MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4076 commits 1 branch 0 tags 12 MiB
Commit graph

201 commits

Author SHA1 Message Date
pix106
738dff294a sdm660-common: sepolicy: Address many denials 
sdm660-common: sepolicy: Address vendor_init persist_file read denial
avc: denied { read } for comm="init" name="persist" dev="mmcblk0p63" ino=47 scontext=u:r:vendor_init:s0 tcontext=u:object_r:persist_file:s0 tclass=lnk_file permissive=0

sdm660-common: sepolicy: Address tee persist_file read denial
avc: denied { read } for comm="qseecomd" name="persist" dev="mmcblk0p63" ino=47 scontext=u:r:tee:s0 tcontext=u:object_r:persist_file:s0 tclass=lnk_file permissive=0

sdm660-common: sepolicy: Address installd mnt_user_file denial
avc: denied { search } for comm="Binder:1018_6" name="0" dev="tmpfs" ino=5541 scontext=u:r:installd:s0 tcontext=u:object_r:mnt_user_file:s0 tclass=dir permissive=0

sdm660-common: sepolicy: Address ssgtzd qipcrtr_socket denial

sdm660-common: sepolicy: Address platform_app denials
avc: denied { read } for comm="emui:screenshot" name="u:object_r:exported_audio_prop:s0" dev="tmpfs" ino=4254 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:exported_audio_prop:s0 tclass=file permissive=0 app=com.android.systemui

sdm660-common: sepolicy: Address init sysfs_graphics denial
avc: denied { read } for comm="init" name="device" dev="sysfs" ino=44569 scontext=u:r:init:s0 tcontext=u:object_r:sysfs_graphics:s0 tclass=lnk_file permissive=0

sdm660-common: sepolicy: Address system_app sysfs_graphics denials
avc: denied { write } for comm="settings.device" name="max_brightness" dev="sysfs" ino=44572 scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_graphics:s0 tclass=file permissive=0
avc: denied { open } for comm="settings.device" path="/sys/devices/platform/soc/800f000.qcom,spmi/spmi-0/spmi0-03/800f000.qcom,spmi:qcom,pm660l@3:qcom,leds@d000/leds/red/max_brightness" dev="sysfs" ino=44572 scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_graphics:s0 tclass=file permissive=0

sdm660-common: sepolicy: Address system_server sysfs_rtc denial
avc: denied { read } for comm="system_server" name="hctosys" dev="sysfs" ino=41512 scontext=u:r:system_server:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

sdm660-common: sepolicy: Address gmscore_app getattr denials
avc: denied { getattr } for comm="CTION_IDLE_MODE" path="/linkerconfig" dev="tmpfs" ino=3474 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:linkerconfig_file:s0 tclass=dir permissive=0 app=com.google.android.gms
avc: denied { getattr } for comm="CTION_IDLE_MODE" path="/persist" dev="mmcblk0p63" ino=47 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:persist_file:s0 tclass=lnk_file permissive=0 app=com.google.android.gms
avc: denied { getattr } for comm="CTION_IDLE_MODE" path="/init" dev="mmcblk0p63" ino=28 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:init_exec:s0 tclass=lnk_file permissive=0 app=com.google.android.gms
avc: denied { getattr } for comm="CTION_IDLE_MODE" path="/metadata" dev="mmcblk0p63" ino=32 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:metadata_file:s0 tclass=dir permissive=0 app=com.google.android.gms
avc: denied { getattr } for comm="CTION_IDLE_MODE" path="/postinstall" dev="mmcblk0p63" ino=48 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:postinstall_mnt_dir:s0 tclass=dir permissive=0 app=com.google.android.gms
avc: denied { getattr } for comm="CTION_IDLE_MODE" path="/vendor/firmware_mnt" dev="mmcblk0p58" ino=1 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:firmware_file:s0 tclass=dir permissive=0 app=com.google.android.gms
avc: denied { getattr } for comm="CTION_IDLE_MODE" path="/vendor/firmware" dev="mmcblk0p64" ino=1216 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:vendor_firmware_file:s0 tclass=dir permissive=0 app=com.google.android.gms

