From a4b9ad439bb11472639d499d1b94cce335a1c06b Mon Sep 17 00:00:00 2001 From: Badhri Jagan Sridharan Date: Tue, 19 Oct 2021 13:26:34 -0700 Subject: [PATCH] android.hardware.usb.IUsb AIDL migration android.hardware.usb.IUsb is migrated to AIDL and runs in its own process. android.hardware.usb.gadget.IUsbGadget is now published in its own exclusive process (android.hardware.usb.gadget-service). Creating file_context and moving the selinux linux rules for IUsbGadget implementation. Bug: 200993386 Change-Id: Ia8c24610244856490c8271433710afb57d3da157 Merged-In: Ia8c24610244856490c8271433710afb57d3da157 (cherry picked from commit 51735ba3ab65065bd79676c4b0e74f970ba1ea90) --- whitechapel/vendor/google/file_contexts | 3 ++- whitechapel/vendor/google/hal_usb_gadget_impl.te | 14 ++++++++++++++ whitechapel/vendor/google/hal_usb_impl.te | 5 ----- whitechapel/vendor/google/system_server.te | 1 + 4 files changed, 17 insertions(+), 6 deletions(-) create mode 100644 whitechapel/vendor/google/hal_usb_gadget_impl.te diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 309c8969..e7725c37 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -7,7 +7,8 @@ /(vendor|system/vendor)/bin/hw/vendor\.samsung_slsi\.hardware\.ExynosHWCServiceTW@1\.0-service u:object_r:hal_vendor_hwcservice_default_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.samsung_slsi\.hardware\.power@1\.0-service u:object_r:hal_power_default_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.samsung_slsi\.hardware\.configstore@1\.0-service u:object_r:hal_configstore_default_exec:s0 -/(vendor|system/vendor)/bin/hw/android\.hardware\.usb@1\.3-service\.gs101 u:object_r:hal_usb_impl_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.usb-service\.gs101 u:object_r:hal_usb_impl_exec:s0 +/(vendor|system/vendor)/bin/hw/android\.hardware\.usb\.gadget-service\.gs101 u:object_r:hal_usb_gadget_impl_exec:s0 /(vendor|system/vendor)/lib(64)?/libion_exynos\.so u:object_r:same_process_hal_file:s0 /(vendor|system/vendor)/lib(64)?/libOpenCL\.so u:object_r:same_process_hal_file:s0 diff --git a/whitechapel/vendor/google/hal_usb_gadget_impl.te b/whitechapel/vendor/google/hal_usb_gadget_impl.te new file mode 100644 index 00000000..5170a8ae --- /dev/null +++ b/whitechapel/vendor/google/hal_usb_gadget_impl.te @@ -0,0 +1,14 @@ +type hal_usb_gadget_impl, domain; +hal_server_domain(hal_usb_gadget_impl, hal_usb) +hal_server_domain(hal_usb_gadget_impl, hal_usb_gadget) + +type hal_usb_gadget_impl_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(hal_usb_gadget_impl) + +allow hal_usb_gadget_impl configfs:dir { create rmdir }; +allow hal_usb_gadget_impl functionfs:dir { watch watch_reads }; +set_prop(hal_usb_gadget_impl, vendor_usb_config_prop) + +allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms; +allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms; +allow hal_usb_gadget_impl sysfs_extcon:dir search; diff --git a/whitechapel/vendor/google/hal_usb_impl.te b/whitechapel/vendor/google/hal_usb_impl.te index ec640c29..736f2cc3 100644 --- a/whitechapel/vendor/google/hal_usb_impl.te +++ b/whitechapel/vendor/google/hal_usb_impl.te @@ -1,14 +1,9 @@ type hal_usb_impl, domain; hal_server_domain(hal_usb_impl, hal_usb) -hal_server_domain(hal_usb_impl, hal_usb_gadget) type hal_usb_impl_exec, vendor_file_type, exec_type, file_type; init_daemon_domain(hal_usb_impl) -allow hal_usb_impl configfs:dir { create rmdir }; -allow hal_usb_impl functionfs:dir { watch watch_reads }; -set_prop(hal_usb_impl, vendor_usb_config_prop) - allow hal_usb_impl sysfs_batteryinfo:dir r_dir_perms; allow hal_usb_impl sysfs_batteryinfo:file rw_file_perms; allow hal_usb_impl sysfs_extcon:dir search; diff --git a/whitechapel/vendor/google/system_server.te b/whitechapel/vendor/google/system_server.te index b2563949..abae67c1 100644 --- a/whitechapel/vendor/google/system_server.te +++ b/whitechapel/vendor/google/system_server.te @@ -3,6 +3,7 @@ binder_call(system_server, gpsd); binder_call(system_server, hal_camera_default); # Allow system server to find vendor uwb service allow system_server uwb_vendor_service:service_manager find; +allow system_server hal_usb_service:service_manager find; # pixelstats_vendor/OrientationCollector binder_call(system_server, pixelstats_vendor)