tequilaOS/platform_device_qcom_sepolicy-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge "sepolicy: remove mirrorlink related sepolicies"

Browse source
This commit is contained in:
qctecmdr 2019-09-29 01:26:13 -07:00 committed by Gerrit - the friendly Code Review server
commit d8982c8764
24 changed files with 0 additions and 358 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
legacy/vendor/common/attributes vendored
View file

@ -104,10 +104,6 @@ attribute hal_scve;
attribute hal_scve_client;
attribute hal_scve_server;
attribute hal_mirrorlink;
attribute hal_mirrorlink_client;
attribute hal_mirrorlink_server;
attribute hal_pasrmanager;
attribute hal_pasrmanager_client;
attribute hal_pasrmanager_server;

1
legacy/vendor/common/file_contexts vendored
View file

@ -345,7 +345,6 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.usb\.gadget@1\.0-service-qti u:object_r:hal_usb_gadget_qti_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.scve\.panorama@1\.0-service u:object_r:vendor_scve_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.scve\.objecttracker@1\.0-service u:object_r:vendor_scve_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.mlshal@1\.0-service u:object_r:hal_mirrorlink_qti_exec:s0
/(vendor|system/vendor)/bin/hdcp_srm u:object_r:hdcp_srm_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.power\.pasrmanager\@1\.0-service u:object_r:hal_pasrmanager_qti_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.capabilityconfigstore@1\.0-service u:object_r:hal_capabilityconfigstore_qti_default_exec:s0

56
legacy/vendor/common/hal_mirrorlink.te vendored
View file

@ -1,56 +0,0 @@
# Copyright (c) 2018, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#Define Domain
type hal_mirrorlink_qti, domain;
type hal_mirrorlink_qti_exec, exec_type, vendor_file_type, file_type;
hal_server_domain(hal_mirrorlink_qti,hal_mirrorlink)
#Allow for transition from init domain to hal_mirrorlink
init_daemon_domain(hal_mirrorlink_qti)
#Allow hal_mirrorlink to use Vendor Binder IPC
vndbinder_use(hal_mirrorlink)
#Allow hwbinder call from hal client to server
binder_call(hal_mirrorlink_client, hal_mirrorlink_server)
binder_call(hal_mirrorlink_server, hal_mirrorlink_client)
#Add hwservice related rules
add_hwservice(hal_mirrorlink_server, hal_mirrorlink_hwservice)
#Allow access to tee device
allow hal_mirrorlink_qti tee_device:chr_file rw_file_perms;
#Allow access to ion device
allow hal_mirrorlink_qti ion_device:chr_file rw_file_perms;
#Allow access to firmware
allow hal_mirrorlink_qti firmware_file:dir r_dir_perms;
allow hal_mirrorlink_qti firmware_file:file r_file_perms;
allow hal_mirrorlink_client hal_mirrorlink_hwservice:hwservice_manager find;

1
legacy/vendor/common/hwservice.te vendored
View file

@ -55,7 +55,6 @@ type hal_tui_comm_hwservice, hwservice_manager_type;
type hal_qdutils_disp_hwservice, hwservice_manager_type;
type hal_sensorscalibrate_qti_hwservice, hwservice_manager_type;
type hal_scve_hwservice, hwservice_manager_type;
type hal_mirrorlink_hwservice, hwservice_manager_type;
type hal_pasrmanager_hwservice, hwservice_manager_type;
type hal_wifilearner_hwservice, hwservice_manager_type;
type hal_fm_hwservice, hwservice_manager_type;

