MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4801 commits 1 branch 0 tags 12 MiB
Commit graph

312 commits

Author SHA1 Message Date
Sabar
cc7186d635 sdm660-common: Switch to QTI Thermal HAL 2024-01-14 17:19:23 +01:00
LuK1337
119e127a3e sdm660-common: sepolicy: isolated_app -> isolated_app_all 
Change-Id: I10b09afe41b927875d1f7c37d6fc18b75ae1250a
    Signed-off-by: Immanuel Raj <iamimmanuelraj@gmail.com>
 2024-01-14 17:19:23 +01:00
Chenyang Zhong
d19ed7ad06 sdm660-common: sepolicy: allow rild to call qtidataservices_app 
avc: denied { call } for comm="DataModule-Loop" scontext=u:r:rild:s0 tcontext=u:r:qtidataservices_app:s0:c221,c256,c512,c768 tclass=binder permissive=0
Change-Id: Ibec0d6e78a823f3a90ec7e166f58dd6b2797db65
Signed-off-by: pix106 <sbordenave@gmail.com>
 2024-01-14 17:19:21 +01:00
Alcatraz323
c6e458cf31 sdm660-common: sepolicy: don't do anything on untrusted_app 
Add untrusted_app_32
 2024-01-14 17:18:54 +01:00
pix106
e7e2b335c0 sdm660-common: sepolicy: drop some dontaudit 2024-01-14 17:18:17 +01:00
Alcatraz323
0726c25be8 sdm660-common: correct fs inlinecrypt & label metadata context 
* As https://source.android.com/docs/security/features/encryption/file-based said emmc_optimized is a inlinecrypt flavor and can only be applied on emmc 5.2 device which has not been released yet
* Apparently Xiaomi 660 is launched with emmc 5.1 5 years ago and never met the 5.2 spec
* Now really enables inlinecrypt hardware by adding it in mnt_flags
* Use AOSP recommended inlinecrypt_optimized
* Use lazytime for reducing meaningless io
* Label metadata partition

(pix106) i use logdump partition for metadata, not cust

Signed-off-by: pix106 <sbordenave@gmail.com>
 2024-01-14 17:18:17 +01:00
Alcatraz323
14aa292b1a sdm660-common: sepolicy: don't do anything on untrusted_app 
* allowing any extra permission for "untrustred_app" domain is DANGER
* the "untrustred_app" domain rule should ONLY be defined by aosp
* kill all don't audit except getopt for untrusted_app. it's a tool to show which app are evil, let it show in audit logs

Signed-off-by: pix106 <sbordenave@gmail.com>
 2024-01-14 17:18:17 +01:00
pix106
bfa61a3f25 sdm660-common: Cleanup duplicated build recipe & sepolicy 2024-01-14 17:18:17 +01:00
Jaegeuk Kim
1d9c6314b2 sdm660-common: sepolicy: Allow ioctl to zram_swap for performance 
This fixes permission denied when setting F2FS_PIN_FILE.

[   46.726131] init: [libfs_mgr]Failed to set pin_file for f2fs: /data/per_boot/zram_swap: Permission denied
[   46.726151] init: [libfs_mgr]Failure of zram backing device file for '/dev/block/zram0'
[   46.726341] type=1400 audit(1601025878.312:17): avc: denied { ioctl } for comm="init" path="/data/per_boot/zram_swap" dev="dm-9" ino=4868 ioctlcmd=0xf50d scontext=u:r:init:s0 tcontext=u:object_r:per_boot_file:s0 tclass=file permissive=0

Bug: 169311165
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I982f70556284ac55d659bae6aff93b84d71e67f0
Signed-off-by: pix106 <sbordenave@gmail.com>
 2024-01-14 17:18:17 +01:00
Mimi Wu
29909175c0 sdm660-common: sepolicy: Allow toolbox to rm -rf /data/per_boot 
Bug: 147469156
Test: flash full build and find avc errors gone
Change-Id: I22706c63fb13ea2aae0cd9fe8b92edc578fd459e
Signed-off-by: Mimi Wu <mimiwu@google.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2024-01-14 17:18:17 +01:00
Mimi Wu
d593cf85dd sdm660-common: sepolicy: Allow kernel to access /data/per_boot/zram_swap 
type=1400 audit(1581485243.256:88): avc: denied { read } for comm="loop29" path="/data/per_boot/zram_swap" dev="dm-9" ino=9820 scontext=u:r:kernel:s0 tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0

