Merge "Mark some odm properties as vendor-init-settable" into pi-dev
diff --git a/private/audioserver.te b/private/audioserver.te
index a0779b3..ed5279e 100644
--- a/private/audioserver.te
+++ b/private/audioserver.te
@@ -36,8 +36,8 @@
allow audioserver power_service:service_manager find;
allow audioserver scheduling_policy_service:service_manager find;
-# Grant access to the "persist.bluetooth.enabledelayreports" property
-get_prop(audioserver, bluetooth_prop);
+# Allow read/write access to bluetooth-specific properties
+set_prop(audioserver, bluetooth_prop)
# Grant access to audio files to audioserver
allow audioserver audio_data_file:dir ra_dir_perms;
diff --git a/private/bluetooth.te b/private/bluetooth.te
index 86a7a2a..fec9494 100644
--- a/private/bluetooth.te
+++ b/private/bluetooth.te
@@ -61,6 +61,9 @@
hal_client_domain(bluetooth, hal_bluetooth)
hal_client_domain(bluetooth, hal_telephony)
+# Bluetooth A2DP offload requires binding with audio HAL
+hal_client_domain(bluetooth, hal_audio)
+
read_runtime_log_tags(bluetooth)
###
diff --git a/private/compat/26.0/26.0.cil b/private/compat/26.0/26.0.cil
index 4cffaab..06befe0 100644
--- a/private/compat/26.0/26.0.cil
+++ b/private/compat/26.0/26.0.cil
@@ -12,6 +12,7 @@
(type tracing_shell_writable_debug)
(type vold_socket)
(type webview_zygote_socket)
+(type rild)
(typeattributeset accessibility_service_26_0 (accessibility_service))
(typeattributeset account_service_26_0 (account_service))
diff --git a/private/compat/27.0/27.0.cil b/private/compat/27.0/27.0.cil
index a9f485e..52760f7 100644
--- a/private/compat/27.0/27.0.cil
+++ b/private/compat/27.0/27.0.cil
@@ -2,6 +2,7 @@
(type webview_zygote_socket)
(type reboot_data_file)
(type vold_socket)
+(type rild)
(expandtypeattribute (accessibility_service_27_0) true)
(expandtypeattribute (account_service_27_0) true)
diff --git a/private/dumpstate.te b/private/dumpstate.te
index 8b72457..2c2a62f 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te
@@ -38,3 +38,10 @@
allow dumpstate {
statsd
}:process signal;
+
+# For collecting bugreports.
+allow dumpstate debugfs_wakeup_sources:file r_file_perms;
+allow dumpstate dev_type:blk_file getattr;
+allow dumpstate webview_zygote:process signal;
+dontaudit dumpstate perfprofd:binder call;
+dontaudit dumpstate update_engine:binder call;
diff --git a/private/hwservice_contexts b/private/hwservice_contexts
index 24c7059..e3dede9 100644
--- a/private/hwservice_contexts
+++ b/private/hwservice_contexts
@@ -6,6 +6,7 @@
android.hardware.authsecret::IAuthSecret u:object_r:hal_authsecret_hwservice:s0
android.hardware.biometrics.fingerprint::IBiometricsFingerprint u:object_r:hal_fingerprint_hwservice:s0
android.hardware.bluetooth::IBluetoothHci u:object_r:hal_bluetooth_hwservice:s0
+android.hardware.bluetooth.a2dp::IBluetoothAudioOffload u:object_r:hal_audio_hwservice:s0
android.hardware.boot::IBootControl u:object_r:hal_bootctl_hwservice:s0
android.hardware.broadcastradio::IBroadcastRadio u:object_r:hal_broadcastradio_hwservice:s0
android.hardware.broadcastradio::IBroadcastRadioFactory u:object_r:hal_broadcastradio_hwservice:s0
diff --git a/private/installd.te b/private/installd.te
index f74843d..0553716 100644
--- a/private/installd.te
+++ b/private/installd.te
@@ -16,3 +16,7 @@
# Create /data/.layout_version.* file
type_transition installd system_data_file:file install_data_file;
+
+# For collecting bugreports.
