Remove vendor Wifi and BT entries from fs_config.cpp

Their capability bits are now specified in their associated init .rc file, which is the proper place for this to be done. A notice is added to guide developers away from using android_files to give services Linux capabilities and to guide them away from adding vendor/ entries. Bug: 74554159 Test: BT, Wifi, Tethering work on walleye Merged-In: I13c425d022b4f5c217587cdf601884ef44650ac7 Change-Id: I13c425d022b4f5c217587cdf601884ef44650ac7 (cherry picked from commit b5e5c56401)
2018-03-28 13:25:11 -07:00 · 2018-03-28 13:25:11 -07:00 · 07aa2a6131
commit 07aa2a6131
parent 9a67c69e6c
1 changed files with 6 additions and 18 deletions
--- a/libcutils/fs_config.cpp
+++ b/libcutils/fs_config.cpp
@ -122,6 +122,12 @@ static const char* conf[][2] = {
    {odm_conf_file, odm_conf_dir},
 };

+// Do not use android_files to grant Linux capabilities.  Use ambient capabilities in their
+// associated init.rc file instead.  See https://source.android.com/devices/tech/config/ambient.
+
+// Do not place any new vendor/, data/vendor/, etc entries in android_files.
+// Vendor entries should be done via a vendor or device specific config.fs.
+// See https://source.android.com/devices/tech/config/filesystem#using-file-system-capabilities
 static const struct fs_path_config android_files[] = {
    // clang-format off
    { 00644, AID_SYSTEM,    AID_SYSTEM,    0, "data/app/*" },
@ -185,24 +191,6 @@ static const struct fs_path_config android_files[] = {
    // Support FIFO scheduling mode in SurfaceFlinger.
    { 00755, AID_SYSTEM,    AID_GRAPHICS,  CAP_MASK_LONG(CAP_SYS_NICE),
                                              "system/bin/surfaceflinger" },
-
-    // Support hostapd administering a network interface.
-    { 00755, AID_WIFI,      AID_WIFI,      CAP_MASK_LONG(CAP_NET_ADMIN) |
-                                           CAP_MASK_LONG(CAP_NET_RAW),
-                                              "vendor/bin/hostapd" },
-
-    // Support Bluetooth legacy hal accessing /sys/class/rfkill
-    // Support RT scheduling in Bluetooth
-    { 00700, AID_BLUETOOTH, AID_BLUETOOTH, CAP_MASK_LONG(CAP_NET_ADMIN) |
-                                           CAP_MASK_LONG(CAP_SYS_NICE),
-                                              "vendor/bin/hw/android.hardware.bluetooth@1.0-service" },
-
-    // Support wifi_hal_legacy administering a network interface.
-    { 00755, AID_WIFI,      AID_WIFI,      CAP_MASK_LONG(CAP_NET_ADMIN) |
-                                           CAP_MASK_LONG(CAP_NET_RAW) |
-                                           CAP_MASK_LONG(CAP_SYS_MODULE),
-                                           "vendor/bin/hw/android.hardware.wifi@1.0-service" },
-
    // generic defaults
    { 00755, AID_ROOT,      AID_ROOT,      0, "bin/*" },
    { 00640, AID_ROOT,      AID_SHELL,     0, "fstab.*" },