MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

sdm660: Move folio_daemon to system in sepolicy

Browse source 
Remove Treble violations.

Bug: 36867326
Bug: 62387246
Test: loaded on taimen, checked dmesg, and tested daemon with magnet
Change-Id: I4662b41206b94cae6ac9843b5dc7e1452003c63c
This commit is contained in:
Jeff Vander Stoep 2017-06-21 09:43:32 -07:00 committed by Max Weffers
parent f554793657
commit c145e57b0f
No known key found for this signature in database
GPG key ID: 795F73D22FB93FAE
7 changed files with 7 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
folio_daemon/Android.mk
View file

@ -18,6 +18,5 @@ LOCAL_CFLAGS += -Wall -Werror
LOCAL_MODULE := folio_daemon LOCAL_MODULE := folio_daemon
LOCAL_MODULE_TAGS := optional LOCAL_MODULE_TAGS := optional
LOCAL_MODULE_OWNER := google LOCAL_MODULE_OWNER := google
LOCAL_PROPRIETARY_MODULE := true
include $(BUILD_EXECUTABLE) include $(BUILD_EXECUTABLE)

6
rootdir/etc/init.target.rc
View file

@ -152,17 +152,17 @@ on boot
chmod 660 /sys/devices/platform/kcal_ctrl.0/kcal_min chmod 660 /sys/devices/platform/kcal_ctrl.0/kcal_min
chmod 660 /sys/devices/platform/kcal_ctrl.0/kcal chmod 660 /sys/devices/platform/kcal_ctrl.0/kcal
service vendor.folio_daemon /vendor/bin/folio_daemon service folio_daemon /system/bin/folio_daemon
class late_start class late_start
user system user system
group system uhid group system uhid
disabled disabled
on property:init.svc.zygote=running on property:init.svc.zygote=running
start vendor.folio_daemon start folio_daemon
on property:init.svc.zygote=stopped on property:init.svc.zygote=stopped
stop vendor.folio_daemon stop folio_daemon
#Peripheral manager #Peripheral manager
service vendor.per_mgr /system/vendor/bin/pm-service service vendor.per_mgr /system/vendor/bin/pm-service

1
sepolicy/private/file_contexts Normal file
View file

@ -0,0 +1 @@
/system/bin/folio_daemon u:object_r:folio_daemon_exec:s0

8
sepolicy/vendor/folio_daemon.te → sepolicy/private/folio_daemon.te
View file

@ -1,15 +1,11 @@
type folio_daemon, domain, coredomain;
type folio_daemon_exec, exec_type, file_type;
type folio_daemon, domain;
type folio_daemon_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(folio_daemon) init_daemon_domain(folio_daemon)
allow folio_daemon binder_device:chr_file rw_file_perms; allow folio_daemon binder_device:chr_file rw_file_perms;
allow folio_daemon uhid_device:chr_file rw_file_perms; allow folio_daemon uhid_device:chr_file rw_file_perms;
# TODO(b/35870313): Remove this attribute when the corresponding bug is fixed and the treble
# violations are handled
typeattribute folio_daemon binder_in_vendor_violators;
typeattribute folio_daemon socket_between_core_and_vendor_violators;
allow folio_daemon system_server:unix_stream_socket rw_socket_perms_no_ioctl; allow folio_daemon system_server:unix_stream_socket rw_socket_perms_no_ioctl;
binder_use(folio_daemon) binder_use(folio_daemon)

1
sepolicy/private/system_server.te Normal file
View file

@ -0,0 +1 @@
binder_call(system_server, folio_daemon)

3
sepolicy/vendor/file_contexts vendored
View file

@ -22,9 +22,6 @@
/firmware u:object_r:firmware_file:s0 /firmware u:object_r:firmware_file:s0
/bt_firmware u:object_r:bt_firmware_file:s0 /bt_firmware u:object_r:bt_firmware_file:s0
# Folio daemon
/vendor/bin/folio_daemon u:object_r:folio_daemon_exec:s0
# HVDCP # HVDCP
/sys/devices(/platform)?/soc/[a-z0-9]+\.i2c/i2c-[0-9]+/[0-9]+-[a-z0-9]+/[a-z0-9]+\.i2c:qcom,[a-z0-9]+@[a-z0-9]:qcom,smb[a-z0-9]+-parallel-slave@[0-9]+/power_supply/parallel(/.*)? u:object_r:sysfs_usb_supply:s0 /sys/devices(/platform)?/soc/[a-z0-9]+\.i2c/i2c-[0-9]+/[0-9]+-[a-z0-9]+/[a-z0-9]+\.i2c:qcom,[a-z0-9]+@[a-z0-9]:qcom,smb[a-z0-9]+-parallel-slave@[0-9]+/power_supply/parallel(/.*)? u:object_r:sysfs_usb_supply:s0

1
sepolicy/vendor/system_server.te vendored
View file

@ -6,4 +6,3 @@ allow system_server vendor_camera_prop:file { getattr open read };
allow system_server vendor_default_prop:file { getattr open read }; allow system_server vendor_default_prop:file { getattr open read };
allow system_server thermal_service:service_manager find; allow system_server thermal_service:service_manager find;
allow system_server sysfs_battery_supply:file { getattr open read write }; allow system_server sysfs_battery_supply:file { getattr open read write };
binder_call(system_server, folio_daemon)