From 22526128c01f596a118af4b2a3249ab8b961f482 Mon Sep 17 00:00:00 2001 From: Peter Cai Date: Thu, 28 Apr 2022 18:28:32 -0400 Subject: [PATCH] refresh system/core and system/sepolicy patches for Sv2 --- ...riding-system-properties-from-vendor.patch | 8 ++-- ...tart-console-service-when-debuggable.patch | 10 ++--- ...mount-Fix-failure-for-system-as-root.patch | 38 +++++++++++++++++++ .../0001-Protect-real-SPL-property.patch | 27 +++++++++---- 4 files changed, 67 insertions(+), 16 deletions(-) create mode 100644 system/core/0003-remount-Fix-failure-for-system-as-root.patch diff --git a/system/core/0001-Stop-overriding-system-properties-from-vendor.patch b/system/core/0001-Stop-overriding-system-properties-from-vendor.patch index 4f2e4e9..a027fdc 100644 --- a/system/core/0001-Stop-overriding-system-properties-from-vendor.patch +++ b/system/core/0001-Stop-overriding-system-properties-from-vendor.patch @@ -1,7 +1,7 @@ -From 2a6fd2529fa57658fb503f43ffd11bcddd22aacb Mon Sep 17 00:00:00 2001 +From 6e17845221ec781e003432b96c1d08dc582859f3 Mon Sep 17 00:00:00 2001 From: Pierre-Hugues Husson Date: Thu, 7 Oct 2021 15:48:11 -0400 -Subject: [PATCH 1/2] Stop overriding system properties from vendor +Subject: [PATCH 1/3] Stop overriding system properties from vendor This is annoying to disable apexes, or force adb @@ -11,7 +11,7 @@ Change-Id: Ifd0072c631349b23945df4ab401ba26eca07131f 1 file changed, 1 deletion(-) diff --git a/init/property_service.cpp b/init/property_service.cpp -index 4805a7b9f..a2b424386 100644 +index 6711e7d66..6bf0e81bd 100644 --- a/init/property_service.cpp +++ b/init/property_service.cpp @@ -725,7 +725,6 @@ static void LoadProperties(char* data, const char* filter, const char* filename, @@ -23,5 +23,5 @@ index 4805a7b9f..a2b424386 100644 } else { LOG(ERROR) << "Do not have permissions to set '" << key << "' to '" << value -- -2.33.1 +2.36.0 diff --git a/system/core/0002-init-Do-not-start-console-service-when-debuggable.patch b/system/core/0002-init-Do-not-start-console-service-when-debuggable.patch index 83f1687..9b2b99f 100644 --- a/system/core/0002-init-Do-not-start-console-service-when-debuggable.patch +++ b/system/core/0002-init-Do-not-start-console-service-when-debuggable.patch @@ -1,7 +1,7 @@ -From 3dc5868ed984b0ec01e5d3d96ad7a6e6af31f585 Mon Sep 17 00:00:00 2001 +From 40f60ce5f786f8121aebcb8e1521d2edb5bb7f43 Mon Sep 17 00:00:00 2001 From: Isaac Chen Date: Wed, 23 Jun 2021 13:07:30 +0800 -Subject: [PATCH 2/2] init: Do not start console service when debuggable +Subject: [PATCH 2/3] init: Do not start console service when debuggable Google added a check for this in R, when it's running it will show a notification about that performance is impacted. @@ -13,10 +13,10 @@ Change-Id: I34cfd6b42d3b9aee4b3e63181480cfb8b1255f29 1 file changed, 3 deletions(-) diff --git a/rootdir/init.rc b/rootdir/init.rc -index d38eb5d4a..1680aebcc 100644 +index c59cbf0cc..d262be761 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc -@@ -1217,9 +1217,6 @@ on property:ro.debuggable=1 +@@ -1235,9 +1235,6 @@ on property:ro.debuggable=1 # Give reads to anyone for the accessibility trace folder on debug builds. chmod 0775 /data/misc/a11ytrace @@ -27,5 +27,5 @@ index d38eb5d4a..1680aebcc 100644 # TODO(b/135984674): reset all necessary properties here. setprop sys.boot_completed "" -- -2.33.1 +2.36.0 diff --git a/system/core/0003-remount-Fix-failure-for-system-as-root.patch b/system/core/0003-remount-Fix-failure-for-system-as-root.patch new file mode 100644 index 0000000..fec26f9 --- /dev/null +++ b/system/core/0003-remount-Fix-failure-for-system-as-root.patch @@ -0,0 +1,38 @@ +From 74faf05b941682bd1930b92ae879c8baba09d6ac Mon Sep 17 00:00:00 2001 +From: Leo Yan +Date: Fri, 4 Jun 2021 15:19:33 +0100 +Subject: [PATCH 3/3] remount: Fix failure for system-as-root + +Since commit 5ad7b3cbc5c1 ("Try to remount mounted points only"), the +system-as-root cannot be remounted successfully when execute