diff --git a/non_plat/aee_core_forwarder.te b/non_plat/aee_core_forwarder.te index a3427ef..255df42 100644 --- a/non_plat/aee_core_forwarder.te +++ b/non_plat/aee_core_forwarder.te @@ -7,3 +7,4 @@ allow aee_core_forwarder aee_exp_data_file:dir { write add_name search }; allow aee_core_forwarder aee_exp_data_file:file { write create open getattr }; +allow aee_core_forwarder hwservicemanager_prop:file { read open getattr }; diff --git a/non_plat/bootanim.te b/non_plat/bootanim.te index 665bee0..464a23b 100644 --- a/non_plat/bootanim.te +++ b/non_plat/bootanim.te @@ -25,4 +25,7 @@ allow bootanim proc_perfmgr:file {open read ioctl}; # Date : WK19.11 # Operation : Migration # Purpose : Allow to access ged for ioctl related functions -allowxperm bootanim proc_ged:file ioctl { GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_GET }; +allowxperm bootanim proc_ged:file ioctl { GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET GED_BRIDGE_IO_MONITOR_3D_FENCE GED_BRIDGE_IO_QUERY_INFO }; + +allowxperm bootanim proc_perfmgr:file ioctl { GED_BRIDGE_IO_LOG_BUF_WRITE GED_BRIDGE_IO_BOOST_GPU_FREQ GED_BRIDGE_IO_IOCTLCMD_0F GED_BRIDGE_IO_IOCTLCMD_10 }; + diff --git a/non_plat/hal_graphics_composer_default.te b/non_plat/hal_graphics_composer_default.te index 8f8e741..71c5c2f 100644 --- a/non_plat/hal_graphics_composer_default.te +++ b/non_plat/hal_graphics_composer_default.te @@ -51,4 +51,4 @@ set_prop(hal_graphics_composer_default, graphics_hwc_latch_unsignaled_prop) #============= hal_graphics_composer_default ============== allow hal_graphics_composer_default mtk_mdp_device:chr_file { read write open ioctl }; -allowxperm hal_graphics_composer_default proc_ged:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_INFO}; \ No newline at end of file +allowxperm hal_graphics_composer_default proc_ged:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_INFO GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET}; diff --git a/non_plat/hwservice_contexts b/non_plat/hwservice_contexts index 96a9cbb..cd6e9b6 100644 --- a/non_plat/hwservice_contexts +++ b/non_plat/hwservice_contexts @@ -12,6 +12,10 @@ vendor.mediatek.hardware.radio_op::IRadioOp u:object_r:mtk_hal_rild_hwservice:s0 # power hidl vendor.mediatek.hardware.mtkpower::IMtkPerf u:object_r:mtk_hal_power_hwservice:s0 vendor.mediatek.hardware.mtkpower::IMtkPower u:object_r:mtk_hal_power_hwservice:s0 +vendor.mediatek.hardware.power::IPerf u:object_r:mtk_hal_power_hwservice:s0 +vendor.mediatek.hardware.power::IPower u:object_r:mtk_hal_power_hwservice:s0 + + # Date: 2017/06/12 # LBS HIDL diff --git a/non_plat/ioctl_defines b/non_plat/ioctl_defines index 33e19e9..c1cd4fe 100755 --- a/non_plat/ioctl_defines +++ b/non_plat/ioctl_defines @@ -1,4 +1,11 @@ define(`GED_BRIDGE_IO_GE_ALLOC', `0x6764') define(`GED_BRIDGE_IO_GE_GET', `0x6765') +define(`GED_BRIDGE_IO_GE_SET', `0x6766') define(`GED_BRIDGE_IO_LOG_BUF_GET', `0x6700') +define(`GED_BRIDGE_IO_LOG_BUF_WRITE', `0x6701') +define(`GED_BRIDGE_IO_BOOST_GPU_FREQ', `0x6703') +define(`GED_BRIDGE_IO_MONITOR_3D_FENCE', `0x6704') +define(`GED_BRIDGE_IO_QUERY_INFO', `0x6705') +define(`GED_BRIDGE_IO_IOCTLCMD_0F', `0x670f') +define(`GED_BRIDGE_IO_IOCTLCMD_10', `0x6710') define(`GED_BRIDGE_IO_GE_INFO', `0x6769') diff --git