android_device_xiaomi_sdm660-common

MiPad4/android_device_xiaomi_sdm660-common

Author	SHA1	Message	Date
Alcatraz323	0726c25be8	sdm660-common: correct fs inlinecrypt & label metadata context * As https://source.android.com/docs/security/features/encryption/file-based said emmc_optimized is a inlinecrypt flavor and can only be applied on emmc 5.2 device which has not been released yet * Apparently Xiaomi 660 is launched with emmc 5.1 5 years ago and never met the 5.2 spec * Now really enables inlinecrypt hardware by adding it in mnt_flags * Use AOSP recommended inlinecrypt_optimized * Use lazytime for reducing meaningless io * Label metadata partition (pix106) i use logdump partition for metadata, not cust Signed-off-by: pix106 <sbordenave@gmail.com>	2024-01-14 17:18:17 +01:00
Alcatraz323	14aa292b1a	sdm660-common: sepolicy: don't do anything on untrusted_app * allowing any extra permission for "untrustred_app" domain is DANGER * the "untrustred_app" domain rule should ONLY be defined by aosp * kill all don't audit except getopt for untrusted_app. it's a tool to show which app are evil, let it show in audit logs Signed-off-by: pix106 <sbordenave@gmail.com>	2024-01-14 17:18:17 +01:00
pix106	bfa61a3f25	sdm660-common: Cleanup duplicated build recipe & sepolicy	2024-01-14 17:18:17 +01:00
Jaegeuk Kim	1d9c6314b2	sdm660-common: sepolicy: Allow ioctl to zram_swap for performance This fixes permission denied when setting F2FS_PIN_FILE. [ 46.726131] init: [libfs_mgr]Failed to set pin_file for f2fs: /data/per_boot/zram_swap: Permission denied [ 46.726151] init: [libfs_mgr]Failure of zram backing device file for '/dev/block/zram0' [ 46.726341] type=1400 audit(1601025878.312:17): avc: denied { ioctl } for comm="init" path="/data/per_boot/zram_swap" dev="dm-9" ino=4868 ioctlcmd=0xf50d scontext=u:r:init:s0 tcontext=u:object_r:per_boot_file:s0 tclass=file permissive=0 Bug: 169311165 Signed-off-by: Jaegeuk Kim <jaegeuk@google.com> Change-Id: I982f70556284ac55d659bae6aff93b84d71e67f0 Signed-off-by: pix106 <sbordenave@gmail.com>	2024-01-14 17:18:17 +01:00
Mimi Wu	29909175c0	sdm660-common: sepolicy: Allow toolbox to rm -rf /data/per_boot Bug: 147469156 Test: flash full build and find avc errors gone Change-Id: I22706c63fb13ea2aae0cd9fe8b92edc578fd459e Signed-off-by: Mimi Wu <mimiwu@google.com> Signed-off-by: pix106 <sbordenave@gmail.com>	2024-01-14 17:18:17 +01:00
Mimi Wu	d593cf85dd	sdm660-common: sepolicy: Allow kernel to access /data/per_boot/zram_swap type=1400 audit(1581485243.256:88): avc: denied { read } for comm="loop29" path="/data/per_boot/zram_swap" dev="dm-9" ino=9820 scontext=u:r:kernel:s0 tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0 Bug: 147469156 Test: flash full build and find avc errors gone Change-Id: I48d7684ce3b4ca1ada81011b1cab21007c758ba5 Signed-off-by: Mimi Wu <mimiwu@google.com> Signed-off-by: pix106 <sbordenave@gmail.com>	2024-01-14 17:18:17 +01:00
Alcatraz323	e2a76a940f	sdm660-common: sepolicy: fix denial for cnss_daemon update Signed-off-by: pix106 <sbordenave@gmail.com>	2024-01-14 17:18:17 +01:00
Alcatraz323	66b12de781	sdm660-common: CloverParts: sepolicy change from "clover: sepolicy: address bunch of denials" `f2c0736e1d`	2023-08-22 08:45:13 +02:00
Alcatraz323	9ab5292b0b	sdm660-common: introduce my simple battery management system * settings page located in Settings -> Battery * soc-based step charger, jeita thermal charger switch (also done something in kernel) * add a mode for user always connected with chagrging cable to limit battery around 40% - 60% * add a switch for user to limit max charge at around 80% Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:45:13 +02:00
