[高通MSM8953_64][Android10]新增并挂载custom分区

开发平台基本信息

芯片: 高通MSM8953_64
版本: Android 10
kernel: msm-4.19

问题描述

由于高版本的Android系统,对权限的限制越来越严格,所以在Android10上新增分区还需要添加对应的selinux权限,除此之外,挂载分区的位置也跟7.1有点差别,其他的修改内容基本与7.1的一致,可参考[高通MSM8909][Android7.1]新增并挂载custom分区

解决方法

1.挂载分区

diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti
old mode 100644
new mode 100755
index 0847624..88bca8a
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti
@@ -47,4 +47,5 @@ vendor                                       /vendor          ext4    ro,barrier
 /dev/block/bootdevice/by-name/dsp            /vendor/dsp        ext4    ro,nosuid,nodev,barrier=1                   wait,slotselect
 /dev/block/bootdevice/by-name/modem          /vendor/firmware_mnt vfat    ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait,slotselect
 /dev/block/bootdevice/by-name/persist        /mnt/vendor/persist   ext4   noatime,nosuid,nodev,barrier=1                   wait
+/dev/block/bootdevice/by-name/custom       /custom    ext4    nosuid,nodev  wait
 
diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti
old mode 100644
new mode 100755
index 7af7e2e..11eac65
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti
@@ -44,3 +44,4 @@
 /dev/block/bootdevice/by-name/modem         /vendor/firmware_mnt    vfat    ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait,slotselect
 /dev/block/bootdevice/by-name/dsp           /vendor/dsp         ext4    ro,nosuid,nodev,barrier=1                   wait,slotselect
 /dev/block/bootdevice/by-name/persist       /mnt/vendor/persist ext4   noatime,nosuid,nodev,barrier=1                   wait
+/dev/block/bootdevice/by-name/custom       /custom    ext4    nosuid,nodev  wait
diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti
old mode 100644
new mode 100755
index 0800f6d..5f9ce9c
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti
@@ -48,4 +48,5 @@ vendor                                       /vendor          ext4    ro,barrier
 /dev/block/bootdevice/by-name/dsp            /vendor/dsp               ext4    ro,nosuid,nodev,barrier=1                   wait
 /dev/block/bootdevice/by-name/modem          /vendor/firmware_mnt   vfat    ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait
 /dev/block/bootdevice/by-name/persist        /mnt/vendor/persist   ext4   noatime,nosuid,nodev,barrier=1                   wait
+/dev/block/bootdevice/by-name/custom       /custom    ext4    nosuid,nodev  wait
 
diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti
index d89c30a..fc2e1ca 100755
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti
@@ -45,3 +45,4 @@
 /dev/block/bootdevice/by-name/modem         /vendor/firmware_mnt    vfat    ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait
 /dev/block/bootdevice/by-name/dsp           /vendor/dsp         ext4    ro,nosuid,nodev,barrier=1                   wait
 /dev/block/bootdevice/by-name/persist       /mnt/vendor/persist ext4   noatime,nosuid,nodev,barrier=1               wait
+/dev/block/bootdevice/by-name/custom       /custom    ext4    nosuid,nodev  wait

2.添加selinux权限


diff --git a/device/qcom/sepolicy/private/adbd.te b/device/qcom/sepolicy/private/adbd.te
new file mode 100755
index 0000000..9e7927f
--- /dev/null
+++ b/device/qcom/sepolicy/private/adbd.te
@@ -0,0 +1,29 @@
+# Copyright (c) 2019, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+#     * Redistributions of source code must retain the above copyright
+#       notice, this list of conditions and the following disclaimer.
+#     * Redistributions in binary form must reproduce the above
+#       copyright notice, this list of conditions and the following
+#       disclaimer in the documentation and/or other materials provided
+#       with the distribution.
+#     * Neither the name of The Linux Foundation nor the names of its
+#       contributors may be used to endorse or promote products derived
+#       from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+allow adbd privdata_data_file:dir { search open read write add_name create getattr setattr };
+allow adbd privdata_data_file:file { open read create write getattr setattr};
\ No newline at end of file
diff --git a/device/qcom/sepolicy/private/device.te b/device/qcom/sepolicy/private/device.te
old mode 100644
new mode 100755
index 3c4efad..7504ae1
--- a/device/qcom/sepolicy/private/device.te
+++ b/device/qcom/sepolicy/private/device.te
@@ -31,3 +31,4 @@ type seemplog_device, dev_type;
 
 #Define smd7 device
 type smd7_device, dev_type;
+type privdata_block_device,dev_type;
\ No newline at end of file
diff --git a/device/qcom/sepolicy/private/file.te b/device/qcom/sepolicy/private/file.te
old mode 100644
new mode 100755
index 9ea7e86..19c98fe
--- a/device/qcom/sepolicy/private/file.te
+++ b/device/qcom/sepolicy/private/file.te
@@ -35,4 +35,5 @@ type qvrd_data_file, file_type, data_file_type, core_data_file_type;
 type qvrd_socket, file_type, mlstrustedobject, coredomain_socket;
 type qvrd_hvx_socket, file_type, coredomain_socket;
 type mirrorlink_data_file, file_type, data_file_type, core_data_file_type;
-type mirrorlink_socket, file_type, coredomain_socket;
\ No newline at end of file
+type mirrorlink_socket, file_type, coredomain_socket;
+type privdata_data_file, file_type;
\ No newline at end of file
diff --git a/device/qcom/sepolicy/private/file_contexts b/device/qcom/sepolicy/private/file_contexts
index 316c540..e14fc17 100755
--- a/device/qcom/sepolicy/private/file_contexts
+++ b/device/qcom/sepolicy/private/file_contexts
@@ -62,3 +62,6 @@
 /data/dpm(/.*)?                                 u:object_r:dpmd_data_file:s0
 /data/misc/qvr(/.*)?                            u:object_r:qvrd_data_file:s0
 /data/misc/mirrorlinkserver(/.*)?               u:object_r:mirrorlink_data_file:s0
+
+/dev/block/bootdevice/by-name/privdata          u:object_r:privdata_block_device:s0
+/privdata(/.*)?                                 u:object_r:privdata_data_file:s0
diff --git a/device/qcom/sepolicy/private/init.te b/device/qcom/sepolicy/private/init.te
new file mode 100755
index 0000000..272a0ab
--- /dev/null
+++ b/device/qcom/sepolicy/private/init.te
@@ -0,0 +1,3 @@
+allow init privdata_block_device:blk_file rw_file_perms;^M
+allow init privdata_block_device:blk_file relabelto;^M
+allow init privdata_data_file:dir mounton;^M
diff --git a/device/qcom/sepolicy/private/shell.te b/device/qcom/sepolicy/private/shell.te
new file mode 100755
index 0000000..d6fe45b
--- /dev/null
+++ b/device/qcom/sepolicy/private/shell.te
@@ -0,0 +1,2 @@
+allow shell privdata_data_file:dir { search open read write add_name create getattr setattr };^M
+allow shell privdata_data_file:file { open read create write getattr setattr};

  • 0
    点赞
  • 4
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值