Integration #3
Open
Integration #3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
1. set security context for /dev/ttyFIQ0 and /dev/ttyAMA1 2. allow init to have more permissions for configfs dir and lnk_file Change-Id: I388c0447a0ca915944bffd8c70a048bc945226a9 Signed-off-by: Yongqin Liu <[email protected]>
to avoid avc like following:
avc: denied { create } for pid=1 comm="init" name="sdcard" scontext=u:r:init:s0 tcontext=u:object_r:tmpfs:s0 tclass=lnk_file permissive=1
Change-Id: I8d8adbf2819f5b6e09a1dae95816c731e495cbac
Signed-off-by: Yongqin Liu <[email protected]>
to avoid the following SELinux avc dac_override denial:
avc: denied { dac_override } for pid=1790 comm="uim" capability=1 scontext=u:r:hci_attach:s0 tcontext=u:r:hci_attach:s0 tclass=capability permissive=1
Change-Id: Ia0ff7ffbeac155fbc43b52c2ddc880d35c52a654
Signed-off-by: Yongqin Liu <[email protected]>
Mostly copied over from the flounder powerHAL, this patch adds a basic powerHAL to include interactivty boosting via the interactive cpufreq gov Change-Id: I691d5874c7c61479aa4629fb2ae5dd83d52f4e4b Signed-off-by: John Stultz <[email protected]>
If not, it will cause dac_override avc denial warnings for logd and healthd since they need to access the file /dev/cpuctl/tasks in their source Change-Id: If65d11e7122ef197ba43012c890637df835ce544 Signed-off-by: Yongqin Liu <[email protected]>
Booloader sources are located under device/linaro/bootloader Change-Id: I8b35f9a292f5037eac2e0a281f5345921a313b93 Signed-off-by: Vishal Bhoj <[email protected]>
Netd triggers sys_module denials, but the kernel has CONFIG_MODULES=n. This denial is harmless, and is likely a result of a permission check before verifying whether the kernel even has module support. Suppress these denials. Change-Id: I8b2a7e3a1cdd7ae2f064ba952c110e0e2ead7fcc
Now that we have support to build uefi from source, we allow user to choose which one to flash. Minor cleanup: Remove ANDROID_OUT which will be same as ANDROID_PRODUCT_OUT Fixed shellcheck errors Change-Id: I9e45b2970a481df085222ecd240e367cef75889c Signed-off-by: Vishal Bhoj <[email protected]>
In the cases that we build in a script or built several days before, we don't want to run "lunch hikey-userdebug" before run flash-all.sh ANDROID_BUILD_TOP will be only availbe after run lunch command Change-Id: I06c9479cd05a5178b6d1444eedbc67d743db28ae Signed-off-by: Yongqin Liu <[email protected]>
Rndis (tethering) n/w interface, usb0, registration/deregistration is broken. If a user try to switch to other functions or disable usb tethering or unplug the usb cable then it doesn't kill "usb0" interface. Clean registration and deregistration can be done by creating the rndis function when user enable the tethering from Settings application instead of creating it "on boot", and deleting the function when we switch to other function or disable tethering or unplug the cable. Relevent fix, Change-Id: If1f922e02277cccdc8c0b263be63989ee102cc80, to create and delete RNDIS function, on need basis, is moved to init.usb.configfs.rc Change-Id: Icb49020d624fb21ef2607d473948cbbf3b9cc469 Reported-by: Winter Wang <[email protected]> Signed-off-by: Amit Pundir <[email protected]>
https://android.googlesource.com/platform/system/sepolicy/+/c15090b315cc32d4bb55b5ff79b71b4383e1a793 has added configfs definitions to the main policy, so remove them from here. Bug: 30394208 Change-Id: I4abaef3497f006e1d8d122aa4cdfb1820c153f94
2 types remaining avc denials are mentioned here: 1. init domain on android0 file https://android-review.googlesource.com/#/c/239530/ 2. sys_module denial on netd domain https://android-review.googlesource.com/#/c/239514/ Change-Id: I2623742ea10261908b1ab3ed7f999c5b8a8a6fb7 Signed-off-by: Yongqin Liu <[email protected]>
Change-Id: I51ca9d5861119f3894446656c467a08188827a81 Signed-off-by: Dmitry Shmidt <[email protected]>
With v4.8-rc and above kernels, the wlcore driver requires
a newer version of the wifi firmware.
Thus this patch updates the firmware file to what is found via:
git://git.ti.com/wilink8-wlan/wl18xx_fw.git 9d054faf26f9ea166b925fca230d5c9784c553e4
("Updated to FW 8.9.0.0.69").
Change-Id: Idcbff9e7c32267fa30542bfdc77d6b687cb9a26b
Signed-off-by: John Stultz <[email protected]>
Change-Id: Ib1da8dcf977e0beac1a731ff1f9bab0ab0d72329 Signed-off-by: Dmitry Shmidt <[email protected]>
Change-Id: I40bb46ef58599aec12694308cb8cbcc42dd28f5f Signed-off-by: Dmitry Shmidt <[email protected]>
To set the unique serial number, we need to call fastboot oem serialno from the l-loader.bin's fastboot mode (not the UEFI fastboot). So generate a serialno when we are doing a flash-all.sh Change-Id: Id5b3cb5530ad3b265c65d0b6b0900e8625a25de7 Signed-off-by: John Stultz <[email protected]>
Change-Id: I5f51d36055a65333b8918fce541b187084623308 Signed-off-by: John Stultz <[email protected]>
…t sources. This updates the fip.bin and l-loader.bin to builds from the latest sources. Notable changes: * Fix for uSD hang * androidboot.serialno= support * Device will reboot on poweroff if J1-2 (always power-on) is set, rather then just spin and overheat. Built from the following trees: https://android.googlesource.com/device/linaro/bootloader/arm-trusted-firmware 6c60217788fc109ccfb5b8789d66793277a1f9eb https://android.googlesource.com/device/linaro/bootloader/edk2 b96baa8ce5b46dd4ef5697862c989244f5221dba https://android.googlesource.com/device/linaro/bootloader/OpenPlatformPkg 0269b8d21bef2d80320b3b5fd2d02b3a35f3f8d4 Change-Id: I3eb1014aef3998bf6aec8addc22671a7e7833df9 Signed-off-by: John Stultz <[email protected]>
…rslack_ns access With the new /proc/<tid>/timerslack_ns interface, the system_server needs to be able to write to that value. However, currently the selinux policy seems to prevent this. Using "adb logcat -d | audit2allow -p <sepolicy file>" I got the following suggestions which I've added here. I suspect there is a better way to limit write access to just the timerslack_ns file, but I'm no selinux expert. Suggestions would be welcome. We should remove this after a proper solution is in /system/sepolicy/system_server.te Change-Id: I1bc3a8f4a4f663131977fe6fc2c8afa309b7a7c0 Signed-off-by: John Stultz <[email protected]>
…ce/linaro/hikey into HEAD Conflicts: installer/fip.bin installer/flash-all.sh
Android expects an Image-dtb file
Update fip.bin with ATF/OPTEE support enabled
|
I still think we should remove the fip.bin binary. We just get too many bug reports when it gets out of date with the ta and client code that we are building as part of Android. It would only really make sense to include fip.bin if we have a branch/project that locks down specific versions of the rest of the OP-TEE code. |
|
Also should probably describe this as a merge instead of a rebase. |
|
Thanks. I will try to make the file to built directly from AOSP (it is already supported) and update the pull request. |
Reusing the existing domain for tee defined in system/sepolicy. Signed-off-by: Zoltan Kuscsik <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Rebase changes to latest AOSP master