sdm660-common: sepolicy: Address vendor_mutualex create denial
avc: denied { create } for comm="mutualex" scontext=u:r:vendor_mutualex:s0 tcontext=u:r:vendor_mutualex:s0 tclass=qipcrtr_socket permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
pix106
ee3fa3b300 sdm660-common: sepolicy: Label sys.use_fifo_ui and address system_server vendor_video_prop denial 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
pix106
5499c4027c sdm660-common: sepolicy: Label rild.libpath 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
pix106
eee54d6e20 sdm660-common: sepolicy: Label some camera props 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
pix106
58bbd5db55 sdm660-common: sepolicy: Label sysfs wakeup nodes 
avc: denied { read } for comm="Binder:514_1" name="event_count" dev="sysfs" ino=53144 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="max_time_ms" dev="sysfs" ino=53149 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="wakeup_count" dev="sysfs" ino=53145 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="total_time_ms" dev="sysfs" ino=53148 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="expire_count" dev="sysfs" ino=53146 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="active_count" dev="sysfs" ino=53143 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="last_change_ms" dev="sysfs" ino=53150 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="prevent_suspend_time_ms" dev="sysfs" ino=53151 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="name" dev="sysfs" ino=53142 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
avc: denied { read } for comm="Binder:514_1" name="active_time_ms" dev="sysfs" ino=53147 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
pix106
5de9bdae50 Revert "sdm660-common: sepolicy: Adjust sepolicy for qti thermal" 
This reverts commit 77c4792ac9.
 2021-11-13 11:31:51 +01:00
pix106
9d53e14cc8 sdm660-common: sepolicy: Remove netmgrd set_prop vendor_data_ko_prop 
* No need after sepolicy update from LA.UM.9.2.1.r1-07200-sdm660.0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
Anush02198
6d46319a55 sdm660-common: sepolicy: Remove some wakeup nodes 
* As we have merged LA.UM.9.2.1.r1-07000-sdm660.0 sepolicy tag to source this is handeld by source

Signed-off-by: Anush02198 <Anush.4376@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
raiyanbinmohsin
d995aabb68 Revert "sdm660-common: Awaken-ify" 
This reverts commit 635c08ae00.

* also drop awaken ota sepolicy
 2021-11-13 11:31:51 +01:00
Sebastiano Barezzi
fa7fa65ffb sdm660-common: ir: Rebrand to Xiaomi SDM660 
Change-Id: I20146c0bc065a460f5a86455ed9a21abce5f9417
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: OdSazib <odsazib@gmail.com>
 2021-11-13 11:31:51 +01:00
ghostrider-reborn
79c64bc007 sdm660-common: Introduce kernelspace battery saver 
* Needs Kernel side support
 * This activates kernelspace battery saver via powerhal whenever
   battery saver is enabled in userspace, thereby lowering power
   consumption at kernel-level by disabling boosts and such

Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Change-Id: I2623503db27d7518de519bcaa3f5af6ab83879d0
 2021-11-13 11:31:49 +01:00
OdSazib
b8c814713d
sdm660-common: DeviceSettings: Add earpiece gain 
- Requires kernel support

Signed-off-by: OdSazib <odsazib@gmail.com>
Change-Id: If28b4dff421cbba5f17cd2ccfab02f2aa616a9f8
 2021-07-22 13:21:03 +06:00
OdSazib
5351cc35f9
sdm66-common: sepolicy: Fix labeling sysfs nodes for K4.19 
- Address more denials and label some new nodes

Signed-off-by: OdSazib <odsazib@gmail.com>
 2021-07-16 15:56:07 +06:00
StyloGey
4ec9f92ace
sdm660-common: Update RIL from AOSPA 
- update radio from LA.UM.9.12.r1-10800-SMxx50.0
- update telephony from qcom-common-AOSPA

Signed-off-by: OdSazib <odsazib@gmail.com>
 2021-07-15 17:00:40 +06:00
OdSazib
0a263a5716
sdm660-common: sepolicy: Update sepolicy for 4.19 2021-07-13 11:56:43 +06:00
clarencelol
20efaf472b
sdm660-common: Switch to Thermal 2.0 mock 
* QTI Thermal couldn't read the temperature for some reason
 2021-06-15 21:48:17 +06:00
sairam1411
77c4792ac9
sdm660-common: sepolicy: Adjust sepolicy for qti thermal 
Change-Id: Ib8493f164f12614e6d0a7ea5bd060d05991822b8
 2021-06-15 17:32:47 +06:00
Wilson Chan
2880603f27
sdm660-common: power-libperfmgr: Add Flipendo powerhint 
- Add sepolicy for dex2oat powerhal props to vendor_power_prop

