LenovoZ5s/device_lenovo_sdm710-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
923 commits 6 branches 0 tags 181 MiB
Commit graph

35 commits

Author SHA1 Message Date
Ultra119
954ce897e9 sdm710-common: sepolicy: Allow zygote to access unix_stream_socket 
*W FinalizerDaemon: type=1400 audit(0.0:232): avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:system_app:s0 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0
*W FinalizerDaemon: type=1400 audit(0.0:355): avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:platform_app:s0:c512,c768 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0 app=com.motorola.dolby.dolbyui
*W FinalizerDaemon: type=1400 audit(0.0:438): avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:priv_app:s0:c512,c768 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0 app=com.android.wallpaper
 2023-06-24 15:13:20 +03:00
Ultra119
80eccb3178 sdm710-common: sepolicy: Allow recovery to access pstore 2023-06-24 15:13:20 +03:00
Ultra119
e6170b67a5 sdm710-common: sepolicy: Fix avc denial related to hal_graphics_composer_default 
ERROR:
avc: denied { read } for name="u:object_r:bootanim_system_prop:s0" dev="tmpfs" ino=18555 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:bootanim_system_prop:s0 tclass=file
 2023-06-24 15:13:20 +03:00
Ultra119
4d875c79a2 sdm710-common: sepolicy: Extend untrusted_app access to battery/power supply sysfs 
W/changed_service(7624): type=1400 audit(0.0:2724): avc: denied { search } for name="battery" dev="sysfs" ino=48984 scontext=u:r:untrusted_app:s0:c206,c256,c512,c768 tcontext=u:object_r:sysfs_battery_supply:s0
 2023-06-24 15:13:20 +03:00
Cyber Knight
f8e389999a
sdm710-common: Build KProfiles 
- Inherit KProfiles.
- Address sepolicy.
- Define sysfs_kprofiles as a domain.
- Fix permission of nodes relevant to KProfiles at boot.

Signed-off-by: Cyber Knight <cyberknight755@gmail.com>
 2023-06-21 14:24:45 +03:00
emufan4568
1f9b588765
sdm710-common: Allow wcnss_service to run shell 
* avc: denied { execute_no_trans } for path="/vendor/bin/sh" dev="sda16" ino=247 scontext=u:r:wcnss_service:s0 tcontext=u:object_r:vendor_shell_exec:s0 tclass=file permissive=1
 2023-06-17 17:04:00 +03:00
erikdrozina
19bb8c274d
sdm710-common: sepolicy: Label some RIL property 
W libc    : Unable to set property "ro.vendor.ril.svlte1x" to "false": error code: 0xb
W libc    : Unable to set property "ro.vendor.ril.svdo" to "false": error code: 0xb
W libc    : Unable to set property "ro.ril.supportLTE" to "1": error code: 0xb

Co-authored-by: Master <mhmdeveloperofficial@gmail.com>
 2023-06-17 17:03:49 +03:00
Ultra119
229b7a415d
sdm710-common: sepolicy: Give QCOM TEE directory access to tmpfs 
08-28 01:02:14.567   893   909 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x64000
08-28 01:02:14.568   893   909 D QSEECOMAPI: App is not loaded in QSEE
08-28 01:02:14.568   893   909 E QSEECOMAPI: Error::Cannot open the file /vendor/firmware_mnt/image/widevine.mdt errno = 2
08-28 01:02:14.568   893   909 E QSEECOMAPI: Error::Loading image failed with ret = -1
08-28 01:02:14.571   893   909 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x64000
08-28 01:02:14.571   893   909 D QSEECOMAPI: App is not loaded in QSEE
08-28 01:02:14.595   893   909 D QSEECOMAPI: Loaded image: APP id = 24
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: ---------------Widevine OEMCrypto configuration-----------------
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: TA-HLOS interface                    :   QSEECOM
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Crypto Engine SMMU Virtual Address   :   Yes
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Measure elapsed time                 :   No
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Inplace decryption for clear buffer  :   Yes
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Frame Assembly                       :   Yes
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Scratch buffer size                  :   4194304
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Decrypt hash tests                   :   No
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Secure buffer tests                  :   No
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: ----------------------------------------------------------------
08-28 01:02:14.598   624   633 D DrmLibTime: got the req here! ret=0
08-28 01:02:14.599   624   633 D DrmLibTime: command id, time_cmd_id = 770
08-28 01:02:14.599   624   633 D DrmLibTime: time_getutcsec starts!
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: time_getutcsec
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: get_utc_seconds
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: time_get_modem_time
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: Checking if ATS_MODEM is set or not.
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: pargs->base = 13
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: pargs->operation = 2
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: pargs->ts_val = 0
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: Send to server  passed!!
08-28 01:02:14.599   726  1000 D QC-time-services: Daemon: Connection accepted:time_genoff
08-28 01:02:14.599   726 25387 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 2,value = 0
08-28 01:02:14.599   726 25387 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 2
08-28 01:02:14.599   726 25387 D QC-time-services: offset is: 1 for base: 13
08-28 01:02:14.599   624   633 E QC-time-services: Receive Passed == base = 13, unit = 1, operation = 2, result = 0
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: ATS_MODEM is set. Try to retrieve it.
08-28 01:02:14.599   726  1000 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
08-28 01:02:14.599   726  1000 D QC-time-services: Daemon: Connection accepted:time_genoff
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 1,value = 0
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 1
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon: genoff get for 13
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from QTimer mseconds = 25504420
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from RTC mseconds on boot = 14864938000
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from QTimer mseconds = 25504420
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from generic offset = 1646729299436
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Delta read on boot mseconds = 14864929606
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Final Time = 1661619733462
08-28 01:02:14.600   624   633 D DrmLibTime: QSEE Time Listener: Time GenOff - seconds: 1661619733
08-28 01:02:14.600   624   633 D DrmLibTime: time_getutcsec returns 0, sec = 1661619733; nsec = 0
08-28 01:02:14.600   624   633 D DrmLibTime: time_getutcsec finished!
08-28 01:02:14.600   624   633 D DrmLibTime: iotcl_continue_command finished! and return 0
08-28 01:02:14.600   624   633 D DrmLibTime: before calling ioctl to read the next time_cmd
08-28 01:02:14.601   726  1000 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
08-28 01:02:14.615   624   624 W qseecomd: type=1400 audit(0.0:880): avc: denied { read } for name="/" dev="tmpfs" ino=1039 scontext=u:r:tee:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0
 2023-06-17 17:03:39 +03:00
Ultra119
712c0269bb
sdm710-common: sepolicy: Fix up libperfmgr crash on logs 
W/libperfmgr(798): Failed to write to node: /proc/sys/kernel/sched_boost with value: 0, fd: -1
 2023-06-17 17:03:33 +03:00
giasen
c69c3e3d54 fixup: sdm710-common: update power sepolicy from xiaomi-sdm845 
- remove unwanted rc file
 2022-11-12 15:09:34 +01:00
jjpprrrr
14ed563a24
sdm710-common: sepolicy: specify the owner of vendor props 
vendor_fp_prop is public because apps like Alipay may access it
to enable biometrics payment authentication.
sdm710: Drop a neverallow
 2021-10-30 12:58:35 +02:00
Chenyang Zhong
ed065abb05
sdm710-common: sepolicy: allow vendor_init to read persist_debug_prop 
Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
 2021-10-20 22:42:05 +02:00
Giammarco Senatore
c2918e4349
sdm710-common: Add file_contexts for neuralnetworks hal 2021-08-18 13:16:08 +02:00
Giammarco Senatore
09cd80eeb5
sdm710-common: Go enforcing 
- major cleanup
- sepolicy from xiaomi-sdm845-common
- label both goodix and fpc
- allystar GPS uart port and ontim nodes
 2021-08-11 22:41:19 +02:00
Giammarco Senatore
f6f497c743
sdm710-common: Initial commonized tree 
* minor cleanup in overlay and init rc
* drop dolby
 2021-07-25 21:56:17 +02:00
Ethan Chen
4efd4900c5
kunlun2: Enable Pixel atrace HAL 
Change-Id: I34691e5e909b6ca76dc97fd5c45328e3f80b67e1
Signed-off-by: Henrique Pereira <hlcpereira@pixelexperience.org>
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-17 18:48:16 +02:00
Giammarco Senatore
c119216557
kunlun2: Address some initial denials 
- Nuke folder creation that breaks encryption
- Nuke permissivers and other creepy things
- Properly label light and fp HALs
- Address initial fingerprint denials
- Label camera zui prop
 2021-07-17 18:11:00 +02:00
Bruno Martins
961898527d
sepolicy: Add thermal-engine rules 
Signed-off-by: DennySPb <dennyspb@gmail.com>
Change-Id: I4ef5664b036d0cff81ebb39646276b208da4986b
 2021-07-16 23:25:14 +02:00
DennySPb
37b5c61917
sepolicy: Fix camera properties for vendor build 
Signed-off-by: DennySPb <dennyspb@gmail.com>
Change-Id: I9eda9aa87102c44400c4dfb48588835d6ecb834f
 2021-07-16 22:07:31 +02:00
GiaSen
57e6de12d3
sepolicy: address some more denials 
and nuke neverallows
 2021-07-16 18:44:08 +02:00
Adam Shih
84460e3bdf
sepolicy: gmscore_app: suppress denials on firmware 
Bug: 149543390
Bug: 149062700
Bug: 151195371
Test: boot with no gmscore_app avc error
Change-Id: I4c667b86863121529f7c3a24b9daf615260104c7
Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:44:07 +02:00
Pig
be846c32da
sepolicy: ignore hardless QCOM denials 
Change-Id: Ie8f74bde8aeedbd134b11307221c1f930ea4f5dc
Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:44:07 +02:00
Ashwin R C
ec1d9ed563
sepolicy: Allow hal_audio_default to read audio_device 
audio_hw_primary: pcm_open_prepare_helper: cannot open device '/dev/snd/pcmC0D0p': Permission denied

Change-Id: I8fb7ec2c269fca6b8bf21aacf521990e9279418d
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:44:06 +02:00
LuK1337
4652cba66e
sepolicy: Address hal_audio_default denials 
Change-Id: I67b064ccf1d84ca4b891f1cdb4f4d6ecebdbce23
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:44:05 +02:00
LuK1337
1efea1f5bc
kunlun2: sepolicy: Address time_daemon denials 
Change-Id: I83947a673ed19cfc20c130fb133d1957aa44d284
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:44:05 +02:00
LuK1337
2f47635396
kunlun2: sepolicy: Address qti_init_shell denials 
Change-Id: I21807dc3ae7b7c073b3b06f1412ccc21a727b497
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:44:05 +02:00
LuK1337
7f69622f6f
sepolicy: Address kernel denials 
Change-Id: Ie506bd769173d1c5780cfbf8b2740b5c5d66d8c5
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:44:05 +02:00
Scott Warner
933e39f1c8
sepolicy: Address hal_graphics_composer_default denials 
Change-Id: Iff994cc69d8e11b746cda5a5517c0cf0deea8c86
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:43:59 +02:00
Scott Warner
047ebfb3ab
sepolicy: Address sensors denials 
Change-Id: Iff842e7333fba5dd17cb3675caede95dd37e3780
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:42:51 +02:00
LuK1337
ff0ea35f8a
kunlun2: sepolicy: Address hal_sensors_default denials 
Change-Id: I211841e7709e6e54edcce9951f5a52f7b7be6158
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:34:31 +02:00
LuK1337
cd50185651
sepolicy: rild: file->dir 
Change-Id: I631cc080ad0dedecf24476bac84064575b809809
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:34:31 +02:00
LuK1337
da6ae287a6
sepolicy: Address rild denials 
Change-Id: Ia081566c64e7cdc4007baab0de61ba8e62906a61
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 18:34:21 +02:00
Giammarco Senatore
dfbc4aeaba
kunlun2: Nuke neverallows 
for real now
 2021-07-16 18:33:17 +02:00
LuK1337
68d09ebf7f
Drop SSR blobs and set SSR restart_level in init.qcom.rc 
Change-Id: I32fc08c9ad36b9c8ebfc019fc87a19eece18f0b4
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-16 17:54:58 +02:00
DennySPb
14f08dc1fe
Initial selinux policies 
* convert existing one to vendor
 2021-07-16 17:54:51 +02:00