Merge 02950739e3 on remote branch

Change-Id: I918f7a3eeff334cd4b5363e91aec41cadcbbd390
2021-12-13 00:20:16 -08:00 · 2021-12-13 00:20:16 -08:00 · fd48b697b7
commit fd48b697b7
parent dc1d778ee8 02950739e3
11 changed files with 102 additions and 91 deletions
--- a/legacy/vendor/common/hal_secure_element_default.te
+++ b/legacy/vendor/common/hal_secure_element_default.te
@ -30,3 +30,6 @@ hal_client_domain(hal_secure_element_default, hal_esepowermanager)

 #Allow access to the qteeconnector
 hal_client_domain(hal_secure_element_default, vendor_hal_qteeconnector)
+
+# Allow secure-element HAL to retrieve NFC vendor properties
+get_prop(hal_secure_element_default, nfc_nq_prop)
--- a/legacy/vendor/common/location_app.te
+++ b/legacy/vendor/common/location_app.te
@ -26,7 +26,6 @@
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 hal_client_domain(vendor_location_app, hal_perf)
-qmux_socket(vendor_location_app)

 #Permissions for JDWP
 userdebug_or_eng(`
@ -54,4 +53,4 @@ allow vendor_location_app radio_service:service_manager find;
 allowxperm vendor_location_app self:socket ioctl msm_sock_ipc_ioctls;
 allow vendor_location_app self:qipcrtr_socket create_socket_perms_no_ioctl;
 allow vendor_location_app sysfs_data:file r_file_perms;
-unix_socket_connect(vendor_location_app, vendor_dpmtcm, vendor_dpmd)
+unix_socket_connect(vendor_location_app, vendor_dpmtcm, vendor_dpmd)
--- a/legacy/vendor/common/property.te
+++ b/legacy/vendor/common/property.te
@ -26,160 +26,160 @@
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 # property for uicc_daemon
-type qcom_ims_prop, property_type;
-type ctl_vendor_qmuxd_prop, property_type;
-type ctl_vendor_netmgrd_prop, property_type;
-type ctl_vendor_port-bridge_prop, property_type;
-type ctl_qcrild_prop, property_type;
-type vendor_tee_listener_prop, property_type;
-type ctl_vendor_rild_prop, property_type;
+vendor_restricted_prop(qcom_ims_prop)
+vendor_internal_prop(ctl_vendor_qmuxd_prop)
+vendor_internal_prop(ctl_vendor_netmgrd_prop)
+vendor_internal_prop(ctl_vendor_port-bridge_prop)
+vendor_internal_prop(ctl_qcrild_prop)
+vendor_restricted_prop(vendor_tee_listener_prop)
+vendor_internal_prop(ctl_vendor_rild_prop)

 # property for LKCore ctl start
-type ctl_LKCore_prop, property_type;
+vendor_restricted_prop(ctl_LKCore_prop)

-type freq_prop, property_type;
-type vendor_vm_bms_prop, property_type; #To start vm_bms
-type vendor_dataqti_prop, property_type;
-type vendor_dataadpl_prop, property_type;
-type vendor_dataqdp_prop, property_type;
-type vendor_ipacm_prop, property_type;
-type vendor_ipacm-diag_prop, property_type;
-type cnd_vendor_prop, property_type;
-type sensors_prop, property_type;
-type slpi_prop, property_type;
-type vendor_msm_irqbalance_prop, property_type;
-type vendor_msm_irqbl_sdm630_prop, property_type;
-type camera_prop, property_type;
-type spcomlib_prop, property_type;
-type vendor_display_prop, property_type;
-type scr_enabled_prop, property_type;
-type bg_daemon_prop, property_type;
-type bg_boot_complete_prop, property_type;
-type vendor_opengles_prop, property_type;
-type vendor_mdm_helper_prop, property_type;
-type vendor_mpctl_prop, property_type;
-type vendor_iop_prop, property_type;
-type public_vendor_default_prop, property_type;
+vendor_internal_prop(freq_prop)
+vendor_internal_prop(vendor_vm_bms_prop) #To start vm_bms
+vendor_internal_prop(vendor_dataqti_prop)
+vendor_internal_prop(vendor_dataadpl_prop)
+vendor_internal_prop(vendor_dataqdp_prop)
+vendor_internal_prop(vendor_ipacm_prop)
+vendor_internal_prop(vendor_ipacm-diag_prop)
+vendor_restricted_prop(cnd_vendor_prop)
+vendor_internal_prop(sensors_prop)
+vendor_restricted_prop(slpi_prop)
+vendor_internal_prop(vendor_msm_irqbalance_prop)
+vendor_internal_prop(vendor_msm_irqbl_sdm630_prop)
+vendor_restricted_prop(camera_prop)
+vendor_internal_prop(spcomlib_prop)
+vendor_restricted_prop(vendor_display_prop)
+vendor_restricted_prop(scr_enabled_prop)
+vendor_restricted_prop(bg_daemon_prop)
+vendor_restricted_prop(bg_boot_complete_prop)
+vendor_restricted_prop(vendor_opengles_prop)
+vendor_internal_prop(vendor_mdm_helper_prop)
+vendor_restricted_prop(vendor_mpctl_prop)
+vendor_restricted_prop(vendor_iop_prop)
+vendor_restricted_prop(public_vendor_default_prop)
 #Scroll Pre-obtain
-type vendor_scroll_prop, property_type;
+vendor_restricted_prop(vendor_scroll_prop)

