liboemservice_proxy: Add sepolicy
This was previously only configured to run on zuma devices, but should be expanded to this device as well. Since this service should only be present on these two devices, it's fine to just copy this here instead of placing it in gs-common. Test: atest vts_treble_vintf_vendor_test:DeviceManifest/SingleAidlTest Bug: 321867236 Change-Id: I9f086df735c866ed037307574b38458434a9c486
This commit is contained in:
kierancyphus
parent
3bfc494565
commit
2fbd1edf60
6 changed files with 45 additions and 0 deletions
|
|
@ -30,3 +30,4 @@ binder_call(dmd, hwservicemanager)
|
|||
binder_call(dmd, modem_diagnostic_app)
|
||||
binder_call(dmd, modem_logging_control)
|
||||
binder_call(dmd, vendor_telephony_silentlogging_app)
|
||||
binder_call(dmd, liboemservice_proxy_default)
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@
|
|||
/vendor/bin/cbd u:object_r:cbd_exec:s0
|
||||
/vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0
|
||||
/vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0
|
||||
/vendor/bin/liboemservice_proxy_default u:object_r:liboemservice_proxy_default_exec:s0
|
||||
|
||||
# Config files
|
||||
/vendor/etc/modem_ml_models\.conf u:object_r:modem_config_file:s0
|
||||
|
|
|
|||
34
radio/liboemservice_proxy.te
Normal file
34
radio/liboemservice_proxy.te
Normal file
|
|
@ -0,0 +1,34 @@
|
|||
type liboemservice_proxy_default, domain;
|
||||
type liboemservice_proxy_default_exec, vendor_file_type, exec_type, file_type;
|
||||
init_daemon_domain(liboemservice_proxy_default)
|
||||
|
||||
# Allow proxy to register as android service.
|
||||
binder_use(liboemservice_proxy_default);
|
||||
add_service(liboemservice_proxy_default, liboemservice_proxy_service);
|
||||
|
||||
get_prop(liboemservice_proxy_default, hwservicemanager_prop)
|
||||
binder_call(liboemservice_proxy_default, hwservicemanager)
|
||||
binder_call(liboemservice_proxy_default, dmd)
|
||||
allow liboemservice_proxy_default hal_vendor_oem_hwservice:hwservice_manager find;
|
||||
allow liboemservice_proxy_default radio_vendor_data_file:dir create_dir_perms;
|
||||
allow liboemservice_proxy_default radio_vendor_data_file:file create_file_perms;
|
||||
|
||||
# Grant to access serial device for external logging tool
|
||||
allow liboemservice_proxy_default serial_device:chr_file rw_file_perms;
|
||||
|
||||
# Grant to access radio device
|
||||
allow liboemservice_proxy_default radio_device:chr_file rw_file_perms;
|
||||
|
||||
# Grant to access slog dir/file
|
||||
allow liboemservice_proxy_default vendor_slog_file:dir create_dir_perms;
|
||||
allow liboemservice_proxy_default vendor_slog_file:file create_file_perms;
|
||||
|
||||
# Grant to access tcp socket
|
||||
allow liboemservice_proxy_default node:tcp_socket node_bind;
|
||||
allow liboemservice_proxy_default self:tcp_socket { create_socket_perms_no_ioctl listen accept bind };
|
||||
|
||||
# Grant to access log related properties
|
||||
set_prop(liboemservice_proxy_default, vendor_diag_prop)
|
||||
set_prop(liboemservice_proxy_default, vendor_slog_prop)
|
||||
set_prop(liboemservice_proxy_default, vendor_modem_prop)
|
||||
get_prop(liboemservice_proxy_default, vendor_persist_config_default_prop)
|
||||
|
|
@ -39,4 +39,9 @@ userdebug_or_eng(`
|
|||
allow modem_diagnostic_app sysfs_batteryinfo:dir search;
|
||||
|
||||
dontaudit modem_diagnostic_app default_prop:file r_file_perms;
|
||||
|
||||
# Modem Log Mask Library Permissions
|
||||
allow modem_diagnostic_app liboemservice_proxy_service:service_manager find;
|
||||
binder_use(modem_diagnostic_app)
|
||||
binder_call(modem_diagnostic_app, liboemservice_proxy_default)
|
||||
')
|
||||
|
|
|
|||
2
radio/service.te
Normal file
2
radio/service.te
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
# Define liboemservice_proxy_service.
|
||||
type liboemservice_proxy_service, hal_service_type, service_manager_type;
|
||||
2
radio/service_contexts
Normal file
2
radio/service_contexts
Normal file
|
|
@ -0,0 +1,2 @@
|
|||
# DMD oemservice aidl proxy.
|
||||
com.google.pixel.modem.logmasklibrary.ILiboemserviceProxy/default u:object_r:liboemservice_proxy_service:s0
|
||||
Loading…
Add table
Add a link
Reference in a new issue