diff --git a/lineage.dependencies b/lineage.dependencies index edf784b..945055b 100644 --- a/lineage.dependencies +++ b/lineage.dependencies @@ -2,5 +2,9 @@ { "repository": "android_device_samsung_qcom-common", "target_path": "device/samsung/qcom-common" + }, + { + "repository": "android_hardware_sony_timekeep", + "target_path": "hardware/sony/timekeep" } ] diff --git a/msm8974.mk b/msm8974.mk index 8c013a8..fd36f75 100644 --- a/msm8974.mk +++ b/msm8974.mk @@ -168,6 +168,11 @@ PRODUCT_PACKAGES += \ android.hardware.sensors@1.0-impl.samsung8974 \ android.hardware.sensors@1.0-service.samsung8974 +# TimeKeep +PRODUCT_PACKAGES += \ + timekeep \ + TimeKeep + # Touch features PRODUCT_PACKAGES += \ vendor.lineage.touch@1.0-service.samsung diff --git a/sepolicy/common/file_contexts b/sepolicy/common/file_contexts index 2947c45..c282bc8 100644 --- a/sepolicy/common/file_contexts +++ b/sepolicy/common/file_contexts @@ -94,5 +94,9 @@ # sysfs - sensors /sys/devices/virtual/sensors(/.*)? u:object_r:sysfs_sensors:s0 +# sysfs - time +/sys/devices/qpnp-rtc-[0-9]+/rtc/rtc0(/.*)? u:object_r:sysfs_rtc:s0 +/(system/vendor|vendor)/bin/timekeep u:object_r:timekeep_exec:s0 + # sysfs - usb /sys/devices/virtual/host_notify/usb_otg(/.*)? u:object_r:sysfs_usb_otg:s0 diff --git a/sepolicy/common/property.te b/sepolicy/common/property.te new file mode 100644 index 0000000..def81fd --- /dev/null +++ b/sepolicy/common/property.te @@ -0,0 +1 @@ +type vendor_timekeep_prop, property_type; diff --git a/sepolicy/common/property_contexts b/sepolicy/common/property_contexts index 05f3ea1..ba81d72 100644 --- a/sepolicy/common/property_contexts +++ b/sepolicy/common/property_contexts @@ -1 +1,2 @@ +persist.vendor.timeadjust u:object_r:vendor_timekeep_prop:s0 service.camera.hdmi_preview u:object_r:camera_prop:s0 diff --git a/sepolicy/common/seapp_contexts b/sepolicy/common/seapp_contexts new file mode 100644 index 0000000..a70928a --- /dev/null +++ b/sepolicy/common/seapp_contexts @@ -0,0 +1,8 @@ +user=system seinfo=platform name=com.sony.timekeep domain=timekeep_app type=app_data_file +# Why app_data_file and not system_app_data_file? +# Because some daemon needs access to /data/data/com.sony.{timekeep,qcrilam} +# This happens with system_app_data_file: +# ContextImpl: Failed to ensure /data/user/0/com.sony.qcrilam/cache: mkdir failed: EACCES (Permission denied) +# ContextImpl: Failed to update user.inode_cache: stat failed: EACCES (Permission denied) +# ContextImpl: Failed to ensure /data/user_de/0/com.sony.qcrilam/code_cache: mkdir failed: EACCES (Permission denied) +# ContextImpl: Failed to update user.inode_code_cache: stat failed: EACCES (Permission denied) diff --git a/sepolicy/common/time_daemon.te b/sepolicy/common/time_daemon.te deleted file mode 100644 index 38719ac..0000000 --- a/sepolicy/common/time_daemon.te +++ /dev/null @@ -1 +0,0 @@ -allow time_daemon alarm_device:chr_file rw_file_perms; diff --git a/sepolicy/common/timekeep.te b/sepolicy/common/timekeep.te new file mode 100644 index 0000000..bbc7154 --- /dev/null +++ b/sepolicy/common/timekeep.te @@ -0,0 +1,22 @@ +# Policy for the timekeep.c oneshot system service +# Gets called once during init by vendor timekeep.rc and restores +# clock from persist.vendor.timeadjust property, reads +# /sys/class/rtc/rtc0/since_epoch +type timekeep, domain; +type timekeep_exec, exec_type, vendor_file_type, file_type; + +init_daemon_domain(timekeep) + +# Grant permission to set system time and to set the real-time clock +allow timekeep self:capability sys_time; + +# Write to /data/vendor/time/ats_2 +allow timekeep time_data_file:dir rw_dir_perms; +allow timekeep time_data_file:file create_file_perms; + +# Set persist.vendor.timeadjust +set_prop(timekeep, vendor_timekeep_prop) + +# Read /sys/class/rtc/rtc0/since_epoch +allow timekeep sysfs_rtc:dir search; +allow timekeep sysfs_rtc:{ file lnk_file } r_file_perms; diff --git a/sepolicy/common/timekeep_app.te b/sepolicy/common/timekeep_app.te new file mode 100644 index 0000000..b660c94 --- /dev/null +++ b/sepolicy/common/timekeep_app.te @@ -0,0 +1,25 @@ +# Policy for the TimeKeep Java app. It listens to a BootReceiver +# or TIME_SET event and calculates the offset between the rtc clock +# in /sys/class/rtc0/since_epoch and the current device time and stores that +# value in /data/vendor/time/ats_2 and as persist.vendor.timeadjust. +type timekeep_app, domain; + +app_domain(timekeep_app) + +# Needed to get access to /data/data/com.sony.timekeep +# Only getattr and search are requested since TimeKeep does not write to its own directory +# /data/data/com.sony.timekeep only has two empty subdirs +dontaudit timekeep_app app_data_file:dir { getattr search }; + +allow timekeep_app activity_service:service_manager find; + +# Read from /data/vendor/time/ats_2 +allow timekeep_app time_data_file:dir create_dir_perms; +allow timekeep_app time_data_file:file create_file_perms; + +# Read /sys/class/rtc/rtc0/since_epoch +allow timekeep_app sysfs_rtc:dir { search }; +allow timekeep_app sysfs_rtc:{ file lnk_file } r_file_perms; + +# Set the persist.vendor.timeadjust property +set_prop(timekeep_app, vendor_timekeep_prop)