From 8a07d2c49536905760abbb4866d9892670e95ea3 Mon Sep 17 00:00:00 2001
From: Pierre-Hugues Husson <phh@phh.me>
Date: Fri, 16 Feb 2018 22:41:03 +0100
Subject: [PATCH] Auto detect vndk based on vendor SELinux policy

---
 base.mk                 |  1 +
 sepolicy/file_contexts  |  1 +
 sepolicy/vndk_detect.te | 11 +++++++++++
 vndk-detect             | 10 ++++++++++
 vndk.rc                 | 25 +++----------------------
 5 files changed, 26 insertions(+), 22 deletions(-)
 create mode 100644 sepolicy/vndk_detect.te
 create mode 100644 vndk-detect

diff --git a/base.mk b/base.mk
index 9b1c6e5..5e2d3d8 100644
--- a/base.mk
+++ b/base.mk
@@ -28,6 +28,7 @@ PRODUCT_SYSTEM_DEFAULT_PROPERTIES += \
 
 #VNDK config files
 PRODUCT_COPY_FILES += \
+	device/phh/treble/vndk-detect:system/bin/vndk-detect \
 	device/phh/treble/vndk.rc:system/etc/init/vndk.rc \
 	device/phh/treble/ld.config.26.txt:system/etc/ld.config.26.txt \
 	device/phh/treble/ld.config.27.txt:system/etc/ld.config.27.txt \
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 15ebca2..10bc0ce 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -1 +1,2 @@
 /system/bin/phh-su                   u:object_r:phhsu_exec:s0
+/system/bin/vndk-detect			u:object_r:vndk_detect_exec:s0
diff --git a/sepolicy/vndk_detect.te b/sepolicy/vndk_detect.te
new file mode 100644
index 0000000..ef4c7bf
--- /dev/null
+++ b/sepolicy/vndk_detect.te
@@ -0,0 +1,11 @@
+type vndk_detect, coredomain, domain;
+type vndk_detect_exec, exec_type, file_type;
+
+init_daemon_domain(vndk_detect);
+allow vndk_detect sepolicy_file:file r_file_perms;
+set_prop(vndk_detect,system_prop);
+
+allow vndk_detect shell_exec:file rx_file_perms;
+allow vndk_detect toolbox_exec:file rx_file_perms;
+#/system/bin/grep
+allow vndk_detect system_file:file rx_file_perms;
diff --git a/vndk-detect b/vndk-detect
new file mode 100644
index 0000000..b92de6c
--- /dev/null
+++ b/vndk-detect
@@ -0,0 +1,10 @@
+#!/system/bin/sh
+
+grep -oE 'init_[0-9_]+' /vendor/etc/selinux/nonplat_sepolicy.cil | \
+	uniq | \
+	sort -n | \
+	head -n 1 | \
+	sed -E 's/.*init_([0-9]+).*/\1/g' | \
+while read version;do
+	setprop persist.sys.vndk $version
+done
diff --git a/vndk.rc b/vndk.rc
index 17ec0d6..f9dce09 100644
--- a/vndk.rc
+++ b/vndk.rc
@@ -1,22 +1,3 @@
-on property:ro.vendor.vndk.version=26.0.0
-	export LD_CONFIG_FILE /system/etc/ld.config.26.txt
-
-on property:ro.vendor.vndk.version=26.1.0
-	export LD_CONFIG_FILE /system/etc/ld.config.26.txt
-
-on property:ro.vendor.vndk.version=27.0.0
-	export LD_CONFIG_FILE /system/etc/ld.config.27.txt
-
-on property:ro.vendor.vndk.version=27.1.0
-	export LD_CONFIG_FILE /system/etc/ld.config.27.txt
-
-on property:ro.vendor.product.device=mido
-	export LD_CONFIG_FILE /system/etc/ld.config.27.txt
-
-on property:ro.board.platform=mt6737t
-	export LD_CONFIG_FILE /system/etc/ld.config.26.txt
-
-#Both 27 and 26 exist for this device
-#Assume 27
-on property:ro.vendor.product.device=sailfish
-	export LD_CONFIG_FILE /system/etc/ld.config.27.txt
+on post-fs
+	exec - root -- /system/bin/vndk-detect
+	export LD_CONFIG_FILE /system/etc/ld.config.${persist.sys.vndk}.txt