From e756dd0175977bc10c6a1febab4c062c196eddc1 Mon Sep 17 00:00:00 2001 From: Zhao Ye Date: Thu, 14 Nov 2024 16:58:41 +0800 Subject: [PATCH] [Do Not Merge] remove bt Signed-off-by: Zhao Ye --- bluetooth/common/bluetooth.te | 22 ----------- bluetooth/common/btcfg.te | 32 --------------- bluetooth/common/file.te | 2 - bluetooth/common/file_contexts | 9 ----- bluetooth/common/hal_bluetooth_vbt.te | 57 --------------------------- bluetooth/common/hci_attach.te | 12 ------ bluetooth/common/init_bt_nvm.te | 34 ---------------- bluetooth/common/kernel.te | 3 -- bluetooth/common/property.te | 1 - bluetooth/common/property_contexts | 1 - bluetooth/common/system_server.te | 1 - bluetooth/common/ueventd.te | 2 - bluetooth/common/vendor_init.te | 1 - 13 files changed, 177 deletions(-) delete mode 100644 bluetooth/common/bluetooth.te delete mode 100644 bluetooth/common/btcfg.te delete mode 100644 bluetooth/common/file.te delete mode 100644 bluetooth/common/file_contexts delete mode 100644 bluetooth/common/hal_bluetooth_vbt.te delete mode 100644 bluetooth/common/hci_attach.te delete mode 100644 bluetooth/common/init_bt_nvm.te delete mode 100644 bluetooth/common/kernel.te delete mode 100644 bluetooth/common/property.te delete mode 100644 bluetooth/common/property_contexts delete mode 100644 bluetooth/common/system_server.te delete mode 100644 bluetooth/common/ueventd.te delete mode 100644 bluetooth/common/vendor_init.te diff --git a/bluetooth/common/bluetooth.te b/bluetooth/common/bluetooth.te deleted file mode 100644 index b45785a0..00000000 --- a/bluetooth/common/bluetooth.te +++ /dev/null @@ -1,22 +0,0 @@ -# -# Common Bluetooth Permissions -# -allow bluetooth self:socket create_socket_perms; -allowxperm bluetooth self:socket ioctl unpriv_sock_ioctls; - -allow bluetooth self:bluetooth_socket create_socket_perms; -allowxperm bluetooth self:bluetooth_socket ioctl unpriv_sock_ioctls; - -allow bluetooth kernel:system module_request; -allow bluetooth rfkill_device:chr_file rw_file_perms; -allow bluetooth sysfs_bluetooth_writable:file rw_file_perms; - -module_only(`config_partition', ` - allow bluetooth config_file:dir search; -') - -allow bluetooth bluetooth_efs_file:dir rw_dir_perms; -allow bluetooth bluetooth_efs_file:file create_file_perms; - -allow bluetooth bluetooth_config_file:dir r_dir_perms; -allow bluetooth bluetooth_config_file:file r_file_perms; diff --git a/bluetooth/common/btcfg.te b/bluetooth/common/btcfg.te deleted file mode 100644 index d02dd001..00000000 --- a/bluetooth/common/btcfg.te +++ /dev/null @@ -1,32 +0,0 @@ -type btcfg, domain; -type btcfg_exec, exec_type, file_type, vendor_file_type; - -init_daemon_domain(btcfg) - -allow btcfg self:socket create_socket_perms; -allowxperm btcfg self:socket ioctl { - unpriv_sock_ioctls - HCIGETDEVLIST - HCIGETDEVINFO -}; - -allow btcfg self:bluetooth_socket create_socket_perms; - -allowxperm btcfg self:bluetooth_socket ioctl { - unpriv_sock_ioctls - HCIGETDEVLIST - HCIGETDEVINFO -}; - -allow btcfg hci_attach_dev:chr_file rw_file_perms; -allow btcfg kernel:system module_request; -allow btcfg hci_attach_exec:file rx_file_perms; -allow btcfg vendor_file:file rx_file_perms; - -not_full_treble(` - allow btcfg system_file:file rx_file_perms; - allow btcfg shell_exec:file rx_file_perms; -') -full_treble_only(` - allow btcfg vendor_shell_exec:file rx_file_perms; -') diff --git a/bluetooth/common/file.te b/bluetooth/common/file.te deleted file mode 100644 index 9c913938..00000000 --- a/bluetooth/common/file.te +++ /dev/null @@ -1,2 +0,0 @@ -# NVM data in etc/bluetooth -type bluetooth_config_file, file_type, data_file_type; diff --git a/bluetooth/common/file_contexts b/bluetooth/common/file_contexts deleted file mode 100644 index 12ce7642..00000000 --- a/bluetooth/common/file_contexts +++ /dev/null @@ -1,9 +0,0 @@ -# /system/etc/bluetooth(/.