sepolicy: Add Bluetooth AIDL
Bug: 205758693
Test: manual - boot local image with Cuttlefish
Change-Id: Ic0c5408d83f8c352b72f79e9024212c7ff0c84c1
diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go
index 72f4804..5ef24c2 100644
--- a/build/soong/service_fuzzer_bindings.go
+++ b/build/soong/service_fuzzer_bindings.go
@@ -39,6 +39,7 @@
"android.hardware.bluetooth.audio.IBluetoothAudioProviderFactory/default": EXCEPTION_NO_FUZZER,
"android.hardware.broadcastradio.IBroadcastRadio/amfm": EXCEPTION_NO_FUZZER,
"android.hardware.broadcastradio.IBroadcastRadio/dab": EXCEPTION_NO_FUZZER,
+ "android.hardware.bluetooth.IBluetoothHci/default": EXCEPTION_NO_FUZZER,
"android.hardware.camera.provider.ICameraProvider/internal/0": EXCEPTION_NO_FUZZER,
"android.hardware.cas.IMediaCasService/default": EXCEPTION_NO_FUZZER,
"android.hardware.confirmationui.IConfirmationUI/default": []string{"android.hardware.confirmationui-service.trusty_fuzzer"},
diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil
index 45bca3d..9e4f07c 100644
--- a/private/compat/33.0/33.0.ignore.cil
+++ b/private/compat/33.0/33.0.ignore.cil
@@ -13,6 +13,7 @@
device_config_vendor_system_native_prop
devicelock_service
fwk_sensor_service
+ hal_bluetooth_service
hal_bootctl_service
hal_cas_service
hal_remoteaccess_service
diff --git a/private/service_contexts b/private/service_contexts
index ecd1f44..eda85ab 100644
--- a/private/service_contexts
+++ b/private/service_contexts
@@ -13,6 +13,7 @@
android.hardware.biometrics.face.IFace/default u:object_r:hal_face_service:s0
android.hardware.biometrics.fingerprint.IFingerprint/default u:object_r:hal_fingerprint_service:s0
android.hardware.biometrics.fingerprint.IFingerprint/virtual u:object_r:hal_fingerprint_service:s0
+android.hardware.bluetooth.IBluetoothHci/default u:object_r:hal_bluetooth_service:s0
android.hardware.bluetooth.audio.IBluetoothAudioProviderFactory/default u:object_r:hal_audio_service:s0
android.hardware.broadcastradio.IBroadcastRadio/amfm u:object_r:hal_broadcastradio_service:s0
android.hardware.broadcastradio.IBroadcastRadio/dab u:object_r:hal_broadcastradio_service:s0
diff --git a/public/dumpstate.te b/public/dumpstate.te
index c0af235..6b112dc 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te
@@ -150,6 +150,7 @@
# Allow dumpstate to call dump() on specific hals.
dump_hal(hal_authsecret)
+dump_hal(hal_bluetooth)
dump_hal(hal_contexthub)
dump_hal(hal_drm)
dump_hal(hal_dumpstate)
diff --git a/public/hal_bluetooth.te b/public/hal_bluetooth.te
index 97177ba..53bbef2 100644
--- a/public/hal_bluetooth.te
+++ b/public/hal_bluetooth.te
@@ -1,8 +1,10 @@
# HwBinder IPC from clients into server, and callbacks
binder_call(hal_bluetooth_client, hal_bluetooth_server)
binder_call(hal_bluetooth_server, hal_bluetooth_client)
+binder_call(hal_bluetooth_server, servicemanager)
hal_attribute_hwservice(hal_bluetooth, hal_bluetooth_hwservice)
+hal_attribute_service(hal_bluetooth, hal_bluetooth_service)
wakelock_use(hal_bluetooth);
diff --git a/public/service.te b/public/service.te
index 9ca96bd..c5deb87 100644
--- a/public/service.te
+++ b/public/service.te
@@ -271,6 +271,7 @@
type hal_audio_service, protected_service, hal_service_type, service_manager_type;
type hal_audiocontrol_service, hal_service_type, service_manager_type;
type hal_authsecret_service, protected_service, hal_service_type, service_manager_type;
+type hal_bluetooth_service, protected_service, hal_service_type, service_manager_type;
type hal_bootctl_service, protected_service, hal_service_type, service_manager_type;
type hal_broadcastradio_service, protected_service, hal_service_type, service_manager_type;
type hal_camera_service, protected_service, hal_service_type, service_manager_type;