Move automotive HALs sepolicy to system/

Bug: 70637118
Test: build, flash and boot automotive builds

Change-Id: I6db23258de30174d6db09d241e91b08aa5afedef
Merged-In: I6db23258de30174d6db09d241e91b08aa5afedef
(cherry picked from commit 394dbe34a0)
This commit is contained in:
Pavel Maltsev 2018-04-10 14:07:14 -07:00 committed by Jeffrey Vander Stoep
parent 19a74ec88a
commit 43e172af66
12 changed files with 57 additions and 0 deletions

View file

@ -44,16 +44,19 @@
exported3_radio_prop
exported3_system_prop
fs_bpf
hal_audiocontrol_hwservice
hal_authsecret_hwservice
hal_broadcastradio_hwservice
hal_cas_hwservice
hal_codec2_hwservice
hal_confirmationui_hwservice
hal_evs_hwservice
hal_lowpan_hwservice
hal_neuralnetworks_hwservice
hal_secure_element_hwservice
hal_tetheroffload_hwservice
hal_usb_gadget_hwservice
hal_vehicle_hwservice
hal_wifi_hostapd_hwservice
hal_wifi_offload_hwservice
incident_helper

View file

@ -41,12 +41,15 @@
exported_wifi_prop
fingerprint_vendor_data_file
fs_bpf
hal_audiocontrol_hwservice
hal_authsecret_hwservice
hal_codec2_hwservice
hal_confirmationui_hwservice
hal_evs_hwservice
hal_lowpan_hwservice
hal_secure_element_hwservice
hal_usb_gadget_hwservice
hal_vehicle_hwservice
hal_wifi_hostapd_hwservice
incident_helper
incident_helper_exec

View file

@ -4,6 +4,9 @@ android.frameworks.sensorservice::ISensorManager u:object_r:fwk_s
android.hardware.audio.effect::IEffectsFactory u:object_r:hal_audio_hwservice:s0
android.hardware.audio::IDevicesFactory u:object_r:hal_audio_hwservice:s0
android.hardware.authsecret::IAuthSecret u:object_r:hal_authsecret_hwservice:s0
android.hardware.automotive.audiocontrol::IAudioControl u:object_r:hal_audiocontrol_hwservice:s0
android.hardware.automotive.evs::IEvsEnumerator u:object_r:hal_evs_hwservice:s0
android.hardware.automotive.vehicle::IVehicle u:object_r:hal_vehicle_hwservice:s0
android.hardware.biometrics.fingerprint::IBiometricsFingerprint u:object_r:hal_fingerprint_hwservice:s0
android.hardware.bluetooth::IBluetoothHci u:object_r:hal_bluetooth_hwservice:s0
android.hardware.bluetooth.a2dp::IBluetoothAudioOffload u:object_r:hal_audio_hwservice:s0

View file

@ -248,6 +248,7 @@ expandattribute hal_cas_server false;
# HALs
hal_attribute(allocator);
hal_attribute(audiocontrol);
hal_attribute(authsecret);
hal_attribute(bluetooth);
hal_attribute(broadcastradio);
@ -255,6 +256,7 @@ hal_attribute(configstore);
hal_attribute(confirmationui);
hal_attribute(contexthub);
hal_attribute(dumpstate);
hal_attribute(evs);
hal_attribute(fingerprint);
hal_attribute(gatekeeper);
hal_attribute(gnss);
@ -279,6 +281,7 @@ hal_attribute(tv_cec);
hal_attribute(tv_input);
hal_attribute(usb);
hal_attribute(usb_gadget);
hal_attribute(vehicle);
hal_attribute(vibrator);
hal_attribute(vr);
hal_attribute(weaver);

View file

@ -0,0 +1,5 @@
# HwBinder IPC from client to server, and callbacks
binder_call(hal_audiocontrol_client, hal_audiocontrol_server)
binder_call(hal_audiocontrol_server, hal_audiocontrol_client)
add_hwservice(hal_audiocontrol_server, hal_audiocontrol_hwservice)

