From aa60f9a80a97eaba86b162380d844d5b5255a418 Mon Sep 17 00:00:00 2001
From: Alex Klyubin <klyubin@google.com>
Date: Wed, 22 Feb 2017 10:15:24 -0800
Subject: [PATCH] Switch Dumpstate HAL policy to _client/_server

This switches Dumpstate HAL policy to the design which enables us to
conditionally remove unnecessary rules from domains which are clients
of Dumpstate HAL.

Domains which are clients of Dumpstate HAL, such as dumpstate domain,
are granted rules targeting hal_dumpstate only when the Dumpstate HAL
runs in passthrough mode (i.e., inside the client's process). When the
HAL runs in binderized mode (i.e., in another process/domain, with
clients talking to the HAL over HwBinder IPC), rules targeting
hal_dumpstate are not granted to client domains.

Domains which offer a binderized implementation of Dumpstate HAL, such
as hal_dumpstate_default domain, are always granted rules targeting
hal_dumpstate.

Test: adb bugreport
Test: Take bugreport through system UI
Bug: 34170079

(cherry picked from commit 47174e3b9f8b4c065d4477114cd9a2ee0c31b98e)

Change-Id: I3e827534af03cdfa876921c5fa4af3a53025ba27
---
 public/attributes               | 2 ++
 public/dumpstate.te             | 4 +---
 public/hal_dumpstate.te         | 5 +++--
 vendor/hal_dumpstate_default.te | 2 +-
 4 files changed, 7 insertions(+), 6 deletions(-)

diff --git a/public/attributes b/public/attributes
index 033592255..0864638dc 100644
--- a/public/attributes
+++ b/public/attributes
@@ -138,6 +138,8 @@ attribute hal_drm;
 attribute hal_drm_client;
 attribute hal_drm_server;
 attribute hal_dumpstate;
+attribute hal_dumpstate_client;
+attribute hal_dumpstate_server;
 attribute hal_fingerprint;
 attribute hal_fingerprint_client;
 attribute hal_fingerprint_server;
diff --git a/public/dumpstate.te b/public/dumpstate.te
index ac81ccc30..1b8538cc4 100644
--- a/public/dumpstate.te
+++ b/public/dumpstate.te
@@ -89,10 +89,8 @@ binder_call(dumpstate, { appdomain netd wificond })
 
 # Vibrate the device after we are done collecting the bugreport
 # For binderized mode:
-hwbinder_use(dumpstate)
-binder_call(dumpstate, hal_dumpstate)
+hal_client_domain(dumpstate, hal_dumpstate)
 binder_call(dumpstate, hal_vibrator)
-binder_call(dumpstate, hwservicemanager)
 # For passthrough mode:
 allow dumpstate sysfs_vibrator:file { rw_file_perms getattr };
 
diff --git a/public/hal_dumpstate.te b/public/hal_dumpstate.te
index 55e34635e..d5723b91c 100644
--- a/public/hal_dumpstate.te
+++ b/public/hal_dumpstate.te
@@ -1,5 +1,6 @@
-# call into dumpstate process (callbacks)
-binder_call(hal_dumpstate, dumpstate)
+# HwBinder IPC from client to server, and callbacks
+binder_call(hal_dumpstate_client, hal_dumpstate_server)
+binder_call(hal_dumpstate_server, hal_dumpstate_client)
 
 # write bug reports in /data/data/com.android.shell/files/bugreports/bugreport
 allow hal_dumpstate shell_data_file:file write;
diff --git a/vendor/hal_dumpstate_default.te b/vendor/hal_dumpstate_default.te
index 2b371b9a6..fa772e18d 100644
--- a/vendor/hal_dumpstate_default.te
+++ b/vendor/hal_dumpstate_default.te
@@ -1,5 +1,5 @@
 type hal_dumpstate_default, domain;
-hal_impl_domain(hal_dumpstate_default, hal_dumpstate)
+hal_server_domain(hal_dumpstate_default, hal_dumpstate)
 
 type hal_dumpstate_default_exec, exec_type, file_type;
 init_daemon_domain(hal_dumpstate_default)
-- 
GitLab