From 71eebd39328ed70db200d81d8161a089c8f6b654 Mon Sep 17 00:00:00 2001 From: deadman96385 Date: Fri, 16 Mar 2018 10:59:26 -0500 Subject: [PATCH] Intergrate mad vendor into the tree --- BoardConfig.mk | 60 +- configs/egl.cfg | 2 + configs/gps/agps_profiles_conf2.xml | 559 +++++++++ configs/telephony/ecc_list.xml | 20 + configs/telephony/spn-conf.xml | 1117 +++++++++++++++++ configs/wifi/p2p_supplicant_overlay.conf | 4 + configs/wifi/wpa_supplicant.conf | 12 + configs/wifi/wpa_supplicant_overlay.conf | 3 + device.mk | 115 +- libmtkshims/Android.mk | 62 + libmtkshims/agps/icu53.c | 72 ++ libmtkshims/agps/ssl.c | 36 + libmtkshims/audio.cpp | 33 + libmtkshims/omx.cpp | 5 + libmtkshims/ui.cpp | 10 + libmtkshims/xlog.c | 16 + .../base/core/res/res/values/config.xml | 123 ++ .../SettingsProvider/res/values/defaults.xml | 24 + .../packages/SystemUI/res/values/config.xml | 34 + .../apps/Settings/res/values/config.xml | 23 + .../services/Telephony/res/values/config.xml | 26 + sepolicy/attributes | 1 + sepolicy/audioserver.te | 15 + sepolicy/bluetooth.te | 9 + sepolicy/cameraserver.te | 21 + sepolicy/ccci_fsd.te | 18 + sepolicy/ccci_mdinit.te | 29 + sepolicy/conn_launcher.te | 9 + sepolicy/device.te | 49 + sepolicy/domain.te | 1 + sepolicy/drmserver.te | 1 + sepolicy/em_svr.te | 9 + sepolicy/etsd.te | 19 + sepolicy/factory.te | 67 + sepolicy/file.te | 41 + sepolicy/file_contexts | 169 ++- sepolicy/fingerprintd.te | 4 + sepolicy/fsck.te | 3 + sepolicy/fsck_untrusted.te | 2 + sepolicy/fuelgauged.te | 7 + sepolicy/ged_srv.te | 14 + sepolicy/genfs_contexts | 7 + sepolicy/gsm0710muxd.te | 18 + sepolicy/healthd.te | 1 + sepolicy/init.te | 9 + sepolicy/kernel.te | 6 + sepolicy/kpoc_charger.te | 25 + sepolicy/md_ctrl.te | 11 + sepolicy/mediacodec.te | 23 + sepolicy/mediaserver.te | 9 + sepolicy/memsicd3416x.te | 7 + sepolicy/meta_tst.te | 47 + sepolicy/mkfs.te | 9 + sepolicy/mnld.te | 46 + sepolicy/msensord.te | 12 + sepolicy/mtk_agpsd.te | 21 + sepolicy/mtkmal.te | 10 + sepolicy/muxreport.te | 13 + sepolicy/mxg2320d.te | 7 + sepolicy/netd.te | 4 + sepolicy/nfc.te | 4 + sepolicy/nvram_daemon.te | 26 + sepolicy/platform_app.te | 11 + sepolicy/pq.te | 15 + sepolicy/priv_app.te | 5 + sepolicy/property.te | 18 + sepolicy/property_contexts | 26 + sepolicy/qmc6983d.te | 7 + sepolicy/radio.te | 4 + sepolicy/ril-daemon-mtk.te | 33 + sepolicy/service.te | 5 + sepolicy/service_contexts | 5 + sepolicy/spm_loader.te | 6 + sepolicy/surfaceflinger.te | 7 + sepolicy/system_app.te | 8 + sepolicy/system_server.te | 37 + sepolicy/terservice.te | 4 + sepolicy/thermal.te | 10 + sepolicy/thermal_manager.te | 14 + sepolicy/thermald.te | 7 + sepolicy/thermalloadalgo.te | 6 + sepolicy/ueventd.te | 1 + sepolicy/untrusted_app.te | 2 + sepolicy/vold.te | 22 + sepolicy/wifi2agps.te | 9 + sepolicy/wmt_loader.te | 11 + sepolicy/zygote.te | 1 + wpa_supplicant_8_lib/Android.mk | 68 + .../mediatek_driver_cmd_nl80211.c | 266 ++++ 89 files changed, 3761 insertions(+), 6 deletions(-) create mode 100644 configs/egl.cfg create mode 100644 configs/gps/agps_profiles_conf2.xml create mode 100644 configs/telephony/ecc_list.xml create mode 100644 configs/telephony/spn-conf.xml create mode 100644 configs/wifi/p2p_supplicant_overlay.conf create mode 100644 configs/wifi/wpa_supplicant.conf create mode 100644 configs/wifi/wpa_supplicant_overlay.conf create mode 100644 libmtkshims/Android.mk create mode 100644 libmtkshims/agps/icu53.c create mode 100644 libmtkshims/agps/ssl.c create mode 100644 libmtkshims/audio.cpp create mode 100644 libmtkshims/omx.cpp create mode 100644 libmtkshims/ui.cpp create mode 100644 libmtkshims/xlog.c create mode 100644 overlay/frameworks/base/packages/SettingsProvider/res/values/defaults.xml create mode 100644 overlay/frameworks/base/packages/SystemUI/res/values/config.xml create mode 100644 overlay/packages/apps/Settings/res/values/config.xml create mode 100644 overlay/packages/services/Telephony/res/values/config.xml create mode 100644 sepolicy/attributes create mode 100644 sepolicy/audioserver.te create mode 100644 sepolicy/bluetooth.te create mode 100644 sepolicy/cameraserver.te create mode 100644 sepolicy/ccci_fsd.te create mode 100644 sepolicy/ccci_mdinit.te create mode 100644 sepolicy/conn_launcher.te create mode 100644 sepolicy/device.te create mode 100644 sepolicy/domain.te create mode 100644 sepolicy/drmserver.te create mode 100644 sepolicy/em_svr.te create mode 100644 sepolicy/etsd.te create mode 100644 sepolicy/factory.te create mode 100644 sepolicy/file.te create mode 100644 sepolicy/fingerprintd.te create mode 100644 sepolicy/fsck.te create mode 100644 sepolicy/fsck_untrusted.te create mode 100644 sepolicy/fuelgauged.te create mode 100644 sepolicy/ged_srv.te create mode 100644 sepolicy/genfs_contexts create mode 100644 sepolicy/gsm0710muxd.te create mode 100644 sepolicy/healthd.te create mode 100644 sepolicy/init.te create mode 100644 sepolicy/kernel.te create mode 100644 sepolicy/kpoc_charger.te create mode 100644 sepolicy/md_ctrl.te create mode 100644 sepolicy/mediacodec.te create mode 100644 sepolicy/mediaserver.te create mode 100644 sepolicy/memsicd3416x.te create mode 100644 sepolicy/meta_tst.te create mode 100644 sepolicy/mkfs.te create mode 100644 sepolicy/mnld.te create mode 100644 sepolicy/msensord.te create mode 100644 sepolicy/mtk_agpsd.te create mode 100644 sepolicy/mtkmal.te create mode 100644 sepolicy/muxreport.te create mode 100644 sepolicy/mxg2320d.te create mode 100644 sepolicy/netd.te create mode 100644 sepolicy/nfc.te create mode 100644 sepolicy/nvram_daemon.te create mode 100644 sepolicy/platform_app.te create mode 100644 sepolicy/pq.te create mode 100644 sepolicy/priv_app.te create mode 100644 sepolicy/property.te create mode 100644 sepolicy/property_contexts create mode 100644 sepolicy/qmc6983d.te create mode 100644 sepolicy/radio.te create mode 100644 sepolicy/ril-daemon-mtk.te create mode 100644 sepolicy/service.te create mode 100644 sepolicy/service_contexts create mode 100644 sepolicy/spm_loader.te create mode 100644 sepolicy/surfaceflinger.te create mode 100644 sepolicy/system_app.te create mode 100644 sepolicy/system_server.te create mode 100644 sepolicy/terservice.te create mode 100644 sepolicy/thermal.te create mode 100644 sepolicy/thermal_manager.te create mode 100644 sepolicy/thermald.te create mode 100644 sepolicy/thermalloadalgo.te create mode 100644 sepolicy/ueventd.te create mode 100644 sepolicy/untrusted_app.te create mode 100644 sepolicy/vold.te create mode 100644 sepolicy/wifi2agps.te create mode 100644 sepolicy/wmt_loader.te create mode 100644 sepolicy/zygote.te create mode 100644 wpa_supplicant_8_lib/Android.mk create mode 100644 wpa_supplicant_8_lib/mediatek_driver_cmd_nl80211.c diff --git a/BoardConfig.mk b/BoardConfig.mk index bf5c4bc..7eac27b 100644 --- a/BoardConfig.mk +++ b/BoardConfig.mk @@ -1,7 +1,38 @@ # mt6797 platform boardconfig LOCAL_PATH := device/vernee/apollo_lite -include vendor/mad/config/board.mk +# MTK Hardware +BOARD_HAS_MTK_HARDWARE := true + +# Display +USE_OPENGL_RENDERER := true +TARGET_FORCE_HWC_FOR_VIRTUAL_DISPLAYS := true +NUM_FRAMEBUFFER_SURFACE_BUFFERS := 3 +TARGET_RUNNING_WITHOUT_SYNC_FRAMEWORK := true +BOARD_EGL_CFG := $(LOCAL_PATH)/configs/egl.cfg + +# Boot animation +TARGET_BOOTANIMATION_MULTITHREAD_DECODE := true + +# Audio +USE_XML_AUDIO_POLICY_CONF := 1 + +# Wifi +WPA_SUPPLICANT_VERSION := VER_0_8_X +BOARD_HOSTAPD_DRIVER := NL80211 +BOARD_HOSTAPD_PRIVATE_LIB := lib_driver_cmd_mt66xx +BOARD_WPA_SUPPLICANT_DRIVER := NL80211 +BOARD_WPA_SUPPLICANT_PRIVATE_LIB := lib_driver_cmd_mt66xx +WIFI_DRIVER_FW_PATH_PARAM := "/dev/wmtWifi" +WIFI_DRIVER_FW_PATH_STA := STA +WIFI_DRIVER_FW_PATH_AP := AP +WIFI_DRIVER_FW_PATH_P2P := P2P + +# Bluetooth +BOARD_HAVE_BLUETOOTH := true + +# Charger +BACKLIGHT_PATH := /sys/class/leds/lcd-backlight/brightness # Platform ARCH_ARM_HAVE_TLS_REGISTER := true @@ -72,11 +103,32 @@ BOARD_BLUETOOTH_BDROID_BUILDCFG_INCLUDE_DIR := $(LOCAL_PATH)/bluetooth # LightHAL TARGET_PROVIDES_LIBLIGHT := true +# Recovery +#RECOVERY_VARIANT := twrp + # Recovery BOARD_HAS_NO_SELECT_BUTTON := true TARGET_RECOVERY_FSTAB := $(LOCAL_PATH)/rootdir/recovery.fstab + # TWRP-specific ifeq ($(RECOVERY_VARIANT), twrp) +TARGET_RECOVERY_PIXEL_FORMAT := "RGBA_8888" +TARGET_USE_CUSTOM_LUN_FILE_PATH := /sys/devices/platform/mt_usb/musb-hdrc.0.auto/gadget/lun%d/file +TARGET_RECOVERY_LCD_BACKLIGHT_PATH := \"/sys/class/leds/lcd-backlight/brightness\" +TW_NO_REBOOT_BOOTLOADER := true +TW_THEME := portrait_hdpi +TW_CUSTOM_CPU_TEMP_PATH := /sys/devices/virtual/thermal/thermal_zone1/temp +TW_USE_MODEL_HARDWARE_ID_FOR_DEVICE_ID := true +RECOVERY_GRAPHICS_USE_LINELENGTH := true +TW_MAX_BRIGHTNESS := 255 +BOARD_SUPPRESS_SECURE_ERASE := true +TW_INCLUDE_CRYPTO := true +TW_BRIGHTNESS_PATH := /sys/class/leds/lcd-backlight/brightness +TW_MAX_BRIGHTNESS := 255 +TW_NO_USB_STORAGE := true +BOARD_USE_FRAMEBUFFER_ALPHA_CHANNEL := true +TARGET_DISABLE_TRIPLE_BUFFERING := false +TW_USE_TOOLBOX := true DEVICE_RESOLUTION := 1080x1920 DEVICE_SCREEN_WIDTH := 1080 DEVICE_SCREEN_HEIGHT := 1920 @@ -95,3 +147,9 @@ BOARD_SEPOLICY_DIRS += $(LOCAL_PATH)/sepolicy # Seccomp filter BOARD_SECCOMP_POLICY := $(LOCAL_PATH)/seccomp + +# DEXPREOPT +ifeq ($(TARGET_BUILD_VARIANT),user) +WITH_DEXPREOPT := true +DONT_DEXPREOPT_PREBUILTS := true +endif diff --git a/configs/egl.cfg b/configs/egl.cfg new file mode 100644 index 0000000..9438b87 --- /dev/null +++ b/configs/egl.cfg @@ -0,0 +1,2 @@ +0 0 android +0 1 mali diff --git a/configs/gps/agps_profiles_conf2.xml b/configs/gps/agps_profiles_conf2.xml new file mode 100644 index 0000000..bc1e480 --- /dev/null +++ b/configs/gps/agps_profiles_conf2.xml @@ -0,0 +1,559 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/configs/telephony/ecc_list.xml b/configs/telephony/ecc_list.xml new file mode 100644 index 0000000..409d00c --- /dev/null +++ b/configs/telephony/ecc_list.xml @@ -0,0 +1,20 @@ + + + + + + + + + + + + diff --git a/configs/telephony/spn-conf.xml b/configs/telephony/spn-conf.xml new file mode 100644 index 0000000..6be4497 --- /dev/null +++ b/configs/telephony/spn-conf.xml @@ -0,0 +1,1117 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + +"/> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/configs/wifi/p2p_supplicant_overlay.conf b/configs/wifi/p2p_supplicant_overlay.conf new file mode 100644 index 0000000..d95766d --- /dev/null +++ b/configs/wifi/p2p_supplicant_overlay.conf @@ -0,0 +1,4 @@ +p2p_no_group_iface=1 +driver_param=use_p2p_group_interface=1 +bss_expiration_scan_count=1 +wowlan_triggers=disconnect diff --git a/configs/wifi/wpa_supplicant.conf b/configs/wifi/wpa_supplicant.conf new file mode 100644 index 0000000..ef8a8af --- /dev/null +++ b/configs/wifi/wpa_supplicant.conf @@ -0,0 +1,12 @@ +ctrl_interface=wlan0 +update_config=1 +manufacturer=MediaTek Inc. +device_name=Wireless Client +model_name=MTK Wireless Model +model_number=1.0 +serial_number=2.0 +device_type=10-0050F204-5 +os_version=01020300 +config_methods=display push_button keypad +p2p_no_group_iface=1 +driver_param=use_p2p_group_interface=1 diff --git a/configs/wifi/wpa_supplicant_overlay.conf b/configs/wifi/wpa_supplicant_overlay.conf new file mode 100644 index 0000000..f6b7121 --- /dev/null +++ b/configs/wifi/wpa_supplicant_overlay.conf @@ -0,0 +1,3 @@ +p2p_no_group_iface=1 +driver_param=use_p2p_group_interface=1 +wowlan_triggers=disconnect