MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4525 commits 1 branch 0 tags 12 MiB
Commit graph

268 commits

Author SHA1 Message Date
pix106
630b415554 sdm660-common: sepolicy: label gf.debug.whitebox.enabled 2023-01-08 20:28:01 +01:00
pix106
2b5dfda876 sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop 2023-01-08 08:59:27 +01:00
Wilson Chan
e1a20c6dee Revert "sdm660-common: power-libperfmgr: Add Flipendo powerhint" 
- Add sepolicy for dex2oat powerhal props to vendor_power_prop

Test: boot and check powerhint parse logs
Test: enabled extreme battery saver and check scaling_max_freq

[clarencelol]: Adapt to sdm660 freq
 2023-01-04 06:23:15 +01:00
pix106
0fcf8ea137 Revert "sdm660-common: Migrate to Xiaomi power AIDL HAL" 
Revert "sdm660-common: rootdir: Clean part of Unexported properties"
Revert "sdm660-common: power-libperfmgr: Reduce GPU idle timer to 64ms"
 2023-01-04 06:23:14 +01:00
pix106
2cc84ac68d sdm660-common: sepolicy: allow vendor_init to read hal_camera_prop 2022-12-28 18:15:49 +01:00
brunorolak
91d1bdc13e sdm660-common: sepolicy: remove camera duplicates 
Duplicate prefix match detected for 'vendor.camera.skip_unconfigure.packagelist'

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-27 07:38:22 +01:00
Bruno Martins
71c49fcc8c sdm660-common: Migrate to Xiaomi power AIDL HAL 
Change-Id: I42170d51a517170b58d532addd9c38496e43457c

jasmine_sprout: Remove QTI perfd

Bug: 69270928
Test: Build and boot device and test camera
Change-Id: I87b283206f462fb5c8ec9cdd303ae2934fe9bfc4

jasmine_sprout: Declare BOARD_VENDOR

* Needed for xiaomi-perfmgr power AIDL guards

Change-Id: Idbb48e0f9b01090a456ad5d3f2d51f4dfab55672

jasmine_sprout: Create dummy libqti-perfd-client

* proprietary perfd blobs can finally be nuked without breaking goodix
* we could even map the functions to use libperfmgr powerhints in the future

[SebaUbuntu]: Cleanup Android.bp and add copyright header

Change-Id: I124652f3041761966a3e3bd97c757fecc39cc5fb

jasmine_sprout: libqti-perfd-client: Remove namespace declaration

It's pointless when using extern "C".

Change-Id: Ibdf9f06a70aa3a75687b33781c78cf2172bb334d

jasmine_sprout: libqti-perfd-client: return a dummy value

Return a positive integer for perf lock acquire and release so
that Goodix/FPC fingerprint sensor blobs will not complain.

Goodix:
E [goodixHAL][gf_hal_milan_f_series]: goodix_perf_lock_acquire: Failed to acquire perf lock, err: 0
E [goodixHAL][gf_hal_milan_f_series]: goodix_perf_lock_release: Perf lock release error 0

FPC:
E fpc_tac : fpc_perf_lock_acquire: Incorrect params, Failed to acquire perf lock, err
E fpc_tac : fpc_perf_lock_release: Perf lock release error 0

Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
Change-Id: I861672e9a738c2204755d802670f4b28b662f286

jasmine_sprout: libqti-perfd-client: Move to C

* Why bothering with C++ mangling when we can just build it as a standard C library?

Change-Id: I45ea977edf7ea7fab6fece76f3049654a8d24c5d

jasmine_sprout: Add powerhint.json jasmine

Change-Id: If270fc906fd833bb6b0d3b00621c0b079346e47d

jasmine_sprout: rootdir: Initial libperfmgr init config

* From coral, heavily stripped down

Change-Id: Ib6846e4f4f23baf56910d2330e26846b99830218

jasmine_sprout: sepolicy: Initial libperfmgr sepolicy

Change-Id: I3d0a259bc89b4ecd0bf1632199172710d98230e0

jasmine_sprout: Don't explicitly build older minor version HIDL libs

Change-Id: Ib0caa49054a79b1f01ffc751826286a29c642e06

jasmine_sprout: Remove QTI perf reminants

jasmine_sprout: Add back ro.vendor.extension_library definition

 * We aren't using QCOM's perfd but our blobs still check for this.
 * To avoid unnecessary errors, let's just add it back.