+allow installd dumpstate:fd use;
+allow installd dumpstate:fifo_file r_file_perms;
diff --git a/private/storaged.te b/private/storaged.te
index f5b7092..8ad872f 100644
--- a/private/storaged.te
+++ b/private/storaged.te
@@ -51,6 +51,9 @@
# running as root. See b/35323867 #3.
dontaudit storaged self:global_capability_class_set dac_override;
+# For collecting bugreports.
+allow storaged dumpstate:fifo_file write;
+
###
### neverallow
###
diff --git a/public/domain.te b/public/domain.te
index f2b9f0c..c46d6fa 100644
--- a/public/domain.te
+++ b/public/domain.te
@@ -180,8 +180,9 @@
allow domain vendor_configs_file:file { read open getattr };
full_treble_only(`
- # Allow all domains to be able to follow /system/vendor symlink
- allow domain vendor_file:lnk_file { getattr open read };
+ # Allow all domains to be able to follow /system/vendor and/or
+ # /vendor/odm symlinks.
+ allow domain vendor_file_type:lnk_file { getattr open read };
# This is required to be able to search & read /vendor/lib64
# in order to lookup vendor libraries. The execute permission
@@ -914,7 +915,7 @@
userdebug_or_eng(`-perfprofd')
-postinstall_dexopt
-system_server
- } vendor_app_file:{ file lnk_file } r_file_perms;
+ } vendor_app_file:file r_file_perms;
')
full_treble_only(`
@@ -941,7 +942,7 @@
-system_server
-webview_zygote
-zygote
- } vendor_overlay_file:{ file lnk_file } r_file_perms;
+ } vendor_overlay_file:file r_file_perms;
')
full_treble_only(`
@@ -961,7 +962,6 @@
domain
-coredomain
-appdomain
- -rild
-vendor_executes_system_violators
-vendor_init
} {
diff --git a/public/hal_audio.te b/public/hal_audio.te
index 08cc1ff..8d9d932 100644
--- a/public/hal_audio.te
+++ b/public/hal_audio.te
@@ -9,8 +9,8 @@
r_dir_file(hal_audio, proc)
r_dir_file(hal_audio, proc_asound)
-allow hal_audio audio_device:dir r_dir_perms;
-allow hal_audio audio_device:chr_file rw_file_perms;
+allow hal_audio_server audio_device:dir r_dir_perms;
+allow hal_audio_server audio_device:chr_file rw_file_perms;
# Needed to provide debug dump output via dumpsys' pipes.
allow hal_audio shell:fd use;
diff --git a/public/hal_neverallows.te b/public/hal_neverallows.te
index 1ab28c5..017fcce 100644
--- a/public/hal_neverallows.te
+++ b/public/hal_neverallows.te
@@ -6,7 +6,7 @@
-hal_wifi_server
-hal_wifi_hostapd_server
-hal_wifi_supplicant_server
- -rild
+ -hal_telephony_server
} self:global_capability_class_set { net_admin net_raw };
# Unless a HAL's job is to communicate over the network, or control network
@@ -17,7 +17,7 @@
-hal_wifi_server
-hal_wifi_hostapd_server
-hal_wifi_supplicant_server
- -rild
+ -hal_telephony_server
} domain:{ tcp_socket udp_socket rawip_socket } *;
###
@@ -44,7 +44,7 @@
neverallow {
halserverdomain
-hal_dumpstate_server
- -rild
+ -hal_telephony_server
} { file_type fs_type }:file execute_no_trans;