diff --git a/device.mk b/device.mk index a7ba335..a032ec0 100644 --- a/device.mk +++ b/device.mk @@ -64,8 +64,119 @@ PRODUCT_COPY_FILES += \ # Dalvik/HWUI $(call inherit-product, frameworks/native/build/phone-xhdpi-2048-dalvik-heap.mk) -# Common stuff -$(call inherit-product, vendor/mad/config/common.mk) +# Shim libraries +PRODUCT_PACKAGES += \ + libmtkshim_log \ + libmtkshim_audio \ + libmtkshim_ui \ + libmtkshim_omx \ + libmtkshim_gps + +# Display +PRODUCT_PACKAGES += \ + libion + +# GPS +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/configs/gps/agps_profiles_conf2.xml:system/etc/agps_profiles_conf2.xml + +PRODUCT_PACKAGES += \ + libcurl + +# Include explicitly to work around Facelock issues +PRODUCT_PACKAGES += \ + libprotobuf-cpp-full + +# USB +PRODUCT_PACKAGES += \ + com.android.future.usb.accessory + +# Charger +PRODUCT_PACKAGES += \ + charger_res_images \ + +# Sensor Calibration +PRODUCT_PACKAGES += \ + libem_sensor_jni + +PRODUCT_BUILD_PROP_OVERRIDES += BUILD_UTC_DATE=0 + +# Granular Volume Steps +PRODUCT_PROPERTY_OVERRIDES += \ + ro.config.vc_call_vol_steps=14 \ + ro.config.media_vol_steps=30 + +# Permissions +PRODUCT_COPY_FILES += \ + frameworks/native/data/etc/handheld_core_hardware.xml:system/etc/permissions/handheld_core_hardware.xml \ + frameworks/native/data/etc/android.hardware.camera.autofocus.xml:system/etc/permissions/android.hardware.camera.autofocus.xml \ + frameworks/native/data/etc/android.hardware.camera.flash-autofocus.xml:system/etc/permissions/android.hardware.camera.flash-autofocus.xml \ + frameworks/native/data/etc/android.hardware.camera.front.xml:system/etc/permissions/android.hardware.camera.front.xml \ + frameworks/native/data/etc/android.hardware.location.gps.xml:system/etc/permissions/android.hardware.location.gps.xml \ + frameworks/native/data/etc/android.hardware.wifi.xml:system/etc/permissions/android.hardware.wifi.xml \ + frameworks/native/data/etc/android.hardware.wifi.direct.xml:system/etc/permissions/android.hardware.wifi.direct.xml \ + frameworks/native/data/etc/android.hardware.sensor.accelerometer.xml:system/etc/permissions/android.hardware.sensor.accelerometer.xml \ + frameworks/native/data/etc/android.hardware.sensor.compass.xml:system/etc/permissions/android.hardware.compass.xml \ + frameworks/native/data/etc/android.hardware.sensor.light.xml:system/etc/permissions/android.hardware.sensor.light.xml \ + frameworks/native/data/etc/android.hardware.sensor.gyroscope.xml:system/etc/permissions/android.hardware.sensor.gyroscope.xml \ + frameworks/native/data/etc/android.hardware.sensor.proximity.xml:system/etc/permissions/android.hardware.sensor.proximity.xml \ + frameworks/native/data/etc/android.hardware.sensor.stepcounter.xml:system/etc/permissions/android.hardware.sensor.stepcounter.xml \ + frameworks/native/data/etc/android.hardware.sensor.stepdetector.xml:system/etc/permissions/android.hardware.sensor.stepdetector.xml \ + frameworks/native/data/etc/android.hardware.touchscreen.multitouch.jazzhand.xml:system/etc/permissions/android.hardware.touchscreen.multitouch.jazzhand.xml \ + frameworks/native/data/etc/android.hardware.touchscreen.multitouch.distinct.xml:system/etc/permissions/android.hardware.touchscreen.multitouch.distinct.xml \ + frameworks/native/data/etc/android.hardware.touchscreen.multitouch.xml:system/etc/permissions/android.hardware.touchscreen.multitouch.xml \ + frameworks/native/data/etc/android.hardware.touchscreen.xml:system/etc/permissions/android.hardware.touchscreen.xml \ + frameworks/native/data/etc/android.hardware.usb.accessory.xml:system/etc/permissions/android.hardware.usb.accessory.xml \ + frameworks/native/data/etc/android.hardware.bluetooth.xml:system/etc/permissions/android.hardware.bluetooth.xml \ + frameworks/native/data/etc/android.hardware.bluetooth_le.xml:system/etc/permissions/android.hardware.bluetooth_le.xml \ + frameworks/native/data/etc/android.hardware.telephony.cdma.xml:system/etc/permissions/android.hardware.telephony.cdma.xml \ + frameworks/native/data/etc/android.hardware.telephony.gsm.xml:system/etc/permissions/android.hardware.telephony.gsm.xml \ + frameworks/native/data/etc/android.software.sip.voip.xml:system/etc/permissions/android.software.sip.voip.xml \ + frameworks/native/data/etc/android.hardware.usb.host.xml:system/etc/permissions/android.hardware.usb.host.xml + +# Audio +PRODUCT_PACKAGES += \ + audio_policy.default \ + audio.r_submix.default \ + audio.a2dp.default \ + audio.usb.default \ + libtinyalsa \ + libtinycompress \ + libtinymix \ + libtinyxml + +PRODUCT_COPY_FILES += \ + frameworks/av/services/audiopolicy/config/audio_policy_volumes.xml:/system/etc/audio_policy_volumes.xml \ + frameworks/av/services/audiopolicy/config/default_volume_tables.xml:/system/etc/default_volume_tables.xml \ + frameworks/av/services/audiopolicy/config/r_submix_audio_policy_configuration.xml:/system/etc/r_submix_audio_policy_configuration.xml \ + frameworks/av/services/audiopolicy/config/usb_audio_policy_configuration.xml:/system/etc/usb_audio_policy_configuration.xml + +# Codecs +PRODUCT_COPY_FILES += \ + frameworks/av/media/libstagefright/data/media_codecs_google_audio.xml:system/etc/media_codecs_google_audio.xml \ + frameworks/av/media/libstagefright/data/media_codecs_google_telephony.xml:system/etc/media_codecs_google_telephony.xml \ + frameworks/av/media/libstagefright/data/media_codecs_google_video_le.xml:system/etc/media_codecs_google_video_le.xml + +# Storage +PRODUCT_PROPERTY_OVERRIDES += \ + ro.sys.sdcardfs=true + +# Wifi +PRODUCT_PACKAGES += \ + lib_driver_cmd_mt66xx \ + libwpa_client \ + hostapd \ + wpa_supplicant + +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/configs/wifi/wpa_supplicant.conf:system/etc/wifi/wpa_supplicant.conf \ + $(LOCAL_PATH)/configs/wifi/wpa_supplicant_overlay.conf:system/etc/wifi/wpa_supplicant_overlay.conf \ + $(LOCAL_PATH)/configs/wifi/p2p_supplicant_overlay.conf:system/etc/wifi/p2p_supplicant_overlay.conf + +# Configs +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/configs/telephony/ecc_list.xml:system/etc/ecc_list.xml \ + $(LOCAL_PATH)/configs/telephony/spn-conf.xml:system/etc/spn-conf.xml # Vendor $(call inherit-product, vendor/vernee/apollo_lite/apollo_lite-vendor.mk) diff --git a/libmtkshims/Android.mk b/libmtkshims/Android.mk new file mode 100644 index 0000000..db4f9dd --- /dev/null +++ b/libmtkshims/Android.mk @@ -0,0 +1,62 @@ +LOCAL_PATH := $(call my-dir) + +# mtk log symbols (xlog) +ifeq ($(TARGET_INCLUDE_XLOG_SYMBOLS),true) + include $(CLEAR_VARS) + + LOCAL_SRC_FILES := xlog.c + LOCAL_SHARED_LIBRARIES := liblog + LOCAL_MODULE := libmtkshim_log + LOCAL_MODULE_TAGS := optional + + include $(BUILD_SHARED_LIBRARY) +endif + +# audio symbols +ifeq ($(TARGET_INCLUDE_AUDIO_SYMBOLS),true) + include $(CLEAR_VARS) + + LOCAL_SRC_FILES := audio.cpp + LOCAL_MODULE := libmtkshim_audio + LOCAL_MODULE_TAGS := optional + + include $(BUILD_SHARED_LIBRARY) +endif + +# ui symbols +ifeq ($(TARGET_INCLUDE_UI_SYMBOLS),true) + include $(CLEAR_VARS) + + LOCAL_SRC_FILES := ui.cpp + LOCAL_SHARED_LIBRARIES := libui + LOCAL_MODULE := libmtkshim_ui + LOCAL_MODULE_TAGS := optional + + include $(BUILD_SHARED_LIBRARY) +endif + +# omx symbols +ifeq ($(TARGET_INCLUDE_OMX_SYMBOLS),true) + include $(CLEAR_VARS) + + LOCAL_SRC_FILES := omx.cpp + LOCAL_MODULE := libmtkshim_omx + LOCAL_MODULE_TAGS := optional + + include $(BUILD_SHARED_LIBRARY) +endif + +# gps symbols +ifeq ($(TARGET_INCLUDE_GPS_SYMBOLS),true) + include $(CLEAR_VARS) + + LOCAL_SRC_FILES := \ + agps/icu53.c \ + agps/ssl.c + + LOCAL_SHARED_LIBRARIES := libicuuc libssl + LOCAL_MODULE := libmtkshim_gps + LOCAL_MODULE_TAGS := optional + + include $(BUILD_SHARED_LIBRARY) +endif diff --git a/libmtkshims/agps/icu53.c b/libmtkshims/agps/icu53.c new file mode 100644 index 0000000..a7752fd --- /dev/null +++ b/libmtkshims/agps/icu53.c @@ -0,0 +1,72 @@ +#include "unicode/ucnv.h" + +U_STABLE UConverter* U_EXPORT2 +ucnv_open_53(const char *converterName, UErrorCode *err) +{ + return ucnv_open(converterName, err); +} + +U_STABLE void U_EXPORT2 +ucnv_close_53(UConverter * converter) +{ + return ucnv_close(converter); +} + +U_STABLE void U_EXPORT2 UCNV_TO_U_CALLBACK_STOP_53( + const void *context, + UConverterToUnicodeArgs *toUArgs, + const char* codeUnits, + int32_t length, + UConverterCallbackReason reason, + UErrorCode * err) +{ + UCNV_TO_U_CALLBACK_STOP(context, toUArgs, codeUnits, length, reason, err); +} + +U_STABLE void U_EXPORT2 UCNV_FROM_U_CALLBACK_STOP_53( + const void *context, + UConverterFromUnicodeArgs *fromUArgs, + const UChar* codeUnits, + int32_t length, + UChar32 codePoint, + UConverterCallbackReason reason, + UErrorCode * err) +{ + UCNV_FROM_U_CALLBACK_STOP (context, fromUArgs, codeUnits, length, codePoint, reason, err); +} + +U_STABLE void U_EXPORT2 +ucnv_setToUCallBack_53(UConverter * converter, + UConverterToUCallback newAction, + const void* newContext, + UConverterToUCallback *oldAction, + const void** oldContext, + UErrorCode * err) +{ + ucnv_setToUCallBack(converter, newAction, newContext, oldAction, oldContext, err); +} + +U_STABLE void U_EXPORT2 +ucnv_setFromUCallBack_53(UConverter * converter, + UConverterFromUCallback newAction, + const void *newContext, + UConverterFromUCallback *oldAction, + const void **oldContext, + UErrorCode * err) +{ + ucnv_setFromUCallBack(converter, newAction, newContext, oldAction, oldContext, err); +} + +U_STABLE void U_EXPORT2 +ucnv_convertEx_53(UConverter *targetCnv, UConverter *sourceCnv, + char **target, const char *targetLimit, + const char **source, const char *sourceLimit, + UChar *pivotStart, UChar **pivotSource, + UChar **pivotTarget, const UChar *pivotLimit, + UBool reset, UBool flush, + UErrorCode *pErrorCode) +{ + ucnv_convertEx(targetCnv, sourceCnv, target, targetLimit, source, sourceLimit, + pivotStart, pivotSource, pivotTarget, pivotLimit, reset, flush, + pErrorCode); +} diff --git a/libmtkshims/agps/ssl.c b/libmtkshims/agps/ssl.c new file mode 100644 index 0000000..a115938 --- /dev/null +++ b/libmtkshims/agps/ssl.c @@ -0,0 +1,36 @@ +#include + +long SSL_ctrl(SSL *s, int cmd, long larg, void *parg) { + switch (cmd) { + case 8: { /* SSL_CTRL_GET_SESSION_REUSED */ + return SSL_session_reused(s); + } + default: break; + } + return -1; +} + +long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg) { + switch (cmd) { + case 32: { /* SSL_CTRL_OPTIONS */ + return SSL_CTX_set_options(ctx, larg); + } + case 44: { /* SSL_CTRL_SET_SESS_CACHE_MODE */ + return SSL_CTX_set_session_cache_mode(ctx, larg); + } + default: break; + } + return -1; +} + +void CRYPTO_free(void *str) { + free(str); +} + +void *CRYPTO_malloc(int num, const char *file, int line) { + return malloc(num); +} + +void CRYPTO_lock(int mode, int type, const char *file, int line) { + CRYPTO_lock(mode, type, file, line); +} diff --git a/libmtkshims/audio.cpp b/libmtkshims/audio.cpp new file mode 100644 index 0000000..7f86662 --- /dev/null +++ b/libmtkshims/audio.cpp @@ -0,0 +1,33 @@ +#include + +extern "C" { + bool _ZN7android11AudioSystem24getVoiceUnlockDLInstanceEv(){ + return 0; + } + + int _ZN7android11AudioSystem23GetVoiceUnlockDLLatencyEv(){ + return 0; + } + + int _ZN7android11AudioSystem17SetVoiceUnlockSRCEjj(uint32_t, uint32_t){ + return 0; + } + + bool _ZN7android11AudioSystem18startVoiceUnlockDLEv(){ + return 0; + } + + int _ZN7android11AudioSystem15ReadRefFromRingEPvjS1_(void*, uint32_t, void*){ + return 0; + } + + int _ZN7android11AudioSystem20GetVoiceUnlockULTimeEPv(void*) { + return 0; + } + + void _ZN7android11AudioSystem25freeVoiceUnlockDLInstanceEv() { } + + bool _ZN7android11AudioSystem17stopVoiceUnlockDLEv(){ + return 0; + } +} diff --git a/libmtkshims/omx.cpp b/libmtkshims/omx.cpp new file mode 100644 index 0000000..099be12 --- /dev/null +++ b/libmtkshims/omx.cpp @@ -0,0 +1,5 @@ +extern "C" { + void _ZN7android13AwesomePlayer24mtk_omx_get_current_timeEPx(long long* time){ + time = (long long*)-1; + } +} diff --git a/libmtkshims/ui.cpp b/libmtkshims/ui.cpp new file mode 100644 index 0000000..e47f781 --- /dev/null +++ b/libmtkshims/ui.cpp @@ -0,0 +1,10 @@ +#include +#include + +extern "C" { + void _ZN7android19GraphicBufferMapper4lockEPK13native_handlejRKNS_4RectEPPv(buffer_handle_t, uint32_t, const android::Rect&, void**); + + void _ZN7android19GraphicBufferMapper4lockEPK13native_handleiRKNS_4RectEPPv(buffer_handle_t handle, int usage, const android::Rect& bounds, void** vaddr) { + _ZN7android19GraphicBufferMapper4lockEPK13native_handlejRKNS_4RectEPPv(handle, static_cast(usage), bounds, vaddr); + } +} diff --git a/libmtkshims/xlog.c b/libmtkshims/xlog.c new file mode 100644 index 0000000..932c171 --- /dev/null +++ b/libmtkshims/xlog.c @@ -0,0 +1,16 @@ +#include + +struct xlog_record { + const char *tag_str; + const char *fmt_str; + int prio; +}; + +int __xlog_buf_printf(int bufid, const struct xlog_record *rec, ...) { + va_list args; + va_start(args, rec); + LOG_PRI_VA(rec->prio, rec->tag_str, rec->fmt_str, args); + va_end(args); + + return 0; +} diff --git a/overlay/frameworks/base/core/res/res/values/config.xml b/overlay/frameworks/base/core/res/res/values/config.xml index f4c576e..d500fbd 100644 --- a/overlay/frameworks/base/core/res/res/values/config.xml +++ b/overlay/frameworks/base/core/res/res/values/config.xml @@ -140,4 +140,127 @@ that can be set by the user. --> 10 + + true + + + true + + + + true + + + + + + + wifi,1,1,1,-1,true + mobile,0,0,0,-1,true + mobile_mms,2,0,2,300000,true + mobile_supl,3,0,2,300000,true + mobile_dun,4,0,3,300000,true + mobile_hipri,5,0,3,300000,true + mobile_fota,10,0,2,300000,true + mobile_ims,11,0,2,300000,true + mobile_cbs,12,0,2,300000,true + mobile_dm,34,0,3,300000,true + mobile_wap,35,0,3,300000,true + mobile_net,36,0,3,300000,true + mobile_cmmail,37,0,3,300000,true + mobile_rcse,38,0,3,300000,true + usb,40,40,0,-1,true + mobile_ia,14,0,2,-1,true + bluetooth,7,7,0,-1,true + csd,41,41,3,-1,true + + + + 1,1 + 0,1 + 7,1 + 40,1 + 41,1 + + + + rndis\\d + + + + ap\\d + + + + "bt-pan" + "bt-dun" + + + true + + + true + + true + + + true + + + true + + + true + + + true + + true + + + 4 + + true + + false + + + com.android.systemui/com.android.systemui.doze.DozeService + + true + + true + + true + + + true + + + true + + + + "/system/framework/arm64/boot-framework.oat" + "/system/framework/oat/arm64/services.odex" + "/system/framework/arm64/boot.oat" + "/system/framework/arm64/boot-core-libart.oat" + + + + + com.google.android.gms + + com.android.location.fused + + diff --git a/overlay/frameworks/base/packages/SettingsProvider/res/values/defaults.xml b/overlay/frameworks/base/packages/SettingsProvider/res/values/defaults.xml new file mode 100644 index 0000000..3229535 --- /dev/null +++ b/overlay/frameworks/base/packages/SettingsProvider/res/values/defaults.xml @@ -0,0 +1,24 @@ + + + + true + + + true + diff --git a/overlay/frameworks/base/packages/SystemUI/res/values/config.xml b/overlay/frameworks/base/packages/SystemUI/res/values/config.xml new file mode 100644 index 0000000..fb185e0 --- /dev/null +++ b/overlay/frameworks/base/packages/SystemUI/res/values/config.xml @@ -0,0 +1,34 @@ + + + + + + true + + + true + + true + + true + + + false + diff --git a/overlay/packages/apps/Settings/res/values/config.xml b/overlay/packages/apps/Settings/res/values/config.xml new file mode 100644 index 0000000..0a393ee --- /dev/null +++ b/overlay/packages/apps/Settings/res/values/config.xml @@ -0,0 +1,23 @@ + + + + + + true + diff --git a/overlay/packages/services/Telephony/res/values/config.xml b/overlay/packages/services/Telephony/res/values/config.xml new file mode 100644 index 0000000..41b85ec --- /dev/null +++ b/overlay/packages/services/Telephony/res/values/config.xml @@ -0,0 +1,26 @@ + + + + + + true + + + true + diff --git a/sepolicy/attributes b/sepolicy/attributes new file mode 100644 index 0000000..b7cc346 --- /dev/null +++ b/sepolicy/attributes @@ -0,0 +1 @@ +attribute mtk_property_type; diff --git a/sepolicy/audioserver.te b/sepolicy/audioserver.te new file mode 100644 index 0000000..2dd472f --- /dev/null +++ b/sepolicy/audioserver.te @@ -0,0 +1,15 @@ +# nvram +allow audioserver nvdata_file:dir rw_dir_perms; +allow audioserver nvdata_file:file create_file_perms; +allow audioserver nvdata_file:lnk_file r_file_perms; +allow audioserver ccci_device:chr_file rw_file_perms; + +# fm radio +allow audioserver fm_device:chr_file rw_file_perms; + +# Audio +allow audioserver sysfs:file { open read write }; +allow audioserver sysfs_devinfo:file { open read write }; +allow audioserver sysfs_ccci:file r_file_perms; +allow audioserver sysfs_ccci:dir search; +allow audioserver audiohal_prop:property_service set; diff --git a/sepolicy/bluetooth.te b/sepolicy/bluetooth.te new file mode 100644 index 0000000..9671019 --- /dev/null +++ b/sepolicy/bluetooth.te @@ -0,0 +1,9 @@ +# Allow access to the hardware node +allow bluetooth stpbt_device:chr_file rw_file_perms; + +# Allow nvram access +allow bluetooth nvdata_file:dir search; +allow bluetooth nvdata_file:file rw_file_perms; +allow bluetooth nvdata_file:lnk_file r_file_perms; + +allow bluetooth block_device:dir search; diff --git a/sepolicy/cameraserver.te b/sepolicy/cameraserver.te new file mode 100644 index 0000000..573a0aa --- /dev/null +++ b/sepolicy/cameraserver.te @@ -0,0 +1,21 @@ +# nvram +allow cameraserver nvdata_file:dir rw_dir_perms; +allow cameraserver nvdata_file:file create_file_perms; +allow cameraserver ccci_device:chr_file rw_file_perms; + +# camera +allow cameraserver sensorservice_service:service_manager find; +allow cameraserver system_server:unix_stream_socket { read write }; +allow cameraserver camera_device:chr_file rw_file_perms; +allow cameraserver mtk_smi_device:chr_file rw_file_perms; +allow cameraserver proc:file { read ioctl open }; +allow cameraserver devmap_device:chr_file r_file_perms; +allow cameraserver devmap_device:chr_file { ioctl }; +allow cameraserver sysfs_devinfo:file rw_file_perms; +allow cameraserver sysfs_membw:file rw_file_perms; +allow cameraserver proc_meminfo:file { open read getattr }; +allow cameraserver sysfs_boot_mode:file r_file_perms; +allow cameraserver sysfs_ddr_type:file r_file_perms; + +# PQ +allow cameraserver pq_service:service_manager find; diff --git a/sepolicy/ccci_fsd.te b/sepolicy/ccci_fsd.te new file mode 100644 index 0000000..1f77080 --- /dev/null +++ b/sepolicy/ccci_fsd.te @@ -0,0 +1,18 @@ +type ccci_fsd_exec, exec_type, file_type; +type ccci_fsd, domain, domain_deprecated; + +init_daemon_domain(ccci_fsd) + +allow ccci_fsd ccci_device:chr_file rw_file_perms; +allow ccci_fsd ccci_cfg_file:dir create_dir_perms; +allow ccci_fsd ccci_cfg_file:file create_file_perms; +allow ccci_fsd nvdata_file:dir create_dir_perms; +allow ccci_fsd nvdata_file:file create_file_perms; +allow ccci_fsd nvdata_file:lnk_file r_file_perms; +allow ccci_fsd protect_f_data_file:dir create_dir_perms; +allow ccci_fsd protect_f_data_file:file create_file_perms; +allow ccci_fsd protect_s_data_file:dir create_dir_perms; +allow ccci_fsd protect_s_data_file:file create_file_perms; +allow ccci_fsd sysfs_ccci:file rw_file_perms; +allow ccci_fsd sysfs_ccci:dir search; +allow ccci_fsd sysfs_wake_lock:file rw_file_perms; diff --git a/sepolicy/ccci_mdinit.te b/sepolicy/ccci_mdinit.te new file mode 100644 index 0000000..69679ba --- /dev/null +++ b/sepolicy/ccci_mdinit.te @@ -0,0 +1,29 @@ +type ccci_mdinit_exec, exec_type, file_type; +type ccci_mdinit, domain, domain_deprecated; + +init_daemon_domain(ccci_mdinit) + +allow ccci_mdinit ccci_device:chr_file rw_file_perms; +allow ccci_mdinit ccci_cfg_file:dir create_dir_perms; +allow ccci_mdinit ccci_cfg_file:file create_file_perms; +allow ccci_mdinit nvdata_file:dir rw_dir_perms; +allow ccci_mdinit nvdata_file:file create_file_perms; +allow ccci_mdinit nvdata_file:lnk_file r_file_perms; +allow ccci_mdinit sysfs_ccci:dir search; +allow ccci_mdinit sysfs_ccci:file rw_file_perms; +allow ccci_mdinit sysfs_wake_lock:file rw_file_perms; +allow ccci_mdinit sysfs_devinfo:file r_file_perms; + +allow ccci_mdinit nvram_device:blk_file rw_file_perms; +allow ccci_mdinit mtk_md_prop:property_service set; + +allow ccci_mdinit ctl_ccci_fsd_prop:property_service set; +allow ccci_mdinit ctl_gsm0710muxd_prop:property_service set; +allow ccci_mdinit ctl_rildaemon_prop:property_service set; +allow ccci_mdinit radio_prop:property_service set; +allow ccci_mdinit ril_mux_report_case_prop:property_service set; + +allow ccci_mdinit mdlog_data_file:file r_file_perms; +allow ccci_mdinit mdlog_data_file:dir r_dir_perms; + +unix_socket_connect(ccci_mdinit, property, init) diff --git a/sepolicy/conn_launcher.te b/sepolicy/conn_launcher.te new file mode 100644 index 0000000..d75e9e5 --- /dev/null +++ b/sepolicy/conn_launcher.te @@ -0,0 +1,9 @@ +type conn_launcher_exec, exec_type, file_type; +type conn_launcher, domain, domain_deprecated; + +init_daemon_domain(conn_launcher) + +allow conn_launcher stpwmt_device:chr_file rw_file_perms; +allow conn_launcher wmt_prop:property_service set; + +unix_socket_connect(conn_launcher, property, init) diff --git a/sepolicy/device.te b/sepolicy/device.te new file mode 100644 index 0000000..3ecb5cf --- /dev/null +++ b/sepolicy/device.te @@ -0,0 +1,49 @@ +# Radio devices +type ccci_device, dev_type; +type stpbt_device, dev_type; +type stpgps_device, dev_type; +type stpwmt_device, dev_type; +type hwmsensor_device, dev_type; +type wmtWifi_device, dev_type; +type wmtdetect_device, dev_type; +type gsm0710muxd_device, dev_type; +type mdlog_device, dev_type; +type pmic_adc_device, dev_type; + +# Sensors +type als_ps_device, dev_type; +type mtk-adc-cali_device, dev_type; +type gsensor_device, dev_type; +type msensor_device, dev_type; +type gyroscope_device, dev_type; + +# Media +type accdet_device, dev_type; +type devmap_device, dev_type; +type fm_device, dev_type; +type Vcodec_device, dev_type; +type M4U_device_device, dev_type; +type mtk_smi_device, dev_type; + +# SPM +type spm_device, dev_type; + +# NFC +type mt6605_device, dev_type; + +# Fingerprint +type esfp0_device, dev_type; +type madev0_device, dev_type; + +# IR +type irtx_device, dev_type; + +# Block devices +type proinfo_device, dev_type; +type nvram_device, dev_type; +type nvdata_device, dev_type; +type protect1_device, dev_type; +type protect2_device, dev_type; +type logo_block_device, dev_type; +type para_block_device, dev_type; +type mmc_device, dev_type; diff --git a/sepolicy/domain.te b/sepolicy/domain.te new file mode 100644 index 0000000..faaf49e --- /dev/null +++ b/sepolicy/domain.te @@ -0,0 +1 @@ +get_prop(domain, mtk_property_type) diff --git a/sepolicy/drmserver.te b/sepolicy/drmserver.te new file mode 100644 index 0000000..9d4ccab --- /dev/null +++ b/sepolicy/drmserver.te @@ -0,0 +1 @@ +allow drmserver sysfs_devinfo:file { open