1*e4a36f41SAndroid Build Coastguard Workertype hal_can_socketcan, domain; 2*e4a36f41SAndroid Build Coastguard Workerhal_server_domain(hal_can_socketcan, hal_can_controller) 3*e4a36f41SAndroid Build Coastguard Workerhal_server_domain(hal_can_socketcan, hal_can_bus) 4*e4a36f41SAndroid Build Coastguard Worker 5*e4a36f41SAndroid Build Coastguard Workertype hal_can_socketcan_exec, exec_type, vendor_file_type, file_type; 6*e4a36f41SAndroid Build Coastguard Workerinit_daemon_domain(hal_can_socketcan) 7*e4a36f41SAndroid Build Coastguard Worker 8*e4a36f41SAndroid Build Coastguard Worker# Managing SocketCAN interfaces 9*e4a36f41SAndroid Build Coastguard Workerallow hal_can_socketcan self:capability net_admin; 10*e4a36f41SAndroid Build Coastguard Workerallow hal_can_socketcan self:netlink_route_socket { create bind write nlmsg_write read }; 11*e4a36f41SAndroid Build Coastguard Worker 12*e4a36f41SAndroid Build Coastguard Worker# See man page for netdevice(7) for more info on ioctls 13*e4a36f41SAndroid Build Coastguard Workerallow hal_can_socketcan self:udp_socket { create ioctl }; 14*e4a36f41SAndroid Build Coastguard Workerallowxperm hal_can_socketcan self:udp_socket ioctl { 15*e4a36f41SAndroid Build Coastguard Worker SIOCGIFINDEX 16*e4a36f41SAndroid Build Coastguard Worker SIOCGIFFLAGS 17*e4a36f41SAndroid Build Coastguard Worker SIOCSIFFLAGS 18*e4a36f41SAndroid Build Coastguard Worker}; 19*e4a36f41SAndroid Build Coastguard Worker 20*e4a36f41SAndroid Build Coastguard Worker# Communicating with SocketCAN interfaces and bringing them up/down 21*e4a36f41SAndroid Build Coastguard Workerallow hal_can_socketcan self:can_socket { bind create read write ioctl setopt }; 22*e4a36f41SAndroid Build Coastguard Workerallowxperm hal_can_socketcan self:can_socket ioctl { 23*e4a36f41SAndroid Build Coastguard Worker SIOCGIFFLAGS 24*e4a36f41SAndroid Build Coastguard Worker SIOCSIFFLAGS 25*e4a36f41SAndroid Build Coastguard Worker}; 26*e4a36f41SAndroid Build Coastguard Worker 27*e4a36f41SAndroid Build Coastguard Worker# Un-publishing ICanBus interfaces 28*e4a36f41SAndroid Build Coastguard Workerallow hal_can_socketcan hidl_manager_hwservice:hwservice_manager find; 29*e4a36f41SAndroid Build Coastguard Worker 30*e4a36f41SAndroid Build Coastguard Workerallow hal_can_socketcan sysfs:dir r_dir_perms; 31*e4a36f41SAndroid Build Coastguard Worker 32*e4a36f41SAndroid Build Coastguard Workerallow hal_can_socketcan usb_serial_device:chr_file { ioctl read write open }; 33*e4a36f41SAndroid Build Coastguard Workerallowxperm hal_can_socketcan usb_serial_device:chr_file ioctl { 34*e4a36f41SAndroid Build Coastguard Worker TCGETS 35*e4a36f41SAndroid Build Coastguard Worker TCSETSW 36*e4a36f41SAndroid Build Coastguard Worker TIOCGSERIAL 37*e4a36f41SAndroid Build Coastguard Worker TIOCSSERIAL 38*e4a36f41SAndroid Build Coastguard Worker TIOCSETD 39*e4a36f41SAndroid Build Coastguard Worker SIOCGIFNAME 40*e4a36f41SAndroid Build Coastguard Worker}; 41