projects / GitHub / exynos8895 / android_device_samsung_universal8895-common.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 7d5f7c0)
universal8895: Create root folders outside of vendor init
authorBruno Martins <bgcngm@gmail.com>
Sun, 7 Oct 2018 23:25:18 +0000 (01:25 +0200)
committerJan Altensen <info@stricted.net>
Sun, 19 Jan 2020 07:53:20 +0000 (08:53 +0100)
 script

 * The core SELinux policies for vendor_init are being restricted as to
   comply with Treble. Simply adding a local rule to allow creating
   folders under rootfs would be enough, but at the same time defining
   the extra root folders and making use of AID/fs configuration file
   to set perms is more neat and clean.

 * Furthermore, with System As Root / is a read-only filesystem
   so we can't create our mountpoints from init script anymore

Change-Id: Idabd7ae72e4c4fd9daac5ba3be3e6236f79f251b

BoardConfigCommon.mk patch | blob | blame | history
ramdisk/etc/fstab.samsungexynos8895 patch | blob | blame | history
ramdisk/etc/init.baseband.rc patch | blob | blame | history
ramdisk/etc/init.samsungexynos8895.rc patch | blob | blame | history
sepolicy/file_contexts [new file with mode: 0644] patch | blob

diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk
index d216fe32f40f16c784d8066f33d95ce9e341fda6..8b6990549736c5c568c3d6658697d35761e024e7 100644 (file)
--- a/BoardConfigCommon.mk
+++ b/BoardConfigCommon.mk
@@ -62,6 +62,7 @@ BOARD_KERNEL_IMAGE_NAME := Image
 #BOARD_KERNEL_CMDLINE := The bootloader ignores the cmdline from the boot.img
 BOARD_KERNEL_SEPARATED_DT := true
 TARGET_CUSTOM_DTBTOOL := dtbhtoolExynos
+BOARD_ROOT_EXTRA_FOLDERS += efs cpefs
 
 # Kernel
 TARGET_KERNEL_ARCH := arm64
@@ -133,6 +134,9 @@ WIFI_HIDL_FEATURE_DUAL_INTERFACE := true
 # MACLOADER
 BOARD_HAVE_SAMSUNG_WIFI          := true
 
+BOARD_SEPOLICY_DIRS += device/samsung/universal8895-common/sepolicy
+BOARD_SEPOLICY_VERS := $(PLATFORM_SDK_VERSION).0
+
 # Shims
 TARGET_LD_SHIM_LIBS += \
     /system/lib/libexynoscamera.so|/vendor/lib/libexynoscamera_shim.so \
diff --git a/ramdisk/etc/fstab.samsungexynos8895 b/ramdisk/etc/fstab.samsungexynos8895
index b8620f65ee87bb3c8ddcf587d09ccf73f3bb15d7..fed9d29652b61a55523e2819cb12dd43628209a2 100644 (file)
--- a/ramdisk/etc/fstab.samsungexynos8895
+++ b/ramdisk/etc/fstab.samsungexynos8895
@@ -9,6 +9,7 @@
 /dev/block/platform/11120000.ufs/by-name/CACHE          /cache      ext4    noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic                           wait,check
 /dev/block/platform/11120000.ufs/by-name/USERDATA       /data       ext4    noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic                           wait,check,encryptable=/dev/block/platform/11120000.ufs/by-name/TOMBSTONES
 /dev/block/platform/11120000.ufs/by-name/EFS            /efs        ext4    noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic                           wait,check
+/dev/block/platform/11120000.ufs/by-name/CPEFS          /cpefs      ext4    noatime,nosuid,nodev,noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic                           wait,check,nofail
 
 # ADD FOR GOTA
 /dev/block/platform/11120000.ufs/by-name/MISC           /misc       emmc    defaults                                                                                                          defaults
diff --git a/ramdisk/etc/init.baseband.rc b/ramdisk/etc/init.baseband.rc
index c8615d1fdd86faf121b2404b35f6844605a0ac84..85be7dc4b016882c97472692b3c6fdf6a901e5e2 100644 (file)
--- a/ramdisk/etc/init.baseband.rc
+++ b/ramdisk/etc/init.baseband.rc
@@ -1,5 +1,4 @@
 on init
-    mkdir /efs 0771 radio system
     symlink /dev/block/platform/11120000.ufs/by-name/RADIO /dev/mbin0
     restorecon /dev/mbin0
 
@@ -17,13 +16,6 @@ on fs
     chown radio radio /efs/factory.prop
     chmod 0600 /efs/factory.prop
 
-    # For cpefs partition
-    mkdir /cpefs 0771 radio system
-    wait /dev/block/platform/11120000.ufs/by-name/CPEFS
-    mount ext4 /dev/block/platform/11120000.ufs/by-name/CPEFS /cpefs nosuid nodev noatime noauto_da_alloc,discard,journal_checksum,data=ordered,errors=panic
-    chown radio system /cpefs
-    chmod 0771 /cpefs
-
     #For cpdebug partition
     wait /dev/block/platform/11120000.ufs/by-name/EFS
     mkdir /efs/cpdebug
diff --git a/ramdisk/etc/init.samsungexynos8895.rc b/ramdisk/etc/init.samsungexynos8895.rc
index 1889ff721d6c983695c863174d01a26b149dab89..bdd0f044c98dbec5349021eb6348929b0c74280b 100644 (file)
--- a/ramdisk/etc/init.samsungexynos8895.rc
+++ b/ramdisk/etc/init.samsungexynos8895.rc
@@ -7,13 +7,11 @@ import atrace.rc
 import init.samsung.rc
 
 on early-init
-    mkdir /efs 0771 radio system
     mount debugfs /sys/kernel/debug /sys/kernel/debug
 
 on init
     start watchdogd
 
-    mkdir /preload 0771 system system
     # See storage config details at http://source.android.com/tech/storage/
     mkdir /mnt/shell/emulated 0700 shell shell
     mkdir /storage/emulated 0555 root root
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
new file mode 100644 (file)
index 0000000..01e6921
--- /dev/null
+++ b/sepolicy/file_contexts
@@ -0,0 +1 @@
+/cpefs(/.*)?             u:object_r:efs_file:s0