 # properties for ActivityManager tuning
-type vendor_am_prop, property_type;
+vendor_restricted_prop(vendor_am_prop)

 #Needed for  ubwc support
-type vendor_gralloc_prop, property_type;
+vendor_restricted_prop(vendor_gralloc_prop)

-type fm_prop, property_type;
-type chgdiabled_prop, property_type;
+vendor_restricted_prop(fm_prop)
+vendor_restricted_prop(chgdiabled_prop)

 vendor_restricted_prop(vendor_xlat_prop);

 # property for location
-type location_prop, property_type;
+vendor_internal_prop(location_prop)

 #properites for init.qcom.sh script
-type vendor_usb_prop, property_type;
+vendor_internal_prop(vendor_usb_prop)

-type vendor_coresight_prop, property_type;
+vendor_restricted_prop(vendor_coresight_prop)


-type vendor_alarm_boot_prop, property_type;
+vendor_restricted_prop(vendor_alarm_boot_prop)


-type vendor_wifi_ftmd_prop, property_type;
+vendor_restricted_prop(vendor_wifi_ftmd_prop)

 # WIGIG
-type vendor_wigig_prop, property_type;
-type ctl_vendor_wigigsvc_prop, property_type;
+vendor_internal_prop(vendor_wigig_prop)
+vendor_internal_prop(ctl_vendor_wigigsvc_prop)

 #HWUI property
-type hwui_prop, property_type;
+vendor_restricted_prop(hwui_prop)

-type graphics_vulkan_prop, property_type;
+vendor_restricted_prop(graphics_vulkan_prop)

 #cgroup follow
-type vendor_cgroup_follow_prop, property_type;
+vendor_restricted_prop(vendor_cgroup_follow_prop)

 #Bservice property
-type bservice_prop, property_type;
+vendor_restricted_prop(bservice_prop)

 #Delayed Service Reschedule property
-type reschedule_service_prop, property_type;
+vendor_restricted_prop(reschedule_service_prop)

 #boot mode property
-type vendor_boot_mode_prop, property_type;
+vendor_internal_prop(vendor_boot_mode_prop)
 #properties for nfc
-type nfc_nq_prop, property_type;
+vendor_restricted_prop(nfc_nq_prop)

-type vendor_rild_libpath_prop, property_type;
+vendor_internal_prop(vendor_rild_libpath_prop)

 #Peripheral manager
-type vendor_per_mgr_state_prop, property_type;
+vendor_restricted_prop(vendor_per_mgr_state_prop)

-type vendor_system_prop, property_type;
+vendor_internal_prop(vendor_system_prop)

