OpenHarmony6.1移植DLNA投屏功能
OH6.1移植DLNA
DLNA的移植涉及到以下几个方面:
1. 依赖libupnp(third_party/libupnp)
https://gitcode.com/ohos-oneconnect/third_party_libupnp
需要修改以下的JSON文件:
build/bundle.sjon文件,在third_party选项中加入"libupnp"
build/third_party_allow_list.son文件中加入"libupnp"
2. 依赖libjpeg-turbo(third_party/libjpeg-turbo)
需要修改BUILD.gn文件:
third_party/libjpeg-turbo/BUILD.gn文件中,在visibility选项中加入
"//foundation/CastEngine/castengine_dlna/dmr/service:cast_engine_dmr",
3. castengine_dlna(foundation/CastEngine/castengine_dlna)
https://gitcode.com/ohos-oneconnect/castengine_dlna/tree/OpenHarmony-5.1.0-Release
(1)需要修改vendor/goke/gk6780v100/config.json文件:
在castplus子系统中增加cast_engine_dlna组件
{
"component": "cast_engine_dlna",
"features": []
}
(2)需要修改foundation/CastEngine/castengine_dlna/dmr/etc/init/cast_engine_dmr.cfg文件
在cast_engine_dmr.cfg文件中的services的permission中加入后台启动权限和启动不可见组件权限,以便正常拉起投屏APP。
"ohos.permission.START_ABILITIES_FROM_BACKGROUND",
"ohos.permission.START_INVISIBLE_ABILITY"
4. cast_engine_dmr服务的group和passwd配置
需要修改base/startup/init/services/etc/group文件和base/startup/init/services/etc/passwd文件
base/startup/init/services/etc/group文件中加入 cast_engine_dmr:x:1603:
base/startup/init/services/etc/passwd文件中加入 cast_engine_dmr:x:1603:1603:::/bin/false
5. selinux的配置(base/security/selinux_adapter)
以下是相关selinux的patch包:
diff --git a/sepolicy/base/public/service.te b/sepolicy/base/public/service.te
index d41151e24..4152e1359 100644
--- a/sepolicy/base/public/service.te
+++ b/sepolicy/base/public/service.te
@@ -55,6 +55,7 @@ type sa_miscdevice_service, sa_service_attr;
type sa_time_service, sa_service_attr;
type sa_inputmethod_service, sa_service_attr;
type sa_param_watcher, sa_service_attr;
+type sa_foundation_tel_call_manager, sa_service_attr;
type sa_telecom_tel_call_manager, sa_service_attr;
type sa_telephony_tel_cellular_call, sa_service_attr;
type sa_telephony_tel_core_service, sa_service_attr;
@@ -229,5 +230,5 @@ type sa_devattest_service, sa_service_attr;
type sa_oaid_service, sa_service_attr;
type sa_ui_appearance, sa_service_attr;
type sa_device_standby, sa_service_attr;
-
+type sa_cast_engine_dmr, sa_service_attr;
diff --git a/sepolicy/base/public/service_contexts b/sepolicy/base/public/service_contexts
index c8d394afd..44b1e03a8 100644
--- a/sepolicy/base/public/service_contexts
+++ b/sepolicy/base/public/service_contexts
@@ -104,6 +104,7 @@
1600 u:object_r:sa_subsys_global_service:s0
1601 u:object_r:sa_enterprise_device_manager_service:s0
1602 u:object_r:sa_i18n_service:s0
+1603 u:object_r:sa_cast_engine_dmr:s0
1700 u:object_r:sa_subsys_graphic_service:s0
1800 u:object_r:sa_subsys_hbs_service:s0
1900 u:object_r:sa_subsys_iaware_service:s0
@@ -194,6 +195,7 @@
4000 u:object_r:sa_subsys_telepony_service:s0
4001 u:object_r:sa_telephony_service:s0
4002 u:object_r:sa_dcall_service:s0
+4003 u:object_r:sa_foundation_tel_call_manager:s0
4005 u:object_r:sa_telecom_tel_call_manager:s0
4006 u:object_r:sa_telephony_tel_cellular_call:s0
4007 u:object_r:sa_telephony_tel_cellular_data:s0
diff --git a/sepolicy/base/public/type.te b/sepolicy/base/public/type.te
index aa3c64e29..d9bf65993 100644
--- a/sepolicy/base/public/type.te
+++ b/sepolicy/base/public/type.te
@@ -55,6 +55,7 @@ type limit_domain, develop_domain;
type device_usage_statistics_service, sadomain, domain;
type thermal_sa, sadomain, domain;
type nfc_service, sadomain, domain;
+type cast_engine_dmr, sadomain, domain;
type watchdog_service, sadomain, domain;
type watchdog_service_exec, exec_attr, file_attr, system_file_attr;
diff --git a/sepolicy/base/system/system_domain.te b/sepolicy/base/system/system_domain.te
index 84fee398c..e5b970443 100644
--- a/sepolicy/base/system/system_domain.te
+++ b/sepolicy/base/system/system_domain.te
@@ -56,7 +56,7 @@ neverallow { system_domain } vendor_bin_file:{ blk_file chr_file fifo_file sock_
# Prohibit system component processes from accessing vendor etc files to achieve access isolation
neverallow { system_domain -vendor_etc_file_violator_dir } vendor_etc_file:dir ~{ search getattr read open mounton relabelto };
