From 3c17e28269fc7545691075290631baf72dce0606 Mon Sep 17 00:00:00 2001 From: Roy Luo Date: Thu, 21 Nov 2024 22:25:31 +0000 Subject: [PATCH] Add udc sysfs to udc_sysfs fs context Meeded for system server to monitor usb gadget state. Grant hal_usb_impl read access as it's needed by UsbDataSessionMonitor. Starting at board level api 202504 due to its dependency on aosp/3337514 10956 10956 W android.hardwar: type=1400 audit(0.0:327): avc: denied { read } for name="state" dev="sysfs" ino=84394 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:sysfs_udc:s0 tclass=file permissive=0 Bug: 339241080 Test: tested on Shiba Flag: android.hardware.usb.flags.enable_udc_sysfs_usb_state_update Change-Id: Ied2d669df74a2f71771e672e27327b60e7687168 --- vendor/genfs_contexts | 5 +++++ vendor/hal_usb_impl.te | 3 +++ 2 files changed, 8 insertions(+) diff --git a/vendor/genfs_contexts b/vendor/genfs_contexts index 4384177d..4b6ad96f 100644 --- a/vendor/genfs_contexts +++ b/vendor/genfs_contexts @@ -346,3 +346,8 @@ genfscon sysfs /devices/platform/13200000.ufs/pixel/boot_lun_enabled u # CPU genfscon sysfs /kernel/metrics/cpuidle_histogram/cpuidle_histogram u:object_r:sysfs_cpu:s0 genfscon sysfs /kernel/metrics/cpuidle_histogram/cpucluster_histogram u:object_r:sysfs_cpu:s0 + +# USB +starting_at_board_api(202504, ` +genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/udc/11210000.dwc3/state u:object_r:sysfs_udc:s0 +') diff --git a/vendor/hal_usb_impl.te b/vendor/hal_usb_impl.te index 3d89a09f..2e8652ea 100644 --- a/vendor/hal_usb_impl.te +++ b/vendor/hal_usb_impl.te @@ -20,6 +20,9 @@ hal_client_domain(hal_usb_impl, hal_thermal); # For monitoring usb sysfs attributes allow hal_usb_impl sysfs_wakeup:dir search; allow hal_usb_impl sysfs_wakeup:file r_file_perms; +starting_at_board_api(202504, ` +allow hal_usb_impl sysfs_udc:file r_file_perms; +') # For metrics upload allow hal_usb_impl fwk_stats_service:service_manager find;