Update sepolicy to add dumpstate device service for AIDL HAL

- Add hal_dumpstate_service AIDL service to hal_dumpstate.te,
  service.te
- Add default example hal_dumpstate service to file_contexts,
  service_contexts
- Adde hal_dumpstate_service to API level 31 compatibility
  ignore list (31.0.ignore.cil)

Bug: 205760700
Test: VtsHalDumpstateTargetTest, dumpstate, dumpstate_test, dumpsys
Change-Id: If49fa16ac5ab1d3a1930bb800d530cbd32c5dec1
This commit is contained in:
Kedar Chitnis 2021-11-16 09:06:00 +00:00
parent b25774f53c
commit a465cbc194
5 changed files with 7 additions and 0 deletions

View file

@ -18,6 +18,7 @@
extra_free_kbytes_exec
hal_contexthub_service
hal_dice_service
hal_dumpstate_service
hal_graphics_composer_service
hal_health_service
hal_radio_config_service

View file

@ -3,6 +3,7 @@ android.hardware.automotive.audiocontrol.IAudioControl/default u:object_r:
android.hardware.biometrics.face.IFace/default u:object_r:hal_face_service:s0
android.hardware.biometrics.fingerprint.IFingerprint/default u:object_r:hal_fingerprint_service:s0
android.hardware.contexthub.IContextHub/default u:object_r:hal_contexthub_service:s0
android.hardware.dumpstate.IDumpstateDevice/default u:object_r:hal_dumpstate_service:s0
android.hardware.gnss.IGnss/default u:object_r:hal_gnss_service:s0
android.hardware.graphics.composer3.IComposer/default u:object_r:hal_graphics_composer_service:s0
android.hardware.health.storage.IStorage/default u:object_r:hal_health_storage_service:s0

View file

@ -5,6 +5,9 @@ binder_call(hal_dumpstate_server, hal_dumpstate_client)
set_prop(hal_dumpstate_server, hal_dumpstate_config_prop)
hal_attribute_hwservice(hal_dumpstate, hal_dumpstate_hwservice)
hal_attribute_service(hal_dumpstate, hal_dumpstate_service)
binder_call(hal_dumpstate_server, servicemanager)
# write bug reports in /data/data/com.android.shell/files/bugreports/bugreport
allow hal_dumpstate shell_data_file:file write;

View file

@ -262,6 +262,7 @@ type hal_audiocontrol_service, vendor_service, service_manager_type;
type hal_authsecret_service, vendor_service, protected_service, service_manager_type;
type hal_contexthub_service, vendor_service, protected_service, service_manager_type;
type hal_dice_service, vendor_service, protected_service, service_manager_type;
type hal_dumpstate_service, vendor_service, protected_service, service_manager_type;
type hal_face_service, vendor_service, protected_service, service_manager_type;
type hal_fingerprint_service, vendor_service, protected_service, service_manager_type;
type hal_gnss_service, vendor_service, protected_service, service_manager_type;

View file

@ -33,6 +33,7 @@
/(vendor|system/vendor)/bin/hw/android\.hardware\.cas@1\.[0-2]-service u:object_r:hal_cas_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.cas@1\.[0-2]-service-lazy u:object_r:hal_cas_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.dumpstate@1\.[0-1]-service\.example u:object_r:hal_dumpstate_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.dumpstate-service\.example u:object_r:hal_dumpstate_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.gatekeeper@1\.0-service u:object_r:hal_gatekeeper_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.gnss-service.example u:object_r:hal_gnss_default_exec:s0
/(vendor|system/vendor)/bin/hw/android\.hardware\.gnss@[0-9]\.[0-9]-service u:object_r:hal_gnss_default_exec:s0