MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4638 commits 1 branch 0 tags 12 MiB
Commit graph

285 commits

Author SHA1 Message Date
AdarshGrewal
e73b904a69 sdm660-common: sepolicy: Address cameraserver denial 
avc: denied { write } for name="property_service" dev="tmpfs" ino=16815 scontext=u:r:cameraserver:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
Shreedhan003
a6984f5866 sdm660-common: sepolicy: let camera hal access system_data_file 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
pix106
a96be03c56 sdm660-common: sepolicy: label MACE_CPP_MIN_VLOG_LEVEL camera prop 2023-06-24 08:20:03 +02:00
pix106
b8fad83343 sdm660-common: sepolicy: address hal_usb_default sysfs_battery_supply denial 2023-06-24 08:20:03 +02:00
Sabar
20fa9c5207 Revert "sdm660-common: drop IFAA/mliplay completely" 
This reverts commit dd6db97ea5.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
Sabar
8f353501a7 Revert "sdm660-common: sepolicy: drop Mlipay sepolicy" 
This reverts commit f5050df60f.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
pix106
b941e52a77 sdm660-common: sepolicy: drop livedisplay sepolicy rule 2023-05-09 06:36:23 +02:00
sabarop
8c57947a57 sdm660-common: sepolicy: multiple address denials 
Coauthored-by: pix106 <sbordenave@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-05-09 06:36:23 +02:00
Alcatraz323
7791443f94 sdm660-common: use QTI USB 1.3 HAL 
* follows vendor/qcom/opensource/usb/vendor_product.mk
* enable full usb function
* partially ported sepolicy_vndr

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
Alcatraz323
35342a285f sdm660-common: switch to android.hardware.usb@1.0-service.basic 
* clean up for qti-1.3 working
* staging usb HAL is ACTUALLY SAME as basic 1.0 HAL, totally meaningless

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
Alcatraz323
e9aa976c93 sdm660-common: sepolicy: address newly discovered denials 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
Alcatraz323
1f8bba423f sdm660-common: sepolicy: address denial for hal_fingerprint_sdm660, hal_light_default 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
sabarop
cb5d34ddf3 sdm660-common: Uprev fp to 2.3 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-03-23 19:32:12 +01:00
Stylogey
5182be1445 sdm660-common: DeviceSettings: Add USB fastcharge toggle 
Co-authored-by: ronaxdevil <pratabidya.007@gmail.com>
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-03-23 19:32:12 +01:00
pix106
69d628f826 sdm660-common: sepolicy label /data/gf_data/auth_ratio_database.db 2023-03-20 07:18:06 +01:00
pix106
0d4fea2039 sdm660-common: sepolicy: allow init to ptrace hal_fingerprint_sdm660 process 2023-03-20 07:18:06 +01:00
pix106
c742096f56 sdm660-common: sepolicy: dontaudit untrusted_app_30 system_linker_exec execmod 2023-03-20 07:18:06 +01:00
pix106
630b415554 sdm660-common: sepolicy: label gf.debug.whitebox.enabled 2023-01-08 20:28:01 +01:00
pix106
2b5dfda876 sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop 2023-01-08 08:59:27 +01:00
Wilson Chan
e1a20c6dee Revert "sdm660-common: power-libperfmgr: Add Flipendo powerhint" 
- Add sepolicy for dex2oat powerhal props to vendor_power_prop

Test: boot and check powerhint parse logs
Test: enabled extreme battery saver and check scaling_max_freq

[clarencelol]: Adapt to sdm660 freq
 2023-01-04 06:23:15 +01:00
pix106
0fcf8ea137 Revert "sdm660-common: Migrate to Xiaomi power AIDL HAL" 
Revert "sdm660-common: rootdir: Clean part of Unexported properties"
Revert "sdm660-common: power-libperfmgr: Reduce GPU idle timer to 64ms"
 2023-01-04 06:23:14 +01:00
pix106
2cc84ac68d sdm660-common: sepolicy: allow vendor_init to read hal_camera_prop 2022-12-28 18:15:49 +01:00
brunorolak
91d1bdc13e sdm660-common: sepolicy: remove camera duplicates 
Duplicate prefix match detected for 'vendor.camera.skip_unconfigure.packagelist'

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-27 07:38:22 +01:00
Bruno Martins
71c49fcc8c sdm660-common: Migrate to Xiaomi power AIDL HAL 
Change-Id: I42170d51a517170b58d532addd9c38496e43457c

jasmine_sprout: Remove QTI perfd

Bug: 69270928
Test: Build and boot device and test camera
Change-Id: I87b283206f462fb5c8ec9cdd303ae2934fe9bfc4

jasmine_sprout: Declare BOARD_VENDOR

* Needed for xiaomi-perfmgr power AIDL guards

Change-Id: Idbb48e0f9b01090a456ad5d3f2d51f4dfab55672

jasmine_sprout: Create dummy libqti-perfd-client

* proprietary perfd blobs can finally be nuked without breaking goodix
* we could even map the functions to use libperfmgr powerhints in the future

[SebaUbuntu]: Cleanup Android.bp and add copyright header

Change-Id: I124652f3041761966a3e3bd97c757fecc39cc5fb

jasmine_sprout: libqti-perfd-client: Remove namespace declaration

It's pointless when using extern "C".