-neverallow { system_domain -bootanimation -ispserver -media_service -misc -multimodalinput -resource_schedule_service -samgr -foundation -powermgr -accountmgr -oaid_service
+neverallow { system_domain -bootanimation -ispserver -media_service -misc -multimodalinput -resource_schedule_service -samgr -foundation -powermgr -accountmgr -oaid_service -cast_engine_dmr
-nfc_service -wifi_hal_service -telephony_sa -dhardware -dinput -hdf_devmgr -hiview -memmgrservice -msdp_sa -audio_server -av_codec_service -resource_schedule_executor
-multimodalinput -charger -concurrent_task_service -resource_schedule_service -dlp_permission_service -sensors -appspawn -init -ueventd -telephony_sa
-module_update_service -sys_installer_sa -updater_binary -nwebspawn -module_update_service -vendor_etc_file_violator_dir_search -cjappspawn
diff --git a/sepolicy/base/te/cast_engine_dlna.te b/sepolicy/base/te/cast_engine_dlna.te
new file mode 100755
index 000000000..23681dcc5
--- /dev/null
+++ b/sepolicy/base/te/cast_engine_dlna.te
@@ -0,0 +1,143 @@
+# Copyright (c) 2022-2023 Huawei Device Co., Ltd.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+allow teecd persist_param:file { map open read };
+allow param_watcher cast_engine_dmr:binder { call };
+allow netmanager cast_engine_dmr:binder { call };
+allow init cast_engine_dmr:process { transition rlimitinh siginh };
+allow dlp_permission_service self:unix_dgram_socket { getopt setopt };
+allow local_code_sign persist_param:file { map open read };
+allow cloudfiledaemon dev_kmsg_file:chr_file { open write };
+allow render_service dev_mali:chr_file ioctl;
+allow multimodalinput chip_prod_file:dir { search };
+allow multimodalinput sys_prod_file:dir { search };
+allow audio_server samgr:binder { transfer call impersonate };
+allow audio_server cast_engine_dmr:binder { transfer call impersonate };
+allow samgr audio_server:binder { transfer call impersonate };
+allow samgr data_local:dir { search };
+allow samgr sh_exec:file { map };
+allow system_core_hap appspawn:fifo_file { read };
+allow system_core_hap sys_prod_file:dir { search };
+allow system_core_hap sa_cast_engine_dmr:samgr_class { add get };
+allow media_service cast_engine_dmr:binder { impersonate call transfer };
+allow media_service netmanager:binder { call };
+allow media_service render_service:binder { transfer };
+allow appspawn sysfs_hungtask_userlist:file { read write open };
+allow appspawn dev_file:dir { add_name write create };
+allow appspawn data_data_file:dir { search };
+allow appspawn data_user_file:dir { getattr };
+allow cast_engine_dmr system_usr_file:file { map };
+allow cast_engine_dmr system_usr_file:file { open read getattr };
+allow cast_engine_dmr system_usr_file:dir { search };
+allow cast_engine_dmr vendor_etc_file:dir { search };
+allow cast_engine_dmr foundation:binder { transfer };
+allow cast_engine_dmr sa_audio_policy_service:samgr_class { get };
+allow cast_engine_dmr sa_foundation_cesfwk_service:samgr_class { get };
+allow cast_engine_dmr sa_memory_manager_service:samgr_class { add get };
+allow cast_engine_dmr sa_media_service:samgr_class { add get };
+allow cast_engine_dmr chip_prod_file:dir { search };
+allow cast_engine_dmr sys_prod_file:dir { search };
+allow cast_engine_dmr cast_engine_dmr:tcp_socket { connect shutdown read accept create setopt bind node_bind listen getattr write };
+allow cast_engine_dmr cast_engine_dmr:udp_socket { connect shutdown read accept create setopt bind node_bind listen getattr write };
+allow cast_engine_dmr node:tcp_socket { connect read write create setopt bind node_bind };
+allow cast_engine_dmr node:udp_socket { connect read write create setopt bind node_bind };
+allow cast_engine_dmr port:tcp_socket { name_connect name_bind };
+allow cast_engine_dmr port:udp_socket { name_bind };
