commit 3007344dcd29f0d1320c6145302c2d833fda1a7c
author Amit Mahajan <amitmahajan@google.com> Mon Mar 12 17:12:09 2018 +0000
committer Amit Mahajan <amitmahajan@google.com> Mon Mar 12 13:13:39 2018 -0700
tree 64b48ff7c3400006e4f6bd534a69f9f74e2ce0c2
parent 0bbe19a4c684d7ed7f8aa72f56f6c2f99f320971

Revert "Revert "Move rild from public to vendor.""

This reverts commit 016f0a58a9cd429f1986033f922d4bb7f58f5f3a.

Reason for revert: Was temporarily reverted, merging back in with fix.

Test: Basic telephony sanity, treehugger
Bug: 74486619
Bug: 36427227
Merged-in: Ide68726a90d5485c2758673079427407aee1e4f2
Change-Id: Ide68726a90d5485c2758673079427407aee1e4f2
(cherry picked from commit 312248ff726d11b88aeb6db5ba7ca2df09077adf)

public/hal_telephony.te

diff --git a/public/hal_telephony.te b/public/hal_telephony.te
index 41cfd4b..86f41cb 100644
--- a/public/hal_telephony.te
+++ b/public/hal_telephony.te
@@ -5,3 +5,42 @@
 add_hwservice(hal_telephony_server, hal_telephony_hwservice)
 allow hal_telephony_client hal_telephony_hwservice:hwservice_manager find;
 
+allowxperm hal_telephony_server self:udp_socket ioctl priv_sock_ioctls;
+
+allow hal_telephony_server self:netlink_route_socket nlmsg_write;
+allow hal_telephony_server kernel:system module_request;
+allow hal_telephony_server self:global_capability_class_set { setpcap setgid setuid net_admin net_raw };
+allow hal_telephony_server alarm_device:chr_file rw_file_perms;
+allow hal_telephony_server cgroup:dir create_dir_perms;
+allow hal_telephony_server cgroup:{ file lnk_file } r_file_perms;
+allow hal_telephony_server radio_device:chr_file rw_file_perms;
+allow hal_telephony_server radio_device:blk_file r_file_perms;
+allow hal_telephony_server mtd_device:dir search;
+allow hal_telephony_server efs_file:dir create_dir_perms;
+allow hal_telephony_server efs_file:file create_file_perms;
+allow hal_telephony_server vendor_shell_exec:file rx_file_perms;
+allow hal_telephony_server bluetooth_efs_file:file r_file_perms;
+allow hal_telephony_server bluetooth_efs_file:dir r_dir_perms;
+allow hal_telephony_server sdcard_type:dir r_dir_perms;
+
+# property service
+set_prop(hal_telephony_server, radio_prop)
+set_prop(hal_telephony_server, exported_radio_prop)
+set_prop(hal_telephony_server, exported2_radio_prop)
+
+allow hal_telephony_server tty_device:chr_file rw_file_perms;
+
+# Allow hal_telephony_server to create and use netlink sockets.
+allow hal_telephony_server self:netlink_socket create_socket_perms_no_ioctl;
+allow hal_telephony_server self:netlink_generic_socket create_socket_perms_no_ioctl;
+allow hal_telephony_server self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
+
+# Access to wake locks
+wakelock_use(hal_telephony_server)
+
+r_dir_file(hal_telephony_server, proc_net)
+r_dir_file(hal_telephony_server, sysfs_type)
+r_dir_file(hal_telephony_server, system_file)
+
+# granting the ioctl permission for hal_telephony_server should be device specific
+allow hal_telephony_server self:socket create_socket_perms_no_ioctl;