android.hardware.usb.IUsb AIDL migration
android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.
[ 37.177042] type=1400 audit(1645536157.528:3): avc: denied { wake_alarm } for comm="android.hardwar" capability=35 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[ 37.177139] type=1400 audit(1645536157.528:4): avc: denied { block_suspend } for comm="android.hardwar" capability=36 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[ 39.936357] type=1400 audit(1645536160.292:5): avc: denied { call } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
[ 39.936403] type=1400 audit(1645536160.292:6): avc: denied { transfer } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
...
[ 42.845054] type=1400 audit(1645550991.268:8): avc: denied { read } for comm="HwBinder:860_1" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[ 42.877781] type=1400 audit(1645550991.268:9): avc: denied { open } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[ 42.915532] type=1400 audit(1645550991.268:10): avc: denied { getattr } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[ 42.962130] type=1400 audit(1645550991.268:11): avc: denied { map } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[ 43.003097] type=1400 audit(1645550991.268:12): avc: denied { watch watch_reads } for comm="HwBinder:860_1" path="/dev/usb-ffs/adb" dev="functionfs" ino=40814 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:functionfs:s0 tclass=dir permissive=1
[ 43.024529] type=1400 audit(1645550991.268:13): avc: denied { write } for comm="HwBinder:860_1" name="property_service" dev="tmpfs" ino=376 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
[ 43.057605] type=1400 audit(1645550991.268:14): avc: denied { connectto } for comm="HwBinder:860_1" path="/dev/socket/property_service" scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1
[ 43.084549] type=1107 audit(1645550991.268:15): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.usb.dwc3_irq pid=860 uid=0 gid=0 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=1'
Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
This commit is contained in:
Badhri Jagan Sridharan
parent
d355e26031
commit
775523d1eb
5 changed files with 34 additions and 1 deletions
|
|
@ -102,3 +102,6 @@ type sysfs_sjtag, fs_type, sysfs_type;
|
||||||
userdebug_or_eng(`
|
userdebug_or_eng(`
|
||||||
typeattribute sysfs_sjtag mlstrustedobject;
|
typeattribute sysfs_sjtag mlstrustedobject;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
# USB-C throttling stats
|
||||||
|
type sysfs_usbc_throttling_stats, sysfs_type, fs_type;
|
||||||
|
|
|
||||||
|
|
@ -34,7 +34,8 @@
|
||||||
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.goodix u:object_r:hal_fingerprint_default_exec:s0
|
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.goodix u:object_r:hal_fingerprint_default_exec:s0
|
||||||
/vendor/bin/hw/android\.hardware\.nfc@1\.2-service\.st u:object_r:hal_nfc_default_exec:s0
|
/vendor/bin/hw/android\.hardware\.nfc@1\.2-service\.st u:object_r:hal_nfc_default_exec:s0
|
||||||
/vendor/bin/hw/vendor\.google\.wireless_charger@1\.3-service-vendor u:object_r:hal_wlc_exec:s0
|
/vendor/bin/hw/vendor\.google\.wireless_charger@1\.3-service-vendor u:object_r:hal_wlc_exec:s0
|
||||||
/vendor/bin/hw/android\.hardware\.usb@1\.3-service\.gs201 u:object_r:hal_usb_impl_exec:s0
|
/vendor/bin/hw/android\.hardware\.usb-service u:object_r:hal_usb_impl_exec:s0
|
||||||
|
/vendor/bin/hw/android\.hardware\.usb\.gadget-service u:object_r:hal_usb_gadget_impl_exec:s0
|
||||||
/vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0
|
/vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0
|
||||||
/vendor/bin/hw/hardware\.qorvo\.uwb-service u:object_r:hal_uwb_vendor_default_exec:s0
|
/vendor/bin/hw/hardware\.qorvo\.uwb-service u:object_r:hal_uwb_vendor_default_exec:s0
|
||||||
/vendor/bin/rlsservice u:object_r:rlsservice_exec:s0
|
/vendor/bin/rlsservice u:object_r:rlsservice_exec:s0
|
||||||
|
|
|
||||||
|
|
@ -215,3 +215,8 @@ genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_t
|
||||||
# SJTAG
|
# SJTAG
|
||||||
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
|
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
|
||||||
genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0
|
genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0
|
||||||
|
|
||||||
|
# USB-C throttling stats
|
||||||
|
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/cleared_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||||
|
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/hysteresis_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||||
|
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/trip_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||||
|
|
|
||||||
10
whitechapel_pro/hal_usb_gadget_impl.te
Normal file
10
whitechapel_pro/hal_usb_gadget_impl.te
Normal file
|
|
@ -0,0 +1,10 @@
|
||||||
|
type hal_usb_gadget_impl, domain;
|
||||||
|
hal_server_domain(hal_usb_gadget_impl, hal_usb)
|
||||||
|
hal_server_domain(hal_usb_gadget_impl, hal_usb_gadget)
|
||||||
|
|
||||||
|
type hal_usb_gadget_impl_exec, vendor_file_type, exec_type, file_type;
|
||||||
|
init_daemon_domain(hal_usb_gadget_impl)
|
||||||
|
|
||||||
|
allow hal_usb_gadget_impl configfs:dir { create rmdir };
|
||||||
|
allow hal_usb_gadget_impl functionfs:dir { watch watch_reads };
|
||||||
|
set_prop(hal_usb_gadget_impl, vendor_usb_config_prop)
|
||||||
|
|
@ -10,3 +10,17 @@ allow hal_usb_impl functionfs:dir { watch watch_reads };
|
||||||
|
|
||||||
allow hal_usb_impl sysfs_batteryinfo:dir r_dir_perms;
|
allow hal_usb_impl sysfs_batteryinfo:dir r_dir_perms;
|
||||||
allow hal_usb_impl sysfs_batteryinfo:file rw_file_perms;
|
allow hal_usb_impl sysfs_batteryinfo:file rw_file_perms;
|
||||||
|
|
||||||
|
# Needed for reporting Usb Overheat suez event through statsd
|
||||||
|
allow hal_usb_impl fwk_stats_service:service_manager find;
|
||||||
|
binder_call(hal_usb_impl, servicemanager)
|
||||||
|
|
||||||
|
# Needed for monitoring usb port temperature
|
||||||
|
allow hal_usb_impl self:capability2 wake_alarm;
|
||||||
|
wakelock_use(hal_usb_impl);
|
||||||
|
|
||||||
|
# For interfacing with ThermalHAL
|
||||||
|
hal_client_domain(hal_usb_impl, hal_thermal);
|
||||||
|
|
||||||
|
# For reading the usb-c throttling stats
|
||||||
|
allow hal_usb_impl sysfs_usbc_throttling_stats:file r_file_perms;
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue