author | jie.yuan <jie.yuan@amlogic.com> | 2018-12-18 05:26:35 (GMT) |
---|---|---|
committer | Xiaoliang Wang <xiaoliang.wang@amlogic.com> | 2018-12-24 09:42:39 (GMT) |
commit | e71e412c24df7b5c858e51a850149969fbb99941 (patch) | |
tree | 4def8f81be5f040a82305a2aa8afa5adca4045d5 | |
parent | f5193cac5144b52f0634853150cb55161f72925f (diff) | |
download | common-e71e412c24df7b5c858e51a850149969fbb99941.zip common-e71e412c24df7b5c858e51a850149969fbb99941.tar.gz common-e71e412c24df7b5c858e51a850149969fbb99941.tar.bz2 |
Revert "product:enable PRODUCT_SHIPPING_API_LEVEL := 28 [1/8]"
This reverts commit 2797b4846a94463c18d9513a4117f72ff6369f73.
Change-Id: I98fed7b4ea2a0df90ab462d32269008059c8e286
51 files changed, 106 insertions, 409 deletions
@@ -18,10 +18,6 @@ ifneq ($(AB_OTA_UPDATER),true) BUILT_IMAGES += cache.img endif -ifdef BOARD_PREBUILT_DTBOIMAGE -BUILT_IMAGES += dtbo.img -endif - BUILT_IMAGES += vendor.img ifeq ($(BOARD_USES_ODMIMAGE),true) BUILT_IMAGES += odm.img @@ -89,9 +85,6 @@ endif ifdef KERNEL_DEVICETREE DTBTOOL := $(BOARD_AML_VENDOR_PATH)/tools/dtbTool -DTCTOOL := out/host/linux-x86/bin/dtc -DTIMGTOOL := out/host/linux-x86/bin/mkdtimg - ifdef KERNEL_DEVICETREE_CUSTOMER_DIR KERNEL_DEVICETREE_DIR := $(KERNEL_DEVICETREE_CUSTOMER_DIR) else @@ -123,7 +116,7 @@ ifeq ($(PRODUCT_BUILD_SECURE_BOOT_IMAGE_DIRECTLY),true) INSTALLED_BOARDDTB_TARGET := $(INSTALLED_BOARDDTB_TARGET).encrypt endif# ifeq ($(PRODUCT_BUILD_SECURE_BOOT_IMAGE_DIRECTLY),true) -$(INSTALLED_BOARDDTB_TARGET) : $(KERNEL_DEVICETREE_SRC) $(KERNEL_OUT) $(KERNEL_CONFIG) $(DTCTOOL) $(DTIMGTOOL) +$(INSTALLED_BOARDDTB_TARGET) : $(KERNEL_DEVICETREE_SRC) $(KERNEL_OUT) $(KERNEL_CONFIG) $(foreach aDts, $(KERNEL_DEVICETREE), \ sed -i 's/^#include \"partition_.*/#include \"$(TARGET_PARTITION_DTSI)\"/' $(KERNEL_ROOTDIR)/$(KERNEL_DEVICETREE_DIR)/$(strip $(aDts)).dts; \ sed -i 's/^#include \"firmware_.*/#include \"$(TARGET_FIRMWARE_DTSI)\"/' $(KERNEL_ROOTDIR)/$(KERNEL_DEVICETREE_DIR)/$(TARGET_PARTITION_DTSI); \ @@ -147,17 +140,9 @@ ifeq ($(BOARD_AVB_ENABLE),true) --partition_name dtb endif -$(BOARD_PREBUILT_DTBOIMAGE): $(INSTALLED_BOARDDTB_TARGET) | $(DTCTOOL) $(DTIMGTOOL) - $(DTCTOOL) -@ -O dtb -o $(PRODUCT_OUT)/$(DTBO_DEVICETREE).dtbo $(KERNEL_ROOTDIR)/$(KERNEL_DEVICETREE_DIR)/$(DTBO_DEVICETREE).dts - $(DTIMGTOOL) create $@ $(PRODUCT_OUT)/$(DTBO_DEVICETREE).dtbo - @echo "Instaled $@" - .PHONY: dtbimage dtbimage: $(INSTALLED_BOARDDTB_TARGET) -.PHONY: dtboimage -dtboimage: $(PRODUCT_OUT)/dtbo.img - endif # ifdef KERNEL_DEVICETREE # Adds to <product name>-img-<build number>.zip so can be flashed. b/110831381 @@ -388,10 +373,6 @@ ifeq ($(BOARD_USES_PRODUCTIMAGE),true) FASTBOOT_IMAGES += product.img endif -ifdef BOARD_PREBUILT_DTBOIMAGE -FASTBOOT_IMAGES += dtbo.img -endif - ifeq ($(BUILD_WITH_AVB),true) FASTBOOT_IMAGES += vbmeta.img endif diff --git a/flash-all.bat b/flash-all.bat index ecb2dde..dbbeaf5 100755 --- a/flash-all.bat +++ b/flash-all.bat @@ -26,7 +26,6 @@ ping -n 5 127.0.0.1 >nul fastboot flashing unlock_critical fastboot flashing unlock fastboot flash dts dt.img -fastboot flash dtbo dtbo.img fastboot -w fastboot flash vbmeta vbmeta.img fastboot flash odm odm.img diff --git a/flash-all.sh b/flash-all.sh index ff2b333..96397a9 100755 --- a/flash-all.sh +++ b/flash-all.sh @@ -61,7 +61,6 @@ sleep 5 fastboot $sern flashing unlock_critical fastboot $sern flashing unlock fastboot $sern flash dts dt.img -fastboot $sern flash dtbo dtbo.img fastboot $sern erase param fastboot $sern -w diff --git a/optimization/config b/optimization/config index 597a2ec..ec564fc 100755 --- a/optimization/config +++ b/optimization/config @@ -1 +1 @@ -NPEF;IjhiQspgjmfEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0dqvjogp`nby`gsfr0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0inq`cpptu;20tzt0dmbtt0nqhqv0tdbmf`npef;40tzt0efwjdft0tztufn0dmpdltpvsdf0dmpdltpvsdf10dvssfou`dmpdltpvsdf;Ujnfs.Ltzt/pqujnj{bujpo/vj/ix;usvftzt/ibsexbsf/wtzod;usvfQLH;dpn/bouvuvdpn/sjhiuxbsf/uenn3w21kojgsfftpguxfh/ix/qfsgpsnbodfdpn/hmcfodinbsldb/qsjnbufmbct/hfflcfodi3dpn/fmmjtnbslpw/hqvcfodiqfsgpsnbodf/uftudpn/hsffofdpnqvujoh/mjoqbdldpn/espmf{/ocfoditf/ofobdpn/rvbmdpnn/ry/ofpdpsfdpn/bvspsbtpguxpslt/rvbesboudpn/tnbsucfodi/fmfwfodpn/qbttnbsl/qu`npcjmfdpn/fecvsofuuf/gqt3edpn/Cgjfme/DqvJefoujgjfsfv/dibjogjsf/dgcfodidpn/gvuvsfnbsl/enboespje/bqqmjdbujpodpn/rvjdjod/wfmmbnpdpn/IPUJDF/NpcjmfUftudpn/qduwuw/boespje/uutydpn/ffncd/dpsfnbsldpn/boespje/dn4dpn/qsjnbufmbctdpn/bsn/of21/efnpdpn/boespje/dut/pqfohm0/qsjnjujwf/HMQsjnjujwfBdujwjuzdpn/ubdufm/fmfdupqjbdpn/rrgsjfoetdpn/topxdpme/cfodinbslNPEF;DqvMjnjufsGsfrEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;711111QLH;dpn/bouvuv/uftufsNPEF;HqvGpsdfSfoefsEBUB;tzt/pqujnj{bujpo/vj/ix;usvfQLH;dpn/ufodfou/hbnf/sizuinnbtufsNPEF;DUTEBUB;tzt/wtzod/uzqf;ibsexbsfnfejb/pny/ws;usvfQLH;boespje/nfejb/dut0/EfdpefBddvsbdzUftuBdujwjuzboespje/wjfx/dut0/QjyfmDpqzWjefpTpvsdfBdujwjuzboespje/wjfx/dut0/tvsgbdfwbmjebups/DbquvsfeBdujwjuzdpn/hpphmf/boespje/fypqmbzfs/hut0/vujm/IptuBdujwjuzdpn/boespje/dut/wfsjgjfsNPEF;HqvIjhiQspgjmfEBUB;0tzt0dmbtt0nqhqv0tdbmf`npef;4QLH;dpn/esbxfmfnfout/efrqboespje/mfbocbdlkbol/dutboespje/mfbocbdlkbol/bqqdpn/boespje/tfswfs/dut/efwjdf/hsbqijdttubutboespje/wjfx/dut0/EjtqmbzSfgsftiSbufDutBdujwjuzboespje/pqfohmqfsg/dut0/HmQmbofutBdujwjuzdpn/ofugmjy/ojokb0/NbjoBdujwjuzNPEF;FodpefsHutUftuEBUB;nfejb/fodpefs/cjusbuf/uftu;2nfejb/pny/ejtqmbz`npef;20tzt0npevmf0ej0qbsbnfufst0czqbtt`bmm;2QLH;dpn/hpphmf/boespje/nfejb/hut
\ No newline at end of file +NPEF;IjhiQspgjmfEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0dqvjogp`nby`gsfr0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0inq`cpptu;20tzt0dmbtt0nqhqv0tdbmf`npef;40tzt0efwjdft0tztufn0dmpdltpvsdf0dmpdltpvsdf10dvssfou`dmpdltpvsdf;Ujnfs.Ltzt/pqujnj{bujpo/vj/ix;usvftzt/ibsexbsf/wtzod;usvfQLH;dpn/bouvuvdpn/sjhiuxbsf/uenn3w21kojgsfftpguxfh/ix/qfsgpsnbodfdpn/hmcfodinbsldb/qsjnbufmbct/hfflcfodi3dpn/fmmjtnbslpw/hqvcfodiqfsgpsnbodf/uftudpn/hsffofdpnqvujoh/mjoqbdldpn/espmf{/ocfoditf/ofobdpn/rvbmdpnn/ry/ofpdpsfdpn/bvspsbtpguxpslt/rvbesboudpn/tnbsucfodi/fmfwfodpn/qbttnbsl/qu`npcjmfdpn/fecvsofuuf/gqt3edpn/Cgjfme/DqvJefoujgjfsfv/dibjogjsf/dgcfodidpn/gvuvsfnbsl/enboespje/bqqmjdbujpodpn/rvjdjod/wfmmbnpdpn/IPUJDF/NpcjmfUftudpn/qduwuw/boespje/uutydpn/ffncd/dpsfnbsldpn/boespje/dn4dpn/qsjnbufmbctdpn/bsn/of21/efnpdpn/boespje/dut/pqfohm0/qsjnjujwf/HMQsjnjujwfBdujwjuzdpn/ubdufm/fmfdupqjbdpn/rrgsjfoetdpn/topxdpme/cfodinbslNPEF;DqvMjnjufsGsfrEBUB;0tzt0dmbtt0uifsnbm0uifsnbm`{pof10npef;ejtbcmfe0tzt0dmbtt0uifsnbm0uifsnbm`{pof20npef;ejtbcmfe0tzt0efwjdft0tztufn0dqv0dqv10dqvgsfr0tdbmjoh`nby`gsfr;711111QLH;dpn/bouvuv/uftufsNPEF;HqvGpsdfSfoefsEBUB;tzt/pqujnj{bujpo/vj/ix;usvfQLH;dpn/ufodfou/hbnf/sizuinnbtufsNPEF;DUTEBUB;tzt/wtzod/uzqf;ibsexbsftzt/nfejb/pny/ws;usvfQLH;boespje/nfejb/dut0/EfdpefBddvsbdzUftuBdujwjuzboespje/wjfx/dut0/QjyfmDpqzWjefpTpvsdfBdujwjuzboespje/wjfx/dut0/tvsgbdfwbmjebups/DbquvsfeBdujwjuzdpn/hpphmf/boespje/fypqmbzfs/hut0/vujm/IptuBdujwjuzdpn/boespje/dut/wfsjgjfsNPEF;HqvIjhiQspgjmfEBUB;0tzt0dmbtt0nqhqv0tdbmf`npef;4QLH;dpn/esbxfmfnfout/efrqboespje/mfbocbdlkbol/dutboespje/mfbocbdlkbol/bqqdpn/boespje/tfswfs/dut/efwjdf/hsbqijdttubutboespje/wjfx/dut0/EjtqmbzSfgsftiSbufDutBdujwjuzboespje/pqfohmqfsg/dut0/HmQmbofutBdujwjuzdpn/ofugmjy/ojokb0/NbjoBdujwjuzNPEF;FodpefsHutUftuEBUB;ix/fodpefs/cjusbuf/uftu;2nfejb/pny/ejtqmbz`npef;20tzt0npevmf0ej0qbsbnfufst0czqbtt`bmm;2QLH;dpn/hpphmf/boespje/nfejb/hut
