psmattas/device_oneplus_sm7250-common
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

sdm845-common: Start using vendor_overlay

Browse Source 
* This lets us override files in /vendor without
  relying on bind mounts ^.^

Change-Id: Ib0b173682a48836aeac97e2c3691176a44f13aab
This commit is contained in:
LuK1337
2019-09-20 16:18:41 +02:00
parent 105677e43e
commit 60d417a52f
14 changed files with 65 additions and 70 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sepolicy/private/audioserver.te
View File

@@ -1,2 +0,0 @@
# Allow audioserver to read system_configs_file
allow audioserver system_configs_file:file r_file_perms;

3
sepolicy/private/file.te
View File

@@ -18,6 +18,3 @@ type sysfs_oem, sysfs_type, fs_type;
# data
type display_misc_file, file_type, data_file_type, core_data_file_type;
# system
type system_configs_file, system_file_type, file_type;

9
sepolicy/private/file_contexts
View File

@@ -12,11 +12,8 @@
# Files in sysfs
/sys/devices/platform/soc/soc:goodix_fp/proximity_state u:object_r:sysfs_fpc_proximity:s0
# Audio
/system/etc/audio_policy_configuration.xml u:object_r:system_configs_file:s0
# HALs
/system/bin/hw/android\.hardware\.light@2\.0-service\.oneplus_sdm845 u:object_r:hal_light_sdm845_exec:s0
/(product|system/product)/vendor_overlay/[0-9]+/bin/hw/android\.hardware\.light@2\.0-service u:object_r:hal_light_default_exec:s0
/system/bin/hw/lineage\.biometrics\.fingerprint\.inscreen@1.0-service\.oneplus_fajita u:object_r:hal_fod_sdm845_exec:s0
/system/bin/hw/lineage\.livedisplay@2\.0-service\.oneplus_sdm845 u:object_r:hal_livedisplay_sdm845_exec:s0
/system/bin/hw/lineage\.touch@1\.0-service\.oneplus_sdm845 u:object_r:hal_touch_sdm845_exec:s0
@@ -27,3 +24,7 @@
# tri-state-key
/system/bin/tri-state-key_daemon u:object_r:tri-state-key_daemon_exec:s0
# Vendor overlay
/(product|system/product)/vendor_overlay/[0-9]+/etc(/.*)? u:object_r:vendor_configs_file:s0
/(product|system/product)/vendor_overlay/[0-9]+/lib(64)?/hw u:object_r:vendor_hal_file:s0

1
sepolicy/private/hal_light.te Normal file
View File

@@ -0,0 +1 @@
allow hal_light sysfs_oem:file getattr;

20
sepolicy/private/hal_light_sdm845.te
View File

@@ -1,20 +0,0 @@
type hal_light_sdm845, coredomain, domain;
# Allow a base set of permissions required for a domain to offer a
# HAL implementation of the specified type over HwBinder.
typeattribute hal_light_sdm845 halserverdomain;
typeattribute hal_light_sdm845 hal_light_server;
# HwBinder IPC from client to server, and callbacks
binder_call(hal_light_client, hal_light_server)
binder_call(hal_light_server, hal_light_client)
add_hwservice(hal_light_server, hal_light_hwservice)
allow hal_light_client hal_light_hwservice:hwservice_manager find;
type hal_light_sdm845_exec, system_file_type, exec_type, file_type;
init_daemon_domain(hal_light_sdm845)
allow hal_light_sdm845 { sysfs_graphics sysfs_oem }:lnk_file read;
allow hal_light_sdm845 { sysfs_graphics sysfs_oem }:file rw_file_perms;
allow hal_light_sdm845 { sysfs_graphics sysfs_leds sysfs_oem }:dir r_dir_perms;

2
sepolicy/private/init.te
View File

@@ -2,7 +2,7 @@
allow init { system_file vendor_file }:file mounton;
# Allow init to mount vendor configs
allow init { system_configs_file vendor_configs_file }:file mounton;
allow init vendor_configs_file:dir mounton;
# Allow init to chown/chmod on pseudo files in /sys
allow init {