[SQUASH] hiphi: recovery/root: Import blobs from stock

* Taken from motorola/hiphi/hiphi:12/S3SHS32.12-42-11-5/bf0951:user/release-keys

Co-authored-by: nebrassy <nebras30@gmail.com>
Co-authored-by: Captain Throwback <captainthrowback@hotmail.com>
Co-authored-by: sekaiacg <sekaiacg@gmail.com>
Co-authored-by: Alex <alexvl1972@hotmail.com>
Co-authored-by: Pranav-Talmale <67180305+Pranav-Talmale@users.noreply.github.com>
Co-authored-by: yarpiin <yarpiin@gmail.com>
Signed-off-by: 7Soldier <reg.fm4@gmail.com>
This commit is contained in:
7Soldier 2022-11-09 16:29:59 +03:00
parent 1cb048e2e8
commit 158fe145ab
72 changed files with 1335 additions and 0 deletions

View file

@ -0,0 +1,61 @@
<!--
Copyright (c) 2017 Qualcomm Technologies, Inc.
All Rights Reserved.
Confidential and Proprietary - Qualcomm Technologies, Inc.
-->
<!--
This file is configured by OEM to customize the path used by GP FS listener
service to save files, and will be located in /vendor/etc on device
"gp_data_path" and "gp_persist_path" are the /data and /persist partition
path to save files, respectively.
By default, "gp_data_path" is "/data/vendor/tzstorage/", and
"gp_persist_path" is "/mnt/vendor/persist/data/".
To replace with different paths, please also create folder in init.qcom.rc
file and update SEAndroid policy.
Take "/data/vendor/tzstorage/" as an example below,
A) rootdir/etc/init.qcom.rc:
# Create /data/vendor/tzstorage directory for SFS listener
mkdir /data/vendor/tzstorage 0770 system system
B) common/file.te:
# SFS listener data file
type data_tzstorage_file, file_type, data_file_type;
C) common/file_contexts:
/data/vendor/tzstorage(/.*)? u:object_r:data_tzstorage_file:s0
D) common/qseecomd.te:
# Allow SFS to write to data partition
allow tee data_tzstorage_file:dir create_dir_perms;
allow tee data_tzstorage_file:file create_file_perms;
"gp_whitelist_count" and "gp_whitelist_path"
Some paths needs "/data/vendor/tzstorage" appended to it at the beginning
as they do not have access/permissions on their own.
Use gp_whitelist_count and gp_whitelist_paths entries to add more such paths.
By default, we add "/data/system/users" and "/data/misc/qsee" for current use
cases.
To add an extra path, increment the count in gp_whitelist_count and add a new
gp_whitelist_path entry. It is very critical that the count matches with the
number of path entries.
-->
<sfs_path>
<gp_data_path> /data/vendor/tzstorage/ </gp_data_path>
<gp_persist_path> /mnt/vendor/persist/data/ </gp_persist_path>
<gp_whitelist_count> 4 </gp_whitelist_count>
<gp_whitelist_path> /data/system/users/ </gp_whitelist_path>
<gp_whitelist_path> /data/misc/qsee/ </gp_whitelist_path>
<gp_whitelist_path> /qwes </gp_whitelist_path>
<gp_whitelist_path> /qwes/licenses </gp_whitelist_path>
</sfs_path>

View file

@ -0,0 +1,13 @@
# Copyright (c) 2021 Qualcomm Technologies, Inc.
# All Rights Reserved.
# Confidential and Proprietary - Qualcomm Technologies, Inc.
on property:hwservicemanager.ready=true && property:vendor.sys.listeners.registered=true
start keymint-qti
service keymint-qti /system/bin/android.hardware.security.keymint-service-qti
user root
group root
setenv LD_LIBRARY_PATH /vendor/lib64:/vendor/lib:/system/lib64:/system/lib:/sbin
disabled
seclabel u:r:recovery:s0

View file

@ -0,0 +1,9 @@
on property:ro.crypto.state=encrypted && property:hwservicemanager.ready=true
start qteeconnector-hal-1-0
service qteeconnector-hal-1-0 /system/bin/vendor.qti.hardware.qteeconnector@1.0-service
user root
group root
setenv LD_LIBRARY_PATH /vendor/lib64:/vendor/lib:/system/lib64:/system/lib:/sbin
disabled
seclabel u:r:recovery:s0

View file

@ -0,0 +1,42 @@
<!-- Copyright (c) 2021 Qualcomm Technologies, Inc.
All Rights Reserved.
Confidential and Proprietary - Qualcomm Technologies, Inc.
Not a Contribution.
This file is copied from
1) https://source.codeaurora.org/quic/la/platform/hardware/interfaces/tree/security/keymint/aidl/default/android.hardware.security.keymint-service.xml?h=aosp-new/simpleperf-release
2) https://source.codeaurora.org/quic/la/platform/hardware/interfaces/tree/security/keymint/aidl/default/android.hardware.security.secureclock-service.xml?h=aosp-new/simpleperf-release
3) https://source.codeaurora.org/quic/la/platform/hardware/interfaces/tree/security/keymint/aidl/default/android.hardware.security.sharedsecret-service.xml?h=aosp-new/simpleperf-release
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.security.keymint</name>
<fqname>IKeyMintDevice/default</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.security.sharedsecret</name>
<fqname>ISharedSecret/default</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.security.secureclock</name>
<fqname>ISecureClock/default</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.security.keymint</name>
<fqname>IRemotelyProvisionedComponent/default</fqname>
</hal>
</manifest>