3
legacy/vendor/common/hwservice_contexts vendored
View file

@ -90,9 +90,6 @@ vendor.qti.hardware.scve.panorama::IPanoramaTracking u:object_r:hal_s
vendor.qti.hardware.scve.panorama::IPanoramaStitching u:object_r:hal_scve_hwservice:s0
vendor.qti.hardware.scve.objecttracker::IObjectTracker u:object_r:hal_scve_hwservice:s0
vendor.qti.hardware.wifi.hostapd::IHostapdVendor u:object_r:hal_wifi_hostapd_hwservice:s0
vendor.qti.hardware.mlshal::IMlsDap u:object_r:hal_mirrorlink_hwservice:s0
vendor.qti.hardware.mlshal::IMlsVnc u:object_r:hal_mirrorlink_hwservice:s0
vendor.qti.hardware.mlshal::IMlsIon u:object_r:hal_mirrorlink_hwservice:s0
vendor.qti.hardware.wifi.wifilearner::IWifiStats u:object_r:hal_wifilearner_hwservice:s0
vendor.qti.hardware.fm::IFmHci u:object_r:hal_fm_hwservice:s0
vendor.qti.hardware.wifidisplaysession::IWifiDisplaySession u:object_r:wifidisplayhalservice_hwservice:s0

35
legacy/vendor/common/mirrorlink.te vendored
View file

@ -1,35 +0,0 @@
# Copyright (c) 2018, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Allow read access to mirrorlink specific property type.
get_prop(mirrorlink, vendor_mirrorlink_prop);
# Allow read access to udc connection state
allow mirrorlink sysfs_usb_controller:dir r_dir_perms;
allow mirrorlink sysfs_usb_controller:file r_file_perms;
hal_client_domain(mirrorlink, hal_mirrorlink)

3
legacy/vendor/common/system_app.te vendored
View file

@ -165,9 +165,6 @@ get_prop(system_app, fm_prop)
#allow system_app access factory
hal_client_domain(system_app, vendor_hal_factory_qti);
# allow system app to set mirrorlink prop
set_prop(system_app, vendor_mirrorlink_prop);
#secureUI
hal_client_domain(system_app, hal_qdutils_disp);
hal_client_domain(system_app, hal_tui_comm);

3
legacy/vendor/common/system_server.te vendored
View file

@ -174,9 +174,6 @@ get_prop(system_server, vendor_scroll_prop)
get_prop(system_server, vendor_display_prop)
get_prop(system_server, vendor_iop_prop)
# allow system server to get mirrorlink connection status prop
get_prop(system_server, vendor_mirrorlink_prop)
# allow system server to get vendor_audio_prop
get_prop(system_server, vendor_audio_prop)

2
qva/private/audioserver.te
View file

@ -25,8 +25,6 @@
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Allow audioserver to interact with mirrorlinkserver
binder_call(audioserver, mirrorlink);
binder_call(audioserver,wfdservice);
#allow access to ALSA MMAP FDs for AAudio API

2
qva/private/file.te
View file

@ -31,5 +31,3 @@ type dpmwrapper_socket, file_type, coredomain_socket, mlstrustedobject;
type qvrd_data_file, file_type, data_file_type, core_data_file_type;
type qvrd_socket, file_type, mlstrustedobject, coredomain_socket;
type qvrd_hvx_socket, file_type, coredomain_socket;
type mirrorlink_data_file, file_type, data_file_type, core_data_file_type;
type mirrorlink_socket, file_type, coredomain_socket;

4
qva/private/file_contexts
View file

@ -36,8 +36,6 @@
/dev/socket/qvrservice u:object_r:qvrd_socket:s0
/dev/socket/qvrservice_camera u:object_r:qvrd_socket:s0
/dev/socket/qvrservice_hvx_camera u:object_r:qvrd_hvx_socket:s0
/dev/socket/mirrorlinkserverapi u:object_r:mirrorlink_socket:s0
/dev/socket/mirrorlinkserverah u:object_r:mirrorlink_socket:s0
####### system file ###############
/system/bin/seempd u:object_r:seempd_exec:s0
@ -49,7 +47,6 @@
/system/bin/mmi u:object_r:vendor_mmi_sys_exec:s0
/system/bin/mmi_diag u:object_r:vendor_mmi_sys_exec:s0
/system/bin/perfservice u:object_r:perfservice_exec:s0
/system/bin/mirrorlinkserver u:object_r:mirrorlink_exec:s0
/system/bin/vpsservice u:object_r:vpsservice_exec:s0
/system/bin/qspmsvc u:object_r:qspmsvc_exec:s0
/system/bin/sigma_miracasthalservice u:object_r:sigmahal_qti_exec:s0
@ -57,5 +54,4 @@
####### data files ################
/data/dpm(/.*)? u:object_r:dpmd_data_file:s0
/data/misc/qvr(/.*)? u:object_r:qvrd_data_file:s0
/data/misc/mirrorlinkserver(/.*)? u:object_r:mirrorlink_data_file:s0
/data/nfc(/.*)? u:object_r:nfc_data_file:s0

