From e721f61feef4677a0be08988e1c748ba27cd9d9a Mon Sep 17 00:00:00 2001
From: Amit Pundir <amit.pundir@linaro.org>
Date: Wed, 22 Nov 2023 10:37:16 +0530
Subject: utils: eth_mac_addr: Fix the GSI/Treble compatibility

This patch fixes this script, which update Ethernet MAC
address on DB845c and RB5, to work with Android GSI images.

So we no longer copy the scripts to system.img and we switch
from using "/system/bin/ip" to "/vendor/bin/ifconfig"
because "/vendor/bin/ip" doesn't exist and selinux denials
for using "/system/bin/ip" from vendor domain are just to
complex to handle for me.

Change-Id: Icf71c349c74a87f784b2cf1ff7b8604b1c43b03f
Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
---
 db845c/device.mk                    |  4 ++--
 linaro_swr/device.mk                |  4 ++--
 rb5/device.mk                       |  4 ++--
 sepolicy/file_contexts              |  3 ++-
 sepolicy/set_ethaddr.te             | 13 ++++++-------
 shared/utils/ethaddr/ethaddr.rc     |  2 +-
 shared/utils/ethaddr/set_ethaddr.sh | 22 +++++++++++-----------
 7 files changed, 26 insertions(+), 26 deletions(-)

diff --git a/db845c/device.mk b/db845c/device.mk
index 792fac8..04967ed 100644
--- a/db845c/device.mk
+++ b/db845c/device.mk
@@ -52,8 +52,8 @@ PRODUCT_COPY_FILES += \
 
 # Install scripts to set Ethernet MAC address
 PRODUCT_COPY_FILES += \
-    device/linaro/dragonboard/shared/utils/ethaddr/ethaddr.rc:/system/etc/init/ethaddr.rc \
-    device/linaro/dragonboard/shared/utils/ethaddr/set_ethaddr.sh:/system/bin/set_ethaddr.sh
+    device/linaro/dragonboard/shared/utils/ethaddr/ethaddr.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/ethaddr.rc \
+    device/linaro/dragonboard/shared/utils/ethaddr/set_ethaddr.sh:$(TARGET_COPY_OUT_VENDOR)/bin/set_ethaddr.sh
 
 PRODUCT_VENDOR_PROPERTIES += ro.soc.manufacturer=Qualcomm
 PRODUCT_VENDOR_PROPERTIES += ro.soc.model=SDM845
diff --git a/linaro_swr/device.mk b/linaro_swr/device.mk
index df9a79c..4386aa3 100644
--- a/linaro_swr/device.mk
+++ b/linaro_swr/device.mk
@@ -48,8 +48,8 @@ PRODUCT_COPY_FILES += \
 
 # Install scripts to set Ethernet MAC address
 PRODUCT_COPY_FILES += \
-    device/linaro/dragonboard/shared/utils/ethaddr/ethaddr.rc:/system/etc/init/ethaddr.rc \
-    device/linaro/dragonboard/shared/utils/ethaddr/set_ethaddr.sh:/system/bin/set_ethaddr.sh
+    device/linaro/dragonboard/shared/utils/ethaddr/ethaddr.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/ethaddr.rc \
+    device/linaro/dragonboard/shared/utils/ethaddr/set_ethaddr.sh:$(TARGET_COPY_OUT_VENDOR)/bin/set_ethaddr.sh
 
 PRODUCT_VENDOR_PROPERTIES += \
     ro.soc.manufacturer=Generic Qcom arm64 arch \
diff --git a/rb5/device.mk b/rb5/device.mk
index 34cfea4..1f6cc4b 100644
--- a/rb5/device.mk
+++ b/rb5/device.mk
@@ -50,8 +50,8 @@ PRODUCT_COPY_FILES += \
 
 # Install scripts to set Ethernet MAC address
 PRODUCT_COPY_FILES += \
-    device/linaro/dragonboard/shared/utils/ethaddr/ethaddr.rc:/system/etc/init/ethaddr.rc \
-    device/linaro/dragonboard/shared/utils/ethaddr/set_ethaddr.sh:/system/bin/set_ethaddr.sh
+    device/linaro/dragonboard/shared/utils/ethaddr/ethaddr.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/ethaddr.rc \
+    device/linaro/dragonboard/shared/utils/ethaddr/set_ethaddr.sh:$(TARGET_COPY_OUT_VENDOR)/bin/set_ethaddr.sh
 
 PRODUCT_VENDOR_PROPERTIES += ro.soc.manufacturer=Qualcomm
 PRODUCT_VENDOR_PROPERTIES += ro.soc.model=QRB5165
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 014cd9c..82370f6 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -49,10 +49,10 @@
 /data/vendor/readwrite(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
 /data/vendor/readonly(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
 
-/system/bin/set_ethaddr\.sh								u:object_r:set_ethaddr_exec:s0
 /system/bin/tinymix									u:object_r:tinymix_exec:s0
 