Change-Id: Icc44b330f21a658cfa8ded691a6628d8f62c3649
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-27 07:34:56 +01:00
Sebastiano Barezzi
c8d924ba0a sdm660-common: Move to common Xiaomi lights AIDL 
Change-Id: Icb3bb31ebad01519b91a6d41b47e1b57e1ac84e1
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
pix106
aa76e60586 sdm660-common: sepolicy: allow zygote to search vendor_framework_file 
type=1400 audit(0.0:55): avc: denied { search } for name="framework" dev="mmcblk0p14" ino=1094 scontext=u:r:zygote:s0 tcontext=u:object_r:vendor_framework_file:s0 tclass=dir permissive=0
 2022-12-22 04:56:20 +01:00
7Soldier
9aeebe4081 sdm660-common: sepolicy: Dontaudit crash_dump init ptrace denial 
Signed-off-by: 7Soldier <reg.fm4@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
romgharti
b374e4b4bc sdm660-commoy: sepolicy: Adress isolated_app denial 
avc:  denied  { find } for pid=5488 uid=90000 name=content_capture scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
Elektroschmock
7c2ddff90f sdm660-common: sepolicy: Fix isolated_app denial 
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0

Change-Id: I9a70417149c3239b89cc4266942cb3de4da34a4f
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
drkphnx
b9d8296f0e sdm660-common: sepolicy: address or dontaudit some untrusted_app denials 
Signed-off-by: drkphnx <dark.phnx12@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
pix106
fe4f91bb8f Revert "sdm660-common: sepolicy: Allow system_app to read /proc/pagetypeinfo" 
* duplicated rule

This reverts commit 5df53b728d.
 2022-12-22 04:56:20 +01:00
pix106
e41816077c sdm660-common: sepolicy: allow apexd to read apex_metadata_file 
* type=1400 audit(115448057.189:5): avc: denied { read } for comm="apexd" name="apex" dev="mmcblk0p63" ino=32 scontext=u:r:apexd:s0 tcontext=u:object_r:apex_metadata_file:s0 tclass=lnk_file permissive=0
 2022-12-22 04:56:20 +01:00
Aditya Pratap Singh
25a33facca sdm660-common: sepolicy: allow untrusted_app_zygote to access unix stream socket 
avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:untrusted_app:s0:c26,c257,c512,c768 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0 app=com.topjohnwu.magisk
Signed-off-by: afterallafk<shivamatiet2001@gmail.com>
Signed-off-by: Abhishek001konni <Abhishek001konni@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-11-07 08:34:27 +01:00
pix106
d58068cc9f sdm660-common: sepolicy: adress untrusted_app_27 unix_stream_socket denials 2022-11-07 08:34:27 +01:00
sabarop
16db6a4456 sdm660-common: sepolicy: address multiple denials 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-11-07 08:34:26 +01:00
Mohan C M
55c4433e3a sdm660-common: sepolicy: address hal_bluetooth_qti 
- avc: denied { read } for comm="bluetooth@1.0-s" name="ssrdump" dev="mmcblk0p49" ino=2162694 scontext=u:r:hal_bluetooth_qti:s0 tcontext=u:object_r:ramdump_vendor_data_file:s0 tclass=dir permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-11-07 08:34:26 +01:00
pix106
25b04c31af sdm660-common: sepolicy: address surfaceflinger hal_graphics_composer_default denial 2022-11-07 08:34:26 +01:00
pix106
fa6dfc8c13 sdm660-common: sepolicy: address qti_init_shell proc_watermark_scale_factor denials 2022-11-07 08:34:26 +01:00
pix106
2f38bc6da8 FIX sdm660-common: sepolicy: label init.goodix.sh and fingerprint datafile 2022-11-07 08:15:11 +01:00
pix106
9572ebacd7 sdm660-common: sepolicy: allow hal_power_default sys_admin capability 2022-10-11 09:24:15 +02:00
Rick Yiu
e279964f3c sdm660-common: sepolicy: Add permission to access proc_energy_aware file node 
This reverts commit 2c07bbc96e.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-10-11 08:47:30 +02:00
Elektroschmock
c4050270fd sdm660-common: sepolicy: Label /dev/stune(/.*) as cgroup 
* avc: denied { write } for comm="adb_root" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:adbroot:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="adb_root" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:adbroot:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="installd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="installd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="netd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:netd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="netd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:netd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="storaged" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:storaged:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="storaged" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:storaged:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="apexd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:apexd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0

