Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / device / linaro / dragonboard / 242bcef2b15ad0cf1c879871bd65f6e9ce344eb4^! / . / sepolicy
commit242bcef2b15ad0cf1c879871bd65f6e9ce344eb4[log] [tgz]
authorAmit Pundir <amit.pundir@linaro.org>Thu Jul 22 22:55:10 2021 +0530
committerAmit Pundir <amit.pundir@linaro.org>Fri Jul 30 14:09:12 2021 +0530
treea75f7f62690fe1b608bb24525dbb8bd2b6b2e1b6
parent95188ca30c6c77b0b9db73e70f4cea83bb862924 [diff]
init.common.usb.rc: Do not hardcode sys.usb.controller property

Upstream commit eb9b7bfd5954 ("arm64: dts: qcom: Harmonize DWC
USB3 DT nodes name") (v5.14-rc1) changed the DTS USB node names,
breaking the sys.usb.controller property hardcoded in the
platfrom specific init.usb.common.rc

This script will get rid of the static/hardcoded proprty name
and set the property to the available on-board USB controller
from /sys/class/udc instead.

Signed-off-by: Amit Pundir <amit.pundir@linaro.org>
Change-Id: I1255cd9a3456510d93437989e7e378d9e6bc0c8b

diff --git a/sepolicy/file.te b/sepolicy/file.te
index 4a0ada7..54de779 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te

@@ -2,6 +2,7 @@
 type sysfs_mss, fs_type, sysfs_type;
 type sysfs_rmtfs, fs_type, sysfs_type;
 type sysfs_remoteproc, fs_type, sysfs_type;
+type sysfs_udc, fs_type, sysfs_type;
 type dri_device, dev_type;
 type rmtfs_device, dev_type;
 type modem_block_device, dev_type;

diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 6bc4965..52f8668 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts

@@ -30,6 +30,8 @@
 /sys/devices/platform/remoteproc-adsp/remoteproc					u:object_r:sysfs_remoteproc:s0
 /sys/devices/platform/remoteproc-cdsp/remoteproc					u:object_r:sysfs_remoteproc:s0
 
+/sys/class/udc										u:object_r:sysfs_udc:s0
+
 /data/vendor/tmp(/.*)?									u:object_r:tqftpserv_vendor_data_file:s0
 /data/vendor/readwrite(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
 /data/vendor/readonly(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
@@ -37,6 +39,7 @@
 /system/bin/eth_mac_addr\.sh								u:object_r:eth_mac_addr_exec:s0
 /system/bin/tinymix									u:object_r:tinymix_exec:s0
 
+/vendor/bin/grep									u:object_r:vendor_toolbox_exec:s0
 /vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software			u:object_r:hal_gatekeeper_default_exec:s0
 /vendor/bin/hw/android\.hardware\.graphics\.allocator@4\.0-service\.minigbm_msm		u:object_r:hal_graphics_allocator_default_exec:s0
 /vendor/bin/pd-mapper									u:object_r:pd_mapper_exec:s0
@@ -45,6 +48,7 @@
 /vendor/bin/rmtfs									u:object_r:rmtfs_exec:s0
 /vendor/bin/tqftpserv									u:object_r:tqftpserv_exec:s0
 /vendor/bin/suspend_blocker								u:object_r:suspend_blocker_exec:s0
+/vendor/bin/set_udc\.sh									u:object_r:set_udc_exec:s0
 
 /vendor/lib(64)?/dri/.*									u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/hw/gralloc\.gbm\.so							u:object_r:same_process_hal_file:s0

diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts
index a0999b0..8f18ea7 100644
--- a/sepolicy/genfs_contexts
+++ b/sepolicy/genfs_contexts

@@ -3,6 +3,7 @@
 genfscon sysfs   /devices/platform/remoteproc-cdsp/remoteproc					u:object_r:sysfs_remoteproc:s0
 genfscon sysfs   /devices/platform/soc@0/4080000.remoteproc					u:object_r:sysfs_remoteproc:s0
 genfscon sysfs   /devices/platform/soc@0/ae00000.mdss						u:object_r:sysfs_gpu:s0
+genfscon sysfs   /class/udc									u:object_r:sysfs_udc:s0
 genfscon sysfs   /devices/platform/soc@0/1c00000.pci/pci0000:00/0000:00:00.0/0000:01:00.0/wakeup/wakeup1					u:object_r:sysfs_wakeup:s0
 genfscon sysfs   /devices/platform/soc@0/a6f8800.usb/wakeup/wakeup2										u:object_r:sysfs_wakeup:s0
 genfscon sysfs   /devices/platform/soc@0/a8f8800.usb/wakeup/wakeup3										u:object_r:sysfs_wakeup:s0

diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts
new file mode 100644
index 0000000..0d68bd3
--- /dev/null
+++ b/sepolicy/property_contexts

@@ -0,0 +1 @@
+vendor.usb.controller  u:object_r:vendor_usb_prop:s0

diff --git a/sepolicy/set_udc.te b/sepolicy/set_udc.te
new file mode 100644
index 0000000..d810bd2
--- /dev/null
+++ b/sepolicy/set_udc.te

@@ -0,0 +1,11 @@
+type set_udc, domain;
+type set_udc_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(set_udc);
+
+vendor_public_prop(vendor_usb_prop)
+set_prop(set_udc, vendor_usb_prop)
+get_prop(vendor_init, vendor_usb_prop)
+
+allow set_udc vendor_shell_exec:file rx_file_perms;
+allow set_udc vendor_toolbox_exec:file rx_file_perms;
+allow set_udc sysfs_udc:dir { open read search };