android.hardware.usb.IUsb AIDL migration

android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.

Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157

2 files changed, 15 insertions, 1 deletions

diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts
index 97263fe..cd5a515 100644
--- a/vendor/google/file_contexts
+++ b/vendor/google/file_contexts
@@ -1,4 +1,5 @@
 # vendor binaries
-/vendor/bin/hw/android\.hardware\.usb@1\.3-service\.redfin                             u:object_r:hal_usb_impl_exec:s0
+/vendor/bin/hw/android\.hardware\.usb-service\.redfin                                  u:object_r:hal_usb_impl_exec:s0
+/vendor/bin/hw/android\.hardware\.usb\.gadget-service\.redfin                          u:object_r:hal_usb_gadget_impl_exec:s0
 /vendor/bin/hw/android\.hardware\.vibrator-service\.redfin                             u:object_r:hal_vibrator_default_exec:s0
 /vendor/bin/hw/android\.hardware\.dumpstate@1\.1-service\.redfin                       u:object_r:hal_dumpstate_impl_exec:s0
diff --git a/vendor/google/hal_usb_gadget_impl.te b/vendor/google/hal_usb_gadget_impl.te
new file mode 100644
index 0000000..89ae09f
--- /dev/null
+++ b/vendor/google/hal_usb_gadget_impl.te
@@ -0,0 +1,13 @@
+type hal_usb_gadget_impl, domain;
+hal_server_domain(hal_usb_gadget_impl, hal_usb)
+hal_server_domain(hal_usb_gadget_impl, hal_usb_gadget)
+
+type hal_usb_gadget_impl_exec, vendor_file_type, exec_type, file_type;
+init_daemon_domain(hal_usb_gadget_impl)
+
+allow hal_usb_gadget_impl configfs:dir { create rmdir };
+allow hal_usb_gadget_impl functionfs:dir { watch watch_reads };
+
+allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms;
+allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms;
+allow hal_usb_gadget_impl sysfs_extcon:dir search;