 # Bluetooth props
-type vendor_bluetooth_prop, property_type;
+vendor_restricted_prop(vendor_bluetooth_prop)

 # HBTP
-type ctl_vendor_hbtp_prop, property_type;
+vendor_internal_prop(ctl_vendor_hbtp_prop)

 # factory properties
-type ctl_vendor_mmid_prop, property_type;
+vendor_internal_prop(ctl_vendor_mmid_prop)

 #qcc property
-#type vendor_qdma_prop, property_type;
+#vendor_internal_prop(vendor_qdma_prop)
 vendor_public_prop(vendor_qcc_prop);

 #imsrcsservice
-type ctl_vendor_imsrcsservice_prop, property_type;
+vendor_restricted_prop(ctl_vendor_imsrcsservice_prop)

 #mmi
-type vendor_mmi_prop, property_type;
+vendor_internal_prop(vendor_mmi_prop)

 #time service
-type vendor_time_service_prop, property_type;
-type vendor_radio_prop, property_type;
+vendor_internal_prop(vendor_time_service_prop)
+vendor_restricted_prop(vendor_radio_prop)

 # Audio props
-type vendor_audio_prop, property_type;
+vendor_restricted_prop(vendor_audio_prop)

 # Audio debug props
-type vendor_audio_debug_prop, property_type;
+vendor_internal_prop(vendor_audio_debug_prop)

 #ss-restart
-type vendor_ssr_prop, property_type;
+vendor_internal_prop(vendor_ssr_prop)

 #ss-services (PD)
-type vendor_pd_locater_dbg_prop, property_type;
+vendor_internal_prop(vendor_pd_locater_dbg_prop)

 #qdcmss property
-type vendor_qdcmss_prop, property_type;
+vendor_internal_prop(vendor_qdcmss_prop)

 # Wifi Softap
-type vendor_softap_prop, property_type;
+vendor_restricted_prop(vendor_softap_prop)

 #mm-video
-type vendor_video_prop, property_type;
+vendor_restricted_prop(vendor_video_prop)

 #qtccconnector
-type vendor_qteeconnector_opti_prop, property_type;
+vendor_internal_prop(vendor_qteeconnector_opti_prop)


 #rmt_storage
-type ctl_vendor_rmt_storage_prop, property_type;
+vendor_internal_prop(ctl_vendor_rmt_storage_prop)

-type vendor_gpu_prop, property_type;
+vendor_restricted_prop(vendor_gpu_prop)

-type vendor_data_ko_prop, property_type;
+vendor_internal_prop(vendor_data_ko_prop)

 #hvdcp_opti
-type hvdcp_opti_prop, property_type;
+vendor_internal_prop(hvdcp_opti_prop)
 #adsprpc props
-type adsprpc_prop, property_type;
+vendor_restricted_prop(adsprpc_prop)

 #qvr property
-type qvr_prop, property_type;
+vendor_restricted_prop(qvr_prop)

 #capabilityconfigstore hal (CCHAL)
-type vendor_cap_configstore_dbg_prop, property_type;
+vendor_internal_prop(vendor_cap_configstore_dbg_prop)
--- a/legacy/vendor/common/qti_logkit_app.te
+++ b/legacy/vendor/common/qti_logkit_app.te
@ -48,8 +48,8 @@ userdebug_or_eng(`
  r_dir_file(qti_logkit_app, firmware_file);

  # Access to tombstone segfaults
-  allow qti_logkit_app tombstone_data_file:dir r_dir_perms;
-  allow qti_logkit_app tombstone_data_file:file r_file_perms;
+  allow qti_logkit_app vendor_tombstone_data_file:dir r_dir_perms;
+  allow qti_logkit_app vendor_tombstone_data_file:file r_file_perms;
  diag_use(qti_logkit_app)
 ')

--- a/legacy/vendor/common/recovery.te
+++ b/legacy/vendor/common/recovery.te
@ -50,6 +50,5 @@ recovery_only(`
    # Enable adb on configfs devices
    allow recovery configfs:file rw_file_perms;
    allow recovery configfs:dir rw_dir_perms;
-    set_prop(recovery, ffs_prop);
    get_prop(recovery, vendor_boot_mode_prop)
 ')
--- a/legacy/vendor/common/system_app.te
+++ b/legacy/vendor/common/system_app.te
@ -38,8 +38,8 @@ userdebug_or_eng(`
  allow system_app su:unix_dgram_socket sendto;