Test: boot and check powerhint parse logs
Test: enabled extreme battery saver and check scaling_max_freq

[clarencelol]: Adapt to sdm660 freq
 2021-06-15 17:32:47 +06:00
clarencelol
5ae45246d0
sdm660-common: power-libperfmgr: Add back audio hints 
* It works as intended

Signed-off-by: clarencelol <clarencekuiek@icloud.com>
 2021-06-15 17:32:47 +06:00
clarencelol
7b3df1cb47
sdm660-common: sepolicy: Label wakeup nodes for 4.19 
- also resolve arbitrary sysfs paths for system_suspend
 2021-06-07 09:21:11 +06:00
Quallenauge
f9d71135ea
sdm660-common: sepolicy: Add swapper to kill 
Fixes:
W swapper/6: type=1400 audit(0.0:63): avc: denied { kill } for capability=5 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0

Change-Id: Ib3b5c2a173528cb9f63a4dd750634968c060f471
 2021-06-07 09:21:11 +06:00
Subhajeet Muhuri
1da7c15388
sdm660-common: /sys/devices/soc -> /sys/devices/platform/soc 
Signed-off-by: Subhajeet Muhuri <subhajeet.muhuri@aosip.dev>
 2021-06-07 09:21:11 +06:00
OdSazib
478a2b33b6
sdm660-common: sepolicy: Rework sepolicy (No more neverallow) 
- Thanks to LineageOS and our sdm660 community

Change-Id: I54c7d76260041b7c383428449e149aa35d51de9b3c
 2021-05-18 05:03:51 +06:00
OdSazib
ef00e5f20b
sdm660-common: DeviceSettings: Import in-app Dirac 
- Improve code with reference and split gain category

This reverts commits
- 471da74
- de7135d
- f6c011d

All credit goes to Stylog, this is just revert commits with few improvement

Co-authored-by: clarencelol <clarencekuiek@icloud.com>
 2021-04-10 02:24:09 +06:00
Sebastiano Barezzi
973fa8d111
sdm660-common: Fix some camera denials 
Change-Id: I172349433946883aa1035e91ab3ab703a96e7912
 2021-04-04 12:35:05 +06:00
OdSazib
6166317281
sdm660-common: Build power stats and label it 2021-03-15 12:21:09 +06:00
Subhajeet Muhuri
7c3beb85c9
sdm660-common: power-libperfmgr: Switch to AIDL Power HAL 
hardware/google/pixel/power-libperfmgr from android-11.0.0_r25

SQUASHED:
Revert all HIDL interface and nuke previous changes
Import Pixel libperfmgr AIDL Power HAL
Adapt and rebrand for xiaomi_sdm660
Remove Google-specific display LPM control
Remove Google-specific camera and audio hints
Remove VR hints handling
Remove audio hints handling
Remove dumpstate support
Initialize powerHAL when boot is completed
Add support for tap-to-wake feature control
Add sepolicy rules for power-libperfmgr
Enable power-libperfmgr

Signed-off-by: Subhajeet Muhuri <subhajeet.muhuri@aosip.dev>
 2021-03-10 12:37:27 +06:00
orgesified
373e2fc7e2
sdm660-common: sepolicy: Silence logspam 
Co-authored-by: Jarl-Penguin <jarlpenguin@outlook.com>
Change-Id: Iea2d0ec097c4e33a038ce05fba801364c2e8a381
 2021-03-07 01:51:46 +06:00
Jeferson
2632c4a4b8
sdm660-common: sepolicy: Adress system_server denials 
Change-Id: I7ec0ccc4004a7cf74988e7994ec981e064ba0412
 2021-03-07 01:49:33 +06:00
PIPIPIG233666
206f51bad0
sm660-common: Create socket for /dev/socket/audio_hw_socket 
Change-Id: If4c5b944efb8dde3093ccb7b8f1dca746a02e043
 2021-03-02 23:43:22 +06:00
Bruno Martins
a5de89d28b
sdm660-common: sepolicy: Add rules for older IMS blobs 
Since Android 10 blobs are being used, org.codeaurora.ims still runs
as phone UID as seen by these denials:

  m.android.phone: type=1400 audit(0.0:2914): avc: denied { read } for name="u:object_r:qcom_ims_prop:s0" dev="tmpfs" ino=13660 scontext=u:r:radio:s0 tcontext=u:object_r:qcom_ims_prop:s0 tclass=file permissive=0
  m.android.phone: type=1400 audit(0.0:473): avc: denied { call } for scontext=u:r:radio:s0 tcontext=u:r:hal_imsrtp:s0 tclass=binder permissive=0

