diff --git a/radio/dmd.te b/radio/dmd.te index 76177b5..be820be 100644 --- a/radio/dmd.te +++ b/radio/dmd.te @@ -30,3 +30,4 @@ binder_call(dmd, hwservicemanager) binder_call(dmd, modem_diagnostic_app) binder_call(dmd, modem_logging_control) binder_call(dmd, vendor_telephony_silentlogging_app) +binder_call(dmd, liboemservice_proxy_default) diff --git a/radio/file_contexts b/radio/file_contexts index 8d74be8..1fcdfdd 100644 --- a/radio/file_contexts +++ b/radio/file_contexts @@ -11,6 +11,7 @@ /vendor/bin/cbd u:object_r:cbd_exec:s0 /vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0 /vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0 +/vendor/bin/liboemservice_proxy_default u:object_r:liboemservice_proxy_default_exec:s0 # Config files /vendor/etc/modem_ml_models\.conf u:object_r:modem_config_file:s0 diff --git a/radio/liboemservice_proxy.te b/radio/liboemservice_proxy.te new file mode 100644 index 0000000..9a4a61a --- /dev/null +++ b/radio/liboemservice_proxy.te @@ -0,0 +1,34 @@ +type liboemservice_proxy_default, domain; +type liboemservice_proxy_default_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(liboemservice_proxy_default) + +# Allow proxy to register as android service. +binder_use(liboemservice_proxy_default); +add_service(liboemservice_proxy_default, liboemservice_proxy_service); + +get_prop(liboemservice_proxy_default, hwservicemanager_prop) +binder_call(liboemservice_proxy_default, hwservicemanager) +binder_call(liboemservice_proxy_default, dmd) +allow liboemservice_proxy_default hal_vendor_oem_hwservice:hwservice_manager find; +allow liboemservice_proxy_default radio_vendor_data_file:dir create_dir_perms; +allow liboemservice_proxy_default radio_vendor_data_file:file create_file_perms; + +# Grant to access serial device for external logging tool +allow liboemservice_proxy_default serial_device:chr_file rw_file_perms; + +# Grant to access radio device +allow liboemservice_proxy_default radio_device:chr_file rw_file_perms; + +# Grant to access slog dir/file +allow liboemservice_proxy_default vendor_slog_file:dir create_dir_perms; +allow liboemservice_proxy_default vendor_slog_file:file create_file_perms; + +# Grant to access tcp socket +allow liboemservice_proxy_default node:tcp_socket node_bind; +allow liboemservice_proxy_default self:tcp_socket { create_socket_perms_no_ioctl listen accept bind }; + +# Grant to access log related properties +set_prop(liboemservice_proxy_default, vendor_diag_prop) +set_prop(liboemservice_proxy_default, vendor_slog_prop) +set_prop(liboemservice_proxy_default, vendor_modem_prop) +get_prop(liboemservice_proxy_default, vendor_persist_config_default_prop) diff --git a/radio/modem_diagnostic_app.te b/radio/modem_diagnostic_app.te index b21b792..aaf2aab 100644 --- a/radio/modem_diagnostic_app.te +++ b/radio/modem_diagnostic_app.te @@ -39,4 +39,9 @@ userdebug_or_eng(` allow modem_diagnostic_app sysfs_batteryinfo:dir search; dontaudit modem_diagnostic_app default_prop:file r_file_perms; + + # Modem Log Mask Library Permissions + allow modem_diagnostic_app liboemservice_proxy_service:service_manager find; + binder_use(modem_diagnostic_app) + binder_call(modem_diagnostic_app, liboemservice_proxy_default) ') diff --git a/radio/service.te b/radio/service.te new file mode 100644 index 0000000..349e658 --- /dev/null +++ b/radio/service.te @@ -0,0 +1,2 @@ +# Define liboemservice_proxy_service. +type liboemservice_proxy_service, hal_service_type, service_manager_type; \ No newline at end of file diff --git a/radio/service_contexts b/radio/service_contexts new file mode 100644 index 0000000..d463150 --- /dev/null +++ b/radio/service_contexts @@ -0,0 +1,2 @@ +# DMD oemservice aidl proxy. +com.google.pixel.modem.logmasklibrary.ILiboemserviceProxy/default u:object_r:liboemservice_proxy_service:s0 \ No newline at end of file