From 2833eecc4936fc028f07f3bcb13606f8caf56cd9 Mon Sep 17 00:00:00 2001
From: Eileen Lai <eileenisgood@google.com>
Date: Fri, 6 Dec 2024 09:23:51 +0000
Subject: [PATCH 1/2] modem_svc: move shared_modem_platform related sepolicy to
 gs-common

Bug: 372400955

Change-Id: I8b08e5b7789a5b2bf027deed0afc97f87ca25f3f
Flag: NONE local testing only
---
 modem/shared_modem_platform/sepolicy/file_contexts    | 2 ++
 modem/shared_modem_platform/sepolicy/modem_svc_sit.te | 2 ++
 modem/shared_modem_platform/shared_modem_platform.mk  | 2 +-
 3 files changed, 5 insertions(+), 1 deletion(-)
 create mode 100644 modem/shared_modem_platform/sepolicy/file_contexts
 create mode 100644 modem/shared_modem_platform/sepolicy/modem_svc_sit.te

diff --git a/modem/shared_modem_platform/sepolicy/file_contexts b/modem/shared_modem_platform/sepolicy/file_contexts
new file mode 100644
index 0000000..d6f4a74
--- /dev/null
+++ b/modem/shared_modem_platform/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+# modem_svc_sit
+/vendor/bin/shared_modem_platform   u:object_r:modem_svc_sit_exec:s0
\ No newline at end of file
diff --git a/modem/shared_modem_platform/sepolicy/modem_svc_sit.te b/modem/shared_modem_platform/sepolicy/modem_svc_sit.te
new file mode 100644
index 0000000..b1ed074
--- /dev/null
+++ b/modem/shared_modem_platform/sepolicy/modem_svc_sit.te
@@ -0,0 +1,2 @@
+# Modem SVC will register the default instance of the AIDL ISharedModemPlatform hal.
+hal_server_domain(modem_svc_sit, hal_shared_modem_platform)
diff --git a/modem/shared_modem_platform/shared_modem_platform.mk b/modem/shared_modem_platform/shared_modem_platform.mk
index 3f50c37..0a3be6d 100644
--- a/modem/shared_modem_platform/shared_modem_platform.mk
+++ b/modem/shared_modem_platform/shared_modem_platform.mk
@@ -8,4 +8,4 @@ SOONG_CONFIG_shared_modem_platform_vendor := $(SHARED_MODEM_PLATFORM_VENDOR)
 
 PRODUCT_PACKAGES += shared_modem_platform
 DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/modem/shared_modem_platform/compatibility_matrix.xml
-BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/modem/shared_modem_platform/sepolicy
+BOARD_SEPOLICY_DIRS += device/google/gs-common/modem/shared_modem_platform/sepolicy

From 8112ee64cc93db0c674bec442b2419e9ea6249a4 Mon Sep 17 00:00:00 2001
From: Eileen Lai <eileenisgood@google.com>
Date: Fri, 6 Dec 2024 12:49:05 +0000
Subject: [PATCH 2/2] modem_svc: add modem_svc_sit to solve sepolicy conflicts
 arising from different device versions

Add modem_svc_sit to gs-common. modem_svc_sit will support devices from gs101 to zuma_pro. The shared_modem_platform will be updated to support devices after zumapro (not include).

