Merge "Annotate most remaining HALs with _client/_server"
This commit is contained in:
commit
37f7ffa388
@ -58,6 +58,7 @@ allow bluetooth shell_data_file:file read;
|
||||
|
||||
hal_client_domain(bluetooth, hal_bluetooth)
|
||||
binder_call(bluetooth, hal_telephony)
|
||||
hal_client_domain(bluetooth, hal_telephony)
|
||||
|
||||
read_runtime_log_tags(bluetooth)
|
||||
|
||||
|
@ -10,8 +10,11 @@ read_runtime_log_tags(surfaceflinger)
|
||||
# Perform HwBinder IPC.
|
||||
hwbinder_use(surfaceflinger)
|
||||
binder_call(surfaceflinger, hal_graphics_allocator)
|
||||
hal_client_domain(surfaceflinger, hal_graphics_allocator)
|
||||
binder_call(surfaceflinger, hal_graphics_composer)
|
||||
hal_client_domain(surfaceflinger, hal_graphics_composer)
|
||||
binder_call(surfaceflinger, hal_configstore)
|
||||
hal_client_domain(surfaceflinger, hal_configstore)
|
||||
|
||||
# Perform Binder IPC.
|
||||
binder_use(surfaceflinger)
|
||||
|
@ -176,18 +176,28 @@ hwbinder_use(system_server)
|
||||
hwallocator_use(system_server)
|
||||
binder_call(system_server, hal_boot)
|
||||
binder_call(system_server, hal_contexthub)
|
||||
hal_client_domain(system_server, hal_contexthub)
|
||||
hal_client_domain(system_server, hal_fingerprint)
|
||||
binder_call(system_server, hal_gnss)
|
||||
hal_client_domain(system_server, hal_gnss)
|
||||
binder_call(system_server, hal_graphics_allocator)
|
||||
binder_call(system_server, hal_ir)
|
||||
hal_client_domain(system_server, hal_ir)
|
||||
binder_call(system_server, hal_light)
|
||||
hal_client_domain(system_server, hal_light)
|
||||
binder_call(system_server, hal_memtrack)
|
||||
hal_client_domain(system_server, hal_memtrack)
|
||||
binder_call(system_server, hal_power)
|
||||
hal_client_domain(system_server, hal_power)
|
||||
hal_client_domain(system_server, hal_sensors)
|
||||
binder_call(system_server, hal_thermal)
|
||||
hal_client_domain(system_server, hal_thermal)
|
||||
binder_call(system_server, hal_usb)
|
||||
hal_client_domain(system_server, hal_usb)
|
||||
binder_call(system_server, hal_vibrator)
|
||||
hal_client_domain(system_server, hal_vibrator)
|
||||
binder_call(system_server, hal_vr)
|
||||
hal_client_domain(system_server, hal_vr)
|
||||
hal_client_domain(system_server, hal_wifi)
|
||||
hal_client_domain(system_server, hal_wifi_supplicant)
|
||||
|
||||
|
@ -136,7 +136,11 @@ attribute hal_camera;
|
||||
attribute hal_camera_client;
|
||||
attribute hal_camera_server;
|
||||
attribute hal_configstore;
|
||||
attribute hal_configstore_client;
|
||||
attribute hal_configstore_server;
|
||||
attribute hal_contexthub;
|
||||
attribute hal_contexthub_client;
|
||||
attribute hal_contexthub_server;
|
||||
attribute hal_drm;
|
||||
attribute hal_drm_client;
|
||||
attribute hal_drm_server;
|
||||
@ -147,26 +151,56 @@ attribute hal_fingerprint;
|
||||
attribute hal_fingerprint_client;
|
||||
attribute hal_fingerprint_server;
|
||||
attribute hal_gatekeeper;
|
||||
attribute hal_gatekeeper_client;
|
||||
attribute hal_gatekeeper_server;
|
||||
attribute hal_gnss;
|
||||
attribute hal_gnss_client;
|
||||
attribute hal_gnss_server;
|
||||
attribute hal_graphics_allocator;
|
||||
attribute hal_graphics_allocator_client;
|
||||
attribute hal_graphics_allocator_server;
|
||||
attribute hal_graphics_composer;
|
||||
attribute hal_graphics_composer_client;
|
||||
attribute hal_graphics_composer_server;
|
||||
attribute hal_health;
|
||||
attribute hal_health_client;
|
||||
attribute hal_health_server;
|
||||
attribute hal_ir;
|
||||
attribute hal_ir_client;
|
||||
attribute hal_ir_server;
|
||||
attribute hal_keymaster;
|
||||
attribute hal_keymaster_client;
|
||||
attribute hal_keymaster_server;
|
||||
attribute hal_light;
|
||||
attribute hal_light_client;
|
||||
attribute hal_light_server;
|
||||
attribute hal_memtrack;
|
||||
attribute hal_memtrack_client;
|
||||
attribute hal_memtrack_server;
|
||||
attribute hal_nfc;
|
||||
attribute hal_nfc_client;
|
||||
attribute hal_nfc_server;
|
||||
attribute hal_power;
|
||||
attribute hal_power_client;
|
||||
attribute hal_power_server;
|
||||
attribute hal_sensors;
|
||||
attribute hal_sensors_client;
|
||||
attribute hal_sensors_server;
|
||||
attribute hal_telephony;
|
||||
attribute hal_telephony_client;
|
||||
attribute hal_telephony_server;