Change-Id: Ic8c1b7996b9e0e7b63ba2a153441c9e8467a8a31
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
 2021-02-20 11:55:48 +06:00
Subhajeet Muhuri
7d8fc30985
sdm660-common: Kang more pixel power HAL sepolicy 
* Kanged from mata (with all available nodes on msm4.4)
 2021-02-20 11:55:25 +06:00
OdSazib
1edf16f04c
sdm660-common: apex: Symlink metadata to existing sessions 
* Better we do this instead of creating extra dir
 2021-02-16 18:50:35 +06:00
Chenyang Zhong
851d88070e
sdm660-common: create and symlink a dummy /metadata/apex 
Google moved apex sessions directory from /data/apex/sessions to
/metadata/apex/sessions after commit:

"Move apex sessions directory to /metadata"
36cf4bbac6

Devices with a mounted metadata partition will have the needed
directories set up by system/core/rootdir/init.rc. Xiaomi devices
on sm6125 do not have a metadata partition out of the box, so things
like "Google Play system update" will fail to install the update.

Therefore, create a dummy directory under /data/vendor/metadata_apex
and symlink it to /metadata/apex.

The reason why the old /data/apex/sessions directory is not used
for the symlink is that apexd will call migrateSessionsDirIfNeeded()
to recursively copy things from the old directory to the new one.
Creating the symlink from /data/apex/sessions may result in
unintended behaviors.

Signed-off-by: OdSazib <odsazib@gmail.com>
 2021-02-09 20:53:35 +06:00
OdSazib
2135c18643
sdm660-common: DeviceSettings: Drop userspace hall switcher 
* The sensor works as it is, hence not needed anymore
 2021-02-03 23:05:50 +06:00
OdSazib
dd30ca9b1e
sdm660-common: sepolicy: Allow ota updater to access package file 2021-01-27 20:41:45 +06:00
Michael Bestas
0f110dcda2
sdm660-common: sepolicy: Resolve camera HAL denials 
Change-Id: I47490bfa19bfb6162d161ba0c5e9f48556ab6eff
 2021-01-21 03:26:33 +06:00
Jeff Vander Stoep
e48e418541
sdm660-common: sepolicy: camera HAL is a client of configstore 
Addresses:
avc:  denied  { find } for
interface=android.hardware.configstore::ISurfaceFlingerConfigs pid=817
scontext=u:r:hal_camera_default:s0
tcontext=u:object_r:hal_configstore_ISurfaceFlingerConfigs:s0
tclass=hwservice_manager permissive=0

Bug: 65454046
Test: camera app
Change-Id: I84b92e5809b89b7f755322d485b92f5e7175a06a
 2021-01-21 03:26:33 +06:00
OdSazib
f2fa84055e
sdm660-common: sepolicy: Address more denials 2020-12-30 22:06:56 +06:00
OdSazib
f6cb7bb46a
sdm660-common: Nuke lineage livedisplay 
* Better version is already exist in device settings

Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-22 20:57:05 +06:00
Subhajeet Muhuri
06dfda6946
sdm660-common: Add sepolicy rules for power-libperfmgr 
Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-22 20:57:05 +06:00
OdSazib
928c7ac4f5
sdm660-common: Remove qti IOP stack 
* Useless in EAS

Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-22 20:57:04 +06:00
OdSazib
9492d1fa58
sdm660-common: Use stock poweroff charging animation 
* It's best animation out there with battery level

This reverts commit 9271fec5a4.
Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-21 09:19:25 +06:00
OdSazib
9a192b7de0
sdm660-common: sepolicy: Update sepolicy and cleanup 
* Address some denials from android 11
* Fix video recording
* Sort in alphabetic order

Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-21 09:16:25 +06:00
Aayush Gupta
ad4a731b53
sdm660-common: Address init denials regarding socket_device 
[    9.346918] type=1400 audit(71454275.960:7): avc: denied { create } for comm="init" name="dpmwrapper" scontext=u:r:init:s0 tcontext=u:object_r:socket_device:s0 tclass=sock_file permissive=0