\ No newline at end of file diff --git a/optimization/liboptimization_32.so b/optimization/liboptimization_32.so index 991f8b8..90bf96a 100755 --- a/optimization/liboptimization_32.so +++ b/optimization/liboptimization_32.so @@ -1,19 +1,19 @@ -ELF - -HAxD -(F!FOr6(F@-OF +ELF + +@ +HAxD +(F!FOrB(F@U-OF -!F, HFpy x/(%1HDhxD - - - -O -PF1F"PF9F"0PF9F" F1F
- -9 +!F, HFpy x/(%1HDhxD + + + C -b$8F -, +$8F + +O +PF1F"PF9F"\PF9F" F1F
+ HF*F p @@ -23,19 +23,18 @@ p hHF1F 1DF - -) -أ0F)F"F -1 ,أ2h(F!F - -F + +) -أ0F)F"F +1 ,أ2h(F!F +F -nFcH -"F - FoBF -KzD +nFcH +"F + FoBF +KzD Fb -8 +8 p@ p@ p@ @@ -45,55 +44,48 @@ Fb p@ hA - + I}D J -KzD - FoG%HxD +KzD + FoG%HxD `J - - - + + + + + + - - - - - - - - - - - - - - + + + + + + + + + + + - + - - - - - + + + A -"&7zXZ -[B⥐jyvƷxV^ SW9 -e.2QϺ2CP9YF'3 -x ̬=H7^T89%\.[Bo'qudJbNJ(PIh&܅٦:(hE=)uW=VSO$6/Ƨgf-VKY -Dۛ<$Uf_'
T$ܐ;5.ΌgΏIs.,21Z^/
~I 3TMG}ZI r|#FUr;Z(Е[>¿iOK2?73k6/
8'2rD0JW+2،##>5ఆ7z0`"__C@8q*eF#*Y[AfhgVk%-yR[kTݜi5P VI!@^X6_
kp_W`EY#v=0ƞe+ܨ'WgK6as_j&A;XcʗQ㶙v~^a!ZV֡wxaM'egVҏAGn;e'?L*p!YcP*xA+$Pџ4zGC>)^?V -$qҦK(Ȟ
b?샑8P}{'g {{6kM9> 2+wՕ.a# -*YTH״ - -REj)GAűy'qGܯ)BA9FE䈆- -Cq:& -\ -BƔgGvݑdaxCo Kx>B
RZ.rapw.b - - - - - - +"&7zXZ + l5^<`.sd<GePPcFT-R? $Xg\L[~I8H +ŷd< + ^wcK뭗AkSO6i0~!3]X-擩mR
}ךd&YP,J|N6ܒ{/BKO$J-v`ʽ$ӻE=ᷕ,SbdN +!%}(-3e2-/i,"ezl-^2**Aaz#\Dh#. +Nc鑵wHi,&(l25U\f֬%
1_gq[Q-3xGoKQ1ֳTfT'_q"c
W%nXokER&xmWcC\źLUmcddͦZr>kVmQMnmm~^X}#g&g1*5Є
vӯ;G0_/3OepMLřWՇu3 +箱 +Zb#3t +\EaJ9fJbeqorzH&ȵZX=35eD;hC_sǂ֎ +=2 +g + + diff --git a/products/mbox/init.amlogic.system.rc b/products/mbox/init.amlogic.system.rc index b7a460a..10b9ee9 100644 --- a/products/mbox/init.amlogic.system.rc +++ b/products/mbox/init.amlogic.system.rc @@ -239,11 +239,6 @@ on boot chown media system /sys/module/amvdec_h265/parameters/double_write_mode chmod 666 /sys/module/amvdec_h265/parameters/double_write_mode - chown media system /sys/module/amdolby_vision/parameters/dolby_vision_profile - chown media system /sys/module/amdolby_vision/parameters/dolby_vision_level - chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_profile - chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_level - chown media system /sys/module/deinterlace/parameters/deinterlace_mode chown media system /sys/class/graphics/fb0/block_mode @@ -274,7 +269,7 @@ on boot chown system system /sys/class/amhdmitx/amhdmitx0/cec_lang_config chown system system /sys/class/amhdmitx/amhdmitx0/config chown system system /sys/class/amhdmitx/amhdmitx0/avmute - chmod 0666 /sys/class/amhdmitx/amhdmitx0/avmute + chmod 0664 /sys/class/amhdmitx/amhdmitx0/avmute chown mediadrm audio /sys/class/amhdmitx/amhdmitx0/aud_output_chs chown media system /sys/class/switch/hdmi/state chmod 0660 /sys/class/switch/hdmi/state diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package.conf b/products/mbox/upgrade_4.9/aml_upgrade_package.conf index e64aed8..6b1e222 100644 --- a/products/mbox/upgrade_4.9/aml_upgrade_package.conf +++ b/products/mbox/upgrade_4.9/aml_upgrade_package.conf @@ -24,5 +24,4 @@ file="product.img" main_type="PARTITION" sub_type="product" file="recovery.img" main_type="PARTITION" sub_type="recovery" file="bootloader.img" main_type="PARTITION" sub_type="bootloader" file="dt.img" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf index ad38dda..e78eb2a 100644 --- a/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf +++ b/products/mbox/upgrade_4.9/aml_upgrade_package_AB.conf @@ -23,5 +23,4 @@ file="odm.img" main_type="PARTITION" sub_type="odm_a" file="odm.img" main_type="PARTITION" sub_type="odm_b" file="bootloader.img" main_type="PARTITION" sub_type="bootloader" file="dt.img" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf index c65dee0..4d76632 100644 --- a/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf +++ b/products/mbox/upgrade_4.9/aml_upgrade_package_AB_enc.conf @@ -27,5 +27,4 @@ file="odm.img" main_type="PARTITION" sub_type="odm_a" file="odm.img" main_type="PARTITION" sub_type="odm_b" file="bootloader.img.encrypt" main_type="PARTITION" sub_type="bootloader" file="dt.img.encrypt" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf index c35249c..5985f54 100644 --- a/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf +++ b/products/mbox/upgrade_4.9/aml_upgrade_package_avb.conf @@ -25,5 +25,4 @@ file="product.img" main_type="PARTITION" sub_type="product" file="recovery.img" main_type="PARTITION" sub_type="recovery" file="bootloader.img" main_type="PARTITION" sub_type="bootloader" file="dt.img" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf b/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf index 714ef45..1fe859b 100644 --- a/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf +++ b/products/mbox/upgrade_4.9/aml_upgrade_package_enc.conf @@ -28,5 +28,4 @@ file="product.img" main_type="PARTITION" sub_type="product" file="recovery.img.encrypt" main_type="PARTITION" sub_type="recovery" file="bootloader.img.encrypt" main_type="PARTITION" sub_type="bootloader" file="dt.img.encrypt" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/tv/init.amlogic.system.rc b/products/tv/init.amlogic.system.rc index 5de777d..a20c565 100755 --- a/products/tv/init.amlogic.system.rc +++ b/products/tv/init.amlogic.system.rc @@ -253,11 +253,6 @@ on boot chown media system /sys/module/amvdec_h265/parameters/double_write_mode chmod 666 /sys/module/amvdec_h265/parameters/double_write_mode - chown media system /sys/module/amdolby_vision/parameters/dolby_vision_profile - chown media system /sys/module/amdolby_vision/parameters/dolby_vision_level - chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_profile - chmod 666 /sys/module/amdolby_vision/parameters/dolby_vision_level - chown media system /sys/module/deinterlace/parameters/deinterlace_mode chown media system /sys/class/graphics/fb0/block_mode @@ -288,7 +283,7 @@ on boot chown system system /sys/class/amhdmitx/amhdmitx0/cec_lang_config chown system system /sys/class/amhdmitx/amhdmitx0/config chown system system /sys/class/amhdmitx/amhdmitx0/avmute - chmod 0666 /sys/class/amhdmitx/amhdmitx0/avmute + chmod 644 /sys/class/amhdmitx/amhdmitx0/avmute chown system mediadrm /sys/class/amhdmitx/amhdmitx0/aud_output_chs chown media system /sys/class/switch/hdmi/state chmod 0660 /sys/class/switch/hdmi/state diff --git a/products/tv/upgrade_4.9/aml_upgrade_package.conf b/products/tv/upgrade_4.9/aml_upgrade_package.conf index e64aed8..6b1e222 100644 --- a/products/tv/upgrade_4.9/aml_upgrade_package.conf +++ b/products/tv/upgrade_4.9/aml_upgrade_package.conf @@ -24,5 +24,4 @@ file="product.img" main_type="PARTITION" sub_type="product" file="recovery.img" main_type="PARTITION" sub_type="recovery" file="bootloader.img" main_type="PARTITION" sub_type="bootloader" file="dt.img" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf b/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf index 2491323..96bfb61 100644 --- a/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf +++ b/products/tv/upgrade_4.9/aml_upgrade_package_AB.conf @@ -22,5 +22,4 @@ file="vendor.img" main_type="PARTITION" sub_type="vendor_a" file="odm.img" main_type="PARTITION" sub_type="odm_a" file="bootloader.img" main_type="PARTITION" sub_type="bootloader" file="dt.img" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf b/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf index bc0bb43..b2af592 100644 --- a/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf +++ b/products/tv/upgrade_4.9/aml_upgrade_package_AB_enc.conf @@ -27,5 +27,4 @@ file="system.img" main_type="PARTITION" sub_type="system_a" #file="system.img" main_type="PARTITION" sub_type="system_b" file="bootloader.img.encrypt" main_type="PARTITION" sub_type="bootloader" file="dt.img.encrypt" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf b/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf index ddc66fc..1e17a97 100644 --- a/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf +++ b/products/tv/upgrade_4.9/aml_upgrade_package_avb.conf @@ -26,5 +26,4 @@ file="product.img" main_type="PARTITION" sub_type="product" file="recovery.img" main_type="PARTITION" sub_type="recovery" file="bootloader.img" main_type="PARTITION" sub_type="bootloader" file="dt.img" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf b/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf index dec7053..0413369 100644 --- a/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf +++ b/products/tv/upgrade_4.9/aml_upgrade_package_enc.conf @@ -28,5 +28,4 @@ file="product.img" main_type="PARTITION" sub_type="product" file="recovery.img.encrypt" main_type="PARTITION" sub_type="recovery" file="bootloader.img.encrypt" main_type="PARTITION" sub_type="bootloader" file="dt.img.encrypt" main_type="PARTITION" sub_type="_aml_dtb" -file="dtbo.img" main_type="PARTITION" sub_type="dtbo" diff --git a/sepolicy/audioserver.te b/sepolicy/audioserver.te index d138955..bb6d881 100644 --- a/sepolicy/audioserver.te +++ b/sepolicy/audioserver.te @@ -12,11 +12,6 @@ allow audioserver self:netlink_kobject_uevent_socket create_socket_perms_no_ioct # operation hidraw device allow audioserver hidraw_audio_device:chr_file rw_file_perms; -#bootanim -allow audioserver bootanim:binder call; - #operation property; set_prop(audioserver, audio_prop) - -get_prop(audioserver, vendor_platform_prop)
\ No newline at end of file diff --git a/sepolicy/bootanim.te b/sepolicy/bootanim.te index 49a56ef..5d1577a 100644 --- a/sepolicy/bootanim.te +++ b/sepolicy/bootanim.te @@ -1,14 +1 @@ -allow bootanim sysfs_video:dir { search }; -allow bootanim sysfs_video:file { open read write getattr }; -allow bootanim input_device:dir {open read write search }; -allow bootanim input_device:chr_file {open read write ioctl }; -allow bootanim sysfs_display:file {open read write ioctl }; -allow bootanim video_device:chr_file {open read write getattr ioctl }; -allow bootanim sysfs_audio:file {open read write getattr }; -allow bootanim system_data_file:file { open read }; -allow bootanim system_data_file:dir { open read }; -allow bootanim mediaserver_service:service_manager { find }; -allow bootanim mediaserver:binder { call transfer }; -set_prop(bootanim, system_prop) -get_prop(bootanim, media_prop) - +#allow bootanim vendor_file:file { open read getattr execute };
diff --git a/sepolicy/bootvideo.te b/sepolicy/bootvideo.te index 356394e..6f1ca89 100644 --- a/sepolicy/bootvideo.te +++ b/sepolicy/bootvideo.te @@ -23,7 +23,4 @@ allow bootvideo property_socket:sock_file write; allow bootvideo sysfs_xbmc:file { open read write getattr }; -#--------------------------------------------------------------------# -# product_shipping_api_level=28 vendor/system cannot share prop -#--------------------------------------------------------------------# -#set_prop(bootvideo, system_prop) +set_prop(bootvideo, system_prop) diff --git a/sepolicy/device.te b/sepolicy/device.te index f1d28f6..b97236f 100644 --- a/sepolicy/device.te +++ b/sepolicy/device.te @@ -5,7 +5,6 @@ type bootloader_device, dev_type; type defendkey_device, dev_type; type dtb_device, dev_type; type dvb_device, dev_type, mlstrustedobject; -type frontend_device, dev_type; type cec_device, dev_type; type unify_device, dev_type; @@ -35,7 +34,6 @@ type system_block_fsck_device, dev_type; type subtitle_device, dev_type; type sw_sync_device, dev_type; type ge2d_device, dev_type; -type display_device, dev_type; type amvecm_device, dev_type; type di0_device, dev_type; type hidraw_device, dev_type; diff --git a/sepolicy/drmserver.te b/sepolicy/drmserver.te index 2e64607..9351c5d 100644 --- a/sepolicy/drmserver.te +++ b/sepolicy/drmserver.te @@ -9,6 +9,3 @@ allow drmserver kernel:system module_request; allow drmserver unlabeled:file { read }; -allow drmserver bootanim:fd { use }; -allow drmserver system_data_file:file { read }; - diff --git a/sepolicy/file.te b/sepolicy/file.te index ac5bbcc..1be0154 100644 --- a/sepolicy/file.te +++ b/sepolicy/file.te @@ -66,8 +66,6 @@ type sysfs_remote, fs_type, sysfs_type; type sysfs_clock, fs_type, sysfs_type; type sysfs_hdmi, fs_type, sysfs_type; -type sysfs_ir, fs_type, sysfs_type; - type reco_file, file_type; type sysfs_unifykey, fs_type, sysfs_type; diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts index 21cebbf..0c05a2d 100644 --- a/sepolicy/file_contexts +++ b/sepolicy/file_contexts @@ -67,7 +67,6 @@ /dev/dtb u:object_r:dtb_device:s0 /dev/dvb0.* u:object_r:dvb_device:s0 /dev/dvb.* u:object_r:video_device:s0 -/dev/v4l2_frontend u:object_r:frontend_device:s0 /dev/esm u:object_r:hdcptx_device:s0 /dev/esm_rx u:object_r:hdcprx_device:s0 /dev/ge2d u:object_r:ge2d_device:s0 @@ -111,7 +110,6 @@ /sys/class/video/axis u:object_r:sysfs_video:s0 /sys/class/tsync/enable u:object_r:sysfs_video:s0 /sys/class/audiodsp/digital_raw u:object_r:sysfs_audio:s0 -/sys/class/amaudio/debug u:object_r:sysfs_audio:s0 /sys/class/hidraw(/.*)? u:object_r:sysfs_audio:s0 /sys/class/tsync/firstapts u:object_r:sysfs_xbmc:s0 /sys/class/tsync/pts_audio u:object_r:sysfs_xbmc:s0 @@ -147,13 +145,10 @@ /sys/devices/platform/meson-fb/graphics/fb[0-3](/.