diff --git a/whitechapel/vendor/google/dumpstate.te b/whitechapel/vendor/google/dumpstate.te index d4dd87b0..cdf6e8ef 100644 --- a/whitechapel/vendor/google/dumpstate.te +++ b/whitechapel/vendor/google/dumpstate.te @@ -1,6 +1,6 @@ dump_hal(hal_telephony) dump_hal(hal_graphics_composer) -dump_hal(hal_uwb) +dump_hal(hal_uwb_vendor) userdebug_or_eng(` allow dumpstate media_rw_data_file:file append; diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 11445e44..639f7d49 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -348,7 +348,7 @@ # Uwb # R4 -/vendor/bin/hw/hardware\.qorvo\.uwb-service u:object_r:hal_uwb_default_exec:s0 +/vendor/bin/hw/hardware\.qorvo\.uwb-service u:object_r:hal_uwb_vendor_default_exec:s0 # RILD files /data/vendor/rild(/.*)? u:object_r:rild_vendor_data_file:s0 diff --git a/whitechapel/vendor/google/hal_uwb.te b/whitechapel/vendor/google/hal_uwb.te deleted file mode 100644 index d0995686..00000000 --- a/whitechapel/vendor/google/hal_uwb.te +++ /dev/null @@ -1,15 +0,0 @@ -# HwBinder IPC from client to server -binder_call(hal_uwb_client, hal_uwb_server) -binder_call(hal_uwb_server, hal_uwb_client) - -hal_attribute_service(hal_uwb, hal_uwb_service) - -binder_call(hal_uwb_server, servicemanager) - -# allow hal_uwb to set wpan interfaces up and down -allow hal_uwb self:udp_socket create_socket_perms; -allowxperm hal_uwb self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL }; -allow hal_uwb self:global_capability_class_set { net_admin }; - -# allow hal_uwb to speak to nl802154 in the kernel -allow hal_uwb self:netlink_generic_socket create_socket_perms_no_ioctl; diff --git a/whitechapel/vendor/google/hal_uwb_default.te b/whitechapel/vendor/google/hal_uwb_default.te deleted file mode 100644 index 2d513b61..00000000 --- a/whitechapel/vendor/google/hal_uwb_default.te +++ /dev/null @@ -1,8 +0,0 @@ -type hal_uwb_default, domain; -type hal_uwb_default_exec, vendor_file_type, exec_type, file_type; -init_daemon_domain(hal_uwb_default) - -add_service(hal_uwb_default, hal_uwb_service) - -hal_server_domain(hal_uwb_default, hal_uwb) -binder_call(hal_uwb_default, uwb_vendor_app) diff --git a/whitechapel/vendor/google/hal_uwb_vendor.te b/whitechapel/vendor/google/hal_uwb_vendor.te new file mode 100644 index 00000000..ccfc1705 --- /dev/null +++ b/whitechapel/vendor/google/hal_uwb_vendor.te @@ -0,0 +1,15 @@ +# HwBinder IPC from client to server +binder_call(hal_uwb_vendor_client, hal_uwb_vendor_server) +binder_call(hal_uwb_vendor_server, hal_uwb_vendor_client) + +hal_attribute_service(hal_uwb_vendor, hal_uwb_vendor_service) + +binder_call(hal_uwb_vendor_server, servicemanager) + +# allow hal_uwb_vendor to set wpan interfaces up and down +allow hal_uwb_vendor self:udp_socket create_socket_perms; +allowxperm hal_uwb_vendor self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR SIOCETHTOOL }; +allow hal_uwb_vendor self:global_capability_class_set { net_admin }; + +# allow hal_uwb_vendor to speak to nl802154 in the kernel +allow hal_uwb_vendor self:netlink_generic_socket create_socket_perms_no_ioctl; diff --git a/whitechapel/vendor/google/hal_uwb_vendor_default.te b/whitechapel/vendor/google/hal_uwb_vendor_default.te new file mode 100644 index 00000000..31b392be --- /dev/null +++ b/whitechapel/vendor/google/hal_uwb_vendor_default.te @@ -0,0 +1,8 @@ +type hal_uwb_vendor_default, domain; +type hal_uwb_vendor_default_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(hal_uwb_vendor_default) + +add_service(hal_uwb_vendor_default, hal_uwb_vendor_service) + +hal_server_domain(hal_uwb_vendor_default, hal_uwb_vendor) +binder_call(hal_uwb_vendor_default, uwb_vendor_app) diff --git a/whitechapel/vendor/google/service.te b/whitechapel/vendor/google/service.te index 99e99483..357dffe4 100644 --- a/whitechapel/vendor/google/service.te +++ b/whitechapel/vendor/google/service.te @@ -1,4 +1,4 @@ type hal_pixel_display_service, service_manager_type, vendor_service; type uwb_vendor_service, service_manager_type, vendor_service; type touch_context_service, service_manager_type, vendor_service; -type hal_uwb_service, service_manager_type, vendor_service; +type hal_uwb_vendor_service, service_manager_type, vendor_service; diff --git a/whitechapel/vendor/google/service_contexts b/whitechapel/vendor/google/service_contexts index 687f8cc8..6fb9de1f 100644 --- a/whitechapel/vendor/google/service_contexts +++ b/whitechapel/vendor/google/service_contexts @@ -1,4 +1,4 @@ com.google.hardware.pixel.display.IDisplay/default u:object_r:hal_pixel_display_service:s0 com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0 uwb_vendor u:object_r:uwb_vendor_service:s0 -hardware.qorvo.uwb.IUwb/default u:object_r:hal_uwb_service:s0 +hardware.qorvo.uwb.IUwb/default u:object_r:hal_uwb_vendor_service:s0 diff --git a/whitechapel/vendor/google/uwb_vendor_app.te b/whitechapel/vendor/google/uwb_vendor_app.te index e0a9ebc9..f1124b28 100644 --- a/whitechapel/vendor/google/uwb_vendor_app.te +++ b/whitechapel/vendor/google/uwb_vendor_app.te @@ -5,14 +5,14 @@ app_domain(uwb_vendor_app) add_service(uwb_vendor_app, uwb_vendor_service) not_recovery(` -hal_client_domain(uwb_vendor_app, hal_uwb) +hal_client_domain(uwb_vendor_app, hal_uwb_vendor) allow uwb_vendor_app app_api_service:service_manager find; -allow uwb_vendor_app hal_uwb_service:service_manager find; +allow uwb_vendor_app hal_uwb_vendor_service:service_manager find; allow uwb_vendor_app nfc_service:service_manager find; allow uwb_vendor_app uwb_vendor_data_file:file create_file_perms; allow uwb_vendor_app uwb_vendor_data_file:dir create_dir_perms; -binder_call(uwb_vendor_app, hal_uwb_default) +binder_call(uwb_vendor_app, hal_uwb_vendor_default) ')