diff --git a/generic/vendor/common/hal_graphics_composer_default.te b/generic/vendor/common/hal_graphics_composer_default.te index 04f9396a..ff8de15f 100644 --- a/generic/vendor/common/hal_graphics_composer_default.te +++ b/generic/vendor/common/hal_graphics_composer_default.te @@ -87,6 +87,9 @@ unix_socket_connect(hal_graphics_composer_default, vendor_qdcmsocket, vendor_qdc #allow composer to find hal_perf hal_client_domain(hal_graphics_composer_default, vendor_hal_perf); +#allow composer to find hal_qspmhal +hal_client_domain(hal_graphics_composer_default, vendor_hal_qspmhal); + # Allow access to qipcrtr_socket # Remove this when QMI service moves to pfmd allow hal_graphics_composer self:{ socket qipcrtr_socket } create_socket_perms; diff --git a/legacy/vendor/common/dumpstate.te b/legacy/vendor/common/dumpstate.te index e6bf37bb..238f5187 100644 --- a/legacy/vendor/common/dumpstate.te +++ b/legacy/vendor/common/dumpstate.te @@ -42,3 +42,4 @@ allow dumpstate debugfs_mmc:dir search; binder_call(dumpstate, hal_light_default) binder_call(dumpstate, hal_power_default) +binder_call(dumpstate, rild) diff --git a/qva/vendor/bengal/init.te b/qva/vendor/bengal/init.te new file mode 100644 index 00000000..b4a8385d --- /dev/null +++ b/qva/vendor/bengal/init.te @@ -0,0 +1,4 @@ +# Copyright (c) 2024 Qualcomm Innovation Center, Inc. All rights reserved. +# SPDX-License-Identifier: BSD-3-Clause-Clear + +allow init vendor_sysfs_graphics:lnk_file r_file_perms; diff --git a/qva/vendor/common/dumpstate.te b/qva/vendor/common/dumpstate.te index c6c8e323..540afc01 100644 --- a/qva/vendor/common/dumpstate.te +++ b/qva/vendor/common/dumpstate.te @@ -48,3 +48,4 @@ binder_call(dumpstate, hal_light_default) binder_call(dumpstate, hal_power_default) binder_call(dumpstate, vendor_sxrd_vndr) binder_call(dumpstate, vendor_qvrd_vndr) +binder_call(dumpstate, rild) diff --git a/qva/vendor/common/property_contexts b/qva/vendor/common/property_contexts index 3fb8af55..c9157b60 100644 --- a/qva/vendor/common/property_contexts +++ b/qva/vendor/common/property_contexts @@ -32,6 +32,7 @@ persist.vendor.cnd. u:object_r:vendor_cnd_vendor_prop:s0 ctl.vendor.dataadpl u:object_r:vendor_dataadpl_prop:s0 vendor.spcom. u:object_r:vendor_spcomlib_prop:s0 persist.vendor.bt.soc.scram_freqs u:object_r:vendor_bluetooth_prop:s0 +persist.vendor.bt.a2dp_offload_cap u:object_r:vendor_bluetooth_prop:s0 ctl.vendor.mdm_helper u:object_r:vendor_mdm_helper_prop:s0 ctl.vendor.hvdcp_opti u:object_r:vendor_hvdcp_opti_prop:s0 diff --git a/qva/vendor/common/vendor_init.te b/qva/vendor/common/vendor_init.te index 0ffc2fe1..db84646a 100644 --- a/qva/vendor/common/vendor_init.te +++ b/qva/vendor/common/vendor_init.te @@ -51,6 +51,7 @@ set_prop(vendor_init, vendor_mpctl_prop) userdebug_or_eng(` set_prop(vendor_init, vendor_audio_debug_prop) + get_prop(vendor_init, persist_debug_prop) ') set_prop(vendor_init, vendor_disable_spu_prop) diff --git a/qva/vendor/common/wcnss_service.te b/qva/vendor/common/wcnss_service.te index 7b68a048..7fd8bd28 100644 --- a/qva/vendor/common/wcnss_service.te +++ b/qva/vendor/common/wcnss_service.te @@ -39,3 +39,6 @@ allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file create_file_p allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:sock_file rw_file_perms; allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file create_file_perms; allow vendor_wcnss_service vendor_wifi_vendor_wpa_socket:file rw_file_perms; + +# allow vendor_wcnss_service vendor_hal_perf_hwservice:hwservice_manager find +hal_client_domain(vendor_wcnss_service, vendor_hal_perf) diff --git a/qva/vendor/kona/file_contexts b/qva/vendor/kona/file_contexts index 482f88e5..e0d98939 100644 --- a/qva/vendor/kona/file_contexts +++ b/qva/vendor/kona/file_contexts @@ -31,9 +31,6 @@ /(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face@1\.0-service u:object_r:vendor_biometricsface_exec:s0 -#umd_service -/vendor/bin/hw/vendor\.qti\.hardware\.umd@1\.0-service u:object_r:vendor_hal_umd_qti_exec:s0 - # nordic node file /(vendor|system/vendor)/bin/hw/vendor\.shadowcreator\.hardware\.nordic@1\.0-service u:object_r:vendor_hal_nordic_default_exec:s0 /(vendor|system/vendor)/bin/hw/vendor\.kineticsxr\.hardware\.nordic@1\.0-service u:object_r:vendor_hal_nordic_default_exec:s0 diff --git a/qva/vendor/kona/hwservice.te b/qva/vendor/kona/hwservice.te index 1bb1c9bd..ef067e50 100644 --- a/qva/vendor/kona/hwservice.te +++ b/qva/vendor/kona/hwservice.te @@ -3,4 +3,3 @@ # hal nordic hwservice type vendor_hal_nordic_hwservice, hwservice_manager_type,protected_hwservice; -type vendor_hal_umd_hwservice, hwservice_manager_type; diff --git a/qva/vendor/kona/hwservice_contexts b/qva/vendor/kona/hwservice_contexts index c4bf2bd4..d80fcf27 100644 --- a/qva/vendor/kona/hwservice_contexts +++ b/qva/vendor/kona/hwservice_contexts @@ -4,4 +4,3 @@ # hal nordic hwservice vendor.kineticsxr.hardware.nordic::INordic u:object_r:vendor_hal_nordic_hwservice:s0 vendor.shadowcreator.hardware.nordic::INordic u:object_r:vendor_hal_nordic_hwservice:s0 -vendor.qti.hardware.umd::IUMDAdaptor u:object_r:vendor_hal_umd_hwservice:s0 diff --git a/qva/vendor/kona/umdservice.te b/qva/vendor/kona/umdservice.te deleted file mode 100644 index 884d1df0..00000000 --- a/qva/vendor/kona/umdservice.te +++ /dev/null @@ -1,18 +0,0 @@ -# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. -# SPDX-License-Identifier: BSD-3-Clause-Clear - -#Define domain -type vendor_hal_umd_qti, domain; -type vendor_hal_umd_qti_exec, file_type, vendor_file_type, exec_type; - -#Allow for transition from init domain to umdservice -init_daemon_domain(vendor_hal_umd_qti) - -#Allow a base set of permissions required -hal_server_domain(vendor_hal_umd_qti, vendor_hal_umd) -binder_call(vendor_hal_umd_client, vendor_hal_umd_server) -binder_call(vendor_hal_umd_server, vendor_hal_umd_client) - -#Ability for domain to get vendor_hal_umd_hwservice to hwservice_manager -#and find it -hal_attribute_hwservice(vendor_hal_umd, vendor_hal_umd_hwservice) diff --git a/qva/vendor/lahaina/file_contexts b/qva/vendor/lahaina/file_contexts index 54c0e6f5..e7faea3c 100644 --- a/qva/vendor/lahaina/file_contexts +++ b/qva/vendor/lahaina/file_contexts @@ -25,37 +25,9 @@ # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# Changes from Qualcomm Innovation Center are provided under the following license: # Copyright (c) 2022-2023 Qualcomm Innovation Center, Inc. All rights reserved. -# -# Redistribution and use in source and binary forms, with or without -# modification, are permitted (subject to the limitations in the -# disclaimer below) provided that the following conditions are met: -# -# * Redistributions of source code must retain the above copyright -# notice, this list of conditions and the following disclaimer. -# -# * Redistributions in binary form must reproduce the above -# copyright notice, this list of conditions and the following -# disclaimer in the documentation and/or other materials provided -# with the distribution. -# -# * Neither the name of Qualcomm Innovation Center, Inc. nor the names of its -# contributors may be used to endorse or promote products derived -# from this software without specific prior written permission. -# -# NO EXPRESS OR IMPLIED LICENSES TO ANY PARTY'S PATENT RIGHTS ARE -# GRANTED BY THIS LICENSE. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT -# HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED -# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. -# IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR -# ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL -# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE -# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS -# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER -# IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR -# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN -# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# SPDX-License-Identifier: BSD-3-Clause-Clear /(vendor|system/vendor)/bin/hw/android\.hardware\.biometrics\.face@1\.0-service u:object_r:vendor_biometricsface_exec:s0 @@ -81,3 +53,9 @@ #aidirector /dev/snd/controlC0 u:object_r:vendor_aid_audio_device:s0 + +#umd_service +/vendor/bin/hw/vendor\.qti\.hardware\.umd@1\.0-service u:object_r:vendor_hal_umd_qti_exec:s0 + +#uac +/dev/snd/pcmC[1-9].* u:object_r:vendor_pcm_device:s0 diff --git a/qva/vendor/lahaina/genfs_contexts b/qva/vendor/lahaina/genfs_contexts index e4214803..3adf09d3 100644 --- a/qva/vendor/lahaina/genfs_contexts +++ b/qva/vendor/lahaina/genfs_contexts @@ -25,6 +25,10 @@ # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +#Changes from Qualcomm Innovation Center, Inc. are provided under the following license: +#Copyright (c) 2024 Qualcomm Innovation Center, Inc. All rights reserved. +#SPDX-License-Identifier: BSD-3-Clause-Clear + #net sysfs genfscon sysfs /devices/platform/soc/1c00000.qcom,pcie/pci0000:00/0000:00:00.0/0000:01:00.0/net u:object_r:sysfs_net:s0 @@ -34,3 +38,12 @@ genfscon sysfs /devices/platform/soc/c440000.qcom,spmi/spmi-0/spmi0-08/c440000.q #Modem & ADSP related wakeup nodes. genfscon sysfs /devices/platform/soc/4080000.qcom,mss/subsys3/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/soc/3700000.qcom,lpass/subsys4/wakeup u:object_r:sysfs_wakeup:s0 + +#wakeup nodes listed from SuspendSepolicyTests.sh +genfscon sysfs /devices/platform/soc/soc:qcom,wpss@8a00000/subsys3/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/soc/3700000.qcom,lpass/subsys5/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/soc/990000.qcom,qup_uart/wakeup u:object_r:sysfs_wakeup:s0 + +#HDMI nodes +genfscon sysfs /devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon0/cable.1/ u:object_r:vendor_sysfs_graphics:s0 +genfscon sysfs /devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon1/cable.1/ u:object_r:vendor_sysfs_graphics:s0 diff --git a/qva/vendor/lahaina/hal_audio_default.te b/qva/vendor/lahaina/hal_audio_default.te index ddeebb21..3a0859c7 100644 --- a/qva/vendor/lahaina/hal_audio_default.te +++ b/qva/vendor/lahaina/hal_audio_default.te @@ -3,3 +3,6 @@ #Allow audio hal access to aid audio node allow hal_audio_default vendor_aid_audio_device:chr_file rw_file_perms; + +#Allow audio hal to communicate to usb pcm node +allow hal_audio_default vendor_pcm_device:chr_file rw_file_perms; diff --git a/qva/vendor/lahaina/hal_camera.te b/qva/vendor/lahaina/hal_camera.te index 875c1063..116f848e 100644 --- a/qva/vendor/lahaina/hal_camera.te +++ b/qva/vendor/lahaina/hal_camera.te @@ -8,3 +8,7 @@ typeattribute hal_camera_default hal_audio_client; allow hal_camera_default vendor_aid_audio_device:chr_file rw_file_perms; allow hal_camera_default audio_device:dir r_dir_perms; get_prop(hal_camera_default, vendor_audio_prop) + +#Allow camera to read vendor_umd_prop and binder call vendor_hal_umd_qti +get_prop(hal_camera_default, vendor_umd_prop) +binder_call(vendor_hal_umd_qti, hal_camera_default); diff --git a/qva/vendor/lahaina/hwservice.te b/qva/vendor/lahaina/hwservice.te index 89668ae5..dfd6b648 100644 --- a/qva/vendor/lahaina/hwservice.te +++ b/qva/vendor/lahaina/hwservice.te @@ -25,4 +25,10 @@ # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# Changes from Qualcomm Innovation Center are provided under the following license: + +# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. +# SPDX-License-Identifier: BSD-3-Clause-Clear + type vendor_hal_eid_hwservice, hwservice_manager_type, protected_hwservice; +type vendor_hal_umd_hwservice, hwservice_manager_type, protected_hwservice; diff --git a/qva/vendor/lahaina/hwservice_contexts b/qva/vendor/lahaina/hwservice_contexts index 86887552..e2826495 100644 --- a/qva/vendor/lahaina/hwservice_contexts +++ b/qva/vendor/lahaina/hwservice_contexts @@ -25,4 +25,10 @@ # OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN # IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +# Changes from Qualcomm Innovation Center are provided under the following license: + +# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. +# SPDX-License-Identifier: BSD-3-Clause-Clear + vendor.qti.hardware.eid::IEid u:object_r:vendor_hal_eid_hwservice:s0 +vendor.qti.hardware.umd::IUMDAdaptor u:object_r:vendor_hal_umd_hwservice:s0 diff --git a/qva/vendor/lahaina/platform_app.te b/qva/vendor/lahaina/platform_app.te new file mode 100644 index 00000000..05800760 --- /dev/null +++ b/qva/vendor/lahaina/platform_app.te @@ -0,0 +1,7 @@ +# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. +# SPDX-License-Identifier: BSD-3-Clause-Clear + +#allow platform_app to read vendor_umd_prop +get_prop(platform_app, vendor_umd_prop) + +hal_client_domain(platform_app, vendor_hal_umd) \ No newline at end of file diff --git a/qva/vendor/lahaina/property.te b/qva/vendor/lahaina/property.te index 46bb0672..7c45a960 100644 --- a/qva/vendor/lahaina/property.te +++ b/qva/vendor/lahaina/property.te @@ -34,3 +34,6 @@ vendor_internal_prop(vendor_face3d_producer_prop); # properties for eSE-StrongBox vendor_internal_prop(vendor_ese_strongbox_prop); + +#umd property +vendor_restricted_prop(vendor_umd_prop); diff --git a/qva/vendor/lahaina/property_contexts b/qva/vendor/lahaina/property_contexts index 1741c567..f287ba4a 100644 --- a/qva/vendor/lahaina/property_contexts +++ b/qva/vendor/lahaina/property_contexts @@ -35,3 +35,7 @@ persist.vendor.biometricsface.pr u:object_r:vendor_face3d_producer_prop:s0 # eSE-StrongBox ctl.start$vendor.ese-strongbox_4_1 u:object_r:vendor_ese_strongbox_prop:s0 ctl.stop$vendor.ese-strongbox_4_1 u:object_r:vendor_ese_strongbox_prop:s0 + +#umd +persist.vendor.umdadaptor.mode u:object_r:vendor_umd_prop:s0 +persist.vendor.umd. u:object_r:vendor_umd_prop:s0 diff --git a/qva/vendor/lahaina/umdservice.te b/qva/vendor/lahaina/umdservice.te new file mode 100644 index 00000000..209c9ae3 --- /dev/null +++ b/qva/vendor/lahaina/umdservice.te @@ -0,0 +1,43 @@ +# Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. +# SPDX-License-Identifier: BSD-3-Clause-Clear + +#Define domain +type vendor_hal_umd_qti, domain; +type vendor_hal_umd_qti_exec, file_type, vendor_file_type, exec_type; + +type vendor_pcm_device, dev_type; + +typeattribute vendor_hal_umd_qti hal_camera_client; +typeattribute vendor_hal_umd_qti hal_audio_client; + +#Allow for transition from init domain to umdservice +init_daemon_domain(vendor_hal_umd_qti) + +#Allow a base set of permissions required +hal_server_domain(vendor_hal_umd_qti, vendor_hal_umd) +binder_call(vendor_hal_umd_client, vendor_hal_umd_server) +binder_call(vendor_hal_umd_server, vendor_hal_umd_client) + +#Ability for domain to get vendor_hal_umd_hwservice to hwservice_manager +#and find it +hal_attribute_hwservice(vendor_hal_umd, vendor_hal_umd_hwservice) + +#Allow a base set of permissions for the domain to be the client of hal_graphics_allocator +hal_client_domain(vendor_hal_umd_qti, hal_graphics_allocator) + +allow vendor_hal_umd_qti video_device:chr_file rw_file_perms; + +#Allow the domain to access the properties required +get_prop(vendor_hal_umd_qti, vendor_umd_prop) +get_prop(vendor_hal_umd_qti, vendor_video_prop) + +#Allow the domain to access the uvent socket and the audio device +allow vendor_hal_umd_qti self:netlink_kobject_uevent_socket create_socket_perms_no_ioctl; +allow vendor_hal_umd_qti vendor_pcm_device:chr_file rw_file_perms; +allow vendor_hal_umd_qti audio_device:dir r_dir_perms; + +#Allow the domain to access the configfs file and dir +allow vendor_hal_umd_qti configfs:file r_file_perms; +allow vendor_hal_umd_qti configfs:dir r_dir_perms; + +allow vendor_hal_umd_qti ion_device:chr_file r_file_perms;