diff --git a/BoardConfigLineage.mk b/BoardConfigLineage.mk index 9009ac8f..3fd89890 100644 --- a/BoardConfigLineage.mk +++ b/BoardConfigLineage.mk @@ -13,6 +13,10 @@ TARGET_KERNEL_CONFIG := sunfish_defconfig TARGET_KERNEL_SOURCE := kernel/google/msm-4.14 TARGET_NEEDS_DTBOIMAGE := true +# Manifests +DEVICE_MANIFEST_FILE += device/google/sunfish/lineage_manifest.xml +DEVICE_FRAMEWORK_COMPATIBILITY_MATRIX_FILE += vendor/lineage/config/device_framework_matrix.xml + # Partitions AB_OTA_PARTITIONS += \ vendor @@ -28,6 +32,10 @@ BOARD_SYSTEM_EXTIMAGE_EXTFS_INODE_COUNT := -1 BOARD_SYSTEM_EXTIMAGE_PARTITION_RESERVED_SIZE := 92160000 endif +# SELinux +BOARD_SEPOLICY_DIRS += device/google/sunfish/sepolicy-lineage/dynamic +BOARD_SEPOLICY_DIRS += device/google/sunfish/sepolicy-lineage/vendor + # Verified Boot BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --flags 3 diff --git a/device-lineage.mk b/device-lineage.mk index b7562cb8..96395546 100644 --- a/device-lineage.mk +++ b/device-lineage.mk @@ -16,6 +16,10 @@ PRODUCT_SOONG_NAMESPACES += \ PRODUCT_COPY_FILES += \ frameworks/native/data/etc/android.hardware.telephony.euicc.xml:$(TARGET_COPY_OUT_PRODUCT)/etc/permissions/android.hardware.telephony.euicc.xml +# LiveDisplay +PRODUCT_PACKAGES += \ + vendor.lineage.livedisplay@2.0-service-sdm + # RCS PRODUCT_PACKAGES += \ PresencePolling \ diff --git a/lineage_manifest.xml b/lineage_manifest.xml new file mode 100644 index 00000000..e820ffe6 --- /dev/null +++ b/lineage_manifest.xml @@ -0,0 +1,11 @@ + + + vendor.lineage.livedisplay + hwbinder + 2.0 + + IPictureAdjustment + default + + + diff --git a/sepolicy-lineage/dynamic/hal_lineage_livedisplay_qti.te b/sepolicy-lineage/dynamic/hal_lineage_livedisplay_qti.te new file mode 100644 index 00000000..92b2a93a --- /dev/null +++ b/sepolicy-lineage/dynamic/hal_lineage_livedisplay_qti.te @@ -0,0 +1,10 @@ +# Do not use add_service() as hal_graphics_composer_default may be the provider as well +allow hal_lineage_livedisplay_qti qdisplay_service:service_manager find; + +binder_call(hal_lineage_livedisplay_qti, hal_graphics_composer_default) + +# Allow LiveDisplay to access vendor display property +get_prop(hal_lineage_livedisplay_qti, vendor_display_prop) + +allow hal_lineage_livedisplay_qti pps_socket:sock_file rw_file_perms; +allow hal_lineage_livedisplay_qti hal_graphics_composer_default:unix_stream_socket { connectto }; diff --git a/sepolicy-lineage/vendor/file_contexts b/sepolicy-lineage/vendor/file_contexts new file mode 100644 index 00000000..88151924 --- /dev/null +++ b/sepolicy-lineage/vendor/file_contexts @@ -0,0 +1,2 @@ +# LiveDisplay HAL +/(vendor|system/vendor)/bin/hw/vendor\.lineage\.livedisplay@2\.0-service-sdm u:object_r:hal_lineage_livedisplay_qti_exec:s0 diff --git a/sepolicy-lineage/vendor/hal_lineage_livedisplay.te b/sepolicy-lineage/vendor/hal_lineage_livedisplay.te new file mode 100644 index 00000000..83cfd263 --- /dev/null +++ b/sepolicy-lineage/vendor/hal_lineage_livedisplay.te @@ -0,0 +1,12 @@ +type hal_lineage_livedisplay_qti, domain; +hal_server_domain(hal_lineage_livedisplay_qti, hal_lineage_livedisplay) + +type hal_lineage_livedisplay_qti_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(hal_lineage_livedisplay_qti) + +# Allow LiveDisplay HAL's default implementation to use vendor-binder service +vndbinder_use(hal_lineage_livedisplay_qti) + +# Allow LiveDisplay to store files under /data/vendor/display and access them +allow hal_lineage_livedisplay_qti display_vendor_data_file:dir rw_dir_perms; +allow hal_lineage_livedisplay_qti display_vendor_data_file:file create_file_perms;