Switch Bluetooth HAL policy to _client/_server
This switches Bluetooth HAL policy to the design which enables us to
conditionally remove unnecessary rules from domains which are clients
of Bluetooth HAL.
Domains which are clients of Bluetooth HAL, such as bluetooth domain,
are granted rules targeting hal_bluetooth only when the Bluetooth HAL
runs in passthrough mode (i.e., inside the client's process). When the
HAL runs in binderized mode (i.e., in another process/domain, with
clients talking to the HAL over HwBinder IPC), rules targeting
hal_bluetooth are not granted to client domains.
Domains which offer a binderized implementation of Bluetooth HAL, such
as hal_bluetooth_default domain, are always granted rules targeting
hal_bluetooth.
Test: Toggle Bluetooth off and on
Test: Pair with another Android, and transfer a file to that Android
over Bluetooth
Test: Pair with a Bluetooth speaker, play music through that
speaker over Bluetooth
Test: Add bluetooth_hidl_hal_test to device.mk, build & add to device,
adb shell stop,
adb shell /data/nativetest64/bluetooth_hidl_hal_test/bluetooth_hidl_hal_test
Bug: 34170079
Change-Id: I05c3ccf1e98cbbc1450a81bb1000c4fb75eb8a83
2017-02-17 05:14:56 +01:00
|
|
|
# HwBinder IPC from clients into server, and callbacks
|
|
|
|
binder_call(hal_bluetooth_client, hal_bluetooth_server)
|
|
|
|
binder_call(hal_bluetooth_server, hal_bluetooth_client)
|
2016-10-12 23:49:56 +02:00
|
|
|
|
2018-06-06 18:30:18 +02:00
|
|
|
hal_attribute_hwservice(hal_bluetooth, hal_bluetooth_hwservice)
|
2017-04-14 04:05:27 +02:00
|
|
|
|
2016-10-12 23:49:56 +02:00
|
|
|
wakelock_use(hal_bluetooth);
|
|
|
|
|
2017-02-22 20:50:20 +01:00
|
|
|
# The HAL toggles rfkill to power the chip off/on.
|
2017-11-09 23:51:26 +01:00
|
|
|
allow hal_bluetooth self:global_capability_class_set net_admin;
|
2017-02-22 20:50:20 +01:00
|
|
|
|
2016-10-12 23:49:56 +02:00
|
|
|
# bluetooth factory file accesses.
|
|
|
|
r_dir_file(hal_bluetooth, bluetooth_efs_file)
|
|
|
|
|
|
|
|
allow hal_bluetooth { uhid_device hci_attach_dev }:chr_file rw_file_perms;
|
|
|
|
|
|
|
|
# sysfs access.
|
|
|
|
r_dir_file(hal_bluetooth, sysfs_type)
|
|
|
|
allow hal_bluetooth sysfs_bluetooth_writable:file rw_file_perms;
|
2017-11-09 23:51:26 +01:00
|
|
|
allow hal_bluetooth self:global_capability2_class_set wake_alarm;
|
2016-10-12 23:49:56 +02:00
|
|
|
|
|
|
|
# Allow write access to bluetooth-specific properties
|
2018-04-09 05:07:32 +02:00
|
|
|
set_prop(hal_bluetooth, bluetooth_a2dp_offload_prop)
|
2019-03-18 04:07:32 +01:00
|
|
|
set_prop(hal_bluetooth, bluetooth_audio_hal_prop)
|
2016-10-12 23:49:56 +02:00
|
|
|
set_prop(hal_bluetooth, bluetooth_prop)
|
2018-04-09 05:07:32 +02:00
|
|
|
set_prop(hal_bluetooth, exported_bluetooth_prop)
|
2017-02-08 05:30:40 +01:00
|
|
|
|
|
|
|
# /proc access (bluesleep etc.).
|
|
|
|
allow hal_bluetooth proc_bluetooth_writable:file rw_file_perms;
|
2017-05-09 18:53:46 +02:00
|
|
|
|
|
|
|
# allow to run with real-time scheduling policy
|
2017-11-09 23:51:26 +01:00
|
|
|
allow hal_bluetooth self:global_capability_class_set sys_nice;
|