*)? u:object_r:bluetooth_config_file:s0 -(/system)?/vendor/bin/bt_nvm_init.sh u:object_r:init_bt_nvm_exec:s0 -/vendor/bin/hciattach u:object_r:hci_attach_exec:s0 - -# setup by device/intel/common/bluetooth/rfkill/rfkill_bt.sh -/sys/devices/pci0000:00/8086228A:00/.*/rfkill/rfkill[0-9]+/state u:object_r:sysfs_bluetooth_writable:s0 - -/vendor/bin/btcfg.sh u:object_r:btcfg_exec:s0 -/vendor/bin/hw/android\.hardware\.bluetooth@1\.0-service\.vbt u:object_r:hal_bluetooth_vbt_exec:s0 diff --git a/bluetooth/common/hal_bluetooth_vbt.te b/bluetooth/common/hal_bluetooth_vbt.te deleted file mode 100644 index bf9e4e54..00000000 --- a/bluetooth/common/hal_bluetooth_vbt.te +++ /dev/null @@ -1,57 +0,0 @@ -# For treble mode, the HAL is loaded by a excutable hal service, and -# framework need request the hal service if it want to operate the -# device by HAL. -# For bluetooth, the default hal service is created by Google named -# android.hardware.bluetooth@1.0-service -# Google also setup sepolicy types and rules for the hal services, and -# android.hardware.bluetooth@1.0-service is one of hal services. -# The sepolicy type and rules for the hal services are created by Google -# and locate at system/sepolicy/vendor/hal_xxx.te -# For bluetooth it is hal_bluetooth_default.te, and the content of this -# file is -# -# -# type hal_bluetooth_default, domain; -# hal_server_domain(hal_bluetooth_default, hal_bluetooth) -# -# type hal_bluetooth_default_exec, exec_type, file_type; -# init_daemon_domain(hal_bluetooth_default) -# -# Google allow vendor to write his own hal service, but do not suggest -# directly modify the default hal service code. Google also give the reference -# code(device/linaro/hikey/bluetooth) about how to write vendor's own hal -# service. -# For gordon peak, bluetooth hal service need to be changed because some -# message handling difference with Google's default one. Then the bluetooth -# hal service for gordon peak is created based on default one. -# The sepolicy types and rules for gordon peak bluetooth service needs to be -# created too based on the default one. -# The following setting are copied from hal_bluetooth_default.te except use -# extension "vbt" to replace "default". - -type hal_bluetooth_vbt, domain; -hal_server_domain(hal_bluetooth_vbt, hal_bluetooth) - -type hal_bluetooth_vbt_exec, exec_type, file_type, vendor_file_type; -init_daemon_domain(hal_bluetooth_vbt) - -set_prop(hal_bluetooth_vbt, vendor_bluetooth_prop) - -allow hal_bluetooth_vbt self:socket create_socket_perms; - -allowxperm hal_bluetooth_vbt self:socket ioctl { - unpriv_sock_ioctls - HCIDEVDOWN -}; - -allow hal_bluetooth_vbt self:bluetooth_socket create_socket_perms; - -allow hal_bluetooth_vbt device:dir read; -allow hal_bluetooth_vbt usb_device:chr_file rw_file_perms; -allow hal_bluetooth_vbt usb_device:dir r_dir_perms; -allow hal_bluetooth_vbt self:netlink_kobject_uevent_socket { create bind setopt read }; - -allowxperm hal_bluetooth_vbt self:bluetooth_socket ioctl { - unpriv_sock_ioctls - HCIDEVDOWN -}; diff --git a/bluetooth/common/hci_attach.te b/bluetooth/common/hci_attach.te deleted file mode 100644 index 31b5427a..00000000 --- a/bluetooth/common/hci_attach.te +++ /dev/null @@ -1,12 +0,0 @@ -type hci_attach, domain; -type hci_attach_exec, exec_type, file_type, vendor_file_type; - -init_daemon_domain(hci_attach) - -allow hci_attach kernel:system module_request; -allow hci_attach hci_attach_dev:chr_file rw_file_perms; -allow hci_attach bluetooth_efs_file:dir r_dir_perms; -allow hci_attach bluetooth_efs_file:file r_file_perms; - -allow hci_attach rootfs:lnk_file getattr; -allow hci_attach sysfs:file r_file_perms; diff --git a/bluetooth/common/init_bt_nvm.te b/bluetooth/common/init_bt_nvm.te deleted file mode 100644 index 9c66da80..00000000 --- a/bluetooth/common/init_bt_nvm.te +++ /dev/null @@ -1,34 +0,0 @@ -type init_bt_nvm, domain; -type init_bt_nvm_exec, exec_type, file_type, vendor_file_type; - -init_daemon_domain(init_bt_nvm) - -allow init_bt_nvm bluetooth_config_file:dir r_dir_perms; -allow init_bt_nvm bluetooth_config_file:file r_file_perms; - -allow init_bt_nvm efs_file:dir create_dir_perms; -allow init_bt_nvm efs_file:file create_file_perms; - -allow init_bt_nvm bluetooth_efs_file:dir w_dir_perms; -allow init_bt_nvm bluetooth_efs_file:file create_file_perms; - -allow init_bt_nvm init_bt_nvm_exec:file x_file_perms; - -module_only(`config_partition', ` - allow init_bt_nvm config_file:dir r_dir_perms; - allow init_bt_nvm config_file:file r_file_perms; -') - -userdebug_or_eng(` - allow init_bt_nvm configfs:dir r_dir_perms; -') - -not_full_treble(` - allow init_bt_nvm shell_exec:file rx_file_perms; - allow init_bt_nvm toolbox_exec:file rx_file_perms; - allow init_bt_nvm system_file:file rx_file_perms; -') -full_treble_only(` - allow init_bt_nvm vendor_shell_exec:file rx_file_perms; - allow init_bt_nvm vendor_toolbox_exec:file rx_file_perms; -') diff --git a/bluetooth/common/kernel.te b/bluetooth/common/kernel.te deleted file mode 100644 index d53ddfad..00000000 --- a/bluetooth/common/kernel.te +++ /dev/null @@ -1,3 +0,0 @@ -#allow read permission for Bluetooth firmware file -allow kernel vendor_file:file { open read }; - diff --git a/bluetooth/common/property.te b/bluetooth/common/property.te deleted file mode 100644 index 2489384a..00000000 --- a/bluetooth/common/property.te +++ /dev/null @@ -1 +0,0 @@ -vendor_internal_prop(vendor_bluetooth_prop) diff --git a/bluetooth/common/property_contexts b/bluetooth/common/property_contexts deleted file mode 100644 index 019b293c..00000000 --- a/bluetooth/common/property_contexts +++ /dev/null @@ -1 +0,0 @@ -vendor.bluetooth.hwcfg u:object_r:vendor_bluetooth_prop:s0 diff --git a/bluetooth/common/system_server.te b/bluetooth/common/system_server.te deleted file mode 100644 index d8cc4672..00000000 --- a/bluetooth/common/system_server.te +++ /dev/null @@ -1 +0,0 @@ -add_service(system_server, bluetooth_service) diff --git a/bluetooth/common/ueventd.te b/bluetooth/common/ueventd.te deleted file mode 100644 index e610c2d0..00000000 --- a/bluetooth/common/ueventd.te +++ /dev/null @@ -1,2 +0,0 @@ -allow ueventd bluetooth_efs_file:dir search; -allow ueventd bluetooth_efs_file:file { read getattr open }; diff --git a/bluetooth/common/vendor_init.te b/bluetooth/common/vendor_init.te deleted file mode 100644 index 891319e6..00000000 --- a/bluetooth/common/vendor_init.te +++ /dev/null @@ -1 +0,0 @@ -set_prop(vendor_init, vendor_bluetooth_prop)