From 9a14704f62488795f896793339ab0d5a62757483 Mon Sep 17 00:00:00 2001
From: Alex Klyubin <klyubin@google.com>
Date: Tue, 4 Apr 2017 14:56:31 -0700
Subject: [PATCH] Wifi Keystore HAL is not a HAL
Wifi Keystore HAL is a HwBinder service (currently offered by keystore
daemon) which is used by Wifi Supplicant HAL. This commit thus
switches the SELinux policy of Wifi Keystore HAL to the approach used
for non-HAL HwBinder services.
The basic idea is simimilar to how we express Binder services in the
policy, with two tweaks: (1) we don't have 'hwservicemanager find' and
thus there's no add_hwservice macro, and (2) we need loosen the
coupling between core and vendor components. For example, it should be
possible to move a HwBinder service offered by a core component into
another core component, without having to update the SELinux policy of
the vendor image. We thus annotate all components offering HwBinder
service x across the core-vendor boundary with x_server, which enables
the policy of clients to contain rules of the form:
binder_call(mydomain, x_server), and, if the service uses IPC
callbacks, also binder_call(x_server, mydomain).
Test: mmm system/sepolicy
Test: sesearch indicates to changes to binder { call transfer} between
keystore and hal_wifi_supplicant_default domains
Bug: 36896667
Change-Id: I45c4ce8159b63869d7bb6df5c812c5291776d892
---
public/attributes | 9 +++++++++
public/hal_wifi_keystore.te | 2 --
public/keystore.te | 5 +++--
vendor/hal_wifi_supplicant_default.te | 6 ++++--
4 files changed, 16 insertions(+), 6 deletions(-)
delete mode 100644 public/hal_wifi_keystore.te
diff --git a/public/attributes b/public/attributes
index b7f0701ce..abb86d922 100644
--- a/public/attributes
+++ b/public/attributes
@@ -239,3 +239,12 @@ attribute hal_wifi_keystore_server;
attribute hal_wifi_supplicant;
attribute hal_wifi_supplicant_client;
attribute hal_wifi_supplicant_server;
+
+# HwBinder services offered across the core-vendor boundary
+#
+# We annotate server domains with x_server to loosen the coupling between
+# system and vendor images. For example, it should be possible to move a service
+# from one core domain to another, without having to update the vendor image
+# which contains clients of this service.
+
+attribute wifi_keystore_service_server;
diff --git a/public/hal_wifi_keystore.te b/public/hal_wifi_keystore.te
deleted file mode 100644
index 15368ae3e..000000000
--- a/public/hal_wifi_keystore.te
+++ /dev/null
@@ -1,2 +0,0 @@
-# HwBinder IPC from client to server.
-binder_call(hal_wifi_keystore_client, hal_wifi_keystore_server)
diff --git a/public/keystore.te b/public/keystore.te
index 456c74d50..378949a98 100644
--- a/public/keystore.te
+++ b/public/keystore.te
@@ -10,8 +10,9 @@ binder_call(keystore, system_server)
# talk to keymaster
hal_client_domain(keystore, hal_keymaster)
-# Implement the wifi keystore hal.
-hal_server_domain(keystore, hal_wifi_keystore)
+# Offer the Wifi Keystore HwBinder service
+hwbinder_use(keystore)
+typeattribute keystore wifi_keystore_service_server;
allow keystore keystore_data_file:dir create_dir_perms;
allow keystore keystore_data_file:notdevfile_class_set create_file_perms;
diff --git a/vendor/hal_wifi_supplicant_default.te b/vendor/hal_wifi_supplicant_default.te
index f0a6ffc38..82bccdbdf 100644
--- a/vendor/hal_wifi_supplicant_default.te
+++ b/vendor/hal_wifi_supplicant_default.te
@@ -8,8 +8,10 @@ net_domain(hal_wifi_supplicant_default)
# Create a socket for receiving info from wpa
type_transition hal_wifi_supplicant_default wifi_data_file:dir wpa_socket "sockets";
-# Allow wpa_supplicant to talk to Wifi Keystore HAL.
-hal_client_domain(hal_wifi_supplicant_default, hal_wifi_keystore)
+# Allow wpa_supplicant to talk to Wifi Keystore HwBinder service.
+hwbinder_use(hal_wifi_supplicant_default)
+binder_call(hal_wifi_supplicant_default, wifi_keystore_service_server)
+
# TODO (b/36645291) Move hal_wifi_supplicant's data access to /data/vendor
# Remove coredata_in_vendor_violators attribute.
# wpa supplicant or equivalent
--
GitLab