From 343e24a1bef45b0000ff986f778181f74b93f9fb Mon Sep 17 00:00:00 2001
From: Steven Moreland <smoreland@google.com>
Date: Wed, 6 Jun 2018 09:22:56 -0700
Subject: [PATCH] hal_attribute_hwservice_client += add_hwservice
For sanity, this makes 'hal_attribute_hwservice_client'
be associated with a specific hwservice thus making things
consistent.
After this change, only configstore, hal_allocator, and the
fwk_* services are inconsistent with all other HALs.
Bug: 80319537
Test: boot device, sanity tests, check for denials
Change-Id: Ibffc65c9567a429e07a3dc4dd41117738459dc2a
---
public/hal_audio.te | 1 -
public/hal_audiocontrol.te | 1 -
public/hal_authsecret.te | 1 -
public/hal_bluetooth.te | 1 -
public/hal_bootctl.te | 1 -
public/hal_broadcastradio.te | 1 -
public/hal_camera.te | 1 -
public/hal_cas.te | 1 -
public/hal_confirmationui.te | 1 -
public/hal_contexthub.te | 1 -
public/hal_drm.te | 1 -
public/hal_dumpstate.te | 1 -
public/hal_fingerprint.te | 1 -
public/hal_gatekeeper.te | 1 -
public/hal_gnss.te | 1 -
public/hal_graphics_allocator.te | 1 -
public/hal_graphics_composer.te | 1 -
public/hal_health.te | 1 -
public/hal_ir.te | 1 -
public/hal_keymaster.te | 1 -
public/hal_light.te | 1 -
public/hal_lowpan.te | 1 -
public/hal_memtrack.te | 1 -
public/hal_neuralnetworks.te | 1 -
public/hal_nfc.te | 1 -
public/hal_oemlock.te | 1 -
public/hal_omx.te | 2 --
public/hal_power.te | 1 -
public/hal_secure_element.te | 1 -
public/hal_sensors.te | 1 -
public/hal_telephony.te | 1 -
public/hal_thermal.te | 1 -
public/hal_tv_cec.te | 1 -
public/hal_tv_input.te | 1 -
public/hal_usb.te | 1 -
public/hal_usb_gadget.te | 1 -
public/hal_vehicle.te | 1 -
public/hal_vibrator.te | 1 -
public/hal_vr.te | 1 -
public/hal_weaver.te | 1 -
public/hal_wifi.te | 1 -
public/hal_wifi_hostapd.te | 1 -
public/hal_wifi_offload.te | 1 -
public/hal_wifi_supplicant.te | 1 -
public/te_macros | 2 ++
45 files changed, 2 insertions(+), 45 deletions(-)
diff --git a/public/hal_audio.te b/public/hal_audio.te
index d97910389..d6f1f0c52 100644
--- a/public/hal_audio.te
+++ b/public/hal_audio.te
@@ -2,7 +2,6 @@
binder_call(hal_audio_client, hal_audio_server)
binder_call(hal_audio_server, hal_audio_client)
-add_hwservice(hal_audio_server, hal_audio_hwservice)
hal_attribute_hwservice_client(hal_audio, hal_audio_hwservice)
allow hal_audio ion_device:chr_file r_file_perms;
diff --git a/public/hal_audiocontrol.te b/public/hal_audiocontrol.te
index dc4aaa0cc..04a4b72ab 100644
--- a/public/hal_audiocontrol.te
+++ b/public/hal_audiocontrol.te
@@ -2,5 +2,4 @@
binder_call(hal_audiocontrol_client, hal_audiocontrol_server)
binder_call(hal_audiocontrol_server, hal_audiocontrol_client)
-add_hwservice(hal_audiocontrol_server, hal_audiocontrol_hwservice)
hal_attribute_hwservice_client(hal_audiocontrol, hal_audiocontrol_hwservice)
diff --git a/public/hal_authsecret.te b/public/hal_authsecret.te
index f58b8aac9..7bd515e8b 100644
--- a/public/hal_authsecret.te
+++ b/public/hal_authsecret.te
@@ -1,5 +1,4 @@
# HwBinder IPC from client to server
binder_call(hal_authsecret_client, hal_authsecret_server)
-add_hwservice(hal_authsecret_server, hal_authsecret_hwservice)
hal_attribute_hwservice_client(hal_authsecret, hal_authsecret_hwservice)