Change-Id: Ibdf9f06a70aa3a75687b33781c78cf2172bb334d

jasmine_sprout: libqti-perfd-client: return a dummy value

Return a positive integer for perf lock acquire and release so
that Goodix/FPC fingerprint sensor blobs will not complain.

Goodix:
E [goodixHAL][gf_hal_milan_f_series]: goodix_perf_lock_acquire: Failed to acquire perf lock, err: 0
E [goodixHAL][gf_hal_milan_f_series]: goodix_perf_lock_release: Perf lock release error 0

FPC:
E fpc_tac : fpc_perf_lock_acquire: Incorrect params, Failed to acquire perf lock, err
E fpc_tac : fpc_perf_lock_release: Perf lock release error 0

Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
Change-Id: I861672e9a738c2204755d802670f4b28b662f286

jasmine_sprout: libqti-perfd-client: Move to C

* Why bothering with C++ mangling when we can just build it as a standard C library?

Change-Id: I45ea977edf7ea7fab6fece76f3049654a8d24c5d

jasmine_sprout: Add powerhint.json jasmine

Change-Id: If270fc906fd833bb6b0d3b00621c0b079346e47d

jasmine_sprout: rootdir: Initial libperfmgr init config

* From coral, heavily stripped down

Change-Id: Ib6846e4f4f23baf56910d2330e26846b99830218

jasmine_sprout: sepolicy: Initial libperfmgr sepolicy

Change-Id: I3d0a259bc89b4ecd0bf1632199172710d98230e0

jasmine_sprout: Don't explicitly build older minor version HIDL libs

Change-Id: Ib0caa49054a79b1f01ffc751826286a29c642e06

jasmine_sprout: Remove QTI perf reminants

jasmine_sprout: Add back ro.vendor.extension_library definition

 * We aren't using QCOM's perfd but our blobs still check for this.
 * To avoid unnecessary errors, let's just add it back.

Change-Id: Icc44b330f21a658cfa8ded691a6628d8f62c3649
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-27 07:34:56 +01:00
Sebastiano Barezzi
c8d924ba0a sdm660-common: Move to common Xiaomi lights AIDL 
Change-Id: Icb3bb31ebad01519b91a6d41b47e1b57e1ac84e1
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
pix106
aa76e60586 sdm660-common: sepolicy: allow zygote to search vendor_framework_file 
type=1400 audit(0.0:55): avc: denied { search } for name="framework" dev="mmcblk0p14" ino=1094 scontext=u:r:zygote:s0 tcontext=u:object_r:vendor_framework_file:s0 tclass=dir permissive=0
 2022-12-22 04:56:20 +01:00
7Soldier
9aeebe4081 sdm660-common: sepolicy: Dontaudit crash_dump init ptrace denial 
Signed-off-by: 7Soldier <reg.fm4@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
romgharti
b374e4b4bc sdm660-commoy: sepolicy: Adress isolated_app denial 
avc:  denied  { find } for pid=5488 uid=90000 name=content_capture scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
Elektroschmock
7c2ddff90f sdm660-common: sepolicy: Fix isolated_app denial 
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="commands.json" dev="mmcblk0p42" ino=1251111 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0
avc: denied { setattr } for comm="CrUtilityMain" name="f2" dev="mmcblk0p42" ino=1251128 scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:app_data_file:s0:c153,c256,c512,c768 tclass=file permissive=0

Change-Id: I9a70417149c3239b89cc4266942cb3de4da34a4f
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
drkphnx
b9d8296f0e sdm660-common: sepolicy: address or dontaudit some untrusted_app denials 
Signed-off-by: drkphnx <dark.phnx12@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-22 04:56:20 +01:00
pix106
fe4f91bb8f Revert "sdm660-common: sepolicy: Allow system_app to read /proc/pagetypeinfo" 
* duplicated rule

