You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
hmz007
f8b41b0f23
|
6 months ago | |
|---|---|---|
| .. | ||
| aidl_api/rockchip.aidl.vendorstorage | 10 months ago | |
| client | 10 months ago | |
| default | 6 months ago | |
| rockchip/aidl/vendorstorage | 10 months ago | |
| Android.bp | 10 months ago | |
| README.md | 10 months ago | |
| vendorstorage_service.mk | 10 months ago | |
README.md
Vendor Storage AIDL Lazy Service
How to use
-
Use normal service
PRODUCT_PACKAGES += rockchip.aidl.vendorstorage-service DEVICE_FRAMEWORK_COMPATIBILITY_MATRIX_FILE += hardware/rockchip/vendor_storage_service/default/frameworks_rockchip.aidl.vendorstorage-service.xml BOARD_SEPOLICY_DIRS += hardware/rockchip/vendor_storage_service/default/sepolicy -
Use updatable Apex
If you use Apex to ship, please be sure to replace the signature, otherwise it will be easy for someone to hack into and read and write vendor storage!
PRODUCT_PACKAGES += com.rockchip.hardware.vendorstorages DEVICE_FRAMEWORK_COMPATIBILITY_MATRIX_FILE += hardware/rockchip/vendor_storage_service/default/frameworks_rockchip.aidl.vendorstorage-service.xml BOARD_SEPOLICY_DIRS += hardware/rockchip/vendor_storage_service/default/sepolicy
Code/C++, NDK and Java are also supported, but you need to write the code yourself.
- Add
rockchip.aidl.vendorstorage-V1-ndktoshared_libsinAndroid.bp:
cc_binary {
name: "Example",
srcs: [
"Example.cpp",
],
shared_libs: [
"libbinder_ndk",
"libbase",
"rockchip.aidl.vendorstorage-V1-ndk",
],
}
- cpp file:
#include <aidl/rockchip/aidl/vendorstorage/IVendorStorage.h>
using ::aidl::rockchip::aidl::vendorstorage::IVendorStorage;
using ::aidl::rockchip::aidl::vendorstorage::VendorStorageCmd;
using ::aidl::rockchip::aidl::vendorstorage::VendorStorageRequest;
using ::aidl::rockchip::aidl::vendorstorage::VendorStorageResponse;
using ::aidl::rockchip::aidl::vendorstorage::IVendorStorageRunCallback;
using ::ndk::SpAIBinder;
using namespace std;
using ndk::SharedRefBase;
using ndk::ScopedAStatus;
......Omitted here main......
// Get vendorstorage service
const std::string instance = std::string() + IVendorStorage::descriptor + "/default";
vendorstorage = IVendorStorage::fromBinder(
SpAIBinder(AServiceManager_waitForService(instance.c_str())));
if (vendorstorage == nullptr) {
cout << "Failed to get service VendorStorage" << endl;
return -1;
}
// Call Initial
VendorStorageRequest request;
VendorStorageResponse response;
request.cmd = VendorStorageCmd::CMD_INIT;
vendorstorage->run(request, &response);
cout << "Initial with ret: " << response.toString() << endl;
// Read from vendorstorage
VendorStorageRequest request;
VendorStorageResponse response;
request.buf_size = 256;
request.cmd = VendorStorageCmd::CMD_READ;
request.id = 1 // ID;
aidl.run(request, &response);
std::string result(response.buf.begin(), response.buf.begin() + response.buf_size);
cout << "Read Result: " << result << endl;
// Write to vendorstorage
VendorStorageRequest request;
VendorStorageResponse response;
char *data = "RK3588SN1";
int data_len = strlen(data);
std::vector<uint8_t> requestValue(data, data + data_len);
request.cmd = VendorStorageCmd::CMD_WRITE;
request.id = 1 // ID;
request.buf = requestValue;
request.buf_size = data_len;
aidl.run(request, &response);
cout << "Write to vendorstorage: " << request.toString() << endl;
cout << "Response: " << response.toString() << endl;
- SELinux:
Add this rules if needed, for example, we need read calibration data in
sensors hal:
hal_client_domain(hal_sensors_default, hal_vendorstorage)
- Gave the permissions to the
shell(You can think of it asadb shell), Just test, If you open permissions to theshell, IT WILL BE VERY DANGEROUS!!!
diff --git a/default/sepolicy/hal_vendorstorage.te b/default/sepolicy/hal_vendorstorage.te
index 9cf264b..39fe1b8 100644
--- a/default/sepolicy/hal_vendorstorage.te
+++ b/default/sepolicy/hal_vendorstorage.te
@@ -11,4 +11,5 @@ neverallow {
-vndservicemanager
-hal_vendorstorage_client
-hal_sensors_server
+ -shell
} hal_vendorstorage_server:binder { call transfer };
diff --git a/default/sepolicy/hal_vendorstorage_default.te b/default/sepolicy/hal_vendorstorage_default.te
index 91aeeb0..f396566 100644
--- a/default/sepolicy/hal_vendorstorage_default.te
+++ b/default/sepolicy/hal_vendorstorage_default.te
@@ -8,7 +8,7 @@ binder_use(vendor-vendorstorage-default)
hal_client_domain(hal_sensors_default, hal_vendorstorage)
# !!!DANGEROUS!!!
-# hal_client_domain(shell, hal_vendorstorage)
+hal_client_domain(shell, hal_vendorstorage)
allow vendor-vendorstorage-default block_device:dir { search };
allow vendor-vendorstorage-default uboot_block_device:blk_file { read write };
Example
- client/client.cpp
IMPORTANT
Please replace the Apex signature yourself to prevent others from installing the apex program and causing security issues!
How to update Apex
$ export APEX_SIGN_NAME=com.rockchip.hardware.vendorstorages
$ openssl genrsa -out $APEX_SIGN_NAME.pem 4096
$ avbtool extract_public_key --key $APEX_SIGN_NAME.pem --output $APEX_SIGN_NAME.avbpubkey