declare ipacm as the tetheroffload HAL

Also add tetheroffload HALs to the manifest. Bug: 29337859 Bug: 32163131 Test: adb shell getenforce Enforcing adb shell dumpsys connectivity tethering Tethering: ... Log: ... 06-28 11:46:58.841 - SET master tether settings: ON 06-28 11:46:58.857 - [OffloadController] tethering offload started And logs show some signs of happiness: 06-28 11:46:58.853 816 947 I IPAHALService: IPACM was provided two FDs (18, 19) 06-28 11:46:58.853 1200 1571 I zygote64: Looking for service android.hardware.tetheroffload.control@1.0::IOffloadControl/default Change-Id: I40e23c1863901330dfe59e2ea196314c5c7bb52a (cherry picked from commit c6ecb207d7032bf43e9b39941ff7e47dd127e361)
2026-02-01 07:50:47 +00:00 · 2017-06-21 13:18:35 -07:00
parent 9dca253a01
commit 5c5eb9de3a
7 changed files with 48 additions and 37 deletions
--- a/manifest.xml
+++ b/manifest.xml
@@ -254,6 +254,24 @@
            <instance>default</instance>
        </interface>
    </hal>
+    <hal format="hidl">
+        <name>android.hardware.tetheroffload.config</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IOffloadConfig</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+    <hal format="hidl">
+        <name>android.hardware.tetheroffload.control</name>
+        <transport>hwbinder</transport>
+        <version>1.0</version>
+        <interface>
+            <name>IOffloadControl</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
    <hal format="hidl">
        <name>android.hardware.thermal</name>
        <transport>hwbinder</transport>
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -55,7 +55,7 @@ type persist_time_file, file_type;

 type time_data_file, file_type, data_file_type;
 type netmgr_data_file, file_type, data_file_type;
-type ipacm_vendor_data_file, file_type, data_file_type;
+type ipa_vendor_data_file, file_type, data_file_type;

 type camera_vendor_data_file, file_type, data_file_type;
 type display_vendor_data_file, file_type, data_file_type;
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -148,8 +148,8 @@
 /vendor/bin/imsqmidaemon        u:object_r:ims_exec:s0
 /vendor/bin/imsdatadaemon       u:object_r:ims_exec:s0
 /vendor/bin/ims_rtp_daemon      u:object_r:hal_imsrtp_exec:s0
-/vendor/bin/ipacm               u:object_r:ipacm_exec:s0
-/vendor/bin/ipacm-diag          u:object_r:ipacm_exec:s0
+/vendor/bin/ipacm               u:object_r:hal_tetheroffload_default_exec:s0
+/vendor/bin/ipacm-diag          u:object_r:hal_tetheroffload_default_exec:s0
 /vendor/bin/qmuxd               u:object_r:qmuxd_exec:s0
 /vendor/bin/cnd                 u:object_r:cnd_exec:s0
 # Remove after b/38447389
@@ -238,7 +238,7 @@
 /data/vendor/ramdump(/.*)?             u:object_r:ramdump_vendor_data_file:s0
 /data/vendor/modem_dump(/.*)?          u:object_r:modem_dump_file:s0
 /data/vendor/ese(/.*)?                 u:object_r:ese_vendor_data_file:s0
-/data/vendor/ipa(/.*)?                 u:object_r:ipacm_vendor_data_file:s0
+/data/vendor/ipa(/.*)?                 u:object_r:ipa_vendor_data_file:s0
 /data/vendor/time(/.*)?                u:object_r:time_vendor_data_file:s0