command +"adb remount". This is because the mount point "/system" cannot be +found and directly bails out with failure. + +Add an extra checking for the mount point "/system" for the +system-as-root case, takes it as a found entry; thus the function can +continue to run and fix up to remount root. + +Suggested-by: David Anderson +Signed-off-by: Leo Yan +Change-Id: Ia936c9d97bed951184813a087c70fe591cb33fe0 +--- + fs_mgr/fs_mgr_remount.cpp | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/fs_mgr/fs_mgr_remount.cpp b/fs_mgr/fs_mgr_remount.cpp +index e685070a8..5411acacf 100644 +--- a/fs_mgr/fs_mgr_remount.cpp ++++ b/fs_mgr/fs_mgr_remount.cpp +@@ -420,7 +420,8 @@ static int do_remount(int argc, char* argv[]) { + break; + } + // Find overlayfs mount point? +- if ((mount_point == "/") && (rentry.mount_point == "/system")) { ++ if ((mount_point == "/" && rentry.mount_point == "/system") || ++ (mount_point == "/system" && rentry.mount_point == "/")) { + blk_device = rentry.blk_device; + mount_point = "/system"; + found = true; +-- +2.36.0 + diff --git a/system/sepolicy/0001-Protect-real-SPL-property.patch b/system/sepolicy/0001-Protect-real-SPL-property.patch index a9d533e..3d5b8c7 100644 --- a/system/sepolicy/0001-Protect-real-SPL-property.patch +++ b/system/sepolicy/0001-Protect-real-SPL-property.patch @@ -1,4 +1,4 @@ -From d64b74058176dedbe0c7f209956ecb1a9377f079 Mon Sep 17 00:00:00 2001 +From 2586397a0d9f1d7ade0e9919821a6a194f011475 Mon Sep 17 00:00:00 2001 From: Peter Cai Date: Wed, 20 Oct 2021 16:01:00 -0400 Subject: [PATCH] Protect real SPL property @@ -6,14 +6,27 @@ Subject: [PATCH] Protect real SPL property Label it with the same SELinux context as the original SPL property. --- prebuilts/api/31.0/private/property_contexts | 1 + + prebuilts/api/32.0/private/property_contexts | 1 + private/property_contexts | 1 + - 2 files changed, 2 insertions(+) + 3 files changed, 3 insertions(+) diff --git a/prebuilts/api/31.0/private/property_contexts b/prebuilts/api/31.0/private/property_contexts -index 8ac1e7005..b8be6dbf2 100644 +index 192e55e56..f7aba0c96 100644 --- a/prebuilts/api/31.0/private/property_contexts +++ b/prebuilts/api/31.0/private/property_contexts -@@ -710,6 +710,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string +@@ -711,6 +711,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string + ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string + ro.build.version.sdk u:object_r:build_prop:s0 exact int + ro.build.version.security_patch u:object_r:build_prop:s0 exact string ++ro.build.version.real_security_patch u:object_r:build_prop:s0 exact string + + ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool + +diff --git a/prebuilts/api/32.0/private/property_contexts b/prebuilts/api/32.0/private/property_contexts +index 1c7151837..709328436 100644 +--- a/prebuilts/api/32.0/private/property_contexts ++++ b/prebuilts/api/32.0/private/property_contexts +@@ -716,6 +716,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string ro.build.version.sdk u:object_r:build_prop:s0 exact int ro.build.version.security_patch u:object_r:build_prop:s0 exact string @@ -22,10 +35,10 @@ index 8ac1e7005..b8be6dbf2 100644 ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool diff --git a/private/property_contexts b/private/property_contexts -index 8ac1e7005..b8be6dbf2 100644 +index 1c7151837..709328436 100644 --- a/private/property_contexts +++ b/private/property_contexts -@@ -710,6 +710,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string +@@ -716,6 +716,7 @@ ro.build.version.release u:object_r:build_prop:s0 exact string ro.build.version.release_or_codename u:object_r:build_prop:s0 exact string ro.build.version.sdk u:object_r:build_prop:s0 exact int ro.build.version.security_patch u:object_r:build_prop:s0 exact string @@ -34,5 +47,5 @@ index 8ac1e7005..b8be6dbf2 100644 ro.actionable_compatible_property.enabled u:object_r:build_prop:s0 exact bool -- -2.33.1 +2.36.0