 /vendor/bin/grep									u:object_r:vendor_toolbox_exec:s0
+/vendor/bin/ifconfig									u:object_r:vendor_toolbox_exec:s0
 /vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software			u:object_r:hal_gatekeeper_default_exec:s0
 /vendor/bin/pd-mapper									u:object_r:pd_mapper_exec:s0
 /vendor/bin/qrtr-cfg									u:object_r:qrtr_exec:s0
@@ -61,6 +61,7 @@
 /vendor/bin/tqftpserv									u:object_r:tqftpserv_exec:s0
 /vendor/bin/suspend_blocker								u:object_r:suspend_blocker_exec:s0
 /vendor/bin/set_bdaddr\.sh								u:object_r:set_bdaddr_exec:s0
+/vendor/bin/set_ethaddr\.sh								u:object_r:set_ethaddr_exec:s0
 /vendor/bin/set_hw\.sh									u:object_r:set_hw_exec:s0
 /vendor/bin/set_udc\.sh									u:object_r:set_udc_exec:s0
 
diff --git a/sepolicy/set_ethaddr.te b/sepolicy/set_ethaddr.te
index 4b62d7f..86f9ea8 100644
--- a/sepolicy/set_ethaddr.te
+++ b/sepolicy/set_ethaddr.te
@@ -1,13 +1,12 @@
-type set_ethaddr, domain, coredomain;
-type set_ethaddr_exec, exec_type, system_file_type, file_type;
+type set_ethaddr, domain;
+type set_ethaddr_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(set_ethaddr);
 
 allow set_ethaddr proc_cmdline:file { open read };
 allow set_ethaddr proc_bootconfig:file { open read };
 allow set_ethaddr rootfs:dir { open read };
 allow set_ethaddr self:capability net_admin;
-allow set_ethaddr self:netlink_route_socket { bind create getattr nlmsg_read nlmsg_readpriv nlmsg_write read setopt write };
-allow set_ethaddr self:udp_socket { create ioctl };
-allow set_ethaddr shell_exec:file { execute getattr map read };
-allow set_ethaddr system_file:file execute_no_trans;
-allow set_ethaddr toolbox_exec:file { execute execute_no_trans getattr map open read };
+allow set_ethaddr self:udp_socket create_socket_perms;
+allow set_ethaddr vendor_file:file execute_no_trans;
+allow set_ethaddr vendor_toolbox_exec:file execute_no_trans;
+allowxperm set_ethaddr self:udp_socket ioctl { SIOCSIFFLAGS SIOCSIFHWADDR };
diff --git a/shared/utils/ethaddr/ethaddr.rc b/shared/utils/ethaddr/ethaddr.rc
index cd26f69..f8fe430 100644
--- a/shared/utils/ethaddr/ethaddr.rc
+++ b/shared/utils/ethaddr/ethaddr.rc
@@ -1,4 +1,4 @@
-service set_ethaddr /system/bin/set_ethaddr.sh
+service set_ethaddr /vendor/bin/set_ethaddr.sh
     class core
     user root
     group system
diff --git a/shared/utils/ethaddr/set_ethaddr.sh b/shared/utils/ethaddr/set_ethaddr.sh
index 2bfa8d8..93cd08a 100644
--- a/shared/utils/ethaddr/set_ethaddr.sh
+++ b/shared/utils/ethaddr/set_ethaddr.sh
@@ -1,4 +1,4 @@
-#! /system/bin/sh
+#! /vendor/bin/sh
 # Set eth0 mac address.
 #
 # Get the unique board serial number from /proc/cmdline or
@@ -9,17 +9,17 @@
 # Format the output in xx:xx:xx:xx:xx:xx format for the "ip"
 # set address command to work.
 
-ETHADDR=`cat /proc/cmdline | grep -o serialno.* | cut -f2 -d'=' |\
-	 awk '{printf("02%010s\n", $1)}' | sed 's/\(..\)/\1:/g' |\
-	 sed '$s/:$//'`
+ETHADDR=`/vendor/bin/cat /proc/cmdline | /vendor/bin/grep -o serialno.* |\
+	 /vendor/bin/cut -f2 -d'=' | /vendor/bin/awk '{printf("02%010s\n", $1)}' |\
+	 /vendor/bin/sed 's/\(..\)/\1:/g' | /vendor/bin/sed '$s/:$//'`
 if [ -z "${ETHADDR}" ]
 then
-ETHADDR=`cat /proc/bootconfig | grep -o serialno.* |\
-	 cut -f2 -d'=' | cut -c 3-10 |\
-	 awk '{printf("02%010s\n", $1)}' | sed 's/\(..\)/\1:/g' |\
-	 sed '$s/:$//'`
+  ETHADDR=`/vendor/bin/cat /proc/bootconfig | /vendor/bin/grep -o serialno.* |\
+	   /vendor/bin/cut -f2 -d'=' | /vendor/bin/cut -c 3-10 |\
+	   /vendor/bin/awk '{printf("02%010s\n", $1)}' |\
+	   /vendor/bin/sed 's/\(..\)/\1:/g' | /vendor/bin/sed '$s/:$//'`
 fi
 
-ip link set dev eth0 down
-ip link set dev eth0 address "${ETHADDR}"
-ip link set dev eth0 up
+/vendor/bin/ifconfig eth0 down
+/vendor/bin/ifconfig eth0 hw ether "${ETHADDR}"
+/vendor/bin/ifconfig eth0 up
-- 
cgit v1.2.3