s0 -/vendor/bin/hw/sctd u:object_r:sctd_exec:s0 -/vendor/bin/hw/swcnd u:object_r:swcnd_exec:s0 -/vendor/bin/hw/spad u:object_r:spad_exec:s0 -/vendor/bin/hw/gnss-aidl-service_IGnssV2_ISlsiGnssV1 u:object_r:hal_gnss_default_exec:s0 -/vendor/bin/gnss_check\.sh u:object_r:gnss_check_exec:s0 diff --git a/tokay/gnss_check.te b/tokay/gnss_check.te deleted file mode 100644 index 31d0944f..00000000 --- a/tokay/gnss_check.te +++ /dev/null @@ -1,9 +0,0 @@ -type gnss_check, domain; -type gnss_check_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(gnss_check); - -allow gnss_check vendor_toolbox_exec:file { execute_no_trans }; - -set_prop(gnss_check, ctl_stop_prop); -set_prop(gnss_check, ctl_start_prop); diff --git a/tokay/gnssd.te b/tokay/gnssd.te deleted file mode 100644 index ea16762b..00000000 --- a/tokay/gnssd.te +++ /dev/null @@ -1,23 +0,0 @@ -type gnssd, domain; -type gnssd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(gnssd); - -# Allow gnssd to access rild -binder_call(gnssd, rild); -# binder_call(gnssd, hwservicemanager) -allow gnssd hal_exynos_rild_hwservice:hwservice_manager find; -allow gnssd radio_device:chr_file rw_file_perms; - -# Allow gnssd to acess gnss device -allow gnssd vendor_gnss_device:chr_file rw_file_perms; -allow gnssd vendor_gps_file:dir create_dir_perms; -allow gnssd vendor_gps_file:file create_file_perms; -allow gnssd vendor_gps_file:fifo_file create_file_perms; - -get_prop(gnssd, bootanim_system_prop) - -# Allow gnssd to obtain wakelock -wakelock_use(gnssd) - -# Allow a base set of permissions required for network access. -net_domain(gnssd); diff --git a/tokay/hal_gnss_default.te b/tokay/hal_gnss_default.te deleted file mode 100644 index bf1a5645..00000000 --- a/tokay/hal_gnss_default.te +++ /dev/null @@ -1,3 +0,0 @@ -binder_call(hal_gnss_default, gnssd); - -allow hal_gnss_default gnssd:unix_stream_socket connectto; diff --git a/tokay/rild.te b/tokay/rild.te deleted file mode 100644 index c620a19b..00000000 --- a/tokay/rild.te +++ /dev/null @@ -1 +0,0 @@ -binder_call(rild, gnssd) diff --git a/tokay/sctd.te b/tokay/sctd.te deleted file mode 100644 index 8966ef8a..00000000 --- a/tokay/sctd.te +++ /dev/null @@ -1,3 +0,0 @@ -type sctd, domain; -type sctd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(sctd); diff --git a/tokay/spad.te b/tokay/spad.te deleted file mode 100644 index eaf8b1c8..00000000 --- a/tokay/spad.te +++ /dev/null @@ -1,3 +0,0 @@ -type spad, domain; -type spad_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(spad); diff --git a/tokay/swcnd.te b/tokay/swcnd.te deleted file mode 100644 index c366cad8..00000000 --- a/tokay/swcnd.te +++ /dev/null @@ -1,3 +0,0 @@ -type swcnd, domain; -type swcnd_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(swcnd);