From 10f9d434e3ca2ae82eac9dc35fa0138daa745974 Mon Sep 17 00:00:00 2001 From: Pekka Helenius Date: Thu, 15 Jul 2021 16:43:07 +0300 Subject: [PATCH] [NFC] Correct SEPolicy rules & other minor fixes --- .../device/samsung/s5neolte/device.mk | 145 ++++++++++++++++++ .../samsung/s5neolte/sepolicy/file_contexts | 1 + .../device/samsung/s5neolte/sepolicy/nfc.te | 21 --- .../samsung/s5neolte/sepolicy/seapp_contexts | 1 - ...ndroid.hardware.nfc@1.2-service.samsung.rc | 9 -- 5 files changed, 146 insertions(+), 31 deletions(-) create mode 100644 lineage_src_root/device/samsung/s5neolte/device.mk create mode 100644 lineage_src_root/device/samsung/s5neolte/sepolicy/file_contexts delete mode 100644 lineage_src_root/device/samsung/s5neolte/sepolicy/nfc.te delete mode 100644 lineage_src_root/device/samsung/s5neolte/sepolicy/seapp_contexts delete mode 100644 lineage_src_root/hardware/samsung/nfc/1.2/android.hardware.nfc@1.2-service.samsung.rc diff --git a/lineage_src_root/device/samsung/s5neolte/device.mk b/lineage_src_root/device/samsung/s5neolte/device.mk new file mode 100644 index 0000000..4698829 --- /dev/null +++ b/lineage_src_root/device/samsung/s5neolte/device.mk @@ -0,0 +1,145 @@ +# +# Copyright (C) 2018 The LineageOS Project +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# + +LOCAL_PATH := device/samsung/s5neolte + +$(call inherit-product, $(SRC_TARGET_DIR)/product/languages_full.mk) + +# Audio +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/configs/audio/mixer_paths.xml:$(TARGET_COPY_OUT_VENDOR)/etc/mixer_paths_0.xml \ + $(LOCAL_PATH)/configs/audio/audio_effects.xml:$(TARGET_COPY_OUT_VENDOR)/etc/audio_effects.xml + +# Boot animation +TARGET_BOOTANIMATION_PRELOAD := true +TARGET_BOOTANIMATION_TEXTURE_CACHE := true +TARGET_SCREEN_HEIGHT := 1920 +TARGET_SCREEN_WIDTH := 1080 + +# Bluetooth +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/bluetooth/bt_vendor.conf:system/etc/bluetooth/bt_vendor.conf + +PRODUCT_PACKAGES += \ + android.hardware.bluetooth@1.0-service + +# Camera +PRODUCT_PACKAGES += \ + camera.universal7580 \ + Snap + +# hardware/samsung/AdvancedDisplay (MDNIE) +PRODUCT_PACKAGES += \ + AdvancedDisplay + +# Graphics +# Device uses high-density artwork where available +PRODUCT_AAPT_CONFIG := xlarge +PRODUCT_AAPT_PREF_CONFIG := xhdpi +# A list of dpis to select prebuilt apk, in precedence order. +PRODUCT_AAPT_PREBUILT_DPI := hdpi mdpi + +# Key-layout +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/idc/Synaptics_HID_TouchPad.idc:system/usr/idc/Synaptics_HID_TouchPad.idc \ + $(LOCAL_PATH)/idc/Synaptics_RMI4_TouchPad_Sensor.idc:system/usr/idc/Synaptics_RMI4_TouchPad_Sensor.idc \ + $(LOCAL_PATH)/keylayout/Button_Jack.kl:system/usr/keylayout/Button_Jack.kl \ + $(LOCAL_PATH)/keylayout/gpio_keys.kl:system/usr/keylayout/gpio_keys.kl \ + $(LOCAL_PATH)/keylayout/sec_touchkey.kl:system/usr/keylayout/sec_touchkey.kl + +# Livedisplay +PRODUCT_PACKAGES += \ + vendor.lineage.livedisplay@2.0-service.samsung-exynos + +# NFC +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/configs/nfc/libnfc-sec-hal.conf:$(TARGET_COPY_OUT_VENDOR)/etc/libnfc-sec-vendor.conf \ + $(LOCAL_PATH)/configs/nfc/libnfc-sec.conf:system/etc/libnfc-nci.conf \ + $(LOCAL_PATH)/configs/nfc/nfcee_access.xml:system/etc/nfcee_access.xml + +PRODUCT_PACKAGES += \ + libnfc-nci \ + libnfc_nci_jni \ + NfcNci \ + Tag \ + com.android.nfc_extras \ + android.hardware.nfc@1.2-service.samsung + +# Permissions +PRODUCT_COPY_FILES += \ + frameworks/native/data/etc/android.hardware.bluetooth_le.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.bluetooth_le.xml \ + frameworks/native/data/etc/android.hardware.camera.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.camera.xml \ + frameworks/native/data/etc/android.hardware.camera.flash-autofocus.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.camera.flash-autofocus.xml \ + frameworks/native/data/etc/android.hardware.sensor.accelerometer.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.accelerometer.xml \ + frameworks/native/data/etc/android.hardware.sensor.proximity.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.proximity.xml \ + frameworks/native/data/etc/android.hardware.telephony.gsm.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.telephony.gsm.xml \ + frameworks/native/data/etc/android.software.midi.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.software.midi.xml \ + frameworks/native/data/etc/handheld_core_hardware.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/handheld_core_hardware.xml \ + frameworks/native/data/etc/android.hardware.ethernet.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.ethernet.xml \ + frameworks/native/data/etc/android.hardware.sensor.compass.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.compass.xml \ + frameworks/native/data/etc/android.hardware.sensor.gyroscope.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.gyroscope.xml \ + frameworks/native/data/etc/android.hardware.sensor.heartrate.