audio: add audio hal aidl service
- separate audio hal HIDL and AIDL services.
- separate sepolicy of aoc and audio
Bug: 259161622
Test: build pass and check hidl/aidl on gs201
build pass for other chipset
Change-Id: Id3c0446be6cdcd5a6e75c832e7d7f4a64716f79c
Signed-off-by: Jasmine Cha <chajasmine@google.com>
diff --git a/audio/sepolicy/aidl/file_contexts b/audio/sepolicy/aidl/file_contexts
new file mode 100644
index 0000000..9e07893
--- /dev/null
+++ b/audio/sepolicy/aidl/file_contexts
@@ -0,0 +1,2 @@
+# Audio Hal AIDL Service for Aoc
+/vendor/bin/hw/android\.hardware\.audio\.service-aidl\.aoc u:object_r:hal_audio_default_exec:s0
diff --git a/audio/sepolicy/aidl/hal_audio_default.te b/audio/sepolicy/aidl/hal_audio_default.te
new file mode 100644
index 0000000..2512a17
--- /dev/null
+++ b/audio/sepolicy/aidl/hal_audio_default.te
@@ -0,0 +1 @@
+add_service(hal_audio_default, hal_audio_ext_service)
diff --git a/audio/sepolicy/aidl/rild.te b/audio/sepolicy/aidl/rild.te
new file mode 100644
index 0000000..218a69d
--- /dev/null
+++ b/audio/sepolicy/aidl/rild.te
@@ -0,0 +1 @@
+allow rild hal_audio_ext_service:service_manager find;
diff --git a/audio/sepolicy/aidl/service.te b/audio/sepolicy/aidl/service.te
new file mode 100644
index 0000000..052558c
--- /dev/null
+++ b/audio/sepolicy/aidl/service.te
@@ -0,0 +1,2 @@
+# Audio
+type hal_audio_ext_service, service_manager_type;
diff --git a/audio/sepolicy/aidl/service_contexts b/audio/sepolicy/aidl/service_contexts
new file mode 100644
index 0000000..1b5f301
--- /dev/null
+++ b/audio/sepolicy/aidl/service_contexts
@@ -0,0 +1,2 @@
+# Audio
+vendor.google.whitechapel.audio.extension.IAudioExtension/default u:object_r:hal_audio_ext_service:s0
diff --git a/audio/sepolicy/common/device.te b/audio/sepolicy/common/device.te
new file mode 100644
index 0000000..b4e77e5
--- /dev/null
+++ b/audio/sepolicy/common/device.te
@@ -0,0 +1,2 @@
+# AMCS device
+type amcs_device, dev_type;
diff --git a/audio/sepolicy/common/file.te b/audio/sepolicy/common/file.te
new file mode 100644
index 0000000..353ab9f
--- /dev/null
+++ b/audio/sepolicy/common/file.te
@@ -0,0 +1,5 @@
+# persist
+type persist_audio_file, file_type, vendor_persist_type;
+
+# data
+type audio_vendor_data_file, file_type, data_file_type;
diff --git a/audio/sepolicy/common/file_contexts b/audio/sepolicy/common/file_contexts
new file mode 100644
index 0000000..1480861
--- /dev/null
+++ b/audio/sepolicy/common/file_contexts
@@ -0,0 +1,11 @@
+# AMCS devices
+/dev/amcs u:object_r:amcs_device:s0
+
+# AMCS vendor service
+/vendor/bin/hw/vendor\.google\.audiometricext@1\.0-service-vendor u:object_r:hal_audiometricext_default_exec:s0
+
+# Audio data files
+/data/vendor/audio(/.*)? u:object_r:audio_vendor_data_file:s0
+
+# Audio presist file
+/mnt/vendor/persist/audio(/.*)? u:object_r:persist_audio_file:s0
diff --git a/audio/sepolicy/common/genfs_contexts b/audio/sepolicy/common/genfs_contexts
new file mode 100644
index 0000000..1df3116
--- /dev/null
+++ b/audio/sepolicy/common/genfs_contexts
@@ -0,0 +1,13 @@
+# pixelstat_vendor
+genfscon sysfs /devices/platform/audiometrics/codec_state u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/hs_codec_state u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_impedance u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_excursion u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_heartbeat u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/speaker_temp u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/mic_broken_degrade u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/codec_crashed_counter u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/hwinfo_part_number u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/ams_rate_read_once u:object_r:sysfs_pixelstats:s0
+genfscon sysfs /devices/platform/audiometrics/cca_rate_read_once u:object_r:sysfs_pixelstats:s0
+
diff --git a/audio/sepolicy/common/hal_audio_default.te b/audio/sepolicy/common/hal_audio_default.te
new file mode 100644
index 0000000..7465532
--- /dev/null
+++ b/audio/sepolicy/common/hal_audio_default.te
@@ -0,0 +1,30 @@
+allow hal_audio_default audio_vendor_data_file:dir rw_dir_perms;
+allow hal_audio_default audio_vendor_data_file:file create_file_perms;
+
+r_dir_file(hal_audio_default, aoc_audio_file);
+r_dir_file(hal_audio_default, mnt_vendor_file);
+r_dir_file(hal_audio_default, persist_audio_file);
+
+allow hal_audio_default persist_file:dir search;