Bug: 147469156
Test: flash full build and find avc errors gone
Change-Id: I48d7684ce3b4ca1ada81011b1cab21007c758ba5
Signed-off-by: Mimi Wu <mimiwu@google.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2024-01-14 17:18:17 +01:00
Alcatraz323
e2a76a940f sdm660-common: sepolicy: fix denial for cnss_daemon update 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2024-01-14 17:18:17 +01:00
Alcatraz323
66b12de781 sdm660-common: CloverParts: sepolicy change from "clover: sepolicy: address bunch of denials" 
f2c0736e1d
 2023-08-22 08:45:13 +02:00
Alcatraz323
9ab5292b0b sdm660-common: introduce my simple battery management system 
* settings page located in Settings -> Battery
* soc-based step charger, jeita thermal charger switch (also done something in kernel)
* add a mode for user always connected with chagrging cable to limit battery around 40% - 60%
* add a switch for user to limit max charge at around 80%

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:45:13 +02:00
Alcatraz323
3bf23bb2d7 sdm660-common: sepolicy: allow system_app to access hall_dev 
* 08-12 22:43:25.794  1674  1674 W settings.device: type=1400 audit(0.0:7): avc: denied { search } for name="parameters" dev="sysfs" ino=21188 scontext=u:r:system_app:s0 tcontext=u:object_r:hall_dev:s0 tclass=dir permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:45:13 +02:00
pix106
1043c5332c Revert "sdm660-common: sepolicy: let camera hal access system_data_file" 
This reverts commit a6984f5866.
 2023-08-22 08:44:53 +02:00
pix106
62e1438a10 Revert "sdm660-common: sepolicy: address qti_init_shell proc_watermark_scale_factor denials" 
This reverts commit fa6dfc8c13.
 2023-08-22 08:44:53 +02:00
Alcatraz323
b8666f9e93 sdm660-common: sepolicy: reset QTI USB sepolicy to legacy ported version 
* defined in July -> 8a6b2a503a

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:44:53 +02:00
pix106
345d455797 Revert "sdm660-common: sepolicy: address hal_usb_default sysfs_battery_supply denial" 
This reverts commit b8fad83343.
 2023-08-22 08:44:53 +02:00
pix106
a8a14b55c8 sdm660-common: sepolicy: cleaning (duplicate permissions, move file from subdir) 2023-08-22 08:44:53 +02:00
Alcatraz323
68c470f248 sdm660-common: sepolicy: address bunch of denials 
* suppress bunch of capability denials, they are harmless and managed by aosp, if it should be fixed, aosp will do
* correct some typo

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:44:53 +02:00
Alcatraz323
713803ed1d sdm660-common: sepolicy: add CloverTenInchFrameworksPowerOverlay sepolicy 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:44:53 +02:00
pix106
fdf5e9ee02 sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop 
This reverts commit 9b57c96055df0d86b029249c63b23a89f9cc1b4e.
 2023-08-22 08:44:53 +02:00
Alcatraz323
5e4faf510c sdm660-common: proprietary: update CNE, DPM, IMS, QMI, RIL blobs 
* LA.QSSI.13.0.r1-09700-qssi.0
* Honeywell/hon660/hon660:12/94.00.03/0037:user/release-keys
* sync Hidl manifest version with Hon660 and S62 Pro
* build hostapd_cli(though Android GUI interface does not need this to manage the ap client, we may want to control them from the shell, maybe)
* remove rmt_storage, tftp_server from rootdir script, they are self contained now
* the vendor.qti.tftp.rc is patched with 782ab1966f
* fix cnd denial

Co-authored-by: 1582130940 <1582130940@qq.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:44:53 +02:00
Alcatraz323
acc5b5cbb5 sdm660-common: proprietary: update Mlipay, HotwordEnrollment blobs 
* mlipay from lavender QKQ1.190910.002 V12.5.7.0.QFGCNXM
* HotwordEnrollment from blueline-user 12 SP1A.210812.016.C2 8618562 release-keys
* add hotwordenrollment section title
* in order to make a no patched mlipay service, build mtdservice@1.0 hidl interface(not used anyway)

Co-authored-by: 1582130940 <1582130940@qq.com>
Co-authored-by: Sebastiano Barezzi <seba@sebaubuntu.dev>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:44:53 +02:00
pix106
4c3df924f1 Revert "sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop" 
This reverts commit 2b5dfda876.
 2023-08-22 08:44:53 +02:00
Alcatraz323
aa160dff7d sdm660-common: sepolicy: cleanup mismatched file & fix bluetooh, fsck denial 
* fsck_untrusted(fsck.exfat) is for external sd, and access for sysfs is neverallowed

