nehemiah-zb/lineage_patches_unified
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Initial commit for Android 10, syncing up to v201

Browse Source
This commit is contained in:
Andy CrossGate Yan
2019-10-23 09:02:48 +00:00
commit 017c525e4f
111 changed files with 8014 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
patches/platform_external_selinux/0001-Enable-multipl_decls-by-default.-This-is-needed-beca.patch Normal file
View File

@@ -0,0 +1,27 @@
From 2357a8f50b6ec8e1ed4d863c4b18aaed8af6a3db Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Fri, 2 Mar 2018 22:49:55 +0100
Subject: [PATCH 1/6] Enable multipl_decls by default. This is needed because
8.0 init doesn't add -m
Change-Id: I43dc661d519f7b8576d72a828d8cbd444592bf5e
---
secilc/secilc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/secilc/secilc.c b/secilc/secilc.c
index ad6862ba..8799e99a 100644
--- a/secilc/secilc.c
+++ b/secilc/secilc.c
@@ -90,7 +90,7 @@ int main(int argc, char *argv[])
int target = SEPOL_TARGET_SELINUX;
int mls = -1;
int disable_dontaudit = 0;
- int multiple_decls = 0;
+ int multiple_decls = 1;
int disable_neverallow = 0;
int preserve_tunables = 0;
int handle_unknown = -1;
--
2.17.1

26
patches/platform_external_selinux/0002-Increase-default-log_level-to-get-actual-selinux-err.patch Normal file
View File

@@ -0,0 +1,26 @@
From 04ac55163d403dba2d986cb41805663ea5fa465a Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Mon, 9 Apr 2018 00:19:49 +0200
Subject: [PATCH 2/6] Increase default log_level to get actual selinux error in
kmsg
---
secilc/secilc.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/secilc/secilc.c b/secilc/secilc.c
index 8799e99a..631b4b0a 100644
--- a/secilc/secilc.c
+++ b/secilc/secilc.c
@@ -101,7 +101,7 @@ int main(int argc, char *argv[])
int opt_index = 0;
char *fc_buf = NULL;
size_t fc_size;
- enum cil_log_level log_level = CIL_ERR;
+ enum cil_log_level log_level = CIL_WARN;
static struct option long_opts[] = {
{"help", no_argument, 0, 'h'},
{"verbose", no_argument, 0, 'v'},
--
2.17.1

40
patches/platform_external_selinux/0003-Kirin-Workaround-some-conflicting-Kirin-tether-SELin.patch Normal file
View File

@@ -0,0 +1,40 @@
From 0883dddcc377f9c8c271b4ee1b5796cca6b9938c Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Mon, 3 Dec 2018 20:54:54 +0100
Subject: [PATCH 3/6] ::Kirin:: Workaround some conflicting Kirin tether
SELinux context
Some Kirin devices declared some android.hardware.tetheroffload HALs,
but they didn't use AOSP contexts.
This leads to libselinux aborting when loading hwservice_contexts.
Workaround it the ugly way, by making them match.
This most likely kills tetheroffload for those devices.
---
libselinux/src/label_backends_android.c | 10 ++++++++++
1 file changed, 10 insertions(+)
diff --git a/libselinux/src/label_backends_android.c b/libselinux/src/label_backends_android.c
index eaca5947..ab92985b 100644
--- a/libselinux/src/label_backends_android.c
+++ b/libselinux/src/label_backends_android.c
@@ -62,6 +62,16 @@ static int nodups_specs(struct saved_data *data)
curr_spec->property_key)) {
if (strcmp(spec_arr[jj].lr.ctx_raw,
curr_spec->lr.ctx_raw)) {
+ if(strcmp(spec_arr[jj].lr.ctx_raw, "u:object_r:hal_ipacm_hwservice:s0") == 0) {
+ free(spec_arr[jj].lr.ctx_raw);
+ spec_arr[jj].lr.ctx_raw = strdup("u:object_r:hal_tetheroffload_hwservice:s0");
+ continue;
+ }
+ if(strcmp(curr_spec->lr.ctx_raw, "u:object_r:hal_ipacm_hwservice:s0") == 0) {
+ free(curr_spec->lr.ctx_raw);
+ curr_spec->lr.ctx_raw = strdup("u:object_r:hal_tetheroffload_hwservice:s0");
+ continue;
+ }
rc = -1;
errno = EINVAL;
selinux_log
--
2.17.1

43
patches/platform_external_selinux/0004-Allow-devices-virtual-block-genfscon-conflict-seen-o.patch Normal file
View File