Change-Id: Idc69978328640ff40ad5efe2f0abd79304e75893
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-10-11 08:47:30 +02:00
pix106
717057c76c sdm660-common: sepolicy: relabel miui prop 2022-10-11 08:47:30 +02:00
pix106
90b568e7b7 sdm660-common: sepolicy: drop and dontaudit kill and sys_admin permissions. 2022-09-13 06:56:46 +02:00
UtsavBalar1231
5852c41f14 sdm660-common: sepolicy: Allow init.qcom.post_boot.sh to set watermark_scale_factor 
This fixes:
W init.qcom.post_: type=1400 audit(0.0:42): avc: denied { write } for name="watermark_scale_factor" dev="proc" ino=52566 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:proc_watermark_scale_factor:s0 tclass=file permissive=0

Change-Id: Ib79c0208e758f03df5ce6652322802354836d6a5
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-13 06:56:46 +02:00
Dyneteve
66e57467db sdm660-common: sepolicy: Fix OTA on encrypted f2fs. 
* uncrypt : type=1400 audit(0.0:12165): avc: denied { sys_admin } for capability=21 scontext=u:r:uncrypt:s0 tcontext=u:r:uncrypt:s0 tclass=capability permissive=0

Change-Id: Ifec7cea45830a9e10f55a194e377857429bf4051
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-13 06:56:46 +02:00
Kevin F. Haggerty
5df53b728d sdm660-common: sepolicy: Allow system_app to read /proc/pagetypeinfo 
avc: denied { read } for name="pagetypeinfo" dev="proc" ino=4026543033
scontext=u:r:system_app:s0 tcontext=u:object_r:proc_pagetypeinfo:s0
tclass=file permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-13 06:56:46 +02:00
pix106
9188e83cbd sdm660-common: sepolicy: drop and dontaudit kill and sys_admin permissions. 2022-09-12 22:41:46 +02:00
pix106
077a21d15e sdm660-common: sepolicy: move system_app.te 2022-09-11 10:58:54 +02:00
pix106
467daca424 sdm660-common: sepolicy: label init.goodix.sh and fingerprint datafile 
Could not start service 'vendor.goodix_script' as part of class 'late_start': File /vendor/bin/init.goodix.sh (labeled u:object_r:vendor_file:s0) has incorrect label or no domain transition from u:r:init:s0 to another SELinux domain defined.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-04 09:20:37 +02:00
pix106
922735f672 sdm660-common: sepolicy: label sys.camera.miui.apk prop 
audit(0.0:4): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { read } for property=sys.camera.miui.apk pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:hal_camera_prop:s0 tclass=file permissive=0'

vendor_init already has permissions on vendor_camera_prop, so set sys.camera.miui.apk as vendor_camera_prop