Ref:
[0]: https://source.codeaurora.org/quic/la/device/qcom/sepolicy/commit/?h=LA.UM.9.2.1.r1-03800-sdm660.0&id=79488292273efa5ab89bc405a5f6ae4dec5d011d

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I262b06821c0625978b3685d0666bd2cf599fbf98
 2020-12-13 18:38:07 +06:00
Aayush Gupta
8c68646954
sdm660-common: Allow qti_init_shell to start & stop ril-daemon 
[    9.057234] type=1107 audit(71454275.676:6): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=ctl.stop$ril-daemon pid=1122 uid=0 gid=0 scontext=u:r:qti_init_shell:s0 tcontext=u:object_r:ctl_stop_prop:s0 tclass=property_service permissive=0'

Ref:
[0]: https://source.codeaurora.org/quic/la/device/qcom/sepolicy/commit/?h=LA.UM.9.2.1.r1-03800-sdm660.0&id=79488292273efa5ab89bc405a5f6ae4dec5d011d

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I5f062f8c6be56380b40a9428358c5f6c93dd71c8
 2020-12-13 18:38:07 +06:00
LuK1337
bb066620d8
sdm660-common: sepolicy: Address radio denials 
Change-Id: If37262e6be3d31f51dcd482db04ce647ecd57e4d
Signed-off-by: Subhajeet Muhuri <subhajeet.muhuri@aosip.dev>
 2020-12-13 18:38:07 +06:00
Aayush Gupta
2ccf864f31
sdm660-common: Address denials regarding to access sysfs_kgsl 
[   22.419451] type=1400 audit(1601312073.698:17): avc: denied { search } for comm="ImageWallpaper" name="kgsl-3d0" dev="sysfs" ino=29220 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:sysfs_kgsl:s0 tclass=dir permissive=0 app=com.android.systemui
[    9.476242] type=1400 audit(1601312065.534:13): avc: denied { search } for comm="BootAnimation" name="kgsl-3d0" dev="sysfs" ino=29220 scontext=u:r:bootanim:s0 tcontext=u:object_r:sysfs_kgsl:s0 tclass=dir permissive=0

Change-Id: I80c5de2d9687b3127922d5bc55c26461a797d0f9
Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Signed-off-by: Subhajeet Muhuri <subhajeet.muhuri@aosip.dev>
 2020-12-13 18:38:07 +06:00
Nolen Johnson
0d7a7d4ef5
sdm660-common: Move rtc contexts to device/qcom/sepolicy 
* In device/qcom/sepolicy-legacy-um now.

Change-Id: I80b877d4b65a3d22cf7a61d70e08e48edeb627de
 2020-12-13 18:38:07 +06:00
nebrassy
7821f6dc80
sdm660-common: sepolicy: drop seapp_contexts 
now labeled in sepolicy-legacy-um

Change-Id: I284d16905a7e67c3d86f300ac9bf73fa1b9490fc
 2020-12-13 18:38:07 +06:00
OdSazib
f614ba1ce6
sdm660-common: Clean up sepolicy for Android 11 
checkpolicy:  error(s) encountered while parsing configuration

Changes in Android 11
* dpmd > vendor_dpmd
* persist_camera_prop > vendor_persist_camera_prop
* persist_dpm_prop > vendor_persist_dpm_prop

Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-13 18:38:07 +06:00
LuK1337
510d313d4e
sdm660-common: sepolicy: Label /persist 
Change-Id: I471c0d1fedb51eabc32b54ab35a9823db8efd034
 2020-12-13 18:37:01 +06:00
OdSazib
9bd430ff9b
sdm660-common: XiaomiParts: Add Headphone & Mic Gain 
* This is manually ported by me from Lavender tree on Corvus-Devices
* Thanks @StyloGey for reviewing the java code and giving me a better solution
* Original repo: https://github.com/Corvus-Devices/device_xiaomi_lavender.git

To get it working, you need these two commits in your kernel:
> c04d6d6e61
> 8e25ac3318

Signed-off-by: OdSazib <odsazib@gmail.com>
Change-Id: I1bb48ced1f23728daa2e5170647ce08a04347110
 2020-10-19 11:36:06 +06:00
OdSazib
7580f5f636
sdm660-common: XiamiParts: Add FPS Info Overlay 
* Ported from: https://github.com/Corvus-Devices/device_xiaomi_lavender.git

Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-10-19 11:36:06 +06:00
OdSazib
471da74c21
sdm660-common: XiaomiParts: Remove dirac completely 
* Fix XiaomiPart crash while using audio mod like v4a/dolby

