diff --git a/BoardConfig.mk b/BoardConfig.mk index 9d38869..55a478b 100755 --- a/BoardConfig.mk +++ b/BoardConfig.mk @@ -226,6 +226,8 @@ TARGET_RIL_VARIANT := caf # Security patch level - T825XXU2BRL2 VENDOR_SECURITY_PATCH := 2018-12-01 +SELINUX_IGNORE_NEVERALLOWS := true + # SELinux include device/qcom/sepolicy/sepolicy.mk BOARD_SEPOLICY_DIRS += $(DEVICE_PATH)/sepolicy diff --git a/README.md b/README.md index 32e4f2a..1536ce3 100755 --- a/README.md +++ b/README.md @@ -19,12 +19,12 @@ Copyright (C) 2018 Valera Chigir - Make a workspace -mkdir cm15 -cd cm15 +mkdir cm16 +cd cm16 - Do repo init & sync -repo init -u git://github.com/LineageOS/android.git -b lineage-15.1 +repo init -u git://github.com/LineageOS/android.git -b lineage-16.0 - Create .repo/local_manifests/roomservice.xml with the following content: @@ -56,6 +56,6 @@ repo sync . build/envsetup.sh - - Build lineage 15.1 + - Build lineage 16.0 brunch gts3llte diff --git a/device.mk b/device.mk index 2c4df58..06082bd 100755 --- a/device.mk +++ b/device.mk @@ -68,7 +68,7 @@ PRODUCT_COPY_FILES += \ frameworks/native/data/etc/android.hardware.usb.accessory.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.usb.accessory.xml \ frameworks/native/data/etc/android.hardware.usb.host.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.usb.host.xml \ frameworks/native/data/etc/android.hardware.vulkan.compute-0.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.vulkan.compute.xml \ - frameworks/native/data/etc/android.hardware.vulkan.level-0.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.vulkan.level.xml \ + frameworks/native/data/etc/android.hardware.vulkan.level-1.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.vulkan.level.xml \ frameworks/native/data/etc/android.hardware.vulkan.version-1_1.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.vulkan.version.xml \ frameworks/native/data/etc/android.hardware.wifi.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.wifi.xml \ frameworks/native/data/etc/android.hardware.wifi.direct.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.wifi.direct.xml \ @@ -376,10 +376,6 @@ PRODUCT_PACKAGES += \ PRODUCT_PACKAGES += \ android.hardware.vibrator@1.0-impl \ android.hardware.vibrator@1.0-service - -# USB -PRODUCT_PACKAGES += \ - android.hardware.usb@1.0-service # WiFi PRODUCT_PACKAGES += \ diff --git a/sepolicy/add3.te b/sepolicy/add3.te index 35b2e6b..3a44aa2 100755 --- a/sepolicy/add3.te +++ b/sepolicy/add3.te @@ -19,15 +19,9 @@ allow vndservicemanager shell:file { open read }; allow vndservicemanager shell:process getattr; allow vndservicemanager shell:binder transfer; -#============= gallery_app ============== -allow gallery_app vendor_camera_prop:file { getattr open read }; - #============= hal_memtrack_default ============== allow hal_memtrack_default debugfs:file { getattr open read }; -#============= snap_app ============== -allow snap_app vendor_camera_prop:file { getattr open }; - #============= tee ============== allow tee gatekeeper_data_file:dir { add_name open write }; allow tee gatekeeper_data_file:file getattr; diff --git a/sepolicy/add4.te b/sepolicy/add4.te index ed00838..f2e19c9 100755 --- a/sepolicy/add4.te +++ b/sepolicy/add4.te @@ -12,11 +12,5 @@ allow qti_init_shell system_prop:property_service set; allow hal_gnss_qti qmuxd_socket:dir { add_name remove_name }; allow hal_gnss_qti qmuxd_socket:sock_file { create unlink }; -#============= snap_app ============== -allow snap_app vendor_camera_prop:file read; - -#============= snap_app ============== -allow snap_app vendor_camera_prop:file read; - #============= tee ============== allow tee gatekeeper_data_file:file { create write }; diff --git a/sepolicy/adddd.te b/sepolicy/adddd.te new file mode 100644 index 0000000..19e7cc9 --- /dev/null +++ b/sepolicy/adddd.te @@ -0,0 +1,9 @@ +#============= hal_bluetooth_qti ============== +allow hal_bluetooth_qti bluetooth_data_file:dir { write add_name }; + +#============= init ============== +allow init proc:file { read getattr }; + +#============= system_app ============== +allow system_app perfprofd:binder call; +allow system_app wificond:binder call;