eth_mac_addr: Fix the GSI/Treble compatibilityandroid12-gsi

This patch fixes this script, which update Ethernet MAC
address on DB845c and RB5, to work with Android GSI images.

So we no longer copy the scripts to system.img and we switch
from using "/system/bin/ip" to "/vendor/bin/ifconfig"
because "/vendor/bin/ip" doesn't exist and selinux denials
for using "/system/bin/ip" from vendor domain are just to
complex to handle for me.

Change-Id: Icf71c349c74a87f784b2cf1ff7b8604b1c43b03f
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>

6 files changed, 38 insertions, 22 deletions

diff --git a/db845c/device.mk b/db845c/device.mk
index 502b0fe..4620213 100644
--- a/db845c/device.mk
+++ b/db845c/device.mk
@@ -66,8 +66,8 @@ PRODUCT_COPY_FILES += \
 
 # Install scripts to set Ethernet MAC address
 PRODUCT_COPY_FILES += \
-    $(LOCAL_PATH)/eth_mac_addr.rc:/system/etc/init/eth_mac_addr.rc \
-    $(LOCAL_PATH)/eth_mac_addr.sh:/system/bin/eth_mac_addr.sh
+    $(LOCAL_PATH)/eth_mac_addr.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/eth_mac_addr.rc \
+    $(LOCAL_PATH)/eth_mac_addr.sh:$(TARGET_COPY_OUT_VENDOR)/bin/eth_mac_addr.sh
 
 PRODUCT_VENDOR_PROPERTIES += ro.soc.manufacturer=Qualcomm
 PRODUCT_VENDOR_PROPERTIES += ro.soc.model=SDM845
diff --git a/db845c/eth_mac_addr.rc b/db845c/eth_mac_addr.rc
index e710c19..f9c1a09 100644
--- a/db845c/eth_mac_addr.rc
+++ b/db845c/eth_mac_addr.rc
@@ -1,4 +1,4 @@
-service eth_mac_addr /system/bin/eth_mac_addr.sh
+service eth_mac_addr /vendor/bin/eth_mac_addr.sh
     class core
     user root
     group system
diff --git a/db845c/eth_mac_addr.sh b/db845c/eth_mac_addr.sh
index bdc1ba7..c36cce3 100644
--- a/db845c/eth_mac_addr.sh
+++ b/db845c/eth_mac_addr.sh
@@ -1,15 +1,25 @@
-#! /system/bin/sh
+#! /vendor/bin/sh
 # Set eth0 mac address.
 #
-# Get the unique board serial number from /proc/cmdline,
-# prepend '0's to the serial number to fill 5 LSBs of the
-# MAC address and prepend "02" as MSB to prepare a 6 byte
-# locally administered unicast MAC address.
-# Format the output in xx:xx:xx:xx:xx:xx format for the
-# "ip" set address command to work.
+# Get the unique board serial number from /proc/cmdline or
+# /proc/bootconfig, prepend '0's to the serial number to
+# fill 5 LSBs of the MAC address and prepend "02" as MSB to
+# prepare a 6 byte locally administered unicast MAC address.
+#
+# Format the output in xx:xx:xx:xx:xx:xx format for the "ip"
+# set address command to work.
 
-SERIALNO=`cat /proc/cmdline | grep -o serialno.* | cut -f2 -d'=' | awk '{printf("02%010s\n", $1)}' | sed 's/\(..\)/\1:/g' | sed '$s/:$//'`
+SERIALNO=`/vendor/bin/cat /proc/cmdline | /vendor/bin/grep -o serialno.* |\
+	 /vendor/bin/cut -f2 -d'=' | /vendor/bin/awk '{printf("02%010s\n", $1)}' |\
+	 /vendor/bin/sed 's/\(..\)/\1:/g' | /vendor/bin/sed '$s/:$//'`
+if [ -z "${SERIALNO}" ]
+then
+SERIALNO=`/vendor/bin/cat /proc/bootconfig | /vendor/bin/grep -o serialno.* |\
+	 /vendor/bin/cut -f2 -d'=' | /vendor/bin/cut -c 3-10 |\
+	 /vendor/bin/awk '{printf("02%010s\n", $1)}' |\
+	 /vendor/bin/sed 's/\(..\)/\1:/g' |\ /vendor/bin/sed '$s/:$//'`
+fi
 