diff --git a/public/hal_bluetooth.te b/public/hal_bluetooth.te
index b0c68bf72..b6ae4599c 100644
--- a/public/hal_bluetooth.te
+++ b/public/hal_bluetooth.te
@@ -2,7 +2,6 @@
binder_call(hal_bluetooth_client, hal_bluetooth_server)
binder_call(hal_bluetooth_server, hal_bluetooth_client)
-add_hwservice(hal_bluetooth_server, hal_bluetooth_hwservice)
hal_attribute_hwservice_client(hal_bluetooth, hal_bluetooth_hwservice)
wakelock_use(hal_bluetooth);
diff --git a/public/hal_bootctl.te b/public/hal_bootctl.te
index a901cf292..88eb040fd 100644
--- a/public/hal_bootctl.te
+++ b/public/hal_bootctl.te
@@ -2,7 +2,6 @@
binder_call(hal_bootctl_client, hal_bootctl_server)
binder_call(hal_bootctl_server, hal_bootctl_client)
-add_hwservice(hal_bootctl_server, hal_bootctl_hwservice)
hal_attribute_hwservice_client(hal_bootctl, hal_bootctl_hwservice)
dontaudit hal_bootctl self:capability sys_rawio;
diff --git a/public/hal_broadcastradio.te b/public/hal_broadcastradio.te
index 45adb4a7a..ea0d478cf 100644
--- a/public/hal_broadcastradio.te
+++ b/public/hal_broadcastradio.te
@@ -1,4 +1,3 @@
binder_call(hal_broadcastradio_client, hal_broadcastradio_server)
-add_hwservice(hal_broadcastradio_server, hal_broadcastradio_hwservice)
hal_attribute_hwservice_client(hal_broadcastradio, hal_broadcastradio_hwservice)
diff --git a/public/hal_camera.te b/public/hal_camera.te
index 4e8079484..96c84595e 100644
--- a/public/hal_camera.te
+++ b/public/hal_camera.te
@@ -2,7 +2,6 @@
binder_call(hal_camera_client, hal_camera_server)
binder_call(hal_camera_server, hal_camera_client)
-add_hwservice(hal_camera_server, hal_camera_hwservice)
hal_attribute_hwservice_client(hal_camera, hal_camera_hwservice)
allow hal_camera device:dir r_dir_perms;
diff --git a/public/hal_cas.te b/public/hal_cas.te
index 0ba39edac..28e0c7c6b 100644
--- a/public/hal_cas.te
+++ b/public/hal_cas.te
@@ -2,7 +2,6 @@
binder_call(hal_cas_client, hal_cas_server)
binder_call(hal_cas_server, hal_cas_client)
-add_hwservice(hal_cas_server, hal_cas_hwservice)
hal_attribute_hwservice_client(hal_cas, hal_cas_hwservice)
allow hal_cas_server hidl_memory_hwservice:hwservice_manager find;
diff --git a/public/hal_confirmationui.te b/public/hal_confirmationui.te
index 9a7e69783..e70f88583 100644
--- a/public/hal_confirmationui.te
+++ b/public/hal_confirmationui.te
@@ -1,5 +1,4 @@
# HwBinder IPC from client to server
binder_call(hal_confirmationui_client, hal_confirmationui_server)
-add_hwservice(hal_confirmationui_server, hal_confirmationui_hwservice)
hal_attribute_hwservice_client(hal_confirmationui, hal_confirmationui_hwservice)
diff --git a/public/hal_contexthub.te b/public/hal_contexthub.te
index 0f23ae51b..9dcc7a07d 100644
--- a/public/hal_contexthub.te
+++ b/public/hal_contexthub.te
@@ -2,5 +2,4 @@
binder_call(hal_contexthub_client, hal_contexthub_server)
binder_call(hal_contexthub_server, hal_contexthub_client)
-add_hwservice(hal_contexthub_server, hal_contexthub_hwservice)
hal_attribute_hwservice_client(hal_contexthub, hal_contexthub_hwservice)
diff --git a/public/hal_drm.te b/public/hal_drm.te
index 0a03a95a3..4b1ed5dc1 100644
--- a/public/hal_drm.te
+++ b/public/hal_drm.te
@@ -2,7 +2,6 @@
binder_call(hal_drm_client, hal_drm_server)