+allow cast_engine_dmr cast_engine_dmr:netlink_route_socket { nlmsg_read create write read };
+allow system_core_hap cast_engine_dmr:binder { call transfer };
+allow cast_engine_dmr dev_console_file:chr_file { read write };
+allow cast_engine_dmr system_core_hap:binder { call };
+allowxperm cast_engine_dmr cast_engine_dmr:unix_dgram_socket ioctl { 0x5401 0x05411 0x5413-0x5414 0x541b 0x5421 0x5450-0x5451 0x8910 0x8933 };
+allow cast_engine_dmr cast_engine_dmr:unix_dgram_socket { getopt setopt ioctl };
+allow cast_engine_dmr sysfs_devices_system_cpu:file { open read getattr };
+allow cast_engine_dmr servicectrl_param:parameter_service { set };
+allow cast_engine_dmr self:process { rlimitinh siginh };
+allow cast_engine_dmr accesstoken_service:binder { call };
+allow cast_engine_dmr bootevent_param:file { map open read };
+allow cast_engine_dmr bootevent_samgr_param:file { map open read };
+allow cast_engine_dmr build_version_param:file { map open read };
+allow cast_engine_dmr const_allow_mock_param:file { map open read };
+allow cast_engine_dmr const_allow_param:file { map open read };
+allow cast_engine_dmr const_build_param:file { map open read };
+allow cast_engine_dmr const_display_brightness_param:file { map open read };
+allow cast_engine_dmr const_param:file { map open read };
+allow cast_engine_dmr const_postinstall_fstab_param:file { map open read };
+allow cast_engine_dmr const_postinstall_param:file { map open read };
+allow cast_engine_dmr const_product_param:file { map open read };
+allow cast_engine_dmr debug_param:file { map open read };
+allow cast_engine_dmr default_param:file { map read open };
+allow cast_engine_dmr dev_unix_socket:dir { search };
+allow cast_engine_dmr dhardware:binder { call transfer };
+allow cast_engine_dmr distributedsche_param:file { map open read };
+allow cast_engine_dmr foundation:binder { call };
+allow cast_engine_dmr hilog_param:file { map read open };
+allow cast_engine_dmr hw_sc_build_os_param:file { map open read };
+allow cast_engine_dmr hw_sc_build_param:file { map open read };
+allow cast_engine_dmr hw_sc_param:file { map open read };
+allow cast_engine_dmr init_param:file { map open read };
+allow cast_engine_dmr init_svc_param:file { map open read };
+allow cast_engine_dmr input_pointer_device_param:file { map open read };
+allow cast_engine_dmr audio_server:binder { transfer call impersonate };
+allow cast_engine_dmr sa_foundation_dms:samgr_class { get };
+allow cast_engine_dmr sa_pulseaudio_audio_service:samgr_class { get };
+allow cast_engine_dmr sa_render_service:samgr_class { get };
+allow cast_engine_dmr media_service:binder { impersonate transfer call };
+allow cast_engine_dmr render_service:binder { transfer call };
+allow cast_engine_dmr net_param:file { map open read };
+allow cast_engine_dmr net_tcp_param:file { map open read };
+allow cast_engine_dmr ohos_boot_param:file { map open read };
+allow cast_engine_dmr ohos_param:file { map open read };
+allow cast_engine_dmr param_watcher:binder { call transfer };
+allow cast_engine_dmr persist_param:file { map open read };
+allow cast_engine_dmr persist_sys_param:file { map open read };
+allow cast_engine_dmr powermgr:binder { call };
+allow cast_engine_dmr render_service:binder { call transfer };
+allow cast_engine_dmr sa_accesstoken_manager_service:samgr_class { add get };
+allow cast_engine_dmr sa_accountmgr:samgr_class { add get };
+allow cast_engine_dmr sa_cast_engine_dmr:samgr_class { add get };
+allow cast_engine_dmr sa_bgtaskmgr:samgr_class { add get };
+allow cast_engine_dmr sa_device_service_manager:samgr_class { add get };
+allow cast_engine_dmr sa_distributeddata_service:samgr_class { add get };
+allow cast_engine_dmr sa_distributeschedule:samgr_class { add get };
+allow cast_engine_dmr sa_foundation_abilityms:samgr_class { add get };
+allow cast_engine_dmr sa_foundation_ans:samgr_class { add };
+allow cast_engine_dmr sa_foundation_appms:samgr_class { add get };
