Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_sepolicy / 602b30302a9dc4788d5b11cfd39dd7bebb63dba5^! / . / public
commit602b30302a9dc4788d5b11cfd39dd7bebb63dba5[log] [tgz]
authorTomasz Wasilczyk <twasilczyk@google.com>Tue Jul 23 17:38:51 2019 -0700
committerTomasz Wasilczyk <twasilczyk@google.com>Thu Aug 01 10:24:00 2019 -0700
tree858e63bdd849b7b4eeaa8fcd9bb47bfc10f6859e
parent5ee628f0ce74f04087a9d0602445b8fb90b68f31 [diff]
SEPolicy rules for CAN bus HAL

Bug: 135918744
Test: VTS (separate new change)
Change-Id: Idd3ca882e3bd36b95a5412bdfbf6fe9d6e911ba9

diff --git a/public/attributes b/public/attributes
index d296a46..1375978 100644
--- a/public/attributes
+++ b/public/attributes

@@ -251,6 +251,8 @@
 hal_attribute(bufferhub);
 hal_attribute(broadcastradio);
 hal_attribute(camera);
+hal_attribute(can_bus);
+hal_attribute(can_controller);
 hal_attribute(cas);
 hal_attribute(configstore);
 hal_attribute(confirmationui);

diff --git a/public/hal_can.te b/public/hal_can.te
new file mode 100644
index 0000000..c75495b
--- /dev/null
+++ b/public/hal_can.te

@@ -0,0 +1,9 @@
+# CAN controller
+binder_call(hal_can_controller_client, hal_can_controller_server)
+add_hwservice(hal_can_controller_server, hal_can_controller_hwservice)
+allow hal_can_controller_client hal_can_controller_hwservice:hwservice_manager find;
+
+# CAN bus
+binder_call(hal_can_bus_client, hal_can_bus_server)
+add_hwservice(hal_can_bus_server, hal_can_bus_hwservice)
+allow hal_can_bus_client hal_can_bus_hwservice:hwservice_manager find;

diff --git a/public/hal_neverallows.te b/public/hal_neverallows.te
index 0f05d8a..4117878 100644
--- a/public/hal_neverallows.te
+++ b/public/hal_neverallows.te

@@ -3,6 +3,7 @@
 neverallow {
   halserverdomain
   -hal_bluetooth_server
+  -hal_can_controller_server
   -hal_wifi_server
   -hal_wifi_hostapd_server
   -hal_wifi_supplicant_server
@@ -18,6 +19,7 @@
 neverallow {
   halserverdomain
   -hal_automotive_socket_exemption
+  -hal_can_controller_server
   -hal_tetheroffload_server
   -hal_wifi_server
   -hal_wifi_hostapd_server

diff --git a/public/hwservice.te b/public/hwservice.te
index 670b8b8..9f1f42c 100644
--- a/public/hwservice.te
+++ b/public/hwservice.te

@@ -13,6 +13,8 @@
 type hal_bootctl_hwservice, hwservice_manager_type;
 type hal_broadcastradio_hwservice, hwservice_manager_type;
 type hal_camera_hwservice, hwservice_manager_type;
+type hal_can_bus_hwservice, hwservice_manager_type;
+type hal_can_controller_hwservice, hwservice_manager_type;
 type hal_codec2_hwservice, hwservice_manager_type;
 type hal_configstore_ISurfaceFlingerConfigs, hwservice_manager_type;
 type hal_confirmationui_hwservice, hwservice_manager_type;