Alcatraz323	3bf23bb2d7	sdm660-common: sepolicy: allow system_app to access hall_dev * 08-12 22:43:25.794 1674 1674 W settings.device: type=1400 audit(0.0:7): avc: denied { search } for name="parameters" dev="sysfs" ino=21188 scontext=u:r:system_app:s0 tcontext=u:object_r:hall_dev:s0 tclass=dir permissive=0 Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:45:13 +02:00
pix106	1043c5332c	Revert "sdm660-common: sepolicy: let camera hal access system_data_file" This reverts commit `a6984f5866`.	2023-08-22 08:44:53 +02:00
pix106	62e1438a10	Revert "sdm660-common: sepolicy: address qti_init_shell proc_watermark_scale_factor denials" This reverts commit `fa6dfc8c13`.	2023-08-22 08:44:53 +02:00
Alcatraz323	b8666f9e93	sdm660-common: sepolicy: reset QTI USB sepolicy to legacy ported version * defined in July -> `8a6b2a503a` Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:44:53 +02:00
pix106	345d455797	Revert "sdm660-common: sepolicy: address hal_usb_default sysfs_battery_supply denial" This reverts commit `b8fad83343`.	2023-08-22 08:44:53 +02:00
pix106	a8a14b55c8	sdm660-common: sepolicy: cleaning (duplicate permissions, move file from subdir)	2023-08-22 08:44:53 +02:00
Alcatraz323	68c470f248	sdm660-common: sepolicy: address bunch of denials * suppress bunch of capability denials, they are harmless and managed by aosp, if it should be fixed, aosp will do * correct some typo Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:44:53 +02:00
Alcatraz323	713803ed1d	sdm660-common: sepolicy: add CloverTenInchFrameworksPowerOverlay sepolicy Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:44:53 +02:00
pix106	fdf5e9ee02	sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop This reverts commit 9b57c96055df0d86b029249c63b23a89f9cc1b4e.	2023-08-22 08:44:53 +02:00
Alcatraz323	5e4faf510c	sdm660-common: proprietary: update CNE, DPM, IMS, QMI, RIL blobs * LA.QSSI.13.0.r1-09700-qssi.0 * Honeywell/hon660/hon660:12/94.00.03/0037:user/release-keys * sync Hidl manifest version with Hon660 and S62 Pro * build hostapd_cli(though Android GUI interface does not need this to manage the ap client, we may want to control them from the shell, maybe) * remove rmt_storage, tftp_server from rootdir script, they are self contained now * the vendor.qti.tftp.rc is patched with `782ab1966f` * fix cnd denial Co-authored-by: 1582130940 <1582130940@qq.com> Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:44:53 +02:00
Alcatraz323	acc5b5cbb5	sdm660-common: proprietary: update Mlipay, HotwordEnrollment blobs * mlipay from lavender QKQ1.190910.002 V12.5.7.0.QFGCNXM * HotwordEnrollment from blueline-user 12 SP1A.210812.016.C2 8618562 release-keys * add hotwordenrollment section title * in order to make a no patched mlipay service, build mtdservice@1.0 hidl interface(not used anyway) Co-authored-by: 1582130940 <1582130940@qq.com> Co-authored-by: Sebastiano Barezzi <seba@sebaubuntu.dev> Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:44:53 +02:00
pix106	4c3df924f1	Revert "sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop" This reverts commit `2b5dfda876`.	2023-08-22 08:44:53 +02:00
Alcatraz323	aa160dff7d	sdm660-common: sepolicy: cleanup mismatched file & fix bluetooh, fsck denial * fsck_untrusted(fsck.exfat) is for external sd, and access for sysfs is neverallowed Signed-off-by: pix106 <sbordenave@gmail.com>	2023-08-22 08:44:53 +02:00
AdarshGrewal	e73b904a69	sdm660-common: sepolicy: Address cameraserver denial avc: denied { write } for name="property_service" dev="tmpfs" ino=16815 scontext=u:r:cameraserver:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 Signed-off-by: pix106 <sbordenave@gmail.com>	2023-06-24 08:20:03 +02:00