98
qva/private/mirrorlink.te
View file

@ -1,98 +0,0 @@
# Copyright (c) 2018, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
typeattribute mirrorlink coredomain;
type mirrorlink_exec, exec_type, system_file_type, file_type;
# Allow for transition from init to mirrorlink domain upon executing binary.
init_daemon_domain(mirrorlink)
# Inherit a base set of permissions required for network access.
net_domain(mirrorlink)
# Allow socket permissions on netlink_kobject_uevent_socket.
allow mirrorlink self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl;
# Allow socket permissions on udp_socket.
allowxperm mirrorlink self:udp_socket ioctl { SIOCGIFFLAGS SIOCSIFFLAGS SIOCGIFCONF SIOCGIFADDR SIOCGIFMTU };
# Allow access to mirrorlink_data_file (/data/misc/mirrorlinkserver)
allow mirrorlink mirrorlink_data_file:file create_file_perms;
allow mirrorlink mirrorlink_data_file:dir create_dir_perms;
# Allow read-write permissions to mirrorlink sockets under dev/socket/.
allow mirrorlink mirrorlink_socket:sock_file { read write };
# Allow read-write access to proc net device.
allow mirrorlink proc_net:file rw_file_perms;
# Allow read-write access to uhid device for HID event injection.
allow mirrorlink uhid_device:chr_file rw_file_perms;
# Allow binder IPC with surfaceflinger, audioserver, mediametrics and system_app services.
allow mirrorlink audioserver_service:service_manager find;
allow mirrorlink surfaceflinger_service:service_manager find;
allow mirrorlink mediametrics_service:service_manager find;
binder_use(mirrorlink);
binder_call(mirrorlink, surfaceflinger);
binder_call(mirrorlink, audioserver);
binder_call(mirrorlink, system_app);
# Allow access to PCM sound card.
allow mirrorlink audio_device:chr_file rw_file_perms;
allow mirrorlink audio_device:dir r_dir_perms;
# Allow access to /proc/asound/pcm file
r_dir_file(mirrorlink, proc_asound)
# Allow a base set of permissions for mirrorlinkserver to be a client of graphics composer HAL.
hal_client_domain(mirrorlink, hal_graphics_composer);
# Allow a base set of permissions for mirrorlinkserver to be a client of graphics allocator HAL.
hal_client_domain(mirrorlink, hal_graphics_allocator);
# Allow RW access to USB properties.
set_prop(mirrorlink, exported_system_radio_prop);
get_prop(mirrorlink, system_prop);
# Allow access to usb ncm state from net
allow mirrorlink sysfs_net:dir r_dir_perms;
allow mirrorlink sysfs_net:file r_file_perms;
# Allow read access to EGL lib
allow mirrorlink system_file:dir r_dir_perms;
# Allow read-write access to gpu device.
allow mirrorlink gpu_device:chr_file rw_file_perms;
# Allow read-only access to ion device.
allow mirrorlink ion_device:chr_file r_file_perms;
# Allow access to video encoder device.
allow mirrorlink video_device:chr_file rw_file_perms;
# Allow read access to mirrorlink specific property type.
get_prop(mirrorlink, vendor_mirrorlink_prop);

1
qva/private/property_contexts
View file

@ -37,7 +37,6 @@ vendor.bt.pts. u:object_r:bluetooth_prop:s0
vendor.bluetooth. u:object_r:bluetooth_prop:s0
vendor.camera.aux.packagelist u:object_r:persist_camera_prop:s0
persist.vendor.camera.privapp.list u:object_r:persist_camera_prop:s0
vendor.mls. u:object_r:vendor_mirrorlink_prop:s0
#mm-parser
vendor.mm.enable.qcom_parser u:object_r:mm_parser_prop:s0

