Recovery can use HALs only in passthrough mode am: 00a03d42

am: 0fd07767 Change-Id: I519288986e98f95591722e7ed1982a0467fc4501

Recovery can use HALs only in passthrough mode am: 00a03d42
7e26fe4a · Alex Klyubin · android-build-merger · 4abc2d23 · 0fd07767 · 7e26fe4a
Commit 7e26fe4a authored 8 years ago by Alex Klyubin Committed by android-build-merger 8 years ago
--- a/public/recovery.te
+++ b/public/recovery.te
@@ -9,7 +9,8 @@ type recovery, domain, domain_deprecated;
 recovery_only(`
  # Allow recovery to perform an update as update_engine would do.
  typeattribute recovery update_engine_common;
-  hal_client_domain(recovery, hal_bootctl)
+  # Recovery can only use HALs in passthrough mode
+  passthrough_hal_client_domain(recovery, hal_bootctl)
  allow recovery self:capability { chown dac_override fowner fsetid setfcap setuid setgid sys_admin sys_tty_config };

--- a/public/te_macros
+++ b/public/te_macros
@@ -203,6 +203,22 @@ typeattribute $1 $2;
 allow $2 system_file:dir r_dir_perms;
 ')
+#####################################
+# passthrough_hal_client_domain(domain, hal_type)
+# Allow a base set of permissions required for a domain to be a
+# client of a passthrough HAL of the specified type.
+#
+# For example, make some_domain a client of passthrough Foo HAL:
+#   passthrough_hal_client_domain(some_domain, hal_foo)
+#
+define(`passthrough_hal_client_domain', `
+typeattribute $1 halclientdomain;
+typeattribute $1 $2_client;
+typeattribute $1 $2;
+# Find passthrough HAL implementations
+allow $2 system_file:dir r_dir_perms;
+')
 #####################################
 # unix_socket_connect(clientdomain, socket, serverdomain)
 # Allow a local socket connection from clientdomain via