+allow hal_audio_default aoc_device:file rw_file_perms;
+allow hal_audio_default aoc_device:chr_file rw_file_perms;
+
+allow hal_audio_default amcs_device:file rw_file_perms;
+allow hal_audio_default amcs_device:chr_file rw_file_perms;
+allow hal_audio_default sysfs_pixelstats:file rw_file_perms;
+
+#allow access to DMABUF Heaps for AAudio API
+allow hal_audio_default dmabuf_heap_device:chr_file r_file_perms;
+
+set_prop(hal_audio_default, vendor_audio_prop);
+
+hal_client_domain(hal_audio_default, hal_health);
+hal_client_domain(hal_audio_default, hal_thermal);
+allow hal_audio_default fwk_sensor_hwservice:hwservice_manager find;
+
+userdebug_or_eng(`
+ allow hal_audio_default self:unix_stream_socket create_stream_socket_perms;
+ allow hal_audio_default audio_vendor_data_file:sock_file { create unlink };
+')
+
+wakelock_use(hal_audio_default);
diff --git a/audio/sepolicy/common/hal_audiometricext_default.te b/audio/sepolicy/common/hal_audiometricext_default.te
new file mode 100644
index 0000000..5358eac
--- /dev/null
+++ b/audio/sepolicy/common/hal_audiometricext_default.te
@@ -0,0 +1,12 @@
+type hal_audiometricext_default, domain;
+type hal_audiometricext_default_exec, vendor_file_type, exec_type, file_type;
+init_daemon_domain(hal_audiometricext_default)
+
+allow hal_audiometricext_default amcs_device:chr_file rw_file_perms;
+allow hal_audiometricext_default sysfs_pixelstats:file rw_file_perms;
+
+get_prop(hal_audiometricext_default, vendor_audio_prop);
+get_prop(hal_audiometricext_default, hwservicemanager_prop);
+
+hwbinder_use(hal_audiometricext_default);
+add_hwservice(hal_audiometricext_default, hal_audiometricext_hwservice);
diff --git a/audio/sepolicy/common/hwservice.te b/audio/sepolicy/common/hwservice.te
new file mode 100644
index 0000000..0809453
--- /dev/null
+++ b/audio/sepolicy/common/hwservice.te
@@ -0,0 +1,2 @@
+# AudioMetric
+type hal_audiometricext_hwservice, hwservice_manager_type;
diff --git a/audio/sepolicy/common/hwservice_contexts b/audio/sepolicy/common/hwservice_contexts
new file mode 100644
index 0000000..85c05e5
--- /dev/null
+++ b/audio/sepolicy/common/hwservice_contexts
@@ -0,0 +1,3 @@
+# Audio
+vendor.google.audiometricext::IAudioMetricExt u:object_r:hal_audiometricext_hwservice:s0
+
diff --git a/audio/sepolicy/common/property.te b/audio/sepolicy/common/property.te
new file mode 100644
index 0000000..e2ffcd1
--- /dev/null
+++ b/audio/sepolicy/common/property.te
@@ -0,0 +1,2 @@
+# Audio
+vendor_internal_prop(vendor_audio_prop)
diff --git a/audio/sepolicy/common/property_contexts b/audio/sepolicy/common/property_contexts
new file mode 100644
index 0000000..aa981f1
--- /dev/null
+++ b/audio/sepolicy/common/property_contexts
@@ -0,0 +1,10 @@
+# for audio
+vendor.audio_hal.period_multiplier u:object_r:vendor_audio_prop:s0
+vendor.audiodump.enable u:object_r:vendor_audio_prop:s0
+persist.vendor.audio. u:object_r:vendor_audio_prop:s0
+vendor.audiodump.log.ondemand u:object_r:vendor_audio_prop:s0
+vendor.audiodump.log.config u:object_r:vendor_audio_prop:s0
+vendor.audiodump.output.dir u:object_r:vendor_audio_prop:s0
+vendor.audiodump.encode.disable u:object_r:vendor_audio_prop:s0
+vendor.audiodump.log.cca.updated u:object_r:vendor_audio_prop:s0
+vendor.audiodump.cca.config u:object_r:vendor_audio_prop:s0
diff --git a/audio/sepolicy/hidl/hal_audio_default.te b/audio/sepolicy/hidl/hal_audio_default.te
new file mode 100644
index 0000000..bdc3bf9
--- /dev/null
+++ b/audio/sepolicy/hidl/hal_audio_default.te
@@ -0,0 +1,3 @@
+hwbinder_use(hal_audio_default)
+
+add_hwservice(hal_audio_default, hal_audio_ext_hwservice)
diff --git a/audio/sepolicy/hidl/hwservice.te b/audio/sepolicy/hidl/hwservice.te
new file mode 100644
index 0000000..15aaaf7
--- /dev/null
+++ b/audio/sepolicy/hidl/hwservice.te
@@ -0,0 +1,2 @@
+# Audio
+type hal_audio_ext_hwservice, hwservice_manager_type;
diff --git a/audio/sepolicy/hidl/hwservice_contexts b/audio/sepolicy/hidl/hwservice_contexts
new file mode 100644
index 0000000..8eadd21
--- /dev/null
+++ b/audio/sepolicy/hidl/hwservice_contexts
@@ -0,0 +1,2 @@
+# Audio
+vendor.google.whitechapel.audio.audioext::IAudioExt u:object_r:hal_audio_ext_hwservice:s0
diff --git a/audio/sepolicy/hidl/rild.te b/audio/sepolicy/hidl/rild.te
new file mode 100644
index 0000000..378d26c
--- /dev/null
+++ b/audio/sepolicy/hidl/rild.te
@@ -0,0 +1 @@
+allow rild hal_audio_ext_hwservice:hwservice_manager find;