read write }; \ No newline at end of file diff --git a/sepolicy/em_svr.te b/sepolicy/em_svr.te new file mode 100644 index 0000000..5844b50 --- /dev/null +++ b/sepolicy/em_svr.te @@ -0,0 +1,9 @@ +type em_svr_exec, exec_type, file_type; +type em_svr, domain, domain_deprecated; + +init_daemon_domain(em_svr) + +allow em_svr gsensor_device:chr_file { read ioctl open }; +allow em_svr gyroscope_device:chr_file { read ioctl open }; +allow em_svr nvdata_file:dir { write read open add_name search }; +allow em_svr nvdata_file:file { write getattr setattr read create open }; \ No newline at end of file diff --git a/sepolicy/etsd.te b/sepolicy/etsd.te new file mode 100644 index 0000000..6a6b0f8 --- /dev/null +++ b/sepolicy/etsd.te @@ -0,0 +1,19 @@ +type etsd_exec, exec_type, file_type; +type etsd, domain, domain_deprecated; + +init_daemon_domain(etsd) +binder_use(etsd) + +allow etsd etsd_service:service_manager { add find }; +allow etsd fingerprintd:binder { call transfer }; + +allow etsd esfp0_device:chr_file rw_file_perms; + +allow etsd fingerprintd_data_file:file { create_file_perms }; +allow etsd fingerprintd_data_file:file { open read write }; +allow etsd fingerprintd_data_file:dir rw_dir_perms; + +use_keystore(etsd) +allow etsd keystore:keystore_key { add_auth }; + +allow etsd self:capability { dac_override dac_read_search }; \ No newline at end of file diff --git a/sepolicy/factory.te b/sepolicy/factory.te new file mode 100644 index 0000000..d9bf10d --- /dev/null +++ b/sepolicy/factory.te @@ -0,0 +1,67 @@ +type factory_exec, exec_type, file_type; +type factory, domain, domain_deprecated; + +init_daemon_domain(factory) +net_domain(factory) + +allow factory serial_device:chr_file rw_file_perms; + +# Hardware nodes +allow factory accdet_device:chr_file r_file_perms; +allow factory ashmem_device:chr_file execute; +allow factory audio_device:dir r_dir_perms; +allow factory audio_device:chr_file rw_file_perms; +allow factory camera_device:chr_file rw_file_perms; +allow factory ccci_device:chr_file rw_file_perms; +allow factory devmap_device:chr_file r_file_perms; +allow factory fm_device:chr_file rwx_file_perms; +allow factory gsm0710muxd_device:chr_file rw_file_perms; +allow factory graphics_device:dir search; +allow factory graphics_device:chr_file rw_file_perms; +allow factory input_device:dir r_dir_perms; +allow factory input_device:chr_file r_file_perms; +allow factory pmic_adc_device:chr_file rw_file_perms; +allow factory rtc_device:chr_file rw_file_perms; +allow factory stpbt_device:chr_file rw_file_perms; +allow factory wmtWifi_device:chr_file rw_file_perms; + +# NVRAM +allow factory nvdata_file:dir create_dir_perms; +allow factory nvdata_file:file create_file_perms; +allow factory nvdata_device:blk_file rw_file_perms; +allow factory nvram_device:blk_file rw_file_perms; +allow factory proinfo_device:blk_file rw_file_perms; + +# Storage +allow factory mnt_user_file:dir search; +allow factory mmc_device:blk_file rw_file_perms; +allow factory storage_file:dir r_dir_perms; +allow factory storage_file:lnk_file r_file_perms; +allow factory storage_file:file r_file_perms; + +# Configuration +allow factory sysfs:file write; +allow factory sysfs_gps_file:dir r_dir_perms; +allow factory sysfs_gps_file:file rw_file_perms; + +# Sensors +allow factory als_ps_device:chr_file r_file_perms; +allow factory gsensor_device:chr_file rw_file_perms; +allow factory msensor_device:chr_file rw_file_perms; + +# GPS +allow factory agpsd_data_file:dir r_dir_perms; +allow factory agpsd_data_file:sock_file write; +allow factory stpgps_device:chr_file rw_file_perms; +allow factory gps_device:chr_file rw_file_perms; +allow factory mnld_data_file:dir rw_dir_perms; +allow factory mnld_data_file:file rw_file_perms; +allow factory mnld_exec:file rx_file_perms; +allow factory mnld_prop:property_service set; + +# Other capabilities +allow factory self:capability { dac_override net_admin net_raw sys_nice sys_time }; +allow factory self:process execmem; +allow factory audiohal_prop:property_service set; + +unix_socket_connect(factory, property, init); diff --git a/sepolicy/file.te b/sepolicy/file.te new file mode 100644 index 0000000..a1da500 --- /dev/null +++ b/sepolicy/file.te @@ -0,0 +1,41 @@ +type protect_s_data_file, file_type, data_file_type; +type protect_f_data_file, file_type, data_file_type; + +type nvdata_file, file_type, data_file_type; + +type agpsd_data_file, file_type, data_file_type; +type mnld_data_file, file_type, data_file_type; +type ccci_cfg_file, file_type, data_file_type; +type logmisc_data_file, file_type, data_file_type; +type mdlog_data_file, file_type, data_file_type; +type thermal_manager_data_file, file_type, data_file_type; + +type sysfs_gps_file, fs_type, sysfs_type; +type sysfs_ccci, fs_type, sysfs_type; +type sysfs_devinfo, fs_type, sysfs_type; +type sysfs_membw, fs_type, sysfs_type; +type sysfs_boot_mode, fs_type, sysfs_type; +type sysfs_ddr_type, fs_type, sysfs_type; + +type msensord_daemon_sysfs, fs_type, sysfs_type; + +type display_color_sysfs, fs_type, sysfs_type; +type gyro_orientation_sysfs, fs_type, sysfs_type; +type fast_charge_sysfs, fs_type, sysfs_type; +type smartwake_sysfs, fs_type, sysfs_type; +type perf_control_sysfs, fs_type, sysfs_type; + +type proc_mtkcooler, fs_type; +type proc_mtktz, fs_type; +type proc_thermal, fs_type; +type proc_wmt, fs_type; + +type agpsd_socket, file_type; +type mnld_socket, file_type; +type mal_mfi_socket, file_type; + +type nfc_socket, file_type; + +# Filesystems +type exfat, sdcard_type, fs_type, mlstrustedobject; +type ntfs, sdcard_type, fs_type, mlstrustedobject; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index c108e98..6ca3ec2 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -1,3 +1,166 @@ -# Sysfs nodes -/sys/devices/soc/soc:touch@/smartwake_active u:object_r:smartwake_sysfs:s0 -/sys/devices/soc/soc:touch@/wakeup_gesture u:object_r:smartwake_sysfs:s0 +# Services +/(system|system\/vendor|vendor)/bin/6620_launcher u:object_r:conn_launcher_exec:s0 +/(system|system\/vendor|vendor)/bin/ccci_fsd u:object_r:ccci_fsd_exec:s0 +/(system|system\/vendor|vendor)/bin/ccci_mdinit u:object_r:ccci_mdinit_exec:s0 +/(system|system\/vendor|vendor)/bin/md_ctrl u:object_r:md_ctrl_exec:s0 +/(system|system\/vendor|vendor)/bin/fuelgauged u:object_r:fuelgauged_exec:s0 +/(system|system\/vendor|vendor)/bin/gsm0710muxd u:object_r:gsm0710muxd_exec:s0 +/(system|system\/vendor|vendor)/xbin/mnld u:object_r:mnld_exec:s0 +/(system|system\/vendor|vendor)/bin/mnld u:object_r:mnld_exec:s0 +/(system|system\/vendor|vendor)/bin/muxreport u:object_r:muxreport_exec:s0 +/(system|system\/vendor|vendor)/bin/msensord u:object_r:msensord_exec:s0 +/(system|system\/vendor|vendor)/bin/qmc6983d u:object_r:qmc6983d_exec:s0 +/(system|system\/vendor|vendor)/bin/mxg2320d u:object_r:mxg2320d_exec:s0 +/(system|system\/vendor|vendor)/bin/memsicd3416x u:object_r:memsicd3416x_exec:s0 +/(system|system\/vendor|vendor)/bin/mtk_agpsd u:object_r:mtk_agpsd_exec:s0 +/(system|system\/vendor|vendor)/bin/nvram_daemon u:object_r:nvram_daemon_exec:s0 +/(system|system\/vendor|vendor)/bin/pq u:object_r:pq_exec:s0 +/(system|system\/vendor|vendor)/bin/terservice u:object_r:terservice_exec:s0 +/(system|system\/vendor|vendor)/bin/thermal u:object_r:thermal_exec:s0 +/(system|system\/vendor|vendor)/bin/thermald u:object_r:thermald_exec:s0 +/(system|system\/vendor|vendor)/bin/thermal_manager u:object_r:thermal_manager_exec:s0 +/(system|system\/vendor|vendor)/bin/thermalloadalgod u:object_r:thermalloadalgo_exec:s0 +/(system|system\/vendor|vendor)/bin/mtkrild u:object_r:ril-daemon-mtk_exec:s0 +/(system|system\/vendor|vendor)/bin/mtkmal u:object_r:mtkmal_exec:s0 +/(system|system\/vendor|vendor)/bin/wifi2agps u:object_r:wifi2agps_exec:s0 +/(system|system\/vendor|vendor)/bin/wmt_loader u:object_r:wmt_loader_exec:s0 +/(system|system\/vendor|vendor)/bin/wmt_launcher u:object_r:conn_launcher_exec:s0 +/(system|system\/vendor|vendor)/bin/em_svr u:object_r:em_svr_exec:s0 +/(system|system\/vendor|vendor)/bin/kpoc_charger u:object_r:kpoc_charger_exec:s0 +/(system|system\/vendor|vendor)/bin/etsd u:object_r:etsd_exec:s0 +/(system|system\/vendor|vendor)/bin/ged_srv u:object_r:ged_srv_exec:s0 +/(system|system\/vendor|vendor)/bin/spm_loader u:object_r:spm_loader_exec:s0 + +# exfat & ntfs +/system/bin/mkfs\.exfat u:object_r:mkfs_exec:s0 +/system/bin/mkfs\.ntfs u:object_r:mkfs_exec:s0 +/system/bin/mount\.ntfs u:object_r:mkfs_exec:s0 +/system/bin/mount\.exfat u:object_r:mkfs_exec:s0 +/system/bin/fsck\.ntfs u:object_r:fsck_exec:s0 +/system/bin/fsck\.exfat u:object_r:fsck_exec:s0 + +# Meta mode +/(system|system\/vendor|vendor)/bin/meta_tst u:object_r:meta_tst_exec:s0 +/(system|system\/vendor|vendor)/bin/factory u:object_r:factory_exec:s0 + +# Files from firmware/nv partitions +/protect_f(/.*)? u:object_r:protect_f_data_file:s0 +/protect_s(/.*)? u:object_r:protect_s_data_file:s0 +/nvdata(/.*)? u:object_r:nvdata_file:s0 +/data/nvram(/.*)? u:object_r:nvdata_file:s0 + +# Hardware nodes +/dev/accdet u:object_r:accdet_device:s0 +/dev/devmap u:object_r:devmap_device:s0 +/dev/ttyC2 u:object_r:gps_device:s0 +/dev/ttyGS0 u:object_r:serial_device:s0 +/dev/gps(/.*)? u:object_r:gps_device:s0 +/dev/mali.* u:object_r:gpu_device:s0 +/dev/mtk_disp.* u:object_r:graphics_device:s0 +/dev/sw_sync u:object_r:graphics_device:s0 +/dev/stpbt(/.*)? u:object_r:stpbt_device:s0 +/dev/hwmsensor(/.*)? u:object_r:hwmsensor_device:s0 +/dev/wmtWifi(/.*)? u:object_r:wmtWifi_device:s0 +/dev/camera-isp u:object_r:camera_device:s0 +/dev/camera-fdvt u:object_r:camera_device:s0 +/dev/kd_camera_hw u:object_r:camera_device:s0 +/dev/kd_camera_flashlight u:object_r:camera_device:s0 +/dev/MAINAF u:object_r:camera_device:s0 +/dev/mtk_jpeg(/.*) u:object_r:camera_device:s0 +/dev/DW9714AF(/.*)? u:object_r:camera_device:s0 +/dev/FM50AF(/.*)? u:object_r:camera_device:s0 +/dev/CAM_CAL_DRV(/.*)? u:object_r:camera_device:s0 +/dev/MTK_SMI u:object_r:mtk_smi_device:s0 +/dev/MT_pmic_adc_cali u:object_r:pmic_adc_device:s0 +/dev/als_ps(/.*)? u:object_r:als_ps_device:s0 +/dev/mtk-adc-cali(/.*)? u:object_r:mtk-adc-cali_device:s0 +/dev/ccci.* u:object_r:ccci_device:s0 +/dev/gsensor(/.*)? u:object_r:gsensor_device:s0 +/dev/msensor(/.*)? u:object_r:msensor_device:s0 +/dev/gyroscope(/.*)? u:object_r:gyroscope_device:s0 +/dev/stpgps(/.*)? u:object_r:stpgps_device:s0 +/dev/stpwmt(/.*)? u:object_r:stpwmt_device:s0 +/dev/wmtdetect u:object_r:wmtdetect_device:s0 +/dev/ttyC0 u:object_r:gsm0710muxd_device:s0 +/dev/ttyC1 u:object_r:mdlog_device:s0 +/dev/radio(/.*)? u:object_r:radio_device:s0 +/dev/fm u:object_r:fm_device:s0 +/dev/Vcodec u:object_r:Vcodec_device:s0 +/dev/M4U_device(/.