db845c: qcom: Add userspace tools to talk to dsp and modem

Add Qcom userspace tools and their respective sepolicy rules. Userspace tools are downloaded from following github: To trigger loading of wlan firmware on SDM845 git clone https://github.com/andersson/pd-mapper Userspace reference for net/qrtr in the Linux kernel git clone https://github.com/andersson/qrtr Qualcomm Remote Filesystem Service Implementation git clone https://github.com/andersson/rmtfs Trivial File Transfer Protocol server over AF_QIPCRTR git clone https://github.com/andersson/tqftpserv Change-Id: Ic466af6fef010a9b71c90e38205f49a876b001e2 Signed-off-by: Amit Pundir <amit.pundir@linaro.org> Signed-off-by: John Stultz <john.stultz@linaro.org>
author: Amit Pundir <amit.pundir@linaro.org> 2020-02-07 22:26:08 +0530
committer: John Stultz <john.stultz@linaro.org> 2020-03-17 04:10:56 +0000
commit: d477f821bb485acbb232cb896e06b99ed98ba25c (patch)
tree: 2cb8babdc907b5eb23c85cedb70742e360beeba5 /sepolicy
parent: 4789995b56420cfbd17b71dd242b54d36fca6361 (diff)
7 files changed, 71 insertions, 4 deletions
diff --git a/sepolicy/file.te b/sepolicy/file.te
index 4d9988f..3e31092 100644
--- a/sepolicy/file.te
+++ b/sepolicy/file.te
@@ -1,2 +1,7 @@
 type sysfs_gpu, fs_type, sysfs_type;
+type sysfs_rmtfs, fs_type, sysfs_type;
+type sysfs_tqftpserv, fs_type, sysfs_type;
 type dri_device, dev_type;
+type rmtfs_device, dev_type;
+type modem_block_device, dev_type;
+type tqftpserv_vendor_data_file, file_type, data_file_type, mlstrustedobject;
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index f1d323c..165f3b3 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -1,19 +1,40 @@
-/dev/block/by-name/metadata		u:object_r:metadata_block_device:s0
+/dev/block/platform/soc@0/1d84000\.ufshc/by-name/fsc		u:object_r:modem_block_device:s0
+/dev/block/platform/soc@0/1d84000\.ufshc/by-name/fsg		u:object_r:modem_block_device:s0
+/dev/block/platform/soc@0/1d84000\.ufshc/by-name/modemst[12]	u:object_r:modem_block_device:s0
+/dev/block/platform/soc@0/1d84000\.ufshc/by-name/metadata	u:object_r:metadata_block_device:s0
+/dev/block/platform/soc@0/1d84000\.ufshc/by-name/super		u:object_r:super_block_device:s0
+/dev/block/platform/soc@0/1d84000\.ufshc/by-name/userdata	u:object_r:userdata_block_device:s0
+
 /dev/dri				u:object_r:dri_device:s0
 /dev/dri/card0				u:object_r:graphics_device:s0
 /dev/dri/renderD128			u:object_r:gpu_device:s0
+/dev/qcom_rmtfs_mem1			u:object_r:rmtfs_device:s0
 /dev/ttyMSM0				u:object_r:console_device:s0
 
+/sys/bus/platform/drivers/qcom-q6v5-mss							u:object_r:sysfs_rmtfs:s0
+/sys/devices/platform/88f00000.memory/rmtfs						u:object_r:sysfs_rmtfs:s0
+
 /sys/devices/platform/soc/ae00000.mdss							u:object_r:sysfs_gpu:s0
 /sys/devices/platform/soc/c440000.spmi/spmi-0/0-00/c440000.spmi:pmic@0:rtc@6000/rtc	u:object_r:sysfs_rtc:s0
 
 # sysfs path changed in v5.4+ kernel for sdm845 devices
+/sys/devices/platform/soc@0/4080000.remoteproc						u:object_r:sysfs_rmtfs:s0
 /sys/devices/platform/soc@0/ae00000.mdss						u:object_r:sysfs_gpu:s0
 /sys/devices/platform/soc@0/c440000.spmi/spmi-0/0-00/c440000.spmi:pmic@0:rtc@6000/rtc	u:object_r:sysfs_rtc:s0
 
-/dev/block/platform/soc@0/1d84000\.ufshc/by-name/userdata				u:object_r:userdata_block_device:s0
+/sys/class/remoteproc									u:object_r:sysfs_tqftpserv:s0
+/sys/devices/platform/remoteproc-cdsp/remoteproc/remoteproc2/firmware			u:object_r:sysfs_tqftpserv:s0
+
+/data/vendor/tmp(/.*)?									u:object_r:tqftpserv_vendor_data_file:s0
+/data/vendor/readwrite(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
+/data/vendor/readonly(/.*)?								u:object_r:tqftpserv_vendor_data_file:s0
 
 /vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.software			u:object_r:hal_gatekeeper_default_exec:s0
+/vendor/bin/pd-mapper									u:object_r:pd_mapper_exec:s0
+/vendor/bin/qrtr-cfg									u:object_r:qrtr_exec:s0
+/vendor/bin/qrtr-ns									u:object_r:qrtr_exec:s0
+/vendor/bin/rmtfs									u:object_r:rmtfs_exec:s0
+/vendor/bin/tqftpserv									u:object_r:tqftpserv_exec:s0
 