# Do not allow a process other than init to transition into a HAL domain.
neverallow { domain -init } halserverdomain:process transition;
diff --git a/public/hal_telephony.te b/public/hal_telephony.te
index 41cfd4b..86f41cb 100644
--- a/public/hal_telephony.te
+++ b/public/hal_telephony.te
@@ -5,3 +5,42 @@
add_hwservice(hal_telephony_server, hal_telephony_hwservice)
allow hal_telephony_client hal_telephony_hwservice:hwservice_manager find;
+allowxperm hal_telephony_server self:udp_socket ioctl priv_sock_ioctls;
+
+allow hal_telephony_server self:netlink_route_socket nlmsg_write;
+allow hal_telephony_server kernel:system module_request;
+allow hal_telephony_server self:global_capability_class_set { setpcap setgid setuid net_admin net_raw };
+allow hal_telephony_server alarm_device:chr_file rw_file_perms;
+allow hal_telephony_server cgroup:dir create_dir_perms;
+allow hal_telephony_server cgroup:{ file lnk_file } r_file_perms;
+allow hal_telephony_server radio_device:chr_file rw_file_perms;
+allow hal_telephony_server radio_device:blk_file r_file_perms;
+allow hal_telephony_server mtd_device:dir search;
+allow hal_telephony_server efs_file:dir create_dir_perms;
+allow hal_telephony_server efs_file:file create_file_perms;
+allow hal_telephony_server vendor_shell_exec:file rx_file_perms;
+allow hal_telephony_server bluetooth_efs_file:file r_file_perms;
+allow hal_telephony_server bluetooth_efs_file:dir r_dir_perms;
+allow hal_telephony_server sdcard_type:dir r_dir_perms;
+
+# property service
+set_prop(hal_telephony_server, radio_prop)
+set_prop(hal_telephony_server, exported_radio_prop)
+set_prop(hal_telephony_server, exported2_radio_prop)
+
+allow hal_telephony_server tty_device:chr_file rw_file_perms;
+
+# Allow hal_telephony_server to create and use netlink sockets.
+allow hal_telephony_server self:netlink_socket create_socket_perms_no_ioctl;
+allow hal_telephony_server self:netlink_generic_socket create_socket_perms_no_ioctl;
+allow hal_telephony_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
+
+# Access to wake locks
+wakelock_use(hal_telephony_server)
+
+r_dir_file(hal_telephony_server, proc_net)
+r_dir_file(hal_telephony_server, sysfs_type)
+r_dir_file(hal_telephony_server, system_file)
+
+# granting the ioctl permission for hal_telephony_server should be device specific
+allow hal_telephony_server self:socket create_socket_perms_no_ioctl;
diff --git a/public/property.te b/public/property.te
index e400332..cb839c9 100644
--- a/public/property.te
+++ b/public/property.te
@@ -158,7 +158,7 @@
domain
-coredomain
-appdomain
- -rild
+ -hal_telephony_server
-vendor_init
} {
exported_radio_prop
@@ -203,7 +203,7 @@
domain
-coredomain
-appdomain
- -rild
+ -hal_telephony_server
-vendor_init
} {
radio_prop
diff --git a/public/property_contexts b/public/property_contexts
index e5561a0..a3702c3 100644
--- a/public/property_contexts
+++ b/public/property_contexts
@@ -90,6 +90,7 @@
ro.cp_system_other_odex u:object_r:exported3_default_prop:s0 exact int
ro.crypto.scrypt_params u:object_r:exported2_vold_prop:s0 exact string
ro.dalvik.vm.native.bridge u:object_r:exported_dalvik_prop:s0 exact string
+ro.enable_boot_charger_mode u:object_r:exported3_default_prop:s0 exact bool
ro.gfx.driver.0 u:object_r:exported3_default_prop:s0 exact string
ro.oem_unlock_supported u:object_r:exported3_default_prop:s0 exact int
ro.opengles.version u:object_r:exported3_default_prop:s0 exact int
@@ -212,6 +213,7 @@
ro.hardware.activity_recognition u:object_r:exported_default_prop:s0 exact string
ro.hardware.audio u:object_r:exported_default_prop:s0 exact string
ro.hardware.audio.a2dp u:object_r:exported_default_prop:s0 exact string
+ro.hardware.audio.hearing_aid u:object_r:exported_default_prop:s0 exact string
ro.hardware.audio.primary u:object_r:exported_default_prop:s0 exact string
ro.hardware.audio.usb u:object_r:exported_default_prop:s0 exact string
ro.hardware.audio_policy u:object_r:exported_default_prop:s0 exact string
diff --git a/public/radio.te b/public/radio.te
index b66514c..4998a61 100644
--- a/public/radio.te
+++ b/public/radio.te
@@ -5,8 +5,8 @@
bluetooth_domain(radio)
binder_service(radio)
-# Talks to rild via the rild socket only for devices without full treble
-not_full_treble(`unix_socket_connect(radio, rild, rild)')
+# Talks to hal_telephony_server via the rild socket only for devices without full treble
+not_full_treble(`unix_socket_connect(radio, rild, hal_telephony_server)')