 # /
--- a/sepolicy/vendor/hal_tetheroffload_default.te
+++ b/sepolicy/vendor/hal_tetheroffload_default.te
@@ -0,0 +1,24 @@
+# associate netdomain to use for accessing internet sockets
+net_domain(hal_tetheroffload_default)
+
+userdebug_or_eng(`
+  # Allow using the logging file between ipacm and ipacm-diag
+  unix_socket_send(hal_tetheroffload_default, ipacm, hal_tetheroffload_default)
+')
+# Allow operations with /dev/ipa, /dev/wwan_ioctl and /dev/ipaNatTable
+allow hal_tetheroffload_default ipa_dev:chr_file rw_file_perms;
+
+# Allow receiving NETLINK messages
+allow hal_tetheroffload_default self:{
+    netlink_socket
+    netlink_generic_socket
+} create_socket_perms_no_ioctl;
+
+# Allow creating and modifying the PID file
+allow hal_tetheroffload_default ipa_vendor_data_file:dir w_dir_perms;
+allow hal_tetheroffload_default ipa_vendor_data_file:file create_file_perms;
+
+# Register to hwbinder service
+add_hwservice(hal_tetheroffload_default, hal_tetheroffload_hwservice)
+hwbinder_use(hal_tetheroffload_default)
+get_prop(hal_tetheroffload_default, hwservicemanager_prop)
--- a/sepolicy/vendor/hwservice.te
+++ b/sepolicy/vendor/hwservice.te
@@ -1,7 +1,6 @@
 type vnd_ims_radio_hwservice, hwservice_manager_type;
 type vnd_qcrilhook_hwservice, hwservice_manager_type;
 type hal_imsrtp_hwservice, hwservice_manager_type;
-type hal_ipacm_hwservice, hwservice_manager_type;
 #TODO Move the following 2 types public SE policy (b/62574674)
 type hal_cne_hwservice, hwservice_manager_type;
 type hal_imsrcsd_hwservice, hwservice_manager_type;
--- a/sepolicy/vendor/hwservice_contexts
+++ b/sepolicy/vendor/hwservice_contexts
@@ -3,7 +3,7 @@ com.qualcomm.qti.qcril.qcrilhook::IQtiOemHook                   u:object_r:vnd_q
 com.qualcomm.qti.uceservice::IUceService                        u:object_r:hal_imsrcsd_hwservice:s0
 vendor.qti.qcril.am::IQcRilAudio                                u:object_r:vnd_qcrilhook_hwservice:s0
 com.qualcomm.qti.imsrtpservice::IRTPService                     u:object_r:hal_imsrtp_hwservice:s0
-android.hardware.tetheroffload.config::IOffloadConfig           u:object_r:hal_ipacm_hwservice:s0
-android.hardware.tetheroffload.control::IOffloadControl         u:object_r:hal_ipacm_hwservice:s0
+android.hardware.tetheroffload.config::IOffloadConfig           u:object_r:hal_tetheroffload_hwservice:s0
+android.hardware.tetheroffload.control::IOffloadControl         u:object_r:hal_tetheroffload_hwservice:s0
 com.quicinc.cne.api::IApiService                                u:object_r:hal_cne_hwservice:s0
 com.quicinc.cne.server::IServer                                 u:object_r:hal_cne_hwservice:s0
--- a/sepolicy/vendor/ipacm.te
+++ b/sepolicy/vendor/ipacm.te
@@ -1,30 +0,0 @@
-# General definitions
-type ipacm, domain;
-type ipacm_exec, exec_type, vendor_file_type, file_type;
-init_daemon_domain(ipacm)
-
-# associate netdomain to use for accessing internet sockets
-net_domain(ipacm)
-
-userdebug_or_eng(`
-  # Allow using the logging file between ipacm and ipacm-diag
-  unix_socket_send(ipacm, ipacm, ipacm)
-')
-# Allow operations with /dev/ipa, /dev/wwan_ioctl and /dev/ipaNatTable
-allow ipacm ipa_dev:chr_file rw_file_perms;
-
-# Allow receiving NETLINK messages
-allow ipacm self:{
-    netlink_socket
-    netlink_generic_socket
-} create_socket_perms_no_ioctl;
-
-# Allow creating and modifying the PID file
-allow ipacm ipacm_vendor_data_file:dir w_dir_perms;
-allow ipacm ipacm_vendor_data_file:file create_file_perms;
-
-# To register ipacm to hwbinder
-add_hwservice(ipacm, hal_ipacm_hwservice)
-hwbinder_use(ipacm)
-get_prop(ipacm, hwservicemanager_prop)
-binder_call(ipacm, system_server)