-/system/bin/ip link set dev eth0 down
-/system/bin/ip link set dev eth0 address "${SERIALNO}"
-/system/bin/ip link set dev eth0 up
+/vendor/bin/ifconfig eth0 down
+/vendor/bin/ifconfig eth0 hw ether "${SERIALNO}"
+/vendor/bin/ifconfig eth0 up
diff --git a/rb5/device.mk b/rb5/device.mk
index cab614f..717e79a 100644
--- a/rb5/device.mk
+++ b/rb5/device.mk
@@ -60,6 +60,11 @@ PRODUCT_PACKAGES += \
 PRODUCT_COPY_FILES += \
     device/linaro/dragonboard/qcom/init.qcom.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/init.qcom.rc
 
+# Install scripts to set Ethernet MAC address
+PRODUCT_COPY_FILES += \
+    device/linaro/dragonboard/db845c/eth_mac_addr.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/eth_mac_addr.rc \
+    device/linaro/dragonboard/db845c/eth_mac_addr.sh:$(TARGET_COPY_OUT_VENDOR)/bin/eth_mac_addr.sh
+
 PRODUCT_VENDOR_PROPERTIES += ro.soc.manufacturer=Qualcomm
 PRODUCT_VENDOR_PROPERTIES += ro.soc.model=QRB5165
 
diff --git a/sepolicy/eth_mac_addr.te b/sepolicy/eth_mac_addr.te
index d2e4e1a..8584160 100644
--- a/sepolicy/eth_mac_addr.te
+++ b/sepolicy/eth_mac_addr.te
@@ -1,12 +1,12 @@
-type eth_mac_addr, domain, coredomain;
-type eth_mac_addr_exec, exec_type, system_file_type, file_type;
+type eth_mac_addr, domain;
+type eth_mac_addr_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(eth_mac_addr);
 
+allow eth_mac_addr proc_bootconfig:file { open read };
 allow eth_mac_addr proc_cmdline:file { open read };
 allow eth_mac_addr rootfs:dir { open read };
 allow eth_mac_addr self:capability net_admin;
-allow eth_mac_addr self:netlink_route_socket { bind create getattr nlmsg_readpriv nlmsg_write read setopt write };
-allow eth_mac_addr self:udp_socket { create ioctl };
-allow eth_mac_addr shell_exec:file { execute getattr map read };
-allow eth_mac_addr system_file:file execute_no_trans;
-allow eth_mac_addr toolbox_exec:file { execute execute_no_trans getattr map open read };
+allow eth_mac_addr self:udp_socket create_socket_perms;
+allow eth_mac_addr vendor_file:file execute_no_trans;
+allow eth_mac_addr vendor_toolbox_exec:file execute_no_trans;
+allowxperm eth_mac_addr self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR };
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 1022689..4713c70 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -46,10 +46,11 @@
 /data/vendor/readwrite(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
 /data/vendor/readonly(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
 
-/system/bin/eth_mac_addr\.sh								u:object_r:eth_mac_addr_exec:s0
 /system/bin/tinymix									u:object_r:tinymix_exec:s0
 
+/vendor/bin/eth_mac_addr\.sh								u:object_r:eth_mac_addr_exec:s0
 /vendor/bin/grep									u:object_r:vendor_toolbox_exec:s0
+/vendor/bin/ifconfig									u:object_r:vendor_toolbox_exec:s0
 /vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software			u:object_r:hal_gatekeeper_default_exec:s0
 /vendor/bin/hw/android\.hardware\.graphics\.allocator@4\.0-service\.minigbm_msm		u:object_r:hal_graphics_allocator_default_exec:s0
 /vendor/bin/pd-mapper									u:object_r:pd_mapper_exec:s0