Since Android 10 blobs are being used, org.codeaurora.ims still runs
as phone UID as seen by these denials:
m.android.phone: type=1400 audit(0.0:2914): avc: denied { read } for name="u:object_r:qcom_ims_prop:s0" dev="tmpfs" ino=13660 scontext=u:r:radio:s0 tcontext=u:object_r:qcom_ims_prop:s0 tclass=file permissive=0
m.android.phone: type=1400 audit(0.0:473): avc: denied { call } for scontext=u:r:radio:s0 tcontext=u:r:hal_imsrtp:s0 tclass=binder permissive=0
Change-Id: Ic8c1b7996b9e0e7b63ba2a153441c9e8467a8a31
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Google moved apex sessions directory from /data/apex/sessions to
/metadata/apex/sessions after commit:
"Move apex sessions directory to /metadata"
36cf4bbac6
Devices with a mounted metadata partition will have the needed
directories set up by system/core/rootdir/init.rc. Xiaomi devices
on sm6125 do not have a metadata partition out of the box, so things
like "Google Play system update" will fail to install the update.
Therefore, create a dummy directory under /data/vendor/metadata_apex
and symlink it to /metadata/apex.
The reason why the old /data/apex/sessions directory is not used
for the symlink is that apexd will call migrateSessionsDirIfNeeded()
to recursively copy things from the old directory to the new one.
Creating the symlink from /data/apex/sessions may result in
unintended behaviors.
Signed-off-by: OdSazib <odsazib@gmail.com>
* This is manually ported by me from Lavender tree on Corvus-Devices
* Thanks @StyloGey for reviewing the java code and giving me a better solution
* Original repo: https://github.com/Corvus-Devices/device_xiaomi_lavender.git
To get it working, you need these two commits in your kernel:
> c04d6d6e61
> 8e25ac3318
Signed-off-by: OdSazib <odsazib@gmail.com>
Change-Id: I1bb48ced1f23728daa2e5170647ce08a04347110
Fix reboot after 120 seconds on WLAN tethering enable.
Fix "target device is connected but no internet" issue.
Move ipacm-related sections from rootdir/etc/init.qcom.rc to data-ipa-cfg-mgr/ipacm/src/ipacm.rc
Make ipacm.rc look like vendor/qcom/opensource/data-ipa-cfg-mgr/ipacm/src/ipacm.rc but add
writepid /dev/cpuset/system-background/tasks to the service definition.
This let ipacm start after data decryption (it got killed on data decrypt and not respawned,
because was disabled).
This fixes following errors:
04-01 14:35:57.525 591 17586 W libc : Unable to set property "ctl.interface_start" to "android.hardware.tetheroffload.config@1.0::IOffloadConfig/default": error code: 0x20
04-01 14:35:57.526 2665 3190 I ServiceManagement: getService: Trying again for android.hardware.tetheroffload.config@1.0::IOffloadConfig/default...
04-01 14:35:57.526 591 17586 E hwservicemanager: Failed to set property for starting android.hardware.tetheroffload.config@1.0::IOffloadConfig/default
Set wifi.active.interface context to exported_wifi_prop and allow hal_wifi_default to set it.
I don't know why context definition was not embedded to the contexts file, but now it is.
This fixes following errors:
[163263.846522] selinux: avc: denied { set } for property=wifi.active.interface pid=2733 uid=1010 gid=1010 scontext=u:r:hal_wifi_default:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service permissive=0
Change-Id: I735e7d8d8d07b9545ef16a6baa35a13aba3cd116
The restorecon_recursive directive in init is only applied if the
file_contexts file changed between builds, but not necessarily if any
file or folder inside /mnt/vendor/persist/ has changed.
The restorecon code checks whether an xattr named
"security.sehash" contains a string that matches the current
combined hashes of the SELinux context files and skips restoring labels
if there is a match, see
https://android.googlesource.com/platform/external/selinux/+/refs/tags/android-9.0.0_r35/libselinux/src/android/android_platform.c#1546
Force wiping that xattr so that restorecon always runs since it's not
very expensive (there are currently only about 50 files on /persist).
The restorecon is needed to fix issues such as wrong stock labels on
/mnt/vendor/persist/sensors/:
sensors_persist_file -> persist_sensors_file
Change-Id: Ic0cd848836ee550499d9236f56ed6e939e35f01e
