1*e4a36f41SAndroid Build Coastguard Worker# hwservice types. By default most of the HALs are protected_hwservice, which means 2*e4a36f41SAndroid Build Coastguard Worker# access from untrusted apps is prohibited. 3*e4a36f41SAndroid Build Coastguard Workertype default_android_hwservice, hwservice_manager_type, protected_hwservice; 4*e4a36f41SAndroid Build Coastguard Workertype fwk_camera_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 5*e4a36f41SAndroid Build Coastguard Workertype fwk_display_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 6*e4a36f41SAndroid Build Coastguard Workertype fwk_scheduler_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 7*e4a36f41SAndroid Build Coastguard Workertype fwk_sensor_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 8*e4a36f41SAndroid Build Coastguard Workertype fwk_stats_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 9*e4a36f41SAndroid Build Coastguard Workertype fwk_automotive_display_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 10*e4a36f41SAndroid Build Coastguard Workertype hal_atrace_hwservice, hwservice_manager_type, protected_hwservice; 11*e4a36f41SAndroid Build Coastguard Workertype hal_audio_hwservice, hwservice_manager_type, protected_hwservice; 12*e4a36f41SAndroid Build Coastguard Workertype hal_audiocontrol_hwservice, hwservice_manager_type, protected_hwservice; 13*e4a36f41SAndroid Build Coastguard Workertype hal_authsecret_hwservice, hwservice_manager_type, protected_hwservice; 14*e4a36f41SAndroid Build Coastguard Workertype hal_bluetooth_hwservice, hwservice_manager_type, protected_hwservice; 15*e4a36f41SAndroid Build Coastguard Workertype hal_bootctl_hwservice, hwservice_manager_type, protected_hwservice; 16*e4a36f41SAndroid Build Coastguard Workertype hal_broadcastradio_hwservice, hwservice_manager_type, protected_hwservice; 17*e4a36f41SAndroid Build Coastguard Workertype hal_camera_hwservice, hwservice_manager_type, protected_hwservice; 18*e4a36f41SAndroid Build Coastguard Workertype hal_can_bus_hwservice, hwservice_manager_type, protected_hwservice; 19*e4a36f41SAndroid Build Coastguard Workertype hal_can_controller_hwservice, hwservice_manager_type, protected_hwservice; 20*e4a36f41SAndroid Build Coastguard Workertype hal_confirmationui_hwservice, hwservice_manager_type, protected_hwservice; 21*e4a36f41SAndroid Build Coastguard Workertype hal_contexthub_hwservice, hwservice_manager_type, protected_hwservice; 22*e4a36f41SAndroid Build Coastguard Workertype hal_dumpstate_hwservice, hwservice_manager_type, protected_hwservice; 23*e4a36f41SAndroid Build Coastguard Workertype hal_evs_hwservice, hwservice_manager_type, protected_hwservice; 24*e4a36f41SAndroid Build Coastguard Workertype hal_face_hwservice, hwservice_manager_type, protected_hwservice; 25*e4a36f41SAndroid Build Coastguard Workertype hal_fingerprint_hwservice, hwservice_manager_type, protected_hwservice; 26*e4a36f41SAndroid Build Coastguard Workertype hal_gatekeeper_hwservice, hwservice_manager_type, protected_hwservice; 27*e4a36f41SAndroid Build Coastguard Workertype hal_gnss_hwservice, hwservice_manager_type, protected_hwservice; 28*e4a36f41SAndroid Build Coastguard Workertype hal_graphics_composer_hwservice, hwservice_manager_type, protected_hwservice; 29*e4a36f41SAndroid Build Coastguard Workertype hal_health_hwservice, hwservice_manager_type, protected_hwservice; 30*e4a36f41SAndroid Build Coastguard Workertype hal_health_storage_hwservice, hwservice_manager_type, protected_hwservice; 31*e4a36f41SAndroid Build Coastguard Workertype hal_input_classifier_hwservice, hwservice_manager_type, protected_hwservice; 32*e4a36f41SAndroid Build Coastguard Workertype