AU293 drop rebase for IMS and radio related changes

1) Explicitly specify uid, gid and groups needed for cnd Add CAP_BLOCK_SUSPEND 2) Move sys.ims properties to vendor.ims 3) Remove imscmservice from init as its not used on Pixel Bug: 63850865 Bug: 63804057 Change-Id: Ie8f0eefa96a21605a63ae5a73e59270866704ed7
2026-02-01 15:09:54 +00:00 · 2017-07-19 12:57:42 -07:00
parent fd52eb310c
commit 9882d1d7a6
4 changed files with 10 additions and 13 deletions
--- a/android_filesystem_config.h
+++ b/android_filesystem_config.h
@@ -35,7 +35,8 @@ static const struct fs_path_config android_device_files[] = {
    { 00755, AID_SYSTEM,    AID_SYSTEM,    (1ULL << CAP_NET_BIND_SERVICE), "vendor/bin/pm-service" },
    { 00755, AID_SYSTEM,    AID_SYSTEM,    (1ULL << CAP_NET_BIND_SERVICE), "vendor/bin/cnss-daemon"},
    { 00755, AID_SYSTEM,    AID_SYSTEM,    (1ULL << CAP_NET_BIND_SERVICE), "vendor/bin/imsdatadaemon" },
-    { 00755, AID_SYSTEM,    AID_SYSTEM,    (1ULL << CAP_NET_BIND_SERVICE), "vendor/bin/cnd" },
+    { 00755, AID_SYSTEM,    AID_SYSTEM,    (1ULL << CAP_NET_BIND_SERVICE)
+      | (1ULL << CAP_BLOCK_SUSPEND), "vendor/bin/cnd" },
    { 00755, AID_SYSTEM,    AID_RADIO,     (1ULL << CAP_NET_BIND_SERVICE), "vendor/bin/ims_rtp_daemon" },
    { 00755, AID_SYSTEM,    AID_SYSTEM,    (1ULL << CAP_SYS_NICE) | (1ULL << CAP_BLOCK_SUSPEND), "vendor/bin/wcnss_filter" },
 #ifdef NO_ANDROID_FILESYSTEM_CONFIG_DEVICE_DIRS
--- a/init.hardware.rc
+++ b/init.hardware.rc
@@ -608,7 +608,7 @@ service imsdatadaemon /vendor/bin/imsdatadaemon
   group system wifi radio inet log
   disabled

-on property:sys.ims.QMI_DAEMON_STATUS=1
+on property:vendor.ims.QMI_DAEMON_STATUS=1
   start imsdatadaemon

 service ims_rtp_daemon /vendor/bin/ims_rtp_daemon
@@ -617,21 +617,14 @@ service ims_rtp_daemon /vendor/bin/ims_rtp_daemon
   group radio diag inet log
   disabled

-service imscmservice /vendor/bin/imscmservice
-   class main
-   user system
-   group radio diag inet log
-   disabled
-
 service imsrcsservice /vendor/bin/imsrcsd
   class hal
   user system
   group radio diag inet log
   disabled

-on property:sys.ims.DATA_DAEMON_STATUS=1
+on property:vendor.ims.DATA_DAEMON_STATUS=1
   start ims_rtp_daemon
-   start imscmservice
   start imsrcsservice

 service qmuxd /vendor/bin/qmuxd
@@ -639,9 +632,11 @@ service qmuxd /vendor/bin/qmuxd
   user root
   group radio audio bluetooth gps nfc qcom_diag

+#TODO evaluate group system once b/62571088 is resolved
 service cnd /vendor/bin/cnd
   class main
-   socket cnd stream 660 root inet
+   user system
+   group inet system wifi radio wakelock

 service netmgrd /vendor/bin/netmgrd
    class main
--- a/sepolicy/vendor/cnd.te
+++ b/sepolicy/vendor/cnd.te
@@ -5,8 +5,8 @@ file_type_auto_trans(cnd, socket_device, cnd_socket);
 # cnd is started by init, type transit from init domain to cnd domain
 init_daemon_domain(cnd)

-#TODO remove chown fsetid setgid setuid once b/62571088 is resolved
-allow cnd self:capability { chown fsetid setgid setuid net_bind_service };
+allow cnd self:capability { net_bind_service };
+wakelock_use(cnd)

 allow cnd self:udp_socket create_socket_perms;
 allowxperm cnd self:udp_socket ioctl SIOCGIFMTU;
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@@ -3,6 +3,7 @@ htc.camera.                u:object_r:camera_prop:s0
 persist.vendor.sys.cnd     u:object_r:cnd_prop:s0
 persist.sys.cnd            u:object_r:cnd_prop:s0
 sys.ims.                   u:object_r:ims_prop:s0
+vendor.ims.                u:object_r:ims_prop:s0
 sys.keymaster.loaded       u:object_r:keymaster_prop:s0
 net.r_rmnet_data0          u:object_r:net_rmnet_prop:s0
 persist.net.doxlat         u:object_r:net_radio_prop:s0