Reapply "WLC: service: add configuration and contexts for sepolicy"

This reverts commit 7d99cb87ea21af55d699a319462f9999f960f302. Bug: 311315038 Test: authentication Change-Id: Iaf8d4043794f895ce9ce1ab9b295de072de16e50
2024-05-18 15:06:46 +00:00 · 2024-05-18 15:06:46 +00:00 · 24af2c95b1
commit 24af2c95b1
parent 5926313576
9 changed files with 36 additions and 0 deletions
--- a/wireless_charger/compatibility_matrix.xml
+++ b/wireless_charger/compatibility_matrix.xml
@ -7,4 +7,12 @@
            <instance>default</instance>
        </interface>
    </hal>
+    <hal format="aidl" optional="true">
+        <name>vendor.google.wireless_charger.service</name>
+        <version>1</version>
+        <interface>
+            <name>IWlcService</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
 </compatibility-matrix>
--- a/wireless_charger/sepolicy/dumpstate.te
+++ b/wireless_charger/sepolicy/dumpstate.te
@ -0,0 +1 @@
+binder_call(dumpstate, hal_wlcservice)
--- a/wireless_charger/sepolicy/file.te
+++ b/wireless_charger/sepolicy/file.te
@ -0,0 +1 @@
+type vendor_wlc_file, file_type, data_file_type;
--- a/wireless_charger/sepolicy/file_contexts
+++ b/wireless_charger/sepolicy/file_contexts
@ -1 +1,5 @@
 /vendor/bin/hw/vendor\.google\.wireless_charger-default                  u:object_r:hal_wireless_charger_exec:s0
+/vendor/bin/hw/vendor\.google\.wireless_charger\.service-default         u:object_r:hal_wlcservice_exec:s0
+
+# Data
+/data/vendor/wireless_charger(/.*)?                                      u:object_r:vendor_wlc_file:s0
--- a/wireless_charger/sepolicy/hal_wireless_charger.te
+++ b/wireless_charger/sepolicy/hal_wireless_charger.te
@ -17,3 +17,4 @@ userdebug_or_eng(`

 binder_call(hal_wireless_charger, platform_app)
 binder_call(hal_wireless_charger, system_app)
+binder_call(hal_wireless_charger, hal_wlcservice)
--- a/wireless_charger/sepolicy/hal_wlcservice.te
+++ b/wireless_charger/sepolicy/hal_wlcservice.te
@ -0,0 +1,18 @@
+type hal_wlcservice, domain;
+type hal_wlcservice_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(hal_wlcservice)
+
+allow hal_wlcservice vendor_wlc_file:dir create_dir_perms;
+allow hal_wlcservice vendor_wlc_file:file create_file_perms;
+allow hal_wlcservice hal_wireless_charger_service:service_manager find;
+allow hal_wlcservice kmsg_device:chr_file { getattr w_file_perms };
+
+binder_call(hal_wlcservice, servicemanager)
+add_service(hal_wlcservice, hal_wlcservice_service)
+
+userdebug_or_eng(`
+     domain_auto_trans(shell,  hal_wlcservice_exec, hal_wlcservice)
+')
+
+binder_call(hal_wlcservice, hal_wireless_charger)
--- a/wireless_charger/sepolicy/service.te
+++ b/wireless_charger/sepolicy/service.te
@ -0,0 +1 @@
+type hal_wlcservice_service, hal_service_type, protected_service, service_manager_type;
--- a/wireless_charger/sepolicy/service_contexts
+++ b/wireless_charger/sepolicy/service_contexts
@ -1 +1,2 @@
 vendor.google.wireless_charger.IWirelessCharger/default                      u:object_r:hal_wireless_charger_service:s0
+vendor.google.wireless_charger.service.IWlcService/default                   u:object_r:hal_wlcservice_service:s0
--- a/wireless_charger/wireless_charger.mk
+++ b/wireless_charger/wireless_charger.mk
@ -1,5 +1,6 @@
 PRODUCT_SOONG_NAMESPACES += vendor/google/interfaces
 PRODUCT_PACKAGES += vendor.google.wireless_charger-default
+PRODUCT_PACKAGES += vendor.google.wireless_charger.service-default
 DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/wireless_charger/compatibility_matrix.xml

 BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/wireless_charger/sepolicy
				`@ -0,0 +1 @@`
				`type vendor_wlc_file, file_type, data_file_type;`
				`@ -0,0 +1 @@`
				`type hal_wlcservice_service, hal_service_type, protected_service, service_manager_type;`