thermal: sepolicy for thermalservice and Thermal HAL revision 1.1

Add sepolicy for thermalserviced daemon, IThermalService binder service, IThermalCallback hwservice, and Thermal HAL revision 1.1. Test: manual: marlin with modified thermal-engine.conf Bug: 30982366 Change-Id: I207fa0f922a4e658338af91dea28c497781e8fe9 (cherry picked from commit ec3b6b7e25)
2017-06-09 11:27:08 -07:00 · 2017-06-09 11:27:08 -07:00 · e9b2def796
commit e9b2def796
parent 420be61f78
9 changed files with 25 additions and 1 deletions
--- a/prebuilts/api/26.0/26.0.ignore.cil
+++ b/prebuilts/api/26.0/26.0.ignore.cil
@ -15,5 +15,9 @@
    netd_stable_secret_prop
    sysfs_fs_ext4_features
    system_net_netd_hwservice
+    thermal_service
+    thermalcallback_hwservice
+    thermalserviced
+    thermalserviced_exec
    timezone_service
    tombstoned_java_trace_socket))
--- a/private/file_contexts
+++ b/private/file_contexts
@ -257,6 +257,7 @@
 /system/bin/update_engine        u:object_r:update_engine_exec:s0
 /system/bin/bspatch              u:object_r:update_engine_exec:s0
 /system/bin/storaged             u:object_r:storaged_exec:s0
+/system/bin/thermalserviced      u:object_r:thermalserviced_exec:s0
 /system/bin/webview_zygote32     u:object_r:webview_zygote_exec:s0
 /system/bin/webview_zygote64     u:object_r:webview_zygote_exec:s0
 /system/bin/virtual_touchpad     u:object_r:virtual_touchpad_exec:s0
--- a/private/hwservice_contexts
+++ b/private/hwservice_contexts
@ -37,6 +37,7 @@ android.hardware.renderscript::IDevice                          u:object_r:hal_r
 android.hardware.sensors::ISensors                              u:object_r:hal_sensors_hwservice:s0
 android.hardware.soundtrigger::ISoundTriggerHw                  u:object_r:hal_audio_hwservice:s0
 android.hardware.thermal::IThermal                              u:object_r:hal_thermal_hwservice:s0
+android.hardware.thermal::IThermalCallback                      u:object_r:thermalcallback_hwservice:s0
 android.hardware.tv.cec::IHdmiCec                               u:object_r:hal_tv_cec_hwservice:s0
 android.hardware.tv.input::ITvInput                             u:object_r:hal_tv_input_hwservice:s0
 android.hardware.usb::IUsb                                      u:object_r:hal_usb_hwservice:s0
--- a/private/service_contexts
+++ b/private/service_contexts
@ -149,6 +149,7 @@ telephony.registry                        u:object_r:registry_service:s0
 textclassification                        u:object_r:textclassification_service:s0
 textservices                              u:object_r:textservices_service:s0
 timezone                                  u:object_r:timezone_service:s0
+thermalservice                            u:object_r:thermal_service:s0
 trust                                     u:object_r:trust_service:s0
 tv_input                                  u:object_r:tv_input_service:s0
 uimode                                    u:object_r:uimode_service:s0
--- a/private/thermalserviced.te
+++ b/private/thermalserviced.te
@ -0,0 +1,4 @@
+typeattribute thermalserviced coredomain;
+
+init_daemon_domain(thermalserviced)
+
--- a/public/hwservice.te
+++ b/public/hwservice.te
@ -48,3 +48,4 @@ type hidl_memory_hwservice, hwservice_manager_type, coredomain_hwservice;
 type hidl_token_hwservice, hwservice_manager_type, coredomain_hwservice;
 type system_net_netd_hwservice, hwservice_manager_type, coredomain_hwservice;
 type system_wifi_keystore_hwservice, hwservice_manager_type, coredomain_hwservice;
+type thermalcallback_hwservice, hwservice_manager_type;
--- a/public/service.te
+++ b/public/service.te
@ -24,6 +24,7 @@ type radio_service,             service_manager_type;
 type storaged_service,          service_manager_type;
 type surfaceflinger_service,    service_manager_type;
 type system_app_service,        service_manager_type;
+type thermal_service,           service_manager_type;
 type update_engine_service,     service_manager_type;
 type virtual_touchpad_service,  service_manager_type;
 type vr_hwc_service,            service_manager_type;
--- a/public/thermalserviced.te
+++ b/public/thermalserviced.te
@ -0,0 +1,11 @@
+# thermalserviced -- thermal management services for system and vendor
+type thermalserviced, domain;
+type thermalserviced_exec, exec_type, file_type;
+
+binder_use(thermalserviced)
+binder_service(thermalserviced)
+add_service(thermalserviced, thermal_service)
+
+hwbinder_use(thermalserviced)
+hal_client_domain(thermalserviced, hal_thermal)
+add_hwservice(thermalserviced, thermalcallback_hwservice)
--- a/vendor/file_contexts
+++ b/vendor/file_contexts
@ -25,7 +25,7 @@
 /(vendor|system/vendor)/bin/hw/android\.hardware\.power@1\.0-service          u:object_r:hal_power_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.sensors@1\.0-service        u:object_r:hal_sensors_default_exec:s0
 /(vendor|system/vendor)/bin/hw/rild                                           u:object_r:rild_exec:s0
-/(vendor|system/vendor)/bin/hw/android\.hardware\.thermal@1\.0-service        u:object_r:hal_thermal_default_exec:s0
+/(vendor|system/vendor)/bin/hw/android\.hardware\.thermal@1\.[01]-service        u:object_r:hal_thermal_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.cec@1\.0-service        u:object_r:hal_tv_cec_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.tv\.input@1\.0-service      u:object_r:hal_tv_input_default_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\.usb@1\.0-service            u:object_r:hal_usb_default_exec:s0