Auto detect vndk based on vendor SELinux policy

This commit is contained in:
Pierre-Hugues Husson 2018-02-16 22:41:03 +01:00
parent dd2fd573fa
commit 8a07d2c495
5 changed files with 26 additions and 22 deletions

View File

@ -28,6 +28,7 @@ PRODUCT_SYSTEM_DEFAULT_PROPERTIES += \
#VNDK config files #VNDK config files
PRODUCT_COPY_FILES += \ PRODUCT_COPY_FILES += \
device/phh/treble/vndk-detect:system/bin/vndk-detect \
device/phh/treble/vndk.rc:system/etc/init/vndk.rc \ device/phh/treble/vndk.rc:system/etc/init/vndk.rc \
device/phh/treble/ld.config.26.txt:system/etc/ld.config.26.txt \ device/phh/treble/ld.config.26.txt:system/etc/ld.config.26.txt \
device/phh/treble/ld.config.27.txt:system/etc/ld.config.27.txt \ device/phh/treble/ld.config.27.txt:system/etc/ld.config.27.txt \

View File

@ -1 +1,2 @@
/system/bin/phh-su u:object_r:phhsu_exec:s0 /system/bin/phh-su u:object_r:phhsu_exec:s0
/system/bin/vndk-detect u:object_r:vndk_detect_exec:s0

11
sepolicy/vndk_detect.te Normal file
View File

@ -0,0 +1,11 @@
type vndk_detect, coredomain, domain;
type vndk_detect_exec, exec_type, file_type;
init_daemon_domain(vndk_detect);
allow vndk_detect sepolicy_file:file r_file_perms;
set_prop(vndk_detect,system_prop);
allow vndk_detect shell_exec:file rx_file_perms;
allow vndk_detect toolbox_exec:file rx_file_perms;
#/system/bin/grep
allow vndk_detect system_file:file rx_file_perms;

10
vndk-detect Normal file
View File

@ -0,0 +1,10 @@
#!/system/bin/sh
grep -oE 'init_[0-9_]+' /vendor/etc/selinux/nonplat_sepolicy.cil | \
uniq | \
sort -n | \
head -n 1 | \
sed -E 's/.*init_([0-9]+).*/\1/g' | \
while read version;do
setprop persist.sys.vndk $version
done

25
vndk.rc
View File

@ -1,22 +1,3 @@
on property:ro.vendor.vndk.version=26.0.0 on post-fs
export LD_CONFIG_FILE /system/etc/ld.config.26.txt exec - root -- /system/bin/vndk-detect
export LD_CONFIG_FILE /system/etc/ld.config.${persist.sys.vndk}.txt
on property:ro.vendor.vndk.version=26.1.0
export LD_CONFIG_FILE /system/etc/ld.config.26.txt
on property:ro.vendor.vndk.version=27.0.0
export LD_CONFIG_FILE /system/etc/ld.config.27.txt
on property:ro.vendor.vndk.version=27.1.0
export LD_CONFIG_FILE /system/etc/ld.config.27.txt
on property:ro.vendor.product.device=mido
export LD_CONFIG_FILE /system/etc/ld.config.27.txt
on property:ro.board.platform=mt6737t
export LD_CONFIG_FILE /system/etc/ld.config.26.txt
#Both 27 and 26 exist for this device
#Assume 27
on property:ro.vendor.product.device=sailfish
export LD_CONFIG_FILE /system/etc/ld.config.27.txt