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.heartrate.xml \ + frameworks/native/data/etc/android.hardware.sensor.light.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.light.xml \ + frameworks/native/data/etc/android.hardware.sensor.stepcounter.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.stepcounter.xml \ + frameworks/native/data/etc/android.hardware.sensor.stepdetector.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.sensor.stepdetector.xml \ + frameworks/native/data/etc/android.hardware.nfc.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.nfc.xml \ + frameworks/native/data/etc/android.hardware.nfc.hce.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.nfc.hce.xml \ + frameworks/native/data/etc/com.android.nfc_extras.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/com.android.nfc_extras.xml \ + $(LOCAL_PATH)/configs/permissions/com.samsung.permission.HRM_EXT.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/com.samsung.permission.HRM_EXT.xml \ + $(LOCAL_PATH)/configs/permissions/com.samsung.permission.SSENSOR.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/com.samsung.permission.SSENSOR.xml + +# Ramdisk +PRODUCT_PACKAGES += \ + init.target.rc + +# Radio +PRODUCT_PACKAGES += \ + libprotobuf-cpp-full \ + libsecril-client \ + modemloader \ + libxml2 \ + rild \ + libril \ + libreference-ril \ + libsecril-client-sap \ + android.hardware.radio@1.1 \ + android.hardware.radio.deprecated@1.0 + +PRODUCT_COPY_FILES += \ + device/samsung/universal7580-common/configs/init/rild.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/rild.legacy.rc + +# Overlays +DEVICE_PACKAGE_OVERLAYS += $(LOCAL_PATH)/overlay + +# Vendor security patch level +PRODUCT_PROPERTY_OVERRIDES += \ + ro.lineage.build.vendor_security_patch=2017-03-01 + +# Wi-fi +PRODUCT_COPY_FILES += \ + $(LOCAL_PATH)/configs/wifi/cred.conf:system/etc/wifi/cred.conf \ + $(LOCAL_PATH)/configs/wifi/wpa_supplicant_overlay.conf:$(TARGET_COPY_OUT_VENDOR)/etc/wifi/wpa_supplicant_overlay.conf \ + $(LOCAL_PATH)/configs/wifi/p2p_supplicant_overlay.conf:$(TARGET_COPY_OUT_VENDOR)/etc/wifi/p2p_supplicant_overlay.conf \ + $(LOCAL_PATH)/configs/wifi/filter_ie:system/etc/wifi/filter_ie + +# Properties +-include $(LOCAL_PATH)/system_prop.mk + +# Inherit from universal7580-common +$(call inherit-product, device/samsung/universal7580-common/device-common.mk) + +# call the proprietary setup +$(call inherit-product, vendor/samsung/s5neolte/s5neolte-vendor.mk) diff --git a/lineage_src_root/device/samsung/s5neolte/sepolicy/file_contexts b/lineage_src_root/device/samsung/s5neolte/sepolicy/file_contexts new file mode 100644 index 0000000..137626f --- /dev/null +++ b/lineage_src_root/device/samsung/s5neolte/sepolicy/file_contexts @@ -0,0 +1 @@ +/(vendor|system/vendor)/bin/hw/android\.hardware\.nfc@\d+\.\d+-service\.samsung u:object_r:hal_nfc_default_exec:s0 diff --git a/lineage_src_root/device/samsung/s5neolte/sepolicy/nfc.te b/lineage_src_root/device/samsung/s5neolte/sepolicy/nfc.te deleted file mode 100644 index 1eccae3..0000000 --- a/lineage_src_root/device/samsung/s5neolte/sepolicy/nfc.te +++ /dev/null @@ -1,21 +0,0 @@ -# Init transition. -allow init nfc:process transition; - -# Vendor file accesses. -allow nfc vendor_file:file { entrypoint read }; - -allow init nfc:process { rlimitinh siginh noatsecure }; - -allow nfc hal_nfc_hwservice:hwservice_manager { add find }; -allow nfc hidl_base_hwservice:hwservice_manager { add find }; - -allow nfc mediaserver_exec:file { read }; - -# TODO(b/36657258): Remove data_between_core_and_vendor_violators once -# hal_nfc no longer directly accesses /data owned by the nfc app. -typeattribute nfc data_between_core_and_vendor_violators; - -# Data file accesses. -allow nfc nfc_data_file:dir create_dir_perms; -allow nfc nfc_data_file:{ file lnk_file fifo_file } create_file_perms; -allow nfc nfc_data_file:dir { search read write create remove_name }; diff --git a/lineage_src_root/device/samsung/s5neolte/sepolicy/seapp_contexts b/lineage_src_root/device/samsung/s5neolte/sepolicy/seapp_contexts deleted file mode 100644 index ba968bb..0000000 --- a/lineage_src_root/device/samsung/s5neolte/sepolicy/seapp_contexts +++ /dev/null @@ -1 +0,0 @@ -user=nfc seinfo=platform domain=nfc type=nfc_data_file diff --git a/lineage_src_root/hardware/samsung/nfc/1.2/android.hardware.nfc@1.2-service.samsung.rc b/lineage_src_root/hardware/samsung/nfc/1.2/android.hardware.nfc@1.2-service.samsung.rc deleted file mode 100644 index 09857a3..0000000 --- a/lineage_src_root/hardware/samsung/nfc/1.2/android.hardware.nfc@1.2-service.samsung.rc +++ /dev/null @@ -1,9 +0,0 @@ -service nfc_hal_service /vendor/bin/hw/android.hardware.nfc@1.2-service.samsung - interface android.hardware.nfc@1.2::INfc default - interface android.hardware.nfc@1.1::INfc default - interface android.hardware.nfc@1.0::INfc default - class hal - user nfc - group nfc - seclabel u:r:nfc:s0 -