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-08-30 20:00:11 +02:00
boedhack99
641996465a sdm660-common: sepolicy: Allow zygote to search adsprpdc file 
Fixes:
avc: denied { search } for comm="main" name="/" dev="sde48" ino=2 scontext=u:r:zygote:s0 tcontext=u:object_r:adsprpcd_file:s0 tclass=dir permissive=0
avc: denied { search } for comm="usap64" name="/" dev="sde48" ino=2 scontext=u:r:zygote:s0 tcontext=u:object_r:adsprpcd_file:s0 tclass=dir permissive=0

Change-Id: Idd3df6ec46049d5691e298ac1d0851d7ab0bead3
Signed-off-by: Khusika Dhamar Gusti <mail@khusika.dev>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-08-25 10:04:35 +02:00
pix106
3a56beef55 sdm660-common: sepolicy: Label ro.audio.usb.period_us 
Co-authored-by: Omar Hamad <etahamad@icloud.com>
 2022-08-18 08:52:27 +02:00
pix106
998d8a03be sdm660-common: sepolicy: address hal_bluetooth_qti diag_device chr_file denial 2022-08-08 22:52:29 +02:00
pix106
ce09f0e3af sdm660-common: DeviceSettings: Adapt vibration control to QTI Haptics 
* needs kernel support
 2022-07-29 13:48:08 +02:00
pix106
fdf6fbbe8d sdm660-common: sepolicy: rename 'bluetooth.te ' 2022-07-29 13:48:08 +02:00
Adithya R
cff5bdbd3b sdm660-common: sepolicy: Allow vendor_init to set ssr prop 
E init    : Do not have permissions to set 'persist.vendor.ssr.restart_level' to 'ALL_ENABLE' in property file '/vendor/build.prop': SELinux permission check failed

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-07-04 07:40:35 +02:00
pix106
ff88467668 sdm660-common: sepolicy: Address installd kill capability denial 
11-19 18:40:50.303 14813 14813 W cp      : type=1400 audit(0.0:45): avc: denied { kill } for capability=5 scontext=u:r:installd:s0 tcontext=u:r:installd:s0 tclass=capability permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-06-19 21:37:31 +02:00
pix106
99f4032d92 sdm660-common: sepolicy: Adress qti_init_shell persist_file denials 2022-06-19 21:37:26 +02:00
pix106
9f73958b59 sdm660-common: sepolicy: Address hal_audio_default persist_file denials 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-06-16 06:18:31 +02:00
pix106
8600a1d97f sdm660-common: sepolicy: Address zygote unix_stream_socket denials 2022-06-16 06:18:31 +02:00
pix106
f8c33f55be sdm660-common: sepolicy: allow hal_wifi_default to get persist_vendor_debug_wifi_prop props 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-06-06 17:58:45 +02:00
pix106
837f5ca200 sdm660-common: sepolicy: Address vendor_init persist_file denials 
avc: denied { read } for comm="init" name="persist" dev="mmcblk0p13" ino=47 scontext=u:r:vendor_init:s0 tcontext=u:object_r:persist_file:s0 tclass=lnk_file permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-06-06 17:52:42 +02:00
pix106
8193f9632b Revert "sdm660-common: sepolicy: cleanup sepolicy/vendor/tee.te" 
This reverts commit aea288de3b.
 2022-06-06 17:45:39 +02:00
Rahul Krishna
0bb3001be2 sem660-common: sepolicy: Label notification led nodes 
* adapt to 4.19 sysfs path

Change-Id: Id4b74a3e61525810698ef0d4477856620c2a5490
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-06-06 12:41:59 +02:00
pix106
f5050df60f sdm660-common: sepolicy: drop Mlipay sepolicy 2022-06-06 12:41:59 +02:00
Adithya R
dd6db97ea5 sdm660-common: drop IFAA/mliplay completely 
* no one actually uses this

Signed-off-by: SparXFusion <s2234nadar@gmail.com>
Signed-off-by: faham1997 <nafidfaham08@gmail.com>
Signed-off-by: ImPrashantt <prashant33968@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-06-06 12:41:59 +02:00