|
||||
attribute hal_thermal;
|
||||
attribute hal_thermal_client;
|
||||
attribute hal_thermal_server;
|
||||
attribute hal_usb;
|
||||
attribute hal_usb_client;
|
||||
attribute hal_usb_server;
|
||||
attribute hal_vibrator;
|
||||
attribute hal_vibrator_client;
|
||||
attribute hal_vibrator_server;
|
||||
attribute hal_vr;
|
||||
attribute hal_vr_client;
|
||||
attribute hal_vr_server;
|
||||
attribute hal_wifi;
|
||||
attribute hal_wifi_client;
|
||||
attribute hal_wifi_server;
|
||||
|
@ -91,6 +91,7 @@ binder_call(dumpstate, { appdomain netd wificond })
|
||||
# For binderized mode:
|
||||
hal_client_domain(dumpstate, hal_dumpstate)
|
||||
binder_call(dumpstate, hal_vibrator)
|
||||
hal_client_domain(dumpstate, hal_vibrator)
|
||||
# For passthrough mode:
|
||||
allow dumpstate sysfs_vibrator:file { rw_file_perms getattr };
|
||||
|
||||
|
@ -16,6 +16,7 @@ allow gatekeeperd system_file:dir r_dir_perms;
|
||||
### Rules needed when Gatekeeper HAL runs outside of gatekeeperd process.
|
||||
### These rules should eventually be granted only when needed.
|
||||
hwbinder_use(gatekeeperd)
|
||||
hal_client_domain(gatekeeperd, hal_gatekeeper)
|
||||
###
|
||||
|
||||
# need to find KeyStore and add self
|
||||
|
@ -1,4 +1,6 @@
|
||||
# call into gatekeeperd process (callbacks)
|
||||
# TODO: This rules is unlikely to be needed because Gatekeeper HIDL
|
||||
# says there are no callbacks
|
||||
binder_call(hal_gatekeeper, gatekeeperd)
|
||||
|
||||
# TEE access.
|
||||
|
@ -26,6 +26,7 @@ binder_service(healthd)
|
||||
binder_call(healthd, system_server)
|
||||
binder_call(healthd, hwservicemanager)
|
||||
binder_call(healthd, hal_health)
|
||||
hal_client_domain(healthd, hal_health)
|
||||
|
||||
# Write to state file.
|
||||
# TODO: Split into a separate type?
|
||||
|
@ -38,3 +38,4 @@ allow nfc shell_data_file:file read;
|
||||
|
||||
# allow NFC process to call into the NFC HAL
|
||||
binder_call(nfc, hal_nfc)
|
||||
hal_client_domain(nfc, hal_nfc)
|
||||
|
@ -37,4 +37,4 @@ allow radio system_api_service:service_manager find;
|
||||
# Perform HwBinder IPC.
|
||||
hwbinder_use(radio)
|
||||
binder_call(radio, hal_telephony)
|
||||
|
||||
hal_client_domain(radio, hal_telephony)
|
||||
|
@ -1,6 +1,6 @@
|
||||
# rild - radio interface layer daemon
|
||||
type rild, domain, domain_deprecated;
|
||||
hal_impl_domain(rild, hal_telephony)
|
||||
hal_server_domain(rild, hal_telephony)
|
||||
|
||||
net_domain(rild)
|
||||
allowxperm rild self:udp_socket ioctl priv_sock_ioctls;
|
||||
|
2
vendor/hal_configstore_default.te
vendored
2
vendor/hal_configstore_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_configstore_default, domain;
|
||||
hal_impl_domain(hal_configstore_default, hal_configstore)
|
||||
hal_server_domain(hal_configstore_default, hal_configstore)
|
||||
|
||||
type hal_configstore_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_configstore_default)
|
||||
|
2
vendor/hal_contexthub_default.te
vendored
2
vendor/hal_contexthub_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_contexthub_default, domain;
|
||||
hal_impl_domain(hal_contexthub_default, hal_contexthub)
|
||||
hal_server_domain(hal_contexthub_default, hal_contexthub)
|
||||
|
||||
type hal_contexthub_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_contexthub_default)
|
||||
|
2
vendor/hal_gatekeeper_default.te
vendored
2
vendor/hal_gatekeeper_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_gatekeeper_default, domain;
|
||||
hal_impl_domain(hal_gatekeeper_default, hal_gatekeeper)
|
||||
hal_server_domain(hal_gatekeeper_default, hal_gatekeeper)
|
||||
|
||||
type hal_gatekeeper_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_gatekeeper_default);
|
||||
|
2
vendor/hal_gnss_default.te
vendored
2
vendor/hal_gnss_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_gnss_default, domain;
|
||||
hal_impl_domain(hal_gnss_default, hal_gnss)
|
||||
hal_server_domain(hal_gnss_default, hal_gnss)
|
||||
|
||||
type hal_gnss_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_gnss_default)
|
||||
|
2
vendor/hal_graphics_allocator_default.te
vendored
2
vendor/hal_graphics_allocator_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_graphics_allocator_default, domain;
|
||||