*) u:object_r:sysfs_display:s0 /sys/class/lcd/enable u:object_r:sysfs_lcd:s0 /sys/class/video/video_scaler_path_sel u:object_r:sysfs_video:s0 -/sys/module/amdolby_vision/parameters(/.*)? u:object_r:sysfs_video:s0 /sys/class/unifykeys(/.*)? u:object_r:sysfs_unifykey:s0 /sys/devices/platform/ffd26000.hdmirx/hdmirx/hdmirx0/key u:object_r:sysfs_unifykey:s0 -/sys/devices/virtual/meson-irblaster/irblaster1(/.*)? u:object_r:sysfs_ir:s0 - /sys/class/aml_store/store_device u:object_r:sysfs_store:s0 /sys/class/defendkey/decrypt_dtb u:object_r:sysfs_defendkey:s0 /sys/class/aml_store/bl_off_bytes u:object_r:sysfs_store:s0 @@ -164,7 +159,6 @@ /sys/class/amhdmitx/amhdmitx0/sink_type u:object_r:sysfs_amhdmitx:s0 /sys/class/amhdmitx/amhdmitx0/edid_parsing u:object_r:sysfs_amhdmitx:s0 /sys/class/amhdmitx/amhdmitx0/hdcp_mode u:object_r:sysfs_amhdmitx:s0 -/sys/class/amhdmitx/amhdmitx0/avmute u:object_r:sysfs_amhdmitx:s0 /sys/class/amhdmitx/amhdmitx0/disp_cap u:object_r:sysfs_amhdmitx:s0 /sys/module/amvdec_h265/parameters/double_write_mode u:object_r:sysfs_amvdec:s0 @@ -201,7 +195,6 @@ /sys/class/amvecm(/.*)? u:object_r:sysfs_video:s0 /sys/class/video(/.*)? u:object_r:sysfs_video:s0 -/dev/vbi u:object_r:vbi_device:s0 /dev/vbi[0-3] u:object_r:vbi_device:s0 /sys/class/mpgpu/scale_mode u:object_r:sysfs_mpgpu_scale:s0 @@ -211,7 +204,6 @@ /tee(/.*)? u:object_r:tee_data_file:s0 /mnt/vendor/tee(/.*)? u:object_r:tee_data_file:s0 /mnt/vendor/param(/.*)? u:object_r:param_tv_file:s0 -/mnt/vendor u:object_r:param_tv_file:s0 #/vendor/bin/bootplayer u:object_r:bootvideo_exec:s0 #/vendor/bin/dv_config u:object_r:dv_config_exec:s0 @@ -224,13 +216,11 @@ /vendor/bin/hdcp_rx22 u:object_r:hdcp_rx22_exec:s0 /vendor/bin/hdcp_tx22 u:object_r:hdcp_tx22_exec:s0 -/vendor/bin/hdcp_rp22 u:object_r:hdcp_rp22_exec:s0 /vendor/bin/remotecfg u:object_r:remotecfg_exec:s0 /vendor/bin/systemcontrol u:object_r:system_control_exec:s0 /vendor/bin/hdmicecd u:object_r:hdmicecd_exec:s0 /vendor/bin/droidvold u:object_r:droidvold_exec:s0 /vendor/bin/ntfs-3g u:object_r:ntfs_3g_exec:s0 -/vendor/bin/rc_server u:object_r:rc_server_exec:s0 /vendor/bin/tee-supplicant u:object_r:tee_exec:s0 /vendor/bin/tee_preload_fw u:object_r:firmload_exec:s0 @@ -248,23 +238,16 @@ /data/vendor/mediadrm(/.*)? u:object_r:hal_drm_data:s0 /vendor/lib(64)?/hw/gralloc\.amlogic\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/hw/android\.hardware\.graphics\.mapper@2\.0-impl-2.1\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libfbcnf\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/extractors u:object_r:same_process_hal_file:s0 -/vendor/lib(64)? u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/extractors/libamextractor\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libamffmpegadapter\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libamffmpeg\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libjni_remoteime\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/libtunertvinput_jni\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/libjnifont\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/jnidtvepgscanner\.so u:object_r:vendor_app_file:s0 -/vendor/lib(64)?/libam_adp\.so u:object_r:vendor_app_file:s0 -/vendor/lib(64)?/libam_mw\.so u:object_r:vendor_app_file:s0 -/vendor/lib(64)?/libicuuc_vendor\.so u:object_r:vendor_app_file:s0 -/vendor/lib(64)?/libzvbi\.so u:object_r:vendor_app_file:s0 -/vendor/lib(64)?/libjnidtvsubtitle\.so u:object_r:vendor_app_file:s0 +/vendor/lib(64)?/am_adp\.so u:object_r:vendor_app_file:s0 +/vendor/lib(64)?/am_mw\.so u:object_r:vendor_app_file:s0 +/vendor/lib(64)?/zvbi\.so u:object_r:vendor_app_file:s0 +/vendor/lib(64)?/jnidtvsubtitle\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/libvendorfont\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/libtvbinder\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/libtv_jni\.so u:object_r:vendor_app_file:s0 @@ -279,10 +262,7 @@ /vendor/lib(64)?/vendor\.amlogic\.hardware\.remotecontrol@1\.0\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/vendor\.amlogic\.hardware\.hdmicec@1\.0\.so u:object_r:vendor_app_file:s0 /vendor/lib(64)?/vendor\.amlogic\.hardware\.droidvold@1\.0\.so u:object_r:vendor_app_file:s0 -/vendor/lib(64)?/libjnidtvepgscanner\.so u:object_r:vendor_app_file:s0 -/vendor/lib(64)?/libjniuevent\.so u:object_r:vendor_app_file:s0 /dev/hidraw[0-9]* u:object_r:hidraw_audio_device:s0 #The final space is necessary. Please don't delete it. -/vendor/lib/vendor\.amlogic\.hardware\.remotecontrol@1\.0\.so u:object_r:vendor_app_file:s0 diff --git a/sepolicy/hal_audio_default.te b/sepolicy/hal_audio_default.te index 32b627d..30e1d48 100644 --- a/sepolicy/hal_audio_default.te +++ b/sepolicy/hal_audio_default.te @@ -6,26 +6,19 @@ allow hal_audio_default sysfs_digital_codec:file { write read open }; allow hal_audio_default sysfs_amhdmitx:dir search; allow hal_audio_default kernel:system { module_request }; allow hal_audio_default media_prop:file { read open getattr }; -allow hal_audio_default media_prop:property_service { set }; allow hal_audio_default shell_data_file:file { read write }; allow hal_audio_default sysfs_xbmc:file { read open write }; allow hal_audio_default hidraw_device:chr_file { create read write open ioctl}; allow hal_audio_default property_socket:sock_file { write }; allow hal_audio_default init:unix_stream_socket { connectto }; - -#--------------------------------------------------------------------# -# product_shipping_api_level=28 vendor/system cannot share prop -#--------------------------------------------------------------------# -#s/get_prop(hal_audio_default, bluetooth_prop) -get_prop(hal_audio_default, vendor_platform_prop) +allow hal_audio_default bluetooth_prop:property_service { set }; +allow hal_audio_default bluetooth_prop:file { read getattr open }; allow hal_audio_default sysfs_aud_output_chs:file { open read write }; allow hal_audio_default sysfs_aud_output_chs:file { read write open }; allow hal_audio_default remotecontrol_hwservice:hwservice_manager find; -allow hal_audio_default sysfs:file { open read write }; +allow hal_audio_default sysfs:file open; allow hal_audio_default device:dir read; -allow hal_audio_default uio_device:chr_file { open read write }; allow hal_audio_default system_app:binder call; -allow hal_audio_default tv_prop:file { read getattr open }; allow hal_audio_default hidraw_audio_device:chr_file { create read write open ioctl}; allow hal_audio_default sysfs_audio:file rw_file_perms; allow hal_audio_default sysfs_audio:dir r_dir_perms; diff --git a/sepolicy/hal_graphics_composer_default.te b/sepolicy/hal_graphics_composer_default.te index 05660f8..699e79b 100644 --- a/sepolicy/hal_graphics_composer_default.te +++ b/sepolicy/hal_graphics_composer_default.te @@ -7,6 +7,8 @@ allow hal_graphics_composer_default vndservicemanager:binder { call