pe-devices/device_xiaomi_sm6250-common
1
0
Fork 0
mirror of https://github.com/PixelExperience-Devices/device_xiaomi_sm6250-common.git synced 2025-06-03 02:47:16 +09:00
Code Issues Projects Releases Wiki Activity
222 Commits 4 Branches 0 Tags
Commit Graph

15 Commits

Author SHA1 Message Date
Alexander Winkowski
4c0bf0df7f
sm6250-common: sepolicy: Fix namespace violation 
* vendor property_contexts should contain vendor props only.

Change-Id: Ieb621921dc43f6c9b6b451fe45ac1a3fbaaac3c8
 2021-11-01 08:22:28 +00:00
Alexander Winkowski
7f99605ccc
sm6250-common: Update thermal HAL 
* From hardware/google/pixel at d774cbb949e98627e4172bf8fc11e8d954599aa7.

Change-Id: I3a3a0c29575d0595e71a30f1e64e33ca34d2eb27
 2021-11-01 08:20:48 +00:00
Sebastiano Barezzi
27f575c973
sm6250-common: Move to common Xiaomi light AIDL 
Change-Id: I00494cd392d19abd97cd65aeb4ec4bd9c9b11352
 2021-11-01 08:18:28 +00:00
Alexander Koskovich
54830186e5
sm6250-common: Don't mount TraceFS twice. 
* AOSP already mounts TraceFS in system init, so mounting it twice
   causes SEPolicy denials. See the comments in this change.

   https://android-review.googlesource.com/c/platform/system/sepolicy/+/1294195

Change-Id: Ic5d9ac2dbd36e404a93a8d48aa0ea933fd7fa701
 2021-09-23 18:42:57 +02:00
Mimi Wu
b744748f1d
sm6250-common: Modify sepolicy for toolbox to rm -rf /data/per_boot 
type=1400 audit(1581489923.612:571): avc: denied { getattr } for comm="rm" path="/data/per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.612:572): avc: denied { read } for comm="rm" name="per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.612:573): avc: denied { open } for comm="rm" path="/data/per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.616:574): avc: denied { getattr } for comm="rm" path="/data/per_boot/ft09,GYyRLUL4NXv4BjupD" dev="dm-9" ino=4578 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=file permissive=1
type=1400 audit(1581489923.616:575): avc: denied { write } for comm="rm" name="per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.616:576): avc: denied { remove_name } for comm="rm" name="ft09,GYyRLUL4NXv4BjupD" dev="dm-9" ino=4578 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1
type=1400 audit(1581489923.619:577): avc: denied { unlink } for comm="rm" name="ft09,GYyRLUL4NXv4BjupD" dev="dm-9" ino=4578 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=file permissive=1
type=1400 audit(1581489923.656:578): avc: denied { rmdir } for comm="rm" name="per_boot" dev="dm-9" ino=4577 scontext=u:r:toolbox:s0 tcontext=u:object_r:per_boot_file:s0 tclass=dir permissive=1

Bug: 147469156
Test: flash full build and find avc errors gone
Change-Id: I22706c63fb13ea2aae0cd9fe8b92edc578fd459e
Signed-off-by: Mimi Wu <mimiwu@google.com>
Signed-off-by: Albert I <kras@raphielgang.org>
 2021-09-09 18:46:36 +02:00
Mimi Wu
316cdce3f5
sm6250-common: Add sepolicy for kernel to access /data/per_boot/zram_swap 
type=1400 audit(0.0:4): avc: denied { read } for path="/data/per_boot/zram_swap" dev="dm-5" ino=29313 scontext=u:r:kernel:s0 tcontext=u:object_r:system_data_file:s0 tclass=file permissive=0

Bug: 147469156
Test: flash full build and find avc errors gone
Change-Id: I338040c9166ddd5eb2f06d7cba1aee85da988c53
Signed-off-by: Mimi Wu <mimiwu@google.com>
Signed-off-by: Albert I <kras@raphielgang.org>
 2021-09-09 18:46:36 +02:00
Albert I
233e73dbc0
sm6250-common: sepolicy: Allow neural networks HAL to read ADSP properties 
Signed-off-by: Albert I <kras@raphielgang.org>
Change-Id: I3fa6f51b746703bab2faf3f5fd6334b221a8636c
 2021-09-09 18:46:36 +02:00
Albert I
e42d1c571f
sm6250-common: sepolicy: Allow apps and camera HAL access to secure ADSP domain 
Signed-off-by: Albert I <kras@raphielgang.org>
Change-Id: Ibb1071299632ab53726638dbcc134d4bca59fc52
 2021-09-09 18:46:35 +02:00
dianlujitao
92b6e36b71
sm6250-common: Make fastrpc_shell_3 publicly available 
* Used by GCAM for DSP-accelerated HDR processing
 * Arguably we should label /vendor/dsp/cdsp/fastrpc_shell_3 to
   same_process_hal_file like Pixels, but the partition is prebuilt thus
   we're unable to relabel it.
 * Copy the file to writable tmpfs, setup attributes and bind mount back
   to workaround the limitation.

[ghostrider-reborn]:
Allow adsp/cdsprpcd and neuralnetworks HAL to access fastrpc_shell_3

[kras edit:
 1. rename some contexts as per qva/kona
 2. extend to allow camera HAL and VPP service to access it as well]

[dereference23: Remove VPP policy because atoll doesn't use it]

Co-authored-by: Adithya R <gh0strider.2k18.reborn@gmail.com>
Change-Id: Ide90e5c7307d413db5ece736e859559f06679545
 2021-09-09 18:46:35 +02:00
Alexander Winkowski
c653ce51be
sm6250-common: Pull SELinux policy from Xiaomi SM8250 tree 
Change-Id: I83dce3c678f796034fd39947414c8067d338edf2
 2021-09-09 18:46:35 +02:00
Alexander Winkowski
cefd104891
sm6250-common: thermal: Rebrand to Xiaomi SM6250 
Change-Id: Iafa72da14648a2652df9b64a02dd6e5b9fa8bd9b
 2021-09-09 18:46:29 +02:00
Alexander Winkowski
c03d9330bc
sm6250-common: Import Pixel thermal HAL 
* From hardware/google/pixel at 728fb99bbb910be05711421310efa6827aaaa4fa.

Change-Id: I763b4dbef65084cfee337065b2c5ab465f69bca8
 2021-09-09 18:46:29 +02:00
Alexander Winkowski
ab8029bdc2
sm6250-common: Build Xiaomi power AIDL HAL 
Change-Id: I0e10f0b36598b8cbf25ee2dc08b8a4eced95c2ed
 2021-09-09 18:46:23 +02:00
Sebastiano Barezzi
b4e037ad8e
sm6250-common: lights: Rebrand to Xiaomi SM6250 
Change-Id: I3c2ec7f68b0d845ea15277e396194409f8ebe216
 2021-09-09 18:46:21 +02:00
Volodymyr Zhdanov
d93a5f853e
sm6250-common: biometrics: Rebrand to Xiaomi SM6250 
Change-Id: Ia70786f28372e49cc3dc3d25fedbbe3a1562b5a7
 2021-09-09 18:46:18 +02:00