hal_ir_hwservice, hwservice_manager_type, protected_hwservice; 33*e4a36f41SAndroid Build Coastguard Workertype hal_keymaster_hwservice, hwservice_manager_type, protected_hwservice; 34*e4a36f41SAndroid Build Coastguard Workertype hal_light_hwservice, hwservice_manager_type, protected_hwservice; 35*e4a36f41SAndroid Build Coastguard Workertype hal_lowpan_hwservice, hwservice_manager_type, protected_hwservice; 36*e4a36f41SAndroid Build Coastguard Workertype hal_memtrack_hwservice, hwservice_manager_type, protected_hwservice; 37*e4a36f41SAndroid Build Coastguard Workertype hal_nfc_hwservice, hwservice_manager_type, protected_hwservice; 38*e4a36f41SAndroid Build Coastguard Workertype hal_oemlock_hwservice, hwservice_manager_type, protected_hwservice; 39*e4a36f41SAndroid Build Coastguard Workertype hal_power_hwservice, hwservice_manager_type, protected_hwservice; 40*e4a36f41SAndroid Build Coastguard Workertype hal_power_stats_hwservice, hwservice_manager_type, protected_hwservice; 41*e4a36f41SAndroid Build Coastguard Workertype hal_secure_element_hwservice, hwservice_manager_type, protected_hwservice; 42*e4a36f41SAndroid Build Coastguard Workertype hal_sensors_hwservice, hwservice_manager_type, protected_hwservice; 43*e4a36f41SAndroid Build Coastguard Workertype hal_telephony_hwservice, hwservice_manager_type, protected_hwservice; 44*e4a36f41SAndroid Build Coastguard Workertype hal_tetheroffload_hwservice, hwservice_manager_type, protected_hwservice; 45*e4a36f41SAndroid Build Coastguard Workertype hal_thermal_hwservice, hwservice_manager_type, protected_hwservice; 46*e4a36f41SAndroid Build Coastguard Workertype hal_tv_cec_hwservice, hwservice_manager_type, protected_hwservice; 47*e4a36f41SAndroid Build Coastguard Workertype hal_tv_input_hwservice, hwservice_manager_type, protected_hwservice; 48*e4a36f41SAndroid Build Coastguard Workertype hal_tv_tuner_hwservice, hwservice_manager_type, protected_hwservice; 49*e4a36f41SAndroid Build Coastguard Workertype hal_usb_gadget_hwservice, hwservice_manager_type, protected_hwservice; 50*e4a36f41SAndroid Build Coastguard Workertype hal_usb_hwservice, hwservice_manager_type, protected_hwservice; 51*e4a36f41SAndroid Build Coastguard Workertype hal_vehicle_hwservice, hwservice_manager_type, protected_hwservice; 52*e4a36f41SAndroid Build Coastguard Workertype hal_vibrator_hwservice, hwservice_manager_type, protected_hwservice; 53*e4a36f41SAndroid Build Coastguard Workertype hal_vr_hwservice, hwservice_manager_type, protected_hwservice; 54*e4a36f41SAndroid Build Coastguard Workertype hal_weaver_hwservice, hwservice_manager_type, protected_hwservice; 55*e4a36f41SAndroid Build Coastguard Workertype hal_wifi_hostapd_hwservice, hwservice_manager_type, protected_hwservice; 56*e4a36f41SAndroid Build Coastguard Workertype hal_wifi_hwservice, hwservice_manager_type, protected_hwservice; 57*e4a36f41SAndroid Build Coastguard Workertype hal_wifi_supplicant_hwservice, hwservice_manager_type, protected_hwservice; 58*e4a36f41SAndroid Build Coastguard Workertype system_net_netd_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 59*e4a36f41SAndroid Build Coastguard Workertype system_suspend_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 60*e4a36f41SAndroid Build Coastguard Workertype system_wifi_keystore_hwservice, hwservice_manager_type, coredomain_hwservice, protected_hwservice; 61*e4a36f41SAndroid Build Coastguard Worker 62*e4a36f41SAndroid Build Coastguard Worker# Following is the hwservices that are explicitly not marked with protected_hwservice. 