Shreedhan003	a6984f5866	sdm660-common: sepolicy: let camera hal access system_data_file Signed-off-by: pix106 <sbordenave@gmail.com>	2023-06-24 08:20:03 +02:00
pix106	a96be03c56	sdm660-common: sepolicy: label MACE_CPP_MIN_VLOG_LEVEL camera prop	2023-06-24 08:20:03 +02:00
pix106	b8fad83343	sdm660-common: sepolicy: address hal_usb_default sysfs_battery_supply denial	2023-06-24 08:20:03 +02:00
Sabar	20fa9c5207	Revert "sdm660-common: drop IFAA/mliplay completely" This reverts commit `dd6db97ea5`. Signed-off-by: pix106 <sbordenave@gmail.com>	2023-06-24 08:20:03 +02:00
Sabar	8f353501a7	Revert "sdm660-common: sepolicy: drop Mlipay sepolicy" This reverts commit `f5050df60f`. Signed-off-by: pix106 <sbordenave@gmail.com>	2023-06-24 08:20:03 +02:00
pix106	b941e52a77	sdm660-common: sepolicy: drop livedisplay sepolicy rule	2023-05-09 06:36:23 +02:00
sabarop	8c57947a57	sdm660-common: sepolicy: multiple address denials Coauthored-by: pix106 <sbordenave@gmail.com> Signed-off-by: pix106 <sbordenave@gmail.com>	2023-05-09 06:36:23 +02:00
Alcatraz323	7791443f94	sdm660-common: use QTI USB 1.3 HAL * follows vendor/qcom/opensource/usb/vendor_product.mk * enable full usb function * partially ported sepolicy_vndr Signed-off-by: pix106 <sbordenave@gmail.com>	2023-04-02 13:44:41 +02:00
Alcatraz323	35342a285f	sdm660-common: switch to android.hardware.usb@1.0-service.basic * clean up for qti-1.3 working * staging usb HAL is ACTUALLY SAME as basic 1.0 HAL, totally meaningless Signed-off-by: pix106 <sbordenave@gmail.com>	2023-04-02 13:44:41 +02:00
Alcatraz323	e9aa976c93	sdm660-common: sepolicy: address newly discovered denials Signed-off-by: pix106 <sbordenave@gmail.com>	2023-04-02 13:44:41 +02:00
Alcatraz323	1f8bba423f	sdm660-common: sepolicy: address denial for hal_fingerprint_sdm660, hal_light_default Signed-off-by: pix106 <sbordenave@gmail.com>	2023-04-02 13:44:41 +02:00
sabarop	cb5d34ddf3	sdm660-common: Uprev fp to 2.3 Signed-off-by: pix106 <sbordenave@gmail.com>	2023-03-23 19:32:12 +01:00
Stylogey	5182be1445	sdm660-common: DeviceSettings: Add USB fastcharge toggle Co-authored-by: ronaxdevil <pratabidya.007@gmail.com> Signed-off-by: clarencelol <clarencekuiek@icloud.com> Signed-off-by: pix106 <sbordenave@gmail.com>	2023-03-23 19:32:12 +01:00
pix106	69d628f826	sdm660-common: sepolicy label /data/gf_data/auth_ratio_database.db	2023-03-20 07:18:06 +01:00
pix106	0d4fea2039	sdm660-common: sepolicy: allow init to ptrace hal_fingerprint_sdm660 process	2023-03-20 07:18:06 +01:00
pix106	c742096f56	sdm660-common: sepolicy: dontaudit untrusted_app_30 system_linker_exec execmod	2023-03-20 07:18:06 +01:00
pix106	630b415554	sdm660-common: sepolicy: label gf.debug.whitebox.enabled	2023-01-08 20:28:01 +01:00
pix106	2b5dfda876	sdm660-common: sepolicy: allow hal_capabilityconfigstore_qti_default access to vendor_cap_configstore_dbg_prop	2023-01-08 08:59:27 +01:00
Wilson Chan	e1a20c6dee	Revert "sdm660-common: power-libperfmgr: Add Flipendo powerhint" - Add sepolicy for dex2oat powerhal props to vendor_power_prop Test: boot and check powerhint parse logs Test: enabled extreme battery saver and check scaling_max_freq [clarencelol]: Adapt to sdm660 freq	2023-01-04 06:23:15 +01:00
pix106	0fcf8ea137	Revert "sdm660-common: Migrate to Xiaomi power AIDL HAL" Revert "sdm660-common: rootdir: Clean part of Unexported properties" Revert "sdm660-common: power-libperfmgr: Reduce GPU idle timer to 64ms"	2023-01-04 06:23:14 +01:00
pix106	2cc84ac68d	sdm660-common: sepolicy: allow vendor_init to read hal_camera_prop	2022-12-28 18:15:49 +01:00
