author | Tellen Yu <tellen.yu@amlogic.com> | 2017-09-28 05:58:32 (GMT) |
---|---|---|
committer | Gerrit Code Review <gituser@scgit.amlogic.com> | 2017-09-28 05:58:32 (GMT) |
commit | 9fce08088cdcbc6fdbac46aafbb2d80fb0e04a52 (patch) | |
tree | 70de08c1b04629c953ea15c98b4a60a5680350df | |
parent | 64dc6099e05a7e0d20a27c98a355a7f038f265ae (diff) | |
parent | b7aba26bfab002f31e3f504c8737feaac7a156ef (diff) | |
download | amlogic-o-9fce08088cdcbc6fdbac46aafbb2d80fb0e04a52.zip amlogic-o-9fce08088cdcbc6fdbac46aafbb2d80fb0e04a52.tar.gz amlogic-o-9fce08088cdcbc6fdbac46aafbb2d80fb0e04a52.tar.bz2 |
Merge "device: add firmload default support under optee [1/3]" into o-amlogic
-rw-r--r-- | common/init.amlogic.media.rc | 6 | ||||
-rw-r--r-- | common/media.mk | 9 | ||||
-rw-r--r-- | common/sepolicy/file_contexts | 1 | ||||
-rw-r--r-- | common/sepolicy/firmload.te | 10 | ||||
-rw-r--r-- | common/sepolicy/init.te | 1 |
5 files changed, 27 insertions, 0 deletions
diff --git a/common/init.amlogic.media.rc b/common/init.amlogic.media.rc index 59d98b8..8a664f7 100644 --- a/common/init.amlogic.media.rc +++ b/common/init.amlogic.media.rc @@ -21,3 +21,9 @@ on fs insmod /vendor/lib/modules/amvdec_vc1.ko insmod /vendor/lib/modules/amvdec_vp9.ko insmod /vendor/lib/modules/encoder.ko + +service tee_preload_fw /vendor/bin/tee_preload_fw + class core + user root + group system + oneshot diff --git a/common/media.mk b/common/media.mk index e3d9a3d..92a94db 100644 --- a/common/media.mk +++ b/common/media.mk @@ -131,6 +131,7 @@ endif ifeq ($(TARGET_USE_OPTEEOS), true) BOARD_OMX_WITH_OPTEE_TVP := true + BUILD_WITH_TEEVIDEOFIRM_LOAD :=true else ifeq ($(TARGET_USE_SECUREOS), true) BOARD_OMX_WITH_TVP := true @@ -222,7 +223,15 @@ PRODUCT_PACKAGES += bootplayer \ alsalib-cardsaliasesconf endif +ifeq ($(BUILD_WITH_TEEVIDEOFIRM_LOAD),true) +PRODUCT_PACKAGES += \ + libtee_load_video_fw \ + tee_preload_fw \ + 526fc4fc-7ee6-4a12-96e3-83da9565bce8 +PRODUCT_COPY_FILES += \ + vendor/amlogic/prebuilt/videofirm/tee_preload_fw:/vendor/bin/tee_preload_fw +endif #BOARD_SECCOMP_POLICY := device/amlogic/common/seccomp PRODUCT_COPY_FILES += \ device/amlogic/common/seccomp/mediaextractor.policy:$(TARGET_COPY_OUT_VENDOR)/etc/seccomp_policy/mediaextractor.policy \ diff --git a/common/sepolicy/file_contexts b/common/sepolicy/file_contexts index ec2b5e0..7e06f56 100644 --- a/common/sepolicy/file_contexts +++ b/common/sepolicy/file_contexts @@ -118,6 +118,7 @@ /vendor/bin/remotecfg u:object_r:remotecfg_exec:s0 /vendor/bin/systemcontrol u:object_r:system_control_exec:s0 /system/bin/tee-supplicant u:object_r:tee_exec:s0 +/vendor/bin/tee_preload_fw u:object_r:firmload_exec:s0 /vendor/bin/tvserver u:object_r:tvserver_exec:s0 /vendor/bin/usbtestpm u:object_r:usbpm_exec:s0 /vendor/bin/wlan_fwloader u:object_r:wlan_fwloader_exec:s0 diff --git a/common/sepolicy/firmload.te b/common/sepolicy/firmload.te new file mode 100644 index 0000000..6ea347d --- a/dev/null +++ b/common/sepolicy/firmload.te @@ -0,0 +1,10 @@ +type firmload, domain; +type firmload_exec, exec_type, file_type; +init_daemon_domain(firmload) + +allow firmload drm_device:chr_file {open read write ioctl}; +allow firmload rootfs:lnk_file getattr; +allow firmload system_data_file:dir { write}; +allow firmload system_data_file:file { read open getattr}; +allow firmload sysfs:file { read open getattr }; +allow firmload proc:file { read open getattr };
\ No newline at end of file diff --git a/common/sepolicy/init.te b/common/sepolicy/init.te index 0e1aa50..275b00c 100644 --- a/common/sepolicy/init.te +++ b/common/sepolicy/init.te @@ -55,6 +55,7 @@ allow init drm_device:chr_file {setattr read write open ioctl}; allow init tee_block_device:blk_file rw_file_perms; allow init odm_block_device:blk_file rw_file_perms; allow shell drm_device:chr_file rw_file_perms; +allow init firmload_exec:file {getattr}; recovery_only(` domain_trans(init, rootfs, shell) |