diff options
| author | Badhri Jagan Sridharan <badhri@google.com> | 2022-01-31 22:08:26 -0800 |
|---|---|---|
| committer | Badhri Jagan Sridharan <badhri@google.com> | 2022-02-01 18:45:02 +0000 |
| commit | 9a470f577cdba129913082be87a3ad3cde874873 (patch) | |
| tree | 9c9938382ee52bcea42494508a575d9d4e53ef10 | |
| parent | bb9ac1c6e9c6633998da4d81c309e0569060c4e4 (diff) | |
| download | sunfish-sepolicy-9a470f577cdba129913082be87a3ad3cde874873.tar.gz | |
android.hardware.usb.IUsb AIDL migration
android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.
Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
| -rw-r--r-- | vendor/google/file_contexts | 3 | ||||
| -rw-r--r-- | vendor/google/hal_usb_gadget_impl.te | 14 |
2 files changed, 16 insertions, 1 deletions
diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts index 02e0062..0030286 100644 --- a/vendor/google/file_contexts +++ b/vendor/google/file_contexts @@ -21,7 +21,8 @@ /vendor/bin/hw/android\.hardware\.neuralnetworks@1\.0-service-paintbox u:object_r:hal_neuralnetworks_paintbox_exec:s0 /vendor/bin/hw/android\.hardware\.neuralnetworks@1\.2-service-noronha u:object_r:hal_neuralnetworks_darwinn_exec:s0 /vendor/bin/hw/android\.hardware\.power\.stats@1\.0-service\.pixel u:object_r:hal_power_stats_default_exec:s0 -/vendor/bin/hw/android\.hardware\.usb@1\.3-service\.sunfish u:object_r:hal_usb_impl_exec:s0 +/vendor/bin/hw/android\.hardware\.usb-service\.sunfish u:object_r:hal_usb_impl_exec:s0 +/vendor/bin/hw/android\.hardware\.usb\.gadget-service\.sunfish u:object_r:hal_usb_gadget_impl_exec:s0 /vendor/bin/hw/android\.hardware\.vibrator@1\.3-service\.sunfish u:object_r:hal_vibrator_default_exec:s0 /vendor/bin/hw/hardware\.google\.light@1\.1-service u:object_r:hal_light_default_exec:s0 /vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0 diff --git a/vendor/google/hal_usb_gadget_impl.te b/vendor/google/hal_usb_gadget_impl.te new file mode 100644 index 0000000..ddd90c2 --- /dev/null +++ b/vendor/google/hal_usb_gadget_impl.te @@ -0,0 +1,14 @@ +type hal_usb_gadget_impl, domain; +hal_server_domain(hal_usb_gadget_impl, hal_usb) +hal_server_domain(hal_usb_gadget_impl, hal_usb_gadget) + +type hal_usb_gadget_impl_exec, vendor_file_type, exec_type, file_type; +init_daemon_domain(hal_usb_gadget_impl) + +allow hal_usb_gadget_impl configfs:dir { create rmdir }; +allow hal_usb_gadget_impl functionfs:dir { watch watch_reads }; +set_prop(hal_usb_gadget_impl, vendor_usb_prop) + +allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms; +allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms; +allow hal_usb_gadget_impl sysfs_extcon:dir search; |