diff options
| author | Linux Build Service Account <lnxbuild@localhost> | 2021-12-13 00:20:16 -0800 |
|---|---|---|
| committer | Linux Build Service Account <lnxbuild@localhost> | 2021-12-13 00:20:16 -0800 |
| commit | fd48b697b7f52d5a6a76043dbd14c87b0473a731 (patch) | |
| tree | 31408d15e9076242dd294d156e1d3ad34594cc00 | |
| parent | dc1d778ee859df453f9354cdae1d4364cc6d68df (diff) | |
| parent | 02950739e3602a76f464dfc27ac5deb2b2bd2ddc (diff) | |
Merge 02950739e3602a76f464dfc27ac5deb2b2bd2ddc on remote branch
Change-Id: I918f7a3eeff334cd4b5363e91aec41cadcbbd390
| -rw-r--r-- | legacy/vendor/common/hal_secure_element_default.te | 3 | ||||
| -rw-r--r-- | legacy/vendor/common/location_app.te | 3 | ||||
| -rw-r--r-- | legacy/vendor/common/property.te | 154 | ||||
| -rw-r--r-- | legacy/vendor/common/qti_logkit_app.te | 4 | ||||
| -rwxr-xr-x | legacy/vendor/common/recovery.te | 1 | ||||
| -rw-r--r-- | legacy/vendor/common/system_app.te | 4 | ||||
| -rw-r--r-- | legacy/vendor/test/property.te | 6 | ||||
| -rw-r--r-- | qva/vendor/atoll/genfs_contexts | 4 | ||||
| -rw-r--r-- | qva/vendor/common/hal_secure_element_default.te | 3 | ||||
| -rw-r--r-- | qva/vendor/common/wcnss_service.te | 7 | ||||
| -rw-r--r-- | qva/vendor/test/property.te | 6 |
11 files changed, 103 insertions, 92 deletions
diff --git a/legacy/vendor/common/hal_secure_element_default.te b/legacy/vendor/common/hal_secure_element_default.te index 11b5ee33..4e665002 100644 --- a/legacy/vendor/common/hal_secure_element_default.te +++ b/legacy/vendor/common/hal_secure_element_default.te @@ -30,3 +30,6 @@ hal_client_domain(hal_secure_element_default, hal_esepowermanager) #Allow access to the qteeconnector hal_client_domain(hal_secure_element_default, vendor_hal_qteeconnector) + +# Allow secure-element HAL to retrieve NFC vendor properties +get_prop(hal_secure_element_default, nfc_nq_prop) diff --git a/legacy/vendor/common/location_app.te b/legacy/vendor/common/location_app.te index 104c78fe..116ca31b 100644 --- a/legacy/vendor/common/location_app.te +++ b/legacy/vendor/common/location_app.te @@ -26,7 +26,6 @@ # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. hal_client_domain(vendor_location_app, hal_perf) -qmux_socket(vendor_location_app) #Permissions for JDWP userdebug_or_eng(` @@ -54,4 +53,4 @@ allow vendor_location_app radio_service:service_manager find; allowxperm vendor_location_app self:socket ioctl msm_sock_ipc_ioctls; allow vendor_location_app self:qipcrtr_socket create_socket_perms_no_ioctl; allow vendor_location_app sysfs_data:file r_file_perms; -unix_socket_connect(vendor_location_app, vendor_dpmtcm, vendor_dpmd)
\ No newline at end of file +unix_socket_connect(vendor_location_app, vendor_dpmtcm, vendor_dpmd) diff --git a/legacy/vendor/common/property.te b/legacy/vendor/common/property.te index bd556973..49a50027 100644 --- a/legacy/vendor/common/property.te +++ b/legacy/vendor/common/property.te @@ -26,160 +26,160 @@ # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. # property for uicc_daemon -type qcom_ims_prop, property_type; -type ctl_vendor_qmuxd_prop, property_type; -type ctl_vendor_netmgrd_prop, property_type; -type ctl_vendor_port-bridge_prop, property_type; -type ctl_qcrild_prop, property_type; -type vendor_tee_listener_prop, property_type; -type ctl_vendor_rild_prop, property_type; +vendor_restricted_prop(qcom_ims_prop) +vendor_internal_prop(ctl_vendor_qmuxd_prop) +vendor_internal_prop(ctl_vendor_netmgrd_prop) +vendor_internal_prop(ctl_vendor_port-bridge_prop) +vendor_internal_prop(ctl_qcrild_prop) +vendor_restricted_prop(vendor_tee_listener_prop) +vendor_internal_prop(ctl_vendor_rild_prop) # property for LKCore ctl start -type ctl_LKCore_prop, property_type; - -type freq_prop, property_type; -type vendor_vm_bms_prop, property_type; #To start vm_bms -type vendor_dataqti_prop, property_type; -type vendor_dataadpl_prop, property_type; -type vendor_dataqdp_prop, property_type; -type vendor_ipacm_prop, property_type; -type