hal_impl_domain(hal_graphics_allocator_default, hal_graphics_allocator)
|
||||
hal_server_domain(hal_graphics_allocator_default, hal_graphics_allocator)
|
||||
|
||||
type hal_graphics_allocator_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_graphics_allocator_default)
|
||||
|
2
vendor/hal_graphics_composer_default.te
vendored
2
vendor/hal_graphics_composer_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_graphics_composer_default, domain;
|
||||
hal_impl_domain(hal_graphics_composer_default, hal_graphics_composer)
|
||||
hal_server_domain(hal_graphics_composer_default, hal_graphics_composer)
|
||||
|
||||
type hal_graphics_composer_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_graphics_composer_default)
|
||||
|
2
vendor/hal_health_default.te
vendored
2
vendor/hal_health_default.te
vendored
@ -1,6 +1,6 @@
|
||||
# health info abstraction
|
||||
type hal_health_default, domain;
|
||||
hal_impl_domain(hal_health_default, hal_health)
|
||||
hal_server_domain(hal_health_default, hal_health)
|
||||
|
||||
type hal_health_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_health_default)
|
||||
|
2
vendor/hal_ir_default.te
vendored
2
vendor/hal_ir_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_ir_default, domain;
|
||||
hal_impl_domain(hal_ir_default, hal_ir)
|
||||
hal_server_domain(hal_ir_default, hal_ir)
|
||||
|
||||
type hal_ir_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_ir_default)
|
||||
|
2
vendor/hal_light_default.te
vendored
2
vendor/hal_light_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_light_default, domain;
|
||||
hal_impl_domain(hal_light_default, hal_light)
|
||||
hal_server_domain(hal_light_default, hal_light)
|
||||
|
||||
type hal_light_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_light_default)
|
||||
|
2
vendor/hal_memtrack_default.te
vendored
2
vendor/hal_memtrack_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_memtrack_default, domain;
|
||||
hal_impl_domain(hal_memtrack_default, hal_memtrack)
|
||||
hal_server_domain(hal_memtrack_default, hal_memtrack)
|
||||
|
||||
type hal_memtrack_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_memtrack_default)
|
||||
|
2
vendor/hal_nfc_default.te
vendored
2
vendor/hal_nfc_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_nfc_default, domain;
|
||||
hal_impl_domain(hal_nfc_default, hal_nfc)
|
||||
hal_server_domain(hal_nfc_default, hal_nfc)
|
||||
|
||||
type hal_nfc_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_nfc_default)
|
||||
|
2
vendor/hal_power_default.te
vendored
2
vendor/hal_power_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_power_default, domain;
|
||||
hal_impl_domain(hal_power_default, hal_power)
|
||||
hal_server_domain(hal_power_default, hal_power)
|
||||
|
||||
type hal_power_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_power_default)
|
||||
|
2
vendor/hal_thermal_default.te
vendored
2
vendor/hal_thermal_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_thermal_default, domain;
|
||||
hal_impl_domain(hal_thermal_default, hal_thermal)
|
||||
hal_server_domain(hal_thermal_default, hal_thermal)
|
||||
|
||||
type hal_thermal_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_thermal_default)
|
||||
|
3
vendor/hal_usb_default.te
vendored
3
vendor/hal_usb_default.te
vendored
@ -1,4 +1,5 @@
|
||||
type hal_usb_default, domain;
|
||||
hal_impl_domain(hal_usb_default, hal_usb)
|
||||
hal_server_domain(hal_usb_default, hal_usb)
|
||||
|
||||
type hal_usb_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_usb_default)
|
||||
|
2
vendor/hal_vibrator_default.te
vendored
2
vendor/hal_vibrator_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_vibrator_default, domain;
|
||||
hal_impl_domain(hal_vibrator_default, hal_vibrator)
|
||||
hal_server_domain(hal_vibrator_default, hal_vibrator)
|
||||
|
||||
type hal_vibrator_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_vibrator_default)
|
||||
|
2
vendor/hal_vr_default.te
vendored
2
vendor/hal_vr_default.te
vendored
@ -1,5 +1,5 @@
|
||||
type hal_vr_default, domain;
|
||||
hal_impl_domain(hal_vr_default, hal_vr)
|
||||
hal_server_domain(hal_vr_default, hal_vr)
|
||||
|
||||
type hal_vr_default_exec, exec_type, file_type;
|
||||
init_daemon_domain(hal_vr_default)
|
||||
|
Loading…
Reference in New Issue
Block a user