From 671a0c3bda6fc0df358bd6d26b739f4f7409b3a6 Mon Sep 17 00:00:00 2001 From: Myles Watson Date: Wed, 10 Aug 2022 14:19:27 -0700 Subject: [PATCH] sepolicy: Add Bluetooth AIDL Bug: 205758693 Test: manual - boot local image with Cuttlefish Change-Id: Ic0c5408d83f8c352b72f79e9024212c7ff0c84c1 --- build/soong/service_fuzzer_bindings.go | 1 + private/compat/33.0/33.0.ignore.cil | 1 + private/service_contexts | 1 + public/dumpstate.te | 1 + public/hal_bluetooth.te | 2 ++ public/service.te | 1 + 6 files changed, 7 insertions(+) diff --git a/build/soong/service_fuzzer_bindings.go b/build/soong/service_fuzzer_bindings.go index 72f48041e..5ef24c214 100644 --- a/build/soong/service_fuzzer_bindings.go +++ b/build/soong/service_fuzzer_bindings.go @@ -39,6 +39,7 @@ var ( "android.hardware.bluetooth.audio.IBluetoothAudioProviderFactory/default": EXCEPTION_NO_FUZZER, "android.hardware.broadcastradio.IBroadcastRadio/amfm": EXCEPTION_NO_FUZZER, "android.hardware.broadcastradio.IBroadcastRadio/dab": EXCEPTION_NO_FUZZER, + "android.hardware.bluetooth.IBluetoothHci/default": EXCEPTION_NO_FUZZER, "android.hardware.camera.provider.ICameraProvider/internal/0": EXCEPTION_NO_FUZZER, "android.hardware.cas.IMediaCasService/default": EXCEPTION_NO_FUZZER, "android.hardware.confirmationui.IConfirmationUI/default": []string{"android.hardware.confirmationui-service.trusty_fuzzer"}, diff --git a/private/compat/33.0/33.0.ignore.cil b/private/compat/33.0/33.0.ignore.cil index 45bca3d54..9e4f07ca4 100644 --- a/private/compat/33.0/33.0.ignore.cil +++ b/private/compat/33.0/33.0.ignore.cil @@ -13,6 +13,7 @@ device_config_vendor_system_native_prop devicelock_service fwk_sensor_service + hal_bluetooth_service hal_bootctl_service hal_cas_service hal_remoteaccess_service diff --git a/private/service_contexts b/private/service_contexts index ecd1f440b..eda85ab3b 100644 --- a/private/service_contexts +++ b/private/service_contexts @@ -13,6 +13,7 @@ android.hardware.automotive.vehicle.IVehicle/default u:object_r: android.hardware.biometrics.face.IFace/default u:object_r:hal_face_service:s0 android.hardware.biometrics.fingerprint.IFingerprint/default u:object_r:hal_fingerprint_service:s0 android.hardware.biometrics.fingerprint.IFingerprint/virtual u:object_r:hal_fingerprint_service:s0 +android.hardware.bluetooth.IBluetoothHci/default u:object_r:hal_bluetooth_service:s0 android.hardware.bluetooth.audio.IBluetoothAudioProviderFactory/default u:object_r:hal_audio_service:s0 android.hardware.broadcastradio.IBroadcastRadio/amfm u:object_r:hal_broadcastradio_service:s0 android.hardware.broadcastradio.IBroadcastRadio/dab u:object_r:hal_broadcastradio_service:s0 diff --git a/public/dumpstate.te b/public/dumpstate.te index c0af23576..6b112dc22 100644 --- a/public/dumpstate.te +++ b/public/dumpstate.te @@ -150,6 +150,7 @@ binder_call(dumpstate, { appdomain netd wificond }) # Allow dumpstate to call dump() on specific hals. dump_hal(hal_authsecret) +dump_hal(hal_bluetooth) dump_hal(hal_contexthub) dump_hal(hal_drm) dump_hal(hal_dumpstate) diff --git a/public/hal_bluetooth.te b/public/hal_bluetooth.te index 97177bad7..53bbef246 100644 --- a/public/hal_bluetooth.te +++ b/public/hal_bluetooth.te @@ -1,8 +1,10 @@ # HwBinder IPC from clients into server, and callbacks binder_call(hal_bluetooth_client, hal_bluetooth_server) binder_call(hal_bluetooth_server, hal_bluetooth_client) +binder_call(hal_bluetooth_server, servicemanager) hal_attribute_hwservice(hal_bluetooth, hal_bluetooth_hwservice) +hal_attribute_service(hal_bluetooth, hal_bluetooth_service) wakelock_use(hal_bluetooth); diff --git a/public/service.te b/public/service.te index 9ca96bd74..c5deb8719 100644 --- a/public/service.te +++ b/public/service.te @@ -271,6 +271,7 @@ type emergency_affordance_service, system_server_service, service_manager_type; type hal_audio_service, protected_service, hal_service_type, service_manager_type; type hal_audiocontrol_service, hal_service_type, service_manager_type; type hal_authsecret_service, protected_service, hal_service_type, service_manager_type; +type hal_bluetooth_service, protected_service, hal_service_type, service_manager_type; type hal_bootctl_service, protected_service, hal_service_type, service_manager_type; type hal_broadcastradio_service, protected_service, hal_service_type, service_manager_type; type hal_camera_service, protected_service, hal_service_type, service_manager_type;