vendor_ipacm-diag_prop, property_type; -type cnd_vendor_prop, property_type; -type sensors_prop, property_type; -type slpi_prop, property_type; -type vendor_msm_irqbalance_prop, property_type; -type vendor_msm_irqbl_sdm630_prop, property_type; -type camera_prop, property_type; -type spcomlib_prop, property_type; -type vendor_display_prop, property_type; -type scr_enabled_prop, property_type; -type bg_daemon_prop, property_type; -type bg_boot_complete_prop, property_type; -type vendor_opengles_prop, property_type; -type vendor_mdm_helper_prop, property_type; -type vendor_mpctl_prop, property_type; -type vendor_iop_prop, property_type; -type public_vendor_default_prop, property_type; +vendor_restricted_prop(ctl_LKCore_prop) + +vendor_internal_prop(freq_prop) +vendor_internal_prop(vendor_vm_bms_prop) #To start vm_bms +vendor_internal_prop(vendor_dataqti_prop) +vendor_internal_prop(vendor_dataadpl_prop) +vendor_internal_prop(vendor_dataqdp_prop) +vendor_internal_prop(vendor_ipacm_prop) +vendor_internal_prop(vendor_ipacm-diag_prop) +vendor_restricted_prop(cnd_vendor_prop) +vendor_internal_prop(sensors_prop) +vendor_restricted_prop(slpi_prop) +vendor_internal_prop(vendor_msm_irqbalance_prop) +vendor_internal_prop(vendor_msm_irqbl_sdm630_prop) +vendor_restricted_prop(camera_prop) +vendor_internal_prop(spcomlib_prop) +vendor_restricted_prop(vendor_display_prop) +vendor_restricted_prop(scr_enabled_prop) +vendor_restricted_prop(bg_daemon_prop) +vendor_restricted_prop(bg_boot_complete_prop) +vendor_restricted_prop(vendor_opengles_prop) +vendor_internal_prop(vendor_mdm_helper_prop) +vendor_restricted_prop(vendor_mpctl_prop) +vendor_restricted_prop(vendor_iop_prop) +vendor_restricted_prop(public_vendor_default_prop) #Scroll Pre-obtain -type vendor_scroll_prop, property_type; +vendor_restricted_prop(vendor_scroll_prop) # properties for ActivityManager tuning -type vendor_am_prop, property_type; +vendor_restricted_prop(vendor_am_prop) #Needed for ubwc support -type vendor_gralloc_prop, property_type; +vendor_restricted_prop(vendor_gralloc_prop) -type fm_prop, property_type; -type chgdiabled_prop, property_type; +vendor_restricted_prop(fm_prop) +vendor_restricted_prop(chgdiabled_prop) vendor_restricted_prop(vendor_xlat_prop); # property for location -type location_prop, property_type; +vendor_internal_prop(location_prop) #properites for init.qcom.sh script -type vendor_usb_prop, property_type; +vendor_internal_prop(vendor_usb_prop) -type vendor_coresight_prop, property_type; +vendor_restricted_prop(vendor_coresight_prop) -type vendor_alarm_boot_prop, property_type; +vendor_restricted_prop(vendor_alarm_boot_prop) -type vendor_wifi_ftmd_prop, property_type; +vendor_restricted_prop(vendor_wifi_ftmd_prop) # WIGIG -type vendor_wigig_prop, property_type; -type ctl_vendor_wigigsvc_prop, property_type; +vendor_internal_prop(vendor_wigig_prop) +vendor_internal_prop(ctl_vendor_wigigsvc_prop) #HWUI property -type hwui_prop, property_type; +vendor_restricted_prop(hwui_prop) -type graphics_vulkan_prop, property_type; +vendor_restricted_prop(graphics_vulkan_prop) #cgroup follow -type vendor_cgroup_follow_prop, property_type; +vendor_restricted_prop(vendor_cgroup_follow_prop) #Bservice property -type bservice_prop, property_type; +vendor_restricted_prop(bservice_prop) #Delayed Service Reschedule property -type reschedule_service_prop, property_type; +vendor_restricted_prop(reschedule_service_prop) #boot mode property -type vendor_boot_mode_prop, property_type; +vendor_internal_prop(vendor_boot_mode_prop) #properties for nfc -type nfc_nq_prop, property_type; +vendor_restricted_prop(nfc_nq_prop) -type vendor_rild_libpath_prop, property_type; +vendor_internal_prop(vendor_rild_libpath_prop) #Peripheral manager -type vendor_per_mgr_state_prop, property_type; +vendor_restricted_prop(vendor_per_mgr_state_prop) -type vendor_system_prop, property_type; +vendor_internal_prop(vendor_system_prop) # Bluetooth props -type