binder_call(hal_drm_server, hal_drm_client)
-add_hwservice(hal_drm_server, hal_drm_hwservice)
hal_attribute_hwservice_client(hal_drm, hal_drm_hwservice)
allow hal_drm hidl_memory_hwservice:hwservice_manager find;
diff --git a/public/hal_dumpstate.te b/public/hal_dumpstate.te
index 75e59f3b4..8fbe20773 100644
--- a/public/hal_dumpstate.te
+++ b/public/hal_dumpstate.te
@@ -2,7 +2,6 @@
binder_call(hal_dumpstate_client, hal_dumpstate_server)
binder_call(hal_dumpstate_server, hal_dumpstate_client)
-add_hwservice(hal_dumpstate_server, hal_dumpstate_hwservice)
hal_attribute_hwservice_client(hal_dumpstate, hal_dumpstate_hwservice)
# write bug reports in /data/data/com.android.shell/files/bugreports/bugreport
diff --git a/public/hal_fingerprint.te b/public/hal_fingerprint.te
index 240f1ddad..f1b8159c9 100644
--- a/public/hal_fingerprint.te
+++ b/public/hal_fingerprint.te
@@ -2,7 +2,6 @@
binder_call(hal_fingerprint_client, hal_fingerprint_server)
binder_call(hal_fingerprint_server, hal_fingerprint_client)
-add_hwservice(hal_fingerprint_server, hal_fingerprint_hwservice)
hal_attribute_hwservice_client(hal_fingerprint, hal_fingerprint_hwservice)
# For memory allocation
diff --git a/public/hal_gatekeeper.te b/public/hal_gatekeeper.te
index 0ff8f0844..64482c841 100644
--- a/public/hal_gatekeeper.te
+++ b/public/hal_gatekeeper.te
@@ -1,6 +1,5 @@
binder_call(hal_gatekeeper_client, hal_gatekeeper_server)
-add_hwservice(hal_gatekeeper_server, hal_gatekeeper_hwservice)
hal_attribute_hwservice_client(hal_gatekeeper, hal_gatekeeper_hwservice)
# TEE access.
diff --git a/public/hal_gnss.te b/public/hal_gnss.te
index 7e206a8ff..a2cdad763 100644
--- a/public/hal_gnss.te
+++ b/public/hal_gnss.te
@@ -2,5 +2,4 @@
binder_call(hal_gnss_client, hal_gnss_server)
binder_call(hal_gnss_server, hal_gnss_client)
-add_hwservice(hal_gnss_server, hal_gnss_hwservice)
hal_attribute_hwservice_client(hal_gnss, hal_gnss_hwservice)
diff --git a/public/hal_graphics_allocator.te b/public/hal_graphics_allocator.te
index 753b816d7..7cfa1d629 100644
--- a/public/hal_graphics_allocator.te
+++ b/public/hal_graphics_allocator.te
@@ -1,7 +1,6 @@
# HwBinder IPC from client to server
binder_call(hal_graphics_allocator_client, hal_graphics_allocator_server)
-add_hwservice(hal_graphics_allocator_server, hal_graphics_allocator_hwservice)
hal_attribute_hwservice_client(hal_graphics_allocator, hal_graphics_allocator_hwservice)
allow hal_graphics_allocator_client hal_graphics_mapper_hwservice:hwservice_manager find;
diff --git a/public/hal_graphics_composer.te b/public/hal_graphics_composer.te
index e6854f6f3..90acd83c8 100644
--- a/public/hal_graphics_composer.te
+++ b/public/hal_graphics_composer.te
@@ -2,7 +2,6 @@
binder_call(hal_graphics_composer_client, hal_graphics_composer_server)
binder_call(hal_graphics_composer_server, hal_graphics_composer_client)
-add_hwservice(hal_graphics_composer_server, hal_graphics_composer_hwservice)
hal_attribute_hwservice_client(hal_graphics_composer, hal_graphics_composer_hwservice)
# Coordinate with hal_graphics_mapper
diff --git a/public/hal_health.te b/public/hal_health.te
index f6d5d3b8e..3986c1ce9 100644
--- a/public/hal_health.te
+++ b/public/hal_health.te
@@ -2,7 +2,6 @@
