From e94b9e5b3e1ec8b1ab49c40b5ef17afc2b081a0c Mon Sep 17 00:00:00 2001 From: Joshua Blanchard Date: Fri, 19 Feb 2021 07:17:11 -0500 Subject: [PATCH] msm8953-common: sepolicy: Add rules for Moto ADSPD HAL Change-Id: Ib3760a1dcece4428e5ed8adc9cae1ecc3e0f01b0 --- sepolicy/vendor/device.te | 1 + sepolicy/vendor/file.te | 4 ++++ sepolicy/vendor/file_contexts | 10 ++++++++++ sepolicy/vendor/genfs_contexts | 2 ++ sepolicy/vendor/hal_audio_default.te | 15 ++++++++++++++- sepolicy/vendor/hwservice_contexts | 1 + sepolicy/vendor/property.te | 1 + sepolicy/vendor/property_contexts | 2 +- 8 files changed, 34 insertions(+), 2 deletions(-) diff --git a/sepolicy/vendor/device.te b/sepolicy/vendor/device.te index e9be694..911adf6 100644 --- a/sepolicy/vendor/device.te +++ b/sepolicy/vendor/device.te @@ -1 +1,2 @@ +type adspd_device, dev_type; type isdbt_device, dev_type; diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te index cc4d76e..f35f1ce 100644 --- a/sepolicy/vendor/file.te +++ b/sepolicy/vendor/file.te @@ -1,3 +1,7 @@ +# ADSPD +type adspd_socket, file_type, mlstrustedobject; +type sysfs_adspd, fs_type, sysfs_type; + type debugfs_rmts, debugfs_type, fs_type; type debugfs_wlan, debugfs_type, fs_type; type fsg_firmware_file, file_type, contextmount_type, vendor_file_type; diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts index 4689c3c..da6b26d 100644 --- a/sepolicy/vendor/file_contexts +++ b/sepolicy/vendor/file_contexts @@ -10,6 +10,16 @@ /firmware/image(/.*)? u:object_r:firmware_file:s0 +# ADSPD +/dev/socket/adspdsock u:object_r:adspd_socket:s0 +/dev/ttyHS3 u:object_r:adspd_device:s0 +/sys/kernel/aov(/.*)? u:object_r:sysfs_adspd:s0 + +/(vendor|system/vendor)/bin/hw/motorola\.hardware\.audio\.adspd@1\.0-service u:object_r:hal_audio_default_exec:s0 +/(vendor|system/vendor)/lib(64)?/libadspd\.so u:object_r:same_process_hal_file:s0 +/(vendor|system/vendor)/lib(64)?/motorola\.hardware\.audio\.adspd@1\.0\.so u:object_r:same_process_hal_file:s0 +/(vendor|system/vendor)/lib(64)?/motorola\.hardware\.audio\.adspd@1\.0_vendor\.so u:object_r:same_process_hal_file:s0 + # Persist /persist(/.*)? u:object_r:mnt_vendor_file:s0 /(mnt/vendor/persist|persist)/factory/audio(/.*)? u:object_r:persist_audio_file:s0 diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts index 28ae8ab..1ac5bc3 100644 --- a/sepolicy/vendor/genfs_contexts +++ b/sepolicy/vendor/genfs_contexts @@ -23,3 +23,5 @@ genfscon sysfs /devices/soc/qpnp-smbcharger-17/power_supply/battery/system_temp_ genfscon sysfs /devices/soc/800f000.qcom,spmi/spmi-0/spmi0-03/800f000.qcom,spmi:qcom,pm660l@3:qcom,leds@d800/leds u:object_r:sysfs_leds:s0 genfscon sysfs /devices/platform/egis_input u:object_r:sysfs_fingerprint:s0 + +genfscon sysfs /kernel/aov u:object_r:sysfs_adspd:s0 diff --git a/sepolicy/vendor/hal_audio_default.te b/sepolicy/vendor/hal_audio_default.te index afddbf2..98c51e0 100644 --- a/sepolicy/vendor/hal_audio_default.te +++ b/sepolicy/vendor/hal_audio_default.te @@ -6,6 +6,19 @@ allow hal_audio_default sysfs:dir { open read }; allow hal_audio_default hal_dms_default:binder { transfer call }; allow hal_audio_default hal_dms_hwservice:hwservice_manager find; +allow hal_audio_server adspd_device:chr_file rw_file_perms; +allow hal_audio_server audio_device:chr_file rw_file_perms; +allow hal_audio_server sysfs_adspd:dir r_dir_perms; +allow hal_audio_server sysfs_adspd:file rw_file_perms; + +binder_call(hal_audio_default, hal_audio_server) +binder_call(hal_audio_server, hal_audio_default) + +r_dir_file(hal_audio_server, sysfs_sectouch) +r_dir_file(hal_audio_server, sysfs_sensor) + +set_prop(hal_audio_server, vendor_aov_prop) + # MotSpeakerHelperProximity allow hal_audio_default fwk_sensor_hwservice:hwservice_manager find; binder_call(hal_audio_default, system_server) @@ -14,4 +27,4 @@ binder_call(hal_audio_default, system_server) r_dir_file(hal_audio_default, mnt_vendor_file) #stop spam -dontaudit hal_audio_default audio_prop:file r_file_perms; \ No newline at end of file +dontaudit hal_audio_default audio_prop:file r_file_perms; diff --git a/sepolicy/vendor/hwservice_contexts b/sepolicy/vendor/hwservice_contexts index 69b5954..c823394 100644 --- a/sepolicy/vendor/hwservice_contexts +++ b/sepolicy/vendor/hwservice_contexts @@ -4,4 +4,5 @@ com.fingerprints.extension::IFingerprintEngineering com.fingerprints.extension::IFingerprintNavigation u:object_r:fpc_extension_service:s0 com.fingerprints.extension::IFingerprintSensorTest u:object_r:fpc_extension_service:s0 vendor.egistec.hardware.fingerprint::IBiometricsFingerprintEts u:object_r:fpc_extension_service:s0 +motorola.hardware.audio.adspd::IADSP u:object_r:hal_audio_hwservice:s0 vendor.dolby.hardware.dms::IDms u:object_r:hal_dms_hwservice:s0 diff --git a/sepolicy/vendor/property.te b/sepolicy/vendor/property.te index 2c48307..7432778 100644 --- a/sepolicy/vendor/property.te +++ b/sepolicy/vendor/property.te @@ -1,5 +1,6 @@ type power_prop, property_type; type moto_boot_prop, property_type; +type vendor_aov_prop, property_type; type vendor_fm_prop, property_type; type vendor_dolby_loglevel_prop, property_type; type hwrev_prop, property_type; diff --git a/sepolicy/vendor/property_contexts b/sepolicy/vendor/property_contexts index f94fd98..bf462aa 100644 --- a/sepolicy/vendor/property_contexts +++ b/sepolicy/vendor/property_contexts @@ -31,7 +31,7 @@ vendor.boot_completed u:object_r:moto_boot_prop:s0 ro.vendor.hw.hwrev u:object_r:hwrev_prop:s0 ro.vendor.boot.hwrev u:object_r:hwrev_prop:s0 - +vendor.hw.aov. u:object_r:vendor_aov_prop:s0 ro.vendor.fm. u:object_r:vendor_fm_prop:s0 persist.vendor.camera. u:object_r:camera_prop:s0