*)? u:object_r:M4U_device_device:s0 +/dev/spm u:object_r:spm_device:s0 +/dev/mt6605 u:object_r:mt6605_device:s0 +/dev/esfp0 u:object_r:esfp0_device:s0 +/dev/madev0 u:object_r:madev0_device:s0 +/dev/irtx u:object_r:irtx_device:s0 + +# Sockets +/dev/socket/rild[2-4] u:object_r:rild_socket:s0 +/dev/socket/rild-atci u:object_r:rild_socket:s0 +/dev/socket/rild-ims u:object_r:rild_socket:s0 +/dev/socket/rild-mtk-modem u:object_r:rild_socket:s0 +/dev/socket/rild-mtk-ut u:object_r:rild_socket:s0 +/dev/socket/rild-mtk-ut-2 u:object_r:rild_socket:s0 +/dev/socket/rild-oem u:object_r:rild_socket:s0 +/dev/socket/mal-mfi u:object_r:mal_mfi_socket:s0 +/dev/socket/agpsd u:object_r:agpsd_socket:s0 +/dev/socket/agpsd[2-3] u:object_r:agpsd_socket:s0 +/dev/socket/mnld u:object_r:mnld_socket:s0 + +# Block devices +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/boot u:object_r:boot_block_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/proinfo u:object_r:proinfo_device:s0 +/dev/block/platform/mtk-msdc\.0/by-name/proinfo u:object_r:proinfo_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/nvram u:object_r:nvram_device:s0 +/dev/block/platform/mtk-msdc\.0/by-name/nvram u:object_r:nvram_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/nvdata u:object_r:nvdata_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/logo u:object_r:logo_block_device:s0 +/dev/block/platform/mtk-msdc\.0/by-name/logo u:object_r:logo_block_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/protect1 u:object_r:protect1_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/protect2 u:object_r:protect2_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/userdata u:object_r:userdata_block_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/cache u:object_r:cache_block_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/recovery u:object_r:recovery_block_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/frp u:object_r:frp_block_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/metadata u:object_r:metadata_block_device:s0 +/dev/block/platform/mtk-msdc\.0/[0-9]+\.(msdc|MSDC)0/by-name/para u:object_r:para_block_device:s0 +/dev/block/mmcblk1 u:object_r:mmc_device:s0 +/dev/block/zram0 u:object_r:swap_block_device:s0 + +# Sysfs nodes +/sys/devices/virtual/gpsdrv(/.*)? u:object_r:sysfs_gps_file:s0 +/sys/kernel/ccci(/.*)? u:object_r:sysfs_ccci:s0 +/sys/bus/platform/drivers/dev_info/dev_info u:object_r:sysfs_devinfo:s0 +/sys/bus/platform/drivers/mem_bw_ctrl/concurrency_scenario u:object_r:sysfs_membw:s0 +/sys/bus/platform/drivers/ddr_type/ddr_type u:object_r:sysfs_ddr_type:s0 +/sys/devices/virtual/BOOT/BOOT/boot/boot_mode u:object_r:sysfs_boot_mode:s0 +/sys/devices/platform/mtk_disp_mgr.0/rgb u:object_r:display_color_sysfs:s0 +/sys/bus/platform/drivers/msensor/daemon u:object_r:msensord_daemon_sysfs:s0 +/sys/bus/platform/drivers/gyroscope/gyro_orientation u:object_r:gyro_orientation_sysfs:s0 +/sys/kernel/charge_levels/quick_charge_enable u:object_r:fast_charge_sysfs:s0 +/sys/kernel/charge_levels/charge_level_ac u:object_r:fast_charge_sysfs:s0 +/sys/kernel/charge_levels/charge_level_usb u:object_r:fast_charge_sysfs:s0 +/sys/devices/system/cpu/cpu0/cpufreq/scaling_min_freq u:object_r:perf_control_sysfs:s0 +/sys/devices/system/cpu/cpu0/cpufreq/scaling_max_freq u:object_r:perf_control_sysfs:s0 +/sys/devices/system/cpu/cpu0/cpufreq/scaling_governor u:object_r:perf_control_sysfs:s0 +/sys/block/mmcblk0/queue/scheduler u:object_r:perf_control_sysfs:s0 +/sys/devices/.*/queue/scheduler u:object_r:perf_control_sysfs:s0 + +# Config/Runtime files +/data/agps_supl(/.*)? u:object_r:agpsd_data_file:s0 +/data/app/cache.dat u:object_r:mnld_data_file:s0 +/data/gps_mnl(/.*)? u:object_r:mnld_data_file:s0 +/data/misc/gps(/.*)? u:object_r:mnld_data_file:s0 +/data/misc/GPS_CHIP.cfg u:object_r:mnld_data_file:s0 +/data/misc/gps.conf u:object_r:mnld_data_file:s0 +/data/misc/mnl_nlp.dat u:object_r:mnld_data_file:s0 +/data/misc/mblog(/.*)? u:object_r:logmisc_data_file:s0 +/data/log_temp(/.*)? u:object_r:logmisc_data_file:s0 +/data/mdlog(/.*)? u:object_r:mdlog_data_file:s0 +/data/mdl(/.*)? u:object_r:mdlog_data_file:s0 +/data/ccci_cfg(/.*)? u:object_r:ccci_cfg_file:s0 +/data/.tp(/.*)? u:object_r:thermal_manager_data_file:s0 +/data/nfc_socket(/.*)? u:object_r:nfc_socket:s0 + +# Sysfs nodes +/sys/devices/soc/soc:touch@/smartwake_active u:object_r:smartwake_sysfs:s0 +/sys/devices/soc/soc:touch@/wakeup_gesture u:object_r:smartwake_sysfs:s0 \ No newline at end of file diff --git a/sepolicy/fingerprintd.te b/sepolicy/fingerprintd.te new file mode 100644 index 0000000..bb0b9b4 --- /dev/null +++ b/sepolicy/fingerprintd.te @@ -0,0 +1,4 @@ +allow fingerprintd esfp0_device:chr_file rw_file_perms; +allow fingerprintd madev0_device:chr_file rw_file_perms; +allow fingerprintd etsd:binder { call transfer }; +allow fingerprintd self:capability { dac_override dac_read_search }; \ No newline at end of file diff --git a/sepolicy/fsck.te b/sepolicy/fsck.te new file mode 100644 index 0000000..58a6021 --- /dev/null +++ b/sepolicy/fsck.te @@ -0,0 +1,3 @@ +allow fsck protect1_device:blk_file rw_file_perms; +allow fsck protect2_device:blk_file rw_file_perms; +allow fsck nvdata_device:blk_file rw_file_perms; diff --git a/sepolicy/fsck_untrusted.te b/sepolicy/fsck_untrusted.te new file mode 100644 index 0000000..4bb5047 --- /dev/null +++ b/sepolicy/fsck_untrusted.te @@ -0,0 +1,2 @@ +# External storage +allow fsck_untrusted self:capability sys_admin; \ No newline at end of file diff --git a/sepolicy/fuelgauged.te b/sepolicy/fuelgauged.te new file mode 100644 index 0000000..cf9912c --- /dev/null +++ b/sepolicy/fuelgauged.te @@ -0,0 +1,7 @@ +type fuelgauged_exec, exec_type, file_type; +type fuelgauged, domain, domain_deprecated; + +init_daemon_domain(fuelgauged) + +allow fuelgauged self:netlink_socket create_socket_perms; +allow fuelgauged kmsg_device:chr_file w_file_perms; diff --git a/sepolicy/ged_srv.te b/sepolicy/ged_srv.te new file mode 100644 index 0000000..06a2263 --- /dev/null +++ b/sepolicy/ged_srv.te @@ -0,0 +1,14 @@ +type ged_srv, domain, domain_deprecated; +type ged_srv_exec, exec_type, file_type; + +init_daemon_domain(ged_srv) + +binder_use(ged_srv) +binder_service(ged_srv) +binder_call(ged_srv, system_server) + +allow ged_srv servicemanager:binder call; +allow ged_srv surfaceflinger:binder call; +allow ged_srv surfaceflinger_service:service_manager find; +allow ged_srv self:netlink_kobject_uevent_socket { bind create setopt read}; +allow ged_srv sysfs_boot_mode:file r_file_perms; diff --git a/sepolicy/genfs_contexts b/sepolicy/genfs_contexts new file mode 100644 index 0000000..eb7a33a --- /dev/null +++ b/sepolicy/genfs_contexts @@ -0,0 +1,7 @@ +genfscon proc /driver/thermal u:object_r:proc_thermal:s0 +genfscon proc /driver/wmt u:object_r:proc_wmt:s0 +genfscon proc /mtkcooler u:object_r:proc_mtkcooler:s0 +genfscon proc /mtktz u:object_r:proc_mtktz:s0 +genfscon fuseblk / u:object_r:fuse:s0 +genfscon exfat / u:object_r:exfat:s0 +genfscon ntfs / u:object_r:ntfs:s0 diff --git a/sepolicy/gsm0710muxd.te b/sepolicy/gsm0710muxd.te new file mode 100644 index 0000000..3c0a149 --- /dev/null +++ b/sepolicy/gsm0710muxd.te @@ -0,0 +1,18 @@ +type gsm0710muxd_exec, exec_type, file_type; +type gsm0710muxd, domain, domain_deprecated; + +init_daemon_domain(gsm0710muxd) + +allow gsm0710muxd gsm0710muxd_device:chr_file rw_file_perms; +allow gsm0710muxd radio_device:dir w_dir_perms; +allow gsm0710muxd radio_device:lnk_file create_file_perms; +allow gsm0710muxd devpts:chr_file setattr; +allow gsm0710muxd self:capability { setuid fowner chown }; +allow gsm0710muxd sysfs_ccci:dir search; +allow gsm0710muxd sysfs_ccci:file r_file_perms; + +allow gsm0710muxd ctl_rildaemon_prop:property_service set; +allow gsm0710muxd radio_prop:property_service set; +allow gsm0710muxd ril_mux_report_case_prop:property_service set; + +unix_socket_connect(gsm0710muxd, property, init) diff --git a/sepolicy/healthd.te b/sepolicy/healthd.te new file mode 100644 index 0000000..a7ec774 --- /dev/null +++ b/sepolicy/healthd.te @@ -0,0 +1 @@ +allow healthd device:dir r_dir_perms; diff --git a/sepolicy/init.te b/sepolicy/init.te new file mode 100644 index 0000000..cb35bcd --- /dev/null +++ b/sepolicy/init.te @@ -0,0 +1,9 @@ +allow init ccci_device:chr_file { write ioctl }; +allow init devpts:chr_file ioctl; + +# Allow init to format formattable partitions…partitions +allow init nvdata_device:blk_file write; +allow init protect1_device:blk_file write; +allow init protect2_device:blk_file write; + +allow init socket_device:sock_file { create setattr unlink }; diff --git a/sepolicy/kernel.te b/sepolicy/kernel.te new file mode 100644 index 0000000..d87c6e7 --- /dev/null +++ b/sepolicy/kernel.te @@ -0,0 +1,6 @@ +allow kernel nvdata_file:dir search; +allow kernel nvdata_file:file r_file_perms; +allow kernel self:capability dac_override; +allow kernel wifi_data_file:dir search; +allow kernel wifi_data_file:file r_file_perms; + diff --git a/sepolicy/kpoc_charger.te b/sepolicy/kpoc_charger.te new file mode 100644 index 0000000..1b0b533 --- /dev/null +++ b/sepolicy/kpoc_charger.te @@ -0,0 +1,25 @@ +type kpoc_charger, domain, domain_deprecated; +type kpoc_charger_exec, exec_type, file_type; + +init_daemon_domain(kpoc_charger) + +allow kpoc_charger block_device:dir search; +allow kpoc_charger graphics_device:dir search; +allow kpoc_charger input_device:dir { open read search }; +allow kpoc_charger input_device:chr_file { open read write ioctl }; +allow kpoc_charger property_socket:sock_file write; +allow kpoc_charger self:capability sys_nice; +allow kpoc_charger self:capability net_admin; +allow kpoc_charger self:capability dac_override; +allow kpoc_charger self:netlink_kobject_uevent_socket { create bind read setopt }; +allow kpoc_charger sysfs:file write; +allow kpoc_charger graphics_device:chr_file { read write ioctl open }; +allow kpoc_charger kmsg_device:chr_file { write open }; +allow kpoc_charger logo_block_device:blk_file { read open }; +allow kpoc_charger rtc_device:chr_file { open read write }; +allow kpoc_charger init:unix_stream_socket connectto; +allow healthd self:capability dac_override; +allow healthd app_data_file:file write; +allow healthd device:dir {open read write}; +allow kpoc_charger self:capability sys_boot; +allow kpoc_charger alarm_device:chr_file write; \ No newline at end of file diff --git a/sepolicy/md_ctrl.te b/sepolicy/md_ctrl.te new file mode 100644 index 0000000..ee57225 --- /dev/null +++ b/sepolicy/md_ctrl.te @@ -0,0 +1,11 @@ +type md_ctrl_exec, exec_type, file_type; +type md_ctrl, domain, domain_deprecated; + +init_daemon_domain(md_ctrl) + +allow md_ctrl ccci_device:chr_file rw_file_perms; +allow md_ctrl devpts:chr_file rw_file_perms; +allow md_ctrl muxreport_exec:file rx_file_perms; +allow md_ctrl self:capability dac_override; + +set_prop(md_ctrl,vold_encryption_type_prop); diff --git a/sepolicy/mediacodec.te b/sepolicy/mediacodec.te new file mode 100644 index 0000000..cb58892 --- /dev/null +++ b/sepolicy/mediacodec.te @@ -0,0 +1,23 @@ +# nvram +allow mediacodec nvdata_file:dir rw_dir_perms; +allow mediacodec nvdata_file:file create_file_perms; +allow mediacodec ccci_device:chr_file rw_file_perms; + +# video codec +allow mediacodec Vcodec_device:chr_file rw_file_perms; +allow mediacodec devmap_device:chr_file r_file_perms; +allow mediacodec devmap_device:chr_file { ioctl }; +allow mediacodec mtk_smi_device:chr_file { ioctl read open }; +allow mediacodec proc:file { open read ioctl }; +allow mediacodec sysfs:file { open read write }; +allow mediacodec sysfs_devinfo:file { open read write }; +allow mediacodec proc_meminfo:file { open read getattr }; + +allow mediacodec property_socket:sock_file write; +allow mediacodec init:unix_stream_socket connectto; + +# M4U +allow mediacodec M4U_device_device:chr_file rw_file_perms; + +# PQ +allow mediacodec pq_service:service_manager find; diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te new file mode 100644 index 0000000..ada062a --- /dev/null +++ b/sepolicy/mediaserver.te @@ -0,0 +1,9 @@ +# nvram +allow mediaserver nvdata_file:dir