Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-01-31 20:10:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add binderized sensors HAL

Browse Source 
Make the sensors HAL binderized, and add the necessary sepolicy entries
to grant it permissions for these denials:

type=1400 audit(5246168.379:61): avc: denied { search } for pid=7558
comm="android.hardwar" name="/" dev="sdd3" ino=2
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:persist_file:s0
tclass=dir permissive=0

type=1400 audit(1493161320.949:152): avc: denied { search } for pid=7558
comm="android.hardwar" name="msm_subsys" dev="sysfs" ino=19027
scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
type=1400 audit(1493161320.949:153): avc: denied { read } for pid=7558
comm="android.hardwar" name="devices" dev="sysfs" ino=19029
scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
type=1400 audit(1493161320.949:154): avc: denied { open } for pid=7558
comm="android.hardwar" path="/sys/bus/msm_subsys/devices" dev="sysfs"
ino=19029 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=dir permissive=1
type=1400 audit(1493161320.949:155): avc: denied { read } for pid=7558
comm="android.hardwar" name="subsys0" dev="sysfs" ino=34647
scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=lnk_file permissive=1
type=1400 audit(1493161320.949:156): avc: denied { read } for pid=7558
comm="android.hardwar" name="name" dev="sysfs" ino=34639
scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=file permissive=1
type=1400 audit(1493161320.949:157): avc: denied { open } for pid=7558
comm="android.hardwar"
path="/sys/devices/soc/soc:qcom,ipa_fws@1e08000/subsys0/name"
dev="sysfs" ino=34639 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:sysfs_msm_subsys:s0 tclass=file permissive=1

type=1400 audit(1493161320.959:158): avc: denied { search } for pid=7558
comm="android.hardwar" name="sensors" dev="sdd3" ino=12
scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:persist_sensors_file:s0 tclass=dir permissive=1
type=1400 audit(1493161320.959:159): avc: denied { read } for pid=7558
comm="android.hardwar" name="sensors_settings" dev="sdd3" ino=13
scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:persist_sensors_file:s0 tclass=file permissive=1
type=1400 audit(1493161320.959:160): avc: denied { open } for pid=7558
comm="android.hardwar" path="/persist/sensors/sensors_settings"
dev="sdd3" ino=13 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:persist_sensors_file:s0 tclass=file permissive=1

type=1400 audit(1493161320.959:161): avc: denied { create } for pid=7558
comm="android.hardwar" scontext=u:r:hal_sensors_default:s0
tcontext=u:r:hal_sensors_default:s0 tclass=socket permissive=1
type=1400 audit(1493161320.959:162): avc: denied { ioctl } for pid=7558
comm="android.hardwar" path="socket:[85874]" dev="sockfs" ino=85874
ioctlcmd=c304 scontext=u:r:hal_sensors_default:s0
tcontext=u:r:hal_sensors_default:s0 tclass=socket permissive=1
type=1400 audit(1493161320.959:163): avc: denied { write } for pid=7558
comm="android.hardwar" scontext=u:r:hal_sensors_default:s0
tcontext=u:r:hal_sensors_default:s0 tclass=socket permissive=1
type=1400 audit(1493161320.979:164): avc: denied { read } for pid=7558
comm="android.hardwar" scontext=u:r:hal_sensors_default:s0
tcontext=u:r:hal_sensors_default:s0 tclass=socket permissive=1
type=1400 audit(1493161346.039:168): avc: denied { ioctl } for pid=7558
comm="sensors@1.0-ser" path="socket:[85876]" dev="sockfs" ino=85876
ioctlcmd=c302 scontext=u:r:hal_sensors_default:s0
tcontext=u:r:hal_sensors_default:s0 tclass=socket permissive=1

Bug: 36097227
Test: load on device, confirm sensors stack comes up, perform screen
  orientation sanity test, check no selinux denials in kernel log, run
  VTS using:
    vts-tradefed run commandAndExit vts --module VtsHalSensorsV1_0Target
  Note that there are known VTS failures tracked under bug 37710268.
  This change does not introduce any new failures.
Change-Id: I8f6017f3d080cde7ec009182f0f5fbb90980d424
This commit is contained in:
Brian Duddie
2017-04-19 13:45:02 -07:00
parent d28655ffd0
commit 892c70989b
3 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
device.mk
View File

@@ -308,7 +308,8 @@ PRODUCT_PACKAGES += \
PRODUCT_PACKAGES += \
sensors.$(PRODUCT_HARDWARE) \
android.hardware.sensors@1.0-impl
android.hardware.sensors@1.0-impl \
android.hardware.sensors@1.0-service
PRODUCT_COPY_FILES += \
$(LOCAL_PATH)/sensors/hals.conf:system/etc/sensors/hals.conf

9
manifest.xml
View File

@@ -235,4 +235,13 @@
<instance>default</instance>
</interface>
</hal>
<hal format="hidl">
<name>android.hardware.sensors</name>
<transport>hwbinder</transport>
<version>1.0</version>
<interface>
<name>ISensors</name>
<instance>default</instance>
</interface>
</hal>
</manifest>

8
sepolicy/hal_sensors_default.te Normal file
View File

@@ -0,0 +1,8 @@
# read factory calibration and sensor configuration data
allow hal_sensors_default persist_file:dir search;
r_dir_file(hal_sensors_default, persist_sensors_file)
# interact with the sensors low power island (SLPI) CPU
allow hal_sensors_default self:socket { create ioctl read write };
allowxperm hal_sensors_default self:socket ioctl msm_sock_ipc_ioctls;
r_dir_file(hal_sensors_default, sysfs_msm_subsys);