[ALPS04532537] Copy vendor modem db and filter
New feature: Add selinux of HIDL service and client. Use HIDL copy modem db and filter from vendor image to data partition for modem log tool. MTK-Commit-Id: 7fadaf0f2a60d05d7464264ef9e23a75ca27bb66 Change-Id: I12cc8614537f30e90a1717f9838c52283342eb55 CR-Id: ALPS04532537 Feature: Modem Log Tool
This commit is contained in:
bo.shang
Bo Shang
parent
5d35b26aba
commit
5068833fef
@ -71,5 +71,6 @@ attribute hal_atci;
|
||||
attribute hal_atci_client;
|
||||
attribute hal_atci_server;
|
||||
|
||||
|
||||
|
||||
# Date: 2019/06/12
|
||||
# modem db filter hidl
|
||||
attribute mtk_hal_md_dbfilter_server;
|
||||
|
||||
@ -649,6 +649,8 @@
|
||||
|
||||
/vendor/bin/em_hidl u:object_r:em_hidl_exec:s0
|
||||
|
||||
/vendor/bin/hw/modemdbfilter_service u:object_r:modemdbfilter_service_exec:s0
|
||||
|
||||
# Date : 2018/06/15
|
||||
# Purpose : mtk EM flash reading
|
||||
/proc/mounts u:object_r:proc_flash:s0
|
||||
|
||||
@ -50,3 +50,7 @@ type mtk_hal_keymanage_hwservice, hwservice_manager_type;
|
||||
# GPU HIDL
|
||||
type mtk_hal_gpu_hwservice, hwservice_manager_type;
|
||||
|
||||
# Date: 2019/06/12
|
||||
# modem db filter hidl
|
||||
type mtk_hal_md_dbfilter_hwservice, hwservice_manager_type;
|
||||
|
||||
|
||||
@ -57,3 +57,7 @@ vendor.mediatek.hardware.mms::IMms u:object_r:mtk_hal_mms_hwservice:s0
|
||||
# GPU HIDL
|
||||
vendor.mediatek.hardware.gpu::IGraphicExt u:object_r:mtk_hal_gpu_hwservice:s0
|
||||
|
||||
# Date: 2019/06/12
|
||||
# modem db filter hidl
|
||||
vendor.mediatek.hardware.modemdbfilter::ICopyDBFilter u:object_r:mtk_hal_md_dbfilter_hwservice:s0
|
||||
|
||||
|
||||
18
non_plat/modemdbfilter_service.te
Executable file
18
non_plat/modemdbfilter_service.te
Executable file
@ -0,0 +1,18 @@
|
||||
# ==============================================
|
||||
# Policy File of /vendor/bin/hw/modemdbfilter_service Executable File
|
||||
|
||||
# ==============================================
|
||||
# Type Declaration
|
||||
# ==============================================
|
||||
|
||||
type modemdbfilter_service ,domain;
|
||||
type modemdbfilter_service_exec, exec_type, file_type, vendor_file_type;
|
||||
typeattribute modemdbfilter_service mlstrustedsubject;
|
||||
|
||||
#Purpose : for create hidl server
|
||||
hal_server_domain(modemdbfilter_service, mtk_hal_md_dbfilter)
|
||||
init_daemon_domain(modemdbfilter_service)
|
||||
|
||||
# ==============================================
|
||||
# MTK Policy Rule
|
||||
# ==============================================
|
||||
6
non_plat/mtk_hal_md_dbfilter.te
Executable file
6
non_plat/mtk_hal_md_dbfilter.te
Executable file
@ -0,0 +1,6 @@
|
||||
# HwBinder IPC from client to server, and callbacks
|
||||
binder_call(mtk_hal_md_dbfilter_client, mtk_hal_md_dbfilter_server)
|
||||
binder_call(mtk_hal_md_dbfilter_server, mtk_hal_md_dbfilter_client)
|
||||
|
||||
add_hwservice(mtk_hal_md_dbfilter_server, mtk_hal_md_dbfilter_hwservice)
|
||||
allow mtk_hal_md_dbfilter_client mtk_hal_md_dbfilter_hwservice:hwservice_manager find;
|
||||
@ -73,3 +73,8 @@ allow emdlogger tmpfs:dir write;
|
||||
allow emdlogger sysfs_dt_firmware_android:file { read open getattr };
|
||||
allow emdlogger system_file:dir open;
|
||||
allow emdlogger vendor_default_prop:file { read getattr open };
|
||||
|
||||
## Android Q migration
|
||||
## purpose: read modem db and filter folder and file
|
||||
allow emdlogger mddb_filter_data_file:dir { r_dir_perms };
|
||||
allow emdlogger mddb_filter_data_file:file { r_file_perms };
|
||||
|
||||
@ -7,3 +7,12 @@
|
||||
# Operation : Migration
|
||||
# Purpose : For drmserver
|
||||
type access_sys_file, fs_type, sysfs_type;
|
||||
|
||||
######################################
|
||||
