From a94e3728111aed4003b40b1250eb5808c64df744 Mon Sep 17 00:00:00 2001 From: shihchienc Date: Thu, 4 Jan 2024 04:28:33 +0000 Subject: [PATCH 1/2] Grant BT HAL to access socket file Bug: 318594713 Test: manual Change-Id: Iba93dcd9543366e89c40bc8d0ca58dfdd69ee141 --- vendor/hal_bluetooth_btlinux.te | 1 + 1 file changed, 1 insertion(+) create mode 100644 vendor/hal_bluetooth_btlinux.te diff --git a/vendor/hal_bluetooth_btlinux.te b/vendor/hal_bluetooth_btlinux.te new file mode 100644 index 0000000..65e037d --- /dev/null +++ b/vendor/hal_bluetooth_btlinux.te @@ -0,0 +1 @@ +allow hal_bluetooth_btlinux vendor_bt_data_file:sock_file create_file_perms; From ed3ca1e26657fcb8bf71988e23c736ff7bc7c845 Mon Sep 17 00:00:00 2001 From: shihchienc Date: Thu, 4 Jan 2024 04:26:50 +0000 Subject: [PATCH 2/2] Grant Thread HAL service to access BT HAL folder 02-02 14:36:00.660 2378 2378 I android.hardwar: type=1400 audit(0.0:15): avc: denied { read } for name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1 02-02 14:36:00.660 2378 2378 I android.hardwar: type=1400 audit(0.0:16): avc: denied { watch } for path="/data/vendor/bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1 02-02 14:36:02.664 2378 2378 I android.hardwar: type=1400 audit(0.0:17): avc: denied { search } for name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1 14:36:29.076 7627 7627 I android.hardwar: type=1400 audit(0.0:30): avc: denied { getattr } for path="/data/vendor/bluetooth/thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1 02-02 14:36:29.076 7627 7627 I android.hardwar: type=1400 audit(0.0:31): avc: denied { write } for name="thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1 02-02 14:36:29.076 7627 7627 I android.hardwar: type=1400 audit(0.0:32): avc: denied { connectto } for path="/data/vendor/bluetooth/thread_dispatcher_socket" scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:r:hal_bluetooth_btlinux:s0 tclass=unix_stream_socket permissive=1 Bug: 318594282 Test: reboot and open bluetooth Change-Id: Ia63ed27b732eafa2e0aa3311fc7cea9c77e7b50c --- vendor/hal_threadnetwork_default.te | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 vendor/hal_threadnetwork_default.te diff --git a/vendor/hal_threadnetwork_default.te b/vendor/hal_threadnetwork_default.te new file mode 100644 index 0000000..558847b --- /dev/null +++ b/vendor/hal_threadnetwork_default.te @@ -0,0 +1,3 @@ +allow hal_threadnetwork_default vendor_bt_data_file:dir r_dir_perms; +allow hal_threadnetwork_default vendor_bt_data_file:sock_file rw_file_perms; +allow hal_threadnetwork_default hal_bluetooth_btlinux:unix_stream_socket connectto;