binder_call(hal_health_client, hal_health_server)
binder_call(hal_health_server, hal_health_client)
-add_hwservice(hal_health_server, hal_health_hwservice)
hal_attribute_hwservice_client(hal_health, hal_health_hwservice)
# Read access to system files for HALs in
diff --git a/public/hal_ir.te b/public/hal_ir.te
index 022d5eeb6..51549f30d 100644
--- a/public/hal_ir.te
+++ b/public/hal_ir.te
@@ -2,5 +2,4 @@
binder_call(hal_ir_client, hal_ir_server)
binder_call(hal_ir_server, hal_ir_client)
-add_hwservice(hal_ir_server, hal_ir_hwservice)
hal_attribute_hwservice_client(hal_ir, hal_ir_hwservice)
diff --git a/public/hal_keymaster.te b/public/hal_keymaster.te
index 664f2774b..81f466fbf 100644
--- a/public/hal_keymaster.te
+++ b/public/hal_keymaster.te
@@ -1,7 +1,6 @@
# HwBinder IPC from client to server
binder_call(hal_keymaster_client, hal_keymaster_server)
-add_hwservice(hal_keymaster_server, hal_keymaster_hwservice)
hal_attribute_hwservice_client(hal_keymaster, hal_keymaster_hwservice)
allow hal_keymaster tee_device:chr_file rw_file_perms;
diff --git a/public/hal_light.te b/public/hal_light.te
index 841b17ab0..44f1cc9ff 100644
--- a/public/hal_light.te
+++ b/public/hal_light.te
@@ -2,7 +2,6 @@
binder_call(hal_light_client, hal_light_server)
binder_call(hal_light_server, hal_light_client)
-add_hwservice(hal_light_server, hal_light_hwservice)
hal_attribute_hwservice_client(hal_light, hal_light_hwservice)
allow hal_light sysfs_leds:lnk_file read;
diff --git a/public/hal_lowpan.te b/public/hal_lowpan.te
index 5bb36f96f..ff25c825b 100644
--- a/public/hal_lowpan.te
+++ b/public/hal_lowpan.te
@@ -2,7 +2,6 @@
binder_call(hal_lowpan_client, hal_lowpan_server)
binder_call(hal_lowpan_server, hal_lowpan_client)
-add_hwservice(hal_lowpan_server, hal_lowpan_hwservice)
# Allow hal_lowpan_client to be able to find the hal_lowpan_server
hal_attribute_hwservice_client(hal_lowpan, hal_lowpan_hwservice)
diff --git a/public/hal_memtrack.te b/public/hal_memtrack.te
index 8185fd144..4df040fbd 100644
--- a/public/hal_memtrack.te
+++ b/public/hal_memtrack.te
@@ -1,5 +1,4 @@
# HwBinder IPC from client to server
binder_call(hal_memtrack_client, hal_memtrack_server)
-add_hwservice(hal_memtrack_server, hal_memtrack_hwservice)
hal_attribute_hwservice_client(hal_memtrack, hal_memtrack_hwservice)
diff --git a/public/hal_neuralnetworks.te b/public/hal_neuralnetworks.te
index 149f76811..2580a6b7d 100644
--- a/public/hal_neuralnetworks.te
+++ b/public/hal_neuralnetworks.te
@@ -2,7 +2,6 @@
binder_call(hal_neuralnetworks_client, hal_neuralnetworks_server)
binder_call(hal_neuralnetworks_server, hal_neuralnetworks_client)
-add_hwservice(hal_neuralnetworks_server, hal_neuralnetworks_hwservice)
hal_attribute_hwservice_client(hal_neuralnetworks, hal_neuralnetworks_hwservice)
allow hal_neuralnetworks hidl_memory_hwservice:hwservice_manager find;
allow hal_neuralnetworks hal_allocator:fd use;
diff --git a/public/hal_nfc.te b/public/hal_nfc.te
index caa4c823b..334952622 100644
--- a/public/hal_nfc.te
+++ b/public/hal_nfc.te
@@ -2,7 +2,6 @@
binder_call(hal_nfc_client, hal_nfc_server)
binder_call(hal_nfc_server, hal_nfc_client)
-add_hwservice(hal_nfc_server, hal_nfc_hwservice)
hal_attribute_hwservice_client(hal_nfc, hal_nfc_hwservice)