# core domain file data
|
||||
|
||||
# For modem db filter HIDL client
|
||||
# Date: WK1924
|
||||
# Operation : Save modem db and filter into data partition
|
||||
# Purpose : For Modem db and filter file
|
||||
type mddb_filter_data_file, file_type, data_file_type, core_data_file_type;
|
||||
|
||||
@ -2,6 +2,7 @@
|
||||
# Data files
|
||||
#
|
||||
|
||||
/data/system_de/mdfilter(/.*)? u:object_r:mddb_filter_data_file:s0
|
||||
#############################
|
||||
# debugfs files
|
||||
#
|
||||
@ -14,6 +15,7 @@
|
||||
/system/bin/aee_core_forwarder u:object_r:aee_core_forwarder_exec:s0
|
||||
/system/bin/mdlogger u:object_r:mdlogger_exec:s0
|
||||
/system/bin/emdlogger[0-9]+ u:object_r:emdlogger_exec:s0
|
||||
/system/bin/modemdbfilter_client u:object_r:modemdbfilter_client_exec:s0
|
||||
/system/bin/netdiag u:object_r:netdiag_exec:s0
|
||||
/system/bin/loghidlsysservice u:object_r:loghidlsysservice_exec:s0
|
||||
/system/bin/cmddumper u:object_r:cmddumper_exec:s0
|
||||
|
||||
@ -44,6 +44,10 @@ allow mdlogger storage_file:file { create_file_perms };
|
||||
## purpose: avc: denied { read } for name="plat_file_contexts"
|
||||
allow mdlogger file_contexts_file:file { read getattr open };
|
||||
|
||||
# Allow read avc: denied { read } for name="mddb" dev="mmcblk0p25" ino=681
|
||||
# Allow read avc: denied { read } for name="mddb" dev="mmcblk0p25" ino=681
|
||||
# scontext=u:r:mdlogger:s0 tcontext=u:object_r:system_file:s0 tclass=dir permissive=0
|
||||
allow mdlogger system_file:dir read;
|
||||
## Android Q migration
|
||||
## purpose: read modem db and filter folder and file
|
||||
allow mdlogger mddb_filter_data_file:dir { r_dir_perms };
|
||||
allow mdlogger mddb_filter_data_file:file { r_file_perms };
|
||||
|
||||
22
plat_private/modemdbfilter_client.te
Executable file
22
plat_private/modemdbfilter_client.te
Executable file
@ -0,0 +1,22 @@
|
||||
# ==============================================
|
||||
# Policy File of /system/bin/modemdbfilter_client Executable File
|
||||
|
||||
# ==============================================
|
||||
# Type Declaration
|
||||
# ==============================================
|
||||
# system_file_type for Q
|
||||
type modemdbfilter_client_exec, exec_type, system_file_type, file_type;
|
||||
typeattribute modemdbfilter_client coredomain;
|
||||
init_daemon_domain(modemdbfilter_client)
|
||||
|
||||
# Purpose : for create hidl client
|
||||
hal_client_domain(modemdbfilter_client, mtk_hal_md_dbfilter)
|
||||
|
||||
# ==============================================
|
||||
# MTK Policy Rule
|
||||
# ==============================================
|
||||
allow modemdbfilter_client mddb_filter_data_file:dir { create_dir_perms relabelto };
|
||||
allow modemdbfilter_client mddb_filter_data_file:file { create_file_perms };
|
||||
allow modemdbfilter_client system_data_file:dir { create_dir_perms relabelfrom };
|
||||
allow modemdbfilter_client file_contexts_file:file { r_file_perms };
|
||||
|
||||
@ -14,3 +14,7 @@ attribute mtk_hal_lbs;
|
||||
attribute mtk_hal_lbs_client;
|
||||
attribute mtk_hal_lbs_server;
|
||||
|
||||
# Date: 2019/06/12
|
||||
# modem db filter hidl
|
||||
attribute mtk_hal_md_dbfilter;
|
||||
attribute mtk_hal_md_dbfilter_client;
|
||||
|
||||
8
plat_public/modemdbfilter_client.te
Executable file
8
plat_public/modemdbfilter_client.te
Executable file
@ -0,0 +1,8 @@
|
||||
# ==============================================
|
||||
# Policy File of /system/bin/modemdbfilter_client Executable File
|
||||
|
||||
# ==============================================
|
||||
# Type Declaration
|
||||
# ==============================================
|
||||
|
||||
type modemdbfilter_client, domain;
|
||||
Loading…
x
Reference in New Issue
Block a user