Allow to use sockets from hal server for auto

Add an exemption to neverallow rule to use sockets from HAL servers only for automotive build Bug: 78901167 Test: assign this attribute to hal_vehicle_default and try to open socket from HAL implementation Test: verify that new CTS test will fail for non-automotive build with this attribute buing used Test: make cts && cts-tradefed run singleCommand cts --skip-device-info --skip-preconditions --abi arm64-v8a --module CtsSecurityHostTestCases -t android.security.cts.SELinuxHostTest Change-Id: I27976443dad4fc5b7425c089512cac65bb54d6d9

Allow to use sockets from hal server for auto
Add an exemption to neverallow rule to use sockets from HAL servers only for automotive build Bug: 78901167 Test: assign this attribute to hal_vehicle_default and try to open socket from HAL implementation Test: verify that new CTS test will fail for non-automotive build with this attribute buing used Test: make cts && cts-tradefed run singleCommand cts --skip-device-info --skip-preconditions --abi arm64-v8a --module CtsSecurityHostTestCases -t android.security.cts.SELinuxHostTest Change-Id: I27976443dad4fc5b7425c089512cac65bb54d6d9
4cafae77 · Pavel Maltsev · fa3934c9 · 4cafae77 · 4cafae77 · 4cafae77
Commit 4cafae77 authored 6 years ago by Pavel Maltsev
--- a/prebuilts/api/28.0/public/attributes
+++ b/prebuilts/api/28.0/public/attributes
@@ -207,6 +207,12 @@ attribute halserverdomain;
 attribute halclientdomain;
 expandattribute halclientdomain true;

+# Exempt for halserverdomain to access sockets. Only builds for automotive
+# device types are allowed to use this attribute (enforced by CTS).
+# Unlike phone, in a car many modules are external from Android perspective and
+# HALs should be able to communicate with those devices through sockets.
+attribute hal_automotive_socket_exemption;
+
 # TODO(b/72757373): Use hal_attribute macro once expandattribute value conflicts
 # can be resolve.
 attribute hal_audio;

--- a/prebuilts/api/28.0/public/hal_neverallows.te
+++ b/prebuilts/api/28.0/public/hal_neverallows.te
@@ -11,8 +11,13 @@ neverallow {

 # Unless a HAL's job is to communicate over the network, or control network
 # hardware, it should not be using network sockets.
+# NOTE: HALs for automotive devices have an exemption from this rule because in
+# a car it is common to have external modules and HALs need to communicate to
+# those modules using network.  Using this exemption for non-automotive builds
+# will result in CTS failure.
 neverallow {
  halserverdomain
+  -hal_automotive_socket_exemption
  -hal_tetheroffload_server
  -hal_wifi_server
  -hal_wifi_hostapd_server

--- a/public/attributes
+++ b/public/attributes
@@ -207,6 +207,12 @@ attribute halserverdomain;
 attribute halclientdomain;
 expandattribute halclientdomain true;

+# Exempt for halserverdomain to access sockets. Only builds for automotive
+# device types are allowed to use this attribute (enforced by CTS).
+# Unlike phone, in a car many modules are external from Android perspective and
+# HALs should be able to communicate with those devices through sockets.
+attribute hal_automotive_socket_exemption;
+
 # TODO(b/72757373): Use hal_attribute macro once expandattribute value conflicts
 # can be resolve.
 attribute hal_audio;

--- a/public/hal_neverallows.te
+++ b/public/hal_neverallows.te
@@ -11,8 +11,13 @@ neverallow {

 # Unless a HAL's job is to communicate over the network, or control network
 # hardware, it should not be using network sockets.
+# NOTE: HALs for automotive devices have an exemption from this rule because in
+# a car it is common to have external modules and HALs need to communicate to
+# those modules using network.  Using this exemption for non-automotive builds
+# will result in CTS failure.
 neverallow {
  halserverdomain
+  -hal_automotive_socket_exemption
  -hal_tetheroffload_server
  -hal_wifi_server
  -hal_wifi_hostapd_server