vendor_bluetooth_prop, property_type; +vendor_restricted_prop(vendor_bluetooth_prop) # HBTP -type ctl_vendor_hbtp_prop, property_type; +vendor_internal_prop(ctl_vendor_hbtp_prop) # factory properties -type ctl_vendor_mmid_prop, property_type; +vendor_internal_prop(ctl_vendor_mmid_prop) #qcc property -#type vendor_qdma_prop, property_type; +#vendor_internal_prop(vendor_qdma_prop) vendor_public_prop(vendor_qcc_prop); #imsrcsservice -type ctl_vendor_imsrcsservice_prop, property_type; +vendor_restricted_prop(ctl_vendor_imsrcsservice_prop) #mmi -type vendor_mmi_prop, property_type; +vendor_internal_prop(vendor_mmi_prop) #time service -type vendor_time_service_prop, property_type; -type vendor_radio_prop, property_type; +vendor_internal_prop(vendor_time_service_prop) +vendor_restricted_prop(vendor_radio_prop) # Audio props -type vendor_audio_prop, property_type; +vendor_restricted_prop(vendor_audio_prop) # Audio debug props -type vendor_audio_debug_prop, property_type; +vendor_internal_prop(vendor_audio_debug_prop) #ss-restart -type vendor_ssr_prop, property_type; +vendor_internal_prop(vendor_ssr_prop) #ss-services (PD) -type vendor_pd_locater_dbg_prop, property_type; +vendor_internal_prop(vendor_pd_locater_dbg_prop) #qdcmss property -type vendor_qdcmss_prop, property_type; +vendor_internal_prop(vendor_qdcmss_prop) # Wifi Softap -type vendor_softap_prop, property_type; +vendor_restricted_prop(vendor_softap_prop) #mm-video -type vendor_video_prop, property_type; +vendor_restricted_prop(vendor_video_prop) #qtccconnector -type vendor_qteeconnector_opti_prop, property_type; +vendor_internal_prop(vendor_qteeconnector_opti_prop) #rmt_storage -type ctl_vendor_rmt_storage_prop, property_type; +vendor_internal_prop(ctl_vendor_rmt_storage_prop) -type vendor_gpu_prop, property_type; +vendor_restricted_prop(vendor_gpu_prop) -type vendor_data_ko_prop, property_type; +vendor_internal_prop(vendor_data_ko_prop) #hvdcp_opti -type hvdcp_opti_prop, property_type; +vendor_internal_prop(hvdcp_opti_prop) #adsprpc props -type adsprpc_prop, property_type; +vendor_restricted_prop(adsprpc_prop) #qvr property -type qvr_prop, property_type; +vendor_restricted_prop(qvr_prop) #capabilityconfigstore hal (CCHAL) -type vendor_cap_configstore_dbg_prop, property_type; +vendor_internal_prop(vendor_cap_configstore_dbg_prop) diff --git a/legacy/vendor/common/qti_logkit_app.te b/legacy/vendor/common/qti_logkit_app.te index 0e1e00a2..94e4ab39 100644 --- a/legacy/vendor/common/qti_logkit_app.te +++ b/legacy/vendor/common/qti_logkit_app.te @@ -48,8 +48,8 @@ userdebug_or_eng(` r_dir_file(qti_logkit_app, firmware_file); # Access to tombstone segfaults - allow qti_logkit_app tombstone_data_file:dir r_dir_perms; - allow qti_logkit_app tombstone_data_file:file r_file_perms; + allow qti_logkit_app vendor_tombstone_data_file:dir r_dir_perms; + allow qti_logkit_app vendor_tombstone_data_file:file r_file_perms; diag_use(qti_logkit_app) ') diff --git a/legacy/vendor/common/recovery.te b/legacy/vendor/common/recovery.te index 04caa3f0..90f0ad59 100755 --- a/legacy/vendor/common/recovery.te +++ b/legacy/vendor/common/recovery.te @@ -50,6 +50,5 @@ recovery_only(` # Enable adb on configfs devices allow recovery configfs:file rw_file_perms; allow recovery configfs:dir rw_dir_perms; - set_prop(recovery, ffs_prop); get_prop(recovery, vendor_boot_mode_prop) ') diff --git a/legacy/vendor/common/system_app.te b/legacy/vendor/common/system_app.te index 5615e00c..6feb0082 100644 --- a/legacy/vendor/common/system_app.te +++ b/legacy/vendor/common/system_app.te @@ -38,8 +38,8 @@ userdebug_or_eng(` allow system_app su:unix_dgram_socket sendto; # Access to tombstone segfaults - allow system_app tombstone_data_file:dir r_dir_perms; - allow system_app tombstone_data_file:file r_file_perms; + allow system_app vendor_tombstone_data_file:dir r_dir_perms; + allow system_app vendor_tombstone_data_file:file r_file_perms; diag_use(system_app) ') diff --git a/legacy/vendor/test/property.te b/legacy/vendor/test/property.te index