Gitiles
Code Review Sign In
review.blissroms.org / platform_system_core_old / 32dbd3756255a1969e1a4b1fd731eb710d8d7a9c^! / .
commit32dbd3756255a1969e1a4b1fd731eb710d8d7a9c[log] [tgz]
authorTom Cherry <tomcherry@google.com>Wed Mar 28 13:25:11 2018 -0700
committerTom Cherry <tomcherry@google.com>Thu Apr 05 10:40:49 2018 -0700
tree3448f7ecf0ec0a35f00c985ffdc9c9dc4dd3cd9a
parent126843a7be7939423387c094bc22da0f1137fe94 [diff]
Remove vendor Wifi and BT entries from fs_config.cpp

Their capability bits are now specified in their associated init .rc
file, which is the proper place for this to be done.

A notice is added to guide developers away from using android_files to
give services Linux capabilities and to guide them away from adding
vendor/ entries.

Bug: 74554159
Test: BT, Wifi, Tethering work on walleye
Merged-In: I13c425d022b4f5c217587cdf601884ef44650ac7
Change-Id: I13c425d022b4f5c217587cdf601884ef44650ac7
(cherry picked from commit b5e5c56401143122fed5687997b499eae66b841e)

diff --git a/libcutils/fs_config.cpp b/libcutils/fs_config.cpp
index f6f7128..0f2b460 100644
--- a/libcutils/fs_config.cpp
+++ b/libcutils/fs_config.cpp

@@ -122,6 +122,12 @@
     {odm_conf_file, odm_conf_dir},
 };
 
+// Do not use android_files to grant Linux capabilities.  Use ambient capabilities in their
+// associated init.rc file instead.  See https://source.android.com/devices/tech/config/ambient.
+
+// Do not place any new vendor/, data/vendor/, etc entries in android_files.
+// Vendor entries should be done via a vendor or device specific config.fs.
+// See https://source.android.com/devices/tech/config/filesystem#using-file-system-capabilities
 static const struct fs_path_config android_files[] = {
     // clang-format off
     { 00644, AID_SYSTEM,    AID_SYSTEM,    0, "data/app/*" },
@@ -185,24 +191,6 @@
     // Support FIFO scheduling mode in SurfaceFlinger.
     { 00755, AID_SYSTEM,    AID_GRAPHICS,  CAP_MASK_LONG(CAP_SYS_NICE),
                                               "system/bin/surfaceflinger" },
-
-    // Support hostapd administering a network interface.
-    { 00755, AID_WIFI,      AID_WIFI,      CAP_MASK_LONG(CAP_NET_ADMIN) |
-                                           CAP_MASK_LONG(CAP_NET_RAW),
-                                              "vendor/bin/hostapd" },
-
-    // Support Bluetooth legacy hal accessing /sys/class/rfkill
-    // Support RT scheduling in Bluetooth
-    { 00700, AID_BLUETOOTH, AID_BLUETOOTH, CAP_MASK_LONG(CAP_NET_ADMIN) |
-                                           CAP_MASK_LONG(CAP_SYS_NICE),
-                                              "vendor/bin/hw/android.hardware.bluetooth@1.0-service" },
-
-    // Support wifi_hal_legacy administering a network interface.
-    { 00755, AID_WIFI,      AID_WIFI,      CAP_MASK_LONG(CAP_NET_ADMIN) |
-                                           CAP_MASK_LONG(CAP_NET_RAW) |
-                                           CAP_MASK_LONG(CAP_SYS_MODULE),
-                                           "vendor/bin/hw/android.hardware.wifi@1.0-service" },
-
     // generic defaults
     { 00755, AID_ROOT,      AID_ROOT,      0, "bin/*" },
     { 00640, AID_ROOT,      AID_SHELL,     0, "fstab.*" },