From edc3d90511c3d8e1a2819f3e826693365dc09d8b Mon Sep 17 00:00:00 2001 From: Michael Bestas Date: Fri, 20 Jun 2025 18:46:29 +0300 Subject: [PATCH] gs-common: Import wfc-pkt-router configuration from gs101 Change-Id: I929c92f633494ec22b7714d1efc58ccb68c2b861 --- telephony/pktrouter.mk | 3 +++ telephony/sepolicy/device.te | 1 + telephony/sepolicy/file_contexts | 4 ++++ telephony/sepolicy/netutils_wrapper.te | 7 +++++++ telephony/sepolicy/pktrouter.te | 14 ++++++++++++++ telephony/sepolicy/property.te | 1 + telephony/sepolicy/property_contexts | 3 +++ telephony/sepolicy/vendor_init.te | 1 + 8 files changed, 34 insertions(+) create mode 100644 telephony/pktrouter.mk create mode 100644 telephony/sepolicy/device.te create mode 100644 telephony/sepolicy/file_contexts create mode 100644 telephony/sepolicy/netutils_wrapper.te create mode 100644 telephony/sepolicy/pktrouter.te create mode 100644 telephony/sepolicy/property.te create mode 100644 telephony/sepolicy/property_contexts create mode 100644 telephony/sepolicy/vendor_init.te diff --git a/telephony/pktrouter.mk b/telephony/pktrouter.mk new file mode 100644 index 0000000..7f054e6 --- /dev/null +++ b/telephony/pktrouter.mk @@ -0,0 +1,3 @@ +PRODUCT_PACKAGES += wfc-pkt-router +PRODUCT_PROPERTY_OVERRIDES += vendor.pktrouter=1 +BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/telephony/sepolicy diff --git a/telephony/sepolicy/device.te b/telephony/sepolicy/device.te new file mode 100644 index 0000000..3225bac --- /dev/null +++ b/telephony/sepolicy/device.te @@ -0,0 +1 @@ +type pktrouter_device, dev_type; diff --git a/telephony/sepolicy/file_contexts b/telephony/sepolicy/file_contexts new file mode 100644 index 0000000..f6e73db --- /dev/null +++ b/telephony/sepolicy/file_contexts @@ -0,0 +1,4 @@ +# WFC +/vendor/bin/wfc-pkt-router u:object_r:pktrouter_exec:s0 + +/dev/umts_wfc[01] u:object_r:pktrouter_device:s0 diff --git a/telephony/sepolicy/netutils_wrapper.te b/telephony/sepolicy/netutils_wrapper.te new file mode 100644 index 0000000..ff1be58 --- /dev/null +++ b/telephony/sepolicy/netutils_wrapper.te @@ -0,0 +1,7 @@ +allow netutils_wrapper pktrouter:fd use; +allow netutils_wrapper pktrouter:fifo_file write; +allow netutils_wrapper pktrouter:netlink_route_socket { read write }; +allow netutils_wrapper pktrouter:packet_socket { read write }; +allow netutils_wrapper pktrouter:rawip_socket { read write }; +allow netutils_wrapper pktrouter:udp_socket { read write }; +allow netutils_wrapper pktrouter_device:chr_file rw_file_perms; diff --git a/telephony/sepolicy/pktrouter.te b/telephony/sepolicy/pktrouter.te new file mode 100644 index 0000000..b7d2e11 --- /dev/null +++ b/telephony/sepolicy/pktrouter.te @@ -0,0 +1,14 @@ +type pktrouter, domain; +type pktrouter_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(pktrouter) +net_domain(pktrouter) + +domain_auto_trans(pktrouter, netutils_wrapper_exec, netutils_wrapper); + +allow pktrouter pktrouter_device:chr_file rw_file_perms; +allow pktrouter radio_device:chr_file r_file_perms; +allow pktrouter self:netlink_route_socket nlmsg_write; +allow pktrouter self:packet_socket { bind create read write getattr shutdown}; +allow pktrouter self:capability net_raw; + +get_prop(pktrouter, vendor_ims_prop); diff --git a/telephony/sepolicy/property.te b/telephony/sepolicy/property.te new file mode 100644 index 0000000..a3d6a39 --- /dev/null +++ b/telephony/sepolicy/property.te @@ -0,0 +1 @@ +vendor_internal_prop(vendor_ims_prop) diff --git a/telephony/sepolicy/property_contexts b/telephony/sepolicy/property_contexts new file mode 100644 index 0000000..4165d92 --- /dev/null +++ b/telephony/sepolicy/property_contexts @@ -0,0 +1,3 @@ +# for ims service +vendor.pktrouter u:object_r:vendor_ims_prop:s0 + diff --git a/telephony/sepolicy/vendor_init.te b/telephony/sepolicy/vendor_init.te new file mode 100644 index 0000000..3a86781 --- /dev/null +++ b/telephony/sepolicy/vendor_init.te @@ -0,0 +1 @@ +set_prop(vendor_init, vendor_ims_prop)