From a14ee00cc735384e8933facd4cf12abe49d00948 Mon Sep 17 00:00:00 2001 From: hmz007 Date: Wed, 27 Aug 2025 18:07:14 +0800 Subject: [PATCH] device: relabel rfkill state for USB Bluetooth This is a workaround for the issue that the node cannot be easily labeled via genfs_contexts. Signed-off-by: hmz007 --- device/rockchip/common/sepolicy/vendor/usb_dongle.te | 6 +++++- device/rockchip/rk356x/nanopi5_box/init.usbmod.sh | 7 +++++++ device/rockchip/rk3576/nanopim5_box/init.usbmod.sh | 7 +++++++ device/rockchip/rk3588/nanopi6_box/init.usbmod.sh | 7 +++++++ 4 files changed, 26 insertions(+), 1 deletion(-) diff --git a/device/rockchip/common/sepolicy/vendor/usb_dongle.te b/device/rockchip/common/sepolicy/vendor/usb_dongle.te index 6d91cf912b9..c51b411dc58 100644 --- a/device/rockchip/common/sepolicy/vendor/usb_dongle.te +++ b/device/rockchip/common/sepolicy/vendor/usb_dongle.te @@ -8,10 +8,14 @@ allow usb_dongle self:netlink_kobject_uevent_socket { create read setopt }; allow usb_dongle usb_device:dir { open read }; allow usb_dongle usb_dongle_exec:file execute_no_trans; allow usb_dongle vendor_shell_exec:file execute_no_trans; +allow usb_dongle vendor_toolbox_exec:file execute_no_trans; allow usb_dongle self:netlink_kobject_uevent_socket { bind getopt }; allow usb_dongle sysfs:dir { open read }; allow usb_dongle sysfs:file { getattr open read }; allow usb_dongle sysfs_net:dir { open read search }; -allow usb_dongle sysfs_net:file { getattr open read }; +allow usb_dongle sysfs_net:file { getattr open read relabelfrom }; +allow usb_dongle sysfs_bluetooth_writable:dir { open read search }; +allow usb_dongle sysfs_bluetooth_writable:file relabelto; +allow usb_dongle self:capability fowner; allow usb_dongle usb_device:chr_file { ioctl open read write }; allow usb_dongle usb_device:dir search; diff --git a/device/rockchip/rk356x/nanopi5_box/init.usbmod.sh b/device/rockchip/rk356x/nanopi5_box/init.usbmod.sh index bec095925c4..4a20217f01e 100755 --- a/device/rockchip/rk356x/nanopi5_box/init.usbmod.sh +++ b/device/rockchip/rk356x/nanopi5_box/init.usbmod.sh @@ -3,3 +3,10 @@ # send standard EJECT for some usb wifi dongles usb_modeswitch -v 0x0e8d -p 0x2870 -K usb_modeswitch -v 0x0bda -p 0x1a2b -K + +# relabel rfkill for usb bluetooth +for d in /sys/class/rfkill/rfkill*; do + if grep bluetooth $d/type >/dev/null 2>&1; then + chcon u:object_r:sysfs_bluetooth_writable:s0 $d/state + fi +done diff --git a/device/rockchip/rk3576/nanopim5_box/init.usbmod.sh b/device/rockchip/rk3576/nanopim5_box/init.usbmod.sh index bec095925c4..4a20217f01e 100755 --- a/device/rockchip/rk3576/nanopim5_box/init.usbmod.sh +++ b/device/rockchip/rk3576/nanopim5_box/init.usbmod.sh @@ -3,3 +3,10 @@ # send standard EJECT for some usb wifi dongles usb_modeswitch -v 0x0e8d -p 0x2870 -K usb_modeswitch -v 0x0bda -p 0x1a2b -K + +# relabel rfkill for usb bluetooth +for d in /sys/class/rfkill/rfkill*; do + if grep bluetooth $d/type >/dev/null 2>&1; then + chcon u:object_r:sysfs_bluetooth_writable:s0 $d/state + fi +done diff --git a/device/rockchip/rk3588/nanopi6_box/init.usbmod.sh b/device/rockchip/rk3588/nanopi6_box/init.usbmod.sh index bec095925c4..4a20217f01e 100755 --- a/device/rockchip/rk3588/nanopi6_box/init.usbmod.sh +++ b/device/rockchip/rk3588/nanopi6_box/init.usbmod.sh @@ -3,3 +3,10 @@ # send standard EJECT for some usb wifi dongles usb_modeswitch -v 0x0e8d -p 0x2870 -K usb_modeswitch -v 0x0bda -p 0x1a2b -K + +# relabel rfkill for usb bluetooth +for d in /sys/class/rfkill/rfkill*; do + if grep bluetooth $d/type >/dev/null 2>&1; then + chcon u:object_r:sysfs_bluetooth_writable:s0 $d/state + fi +done