5
public/hal_evs.te Normal file
View file

@ -0,0 +1,5 @@
hwbinder_use(hal_evs_client)
hwbinder_use(hal_evs_server)
binder_call(hal_evs_client, hal_evs_server)
binder_call(hal_evs_server, hal_evs_client)

5
public/hal_vehicle.te Normal file
View file

@ -0,0 +1,5 @@
# HwBinder IPC from client to server, and callbacks
binder_call(hal_vehicle_client, hal_vehicle_server)
binder_call(hal_vehicle_server, hal_vehicle_client)
add_hwservice(hal_vehicle_server, hal_vehicle_hwservice)

View file

@ -2,6 +2,7 @@ type default_android_hwservice, hwservice_manager_type;
type fwk_display_hwservice, hwservice_manager_type, coredomain_hwservice;
type fwk_scheduler_hwservice, hwservice_manager_type, coredomain_hwservice;
type fwk_sensor_hwservice, hwservice_manager_type, coredomain_hwservice;
type hal_audiocontrol_hwservice, hwservice_manager_type;
type hal_audio_hwservice, hwservice_manager_type;
type hal_authsecret_hwservice, hwservice_manager_type;
type hal_bluetooth_hwservice, hwservice_manager_type;
@ -15,6 +16,7 @@ type hal_contexthub_hwservice, hwservice_manager_type;
type hal_drm_hwservice, hwservice_manager_type;
type hal_cas_hwservice, hwservice_manager_type;
type hal_dumpstate_hwservice, hwservice_manager_type;
type hal_evs_hwservice, hwservice_manager_type;
type hal_fingerprint_hwservice, hwservice_manager_type;
type hal_gatekeeper_hwservice, hwservice_manager_type;
type hal_gnss_hwservice, hwservice_manager_type;
@ -42,6 +44,7 @@ type hal_tv_cec_hwservice, hwservice_manager_type;
type hal_tv_input_hwservice, hwservice_manager_type;
type hal_usb_hwservice, hwservice_manager_type;
type hal_usb_gadget_hwservice, hwservice_manager_type;
type hal_vehicle_hwservice, hwservice_manager_type;
type hal_vibrator_hwservice, hwservice_manager_type;
type hal_vr_hwservice, hwservice_manager_type;
type hal_weaver_hwservice, hwservice_manager_type;

View file

@ -2,6 +2,9 @@
# Default HALs
#
/(vendor|system/vendor)/bin/hw/android\.hardware\.audio@2\.0-service u:object_r:hal_audio_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.audiocontrol@1\.0-service u:object_r:hal_audiocontrol_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.evs@1\.0-service u:object_r:hal_evs_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.automotive\.vehicle@2\.0-service u:object_r:hal_vehicle_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.bluetooth@1\.0-service u:object_r:hal_bluetooth_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service u:object_r:hal_fingerprint_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.boot@1\.0-service u:object_r:hal_bootctl_default_exec:s0

7
vendor/hal_audiocontrol_default.te vendored Normal file
View file

@ -0,0 +1,7 @@
# audiocontrol subsystem
type hal_audiocontrol_default, domain;
hal_server_domain(hal_audiocontrol_default, hal_audiocontrol)
# may be started by init
type hal_audiocontrol_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_audiocontrol_default)

10
vendor/hal_evs_default.te vendored Normal file
View file

@ -0,0 +1,10 @@
# evs_mock mock hardware driver service
type hal_evs_default, domain;
hal_server_domain(hal_evs_default, hal_evs)
# allow init to launch processes in this context
type hal_evs_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_evs_default)
allow hal_evs_default hal_graphics_allocator_default:fd use;

7
vendor/hal_vehicle_default.te vendored Normal file
View file

@ -0,0 +1,7 @@
# vehicle subsystem
type hal_vehicle_default, domain;
hal_server_domain(hal_vehicle_default, hal_vehicle)
# may be started by init
type hal_vehicle_default_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(hal_vehicle_default)