From 168435fe0368f60ed693043e63fcb3370a95c8b8 Mon Sep 17 00:00:00 2001
From: Alex Klyubin <klyubin@google.com>
Date: Thu, 16 Feb 2017 20:14:56 -0800
Subject: [PATCH] Switch Bluetooth HAL policy to _client/_server

This switches Bluetooth HAL policy to the design which enables us to
conditionally remove unnecessary rules from domains which are clients
of Bluetooth HAL.

Domains which are clients of Bluetooth HAL, such as bluetooth domain,
are granted rules targeting hal_bluetooth only when the Bluetooth HAL
runs in passthrough mode (i.e., inside the client's process). When the
HAL runs in binderized mode (i.e., in another process/domain, with
clients talking to the HAL over HwBinder IPC), rules targeting
hal_bluetooth are not granted to client domains.

Domains which offer a binderized implementation of Bluetooth HAL, such
as hal_bluetooth_default domain, are always granted rules targeting
hal_bluetooth.

Test: Toggle Bluetooth off and on
Test: Pair with another Android, and transfer a file to that Android
      over Bluetooth
Test: Pair with a Bluetooth speaker, play music through that
      speaker over Bluetooth
Test: Add bluetooth_hidl_hal_test to device.mk, build & add to device,
      adb shell stop,
      adb shell /data/nativetest64/bluetooth_hidl_hal_test/bluetooth_hidl_hal_test
Bug: 34170079
Change-Id: I05c3ccf1e98cbbc1450a81bb1000c4fb75eb8a83
---
 private/bluetooth.te             | 12 +-----------
 private/hal_bluetooth_default.te |  2 +-
 private/system_server.te         |  1 -
 public/attributes                |  2 ++
 public/hal_bluetooth.te          |  7 +++----
 5 files changed, 7 insertions(+), 17 deletions(-)

diff --git a/private/bluetooth.te b/private/bluetooth.te
index 5ea6027f2..b2369c1c9 100644
--- a/private/bluetooth.te
+++ b/private/bluetooth.te
@@ -22,14 +22,6 @@ allow bluetooth bluetooth_logs_data_file:file create_file_perms;
 # Socket creation under /data/misc/bluedroid.
 allow bluetooth bluetooth_socket:sock_file create_file_perms;
 
-# bluetooth factory file accesses.
-r_dir_file(bluetooth, bluetooth_efs_file)
-
-allow bluetooth { uhid_device hci_attach_dev }:chr_file rw_file_perms;
-
-# sysfs access.
-r_dir_file(bluetooth, sysfs_type)
-allow bluetooth sysfs_bluetooth_writable:file rw_file_perms;
 allow bluetooth self:capability net_admin;
 allow bluetooth self:capability2 wake_alarm;
 
@@ -64,9 +56,7 @@ unix_socket_connect(bluetooth, sap_uim, rild)
 # /data/data/com.android.shell/files/bugreports/bugreport-*.
 allow bluetooth shell_data_file:file read;
 
-# Perform HwBinder IPC.
-hwbinder_use(bluetooth)
-binder_call(bluetooth, hal_bluetooth)
+hal_client_domain(bluetooth, hal_bluetooth)
 binder_call(bluetooth, hal_telephony)
 
 read_runtime_log_tags(bluetooth)
diff --git a/private/hal_bluetooth_default.te b/private/hal_bluetooth_default.te
index 88fd42bda..4fcb3221d 100644
--- a/private/hal_bluetooth_default.te
+++ b/private/hal_bluetooth_default.te
@@ -1,5 +1,5 @@
 type hal_bluetooth_default, domain;
-hal_impl_domain(hal_bluetooth_default, hal_bluetooth)
+hal_server_domain(hal_bluetooth_default, hal_bluetooth)
 
 type hal_bluetooth_default_exec, exec_type, file_type;
 init_daemon_domain(hal_bluetooth_default)
diff --git a/private/system_server.te b/private/system_server.te
index fa55ada29..e23a33c11 100644
--- a/private/system_server.te
+++ b/private/system_server.te
@@ -181,7 +181,6 @@ binder_service(system_server)
 # Perform HwBinder IPC.
 hwbinder_use(system_server)
 hwallocator_use(system_server)
-binder_call(system_server, hal_bluetooth)
 binder_call(system_server, hal_boot)
 binder_call(system_server, hal_contexthub)
 binder_call(system_server, hal_fingerprint)
diff --git a/public/attributes b/public/attributes
index 0d9428cce..5c43d5e79 100644
--- a/public/attributes
+++ b/public/attributes
@@ -127,6 +127,8 @@ attribute hal_audio;
 attribute hal_audio_client;
 attribute hal_audio_server;
 attribute hal_bluetooth;
+attribute hal_bluetooth_client;
+attribute hal_bluetooth_server;
 attribute hal_camera;
 attribute hal_camera_client;
 attribute hal_camera_server;
diff --git a/public/hal_bluetooth.te b/public/hal_bluetooth.te
index 3e132b9c9..207f718b3 100644
--- a/public/hal_bluetooth.te
+++ b/public/hal_bluetooth.te
@@ -1,7 +1,6 @@
-r_dir_file(hal_bluetooth, system_file)
-
-# call into the Bluetooth process (callbacks)
-binder_call(hal_bluetooth, bluetooth)
+# HwBinder IPC from clients into server, and callbacks
+binder_call(hal_bluetooth_client, hal_bluetooth_server)
+binder_call(hal_bluetooth_server, hal_bluetooth_client)
 
 wakelock_use(hal_bluetooth);
 
-- 
GitLab