开发平台基本信息
芯片: 高通MSM8953_64
版本: Android 10
kernel: msm-4.19
问题描述
由于高版本的Android系统,对权限的限制越来越严格,所以在Android10上新增分区还需要添加对应的selinux权限,除此之外,挂载分区的位置也跟7.1有点差别,其他的修改内容基本与7.1的一致,可参考[高通MSM8909][Android7.1]新增并挂载custom分区
解决方法
1.挂载分区
diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti
old mode 100644
new mode 100755
index 0847624..88bca8a
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_dynamic_partition_variant.qti
@@ -47,4 +47,5 @@ vendor /vendor ext4 ro,barrier
/dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait,slotselect
/dev/block/bootdevice/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait,slotselect
/dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,barrier=1 wait
+/dev/block/bootdevice/by-name/custom /custom ext4 nosuid,nodev wait
diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti
old mode 100644
new mode 100755
index 7af7e2e..11eac65
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_AB_variant.qti
@@ -44,3 +44,4 @@
/dev/block/bootdevice/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait,slotselect
/dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait,slotselect
/dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,barrier=1 wait
+/dev/block/bootdevice/by-name/custom /custom ext4 nosuid,nodev wait
diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti
old mode 100644
new mode 100755
index 0800f6d..5f9ce9c
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_dynamic_partition_variant.qti
@@ -48,4 +48,5 @@ vendor /vendor ext4 ro,barrier
/dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait
/dev/block/bootdevice/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait
/dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,barrier=1 wait
+/dev/block/bootdevice/by-name/custom /custom ext4 nosuid,nodev wait
diff --git a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti
index d89c30a..fc2e1ca 100755
--- a/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti
+++ b/device/qcom/msm8953_64/fstabs-4.9/fstab_non_AB_variant.qti
@@ -45,3 +45,4 @@
/dev/block/bootdevice/by-name/modem /vendor/firmware_mnt vfat ro,shortname=lower,uid=1000,gid=1000,dmask=227,fmask=337,context=u:object_r:firmware_file:s0 wait
/dev/block/bootdevice/by-name/dsp /vendor/dsp ext4 ro,nosuid,nodev,barrier=1 wait
/dev/block/bootdevice/by-name/persist /mnt/vendor/persist ext4 noatime,nosuid,nodev,barrier=1 wait
+/dev/block/bootdevice/by-name/custom /custom ext4 nosuid,nodev wait
2.添加selinux权限
diff --git a/device/qcom/sepolicy/private/adbd.te b/device/qcom/sepolicy/private/adbd.te
new file mode 100755
index 0000000..9e7927f
--- /dev/null
+++ b/device/qcom/sepolicy/private/adbd.te
@@ -0,0 +1,29 @@
+# Copyright (c) 2019, The Linux Foundation. All rights reserved.
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are
+# met:
+# * Redistributions of source code must retain the above copyright
+# notice, this list of conditions and the following disclaimer.
+# * Redistributions in binary form must reproduce the above
+# copyright notice, this list of conditions and the following
+# disclaimer in the documentation and/or other materials provided
+# with the distribution.
+# * Neither the name of The Linux Foundation nor the names of its
+# contributors may be used to endorse or promote products derived
+# from this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED "AS IS" AND ANY EXPRESS OR IMPLIED
+# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NON-INFRINGEMENT
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
+# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE
+# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN
+# IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+allow adbd privdata_data_file:dir { search open read write add_name create getattr setattr };
+allow adbd privdata_data_file:file { open read create write getattr setattr};
\ No newline at end of file
diff --git a/device/qcom/sepolicy/private/device.te b/device/qcom/sepolicy/private/device.te
old mode 100644
new mode 100755
index 3c4efad..7504ae1
--- a/device/qcom/sepolicy/private/device.te
+++ b/device/qcom/sepolicy/private/device.te
@@ -31,3 +31,4 @@ type seemplog_device, dev_type;
#Define smd7 device
type smd7_device, dev_type;
+type privdata_block_device,dev_type;
\ No newline at end of file
diff --git a/device/qcom/sepolicy/private/file.te b/device/qcom/sepolicy/private/file.te
old mode 100644
new mode 100755
index 9ea7e86..19c98fe
--- a/device/qcom/sepolicy/private/file.te
+++ b/device/qcom/sepolicy/private/file.te
@@ -35,4 +35,5 @@ type qvrd_data_file, file_type, data_file_type, core_data_file_type;
type qvrd_socket, file_type, mlstrustedobject, coredomain_socket;
type qvrd_hvx_socket, file_type, coredomain_socket;
type mirrorlink_data_file, file_type, data_file_type, core_data_file_type;
-type mirrorlink_socket, file_type, coredomain_socket;
\ No newline at end of file
+type mirrorlink_socket, file_type, coredomain_socket;
+type privdata_data_file, file_type;
\ No newline at end of file
diff --git a/device/qcom/sepolicy/private/file_contexts b/device/qcom/sepolicy/private/file_contexts
index 316c540..e14fc17 100755
--- a/device/qcom/sepolicy/private/file_contexts
+++ b/device/qcom/sepolicy/private/file_contexts
@@ -62,3 +62,6 @@
/data/dpm(/.*)? u:object_r:dpmd_data_file:s0
/data/misc/qvr(/.*)? u:object_r:qvrd_data_file:s0
/data/misc/mirrorlinkserver(/.*)? u:object_r:mirrorlink_data_file:s0
+
+/dev/block/bootdevice/by-name/privdata u:object_r:privdata_block_device:s0
+/privdata(/.*)? u:object_r:privdata_data_file:s0
diff --git a/device/qcom/sepolicy/private/init.te b/device/qcom/sepolicy/private/init.te
new file mode 100755
index 0000000..272a0ab
--- /dev/null
+++ b/device/qcom/sepolicy/private/init.te
@@ -0,0 +1,3 @@
+allow init privdata_block_device:blk_file rw_file_perms;^M
+allow init privdata_block_device:blk_file relabelto;^M
+allow init privdata_data_file:dir mounton;^M
diff --git a/device/qcom/sepolicy/private/shell.te b/device/qcom/sepolicy/private/shell.te
new file mode 100755
index 0000000..d6fe45b
--- /dev/null
+++ b/device/qcom/sepolicy/private/shell.te
@@ -0,0 +1,2 @@
+allow shell privdata_data_file:dir { search open read write add_name create getattr setattr };^M
+allow shell privdata_data_file:file { open read create write getattr setattr};
1587
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