# Set NFC properties (used by bcm2079x HAL).
diff --git a/public/hal_oemlock.te b/public/hal_oemlock.te
index d118f43cd..a55e4274b 100644
--- a/public/hal_oemlock.te
+++ b/public/hal_oemlock.te
@@ -1,5 +1,4 @@
# HwBinder IPC from client to server
binder_call(hal_oemlock_client, hal_oemlock_server)
-add_hwservice(hal_oemlock_server, hal_oemlock_hwservice)
hal_attribute_hwservice_client(hal_oemlock, hal_oemlock_hwservice)
diff --git a/public/hal_omx.te b/public/hal_omx.te
index 375f386c3..8543cac6a 100644
--- a/public/hal_omx.te
+++ b/public/hal_omx.te
@@ -1,8 +1,6 @@
# applies all permissions to hal_omx NOT hal_omx_server
# since OMX must always be in its own process.
-add_hwservice(hal_omx_server, hal_codec2_hwservice)
-add_hwservice(hal_omx_server, hal_omx_hwservice)
# can route /dev/binder traffic to /dev/vndbinder
vndbinder_use(hal_omx_server)
diff --git a/public/hal_power.te b/public/hal_power.te
index 26fbd4c30..044c0e834 100644
--- a/public/hal_power.te
+++ b/public/hal_power.te
@@ -2,5 +2,4 @@
binder_call(hal_power_client, hal_power_server)
binder_call(hal_power_server, hal_power_client)
-add_hwservice(hal_power_server, hal_power_hwservice)
hal_attribute_hwservice_client(hal_power, hal_power_hwservice)
diff --git a/public/hal_secure_element.te b/public/hal_secure_element.te
index 8410c772d..848ccbf9a 100644
--- a/public/hal_secure_element.te
+++ b/public/hal_secure_element.te
@@ -2,5 +2,4 @@
binder_call(hal_secure_element_client, hal_secure_element_server)
binder_call(hal_secure_element_server, hal_secure_element_client)
-add_hwservice(hal_secure_element_server, hal_secure_element_hwservice)
hal_attribute_hwservice_client(hal_secure_element, hal_secure_element_hwservice)
diff --git a/public/hal_sensors.te b/public/hal_sensors.te
index 603eead92..6ed729216 100644
--- a/public/hal_sensors.te
+++ b/public/hal_sensors.te
@@ -1,7 +1,6 @@
# HwBinder IPC from client to server
binder_call(hal_sensors_client, hal_sensors_server)
-add_hwservice(hal_sensors_server, hal_sensors_hwservice)
hal_attribute_hwservice_client(hal_sensors, hal_sensors_hwservice)
# Allow sensor hals to access ashmem memory allocated by apps
diff --git a/public/hal_telephony.te b/public/hal_telephony.te
index a20350b41..f07f0bab8 100644
--- a/public/hal_telephony.te
+++ b/public/hal_telephony.te
@@ -2,7 +2,6 @@
binder_call(hal_telephony_client, hal_telephony_server)
binder_call(hal_telephony_server, hal_telephony_client)
-add_hwservice(hal_telephony_server, hal_telephony_hwservice)
hal_attribute_hwservice_client(hal_telephony, hal_telephony_hwservice)
allowxperm hal_telephony_server self:udp_socket ioctl priv_sock_ioctls;
diff --git a/public/hal_thermal.te b/public/hal_thermal.te
index 105e882a4..84ed0c54e 100644
--- a/public/hal_thermal.te
+++ b/public/hal_thermal.te
@@ -2,5 +2,4 @@
binder_call(hal_thermal_client, hal_thermal_server)