63*e4a36f41SAndroid Build Coastguard Worker# These are directly accessible from untrusted apps. 64*e4a36f41SAndroid Build Coastguard Worker# - same process services: because they by definition run in the process 65*e4a36f41SAndroid Build Coastguard Worker# of the client and thus have the same access as the client domain in which 66*e4a36f41SAndroid Build Coastguard Worker# the process runs 67*e4a36f41SAndroid Build Coastguard Worker# - coredomain_hwservice: are considered safer than ordinary hwservices which 68*e4a36f41SAndroid Build Coastguard Worker# are from vendor partition 69*e4a36f41SAndroid Build Coastguard Worker# - hal_configstore_ISurfaceFlingerConfigs: becuase it has specifically been 70*e4a36f41SAndroid Build Coastguard Worker# designed for use by any domain. 71*e4a36f41SAndroid Build Coastguard Worker# - hal_graphics_allocator_hwservice: because these operations are also offered 72*e4a36f41SAndroid Build Coastguard Worker# by surfaceflinger Binder service, which apps are permitted to access 73*e4a36f41SAndroid Build Coastguard Worker# - hal_omx_hwservice: because this is a HwBinder version of the mediacodec 74*e4a36f41SAndroid Build Coastguard Worker# Binder service which apps were permitted to access. 75*e4a36f41SAndroid Build Coastguard Worker# - hal_codec2_hwservice: because this is a newer version of hal_omx_hwservice. 76*e4a36f41SAndroid Build Coastguard Worker# - hal_drm_hwservice: versions > API 29 are designed specifically with 77*e4a36f41SAndroid Build Coastguard Worker# untrusted app access in mind. 78*e4a36f41SAndroid Build Coastguard Workertype fwk_bufferhub_hwservice, hwservice_manager_type, coredomain_hwservice; 79*e4a36f41SAndroid Build Coastguard Workertype hal_cas_hwservice, hwservice_manager_type; 80*e4a36f41SAndroid Build Coastguard Workertype hal_codec2_hwservice, hwservice_manager_type; 81*e4a36f41SAndroid Build Coastguard Workertype hal_configstore_ISurfaceFlingerConfigs, hwservice_manager_type; 82*e4a36f41SAndroid Build Coastguard Workertype hal_drm_hwservice, hwservice_manager_type; 83*e4a36f41SAndroid Build Coastguard Workertype hal_graphics_allocator_hwservice, hwservice_manager_type; 84*e4a36f41SAndroid Build Coastguard Workertype hal_graphics_mapper_hwservice, hwservice_manager_type, same_process_hwservice; 85*e4a36f41SAndroid Build Coastguard Workertype hal_neuralnetworks_hwservice, hwservice_manager_type; 86*e4a36f41SAndroid Build Coastguard Workertype hal_omx_hwservice, hwservice_manager_type; 87*e4a36f41SAndroid Build Coastguard Workertype hal_renderscript_hwservice, hwservice_manager_type, same_process_hwservice; 88*e4a36f41SAndroid Build Coastguard Workertype hidl_allocator_hwservice, hwservice_manager_type, coredomain_hwservice; 89*e4a36f41SAndroid Build Coastguard Workertype hidl_base_hwservice, hwservice_manager_type; 90*e4a36f41SAndroid Build Coastguard Workertype hidl_manager_hwservice, hwservice_manager_type, coredomain_hwservice; 91*e4a36f41SAndroid Build Coastguard Workertype hidl_memory_hwservice, hwservice_manager_type, coredomain_hwservice; 92*e4a36f41SAndroid Build Coastguard Workertype hidl_token_hwservice, hwservice_manager_type, coredomain_hwservice; 93*e4a36f41SAndroid Build Coastguard Worker 94*e4a36f41SAndroid Build Coastguard Worker### 95*e4a36f41SAndroid Build Coastguard Worker### Neverallow rules 96*e4a36f41SAndroid Build Coastguard Worker### 97*e4a36f41SAndroid Build Coastguard Worker 98*e4a36f41SAndroid Build Coastguard Worker# hwservicemanager handles registering or looking up named services. 99*e4a36f41SAndroid Build Coastguard Worker# It does not make sense to register or lookup something which is not a 100*e4a36f41SAndroid Build Coastguard Worker# hwservice. Trigger a compile error if this occurs. 101*e4a36f41SAndroid Build Coastguard Workerneverallow domain ~hwservice_manager_type:hwservice_manager { add find }; 102