This reverts commit 5df53b728d.
 2022-12-22 04:56:20 +01:00
pix106
e41816077c sdm660-common: sepolicy: allow apexd to read apex_metadata_file 
* type=1400 audit(115448057.189:5): avc: denied { read } for comm="apexd" name="apex" dev="mmcblk0p63" ino=32 scontext=u:r:apexd:s0 tcontext=u:object_r:apex_metadata_file:s0 tclass=lnk_file permissive=0
 2022-12-22 04:56:20 +01:00
Aditya Pratap Singh
25a33facca sdm660-common: sepolicy: allow untrusted_app_zygote to access unix stream socket 
avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:untrusted_app:s0:c26,c257,c512,c768 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0 app=com.topjohnwu.magisk
Signed-off-by: afterallafk<shivamatiet2001@gmail.com>
Signed-off-by: Abhishek001konni <Abhishek001konni@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-11-07 08:34:27 +01:00
pix106
d58068cc9f sdm660-common: sepolicy: adress untrusted_app_27 unix_stream_socket denials 2022-11-07 08:34:27 +01:00
sabarop
16db6a4456 sdm660-common: sepolicy: address multiple denials 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-11-07 08:34:26 +01:00
Mohan C M
55c4433e3a sdm660-common: sepolicy: address hal_bluetooth_qti 
- avc: denied { read } for comm="bluetooth@1.0-s" name="ssrdump" dev="mmcblk0p49" ino=2162694 scontext=u:r:hal_bluetooth_qti:s0 tcontext=u:object_r:ramdump_vendor_data_file:s0 tclass=dir permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-11-07 08:34:26 +01:00
pix106
25b04c31af sdm660-common: sepolicy: address surfaceflinger hal_graphics_composer_default denial 2022-11-07 08:34:26 +01:00
pix106
fa6dfc8c13 sdm660-common: sepolicy: address qti_init_shell proc_watermark_scale_factor denials 2022-11-07 08:34:26 +01:00
pix106
2f38bc6da8 FIX sdm660-common: sepolicy: label init.goodix.sh and fingerprint datafile 2022-11-07 08:15:11 +01:00
pix106
9572ebacd7 sdm660-common: sepolicy: allow hal_power_default sys_admin capability 2022-10-11 09:24:15 +02:00
Rick Yiu
e279964f3c sdm660-common: sepolicy: Add permission to access proc_energy_aware file node 
This reverts commit 2c07bbc96e.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-10-11 08:47:30 +02:00
Elektroschmock
c4050270fd sdm660-common: sepolicy: Label /dev/stune(/.*) as cgroup 
* avc: denied { write } for comm="adb_root" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:adbroot:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="adb_root" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:adbroot:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="installd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="installd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:installd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="netd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:netd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="netd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:netd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="storaged" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:storaged:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { open } for comm="storaged" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:storaged:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0
* avc: denied { write } for comm="apexd" name="tasks" dev="tmpfs" ino=5693
  scontext=u:r:apexd:s0 tcontext=u:object_r:device:s0 tclass=file
  permissive=0

Change-Id: Idc69978328640ff40ad5efe2f0abd79304e75893
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-10-11 08:47:30 +02:00
pix106
717057c76c sdm660-common: sepolicy: relabel miui prop 2022-10-11 08:47:30 +02:00
pix106
90b568e7b7 sdm660-common: sepolicy: drop and dontaudit kill and sys_admin permissions. 2022-09-13 06:56:46 +02:00
UtsavBalar1231
5852c41f14 sdm660-common: sepolicy: Allow init.qcom.post_boot.sh to set watermark_scale_factor 
This fixes:
W init.qcom.post_: type=1400 audit(0.0:42): avc: denied { write } for name="watermark_scale_factor" dev="proc" ino=52566 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:proc_watermark_scale_factor:s0 tclass=file permissive=0

Change-Id: Ib79c0208e758f03df5ce6652322802354836d6a5
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-13 06:56:46 +02:00
Dyneteve
66e57467db sdm660-common: sepolicy: Fix OTA on encrypted f2fs. 
* uncrypt : type=1400 audit(0.0:12165): avc: denied { sys_admin } for capability=21 scontext=u:r:uncrypt:s0 tcontext=u:r:uncrypt:s0 tclass=capability permissive=0

Change-Id: Ifec7cea45830a9e10f55a194e377857429bf4051
Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-13 06:56:46 +02:00
Kevin F. Haggerty
5df53b728d sdm660-common: sepolicy: Allow system_app to read /proc/pagetypeinfo 
avc: denied { read } for name="pagetypeinfo" dev="proc" ino=4026543033
scontext=u:r:system_app:s0 tcontext=u:object_r:proc_pagetypeinfo:s0
tclass=file permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-13 06:56:46 +02:00
pix106
9188e83cbd sdm660-common: sepolicy: drop and dontaudit kill and sys_admin permissions. 2022-09-12 22:41:46 +02:00
pix106
077a21d15e sdm660-common: sepolicy: move system_app.te 2022-09-11 10:58:54 +02:00
pix106
467daca424 sdm660-common: sepolicy: label init.goodix.sh and fingerprint datafile 
Could not start service 'vendor.goodix_script' as part of class 'late_start': File /vendor/bin/init.goodix.sh (labeled u:object_r:vendor_file:s0) has incorrect label or no domain transition from u:r:init:s0 to another SELinux domain defined.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-09-04 09:20:37 +02:00