Merge "Modify SEPolicy to support SLCAN"

private/compat/29.0/29.0.ignore.cil

@@ -47,6 +47,7 @@
     system_passwd_file
     tethering_service
     timezonedetector_service
+    usb_serial_device
     userspace_reboot_prop
     userspace_reboot_exported_prop
     vehicle_hal_prop

private/file_contexts

@@ -163,6 +163,8 @@
 /dev/tty		u:object_r:owntty_device:s0
 /dev/tty[0-9]*		u:object_r:tty_device:s0
 /dev/ttyS[0-9]*		u:object_r:serial_device:s0
+/dev/ttyUSB[0-9]*	u:object_r:usb_serial_device:s0
+/dev/ttyACM[0-9]*	u:object_r:usb_serial_device:s0
 /dev/tun		u:object_r:tun_device:s0
 /dev/uhid		u:object_r:uhid_device:s0
 /dev/uinput		u:object_r:uhid_device:s0

public/hal_can.te

@@ -7,3 +7,6 @@ allow hal_can_controller_client hal_can_controller_hwservice:hwservice_manager f
 binder_call(hal_can_bus_client, hal_can_bus_server)
 add_hwservice(hal_can_bus_server, hal_can_bus_hwservice)
 allow hal_can_bus_client hal_can_bus_hwservice:hwservice_manager find;
+
+# USB serial type for SLCAN
+type usb_serial_device, dev_type;

vendor/hal_can_socketcan.te

@@ -16,7 +16,7 @@ allowxperm hal_can_socketcan self:udp_socket ioctl {
 };
 
 # Communicating with SocketCAN interfaces and bringing them up/down
-allow hal_can_socketcan self:can_socket { bind create read write ioctl };
+allow hal_can_socketcan self:can_socket { bind create read write ioctl setopt };
 allowxperm hal_can_socketcan self:can_socket ioctl {
     SIOCGIFFLAGS
     SIOCSIFFLAGS
@@ -24,3 +24,13 @@ allowxperm hal_can_socketcan self:can_socket ioctl {
 
 # Un-publishing ICanBus interfaces
 allow hal_can_socketcan hidl_manager_hwservice:hwservice_manager find;
+
+allow hal_can_socketcan usb_serial_device:chr_file { ioctl read write open };
+allowxperm hal_can_socketcan usb_serial_device:chr_file ioctl {
+    TCGETS
+    TCSETSW
+    TIOCGSERIAL
+    TIOCSSERIAL
+    TIOCSETD
+    SIOCGIFNAME
+};