2
qva/private/surfaceflinger.te
View file

@ -25,6 +25,4 @@
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#Allow surfaceflinger to interact with mirrorlinkserver
binder_call(surfaceflinger, mirrorlink);
binder_call(surfaceflinger, wfdservice);

8
qva/private/system_app.te
View file

@ -40,14 +40,6 @@ get_prop(system_app, bluetooth_prop);
# allow system_app access to Workload Classifier Property
set_prop(system_app, vendor_wlc_prop);
# allow system app to interact with mirrorlinkserver
binder_call(system_app, mirrorlink);
# allow system app to connect to mirrorlink_socket
unix_socket_connect(system_app, mirrorlink, mirrorlink);
# allow system app to set mirrorlink prop
set_prop(system_app, vendor_mirrorlink_prop);
#WFD
set_prop(system_app, wfd_service_prop);
userdebug_or_eng(`

2
qva/private/system_server.te
View file

@ -35,8 +35,6 @@ allow system_server seempdw_socket:sock_file write;
binder_call(system_server, seempd)
unix_socket_send(system_server, seempdw, seempd)
#Allow system server to get mirrorlink connection status prop
get_prop(system_server, vendor_mirrorlink_prop)
unix_socket_connect(system_server, dpmd, dpmd);
allow system_server { dpmd_socket dpmtcm_socket }:sock_file w_file_perms;

28
qva/public/mirrorlink.te
View file

@ -1,28 +0,0 @@
# Copyright (c) 2018, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
type mirrorlink, domain;

2
qva/public/property.te
View file

@ -28,8 +28,6 @@
type persist_dpm_prop, property_type, extended_core_property_type;
type persist_camera_prop, property_type, extended_core_property_type;
#MirrorLink
type vendor_mirrorlink_prop, property_type, extended_core_property_type;
# this is vendor defined property and added with prefix vendor
# which is going to be working from system
type vendor_bt_prop, property_type, extended_core_property_type;

4
qva/vendor/common/attributes vendored
View file

@ -61,10 +61,6 @@ attribute wifidisplayhalservice;
attribute wifidisplayhalservice_client;
attribute wifidisplayhalservice_server;
attribute hal_mirrorlink;
attribute hal_mirrorlink_client;
attribute hal_mirrorlink_server;
attribute hal_vpp;
attribute hal_vpp_client;
attribute hal_vpp_server;

2
qva/vendor/common/file_contexts vendored
View file

@ -71,7 +71,6 @@
/vendor/bin/hw/vendor\.nxp\.hardware\.nfc@1\.2-service u:object_r:hal_nfc_default_exec:s0
/vendor/bin/hw/vendor\.qti\.hardware\.alarm@1\.0-service u:object_r:hal_alarm_qti_default_exec:s0
/vendor/bin/hw/vendor\.qti\.hardware\.iop@2\.0-service u:object_r:hal_iop_default_exec:s0
/vendor/bin/hw/vendor\.qti\.hardware\.mlshal@1\.0-service u:object_r:hal_mirrorlink_qti_exec:s0
/vendor/bin/hw/vendor\.qti\.hardware\.qteeconnector@1\.0-service u:object_r:hal_qteeconnector_qti_exec:s0
/vendor/bin/hw/vendor\.qti\.hardware\.scve\.objecttracker@1\.0-service u:object_r:vendor_scve_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.scve\.panorama@1\.0-service u:object_r:vendor_scve_exec:s0
@ -79,7 +78,6 @@
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.soter@1\.0-service u:object_r:hal_soter_qti_exec:s0
/vendor/bin/hw/vendor\.qti\.hardware\.vibrator@1\.[0-2]-service u:object_r:hal_vibrator_default_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.power\.pasrmanager\@1\.0-service u:object_r:hal_pasrmanager_qti_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.mlshal@1\.0-service u:object_r:hal_mirrorlink_qti_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.secure_element@1\.0-service u:object_r:hal_secure_element_default_exec:s0
/(vendor|system/vendor)/bin/hw/vendor\.qti\.hardware\.perf@2\.0-service u:object_r:hal_perf_default_exec:s0
/(vendor|system/vendor)/bin/mm-audio-ftm u:object_r:vendor_audioftm_exec:s0

