Data IMS: Sepolicy for new HAL to pass SIP headers to Clients

Desc: sepolicy for new HAL Change-Id: Ie9e4352e820a29bb31f1f9bdff3393151eeaab24
2018-04-24 18:02:57 -07:00
parent fffa5cd69f
commit 14e8679ef4
3 changed files with 11 additions and 1 deletions
--- a/vendor/common/hal_rcsservice.te
+++ b/vendor/common/hal_rcsservice.te
@@ -9,15 +9,19 @@ get_prop(hal_rcsservice, ims_prop)

 # To register imsrcsd to hwBinder
 hwbinder_use(hal_rcsservice)
-# add IUceSerive Hidl interface
+# add IUceSerive and IService to Hidl interface
 add_hwservice(hal_rcsservice, hal_imsrcsd_hwservice)
+add_hwservice(hal_rcsservice, hal_imscallinfo_hwservice)

 get_prop(hal_rcsservice, hwservicemanager_prop)

 allow hal_rcsservice sysfs_timestamp_switch:file r_file_perms;
 allow hal_rcsservice sysfs_data:file r_file_perms;

+#required for socket creation
 unix_socket_connect(hal_rcsservice, ims, ims)
+allow hal_rcsservice self:socket create_socket_perms;
+allowxperm hal_rcsservice self:socket ioctl msm_sock_ipc_ioctls ;

 # imsrcsd to bind with UceShimService.apk
 binder_call(hal_rcsservice, dataservice_app)
@@ -25,6 +29,10 @@ binder_call(hal_rcsservice, dataservice_app)
 # imsrcsd needs read/write access to devpts
 allow hal_rcsservice devpts:chr_file rw_file_perms;

+# allow imsrcsd capabilities
+wakelock_use(hal_rcsservice)
+allow hal_rcsservice self:capability net_bind_service;
+
 #diag
 userdebug_or_eng(`
  diag_use(hal_rcsservice)
--- a/vendor/common/hwservice.te
+++ b/vendor/common/hwservice.te
@@ -2,6 +2,7 @@ type vnd_ims_radio_hwservice, hwservice_manager_type;
 type vnd_qcrilhook_hwservice, hwservice_manager_type;
 type hal_display_config_hwservice, hwservice_manager_type;
 type hal_imsrtp_hwservice, hwservice_manager_type;
+type hal_imscallinfo_hwservice, hwservice_manager_type;
 type hal_ipacm_hwservice, hwservice_manager_type;
 type hal_hbtp_hwservice, hwservice_manager_type;
 type hal_perf_hwservice, hwservice_manager_type, untrusted_app_visible_hwservice;
--- a/vendor/common/hwservice_contexts
+++ b/vendor/common/hwservice_contexts
@@ -2,6 +2,7 @@ com.qualcomm.qti.ant::IAntHci                                   u:object_r:hal_b
 com.qualcomm.qti.ims.radio::IImsRadio                           u:object_r:vnd_ims_radio_hwservice:s0
 com.qualcomm.qti.qcril.qcrilhook::IQtiOemHook                   u:object_r:vnd_qcrilhook_hwservice:s0
 com.qualcomm.qti.uceservice::IUceService                        u:object_r:hal_imsrcsd_hwservice:s0
+vendor.qti.ims.callinfo::IService                               u:object_r:hal_imscallinfo_hwservice:s0
 vendor.qti.qcril.am::IQcRilAudio                                u:object_r:vnd_qcrilhook_hwservice:s0
 vendor.qti.imsrtpservice::IRTPService                          u:object_r:hal_imsrtp_hwservice:s0
 com.quicinc.cne.api::IApiService                                u:object_r:hal_cne_hwservice:s0