diff options
Diffstat (limited to 'shared/utils')
-rw-r--r-- | shared/utils/dlkm_loader/BoardConfig.mk | 5 | ||||
-rw-r--r-- | shared/utils/dlkm_loader/device.mk | 2 | ||||
-rw-r--r-- | shared/utils/dlkm_loader/dlkm_loader.rc | 10 | ||||
-rw-r--r-- | shared/utils/dlkm_loader/sepolicy/dlkm_loader.te | 18 | ||||
-rw-r--r-- | shared/utils/dlkm_loader/sepolicy/file_contexts | 1 |
5 files changed, 36 insertions, 0 deletions
diff --git a/shared/utils/dlkm_loader/BoardConfig.mk b/shared/utils/dlkm_loader/BoardConfig.mk new file mode 100644 index 0000000..9851776 --- /dev/null +++ b/shared/utils/dlkm_loader/BoardConfig.mk @@ -0,0 +1,5 @@ +# system_dlkm partition +BOARD_USES_SYSTEM_DLKMIMAGE := true +BOARD_SYSTEM_DLKMIMAGE_FILE_SYSTEM_TYPE := ext4 # system_dlkm.img prebuilt from ci.android.com is ext4 +TARGET_COPY_OUT_SYSTEM_DLKM := system_dlkm +BOARD_DB_DYNAMIC_PARTITIONS_PARTITION_LIST := system vendor system_ext product system_dlkm diff --git a/shared/utils/dlkm_loader/device.mk b/shared/utils/dlkm_loader/device.mk new file mode 100644 index 0000000..a4db638 --- /dev/null +++ b/shared/utils/dlkm_loader/device.mk @@ -0,0 +1,2 @@ +AB_OTA_PARTITIONS += system_dlkm +PRODUCT_PACKAGES += dlkm_loader diff --git a/shared/utils/dlkm_loader/dlkm_loader.rc b/shared/utils/dlkm_loader/dlkm_loader.rc new file mode 100644 index 0000000..7af8bac --- /dev/null +++ b/shared/utils/dlkm_loader/dlkm_loader.rc @@ -0,0 +1,10 @@ +on early-init + # start module load in the background + start vendor.dlkm_loader + +service vendor.dlkm_loader /vendor/bin/dlkm_loader + class main + user root + group root system + disabled + oneshot diff --git a/shared/utils/dlkm_loader/sepolicy/dlkm_loader.te b/shared/utils/dlkm_loader/sepolicy/dlkm_loader.te new file mode 100644 index 0000000..be36f35 --- /dev/null +++ b/shared/utils/dlkm_loader/sepolicy/dlkm_loader.te @@ -0,0 +1,18 @@ +type dlkm_loader, domain; +type dlkm_loader_exec, exec_type, vendor_file_type, file_type; +init_daemon_domain(dlkm_loader) + +# Allow insmod on vendor, system and system_dlkm partitions +allow dlkm_loader self:capability sys_module; +allow dlkm_loader system_dlkm_file:dir r_dir_perms; +allow dlkm_loader system_dlkm_file:file r_file_perms; +allow dlkm_loader system_dlkm_file:system module_load; +allow dlkm_loader system_file:system module_load; +allow dlkm_loader vendor_file:system module_load; + +# needed for libmodprobe to read kernel commandline +allow dlkm_loader proc_cmdline:file r_file_perms; +allow dlkm_loader proc_bootconfig:file r_file_perms; + +# Allow writing to kernel log +allow dlkm_loader kmsg_device:chr_file rw_file_perms; diff --git a/shared/utils/dlkm_loader/sepolicy/file_contexts b/shared/utils/dlkm_loader/sepolicy/file_contexts new file mode 100644 index 0000000..a345de9 --- /dev/null +++ b/shared/utils/dlkm_loader/sepolicy/file_contexts @@ -0,0 +1 @@ +/vendor/bin/dlkm_loader u:object_r:dlkm_loader_exec:s0 |