a/non_plat/mtk_hal_power.te b/non_plat/mtk_hal_power.te index e611fe4..1a131d1 100644 --- a/non_plat/mtk_hal_power.te +++ b/non_plat/mtk_hal_power.te @@ -12,8 +12,10 @@ get_prop(mtk_hal_power, hwservicemanager_prop) allow mtk_hal_power hal_power_hwservice:hwservice_manager { add find }; allow mtk_hal_power hidl_base_hwservice:hwservice_manager add; -#add_hwservice(hal_power, mtk_hal_power_hwservice) +add_hwservice(mtk_hal_power, mtk_hal_power_hwservice) allow hal_power_client mtk_hal_power_hwservice:hwservice_manager find; +allow system_server mtk_hal_power_hwservice:hwservice_manager find; + hal_server_domain(mtk_hal_power, hal_power); diff --git a/non_plat/surfaceflinger.te b/non_plat/surfaceflinger.te index fb22d17..dd2d230 100644 --- a/non_plat/surfaceflinger.te +++ b/non_plat/surfaceflinger.te @@ -60,3 +60,6 @@ allow surfaceflinger hal_graphics_composer_default:lnk_file read; # Operation : Debug # Purpose: Allow to dump buffer queue get_prop(surfaceflinger, debug_bq_dump_prop) + +allowxperm surfaceflinger proc_perfmgr:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_BOOST_GPU_FREQ GED_BRIDGE_IO_QUERY_INFO}; + diff --git a/non_plat/workaround.te b/non_plat/workaround.te new file mode 100644 index 0000000..b0f3e39 --- /dev/null +++ b/non_plat/workaround.te @@ -0,0 +1,56 @@ + + +#============= aee_core_forwarder ============== +allow aee_core_forwarder aee_aed:unix_stream_socket connectto; +allow aee_core_forwarder aee_core_data_file:dir read; +allow aee_core_forwarder hwservicemanager:binder { call transfer }; + +#============= audioserver ============== +allow audioserver vendor_default_prop:file read; + +#============= bip ============== +allow bip net_dns_prop:file read; + +#============= bluetooth ============== +allow bluetooth mtk_amslog_prop:file read; + +#============= emdlogger ============== +allow emdlogger logmuch_prop:file read; + +#============= merged_hal_service ============== +allow merged_hal_service nvram_agent_binder_hwservice:hwservice_manager find; + +#============= mtk_hal_audio ============== +allow mtk_hal_audio audioserver:fifo_file write; +allow mtk_hal_audio sysfs_boot_mode:file read; +allow mtk_hal_audio sysfs_dt_firmware_android:dir search; + +#============= mtk_hal_camera ============== +allow mtk_hal_camera sysfs_dt_firmware_android:dir search; + +#============= platform_app ============== +allow platform_app mtk_amslog_prop:file read; + +#============= rild ============== +allow rild proc_cmdline:file read; + +#============= shared_relro ============== +allow shared_relro mtk_amslog_prop:file read; + +#============= system_server ============== +allow system_server vendor_default_prop:file read; + +#============= ueventd ============== +allow ueventd tmpfs:lnk_file read; + +#============= wmt_loader ============== +allow wmt_loader proc_wmtdbg:file setattr; + +# interface=android.hardware.audio::IDevicesFactory for hal_audio_hwservice +allow hal_audio_client hal_audio_hwservice:hwservice_manager find; +allow hal_audio_server hal_audio_hwservice:hwservice_manager find; +allow hal_audio hal_audio_hwservice:hwservice_manager find; + + +# interface=android.system.suspend::ISystemSuspend for aee_core_forwarder +allow aee_core_forwarder system_suspend_hwservice:hwservice_manager find;