From 468d9e49162f4c4e37db23873dab265a50f53771 Mon Sep 17 00:00:00 2001 From: ShubhamB Date: Mon, 25 May 2020 17:33:16 +0530 Subject: [PATCH 1/3] FP4: Add SSR blobs Fingerprint: Fairphone/FP4eea/FP4:11/RKQ1.210503.001/FP4G:user/release-keys --- proprietary-files.txt | 4 ++++ system.prop | 3 --- vendor.prop | 4 ++++ 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/proprietary-files.txt b/proprietary-files.txt index b987cde..26560ea 100644 --- a/proprietary-files.txt +++ b/proprietary-files.txt @@ -1105,6 +1105,10 @@ vendor/etc/init/vendor.qti.hardware.soter@1.0-service.rc vendor/lib64/hw/vendor.qti.hardware.soter@1.0-impl.so vendor/lib64/vendor.qti.hardware.soter@1.0.so +# Subsystem Silent Restart (SSR) +vendor/bin/ssr_setup +vendor/bin/subsystem_ramdump + # Tct Daemon vendor/bin/tctd vendor/etc/init/tctd.rc diff --git a/system.prop b/system.prop index 38efe76..fab220d 100644 --- a/system.prop +++ b/system.prop @@ -44,6 +44,3 @@ telephony.lteOnCdmaDevice=1 # Sensors persist.vendor.sensors.enable.mag_filter=true - -# SSR -persist.vendor.ssr.restart_level=ALL_ENABLE diff --git a/vendor.prop b/vendor.prop index ff55e76..36e731f 100644 --- a/vendor.prop +++ b/vendor.prop @@ -155,6 +155,10 @@ ro.telephony.iwlan_operation_mode=AP-assisted persist.vendor.sensors.debug.ssc_qmi_debug=true persist.vendor.sensors.allow_non_default_discovery=true +# SSR +persist.vendor.ssr.enable_ramdumps=0 +persist.vendor.ssr.restart_level=ALL_ENABLE + # Shutdown sys.vendor.shutdown.waittime=500 -- GitLab From b52eb6a0f543dd1bcac7148a486d6562954d8d66 Mon Sep 17 00:00:00 2001 From: Alex Hong Date: Fri, 6 Dec 2019 12:05:33 +0800 Subject: [PATCH 2/3] FP4: Allow vendor_init to set vendor_ssr_prop [ 19.136889] selinux: avc: denied { set } for scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_ssr_prop:s0 tclass=property_service permissive=0\x0a [ 19.154124] init: Do not have permissions to set 'persist.vendor.sys.ssr.enable_ramdumps' to '1' in property file '/vendor/build.prop': SELinux permission check failed [ 19.170388] selinux: avc: denied { set } for scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_ssr_prop:s0 tclass=property_service permissive=0\x0a [ 19.187645] init: Do not have permissions to set 'persist.vendor.sys.ssr.restart_level' to 'modem,adsp,slpi' in property file '/vendor/build.prop': SELinux permission check failed Bug: 143504506 Test: flash selinux modules to device and find avc errors gone Change-Id: I8430370b038bcbdfdc8935f125c415a07fc35f7e --- sepolicy/vendor/vendor_init.te | 2 ++ 1 file changed, 2 insertions(+) diff --git a/sepolicy/vendor/vendor_init.te b/sepolicy/vendor/vendor_init.te index 714f523..615414f 100644 --- a/sepolicy/vendor/vendor_init.te +++ b/sepolicy/vendor/vendor_init.te @@ -1 +1,3 @@ get_prop(vendor_init, vendor_t2m_sys_prop) + +set_prop(vendor_init, vendor_ssr_prop) -- GitLab From eeb128ba709275b892fa227efddeabcba20fd88b Mon Sep 17 00:00:00 2001 From: Rohit R Sekhar Date: Fri, 2 Dec 2022 13:06:00 +0530 Subject: [PATCH 3/3] FP4: Label persist.ril.sim.mcc.mnc 10-07 20:39:27.235 1290 10609 E libc : Access denied finding property "persist.ril.sim.mcc.mnc" 10-07 20:39:27.236 1290 10609 E QMI_FW : qmi_cci_get_ref: ref count increased 2 10-07 20:39:27.230 1290 1290 W DedicatedThread: type=1400 audit(0.0:1132): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=1189 scontext=u:r:rild:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive= --- BoardConfig.mk | 1 + sepolicy/private/property_contexts | 2 ++ 2 files changed, 3 insertions(+) create mode 100644 sepolicy/private/property_contexts diff --git a/BoardConfig.mk b/BoardConfig.mk index 477d418..696c449 100644 --- a/BoardConfig.mk +++ b/BoardConfig.mk @@ -158,6 +158,7 @@ VENDOR_SECURITY_PATCH := 2022-09-05 # SEPolicy include device/qcom/sepolicy_vndr/SEPolicy.mk BOARD_VENDOR_SEPOLICY_DIRS += $(DEVICE_PATH)/sepolicy/vendor +SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += $(DEVICE_PATH)/sepolicy/private # Verified Boot BOARD_AVB_ENABLE := true diff --git a/sepolicy/private/property_contexts b/sepolicy/private/property_contexts new file mode 100644 index 0000000..e3ea0fc --- /dev/null +++ b/sepolicy/private/property_contexts @@ -0,0 +1,2 @@ +# Radio +persist.ril.sim.mcc.mnc u:object_r:radio_prop:s0 -- GitLab