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-08-22 08:44:53 +02:00
AdarshGrewal
e73b904a69 sdm660-common: sepolicy: Address cameraserver denial 
avc: denied { write } for name="property_service" dev="tmpfs" ino=16815 scontext=u:r:cameraserver:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
Shreedhan003
a6984f5866 sdm660-common: sepolicy: let camera hal access system_data_file 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
pix106
a96be03c56 sdm660-common: sepolicy: label MACE_CPP_MIN_VLOG_LEVEL camera prop 2023-06-24 08:20:03 +02:00
pix106
b8fad83343 sdm660-common: sepolicy: address hal_usb_default sysfs_battery_supply denial 2023-06-24 08:20:03 +02:00
Sabar
20fa9c5207 Revert "sdm660-common: drop IFAA/mliplay completely" 
This reverts commit dd6db97ea5.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
Sabar
8f353501a7 Revert "sdm660-common: sepolicy: drop Mlipay sepolicy" 
This reverts commit f5050df60f.

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-06-24 08:20:03 +02:00
pix106
b941e52a77 sdm660-common: sepolicy: drop livedisplay sepolicy rule 2023-05-09 06:36:23 +02:00
sabarop
8c57947a57 sdm660-common: sepolicy: multiple address denials 
Coauthored-by: pix106 <sbordenave@gmail.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-05-09 06:36:23 +02:00
Alcatraz323
7791443f94 sdm660-common: use QTI USB 1.3 HAL 
* follows vendor/qcom/opensource/usb/vendor_product.mk
* enable full usb function
* partially ported sepolicy_vndr

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
Alcatraz323
35342a285f sdm660-common: switch to android.hardware.usb@1.0-service.basic 
* clean up for qti-1.3 working
* staging usb HAL is ACTUALLY SAME as basic 1.0 HAL, totally meaningless

Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
Alcatraz323
e9aa976c93 sdm660-common: sepolicy: address newly discovered denials 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
Alcatraz323
1f8bba423f sdm660-common: sepolicy: address denial for hal_fingerprint_sdm660, hal_light_default 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-04-02 13:44:41 +02:00
sabarop
cb5d34ddf3 sdm660-common: Uprev fp to 2.3 
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-03-23 19:32:12 +01:00
Stylogey
5182be1445 sdm660-common: DeviceSettings: Add USB fastcharge toggle 
Co-authored-by: ronaxdevil <pratabidya.007@gmail.com>
Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Signed-off-by: pix106 <sbordenave@gmail.com>
 2023-03-23 19:32:12 +01:00
pix106
69d628f826 sdm660-common: sepolicy label /data/gf_data/auth_ratio_database.db 2023-03-20 07:18:06 +01:00
pix106
0d4fea2039 sdm660-common: sepolicy: allow init to ptrace hal_fingerprint_sdm660 process 2023-03-20 07:18:06 +01:00
pix106
c742096f56 sdm660-common: sepolicy: dontaudit untrusted_app_30 system_linker_exec execmod 2023-03-20 07:18:06 +01:00
pix106
630b415554 sdm660-common: sepolicy: label gf.debug.whitebox.enabled 2023-01-08 20:28:01 +01:00
pix106
2b5dfda876 sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop 2023-01-08 08:59:27 +01:00
Wilson Chan
e1a20c6dee Revert "sdm660-common: power-libperfmgr: Add Flipendo powerhint" 
- Add sepolicy for dex2oat powerhal props to vendor_power_prop

Test: boot and check powerhint parse logs
Test: enabled extreme battery saver and check scaling_max_freq

[clarencelol]: Adapt to sdm660 freq
 2023-01-04 06:23:15 +01:00
pix106
0fcf8ea137 Revert "sdm660-common: Migrate to Xiaomi power AIDL HAL" 
Revert "sdm660-common: rootdir: Clean part of Unexported properties"
Revert "sdm660-common: power-libperfmgr: Reduce GPU idle timer to 64ms"
 2023-01-04 06:23:14 +01:00
pix106
2cc84ac68d sdm660-common: sepolicy: allow vendor_init to read hal_camera_prop 2022-12-28 18:15:49 +01:00
brunorolak
91d1bdc13e sdm660-common: sepolicy: remove camera duplicates 
Duplicate prefix match detected for 'vendor.camera.skip_unconfigure.packagelist'

Signed-off-by: pix106 <sbordenave@gmail.com>
 2022-12-27 07:38:22 +01:00