Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit e11e0019 authored by LuK1337's avatar LuK1337
Browse files

sm8150-common: sepolicy: Resolve some ugly dashd issues 

* Since a certain funny mod does some unexpected
  changes to rootfs, which essentially resets
  /sbin/dashd label back to u:object_r:rootfs:s0,
  the dashd cannot be started anymore.
* This change syncs attributes and allows init to
  execute files with u:object_r:rootfs:s0 context
  as u:object_r:dashd:s0 using seclabel service
  option just like OnePlus does on stock.
* We are also reverting bea94bd6 just because it's
  not needed anymore and dropping /sbin/dashd fs
  label just so that we can easier spot this issue
  if it'd ever happen again.

Change-Id: I98b376a66836aae036b8e41bb0300ce0d926f4c2
parent 19ea9f3e

rootdir/etc/init.qcom.rc

+1 −0
Original line number Diff line number Diff line
@@ -1282,5 +1282,6 @@ service vendor.audio-hal-2-0 /vendor/bin/hw/android.hardware.audio@2.0-service 


service dashd /sbin/dashd

    class core

    critical

    seclabel u:r:dashd:s0

    group root system

sepolicy/vendor/dashd.te

+2 −2
Original line number Diff line number Diff line 
type dashd, domain;

type dashd_exec, exec_type, vendor_file_type, file_type;

type dashd, coredomain, domain;

type dashd_exec, exec_type, file_type;



init_daemon_domain(dashd)

sepolicy/vendor/file_contexts

+0 −1
Original line number Diff line number Diff line
@@ -48,7 +48,6 @@ 
# Root files

/op1(/.*)?     u:object_r:op1_file:s0

/op2(/.*)?     u:object_r:op2_file:s0

/sbin/dashd    u:object_r:dashd_exec:s0



# Socket files

/dev/socket/vl53l1_daemon    u:object_r:vl53l1_socket:s0

sepolicy/vendor/init.te

+3 −0
Original line number Diff line number Diff line 
# Allow init to transition to dashd domain

domain_trans(init, rootfs, dashd)



# Allow init to mount /op1, /op2 with op1_file, op2_file context

allow init { op1_file op2_file }:filesystem { mount relabelfrom relabelto };