Bug: 372400955

Flag: NONE local testing only
Change-Id: I0bcc9baf69045327e6fcca92ab8003e303db2649
---
 modem/modem_svc_sit/compatibility_matrix.xml       | 11 +++++++++++
 modem/modem_svc_sit/sepolicy/attributes            |  1 +
 modem/modem_svc_sit/sepolicy/file_contexts         |  2 ++
 .../sepolicy/hal_shared_modem_platform.te          |  8 ++++++++
 .../sepolicy/modem_svc_sit.te                      |  0
 modem/modem_svc_sit/sepolicy/service.te            |  2 ++
 modem/modem_svc_sit/sepolicy/service_contexts      |  2 ++
 modem/modem_svc_sit/shared_modem_platform.mk       | 14 ++++++++++++++
 modem/shared_modem_platform/sepolicy/file_contexts |  4 ++--
 .../sepolicy/shared_modem_platform.te              |  2 ++
 .../shared_modem_platform/shared_modem_platform.mk |  2 ++
 11 files changed, 46 insertions(+), 2 deletions(-)
 create mode 100644 modem/modem_svc_sit/compatibility_matrix.xml
 create mode 100644 modem/modem_svc_sit/sepolicy/attributes
 create mode 100644 modem/modem_svc_sit/sepolicy/file_contexts
 create mode 100644 modem/modem_svc_sit/sepolicy/hal_shared_modem_platform.te
 rename modem/{shared_modem_platform => modem_svc_sit}/sepolicy/modem_svc_sit.te (100%)
 create mode 100644 modem/modem_svc_sit/sepolicy/service.te
 create mode 100644 modem/modem_svc_sit/sepolicy/service_contexts
 create mode 100644 modem/modem_svc_sit/shared_modem_platform.mk
 create mode 100644 modem/shared_modem_platform/sepolicy/shared_modem_platform.te