transfer }; allow hal_graphics_composer_default systemcontrol_hwservice:hwservice_manager { find }; allow hal_graphics_composer_default system_control:binder { call }; +allow hal_graphics_composer_default tv_prop:file { getattr open read }; + allow hal_graphics_composer_default video_device:chr_file rw_file_perms; allow hal_graphics_composer_default graphics_device:chr_file {open read write ioctl}; allow hal_graphics_composer_default sysfs_video:file rw_file_perms; @@ -16,18 +18,9 @@ allow hal_graphics_composer_default sysfs_display:dir search; allow hal_graphics_composer_default sysfs_display:lnk_file { open read write ioctl }; allow hal_graphics_composer_default sysfs_display:file { read write open getattr }; allow hal_graphics_composer_default sysfs_display:chr_file { ioctl read write open }; -allow hal_graphics_composer_default display_device:chr_file r_file_perms; allow hal_graphics_composer_default sysfs_amhdmitx:file { read write open getattr }; allow hal_graphics_composer_default sysfs_amhdmitx:dir search; -allow hal_graphics_composer_default tv_prop:file { getattr open read }; get_prop(hal_graphics_composer_default, tv_prop) - -allow hal_graphics_composer_default media_prop:file { getattr open read }; -get_prop(hal_graphics_composer_default, media_prop) - allow hal_graphics_composer_default sysfs_video:dir { search }; allow hal_graphics_composer_default sysfs_display:file { read write open getattr }; - -allow hal_graphics_composer_default vendor_platform_prop:file {getattr open read}; -get_prop(hal_graphics_composer_default, vendor_platform_prop) diff --git a/sepolicy/hal_memtrack_default.te b/sepolicy/hal_memtrack_default.te index 2c219d3..9940dd7 100644 --- a/sepolicy/hal_memtrack_default.te +++ b/sepolicy/hal_memtrack_default.te @@ -82,5 +82,3 @@ allow hal_memtrack_default tvserver:file r_file_perms; allow hal_memtrack_default hal_drm_clearkey:dir search; allow hal_memtrack_default hdcp_tx22:dir search; -allow hal_memtrack_default hdcp_rx22:dir { search read }; -allow hal_memtrack_default hdcp_rx22:file { read open getattr }; diff --git a/sepolicy/hdcp_rp22.te b/sepolicy/hdcp_rp22.te deleted file mode 100644 index f6b7c26..0000000 --- a/sepolicy/hdcp_rp22.te +++ b/dev/null @@ -1,45 +0,0 @@ -type hdcp_rp22, domain; -type hdcp_rp22_exec, exec_type, vendor_file_type, file_type; -init_daemon_domain(hdcp_rp22) -type hdcprp_device, dev_type; - -allow hdcp_rp22 hdcprp_device:chr_file { open read write getattr ioctl }; - -allow hdcp_rp22 system_file:file execute_no_trans; -allow hdcp_rp22 hdcp_rp22_exec:file {entrypoint read}; - -#allow hdcp_rp22 shell_exec:file rx_file_perms; - -allow hdcp_rp22 sysfs:file rw_file_perms; - -allow hdcp_rp22 param_tv_file:dir { search create read write open add_name remove_name rmdir }; -allow hdcp_rp22 param_tv_file:file { create open read write setattr getattr lock unlink }; -allow hdcp_rp22 kmsg_device:chr_file {write}; -allow hdcp_rp22 device:dir {write}; -allow hdcp_rp22 kmsg_device:chr_file {open}; -allow hdcp_rp22 hdcptx_device:chr_file {open read write ioctl}; - -allow hdcp_rp22 mnt_media_rw_file:file { create read write open }; -allow hdcp_rp22 mnt_media_rw_file:dir { write add_name }; -allow hdcp_rp22 rootfs:lnk_file {getattr}; -allow hdcp_rp22 storage_file:dir {read write search}; -allow hdcp_rp22 storage_file:file {open read write getattr}; -allow hdcp_rp22 storage_file:lnk_file {open read write getattr}; -allow hdcp_rp22 tmpfs:dir {search getattr}; -allow hdcp_rp22 tmpfs:file create_file_perms; -allow hdcp_rp22 mnt_user_file:dir {read write search}; -allow hdcp_rp22 mnt_user_file:file {open read write getattr}; -allow hdcp_rp22 mnt_user_file:lnk_file {open read write getattr}; -allow hdcp_rp22 fuse:dir {create open read write search add_name getattr}; -allow hdcp_rp22 fuse:file {open create read write getattr}; -allow hdcp_rp22 fuse:file rw_file_perms; -#allow hdcp_rp22 app_data_file:file rw_file_perms; -#allow hdcp_rp22 app_data_file:dir search; -allow hdcp_rp22 fuse:lnk_file {open read write getattr}; -allow hdcp_rp22 { mnt_user_file storage_file }:dir { create open read write search add_name getattr }; -allow hdcp_rp22 { mnt_user_file storage_file }:lnk_file { open read write getattr }; -allow hdcp_rp22 sysfs_cec:dir { search open }; -allow hdcp_rp22 sysfs_cec:file { read open write getattr }; -allow hdcp_rp22 sysfs_amhdmitx:dir search; -allow hdcp_rp22 sysfs_amhdmitx:file { getattr open read write ioctl }; -allow hdcp_rp22 mnt_vendor_file:dir {search}; diff --git a/sepolicy/hdmicecd.te b/sepolicy/hdmicecd.te index 45fc087..697cf50 100644 --- a/sepolicy/hdmicecd.te +++ b/sepolicy/hdmicecd.te @@ -12,9 +12,7 @@ allow hdmicecd { hdmicecd_hwservice hidl_base_hwservice }:hwservice_manager { a allow hdmicecd cec_device:chr_file { open read write ioctl }; allow hdmicecd hwservicemanager_prop:file { open read getattr }; -allow hdmicecd system_control:binder { call transfer }; -allow hdmicecd systemcontrol_hwservice:hwservice_manager { find }; - allow hdmicecd { hal_tv_cec_default system_app }:binder { call transfer }; -allow hdmicecd vendor_platform_prop:file { open read getattr }; +allow hdmicecd systemcontrol_hwservice:hwservice_manager find; +allow hdmicecd system_control:binder { call transfer }; diff --git a/sepolicy/hwservice.te b/sepolicy/hwservice.te index 27188b0..a37e6fb 100644 --- a/sepolicy/hwservice.te +++ b/sepolicy/hwservice.te @@ -3,4 +3,4 @@ type hdmicecd_hwservice, hwservice_manager_type; type droidvold_hwservice, hwservice_manager_type; type tvserver_hwservice, hwservice_manager_type; type remotecontrol_hwservice, hwservice_manager_type; -type imageserver_hwservice, hwservice_manager_type; + diff --git a/sepolicy/hwservice_contexts b/sepolicy/hwservice_contexts index 9daa08b..2f4e22f 100644 --- a/sepolicy/hwservice_contexts +++ b/sepolicy/hwservice_contexts @@ -3,4 +3,4 @@ vendor.amlogic.hardware.hdmicec::IDroidHdmiCEC u:object_r:hd vendor.amlogic.hardware.droidvold::IDroidVold u:object_r:droidvold_hwservice:s0 vendor.amlogic.hardware.tvserver::ITvServer u:object_r:tvserver_hwservice:s0 vendor.amlogic.hardware.remotecontrol::IRemoteControl u:object_r:remotecontrol_hwservice:s0 -vendor.amlogic.hardware.imageserver::IImageService u:object_r:imageserver_hwservice:s0 + diff --git a/sepolicy/hwservicemanager.te b/sepolicy/hwservicemanager.te index 65bc9f8..697b434 100644 --- a/sepolicy/hwservicemanager.te +++ b/sepolicy/hwservicemanager.te @@ -17,8 +17,3 @@ allow hwservicemanager tvserver:binder { call transfer }; allow hwservicemanager tvserver:dir { search }; allow hwservicemanager tvserver:file { read open }; allow hwservicemanager tvserver:process { getattr }; - -allow hwservicemanager imageserver:binder { call transfer }; -allow hwservicemanager imageserver:dir { search }; -allow hwservicemanager imageserver:file { read open }; -allow