review init-insmod-sh

Bug: 196916111 Test: boot to home Change-Id: I085ff319e08c65cfc3d51fb480259fa137f8e3f3
2021-10-04 10:22:56 +08:00 · 2021-10-04 10:22:56 +08:00 · 16c10d6a33
commit 16c10d6a33
parent cccebb9eaf
9 changed files with 14 additions and 16 deletions
--- a/legacy/file_contexts
+++ b/legacy/file_contexts
@ -115,9 +115,6 @@
 # Contexthub
 /vendor/bin/hw/android\.hardware\.contexthub-service\.generic               u:object_r:hal_contexthub_default_exec:s0

-# Kernel modules related
-/vendor/bin/init\.insmod\.sh    u:object_r:init-insmod-sh_exec:s0
-
 # Bluetooth
 /(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.1-service\.bcmbtlinux    u:object_r:hal_bluetooth_btlinux_exec:s0
 /dev/wbrc                           u:object_r:wb_coexistence_dev:s0
--- a/legacy/property.te
+++ b/legacy/property.te
@ -1,7 +1,6 @@
 # For Exynos Properties
 vendor_internal_prop(vendor_prop)
 vendor_internal_prop(sensors_prop)
-vendor_internal_prop(vendor_device_prop)
 # vendor defaults
 vendor_internal_prop(vendor_config_default_prop)
 vendor_internal_prop(vendor_ro_sys_default_prop)
--- a/legacy/property_contexts
+++ b/legacy/property_contexts
@ -1,12 +1,6 @@
 # Ramdump
 persist.vendor.sys.crash_rcu    u:object_r:vendor_ramdump_prop:s0

-# Kernel modules related
-vendor.common.modules.ready     u:object_r:vendor_device_prop:s0
-vendor.device.modules.ready     u:object_r:vendor_device_prop:s0
-vendor.all.modules.ready        u:object_r:vendor_device_prop:s0
-vendor.all.devices.ready        u:object_r:vendor_device_prop:s0
-
 # for codec2
 vendor.debug.c2.level       u:object_r:vendor_codec2_debug_prop:s0
 vendor.debug.c2.dump        u:object_r:vendor_codec2_debug_prop:s0
--- a/legacy/vendor_init.te
+++ b/legacy/vendor_init.te
@ -1,4 +1,3 @@
-set_prop(vendor_init, vendor_device_prop)
 set_prop(vendor_init, vendor_modem_prop)
 set_prop(vendor_init, vendor_rild_prop)
 set_prop(vendor_init, vendor_usb_config_prop)
--- a/whitechapel_pro/file_contexts
+++ b/whitechapel_pro/file_contexts
@ -11,6 +11,7 @@
 /vendor/bin/storageproxyd                                                   u:object_r:tee_exec:s0
 /vendor/bin/init\.radio\.sh                                                 u:object_r:init_radio_exec:s0
 /vendor/bin/tcpdump_logger                                                  u:object_r:tcpdump_logger_exec:s0
+/vendor/bin/init\.insmod\.sh                                                u:object_r:init-insmod-sh_exec:s0
 /vendor/bin/hw/android\.hardware\.secure_element@1\.2-service-gto           u:object_r:hal_secure_element_gto_exec:s0
 /vendor/bin/hw/android\.hardware\.secure_element@1\.2-service-gto-ese2      u:object_r:hal_secure_element_gto_ese2_exec:s0
 /vendor/bin/hw/android\.hardware\.secure_element@1\.2-uicc-service          u:object_r:hal_secure_element_uicc_exec:s0
--- a/whitechapel_pro/init-insmod-sh.te
+++ b/whitechapel_pro/init-insmod-sh.te
@ -3,14 +3,9 @@ type init-insmod-sh_exec, vendor_file_type, exec_type, file_type;
 init_daemon_domain(init-insmod-sh)

 allow init-insmod-sh self:capability sys_module;
-allow init-insmod-sh sysfs_leds:dir r_dir_perms;
 allow init-insmod-sh vendor_kernel_modules:system module_load;
 allow init-insmod-sh vendor_toolbox_exec:file execute_no_trans;

 set_prop(init-insmod-sh, vendor_device_prop)

-userdebug_or_eng(`
-  allow init-insmod-sh vendor_regmap_debugfs:dir search;
-')
-
 dontaudit init-insmod-sh proc_cmdline:file r_file_perms;
--- a/whitechapel_pro/property.te
+++ b/whitechapel_pro/property.te
@ -14,4 +14,6 @@ vendor_internal_prop(vendor_battery_defender_prop)
 vendor_internal_prop(vendor_camera_prop)
 vendor_internal_prop(vendor_usb_config_prop)
 vendor_internal_prop(vendor_tcpdump_log_prop)
+vendor_internal_prop(vendor_device_prop)
+vendor_internal_prop(vendor_ready_prop)

--- a/whitechapel_pro/property_contexts
+++ b/whitechapel_pro/property_contexts
@ -4,6 +4,14 @@ persist.vendor.sys.diag.                   u:object_r:vendor_diag_prop:s0
 vendor.sys.dmd.                            u:object_r:vendor_diag_prop:s0
 vendor.sys.diag.                           u:object_r:vendor_diag_prop:s0

+# Kernel modules related
+vendor.common.modules.ready                u:object_r:vendor_device_prop:s0
+vendor.device.modules.ready                u:object_r:vendor_device_prop:s0
+
+# Indicating signal that all modules and devices are ready
+vendor.all.modules.ready                   u:object_r:vendor_ready_prop:s0
+vendor.all.devices.ready                   u:object_r:vendor_ready_prop:s0
+
 # Tcpdump_logger
 persist.vendor.tcpdump.log.alwayson        u:object_r:vendor_tcpdump_log_prop:s0
 vendor.tcpdump.                            u:object_r:vendor_tcpdump_log_prop:s0
--- a/whitechapel_pro/vendor_init.te
+++ b/whitechapel_pro/vendor_init.te
@ -3,4 +3,7 @@ allow vendor_init bootdevice_sysdev:file create_file_perms;
 set_prop(vendor_init, vendor_ssrdump_prop)
 set_prop(vendor_init, vendor_carrier_prop)
 set_prop(vendor_init, vendor_cbd_prop)
+set_prop(vendor_init, vendor_ready_prop)
 get_prop(vendor_init, vendor_battery_profile_prop)
+get_prop(vendor_init, vendor_device_prop)
+