binder_call(hal_thermal_server, hal_thermal_client)
-add_hwservice(hal_thermal_server, hal_thermal_hwservice)
hal_attribute_hwservice_client(hal_thermal, hal_thermal_hwservice)
diff --git a/public/hal_tv_cec.te b/public/hal_tv_cec.te
index 9ee2e3eed..5cd3d2dae 100644
--- a/public/hal_tv_cec.te
+++ b/public/hal_tv_cec.te
@@ -2,5 +2,4 @@
binder_call(hal_tv_cec_client, hal_tv_cec_server)
binder_call(hal_tv_cec_server, hal_tv_cec_client)
-add_hwservice(hal_tv_cec_server, hal_tv_cec_hwservice)
hal_attribute_hwservice_client(hal_tv_cec, hal_tv_cec_hwservice)
diff --git a/public/hal_tv_input.te b/public/hal_tv_input.te
index cee55bde3..3799938bb 100644
--- a/public/hal_tv_input.te
+++ b/public/hal_tv_input.te
@@ -2,5 +2,4 @@
binder_call(hal_tv_input_client, hal_tv_input_server)
binder_call(hal_tv_input_server, hal_tv_input_client)
-add_hwservice(hal_tv_input_server, hal_tv_input_hwservice)
hal_attribute_hwservice_client(hal_tv_input, hal_tv_input_hwservice)
diff --git a/public/hal_usb.te b/public/hal_usb.te
index 52fdce224..81ef1c7ad 100644
--- a/public/hal_usb.te
+++ b/public/hal_usb.te
@@ -2,7 +2,6 @@
binder_call(hal_usb_client, hal_usb_server)
binder_call(hal_usb_server, hal_usb_client)
-add_hwservice(hal_usb_server, hal_usb_hwservice)
hal_attribute_hwservice_client(hal_usb, hal_usb_hwservice)
allow hal_usb self:netlink_kobject_uevent_socket create;
diff --git a/public/hal_usb_gadget.te b/public/hal_usb_gadget.te
index 41683b0cd..b8e347f28 100644
--- a/public/hal_usb_gadget.te
+++ b/public/hal_usb_gadget.te
@@ -2,7 +2,6 @@
binder_call(hal_usb_gadget_client, hal_usb_gadget_server)
binder_call(hal_usb_gadget_server, hal_usb_gadget_client)
-add_hwservice(hal_usb_gadget_server, hal_usb_gadget_hwservice)
hal_attribute_hwservice_client(hal_usb_gadget, hal_usb_gadget_hwservice)
# Configuring usb gadget functions
diff --git a/public/hal_vehicle.te b/public/hal_vehicle.te
index d021da344..ea8b65220 100644
--- a/public/hal_vehicle.te
+++ b/public/hal_vehicle.te
@@ -2,6 +2,5 @@
binder_call(hal_vehicle_client, hal_vehicle_server)
binder_call(hal_vehicle_server, hal_vehicle_client)
-add_hwservice(hal_vehicle_server, hal_vehicle_hwservice)
hal_attribute_hwservice_client(hal_vehicle, hal_vehicle_hwservice)
diff --git a/public/hal_vibrator.te b/public/hal_vibrator.te
index ba6830d70..0b9d16812 100644
--- a/public/hal_vibrator.te
+++ b/public/hal_vibrator.te
@@ -1,7 +1,6 @@
# HwBinder IPC from client to server
binder_call(hal_vibrator_client, hal_vibrator_server)
-add_hwservice(hal_vibrator_server, hal_vibrator_hwservice)
hal_attribute_hwservice_client(hal_vibrator, hal_vibrator_hwservice)
# vibrator sysfs rw access
diff --git a/public/hal_vr.te b/public/hal_vr.te
index 4afe3cdeb..7286cd06d 100644
--- a/public/hal_vr.te
+++ b/public/hal_vr.te
@@ -2,5 +2,4 @@
binder_call(hal_vr_client, hal_vr_server)
binder_call(hal_vr_server, hal_vr_client)