rw_dir_perms; +allow mediaserver nvdata_file:file create_file_perms; +allow mediaserver ccci_device:chr_file rw_file_perms; + +# PQ +allow mediaserver pq_service:service_manager find; + +allow mediaserver sysfs_devinfo:file r_file_perms; diff --git a/sepolicy/memsicd3416x.te b/sepolicy/memsicd3416x.te new file mode 100644 index 0000000..7d5cc9a --- /dev/null +++ b/sepolicy/memsicd3416x.te @@ -0,0 +1,7 @@ +type memsicd3416x_exec, exec_type, file_type; +type memsicd3416x, domain, domain_deprecated; + +init_daemon_domain(memsicd3416x) + +allow memsicd3416x msensor_device:chr_file rw_file_perms; +allow memsicd3416x gsensor_device:chr_file rw_file_perms; \ No newline at end of file diff --git a/sepolicy/meta_tst.te b/sepolicy/meta_tst.te new file mode 100644 index 0000000..6536d06 --- /dev/null +++ b/sepolicy/meta_tst.te @@ -0,0 +1,47 @@ +type meta_tst_exec, exec_type, file_type; +type meta_tst, domain, domain_deprecated; + +init_daemon_domain(meta_tst) + +allow meta_tst ccci_device:chr_file rw_file_perms; +allow meta_tst serial_device:chr_file rw_file_perms; +allow meta_tst mdlog_device:chr_file rw_file_perms; + +allow meta_tst nvdata_file:dir create_dir_perms; +allow meta_tst nvdata_file:file create_file_perms; + +allow meta_tst nvdata_device:blk_file rw_file_perms; +allow meta_tst nvram_device:blk_file rw_file_perms; +allow meta_tst proinfo_device:blk_file rw_file_perms; + +allow meta_tst fm_device:chr_file { read write open ioctl }; + +allow meta_tst sysfs_gps_file:dir search; +allow meta_tst sysfs_gps_file:file rw_file_perms; + +allow meta_tst gps_device:chr_file { read write open }; +allow meta_tst agpsd_data_file:dir search; +allow meta_tst agpsd_data_file:sock_file write; +allow meta_tst gps_data_file:file create_file_perms; +allow meta_tst gps_data_file:dir rw_dir_perms; + +allow meta_tst mnld_exec:file { execute read open }; +allow meta_tst mnld_exec:file execute_no_trans; +allow meta_tst stpgps_device:chr_file { open read write ioctl }; +allow meta_tst mnld_prop:property_service set; +allow meta_tst mnld_data_file:file create_file_perms; +allow meta_tst mnld_data_file:dir rw_dir_perms; + +# For GPS +allow meta_tst port:tcp_socket { name_connect name_bind }; +allow meta_tst self:tcp_socket { create connect setopt bind }; +allow meta_tst self:tcp_socket { bind setopt listen accept read write }; +allow meta_tst node:tcp_socket node_bind; + + +allow meta_tst sysfs:file write; + +allow meta_tst powerctl_prop:property_service set; +unix_socket_connect(meta_tst, property, init) + +allow meta_tst self:capability { net_raw chown fsetid sys_nice net_admin fowner dac_override sys_admin }; diff --git a/sepolicy/mkfs.te b/sepolicy/mkfs.te new file mode 100644 index 0000000..fe7c61b --- /dev/null +++ b/sepolicy/mkfs.te @@ -0,0 +1,9 @@ +type mkfs, domain; +type mkfs_exec, exec_type, file_type; + +init_daemon_domain(mkfs) + +# Allow formatting userdata or cache partitions +allow mkfs block_device:dir search; +allow mkfs userdata_block_device:blk_file rw_file_perms; +allow mkfs cache_block_device:blk_file rw_file_perms; diff --git a/sepolicy/mnld.te b/sepolicy/mnld.te new file mode 100644 index 0000000..8e86efc --- /dev/null +++ b/sepolicy/mnld.te @@ -0,0 +1,46 @@ +type mnld_exec, exec_type, file_type; +type mnld, domain, domain_deprecated; + +init_daemon_domain(mnld) +net_domain(mnld) + +allow mnld gps_device:chr_file rw_file_perms; +allow mnld stpgps_device:chr_file rw_file_perms; + +allow mnld gps_data_file:dir create_dir_perms; +allow mnld gps_data_file:file create_file_perms; + +allow mnld agpsd_data_file:dir create_dir_perms; +allow mnld agpsd_data_file:sock_file create_file_perms; +allow mnld mtk_agpsd:unix_dgram_socket sendto; + +allow mnld mnld_data_file:dir rw_dir_perms; +allow mnld mnld_data_file:sock_file create_file_perms; +allow mnld mnld_data_file:file create_file_perms; + +allow mnld nvdata_file:dir rw_dir_perms; +allow mnld nvdata_file:file create_file_perms; +allow mnld nvdata_file:lnk_file r_file_perms; +allow mnld nvram_device:blk_file rw_file_perms; + +allow mnld sysfs_gps_file:dir search; +allow mnld sysfs_gps_file:file rw_file_perms; + +allow mnld mnld_prop:property_service set; +allow mnld property_socket:sock_file write; + +allow mnld init:unix_stream_socket connectto; +allow mnld system_server:unix_dgram_socket { sendto write }; + +allow mnld fuse:dir create_dir_perms; +allow mnld fuse:file create_file_perms; + +allow mnld storage_file:dir search; +allow mnld storage_file:lnk_file read; + +allow mnld mdlog_device:chr_file { read write }; + +allow mnld block_device:dir search; + +file_type_auto_trans(mnld,system_data_file,mnld_data_file); +file_type_auto_trans(mnld,apk_data_file,mnld_data_file); diff --git a/sepolicy/msensord.te b/sepolicy/msensord.te new file mode 100644 index 0000000..14f5e70 --- /dev/null +++ b/sepolicy/msensord.te @@ -0,0 +1,12 @@ +type msensord_exec, exec_type, file_type; +type msensord, domain, domain_deprecated; + +init_daemon_domain(msensord) + +allow msensord msensord_daemon_sysfs:file r_file_perms; + +allow msensord ctl_qmc6983d_prop:property_service set; +allow msensord ctl_mxg2320d_prop:property_service set; +allow msensord ctl_memsicd3416x_prop:property_service set; + +unix_socket_connect(msensord, property, init) diff --git a/sepolicy/mtk_agpsd.te b/sepolicy/mtk_agpsd.te new file mode 100644 index 0000000..fb9bc93 --- /dev/null +++ b/sepolicy/mtk_agpsd.te @@ -0,0 +1,21 @@ +type mtk_agpsd_exec, exec_type, file_type; +type mtk_agpsd, domain, domain_deprecated; + +init_daemon_domain(mtk_agpsd) +net_domain(mtk_agpsd) + +allow mtk_agpsd agpsd_data_file:dir create_dir_perms; +allow mtk_agpsd agpsd_data_file:sock_file create_file_perms; +allow mtk_agpsd gps_device:chr_file rw_file_perms; +allow mtk_agpsd self:udp_socket create; + +allow mtk_agpsd storage_file:dir search; +allow mtk_agpsd storage_file:lnk_file read; + +allow mtk_agpsd mnt_user_file:dir create_dir_perms; +allow mtk_agpsd mnt_user_file:lnk_file create_file_perms; + +allow mtk_agpsd fuse:dir create_dir_perms; +allow mtk_agpsd fuse:file create_file_perms; + +unix_socket_send(mtk_agpsd, mnld, mnld); diff --git a/sepolicy/mtkmal.te b/sepolicy/mtkmal.te new file mode 100644 index 0000000..15fd834 --- /dev/null +++ b/sepolicy/mtkmal.te @@ -0,0 +1,10 @@ +type mtkmal_exec, exec_type, file_type; +type mtkmal, domain, domain_deprecated; + +init_daemon_domain(mtkmal) + +allow mtkmal init:unix_stream_socket connectto; +allow mtkmal property_socket:sock_file write; +allow mtkmal mal_mfi_socket:sock_file write; + +allow mtkmal self:capability { setuid setgid }; diff --git a/sepolicy/muxreport.te b/sepolicy/muxreport.te new file mode 100644 index 0000000..e17a075 --- /dev/null +++ b/sepolicy/muxreport.te @@ -0,0 +1,13 @@ +type muxreport_exec, exec_type, file_type; +type muxreport, domain, domain_deprecated; + +init_daemon_domain(muxreport) + +allow muxreport ccci_device:chr_file { read write ioctl open }; +allow muxreport ril_mux_report_case_prop:property_service set; +allow muxreport init:unix_stream_socket connectto; +allow muxreport property_socket:sock_file write; +allow muxreport devpts:chr_file { read write getattr ioctl }; +allow muxreport self:capability dac_override; +allow muxreport sysfs_ccci:dir search; +allow muxreport sysfs_ccci:file r_file_perms; \ No newline at end of file diff --git a/sepolicy/mxg2320d.te b/sepolicy/mxg2320d.te new file mode 100644 index 0000000..878ca31 --- /dev/null +++ b/sepolicy/mxg2320d.te @@ -0,0 +1,7 @@ +type mxg2320d_exec, exec_type, file_type; +type mxg2320d, domain, domain_deprecated; + +init_daemon_domain(mxg2320d) + +allow mxg2320d msensor_device:chr_file rw_file_perms; +allow mxg2320d gsensor_device:chr_file rw_file_perms; \ No newline at end of file diff --git a/sepolicy/netd.te b/sepolicy/netd.te new file mode 100644 index 0000000..e70363e --- /dev/null +++ b/sepolicy/netd.te @@ -0,0 +1,4 @@ +# Wifi +allow netd wmtWifi_device:chr_file w_file_perms; + +allow netd self:capability sys_module; diff --git a/sepolicy/nfc.te b/sepolicy/nfc.te new file mode 100644 index 0000000..56bfa94 --- /dev/null +++ b/sepolicy/nfc.te @@ -0,0 +1,4 @@ +allow nfc nfc_socket:dir { write remove_name add_name search }; +allow nfc nfc_socket:sock_file { write create setattr unlink }; + +allow nfc mt6605_device:chr_file { read write getattr open ioctl }; \ No newline at end of file diff --git a/sepolicy/nvram_daemon.te b/sepolicy/nvram_daemon.te new file mode 100644 index 0000000..18af42f --- /dev/null +++ b/sepolicy/nvram_daemon.te @@ -0,0 +1,26 @@ +type nvram_daemon_exec, exec_type, file_type; +type nvram_daemon, domain, domain_deprecated; + +init_daemon_domain(nvram_daemon) + +allow nvram_daemon self:capability { fowner dac_override dac_read_search chown fsetid }; +allow nvram_daemon nvram_device:blk_file rw_file_perms; +allow nvram_daemon nvdata_device:blk_file rw_file_perms; +allow nvram_daemon nvdata_file:dir create_dir_perms; +allow nvram_daemon nvdata_file:file create_file_perms; +allow nvram_daemon nvdata_file:lnk_file r_file_perms; +allow nvram_daemon shell_exec:file { read execute open execute_no_trans getattr }; +allow nvram_daemon als_ps_device:chr_file r_file_perms; +allow nvram_daemon mtk-adc-cali_device:chr_file rw_file_perms; +allow nvram_daemon gsensor_device:chr_file r_file_perms; +allow nvram_daemon msensor_device:chr_file r_file_perms; +allow nvram_daemon gyroscope_device:chr_file r_file_perms; +allow nvram_daemon toolbox_exec:file rx_file_perms; + +allow nvram_daemon proinfo_device:blk_file rw_file_perms; +allow nvram_daemon nvram_prop:property_service set; +allow nvram_daemon wmt_prop:property_service set; + +allow nvram_daemon block_device:dir search; + +unix_socket_connect(nvram_daemon, property, init) diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te new file mode 100644 index 0000000..84a30ea --- /dev/null +++ b/sepolicy/platform_app.te @@ -0,0 +1,11 @@ +# Fingerprint +allow platform_app esfp0_device:chr_file rw_file_perms; +allow platform_app esfp0_device:chr_file rw_file_perms; +allow platform_app etsd_service:service_manager find; +allow platform_app etsd:binder { call transfer }; + +# Guiext +allow platform_app guiext-server_service:service_manager find; + +# PQ +allow platform_app pq_service:service_manager find; diff --git a/sepolicy/pq.te b/sepolicy/pq.te new file mode 100644 index 0000000..85ada8f --- /dev/null +++ b/sepolicy/pq.te @@ -0,0 +1,15 @@ +type pq_exec, exec_type, file_type; +type pq, domain, domain_deprecated; + +init_daemon_domain(pq) + +binder_use(pq) +binder_call(pq, binderservicedomain) +binder_service(pq) + +allow pq pq_service:service_manager add; +unix_socket_connect(pq, property, init) + +allow pq pq_conf_prop:property_service set; + +allow pq graphics_device:chr_file { open read ioctl }; diff --git a/sepolicy/priv_app.te b/sepolicy/priv_app.te new file mode 100644 index 0000000..7874778 --- /dev/null +++ b/sepolicy/priv_app.te @@ -0,0 +1,5 @@ +# Guiext +allow priv_app guiext-server_service:service_manager find; + +# PQ +allow priv_app pq_service:service_manager find; diff --git a/sepolicy/property.te b/sepolicy/property.te new file mode 100644 index 0000000..2b8d6b8 --- /dev/null +++ b/sepolicy/property.te @@ -0,0 +1,18 @@ +type wmt_prop, property_type, mtk_property_type; +type mtk_md_prop, property_type, mtk_property_type; +type mnld_prop, property_type, mtk_property_type; +type ctl_qmc6983d_prop, property_type; +type