Merge "Modify SEPolicy to support SLCAN"

commit: 6ad4f3207a425683fc49ac77a08ca139992546c2 [log] [tgz]
author: Chris Weir <chrisweir@google.com> Wed Dec 11 21:25:14 2019 +0000
committer: Gerrit Code Review <noreply-gerritcodereview@google.com> Wed Dec 11 21:25:14 2019 +0000
tree: 8ea41534d91a0cd6a6bf86ba3f42057623d602b0
parent: 83307199088fc8e1da075013779e69892d8ded0f [diff]
parent: cd40aa0ab7aa2a54b2fe8f3b20c85e6f64b5b291 [diff]
diff --git a/private/compat/29.0/29.0.ignore.cil b/private/compat/29.0/29.0.ignore.cil
index 715b07b..cbe20fe 100644
--- a/private/compat/29.0/29.0.ignore.cil
+++ b/private/compat/29.0/29.0.ignore.cil

@@ -47,6 +47,7 @@
     system_passwd_file
     tethering_service
     timezonedetector_service
+    usb_serial_device
     userspace_reboot_prop
     userspace_reboot_exported_prop
     vehicle_hal_prop

diff --git a/private/file_contexts b/private/file_contexts
index 87ee5df..c8d9327 100644
--- a/private/file_contexts
+++ b/private/file_contexts

@@ -163,6 +163,8 @@
 /dev/tty		u:object_r:owntty_device:s0
 /dev/tty[0-9]*		u:object_r:tty_device:s0
 /dev/ttyS[0-9]*		u:object_r:serial_device:s0
+/dev/ttyUSB[0-9]*	u:object_r:usb_serial_device:s0
+/dev/ttyACM[0-9]*	u:object_r:usb_serial_device:s0
 /dev/tun		u:object_r:tun_device:s0
 /dev/uhid		u:object_r:uhid_device:s0
 /dev/uinput		u:object_r:uhid_device:s0

diff --git a/public/hal_can.te b/public/hal_can.te
index c75495b..eb68e46 100644
--- a/public/hal_can.te
+++ b/public/hal_can.te

@@ -7,3 +7,6 @@
 binder_call(hal_can_bus_client, hal_can_bus_server)
 add_hwservice(hal_can_bus_server, hal_can_bus_hwservice)
 allow hal_can_bus_client hal_can_bus_hwservice:hwservice_manager find;
+
+# USB serial type for SLCAN
+type usb_serial_device, dev_type;

diff --git a/vendor/hal_can_socketcan.te b/vendor/hal_can_socketcan.te
index 9ee37fd..afa1311 100644
--- a/vendor/hal_can_socketcan.te
+++ b/vendor/hal_can_socketcan.te

@@ -16,7 +16,7 @@
 };
 
 # Communicating with SocketCAN interfaces and bringing them up/down
-allow hal_can_socketcan self:can_socket { bind create read write ioctl };
+allow hal_can_socketcan self:can_socket { bind create read write ioctl setopt };
 allowxperm hal_can_socketcan self:can_socket ioctl {
     SIOCGIFFLAGS
     SIOCSIFFLAGS
@@ -24,3 +24,13 @@
 
 # Un-publishing ICanBus interfaces
 allow hal_can_socketcan hidl_manager_hwservice:hwservice_manager find;
+
+allow hal_can_socketcan usb_serial_device:chr_file { ioctl read write open };
+allowxperm hal_can_socketcan usb_serial_device:chr_file ioctl {
+    TCGETS
+    TCSETSW
+    TIOCGSERIAL
+    TIOCSSERIAL
+    TIOCSETD
+    SIOCGIFNAME
+};
commit	6ad4f3207a425683fc49ac77a08ca139992546c2	[log] [tgz]
author	Chris Weir <chrisweir@google.com>	Wed Dec 11 21:25:14 2019 +0000
committer	Gerrit Code Review <noreply-gerritcodereview@google.com>	Wed Dec 11 21:25:14 2019 +0000
tree	8ea41534d91a0cd6a6bf86ba3f42057623d602b0
parent	83307199088fc8e1da075013779e69892d8ded0f [diff]
parent	cd40aa0ab7aa2a54b2fe8f3b20c85e6f64b5b291 [diff]