+allow cast_engine_dmr sa_foundation_bms:samgr_class { add get };
+allow cast_engine_dmr sa_foundation_devicemanager_service:samgr_class { add get };
+allow cast_engine_dmr sa_foundation_tel_call_manager:samgr_class { add };
+allow cast_engine_dmr sa_foundation_wms:samgr_class { add get };
+allow cast_engine_dmr sa_powermgr_battery_service:samgr_class { get };
+allow cast_engine_dmr sa_powermgr_batterystats_service:samgr_class { get };
+allow cast_engine_dmr sa_powermgr_displaymgr_service:samgr_class { get };
+allow cast_engine_dmr sa_powermgr_powermgr_service:samgr_class { get };
+allow cast_engine_dmr sa_powermgr_thermal_service:samgr_class { get };
+allow cast_engine_dmr sa_memory_manager_service:samgr_class { get };
+allow cast_engine_dmr sa_msdp_devicestatus_service:samgr_class { get };
+allow cast_engine_dmr sa_multimodalinput_service:samgr_class { get };
+allow cast_engine_dmr sa_param_watcher:samgr_class { get };
+allow cast_engine_dmr sa_softbus_service:samgr_class { get };
+allow cast_engine_dmr sa_telephony_tel_cellular_call:samgr_class { get };
+allow cast_engine_dmr sa_useriam_useridm_service:samgr_class { get };
+allow cast_engine_dmr sa_useriam_userauth_service:samgr_class { get };
+allow cast_engine_dmr sa_net_conn_manager:samgr_class { get };
+allow cast_engine_dmr screenlock_server:binder { call transfer };
+allow cast_engine_dmr security_param:file { map open read };
+allow cast_engine_dmr startup_param:file { map open read };
+allow cast_engine_dmr sys_param:file { map open read };
+allow cast_engine_dmr system_bin_file:dir { search };
+allow cast_engine_dmr system_core_hap_attr:binder { call transfer };
+allow cast_engine_dmr sys_usb_param:file { map open read };
+allow cast_engine_dmr tracefs:dir { search };
+allow cast_engine_dmr tracefs_trace_marker_file:file { open write };
+allow cast_engine_dmr memmgrservice:binder { call transfer };
+allow cast_engine_dmr netmanager:binder { call transfer };
diff --git a/sepolicy/ohos_policy/useriam/user_auth/public/userauth.te b/sepolicy/ohos_policy/useriam/user_auth/public/userauth.te
index bf0f2bc12..8fabaf3bd 100644
--- a/sepolicy/ohos_policy/useriam/user_auth/public/userauth.te
+++ b/sepolicy/ohos_policy/useriam/user_auth/public/userauth.te
@@ -19,6 +19,6 @@ type sa_useriam_faceauth_service, sa_service_attr;
type sa_useriam_fingerprintauth_service, sa_service_attr;
type sa_useriam_companiondeviceauth_service, sa_service_attr;
-neverallow { domain -foundation -accountmgr -storage_daemon -hidumper_service -screenlock_server -huks_service -system_basic_hap_attr -system_core_hap_attr -useriam -domain_useridm_system_violators -rgm_violator_useridm } sa_useriam_useridm_service:samgr_class { get };
-neverallow { domain -hidumper_service -pinauth -system_basic_hap_attr -system_core_hap_attr -useriam } sa_useriam_authexecutormgr_service:samgr_class { get };
+neverallow { domain -foundation -accountmgr -storage_daemon -hidumper_service -screenlock_server -huks_service -system_basic_hap_attr -system_core_hap_attr -useriam -domain_useridm_system_violators -rgm_violator_useridm -cast_engine_dmr } sa_useriam_useridm_service:samgr_class { get };
+neverallow { domain -hidumper_service -pinauth -system_basic_hap_attr -system_core_hap_attr -useriam -cast_engine_dmr } sa_useriam_authexecutormgr_service:samgr_class { get };
diff --git a/sepolicy/whitelist/flex/domain_baseline.json b/sepolicy/whitelist/flex/domain_baseline.json
index a20f08bb1..fe05a9d81 100644
--- a/sepolicy/whitelist/flex/domain_baseline.json
+++ b/sepolicy/whitelist/flex/domain_baseline.json
@@ -136,7 +136,8 @@
"distributeddata",
"av_codec_service",
"distributedfile",
- "midi_server"
+ "midi_server",
+ "cast_engine_dmr"
],
"rgm_violator_sadomain": [],
"hap_domain": [
6. 总结
以上的步骤是在OH6.1上移植的,如果是在OH5.1上移植的话,那么libjpeg-turbo这一步不需要修改,castengine_dlna本身的cast_engine_dmr.cfg也不需要修改,相关的selinux也大致差不多。
社区规范:仅讨论OpenHarmony相关问题。
更多推荐
1
1- 0
已为社区贡献1条内容
所有评论(0)