brunorolak	91d1bdc13e	sdm660-common: sepolicy: remove camera duplicates Duplicate prefix match detected for 'vendor.camera.skip_unconfigure.packagelist' Signed-off-by: pix106 <sbordenave@gmail.com>	2022-12-27 07:38:22 +01:00
Bruno Martins	71c49fcc8c	sdm660-common: Migrate to Xiaomi power AIDL HAL Change-Id: I42170d51a517170b58d532addd9c38496e43457c jasmine_sprout: Remove QTI perfd Bug: 69270928 Test: Build and boot device and test camera Change-Id: I87b283206f462fb5c8ec9cdd303ae2934fe9bfc4 jasmine_sprout: Declare BOARD_VENDOR * Needed for xiaomi-perfmgr power AIDL guards Change-Id: Idbb48e0f9b01090a456ad5d3f2d51f4dfab55672 jasmine_sprout: Create dummy libqti-perfd-client * proprietary perfd blobs can finally be nuked without breaking goodix * we could even map the functions to use libperfmgr powerhints in the future [SebaUbuntu]: Cleanup Android.bp and add copyright header Change-Id: I124652f3041761966a3e3bd97c757fecc39cc5fb jasmine_sprout: libqti-perfd-client: Remove namespace declaration It's pointless when using extern "C". Change-Id: Ibdf9f06a70aa3a75687b33781c78cf2172bb334d jasmine_sprout: libqti-perfd-client: return a dummy value Return a positive integer for perf lock acquire and release so that Goodix/FPC fingerprint sensor blobs will not complain. Goodix: E [goodixHAL][gf_hal_milan_f_series]: goodix_perf_lock_acquire: Failed to acquire perf lock, err: 0 E [goodixHAL][gf_hal_milan_f_series]: goodix_perf_lock_release: Perf lock release error 0 FPC: E fpc_tac : fpc_perf_lock_acquire: Incorrect params, Failed to acquire perf lock, err E fpc_tac : fpc_perf_lock_release: Perf lock release error 0 Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com> Change-Id: I861672e9a738c2204755d802670f4b28b662f286 jasmine_sprout: libqti-perfd-client: Move to C * Why bothering with C++ mangling when we can just build it as a standard C library? Change-Id: I45ea977edf7ea7fab6fece76f3049654a8d24c5d jasmine_sprout: Add powerhint.json jasmine Change-Id: If270fc906fd833bb6b0d3b00621c0b079346e47d jasmine_sprout: rootdir: Initial libperfmgr init config * From coral, heavily stripped down Change-Id: Ib6846e4f4f23baf56910d2330e26846b99830218 jasmine_sprout: sepolicy: Initial libperfmgr sepolicy Change-Id: I3d0a259bc89b4ecd0bf1632199172710d98230e0 jasmine_sprout: Don't explicitly build older minor version HIDL libs Change-Id: Ib0caa49054a79b1f01ffc751826286a29c642e06 jasmine_sprout: Remove QTI perf reminants jasmine_sprout: Add back ro.vendor.extension_library definition * We aren't using QCOM's perfd but our blobs still check for this. * To avoid unnecessary errors, let's just add it back. Change-Id: Icc44b330f21a658cfa8ded691a6628d8f62c3649 Signed-off-by: pix106 <sbordenave@gmail.com>	2022-12-27 07:34:56 +01:00
Sebastiano Barezzi	c8d924ba0a	sdm660-common: Move to common Xiaomi lights AIDL Change-Id: Icb3bb31ebad01519b91a6d41b47e1b57e1ac84e1 Signed-off-by: pix106 <sbordenave@gmail.com>	2022-12-22 04:56:20 +01:00
pix106	aa76e60586	sdm660-common: sepolicy: allow zygote to search vendor_framework_file type=1400 audit(0.0:55): avc: denied { search } for name="framework" dev="mmcblk0p14" ino=1094 scontext=u:r:zygote:s0 tcontext=u:object_r:vendor_framework_file:s0 tclass=dir permissive=0	2022-12-22 04:56:20 +01:00
7Soldier	9aeebe4081	sdm660-common: sepolicy: Dontaudit crash_dump init ptrace denial Signed-off-by: 7Soldier <reg.fm4@gmail.com> Signed-off-by: pix106 <sbordenave@gmail.com>	2022-12-22 04:56:20 +01:00
romgharti	b374e4b4bc	sdm660-commoy: sepolicy: Adress isolated_app denial avc: denied { find } for pid=5488 uid=90000 name=content_capture scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=0 Signed-off-by: pix106 <sbordenave@gmail.com>	2022-12-22 04:56:20 +01:00

1 2 3 4 5 ...

307 commits