Signed-off-by: odsazib <odsazib@gmail.com>
 2020-10-19 11:36:06 +06:00
OdSazib
dd14ca3e30
sdm660-common: Address denials for Livedisplay 
Signed-off-by: odsazib <odsazib@gmail.com>
 2020-10-19 11:36:06 +06:00
Max Weffers
f1b43abf23
sdm660-common: Add IOP Hal blobs from LA.UM.8.2.r1-06500-sdm660.0 
Change-Id: I86bf8623dab2b5a5295bbebc602587b2347fdaf6
 2020-08-12 02:11:34 +06:00
Michael Bestas
5fcfc725ef
sdm660-common: sepolicy: Allow dpmd set ctl_stop_prop 
Change-Id: Id24b6370e907cc153b07383c65416aa9226e65a8
 2020-08-12 02:11:34 +06:00
Max Weffers
a502a3904b
sdm660: sepolicy: Adjust sepolicy for new tap to wake nodes 2020-08-12 02:02:40 +06:00
Christian Oder
9a26ceac4c
sdm660-common: remove neverallow 
Change-Id: I3a6a7c7e6f95947eaf807a0e6d8ab19144a9cee5
 2020-08-12 02:02:38 +06:00
Max Weffers
b7b7fae1ef
sdm660-common: sepolicy: unbreak sepolicy for carbon 
Change-Id: Ie324b974ceb741c524abe7ba53cadb4c2b01219e
 2020-08-12 02:02:38 +06:00
Dušan Uverić
3476f16be6
sdm660-common: XiaomiParts: add notification LED brightness slider 
Signed-off-by: Dušan Uverić <dusan.uveric9@gmail.com>
Change-Id: I86851420cca27d34e36f8e385859c5be63545bba
 2020-08-12 02:02:38 +06:00
Max Weffers
b0fa4e9f51
sdm660-common: sepolicy: Adress few denials 
Change-Id: I45c7af8087a8495e4e7902d74f7811c2d40f5197
 2020-08-12 02:02:38 +06:00
dianlujitao
684521256a
sdm660-common: sepolicy: Label new TP node 
Change-Id: Id55db9b6614320650c8c61e698f71ddc9f04d086
 2020-08-12 02:02:38 +06:00
erfanoabdi
7a514dc86e
sdm660-common: sepolicy: Label Video prop 
Change-Id: Id66a71d45ac8dc5a635bc0e208b45423bd9125e6
 2020-08-12 02:02:38 +06:00
dianlujitao
8d789ade9f
sdm660-common: sepolicy: Clean up sepolicy rules 
Change-Id: I9d7312e6aaafdde2c0751f4887f05d8d5029ee04
 2020-08-12 02:02:38 +06:00
Max Weffers
eb97b49f0c
sdm660-common: Address SELiunx denials and clean up 
Change-Id: I997a268c9ce23eab80f1981293720e17d21bbb7a
 2020-08-12 02:02:38 +06:00
Max Weffers
880ca53df2
sdm660-common: sepolicy: Address some denials 
Change-Id: Iaba642838e51a2c39c2961e30456148f9794f60e
 2020-08-12 02:02:38 +06:00
dianlujitao
06e3d383a2
sdm660-common: sepolicy: Label button backlight nodes 
Change-Id: I594a07fc3e68f1b50f181c4b254811814990c599
 2020-08-12 02:02:38 +06:00
dianlujitao
55f4d4eb18
sdm660-common: sepolicy: Drop unused sysfs_light 
Change-Id: I62bfac69bdcebaf7d484bbc39ea4e16f8beb8e6b
 2020-08-12 02:02:38 +06:00
dianlujitao
f735b1ab0c
sdm660-common: sepolicy: Label IR dev node for jason 
Change-Id: I7ba6af074485509a501f656587379fb0ba5b07d3
 2020-08-12 02:02:37 +06:00
Davide Garberi
4461490e45
sdm660-common: sepolicy: Label renamed white led node 
Change-Id: Ia7c3c47efb628f851dd377b2e09b6f8e150013e3
 2020-08-12 02:02:37 +06:00
Max Weffers
903525f9b0
sdm660: sepolicy: Allow vendor init to set few props 
Change-Id: I0b2574b0e2f5f9b84df1db9ea7386522361a2864
 2020-08-12 02:02:37 +06:00
Soul Trace
9b5bf8c210
ipacm: Fix WLAN tethering offload 
Fix reboot after 120 seconds on WLAN tethering enable.
Fix "target device is connected but no internet" issue.

