device: relabel rfkill state for USB Bluetooth

This is a workaround for the issue that the node cannot be easily labeled via genfs_contexts. Signed-off-by: hmz007 <hmz007@gmail.com>
6 months ago · a14ee00cc7
parent 8e30235731
commit a14ee00cc7
4 changed files with 26 additions and 1 deletions
--- a/device/rockchip/common/sepolicy/vendor/usb_dongle.te
+++ b/device/rockchip/common/sepolicy/vendor/usb_dongle.te
@ -8,10 +8,14 @@ allow usb_dongle self:netlink_kobject_uevent_socket { create read setopt };
 allow usb_dongle usb_device:dir { open read };
 allow usb_dongle usb_dongle_exec:file execute_no_trans;
 allow usb_dongle vendor_shell_exec:file execute_no_trans;
+allow usb_dongle vendor_toolbox_exec:file execute_no_trans;
 allow usb_dongle self:netlink_kobject_uevent_socket { bind getopt };
 allow usb_dongle sysfs:dir { open read };
 allow usb_dongle sysfs:file { getattr open read };
 allow usb_dongle sysfs_net:dir { open read search };
-allow usb_dongle sysfs_net:file { getattr open read };
+allow usb_dongle sysfs_net:file { getattr open read relabelfrom };
+allow usb_dongle sysfs_bluetooth_writable:dir { open read search };
+allow usb_dongle sysfs_bluetooth_writable:file relabelto;
+allow usb_dongle self:capability fowner;
 allow usb_dongle usb_device:chr_file { ioctl open read write };
 allow usb_dongle usb_device:dir search;
--- a/device/rockchip/rk356x/nanopi5_box/init.usbmod.sh
+++ b/device/rockchip/rk356x/nanopi5_box/init.usbmod.sh
@ -3,3 +3,10 @@
 # send standard EJECT for some usb wifi dongles
 usb_modeswitch -v 0x0e8d -p 0x2870 -K
 usb_modeswitch -v 0x0bda -p 0x1a2b -K
+
+# relabel rfkill for usb bluetooth
+for d in /sys/class/rfkill/rfkill*; do
+  if grep bluetooth $d/type >/dev/null 2>&1; then
+    chcon u:object_r:sysfs_bluetooth_writable:s0 $d/state
+  fi
+done
--- a/device/rockchip/rk3576/nanopim5_box/init.usbmod.sh
+++ b/device/rockchip/rk3576/nanopim5_box/init.usbmod.sh
@ -3,3 +3,10 @@
 # send standard EJECT for some usb wifi dongles
 usb_modeswitch -v 0x0e8d -p 0x2870 -K
 usb_modeswitch -v 0x0bda -p 0x1a2b -K
+
+# relabel rfkill for usb bluetooth
+for d in /sys/class/rfkill/rfkill*; do
+  if grep bluetooth $d/type >/dev/null 2>&1; then
+    chcon u:object_r:sysfs_bluetooth_writable:s0 $d/state
+  fi
+done
--- a/device/rockchip/rk3588/nanopi6_box/init.usbmod.sh
+++ b/device/rockchip/rk3588/nanopi6_box/init.usbmod.sh
@ -3,3 +3,10 @@
 # send standard EJECT for some usb wifi dongles
 usb_modeswitch -v 0x0e8d -p 0x2870 -K
 usb_modeswitch -v 0x0bda -p 0x1a2b -K
+
+# relabel rfkill for usb bluetooth
+for d in /sys/class/rfkill/rfkill*; do
+  if grep bluetooth $d/type >/dev/null 2>&1; then
+    chcon u:object_r:sysfs_bluetooth_writable:s0 $d/state
+  fi
+done