The core SEPolicy for vendor_init is being restricted to the proper
Treble restrictions. Since this is a legacy device, it is tagged as a
data_between_core_and_vendor_violators and the needed permissions are
added to its device specific vendor_init.te
Bug: 62875318
Test: boot walleye without audits
Change-Id: I13aaa2278e71092d740216d3978dc720afafe8ea
Signed-off-by: Subhajeet Muhuri <kenny3fcb@gmail.com>
Move vendor policy to vendor and add a place for system extensions.
Also add such an extension: a labeling of the qti.ims.ext service.
Bug: 38151691
Bug: 62041272
Test: Policy binary identical before and after, except plat_service_contexts
has new service added.
Change-Id: Ie4e8527649787dcf2391b326daa80cf1c9bd9d2f
Change-Id: I1493c4c8876c4446a1de46b39942098bf49c79f8
* Untrusted apps are no longer allowed to directly access hwbinder on
Pie, implement a system service as a middleware between mlipay hal
and untrusted apps.
* Xiaomi uses similar solution for MIUI on Pie.
Change-Id: Ie52376b1f7bcd84d219fe73bceb4bdd6cc2b9980
* IFAA manager is based on OnePlusOSS, but adapted for Xiaomi's mlipay
interface.Also hardcode model detection to pass Alipay check.
* vendor.xiaomi.hardware.mtdservice@1.0.so is not actually used, thus
patchelf to drop it rather than shipping a blob.
* Modify libmlipay.so to allow load firmware from vendor
Change-Id: Idf3d3a8d40245984767f4ef5f60f9fe584e69f21