  # Access to tombstone segfaults
-  allow system_app tombstone_data_file:dir r_dir_perms;
-  allow system_app tombstone_data_file:file r_file_perms;
+  allow system_app vendor_tombstone_data_file:dir r_dir_perms;
+  allow system_app vendor_tombstone_data_file:file r_file_perms;
  diag_use(system_app)

 ')
--- a/legacy/vendor/test/property.te
+++ b/legacy/vendor/test/property.te
@ -24,10 +24,10 @@
 # WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
 # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-type sensors_dbg_prop, property_type;
+vendor_restricted_prop(sensors_dbg_prop);

 #WiFi Display
-type wfd_vendor_debug_prop, property_type;
+vendor_restricted_prop(wfd_vendor_debug_prop);

 #debugutils HAL
-type vendor_dbg_brkpoint_prop, property_type;
+vendor_restricted_prop(vendor_dbg_brkpoint_prop);
--- a/qva/vendor/atoll/genfs_contexts
+++ b/qva/vendor/atoll/genfs_contexts
@ -72,8 +72,8 @@ genfscon sysfs /devices/platform/soc/a8c000.i2c/i2c-2/2-000c/a8c000.i2c:qcom,smb
 genfscon sysfs /devices/platform/soc/a8c000.i2c/i2c-2/2-0008/a8c000.i2c:qcom,smb1355@8:qcom,smb1355-charger@1000/power_supply/parallel/wakeup u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/soc/a8c000.i2c/i2c-2/2-0010/a8c000.i2c:qcom,smb1390@10:qcom,charge_pump/power_supply/charge_pump_master/wakeup u:object_r:sysfs_wakeup:s0
 genfscon sysfs /devices/platform/soc/88c000.i2c/i2c-2/2-0010/88c000.i2c:qcom,smb1390@10:qcom,charge_pump/power_supply/charge_pump_master/wakeup u:object_r:sysfs_wakeup:s0
-genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-04/c440000.qcom,spmi:qcom,pm6150l@4:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup::s0
-genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-00/c440000.qcom,spmi:qcom,pm6150@0:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup::s0
+genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-04/c440000.qcom,spmi:qcom,pm6150l@4:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0
+genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-00/c440000.qcom,spmi:qcom,pm6150@0:qcom,power-on@800/wakeup/wakeup u:object_r:sysfs_wakeup:s0

 # subsys  SSR entries
 genfscon sysfs /devices/platform/soc/62400000.qcom,lpass/subsys0/name         u:object_r:vendor_sysfs_ssr:s0
--- a/qva/vendor/common/hal_secure_element_default.te
+++ b/qva/vendor/common/hal_secure_element_default.te
@ -30,3 +30,6 @@ hal_client_domain(hal_secure_element_default, vendor_hal_esepowermanager)

 allow hal_secure_element_default vendor_secure_element_vendor_data_file:dir rw_dir_perms;
 allow hal_secure_element_default vendor_secure_element_vendor_data_file:file create_file_perms;
+
+# Allow secure-element HAL to retrieve NFC vendor properties
+get_prop(hal_secure_element_default, vendor_nfc_nq_prop)
--- a/qva/vendor/common/wcnss_service.te
+++ b/qva/vendor/common/wcnss_service.te
@ -32,3 +32,10 @@ unix_socket_connect(vendor_wcnss_service, vendor_wigignpt, vendor_wigignpt)
 allow vendor_wcnss_service self:capability net_admin;
 allow vendor_wcnss_service kmsg_device:chr_file { write open };
 allow vendor_wcnss_service proc_net:file read;
+
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:dir create_dir_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:dir r_dir_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file create_file_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file rw_file_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file create_file_perms;
+allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file rw_file_perms;
--- a/qva/vendor/test/property.te
+++ b/qva/vendor/test/property.te
@ -27,6 +27,6 @@
 # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

 #qspm hal debug
-type vendor_qspm_dbg_prop, property_type;
-type vendor_dbg_brkpoint_prop, property_type;
-type vendor_fda_prop, property_type;
+vendor_restricted_prop(vendor_qspm_dbg_prop);
+vendor_restricted_prop(vendor_dbg_brkpoint_prop);
+vendor_restricted_prop(vendor_fda_prop);