diff --git a/modem/modem_svc_sit/compatibility_matrix.xml b/modem/modem_svc_sit/compatibility_matrix.xml
new file mode 100644
index 0000000..14d987a
--- /dev/null
+++ b/modem/modem_svc_sit/compatibility_matrix.xml
@@ -0,0 +1,11 @@
+<compatibility-matrix version="1.0" type="framework">
+    <!-- Optional since older devices will not register any services. -->
+    <hal format="aidl" optional="true">
+        <name>com.google.pixel.shared_modem_platform</name>
+        <version>3</version>
+        <interface>
+            <name>ISharedModemPlatform</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+</compatibility-matrix>
diff --git a/modem/modem_svc_sit/sepolicy/attributes b/modem/modem_svc_sit/sepolicy/attributes
new file mode 100644
index 0000000..2cc802d
--- /dev/null
+++ b/modem/modem_svc_sit/sepolicy/attributes
@@ -0,0 +1 @@
+hal_attribute(shared_modem_platform)
diff --git a/modem/modem_svc_sit/sepolicy/file_contexts b/modem/modem_svc_sit/sepolicy/file_contexts
new file mode 100644
index 0000000..d6f4a74
--- /dev/null
+++ b/modem/modem_svc_sit/sepolicy/file_contexts
@@ -0,0 +1,2 @@
+# modem_svc_sit
+/vendor/bin/shared_modem_platform   u:object_r:modem_svc_sit_exec:s0
\ No newline at end of file
diff --git a/modem/modem_svc_sit/sepolicy/hal_shared_modem_platform.te b/modem/modem_svc_sit/sepolicy/hal_shared_modem_platform.te
new file mode 100644
index 0000000..8771563
--- /dev/null
+++ b/modem/modem_svc_sit/sepolicy/hal_shared_modem_platform.te
@@ -0,0 +1,8 @@
+# Allow binder connection from client to server
+binder_call(hal_shared_modem_platform_client, hal_shared_modem_platform_server)
+
+# Allow client to find the service, server to register the service
+hal_attribute_service(hal_shared_modem_platform, hal_shared_modem_platform_service)
+
+# Allow binder communication from server to service_manager
+binder_use(hal_shared_modem_platform_server)
diff --git a/modem/shared_modem_platform/sepolicy/modem_svc_sit.te b/modem/modem_svc_sit/sepolicy/modem_svc_sit.te
similarity index 100%
rename from modem/shared_modem_platform/sepolicy/modem_svc_sit.te
rename to modem/modem_svc_sit/sepolicy/modem_svc_sit.te
diff --git a/modem/modem_svc_sit/sepolicy/service.te b/modem/modem_svc_sit/sepolicy/service.te
new file mode 100644
index 0000000..0fd48ee
--- /dev/null
+++ b/modem/modem_svc_sit/sepolicy/service.te
@@ -0,0 +1,2 @@
+# define hal_shared_modem_platform_service
+type hal_shared_modem_platform_service, hal_service_type, service_manager_type;
diff --git a/modem/modem_svc_sit/sepolicy/service_contexts b/modem/modem_svc_sit/sepolicy/service_contexts
new file mode 100644
index 0000000..58232f7
--- /dev/null
+++ b/modem/modem_svc_sit/sepolicy/service_contexts
@@ -0,0 +1,2 @@
+# Bind Shared Modem Platform AIDL service name to the SELinux type.
+com.google.pixel.shared_modem_platform.ISharedModemPlatform/default u:object_r:hal_shared_modem_platform_service:s0
diff --git a/modem/modem_svc_sit/shared_modem_platform.mk b/modem/modem_svc_sit/shared_modem_platform.mk
new file mode 100644
index 0000000..6e9b05d
--- /dev/null
+++ b/modem/modem_svc_sit/shared_modem_platform.mk
@@ -0,0 +1,14 @@
+# This file is not included in `modem.mk` since this is included at the
+# beginning of each `device.mk` file, and so will be called before
+# `SHARED_MODEM_PLATFORM_VENDOR` is defined later in the file.
+# This file supoorts Whitechapel(gs101), Whitechapel Pro(gs201), Zuma, Zuma Pro.
+# This file doesn't support devices which AP is after Zuma Pro.
+# For device after Zuma Pro please use gs-common/modem/shared_modem_platform/shared_modem_platform.mk
+SOONG_CONFIG_NAMESPACES += shared_modem_platform
+SOONG_CONFIG_shared_modem_platform += \
+       vendor
+SOONG_CONFIG_shared_modem_platform_vendor := $(SHARED_MODEM_PLATFORM_VENDOR)
+
+PRODUCT_PACKAGES += shared_modem_platform
+DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/modem/modem_svc_sit/compatibility_matrix.xml
+BOARD_SEPOLICY_DIRS += device/google/gs-common/modem/modem_svc_sit/sepolicy
diff --git a/modem/shared_modem_platform/sepolicy/file_contexts b/modem/shared_modem_platform/sepolicy/file_contexts
index d6f4a74..8760799 100644
--- a/modem/shared_modem_platform/sepolicy/file_contexts
+++ b/modem/shared_modem_platform/sepolicy/file_contexts
@@ -1,2 +1,2 @@
-# modem_svc_sit
-/vendor/bin/shared_modem_platform   u:object_r:modem_svc_sit_exec:s0
\ No newline at end of file
+# shared_modem_platform
+/vendor/bin/shared_modem_platform   u:object_r:shared_modem_platform_exec:s0
\ No newline at end of file
diff --git a/modem/shared_modem_platform/sepolicy/shared_modem_platform.te b/modem/shared_modem_platform/sepolicy/shared_modem_platform.te
new file mode 100644
index 0000000..7fc7a30
--- /dev/null
+++ b/modem/shared_modem_platform/sepolicy/shared_modem_platform.te
@@ -0,0 +1,2 @@
+# Shared modem platform will register the default instance of the AIDL ISharedModemPlatform hal.
+hal_server_domain(shared_modem_platform, hal_shared_modem_platform)
diff --git a/modem/shared_modem_platform/shared_modem_platform.mk b/modem/shared_modem_platform/shared_modem_platform.mk
index 0a3be6d..3c2a109 100644
--- a/modem/shared_modem_platform/shared_modem_platform.mk
+++ b/modem/shared_modem_platform/shared_modem_platform.mk
@@ -1,6 +1,8 @@
 # This file is not included in `modem.mk` since this is included at the
 # beginning of each `device.mk` file, and so will be called before
 # `SHARED_MODEM_PLATFORM_VENDOR` is defined later in the file.
+# This file supports support devices which AP is after zumapro(not include).
+# For device before zumapro(include) please use gs-common/modem/modem_svc_sit/shared_modem_platform.mk
 SOONG_CONFIG_NAMESPACES += shared_modem_platform
 SOONG_CONFIG_shared_modem_platform += \
        vendor