@@ -0,0 +1,43 @@
From fac785e80fa91a71c29c95817110154e4c60464d Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Fri, 6 Sep 2019 15:07:25 +0200
Subject: [PATCH 4/6] Allow /devices/virtual/block/ genfscon conflict (seen on
Xiaomi Mi 9)
Change-Id: I06e4e9d5b82d61a8aeab595b47e2589249675895
---
libsepol/cil/src/cil_post.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/libsepol/cil/src/cil_post.c b/libsepol/cil/src/cil_post.c
index 0b09cecc..255c9e12 100644
--- a/libsepol/cil/src/cil_post.c
+++ b/libsepol/cil/src/cil_post.c
@@ -477,7 +477,23 @@ int cil_post_genfscon_context_compare(const void *a, const void *b)
{
struct cil_genfscon *a_genfscon = *(struct cil_genfscon**)a;
struct cil_genfscon *b_genfscon = *(struct cil_genfscon**)b;
- return context_compare(a_genfscon->context, b_genfscon->context);
+ int rc = context_compare(a_genfscon->context, b_genfscon->context);
+ if(rc) {
+ fprintf(stderr, "hello %s\n", a_genfscon->fs_str);
+ int bypass = 0;
+ /*
+ * This conflict has been seen on Xiaomi Mi 9:
+ * - AOSP Q says (genfscon sysfs /devices/virtual/block/ (u object_r sysfs_devices_block ((s0) (s0))))
+ * - stock rom says (genfscon sysfs /devices/virtual/block/ (u object_r sysfs_ufs_target ((s0) (s0))))
+ */
+ if(strcmp(a_genfscon->path_str, "/devices/virtual/block/") == 0)
+ bypass = 1;
+ if(bypass == 1) {
+ fprintf(stderr, "Received conflicting %s vs %s but ignore\n", a_genfscon->path_str, b_genfscon->path_str);
+ return 0;
+ }
+ }
+ return rc;
}
int cil_post_netifcon_context_compare(const void *a, const void *b)
--
2.17.1

44
patches/platform_external_selinux/0005-Most-horrific-Remove-ramdisk-s-zygote-init-scripts.patch Normal file
View File

@@ -0,0 +1,44 @@
From c741063fdd7cbb01dda51737db457e4043af0d04 Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Thu, 12 Sep 2019 20:34:28 +0200
Subject: [PATCH 5/6] Most horrific: Remove ramdisk's zygote init scripts
This is needed because:
- only secilc is run soon enough in /system to
remove it
- placing an init.zygote in system won't have init replace it, it's the
first that appears that wins
Change-Id: I8be31ceb9ef2124d04994d9fb08fc8012a2f819e
---
secilc/secilc.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/secilc/secilc.c b/secilc/secilc.c
index 631b4b0a..3dd6e7ce 100644
--- a/secilc/secilc.c
+++ b/secilc/secilc.c
@@ -34,6 +34,8 @@
#include <getopt.h>
#include <sys/stat.h>
+#include <unistd.h>
+
#ifdef ANDROID
#include <cil/cil.h>
#else
@@ -121,6 +123,11 @@ int main(int argc, char *argv[])
};
int i;
+ unlink("/init.zygote32.rc");
+ unlink("/init.zygote64_32.rc");
+ unlink("/init.zygote64.rc");
+ unlink("/init.zygote32_64.rc");
+
while (1) {
opt_char = getopt_long(argc, argv, "o:f:U:hvt:M:PDmNc:GX:", long_opts, &opt_index);
if (opt_char == -1) {
--
2.17.1

44
patches/platform_external_selinux/0006-if-service-is-rcs-accept-conflict.-Seen-on-Moto-E5.patch Normal file
View File

@@ -0,0 +1,44 @@
From 80f7a20f831e6d2028678899c39fe779024433f1 Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Thu, 12 Sep 2019 20:37:04 +0200
Subject: [PATCH 6/6] if service is "rcs", accept conflict. Seen on Moto E5
Change-Id: I0cc2d0fad83f403f2b5d7458039b1564ce5ed9dd
---
libselinux/src/label_backends_android.c | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/libselinux/src/label_backends_android.c b/libselinux/src/label_backends_android.c
index ab92985b..ca16327c 100644
--- a/libselinux/src/label_backends_android.c
+++ b/libselinux/src/label_backends_android.c
@@ -72,14 +72,24 @@ static int nodups_specs(struct saved_data *data)
curr_spec->lr.ctx_raw = strdup("u:object_r:hal_tetheroffload_hwservice:s0");
continue;
}
- rc = -1;
- errno = EINVAL;
selinux_log
(SELINUX_ERROR,
"Multiple different specifications for %s (%s and %s).\n",
curr_spec->property_key,
spec_arr[jj].lr.ctx_raw,
curr_spec->lr.ctx_raw);
+ int ignore = 0;
+ /*
+ * This issue has been found on Moto E5
+ * E SELinux : Multiple different specifications for rcs (u:object_r:radio_service:s0 and u:object_r:mot_rcs_service:s0).
+ */
+ if(!strcmp(curr_spec->property_key, "rcs"))
+ ignore = 1;
+
+ if(!ignore) {
+ rc = -1;
+ errno = EINVAL;
+ }
} else {
selinux_log
(SELINUX_WARNING,
--
2.17.1