Move ipacm-related sections from rootdir/etc/init.qcom.rc to data-ipa-cfg-mgr/ipacm/src/ipacm.rc
Make ipacm.rc look like vendor/qcom/opensource/data-ipa-cfg-mgr/ipacm/src/ipacm.rc but add
writepid /dev/cpuset/system-background/tasks to the service definition.
This let ipacm start after data decryption (it got killed on data decrypt and not respawned,
because was disabled).
This fixes following errors:
04-01 14:35:57.525   591 17586 W libc    : Unable to set property "ctl.interface_start" to "android.hardware.tetheroffload.config@1.0::IOffloadConfig/default": error code: 0x20
04-01 14:35:57.526  2665  3190 I ServiceManagement: getService: Trying again for android.hardware.tetheroffload.config@1.0::IOffloadConfig/default...
04-01 14:35:57.526   591 17586 E hwservicemanager: Failed to set property for starting android.hardware.tetheroffload.config@1.0::IOffloadConfig/default

Set wifi.active.interface context to exported_wifi_prop and allow hal_wifi_default to set it.
I don't know why context definition was not embedded to the contexts file, but now it is.
This fixes following errors:
[163263.846522] selinux: avc:  denied  { set } for property=wifi.active.interface pid=2733 uid=1010 gid=1010 scontext=u:r:hal_wifi_default:s0 tcontext=u:object_r:default_prop:s0 tclass=property_service permissive=0

Change-Id: I735e7d8d8d07b9545ef16a6baa35a13aba3cd116
 2020-08-12 02:02:37 +06:00
Max Weffers
599a611dd8
sdm660: sepolicy: Grant Vendor Toolbox fingerprint file acces in persist 
Change-Id: I16afcc9bf2f822d741470ca5b741a4b283196575
 2020-08-12 02:02:37 +06:00
dianlujitao
6df111fbc1
sdm660-common: sepolicy: Adjust for lavender dt2w node 
Signed-off-by: Sebita <kjjjnob.seba@gmail.com>
Change-Id: If08946adbf5c2fa619178b3f15ae0635bacdf8a8
 2020-03-10 09:41:52 +01:00
LuK1337
2eb56727c3
sdm660-common: sepolicy: Add more /persist related contexts to toolbox rules 
Change-Id: If9b28d1196eb352422e5acb0a570f2e005c2dcdf
 2020-03-10 09:39:56 +01:00
LuK1337
1e7b6a0417
sdm660-common: sepolicy: Drop unnecessary rule 
* This is already granted through init_daemon_domain(domain).

Change-Id: I6c2f1b3e267256da958b40af5014972785617cbe
 2020-03-10 09:39:56 +01:00
Felix
ac571ee966
sdm660-common: Force restorecon for /mnt/vendor/persist 
The restorecon_recursive directive in init is only applied if the
file_contexts file changed between builds, but not necessarily if any
file or folder inside /mnt/vendor/persist/ has changed.

The restorecon code checks whether an xattr named
"security.sehash" contains a string that matches the current
combined hashes of the SELinux context files and skips restoring labels
if there is a match, see
https://android.googlesource.com/platform/external/selinux/+/refs/tags/android-9.0.0_r35/libselinux/src/android/android_platform.c#1546

Force wiping that xattr so that restorecon always runs since it's not
very expensive (there are currently only about 50 files on /persist).

The restorecon is needed to fix issues such as wrong stock labels on
/mnt/vendor/persist/sensors/:
sensors_persist_file -> persist_sensors_file

Change-Id: Ic0cd848836ee550499d9236f56ed6e939e35f01e
 2020-03-10 09:39:45 +01:00
Ethan Chen
89f5d20ec4
sdm660-common: Allow init to relabel persist link file 
Change-Id: I7872b8455a66e45826d86e0bb71faa1f28a2c7a3
 2020-02-27 17:01:34 +01:00
AmulyaX
f9e999cb0f
sdm660-common: Address QtiExtendedFP denial 
Signed-off-by: AmulyaX <amulya.b520@gmail.com>
 2020-01-31 16:42:36 +01:00
AmulyaX
0f03dbd079
sdm660-common: Address camera hal denial 
Signed-off-by: AmulyaX <amulya.b520@gmail.com>
 2020-01-31 16:42:28 +01:00
chandra chaganti
691a8c6843
sdm660-common: sepolicy: allow appdomain to get persist_camera_prop 
* E libc    : Access denied finding property "vendor.camera.aux.packagelist"