hwservicemanager imageserver:process { getattr }; diff --git a/sepolicy/imageserver.te b/sepolicy/imageserver.te index 9f72266..4f68d0e 100644 --- a/sepolicy/imageserver.te +++ b/sepolicy/imageserver.te @@ -42,5 +42,3 @@ allow imageserver vendor_file:file { execute }; #allow imageserver kernel:system module_request; #allow imageserver tmpfs:dir { getattr search }; -set_prop(imageserver, hwservicemanager_prop) -get_prop(imageserver, hwservicemanager_prop) diff --git a/sepolicy/mediacodec.te b/sepolicy/mediacodec.te index 2f04503..d053773 100644 --- a/sepolicy/mediacodec.te +++ b/sepolicy/mediacodec.te @@ -21,4 +21,3 @@ allow mediacodec sysfs_am_vecm:file { read write open getattr }; allow mediacodec uio_device:chr_file rw_file_perms; allow mediacodec audio_device:chr_file { setattr open read write }; allow mediacodec sysfs_audio:file { open read write }; -allow mediacodec vendor_platform_prop:file { open read getattr }; diff --git a/sepolicy/mediaextractor.te b/sepolicy/mediaextractor.te index 83fb9b0..76c843f 100644 --- a/sepolicy/mediaextractor.te +++ b/sepolicy/mediaextractor.te @@ -1,21 +1,10 @@ -allow mediaextractor init:unix_stream_socket { connectto }; get_prop(mediaextractor, media_prop) -get_prop(mediaextractor, vendor_default_prop) -get_prop(mediaextractor, vendor_platform_prop) allow mediaextractor vfat:file { read getattr }; allow mediaextractor fuseblk:file { read getattr }; allow mediaextractor fuse:file { read getattr }; allow mediaextractor sdcardfs:file { read getattr }; allow mediaextractor system_server:fifo_file { write getattr append }; -allow mediaextractor same_process_hal_file:dir { read open }; -allow mediaextractor same_process_hal_file:file { read open getattr execute}; +#allow mediaextractor vendor_file:file { read open getattr execute }; allow platform_app iso9660:dir { search open read getattr }; allow platform_app iso9660:file { open read getattr }; - -allow mediaextractor exfat:file { read getattr }; -allow mediaextractor property_socket:sock_file write; - -allow mediaextractor bootanim:fd { use }; -allow mediaextractor system_data_file:file { read getattr }; - diff --git a/sepolicy/mediaprovider.te b/sepolicy/mediaprovider.te index c6b1a83..85882e5 100644 --- a/sepolicy/mediaprovider.te +++ b/sepolicy/mediaprovider.te @@ -1,5 +1 @@ allow mediaprovider media_prop:file { getattr open read }; - -allow mediaprovider fuseblk:dir { open read search }; -allow mediaprovider fuseblk:file { getattr open read }; - diff --git a/sepolicy/mediaserver.te b/sepolicy/mediaserver.te index 63b44f2..0152b22 100644 --- a/sepolicy/mediaserver.te +++ b/sepolicy/mediaserver.te @@ -9,9 +9,3 @@ allow mediaserver sysfs_video:file rw_file_perms; allow mediaserver sysfs_audio:file rw_file_perms; get_prop(mediaserver, media_prop) -get_prop(mediaserver, vendor_platform_prop) - -allow mediaserver bootanim:binder { call transfer }; -allow mediaserver bootanim:fd use; -allow mediaserver system_data_file:file { read getattr }; - diff --git a/sepolicy/platform_app.te b/sepolicy/platform_app.te index 7a112d8..44c7e5a 100644 --- a/sepolicy/platform_app.te +++ b/sepolicy/platform_app.te @@ -15,6 +15,3 @@ allow platform_app droidvold:binder { call transfer }; allow platform_app tvserver_hwservice:hwservice_manager { find }; allow platform_app tvserver:binder { call transfer }; - -allow platform_app imageserver_hwservice:hwservice_manager { find }; -allow platform_app imageserver:binder { call transfer }; diff --git a/sepolicy/priv_app.te b/sepolicy/priv_app.te index 5758d64..5889379 100644 --- a/sepolicy/priv_app.te +++ b/sepolicy/priv_app.te @@ -16,11 +16,4 @@ allow priv_app device:dir { read search open }; allow priv_app proc_stat:file { getattr open }; allow priv_app { su_exec bootanim_exec bootstat_exec }:file { getattr }; -allow priv_app proc_uptime:file read; - -allow priv_app tvserver_hwservice:hwservice_manager { find }; -allow priv_app systemcontrol_hwservice:hwservice_manager { find }; -allow priv_app system_control:binder call; -allow priv_app tvserver:binder { call transfer }; -allow priv_app param_tv_file:file { create open read write setattr getattr lock unlink }; -allow priv_app param_tv_file:dir { search read open write add_name remove_name getattr }; +allow priv_app proc_uptime:file read;
\ No newline at end of file diff --git a/sepolicy/property.te b/sepolicy/property.te index 9c650b1..a3e38fb 100644 --- a/sepolicy/property.te +++ b/sepolicy/property.te @@ -6,6 +6,3 @@ type tv_prop, property_type; type bcmdl_prop, property_type; type ctl_dhcp_pan_prop, property_type; type netflix_prop, property_type; -type vendor_platform_prop, property_type; -type vendor_persist_prop, property_type; -type vendor_app_prop, property_type;
\ No newline at end of file diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts index 03cc3f3..81cf3d1 100644 --- a/sepolicy/property_contexts +++ b/sepolicy/property_contexts @@ -1,24 +1,11 @@ media. u:object_r:media_prop:s0 -ro.media. u:object_r:media_prop:s0 -sys.media. u:object_r:media_prop:s0 -sys.subtitle. u:object_r:media_prop:s0 -ro.audio. u:object_r:media_prop:s0 -persist.vendor.audio. u:object_r:media_prop:s0 -persist.vendor.media. u:object_r:media_prop:s0 -drm. u:object_r:media_prop:s0 ubootenv. u:object_r:uboot_prop:s0 ro.ubootenv. u:object_r:uboot_prop:s0 const.filesystem. u:object_r:aml_display_prop:s0 snd. u:object_r:tv_config_prop:s0 tv. u:object_r:tv_prop:s0 -persist.tv. u:object_r:tv_prop:s0 bcmdl_status u:object_r:bcmdl_prop:s0 wc_transport u:object_r:bluetooth_prop:s0 rc_hidraw_fd u:object_r:bluetooth_prop:s0 vendor.display-size u:object_r:netflix_prop:s0 ro.vendor.nrdp. u:object_r:netflix_prop:s0 -ro.vendor.platform u:object_r:vendor_platform_prop:s0 -persist.vendor.sys u:object_r:vendor_persist_prop:s0 -vendor.sys u:object_r:vendor_platform_prop:s0 -ro.vendor.app u:object_r:vendor_app_prop:s0 - diff --git a/sepolicy/rc_server.te b/sepolicy/rc_server.te deleted file mode 100644 index ed0c33c..0000000 --- a/sepolicy/rc_server.te +++ b/dev/null @@ -1,14 +0,0 @@ -type rc_server, domain; -type rc_server_exec, exec_type, vendor_file_type, file_type; - -init_daemon_domain(rc_server) - -allow rc_server vndbinder_device:chr_file rw_file_perms; - -vndbinder_use(rc_server); -hwbinder_use(rc_server); - -allow rc_server remotecontrol_hwservice:hwservice_manager add; -allow rc_server hidl_base_hwservice:hwservice_manager add; - -get_prop(rc_server, hwservicemanager_prop); diff --git a/sepolicy/recovery.te b/sepolicy/recovery.te index a528323..e2f49eb 100644 --- a/sepolicy/recovery.te +++ b/sepolicy/recovery.te @@ -1,3 +1,4 @@ +allow recovery aml_display_prop:property_service set; allow recovery input_device:chr_file write; allow recovery kmsg_device:chr_file { write open read }; allow recovery self:netlink_kobject_uevent_socket { create setopt bind read }; @@ -5,6 +6,7 @@ allow recovery sysfs_xbmc:file { read write open }; allow recovery system_prop:property_service set; allow recovery self:capability net_admin; +allow recovery uboot_prop:property_service set; allow recovery rootfs:dir create_dir_perms; allow recovery sysfs:dir mounton; @@ -18,6 +20,7 @@ allow recovery device:dir rw_dir_perms; allow recovery bootloader_device:chr_file rw_file_perms; allow recovery defendkey_device:chr_file rw_file_perms; allow recovery dtb_device:chr_file { open read write }; +allow recovery aml_display_prop:property_service set; allow recovery recovery:capability { net_admin }; allow recovery sysfs_unifykey:dir search; @@ -29,13 +32,9 @@ allow recovery sysfs_am_vecm:file { open read write }; allow recovery sysfs_audio_cap:file r_file_perms; allow recovery sysfs_cec:file rw_file_perms; -#--------------------------------------------------------------------# -# product_shipping_api_level=28 vendor/system cannot share prop -#--------------------------------------------------------------------# -#get_prop(recovery, aml_display_prop) -get_prop(recovery, uboot_prop) -get_prop(recovery, bluetooth_prop) -get_prop(recovery, vendor_platform_prop) +set_prop(recovery, aml_display_prop) +set_prop(recovery, uboot_prop) +set_prop(recovery, bluetooth_prop) set_prop(recovery, boottime_prop) set_prop(recovery, ctl_bootanim_prop) @@ -63,7 +62,7 @@ allow recovery cache_file:dir mounton; allow recovery tmpfs:blk_file write; allow recovery sysfs:dir { open read }; -allow recovery sysfs_display:file { open read write }; +allow recovery sysfs_display:file read; allow recovery sysfs_video:dir search; allow recovery sysfs_store:file { open read write getattr }; @@ -131,12 +130,6 @@ allow recovery sysfs_display:lnk_file { open read write getattr }; allow init reco_file:file { open read create write }; get_prop(recovery, aml_display_prop) -allow recovery aml_display_prop:file { getattr open read }; -allow recovery bluetooth_a2dp_offload_prop:file { getattr open }; -allow recovery exported_audio_prop:file { getattr open }; -allow recovery exported_bluetooth_prop:file { getattr open }; -allow recovery exported_overlay_prop:file { getattr open }; -allow recovery exported_wifi_prop:file { getattr open }; allow shell tmpfs:file {open read getattr}; allow shell rootfs:file {execute_no_trans}; diff --git a/sepolicy/sdcardd.te b/sepolicy/sdcardd.te index ffcc5be..88c5b2e 100644 --- a/sepolicy/sdcardd.te +++ b/sepolicy/sdcardd.te @@ -6,5 +6,3 @@ allow sdcardd vold:unix_stream_socket { read write }; # for exfat allow sdcardd unlabeled:dir { open read write getattr search }; allow sdcardd unlabeled:file { open read write getattr }; - -allow sdcardd storage_file:dir mounton; diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te index d0c8c64..474383d 100644 --- a/sepolicy/system_app.te +++ b/sepolicy/system_app.te @@ -1,8 +1,7 @@ allow system_app sysfs_mpgpu_scale:file { read write open }; allow system_app cache_recovery_file:dir { search read open write add_name remove_name }; -allow system_app cache_recovery_file:file { create getattr setattr open read write unlink }; -allow system_app cache_file:dir {search open read write unlink add_name remove_name}; -allow system_app cache_file:file {create getattr write open unlink read}; +allow system_app cache_recovery_file:file { create getattr open read write unlink }; + allow system_app update_engine:binder {call transfer}; allow system_app rootfs:dir { getattr }; @@ -43,29 +42,15 @@ allow system_app sysfs_clock:file { getattr open read }; allow sysfs_display tmpfs:filesystem associate; allow system_app sysfs_display:dir search; -allow system_app sysfs_display:dir search; allow system_app sysfs_display:file { read write open getattr }; -#--------------------------------------------------------------------# -# product_shipping_api_level=28 vendor/system cannot share prop -#--------------------------------------------------------------------# get_prop(system_app, tv_prop) -#set_prop(system_app, media_prop) -get_prop(system_app, media_prop) -#set_prop(system_app, netflix_prop) -get_prop(system_app, netflix_prop) -get_prop(system_app, vendor_platform_prop) -get_prop(system_app, vendor_app_prop) - +set_prop(system_app, media_prop) +set_prop(system_app, netflix_prop) allow system_app vbi_device:chr_file { read write open ioctl }; allow system_app vendor_file:file r_file_perms; allow system_app sysfs_video:dir { search }; allow system_app sysfs_video:file r_file_perms; allow system_app sysfs_amhdmitx:dir search; allow system_app sysfs_amhdmitx:file { getattr open read }; -allow system_app vendor_app_file:file { read open getattr execute }; -allow system_app dvb_device:chr_file { open read write ioctl }; -allow system_app codec_device:chr_file { open read write ioctl getattr}; -allow system_app param_tv_file:file { create open read write setattr getattr lock unlink }; -allow system_app param_tv_file:dir { search read open write add_name remove_name getattr }; - +allow system_app vendor_app_file:file execute; diff --git a/sepolicy/system_control.te b/sepolicy/system_control.te index 834d894..d7d3df3 100644 --- a/sepolicy/system_control.te +++ b/sepolicy/system_control.te @@ -22,7 +22,7 @@ allow system_control vendor_shell_exec:file execute_no_trans; allow system_control vendor_file:file execute_no_trans; allow system_control sysfs_display:dir search; -allow system_control sysfs_di:dir search; + #unix_socket_connect(system_control, vold, vold); #unix_socket_connect(system_control, property, init); @@ -33,53 +33,39 @@ allow system_control sysfs_amvdec:file { open read write }; allow system_control mnt_vendor_file:dir { search read open remove_name rmdir }; allow system_control mnt_vendor_file:file { setattr getattr lock unlink }; -#Property Service write -#--------------------------------------------------------------------# -# product_shipping_api_level=28 vendor/system cannot share prop -#--------------------------------------------------------------------# +# Property Service write +set_prop(system_control, system_prop) +set_prop(system_control, dhcp_prop) +set_prop(system_control, net_radio_prop) +set_prop(system_control, system_radio_prop) +set_prop(system_control, debug_prop) +set_prop(system_control, powerctl_prop) + get_prop(system_control, tv_config_prop) get_prop(system_control, bcmdl_prop) get_prop(system_control, safemode_prop) get_prop(system_control, mmc_prop) get_prop(system_control, device_logging_prop) -get_prop(system_control, vendor_platform_prop) -set_prop(system_control, vendor_platform_prop) -get_prop(system_control, vendor_default_prop) set_prop(system_control, media_prop) -get_prop(system_control, media_prop) get_prop(system_control, aml_display_prop) set_prop(system_control, uboot_prop) -get_prop(system_control, uboot_prop) set_prop(system_control, tv_prop) set_prop(system_control, netflix_prop) -get_prop(system_control, tv_prop) - -set_prop(system_control, vendor_persist_prop) -get_prop(system_control, vendor_persist_prop) - -set_prop(system_control, netflix_prop) -get_prop(system_control, netflix_prop) -#get_prop(system_control, wifi_prop) +get_prop(system_control, wifi_prop) set_prop(system_control, boottime_prop) -get_prop(system_control, boottime_prop) #get_prop(system_control, firstboot_prop) #get_prop(system_control, serialno_prop) set_prop(system_control, overlay_prop) -get_prop(system_control, overlay_prop) set_prop(system_control, net_dns_prop) -get_prop(system_control, net_dns_prop) set_prop(system_control, logpersistd_logging_prop) -get_prop(system_control, logpersistd_logging_prop) set_prop(system_control, hwservicemanager_prop) -get_prop(system_control, hwservicemanager_prop) set_prop(system_control, dumpstate_options_prop) -#set_prop(system_control, bluetooth_prop) +set_prop(system_control, bluetooth_prop) set_prop(system_control, persistent_properties_ready_prop) -get_prop(system_control, persistent_properties_ready_prop) get_prop(system_control, system_boot_reason_prop) @@ -91,7 +77,6 @@ set_prop(system_control, ctl_bugreport_prop) allow system_control block_device:dir r_dir_perms; allow system_control sysfs_audio_cap:file {open getattr read}; -allow system_control sysfs_audio:file {open getattr read}; allow system_control sysfs_video:file rw_file_perms; allow system_control { sysfs_video sysfs_cec sysfs_am_vecm }:dir { search }; allow system_control sysfs_cec:file rw_file_perms; @@ -108,7 +93,7 @@ allow system_control appdomain:dir { getattr search }; allow system_control appdomain:file { r_file_perms }; allow system_control platform_app:dir { search }; -allow system_control param_tv_file:dir { search read write open add_name remove_name rmdir create }; +allow system_control param_tv_file:dir { search read write open add_name remove_name rmdir }; allow system_control param_tv_file:file { create open read write setattr getattr lock unlink }; #allow system_control shell_exec:file { execute_no_trans execute open read getattr }; @@ -129,7 +114,6 @@ allow system_control param_tv_file:dir { write search add_name create }; allow system_control param_tv_file:file { create read write open getattr }; allow system_control sysfs_amhdmitx:dir search; allow system_control sysfs_amvdec:file { create open read write getattr}; -allow system_control sysfs_xbmc:file { read open }; allow system_control vendor_configs_file:file { ioctl lock }; allow system_control sysfs_display:lnk_file { read write open getattr }; @@ -138,8 +122,3 @@ allow system_control { sysfs_display sysfs_am_vecm sysfs_display sysfs_amhdmitx allow system_control sysfs_unifykey:dir { search }; allow system_control sysfs_unifykey:file { read write open }; allow system_control unlabeled:dir search; -allow system_control sysfs_mpgpu_scale:file { read write open } ; -allow system_control hdmirx0_device:chr_file { read write open ioctl getattr }; - -allow system_control exported_system_prop:file { read } ; -get_prop(system_control, exported_system_prop);
\ No newline at end of file diff --git a/sepolicy/system_server.te b/sepolicy/system_server.te index f9b2520..ef5133b 100644 --- a/sepolicy/system_server.te +++ b/sepolicy/system_server.te @@ -31,7 +31,7 @@ allow system_server sysfs:dir r_dir_perms; allow system_server sysfs_rtc:file { read write open getattr }; r_dir_file(system_server, sysfs_hdmi) -allow system_server sysfs_hdmi:file { read write open getattr }; +allow system_server sysfs_hdmi:file write; allow system_server sysfs_display:lnk_file { read write open getattr }; allow system_server sysfs_display:file { read write open getattr }; diff --git a/sepolicy/tee.te b/sepolicy/tee.te index 1a6775e..137d092 100644 --- a/sepolicy/tee.te +++ b/sepolicy/tee.te @@ -17,4 +17,3 @@ allow tee unlabeled:file { open read rename write }; allow tee hidraw_device:chr_file { create read open write ioctl }; allow tee vendor_file:file { read open getattr execute }; -allow tee param_tv_file:dir { search }; diff --git a/sepolicy/tvserver.te b/sepolicy/tvserver.te index fa241a4..c10e154 100644 --- a/sepolicy/tvserver.te +++ b/sepolicy/tvserver.te @@ -24,7 +24,6 @@ get_prop(tvserver, media_prop) get_prop(tvserver, tv_prop) set_prop(tvserver, tv_prop) set_prop(tvserver, tv_config_prop) -get_prop(tvserver, vendor_default_prop) allow tvserver tv_prop:file { read open getattr }; allow tvserver proc:file { read write open ioctl getattr }; @@ -61,15 +60,5 @@ allow tvserver mnt_vendor_file:file { create open write setattr getattr lock rea allow tvserver platform_app:binder { call }; allow tvserver sysfs:file { read write open }; -#add for search channel -allow tvserver dvb_device:chr_file { open read write ioctl }; -allow tvserver frontend_device:chr_file { open read write ioctl }; -allow tvserver priv_app:binder { call }; -allow tvserver codec_device:chr_file { read write open ioctl }; - -#add for timeshift -allow tvserver vendor_data_file:dir { search remove_name write add_name create }; -allow tvserver vendor_data_file:file { unlink write create open read getattr }; - allow tvserver sysfs_amhdmitx:dir search; allow tvserver sysfs_amhdmitx:file { write open read getattr }; diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te index 08ca710..90d4bea 100644 --- a/sepolicy/vendor_init.te +++ b/sepolicy/vendor_init.te @@ -7,7 +7,6 @@ allow vendor_init rootfs:dir { create_dir_perms relabelfrom }; allow vendor_init sysfs_devices_system_cpu:file { create }; allow vendor_init debugfs:dir { mounton }; -allow vendor_init debugfs:file { read write }; allow vendor_init update_data_file:file { read }; @@ -20,20 +19,8 @@ allow vendor_init self:capability sys_module; allow vendor_init proc:file write; allow vendor_init unlabeled:dir search; -allow vendor_init ffs_prop:property_service set; # optee allow vendor_init drm_device:chr_file setattr; # allow init mount a new filesystem and set its selinux contexts allow vendor_init unlabeled:dir { getattr read relabelfrom setattr }; - -set_prop(vendor_init, vendor_platform_prop) -set_prop(vendor_init, shell_prop) -set_prop(vendor_init, vendor_app_prop) -set_prop(vendor_init, media_prop) -set_prop(vendor_init, aml_display_prop) -set_prop(vendor_init, tv_config_prop) -set_prop(vendor_init, tv_prop) -set_prop(vendor_init, netflix_prop) -set_prop(vendor_init, vold_prop) -set_prop(vendor_init, config_prop) diff --git a/sepolicy/vold.te b/sepolicy/vold.te index 3a5d396..dffc5bf 100644 --- a/sepolicy/vold.te +++ b/sepolicy/vold.te @@ -6,7 +6,3 @@ allow vold param_tv_file:dir { ioctl open read }; #for hw keymaster allow vold drm_device:chr_file {open read write ioctl}; - -allow vold fsck_exec:file {execute read open }; -allow vold kernel:system module_request; - |