# Data file accesses.
allow radio radio_data_file:dir create_dir_perms;
diff --git a/public/rild.te b/public/rild.te
deleted file mode 100644
index 8cafd23..0000000
--- a/public/rild.te
+++ /dev/null
@@ -1,45 +0,0 @@
-# rild - radio interface layer daemon
-type rild, domain;
-hal_server_domain(rild, hal_telephony)
-
-net_domain(rild)
-allowxperm rild self:udp_socket ioctl priv_sock_ioctls;
-
-allow rild self:netlink_route_socket nlmsg_write;
-allow rild kernel:system module_request;
-allow rild self:global_capability_class_set { setpcap setgid setuid net_admin net_raw };
-allow rild alarm_device:chr_file rw_file_perms;
-allow rild cgroup:dir create_dir_perms;
-allow rild cgroup:{ file lnk_file } r_file_perms;
-allow rild radio_device:chr_file rw_file_perms;
-allow rild radio_device:blk_file r_file_perms;
-allow rild mtd_device:dir search;
-allow rild efs_file:dir create_dir_perms;
-allow rild efs_file:file create_file_perms;
-allow rild shell_exec:file rx_file_perms;
-allow rild bluetooth_efs_file:file r_file_perms;
-allow rild bluetooth_efs_file:dir r_dir_perms;
-allow rild sdcard_type:dir r_dir_perms;
-
-# property service
-set_prop(rild, radio_prop)
-set_prop(rild, exported_radio_prop)
-set_prop(rild, exported2_radio_prop)
-
-allow rild tty_device:chr_file rw_file_perms;
-
-# Allow rild to create and use netlink sockets.
-allow rild self:netlink_socket create_socket_perms_no_ioctl;
-allow rild self:netlink_generic_socket create_socket_perms_no_ioctl;
-allow rild self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
-
-# Access to wake locks
-wakelock_use(rild)
-
-r_dir_file(rild, proc_net)
-r_dir_file(rild, sysfs_type)
-r_dir_file(rild, system_file)
-
-# granting the ioctl permission for rild should be device specific
-allow rild self:socket create_socket_perms_no_ioctl;
-
diff --git a/vendor/hal_camera_default.te b/vendor/hal_camera_default.te
index 239e5c1..5bc4a61 100644
--- a/vendor/hal_camera_default.te
+++ b/vendor/hal_camera_default.te
@@ -5,3 +5,7 @@
init_daemon_domain(hal_camera_default)
allow hal_camera_default fwk_sensor_hwservice:hwservice_manager find;
+
+# For collecting bugreports.
+allow hal_camera_default dumpstate:fd use;
+allow hal_camera_default dumpstate:fifo_file write;
diff --git a/vendor/hal_wifi_supplicant_default.te b/vendor/hal_wifi_supplicant_default.te
index 9b70dd5..2e04dcf 100644
--- a/vendor/hal_wifi_supplicant_default.te
+++ b/vendor/hal_wifi_supplicant_default.te
@@ -19,3 +19,11 @@
# Write to security logs for audit.
get_prop(hal_wifi_supplicant_default, device_logging_prop)
+
+# Devices upgrading to P may grant this permission in device-specific
+# policy along with the data_between_core_and_vendor_violators
+# attribute needed for an exemption. However, devices that launch with
+# P should use /data/vendor/wifi, which is already granted in core
+# policy. This is dontaudited here to avoid conditional
+# device-specific behavior in wpa_supplicant.
+dontaudit hal_wifi_supplicant_default wifi_data_file:dir search;
diff --git a/vendor/rild.te b/vendor/rild.te
index 510a776..fc84ef7 100644
--- a/vendor/rild.te
+++ b/vendor/rild.te
@@ -1,3 +1,8 @@
+# rild - radio interface layer daemon
+type rild, domain;
+hal_server_domain(rild, hal_telephony)
+net_domain(rild)
+
# type_transition must be private policy the domain_trans rules could stay
# public, but conceptually should go with this
type rild_exec, exec_type, vendor_file_type, file_type;