62
qva/vendor/common/hal_mirrorlink.te vendored
View file

@ -1,62 +0,0 @@
# Copyright (c) 2018, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#Define Domain
type hal_mirrorlink_qti, domain;
type hal_mirrorlink_qti_exec, exec_type, vendor_file_type, file_type;
hal_server_domain(hal_mirrorlink_qti,hal_mirrorlink)
#Allow for transition from init domain to hal_mirrorlink
init_daemon_domain(hal_mirrorlink_qti)
#Allow hal_mirrorlink to use Vendor Binder IPC
vndbinder_use(hal_mirrorlink)
#Allow hwbinder call from hal client to server
binder_call(hal_mirrorlink_client, hal_mirrorlink_server)
binder_call(hal_mirrorlink_server, hal_mirrorlink_client)
#Add hwservice related rules
add_hwservice(hal_mirrorlink_server, hal_mirrorlink_hwservice)
#Allow access to tee device
allow hal_mirrorlink_qti tee_device:chr_file rw_file_perms;
#Allow access to ion device
allow hal_mirrorlink_qti ion_device:chr_file rw_file_perms;
#Allow access to firmware
r_dir_file(hal_mirrorlink_qti, firmware_file);
allow hal_mirrorlink_client hal_mirrorlink_hwservice:hwservice_manager find;
#Allow access to gpu device
allow hal_mirrorlink_qti gpu_device:chr_file rw_file_perms;
#Allow access to video encoder device
allow hal_mirrorlink_qti video_device:chr_file rw_file_perms;

1
qva/vendor/common/hwservice.te vendored
View file

@ -27,7 +27,6 @@
type hal_dpmqmi_hwservice, hwservice_manager_type;
type hal_iop_hwservice, hwservice_manager_type;
type hal_mirrorlink_hwservice, hwservice_manager_type;
type hal_pasrmanager_hwservice, hwservice_manager_type;
type wifidisplayhalservice_hwservice , hwservice_manager_type;
type hal_alarm_qti_hwservice , hwservice_manager_type;

3
qva/vendor/common/hwservice_contexts vendored
View file

@ -34,9 +34,6 @@ vendor.qti.hardware.wigig.supptunnel::ISuppTunnelProvider u:object_r:hal_wigi
vendor.qti.hardware.wigig.netperftuner::INetPerfTuner u:object_r:hal_wigig_npt_hwservice:s0
vendor.qti.hardware.qteeconnector::IAppConnector u:object_r:hal_qteeconnector_hwservice:s0
vendor.qti.hardware.qteeconnector::IGPAppConnector u:object_r:hal_qteeconnector_hwservice:s0
vendor.qti.hardware.mlshal::IMlsDap u:object_r:hal_mirrorlink_hwservice:s0
vendor.qti.hardware.mlshal::IMlsVnc u:object_r:hal_mirrorlink_hwservice:s0
vendor.qti.hardware.mlshal::IMlsIon u:object_r:hal_mirrorlink_hwservice:s0
vendor.qti.power.pasrmanager::IPasrManager u:object_r:hal_pasrmanager_hwservice:s0
com.qualcomm.qti.bluetooth_audio::IBluetoothAudio u:object_r:hal_audio_hwservice:s0
vendor.qti.hardware.btconfigstore::IBTConfigStore u:object_r:hal_btconfigstore_hwservice:s0

31
qva/vendor/common/mirrorlink.te vendored
View file

@ -1,31 +0,0 @@
# Copyright (c) 2018, The Linux Foundation. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are
# met:
# * Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
# * Neither the name of The Linux Foundation nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# Allow read access to udc connection state
r_dir_file(mirrorlink, sysfs_usb_controller);
hal_client_domain(mirrorlink, hal_mirrorlink)