ctl_mxg2320d_prop, property_type; +type ctl_memsicd3416x_prop, property_type; +type ctl_ccci_fsd_prop, property_type; +type ctl_gsm0710muxd_prop, property_type; +type ctl_gsm0710muxdmd2_prop, property_type; +type ctl_muxreport-daemon_prop, property_type; +type nvram_prop, property_type, mtk_property_type; +type pq_conf_prop, property_type, mtk_property_type; +type audiohal_prop, property_type, mtk_property_type; +type ril_mux_report_case_prop, property_type, mtk_property_type; +type ril_msim_power_prop, property_type, mtk_property_type; +type ril_sim_inserted_status, property_type, mtk_property_type; +type serial_number_prop, property_type, mtk_property_type; +type vold_encryption_type_prop, property_type; diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts new file mode 100644 index 0000000..aff6dc0 --- /dev/null +++ b/sepolicy/property_contexts @@ -0,0 +1,26 @@ +service.wcn u:object_r:wmt_prop:s0 +persist.mtk.wcn u:object_r:wmt_prop:s0 +wlan.mtk.wifi.5g u:object_r:wmt_prop:s0 +mtk.md u:object_r:mtk_md_prop:s0 +gps.clock.type u:object_r:mnld_prop:s0 +gps.gps.version u:object_r:mnld_prop:s0 +ctl.qmc6983d u:object_r:ctl_qmc6983d_prop:s0 +ctl.mxg2320d u:object_r:ctl_mxg2320d_prop:s0 +ctl.memsicd3416x u:object_r:ctl_memsicd3416x_prop:s0 +ctl.ccci_fsd u:object_r:ctl_ccci_fsd_prop:s0 +ctl.gsm0710muxd u:object_r:ctl_gsm0710muxd_prop:s0 +ctl.gsm0710muxd-s u:object_r:ctl_gsm0710muxd_prop:s0 +ctl.gsm0710muxd-d u:object_r:ctl_gsm0710muxd_prop:s0 +ctl.gsm0710muxdmd2 u:object_r:ctl_gsm0710muxdmd2_prop:s0 +ctl.muxreport-daemon u:object_r:ctl_muxreport-daemon_prop:s0 +service.nvram_init u:object_r:nvram_prop:s0 +persist.sys.pq u:object_r:pq_conf_prop:s0 +af. u:object_r:audiohal_prop:s0 +persist.af. u:object_r:audiohal_prop:s0 +ril.mux.report.case u:object_r:ril_mux_report_case_prop:s0 +sys.msim.power.slot0 u:object_r:ril_msim_power_prop:s0 +sys.msim.power.slot1 u:object_r:ril_msim_power_prop:s0 +sys.sim_inserted_status_0 u:object_r:ril_sim_inserted_status:s0 +sys.sim_inserted_status_1 u:object_r:ril_sim_inserted_status:s0 +ro.serialno u:object_r:serial_number_prop:s0 +vold.encryption.type u:object_r:vold_encryption_type_prop:s0 diff --git a/sepolicy/qmc6983d.te b/sepolicy/qmc6983d.te new file mode 100644 index 0000000..57b11e0 --- /dev/null +++ b/sepolicy/qmc6983d.te @@ -0,0 +1,7 @@ +type qmc6983d_exec, exec_type, file_type; +type qmc6983d, domain, domain_deprecated; + +init_daemon_domain(qmc6983d) + +allow qmc6983d msensor_device:chr_file rw_file_perms; +allow qmc6983d gsensor_device:chr_file rw_file_perms; \ No newline at end of file diff --git a/sepolicy/radio.te b/sepolicy/radio.te new file mode 100644 index 0000000..5f2f249 --- /dev/null +++ b/sepolicy/radio.te @@ -0,0 +1,4 @@ +unix_socket_connect(radio, rild, ril-daemon-mtk) + +allow radio ril_mux_report_case_prop:property_service set; +allow radio ril_msim_power_prop:property_service set; diff --git a/sepolicy/ril-daemon-mtk.te b/sepolicy/ril-daemon-mtk.te new file mode 100644 index 0000000..c1b5c86 --- /dev/null +++ b/sepolicy/ril-daemon-mtk.te @@ -0,0 +1,33 @@ +type ril-daemon-mtk_exec, exec_type, file_type; +type ril-daemon-mtk, domain, domain_deprecated; + +init_daemon_domain(ril-daemon-mtk) +net_domain(ril-daemon-mtk) + +allow ril-daemon-mtk ccci_device:chr_file rw_file_perms; +allow ril-daemon-mtk devpts:chr_file rw_file_perms; +allow ril-daemon-mtk self:capability setuid; +allow ril-daemon-mtk sysfs_wake_lock:file rw_file_perms; +allow ril-daemon-mtk sysfs_ccci:dir search; +allow ril-daemon-mtk sysfs_ccci:file r_file_perms; +allow ril-daemon-mtk block_device:dir search; +allow ril-daemon-mtk para_block_device:blk_file rw_file_perms; + +allow ril-daemon-mtk self:udp_socket create_socket_perms; +allow ril-daemon-mtk self:capability { setuid net_admin net_raw }; + +allow ril-daemon-mtk mal_mfi_socket:sock_file { w_file_perms }; +allow ril-daemon-mtk mtkmal:unix_stream_socket connectto; + +allow ril-daemon-mtk radio_device:dir search; +allow ril-daemon-mtk radio_prop:property_service set; + +allow ril-daemon-mtk ctl_muxreport-daemon_prop:property_service set; +allow ril-daemon-mtk ril_mux_report_case_prop:property_service set; +allow ril-daemon-mtk ril_sim_inserted_status:property_service set; +allow ril-daemon-mtk serial_number_prop:property_service set; + +unix_socket_connect(ril-daemon-mtk, property, init) + +# Access to wake locks +wakelock_use(ril-daemon-mtk) diff --git a/sepolicy/service.te b/sepolicy/service.te new file mode 100644 index 0000000..472c45f --- /dev/null +++ b/sepolicy/service.te @@ -0,0 +1,5 @@ +type pq_service, service_manager_type; +type guiext-server_service, service_manager_type; +type nvram_agent_service, service_manager_type; +type etsd_service, service_manager_type; +type edge_gesture_service, system_api_service, system_server_service, service_manager_type; diff --git a/sepolicy/service_contexts b/sepolicy/service_contexts new file mode 100644 index 0000000..e3dd286 --- /dev/null +++ b/sepolicy/service_contexts @@ -0,0 +1,5 @@ +PQ u:object_r:pq_service:s0 +GuiExtService u:object_r:guiext-server_service:s0 +NvRAMAgent u:object_r:nvram_agent_service:s0 +egistec.ets.service.daemon u:object_r:etsd_service:s0 +edgegestureservice u:object_r:edge_gesture_service:s0 diff --git a/sepolicy/spm_loader.te b/sepolicy/spm_loader.te new file mode 100644 index 0000000..fd08ce5 --- /dev/null +++ b/sepolicy/spm_loader.te @@ -0,0 +1,6 @@ +type spm_loader_exec, exec_type, file_type; +type spm_loader, domain, domain_deprecated; + +init_daemon_domain(spm_loader) + +allow spm_loader spm_device:chr_file r_file_perms; diff --git a/sepolicy/surfaceflinger.te b/sepolicy/surfaceflinger.te new file mode 100644 index 0000000..f2c3b63 --- /dev/null +++ b/sepolicy/surfaceflinger.te @@ -0,0 +1,7 @@ +allow surfaceflinger pq_service:service_manager find; + +allow surfaceflinger guiext-server_service:service_manager { find add }; + +allow surfaceflinger debug_prop:property_service set; + +allow surfaceflinger mtk_smi_device:chr_file { read write open ioctl }; diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te new file mode 100644 index 0000000..95fdd9e --- /dev/null +++ b/sepolicy/system_app.te @@ -0,0 +1,8 @@ +allow system_app fm_device:chr_file rw_file_perms; + +allow system_app gyro_orientation_sysfs:file rw_file_perms; +allow system_app fast_charge_sysfs:file rw_file_perms; +allow system_app smartwake_sysfs:file rw_file_perms; +allow system_app perf_control_sysfs:file rw_file_perms; + +allow system_app em_svr:unix_stream_socket connectto; \ No newline at end of file diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te new file mode 100644 index 0000000..a06dd32 --- /dev/null +++ b/sepolicy/system_server.te @@ -0,0 +1,37 @@ +# GPS +allow system_server mnld:unix_dgram_socket sendto; +allow system_server mnld_data_file:dir w_dir_perms; +allow system_server mnld_data_file:sock_file create_file_perms; +allow system_server mnld_data_file:file create_file_perms; + +# Persist +allow system_server protect_s_data_file:dir r_dir_perms; + +# Sensors +allow system_server hwmsensor_device:chr_file r_file_perms; + +# Wifi +allow system_server wmtWifi_device:chr_file w_file_perms; + +# RGB Display Color +allow system_server display_color_sysfs:file rw_file_perms; + +# Fast Charge +allow system_server fast_charge_sysfs:file rw_file_perms; + +# Smart Wake +allow system_server smartwake_sysfs:file rw_file_perms; + +# Fingerprint +binder_call(system_server, etsd) +allow system_server etsd_service:service_manager find; +allow fingerprintd etsd_service:service_manager find; + +# IR +allow system_server irtx_device:chr_file rw_file_perms; + +# External storage +allow system_server storage_stub_file:dir { getattr }; + +# Guiext +allow system_server guiext-server_service:service_manager find; diff --git a/sepolicy/terservice.te b/sepolicy/terservice.te new file mode 100644 index 0000000..466a013 --- /dev/null +++ b/sepolicy/terservice.te @@ -0,0 +1,4 @@ +type terservice_exec, exec_type, file_type; +type terservice, domain, domain_deprecated; + +init_daemon_domain(terservice) diff --git a/sepolicy/thermal.te b/sepolicy/thermal.te new file mode 100644 index 0000000..3a53730 --- /dev/null +++ b/sepolicy/thermal.te @@ -0,0 +1,10 @@ +type thermal_exec, exec_type, file_type; +type thermal, domain, domain_deprecated; + +init_daemon_domain(thermal) + +allow thermal proc_thermal:dir search; +allow thermal proc_thermal:file rw_file_perms; +allow thermal rild_socket:sock_file w_file_perms; + +allow thermal ril-daemon-mtk:unix_stream_socket connectto; diff --git a/sepolicy/thermal_manager.te b/sepolicy/thermal_manager.te new file mode 100644 index 0000000..c79ce8e --- /dev/null +++ b/sepolicy/thermal_manager.te @@ -0,0 +1,14 @@ +type thermal_manager_exec, exec_type, file_type; +type thermal_manager, domain, domain_deprecated; + +init_daemon_domain(thermal_manager) + +allow thermal_manager self:capability { fowner fsetid chown fsetid dac_override }; +allow thermal_manager proc_thermal:dir search; +allow thermal_manager proc_thermal:file rw_file_perms; +allow thermal_manager proc_mtkcooler:dir search; +allow thermal_manager proc_mtkcooler:file rw_file_perms; +allow thermal_manager proc_mtktz:dir search; +allow thermal_manager proc_mtktz:file rw_file_perms; +allow thermal_manager thermal_manager_data_file:dir rw_dir_perms; +allow thermal_manager thermal_manager_data_file:file create_file_perms; diff --git a/sepolicy/thermald.te b/sepolicy/thermald.te new file mode 100644 index 0000000..a4b53b1 --- /dev/null +++ b/sepolicy/thermald.te @@ -0,0 +1,7 @@ +type thermald_exec, exec_type, file_type; +type thermald, domain, domain_deprecated; + +init_daemon_domain(thermald) + +allow thermald proc_thermal:dir search; +allow thermald proc_thermal:file rw_file_perms; diff --git a/sepolicy/thermalloadalgo.te b/sepolicy/thermalloadalgo.te new file mode 100644 index 0000000..27a3dbd --- /dev/null +++ b/sepolicy/thermalloadalgo.te @@ -0,0 +1,6 @@ +type thermalloadalgo_exec, exec_type, file_type; +type thermalloadalgo, domain, domain_deprecated; + +init_daemon_domain(thermalloadalgo) + +allow thermalloadalgo thermalloadalgo:netlink_socket { create bind write read }; diff --git a/sepolicy/ueventd.te b/sepolicy/ueventd.te new file mode 100644 index 0000000..7bacf63 --- /dev/null +++ b/sepolicy/ueventd.te @@ -0,0 +1 @@ +allow ueventd sysfs_gps_file:file w_file_perms; diff --git a/sepolicy/untrusted_app.te b/sepolicy/untrusted_app.te new file mode 100644 index 0000000..3eccfac --- /dev/null +++ b/sepolicy/untrusted_app.te @@ -0,0 +1,2 @@ +# PQ +allow untrusted_app pq_service:service_manager find; diff --git a/sepolicy/vold.te b/sepolicy/vold.te new file mode 100644 index 0000000..5fc9d70 --- /dev/null +++ b/sepolicy/vold.te @@ -0,0 +1,22 @@ +allow vold nvdata_device:blk_file rw_file_perms; +allow vold cache_block_device:blk_file rw_file_perms; +allow vold protect1_device:blk_file rw_file_perms; +allow vold protect2_device:blk_file rw_file_perms; + +allow vold nvdata_file:dir create_dir_perms; +allow vold nvdata_file:file create_file_perms; +allow vold protect_f_data_file:dir create_dir_perms; +allow vold protect_f_data_file:file create_file_perms; +allow vold protect_s_data_file:dir create_dir_perms; +allow vold protect_s_data_file:file create_file_perms; + +allow vold proc_mtkcooler:dir r_dir_perms; +allow vold proc_mtktz:dir r_dir_perms; + +# Allow