-add_hwservice(hal_vr_server, hal_vr_hwservice)
hal_attribute_hwservice_client(hal_vr, hal_vr_hwservice)
diff --git a/public/hal_weaver.te b/public/hal_weaver.te
index 405321def..0ea4c6e9b 100644
--- a/public/hal_weaver.te
+++ b/public/hal_weaver.te
@@ -1,5 +1,4 @@
# HwBinder IPC from client to server
binder_call(hal_weaver_client, hal_weaver_server)
-add_hwservice(hal_weaver_server, hal_weaver_hwservice)
hal_attribute_hwservice_client(hal_weaver, hal_weaver_hwservice)
diff --git a/public/hal_wifi.te b/public/hal_wifi.te
index 45738e209..b67a43e11 100644
--- a/public/hal_wifi.te
+++ b/public/hal_wifi.te
@@ -2,7 +2,6 @@
binder_call(hal_wifi_client, hal_wifi_server)
binder_call(hal_wifi_server, hal_wifi_client)
-add_hwservice(hal_wifi_server, hal_wifi_hwservice)
hal_attribute_hwservice_client(hal_wifi, hal_wifi_hwservice)
r_dir_file(hal_wifi, proc_net_type)
diff --git a/public/hal_wifi_hostapd.te b/public/hal_wifi_hostapd.te
index ea84a36e2..7466d0407 100644
--- a/public/hal_wifi_hostapd.te
+++ b/public/hal_wifi_hostapd.te
@@ -2,7 +2,6 @@
binder_call(hal_wifi_hostapd_client, hal_wifi_hostapd_server)
binder_call(hal_wifi_hostapd_server, hal_wifi_hostapd_client)
-add_hwservice(hal_wifi_hostapd_server, hal_wifi_hostapd_hwservice)
hal_attribute_hwservice_client(hal_wifi_hostapd, hal_wifi_hostapd_hwservice)
allow hal_wifi_hostapd_server self:global_capability_class_set { net_admin net_raw };
diff --git a/public/hal_wifi_offload.te b/public/hal_wifi_offload.te
index 1b75711d7..59860f7cc 100644
--- a/public/hal_wifi_offload.te
+++ b/public/hal_wifi_offload.te
@@ -2,7 +2,6 @@
binder_call(hal_wifi_offload_client, hal_wifi_offload_server)
binder_call(hal_wifi_offload_server, hal_wifi_offload_client)
-add_hwservice(hal_wifi_offload_server, hal_wifi_offload_hwservice)
hal_attribute_hwservice_client(hal_wifi_offload, hal_wifi_offload_hwservice)
r_dir_file(hal_wifi_offload, proc_net_type)
diff --git a/public/hal_wifi_supplicant.te b/public/hal_wifi_supplicant.te
index 87a061f4d..2de2723b3 100644
--- a/public/hal_wifi_supplicant.te
+++ b/public/hal_wifi_supplicant.te
@@ -2,7 +2,6 @@
binder_call(hal_wifi_supplicant_client, hal_wifi_supplicant_server)
binder_call(hal_wifi_supplicant_server, hal_wifi_supplicant_client)
-add_hwservice(hal_wifi_supplicant_server, hal_wifi_supplicant_hwservice)
hal_attribute_hwservice_client(hal_wifi_supplicant, hal_wifi_supplicant_hwservice)
# in addition to ioctls whitelisted for all domains, grant hal_wifi_supplicant priv_sock_ioctls.
diff --git a/public/te_macros b/public/te_macros
index ffb84281f..59591b495 100644
--- a/public/te_macros
+++ b/public/te_macros
@@ -614,4 +614,6 @@ define(`add_hwservice', `
define(`hal_attribute_hwservice_client', `
allow $1_client $2:hwservice_manager find;
neverallow { domain -$1_client -$1_server } $2:hwservice_manager find;
+
+ add_hwservice($1_server, $2)
')
--
GitLab