cc8c8731..3b8838de 100644 --- a/legacy/vendor/test/property.te +++ b/legacy/vendor/test/property.te @@ -24,10 +24,10 @@ # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -type sensors_dbg_prop, property_type; +vendor_restricted_prop(sensors_dbg_prop); #WiFi Display -type wfd_vendor_debug_prop, property_type; +vendor_restricted_prop(wfd_vendor_debug_prop); #debugutils HAL -type vendor_dbg_brkpoint_prop, property_type; +vendor_restricted_prop(vendor_dbg_brkpoint_prop); diff --git a/qva/vendor/atoll/genfs_contexts b/qva/vendor/atoll/genfs_contexts index 4d065211..8315dcbf 100644 --- a/qva/vendor/atoll/genfs_contexts +++ b/qva/vendor/atoll/genfs_contexts @@ -72,8 +72,8 @@ genfscon sysfs /devices/platform/soc/a8c000.i2c/i2c-2/2-000c/a8c000.i2c:qcom,smb genfscon sysfs /devices/platform/soc/a8c000.i2c/i2c-2/2-0008/a8c000.i2c:qcom,smb1355@8:qcom,smb1355-charger@1000/power_supply/parallel/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/soc/a8c000.i2c/i2c-2/2-0010/a8c000.i2c:qcom,smb1390@10:qcom,charge_pump/power_supply/charge_pump_master/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/soc/88c000.i2c/i2c-2/2-0010/88c000.i2c:qcom,smb1390@10:qcom,charge_pump/power_supply/charge_pump_master/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-04/c440000.qcom,spmi:qcom,pm6150l@4:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup::s0 -genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-00/c440000.qcom,spmi:qcom,pm6150@0:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup::s0 +genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-04/c440000.qcom,spmi:qcom,pm6150l@4:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-00/c440000.qcom,spmi:qcom,pm6150@0:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0 # subsys SSR entries genfscon sysfs /devices/platform/soc/62400000.qcom,lpass/subsys0/name u:object_r:vendor_sysfs_ssr:s0 diff --git a/qva/vendor/common/hal_secure_element_default.te b/qva/vendor/common/hal_secure_element_default.te index 9210a560..eab16566 100644 --- a/qva/vendor/common/hal_secure_element_default.te +++ b/qva/vendor/common/hal_secure_element_default.te @@ -30,3 +30,6 @@ hal_client_domain(hal_secure_element_default, vendor_hal_esepowermanager) allow hal_secure_element_default vendor_secure_element_vendor_data_file:dir rw_dir_perms; allow hal_secure_element_default vendor_secure_element_vendor_data_file:file create_file_perms; + +# Allow secure-element HAL to retrieve NFC vendor properties +get_prop(hal_secure_element_default, vendor_nfc_nq_prop) diff --git a/qva/vendor/common/wcnss_service.te b/qva/vendor/common/wcnss_service.te index 46a9f323..7b68a048 100644 --- a/qva/vendor/common/wcnss_service.te +++ b/qva/vendor/common/wcnss_service.te @@ -32,3 +32,10 @@ unix_socket_connect(vendor_wcnss_service, vendor_wigignpt, vendor_wigignpt) allow vendor_wcnss_service self:capability net_admin; allow vendor_wcnss_service kmsg_device:chr_file { write open }; allow vendor_wcnss_service proc_net:file read; + +allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:dir create_dir_perms; +allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:dir r_dir_perms; +allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file create_file_perms; +allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file rw_file_perms; +allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file create_file_perms; +allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file rw_file_perms; diff --git a/qva/vendor/test/property.te b/qva/vendor/test/property.te index 8913bfd0..95d0a1db 100644 --- a/qva/vendor/test/property.te +++ b/qva/vendor/test/property.te @@ -27,6 +27,6 @@ # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. #qspm hal debug -type vendor_qspm_dbg_prop, property_type; -type vendor_dbg_brkpoint_prop, property_type; -type vendor_fda_prop, property_type; +vendor_restricted_prop(vendor_qspm_dbg_prop); +vendor_restricted_prop(vendor_dbg_brkpoint_prop); +vendor_restricted_prop(vendor_fda_prop); |