vold to access fuse for fuse-based fs +allow vold fuse:chr_file rw_file_perms; + +# External storage +allow vold storage_stub_file:dir { rw_file_perms search add_name }; +allow vold mnt_media_rw_stub_file:dir r_dir_perms; +allow vold mkfs_exec:file { execute read open getattr execute_no_trans }; \ No newline at end of file diff --git a/sepolicy/wifi2agps.te b/sepolicy/wifi2agps.te new file mode 100644 index 0000000..f0c4068 --- /dev/null +++ b/sepolicy/wifi2agps.te @@ -0,0 +1,9 @@ +type wifi2agps_exec, exec_type, file_type; +type wifi2agps, domain, domain_deprecated; + +init_daemon_domain(wifi2agps) + +allow wifi2agps agpsd_data_file:sock_file write; +allow wifi2agps agpsd_data_file:dir search; +allow wifi2agps mtk_agpsd:unix_dgram_socket sendto; +allow wifi2agps self:netlink_socket create_socket_perms; diff --git a/sepolicy/wmt_loader.te b/sepolicy/wmt_loader.te new file mode 100644 index 0000000..33da926 --- /dev/null +++ b/sepolicy/wmt_loader.te @@ -0,0 +1,11 @@ +type wmt_loader_exec, exec_type, file_type; +type wmt_loader, domain, domain_deprecated; + +init_daemon_domain(wmt_loader) + +allow wmt_loader wmtdetect_device:chr_file create_file_perms; +allow wmt_loader self:capability { chown dac_override }; +allow wmt_loader proc_wmt:file setattr; +allow wmt_loader wmt_prop:property_service set; + +unix_socket_connect(wmt_loader, property, init) diff --git a/sepolicy/zygote.te b/sepolicy/zygote.te new file mode 100644 index 0000000..aa101ce --- /dev/null +++ b/sepolicy/zygote.te @@ -0,0 +1 @@ +allow zygote sysfs_devinfo:file r_file_perms; diff --git a/wpa_supplicant_8_lib/Android.mk b/wpa_supplicant_8_lib/Android.mk new file mode 100644 index 0000000..115997a --- /dev/null +++ b/wpa_supplicant_8_lib/Android.mk @@ -0,0 +1,68 @@ +# +# Copyright (C) 2008 The Android Open Source Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +LOCAL_PATH := $(call my-dir) + +##### For Google SUPPLICANT ##### +ifeq ($(MTKPATH),) + $(warning build BASIC wpa_supplicant) + WPA_SUPPL_DIR = external/wpa_supplicant_8 + WPA_SRC_FILE := + +ifneq ($(BOARD_WPA_SUPPLICANT_DRIVER),) + CONFIG_DRIVER_$(BOARD_WPA_SUPPLICANT_DRIVER) := y +endif +ifneq ($(BOARD_HOSTAPD_DRIVER),) + CONFIG_DRIVER_$(BOARD_HOSTAPD_DRIVER) := y +endif + +include $(WPA_SUPPL_DIR)/wpa_supplicant/android.config + +WPA_SUPPL_DIR_INCLUDE = $(WPA_SUPPL_DIR)/src \ + $(WPA_SUPPL_DIR)/src/common \ + $(WPA_SUPPL_DIR)/src/drivers \ + $(WPA_SUPPL_DIR)/src/l2_packet \ + $(WPA_SUPPL_DIR)/src/utils \ + $(WPA_SUPPL_DIR)/src/wps \ + $(WPA_SUPPL_DIR)/wpa_supplicant + +ifdef CONFIG_DRIVER_NL80211 +WPA_SUPPL_DIR_INCLUDE += external/libnl/include +WPA_SRC_FILE += mediatek_driver_cmd_nl80211.c +endif + +ifdef CONFIG_DRIVER_WEXT +#error doesn't support CONFIG_DRIVER_WEXT +endif + +# To force sizeof(enum) = 4 +ifeq ($(TARGET_ARCH),arm) +L_CFLAGS += -mabi=aapcs-linux +endif + +ifdef CONFIG_ANDROID_LOG +L_CFLAGS += -DCONFIG_ANDROID_LOG +endif + +######################## +include $(CLEAR_VARS) +LOCAL_MODULE := lib_driver_cmd_mt66xx +LOCAL_SHARED_LIBRARIES := libc libcutils +LOCAL_CFLAGS := $(L_CFLAGS) +LOCAL_SRC_FILES := $(WPA_SRC_FILE) +LOCAL_C_INCLUDES := $(WPA_SUPPL_DIR_INCLUDE) +include $(BUILD_STATIC_LIBRARY) +######################## +endif diff --git a/wpa_supplicant_8_lib/mediatek_driver_cmd_nl80211.c b/wpa_supplicant_8_lib/mediatek_driver_cmd_nl80211.c new file mode 100644 index 0000000..c59bcb5 --- /dev/null +++ b/wpa_supplicant_8_lib/mediatek_driver_cmd_nl80211.c @@ -0,0 +1,266 @@ +/* + * Driver interaction with extended Linux CFG8021 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + * + * Alternatively, this software may be distributed under the terms of BSD + * license. + * + */ +#include "includes.h" +#include +#include "netlink/genl/genl.h" + +#include "common.h" +#include "driver_nl80211.h" +#include "linux_ioctl.h" +#include "wpa_supplicant_i.h" +#include "config.h" +#ifdef ANDROID +#include "android_drv.h" +#endif + +#include "driver_i.h" + +#include "eloop.h" + +/********************************************************************** +* OVERLAPPED functins, previous defination is in driver_nl80211.c, +* it will be modified +***********************************************************************/ + +/**********************************************************************/ +static int wpa_driver_mediatek_set_country(void *priv, const char *alpha2_arg) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + int ioctl_sock = -1; + struct iwreq iwr; + int ret = -1; + char buf[11]; +#ifdef MTK_TC1_FEATURE + char replace_ifname[IFNAMSIZ+1]; + + memset(replace_ifname, 0, IFNAMSIZ+1); + os_strlcpy(replace_ifname, "wlan0", os_strlen("wlan0")+1); +#endif + + wpa_printf(MSG_DEBUG, "wpa_driver_nl80211_set_country"); + ioctl_sock = socket(PF_INET, SOCK_DGRAM, 0); + if (ioctl_sock < 0) { + wpa_printf(MSG_ERROR, "%s: socket(PF_INET,SOCK_DGRAM)", __func__); + return -1; + } + os_memset(&iwr, 0, sizeof(iwr)); +#ifdef MTK_TC1_FEATURE + // convert 'p2p0' -> 'wlan0' : + // when iface name is p2p0, COUNTRY driver command doesn't support in MTK solution. + if (os_strncmp(drv->first_bss->ifname, "p2p0", os_strlen("p2p0")) == 0) { + wpa_printf(MSG_DEBUG, "Change interface name : p2p0->wlan0"); + os_strlcpy(iwr.ifr_name, replace_ifname, IFNAMSIZ ); + } else { + os_strlcpy(iwr.ifr_name, drv->first_bss->ifname, IFNAMSIZ); + } +#else + os_strlcpy(iwr.ifr_name, drv->first_bss->ifname, IFNAMSIZ); +#endif + sprintf(buf, "COUNTRY %s", alpha2_arg); + iwr.u.data.pointer = buf; + iwr.u.data.length = strlen(buf); + if ((ret = ioctl(ioctl_sock, 0x8B0C, &iwr)) < 0) { // SIOCSIWPRIV + wpa_printf(MSG_DEBUG, "ioctl[SIOCSIWPRIV]: %s", buf); + close(ioctl_sock); + return ret; + } + else { + close(ioctl_sock); + return 0; + } + +} + +/* +* update channel list in wpa_supplicant +* if coutry code chanaged +*/ +static void wpa_driver_notify_country_change(void *ctx, char *cmd) +{ + if (os_strncasecmp(cmd, "COUNTRY", 7) == 0) { + union wpa_event_data event; + + os_memset(&event, 0, sizeof(event)); + event.channel_list_changed.initiator = REGDOM_SET_BY_USER; + if (os_strncasecmp(cmd, "COUNTRY", 7) == 0) { + event.channel_list_changed.type = REGDOM_TYPE_COUNTRY; + if (os_strlen(cmd) > 9) { + event.channel_list_changed.alpha2[0] = cmd[8]; + event.channel_list_changed.alpha2[1] = cmd[9]; + } + } else + event.channel_list_changed.type = REGDOM_TYPE_UNKNOWN; + wpa_supplicant_event(ctx, EVENT_CHANNEL_LIST_CHANGED, &event); + } +} + +int wpa_driver_nl80211_driver_cmd(void *priv, char *cmd, char *buf, + size_t buf_len ) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + struct ifreq ifr; + struct wpa_supplicant *wpa_s; + struct hostapd_data *hapd; + int handled = 0; + int cmd_len = 0; + union wpa_event_data event; + static int user_force_band = 0; + int ret = -1; + + if (drv == NULL) { + wpa_printf(MSG_ERROR, "%s: drv is NULL. Exiting", __func__); + return -1; + } + if (drv->ctx == NULL) { + wpa_printf(MSG_ERROR, "%s: drv->ctx is NULL. Exiting", __func__); + return -1; + } + + if (os_strcmp(bss->ifname, "ap0") == 0) { + hapd = (struct hostapd_data *)(drv->ctx); + } + else { + wpa_s = (struct wpa_supplicant *)(drv->ctx); + if (wpa_s->conf == NULL) { + wpa_printf(MSG_ERROR, "%s: wpa_s->conf is NULL. Exiting", __func__); + return -1; + } + } + + wpa_printf(MSG_DEBUG, "iface %s recv cmd %s", bss->ifname, cmd); + handled = 1; + + if (os_strncasecmp(cmd, "POWERMODE ", 10) == 0) { + int state; + state = atoi(cmd + 10); + wpa_printf(MSG_DEBUG, "POWERMODE=%d", state); + } else if (os_strncmp(cmd, "MACADDR", os_strlen("MACADDR")) == 0) { + u8 macaddr[ETH_ALEN] = {}; + os_memcpy(&macaddr, wpa_s->own_addr, ETH_ALEN); + ret = snprintf(buf, buf_len, "Macaddr = " MACSTR "\n", MAC2STR(macaddr)); + wpa_printf(MSG_DEBUG, "%s", buf); + } else if(os_strncasecmp(cmd, "COUNTRY", os_strlen("COUNTRY"))==0) { + if (os_strlen(cmd) != os_strlen("COUNTRY") + 3) { + wpa_printf(MSG_DEBUG, "Ignore COUNTRY cmd %s", cmd); + ret = 0; + } else { + wpa_printf(MSG_INFO, "set country: %s", cmd+8); + // ret = wpa_drv_set_country(wpa_s, cmd+8); + ret = wpa_driver_mediatek_set_country(priv, cmd+8); + if (ret == 0) { + wpa_printf(MSG_DEBUG, "Update channel list after country code changed"); + wpa_driver_notify_country_change(wpa_s, cmd); + } + } + } else if (os_strcasecmp(cmd, "start") == 0) { + if (ret = linux_set_iface_flags(drv->global->ioctl_sock, + drv->first_bss->ifname, 1)) { + wpa_printf(MSG_INFO, "nl80211: Could not set interface UP, ret=%d \n", ret); + } else { + wpa_msg(drv->ctx, MSG_INFO, "CTRL-EVENT-DRIVER-STATE STARTED"); + } + } else if (os_strcasecmp(cmd, "stop") == 0) { + if (drv->associated) { + ret = wpa_drv_deauthenticate(wpa_s, drv->bssid, WLAN_REASON_DEAUTH_LEAVING); + if (ret != 0) + wpa_printf(MSG_DEBUG, "DRIVER-STOP error, ret=%d", ret); + } else { + wpa_printf(MSG_INFO, "nl80211: not associated, no need to deauthenticate \n"); + } + + if (ret = linux_set_iface_flags(drv->global->ioctl_sock, + drv->first_bss->ifname, 0)) { + wpa_printf(MSG_INFO, "nl80211: Could not set interface Down, ret=%d \n", ret); + } else { + wpa_msg(drv->ctx, MSG_INFO, "CTRL-EVENT-DRIVER-STATE STOPPED"); + } + } else if (os_strncasecmp(cmd, "getpower", 8) == 0) { + u32 mode; + // ret = wpa_driver_wext_driver_get_power(drv, &mode); + if (ret == 0) { + ret = snprintf(buf, buf_len, "powermode = %u\n", mode); + wpa_printf(MSG_DEBUG, "%s", buf); + if (ret < (int)buf_len) + return ret; + } + } else if (os_strncasecmp(cmd, "get-rts-threshold", 17) == 0) { + u32 thd; + // ret = wpa_driver_wext_driver_get_rts(drv, &thd); + if (ret == 0) { + ret = snprintf(buf, buf_len, "rts-threshold = %u\n", thd); + wpa_printf(MSG_DEBUG, "%s", buf); + if (ret < (int)buf_len) + return ret; + } + } else if (os_strncasecmp(cmd, "set-rts-threshold", 17) == 0) { + u32 thd = 0; + char *cp = cmd + 17; + char *endp; + if (*cp != '\0') { + thd = (u32)strtol(cp, &endp, 0); + // if (endp != cp) + // ret = wpa_driver_wext_driver_set_rts(drv, thd); + } + } else if (os_strcasecmp(cmd, "btcoexscan-start") == 0) { + ret = 0; /* mt5921 linux driver not implement yet */ + } else if (os_strcasecmp(cmd, "btcoexscan-stop") == 0) { + ret = 0; /* mt5921 linux driver not implement yet */ + } else if (os_strncasecmp(cmd, "btcoexmode", 10) == 0) { + ret = 0; /* mt5921 linux driver not implement yet */ + } else { + handled = 0; + wpa_printf(MSG_INFO, "Unsupported command"); + } + + return ret; +} + +int wpa_driver_set_p2p_noa(void *priv, u8 count, int start, int duration) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + + wpa_printf(MSG_DEBUG, "iface %s P2P_SET_NOA %d %d %d, ignored", bss->ifname, count, start, duration); + return -1; +} + +int wpa_driver_get_p2p_noa(void *priv, u8 *buf, size_t len) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + + wpa_printf(MSG_DEBUG, "iface %s P2P_GET_NOA, ignored", bss->ifname); + return -1; +} + +int wpa_driver_set_p2p_ps(void *priv, int legacy_ps, int opp_ps, int ctwindow) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + + wpa_printf(MSG_DEBUG, "iface %s P2P_SET_PS, ignored", bss->ifname); + return -1; +} + +int wpa_driver_set_ap_wps_p2p_ie(void *priv, const struct wpabuf *beacon, + const struct wpabuf *proberesp, + const struct wpabuf *assocresp) +{ + struct i802_bss *bss = priv; + struct wpa_driver_nl80211_data *drv = bss->drv; + + wpa_printf(MSG_DEBUG, "iface %s set_ap_wps_p2p_ie, ignored", bss->ifname); + return 0; +} +