Change-Id: I06feb5bd6a2321880065585395101c349c741909
 2020-01-28 16:59:19 +01:00
Max Weffers
3c13d5743f
sdm660-common: sepolicy: Add sysfs Label for Platinas Fpc Fingerprint 
Change-Id: I7423f84d6142b43818dfd2aa24ca935e6188c32f
 2020-01-28 16:59:14 +01:00
LuK1337
987436f592
sdm660-common: sepolicy: Address time_daemon denials 
Change-Id: I83947a673ed19cfc20c130fb133d1957aa44d284
 2020-01-13 22:08:51 +01:00
PIPIPIG233666
bae9198c4e
sdm660-common: Address fp denials 
Change-Id: Ie2abb5480d3442e5f64d532561ce657362f9f081
 2020-01-06 21:06:22 +01:00
PIPIPIG233666
9c6a56cef6
sdm660-common: Address thermal-engine denials 
Change-Id: I7d824f1066638ec6e73ae80093737b380436ba80
 2020-01-06 21:06:22 +01:00
Michael Bestas
7e257d0aea
sdm660-common: sepolicy: Silence harmless QCOM denials 
Change-Id: Iad1e2c0e654a4a46da76a57ece63dc4f35761d50
 2020-01-06 21:06:21 +01:00
Sebita
7f874140c7
sdm660-common: sepolicy: Label node for lavender dt2w 
Signed-off-by: Sebita <kjjjnob.seba@gmail.com>
Change-Id: I3df604f9025a3517d19468e8fffc750dbfe479ba
 2020-01-06 10:56:13 +01:00
dianlujitao
e427647713
sdm660-common: sepolicy: Label vendor.camera.aux.packageblacklist 
Change-Id: I07b82e0ba4a8e16faf67c64e0ffe73a690b38064
Signed-off-by: Sebita <kjjjnob.seba@gmail.com>
 2020-01-06 10:50:34 +01:00
Max Weffers
5d39827818
sdm660: parts: Rename hall prop to folio_daemon prop 
*needed to prevent neverallow in user builds
 2020-01-04 09:37:09 +01:00
Max Weffers
6bbcfb4c1d
sdm660: sepolicy: fix denials while fingerprint enrollment 2019-12-30 23:00:40 +01:00
Max Weffers
946a233a4b
sdm660: sepolicy: Add AuthSecret HAL service 2019-12-23 08:59:25 +01:00
Stylogey
25dadea83b
sdm660-common: XiaomiParts: Start folio_daemon only if a prop is set 2019-12-13 16:57:53 +01:00
Michael Bestas
559890d4f6
sdm660-common: sepolicy: Remove deprecated power HAL stats policies 2019-12-07 18:49:55 +01:00
Michael Bestas
f12fb26fcd
sdm660-common: sepolicy: Allow power off alarm app to set cpuset 
* P blob compatibility

Change-Id: I3b8c58ab917dcbf2f142729feb5e6f6adcfc9fdd
 2019-12-02 07:57:05 +01:00
Michael Bestas
ec75167d10
sdm660-common: sepolicy: Allow rmt_storage access sysfs_ssr 
* P blob compatibility

Change-Id: Ib88c81c8cb4a19c7afd322cfef9b812c2f029a34
 2019-12-02 07:57:05 +01:00
LuK1337
348b308650
sdm660-common: sepolicy: Address time_daemon denials 
Change-Id: I83947a673ed19cfc20c130fb133d1957aa44d284
 2019-12-02 07:56:49 +01:00
Michael Bestas
4f0e9000c9
sdm660-common: Build vendor variant of tinymix 
* Avoid SELinux neverallows, vendor services should use vendor tools

Change-Id: I2a97658db9a31dd0403f1b62386db2987bd9749c
 2019-12-01 10:27:53 +01:00
Nick Kralevich
160b13b9df
sdm660: folio_daemon: Add system_file_type in sepolicy 
This file resides on /system, so must be annotated with the
system_file_type attribute.

Test: Policy compiles.
Change-Id: Ic834caefe1417465ac842ddce909e968511f45b2
 2019-10-19 20:51:10 +02:00