 /vendor/lib(64)?/dri/.*									u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/hw/gralloc\.gbm\.so							u:object_r:same_process_hal_file:s0
@@ -21,3 +42,4 @@
 /vendor/lib(64)?/libdrm_freedreno\.so							u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/libgbm\.so								u:object_r:same_process_hal_file:s0
 /vendor/lib(64)?/libglapi\.so								u:object_r:same_process_hal_file:s0
+/vendor/lib(64)?/libqrtr\.so								u:object_r:same_process_hal_file:s0
diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts
index 0816df9..caed6c0 100644
--- a/sepolicy/genfs_contexts
+++ b/sepolicy/genfs_contexts
@@ -1,6 +1,9 @@
-genfscon sysfs   /devices/platform/soc/ae00000.mdss	u:object_r:sysfs_gpu:s0
+genfscon sysfs   /devices/platform/88f00000.memory/rmtfs					u:object_r:sysfs_rmtfs:s0
+genfscon sysfs   /devices/platform/soc/ae00000.mdss						u:object_r:sysfs_gpu:s0
 genfscon sysfs   /devices/platform/soc/c440000.spmi/spmi-0/0-00/c440000.spmi:pmic@0:rtc@6000	u:object_r:sysfs_rtc:s0
 
+genfscon sysfs   /devices/platform/remoteproc-cdsp/remoteproc/remoteproc2/firmware		u:object_r:sysfs_tqftpserv:s0
 # sysfs path changed in v5.4+ kernel for sdm845 devices
-genfscon sysfs   /devices/platform/soc@0/ae00000.mdss	u:object_r:sysfs_gpu:s0
+genfscon sysfs   /devices/platform/soc@0/4080000.remoteproc					u:object_r:sysfs_rmtfs:s0
+genfscon sysfs   /devices/platform/soc@0/ae00000.mdss						u:object_r:sysfs_gpu:s0
 genfscon sysfs   /devices/platform/soc@0/c440000.spmi/spmi-0/0-00/c440000.spmi:pmic@0:rtc@6000	u:object_r:sysfs_rtc:s0
diff --git a/sepolicy/pd_mapper.te b/sepolicy/pd_mapper.te
new file mode 100644
index 0000000..6eb348e
--- /dev/null
+++ b/sepolicy/pd_mapper.te
@@ -0,0 +1,6 @@
+type pd_mapper, domain;
+
+type pd_mapper_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(pd_mapper);
+
+allow pd_mapper self:qipcrtr_socket { create getattr read setopt write };
diff --git a/sepolicy/qrtr.te b/sepolicy/qrtr.te
new file mode 100644
index 0000000..8344398
--- /dev/null
+++ b/sepolicy/qrtr.te
@@ -0,0 +1,8 @@
+type qrtr, domain;
+type qrtr_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(qrtr)
+
+allow qrtr self:capability net_admin;
+allow qrtr self:capability sys_admin;
+allow qrtr self:qipcrtr_socket create_socket_perms_no_ioctl;
+allow qrtr self:netlink_route_socket { create nlmsg_write read write };
diff --git a/sepolicy/rmtfs.te b/sepolicy/rmtfs.te
new file mode 100644
index 0000000..fff2e64
--- /dev/null
+++ b/sepolicy/rmtfs.te
@@ -0,0 +1,13 @@
+type rmtfs, domain;
+type rmtfs_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(rmtfs)
+
+allow rmtfs block_device:dir search;
+allow rmtfs modem_block_device:blk_file { open read };
+allow rmtfs rmtfs_device:chr_file { open read write };
+allow rmtfs self:capability net_admin;
+allow rmtfs self:qipcrtr_socket { bind create getattr read setopt write };
+allow rmtfs sysfs_rmtfs:dir { open read search};
+allow rmtfs sysfs_rmtfs:file r_file_perms;
+allow rmtfs sysfs_rmtfs:file write;
diff --git a/sepolicy/tqftpserv.te b/sepolicy/tqftpserv.te
new file mode 100644
index 0000000..46f3926
--- /dev/null
+++ b/sepolicy/tqftpserv.te
@@ -0,0 +1,10 @@
+type tqftpserv, domain;
+
+type tqftpserv_exec, exec_type, vendor_file_type, file_type;
+init_daemon_domain(tqftpserv);
+
+allow tqftpserv self:qipcrtr_socket { connect create getattr read setopt write };
+allow tqftpserv sysfs_tqftpserv:dir { open read search };
+allow tqftpserv sysfs_tqftpserv:file { open read };
+allow tqftpserv tqftpserv_vendor_data_file:dir { add_name create open read search write };
+allow tqftpserv tqftpserv_vendor_data_file:file { create open write };
author	Amit Pundir <amit.pundir@linaro.org>	2020-02-07 22:26:08 +0530
committer	John Stultz <john.stultz@linaro.org>	2020-03-17 04:10:56 +0000
commit	d477f821bb485acbb232cb896e06b99ed98ba25c (patch)
tree	2cb8babdc907b5eb23c85cedb70742e360beeba5 /sepolicy
parent	4789995b56420cfbd17b71dd242b54d36fca6361 (diff)