From 2f5496582dc965f50a2dd5aa33799e38ae6dbfdf Mon Sep 17 00:00:00 2001
From: kierancyphus <kierancyphus@google.com>
Date: Fri, 5 May 2023 16:14:32 +0800
Subject: [PATCH] DMD MDS: register proxy service and update MDS policy.

MDS is a privileged app which get its permissions from `privapp-permissions-google-product.xml`, however, part of this work requires custom SEPolicy and so those permissions have been translated in SEPolicy.

Test: Manually flash device
Bug: 270279779
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:022dd13252865e131127da6596f5ada71fbf104f)
Merged-In: I47c1a1163a7d40089d36960ed11822505a7a0a7a
Change-Id: I47c1a1163a7d40089d36960ed11822505a7a0a7a
---
 radio/dmd.te                   | 6 ++++++
 radio/modem_diagnostic_app.te  | 4 ++++
 radio/private/service_contexts | 2 ++
 radio/service.te               | 2 ++
 4 files changed, 14 insertions(+)
 create mode 100644 radio/service.te

diff --git a/radio/dmd.te b/radio/dmd.te
index 76177b50..c940eccc 100644
--- a/radio/dmd.te
+++ b/radio/dmd.te
@@ -30,3 +30,9 @@ binder_call(dmd, hwservicemanager)
 binder_call(dmd, modem_diagnostic_app)
 binder_call(dmd, modem_logging_control)
 binder_call(dmd, vendor_telephony_silentlogging_app)
+
+# Allow proxy to register as android Service
+binder_use(dmd)
+add_service(dmd, liboemservice_proxy)
+allow dmd radio_vendor_data_file:dir create_dir_perms;
+allow dmd radio_vendor_data_file:file create_file_perms;
diff --git a/radio/modem_diagnostic_app.te b/radio/modem_diagnostic_app.te
index 8c4a0cac..02af0235 100644
--- a/radio/modem_diagnostic_app.te
+++ b/radio/modem_diagnostic_app.te
@@ -34,4 +34,8 @@ userdebug_or_eng(`
   allow modem_diagnostic_app sysfs_batteryinfo:dir search;
 
   dontaudit modem_diagnostic_app default_prop:file r_file_perms;
+
+  # Modem Log Mask Library Permissions
+  binder_call(modem_diagnostic_app, liboemservice_proxy)
+  allow modem_diagnostic_app liboemservice_proxy:service_manager find;
 ')
diff --git a/radio/private/service_contexts b/radio/private/service_contexts
index 84ef341b..00032283 100644
--- a/radio/private/service_contexts
+++ b/radio/private/service_contexts
@@ -1,2 +1,4 @@
 telephony.oem.oemrilhook        u:object_r:radio_service:s0
 
+# DMD oemservice aidl proxy
+com.google.pixel.modem.logmasklibrary.ILiboemserviceProxy/default                 u:object_r:liboemservice_proxy:s0
diff --git a/radio/service.te b/radio/service.te
new file mode 100644
index 00000000..620a3d4b
--- /dev/null
+++ b/radio/service.te
@@ -0,0 +1,2 @@
+# dmd liboemservice_proxy
+type liboemservice_proxy, hal_service_type, service_manager_type;