diff --git a/bionic/0001-hybris-Add-support-for-get-and-list-of-properties.patch b/bionic/0001-hybris-Add-support-for-get-and-list-of-properties.patch index 217ab73..0e2c68b 100644 --- a/bionic/0001-hybris-Add-support-for-get-and-list-of-properties.patch +++ b/bionic/0001-hybris-Add-support-for-get-and-list-of-properties.patch @@ -6,22 +6,22 @@ Subject: [PATCH 1/9] (hybris) Add support for get and list of properties. Change-Id: I089a2a146c06d8ad0c234f0a9a4b5aa07beaeed5 --- - libc/include/sys/_system_properties.h | 2 ++ + libc/include/sys/system_properties.h | 2 ++ 1 file changed, 2 insertions(+) -diff --git a/libc/include/sys/_system_properties.h b/libc/include/sys/_system_properties.h -index 078e857..95fa58f 100644 ---- a/libc/include/sys/_system_properties.h -+++ b/libc/include/sys/_system_properties.h -@@ -45,6 +45,8 @@ __BEGIN_DECLS - #define PROP_DIRNAME "/dev/__properties__" +diff --git a/libc/include/sys/system_properties.h b/libc/include/sys/system_properties.h +index 1303079..7bbcf0b 100644 +--- a/libc/include/sys/system_properties.h ++++ b/libc/include/sys/system_properties.h +@@ -185,6 +185,8 @@ int __system_properties_init(void); + // Messages sent to init. #define PROP_MSG_SETPROP 1 +#define PROP_MSG_GETPROP 2 +#define PROP_MSG_LISTPROP 3 #define PROP_MSG_SETPROP2 0x00020001 - #define PROP_SUCCESS 0 + // Status codes returned by init (but not passed from libc to the caller). -- 2.45.2 diff --git a/bionic/0002-hybris-disable-tls-usage-in-locale.cpp-to-avoid-prob.patch b/bionic/0002-hybris-disable-tls-usage-in-locale.cpp-to-avoid-prob.patch index f4d5946..c2a4f5a 100644 --- a/bionic/0002-hybris-disable-tls-usage-in-locale.cpp-to-avoid-prob.patch +++ b/bionic/0002-hybris-disable-tls-usage-in-locale.cpp-to-avoid-prob.patch @@ -11,25 +11,20 @@ Signed-off-by: Simonas Leleiva 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/libc/bionic/locale.cpp b/libc/bionic/locale.cpp -index 2f4d206..feb4e45 100644 +index a1d6909..49d3e95 100644 --- a/libc/bionic/locale.cpp +++ b/libc/bionic/locale.cpp -@@ -37,11 +37,11 @@ +@@ -167,7 +167,9 @@ char* setlocale(int category, const char* locale_name) { + } - #include "platform/bionic/macros.h" + static locale_t* get_current_locale_ptr() { +- return &__get_bionic_tls().locale; ++ //return &__get_bionic_tls().locale; ++ static thread_local locale_t g_current_locale; ++ return &g_current_locale; + } --#if defined(__BIONIC_BUILD_FOR_ANDROID_SUPPORT) -+//#if defined(__BIONIC_BUILD_FOR_ANDROID_SUPPORT) - #define USE_TLS_SLOT 0 --#else --#define USE_TLS_SLOT 1 --#endif -+//#else -+//#define USE_TLS_SLOT 1 -+//#endif - - #if USE_TLS_SLOT - #include "bionic/pthread_internal.h" + locale_t uselocale(locale_t new_locale) { -- 2.45.2 diff --git a/bionic/0004-hybris-Fix-__get_tls-and-related-functions-Android-1.patch b/bionic/0004-hybris-Fix-__get_tls-and-related-functions-Android-1.patch index c412feb..0e69ecf 100644 --- a/bionic/0004-hybris-Fix-__get_tls-and-related-functions-Android-1.patch +++ b/bionic/0004-hybris-Fix-__get_tls-and-related-functions-Android-1.patch @@ -20,17 +20,17 @@ Change-Id: I24486873be638a1a8cd123705ba2e51ec7414b94 create mode 100644 libc/platform/bionic/tls_internal.h diff --git a/libc/Android.bp b/libc/Android.bp -index fd14aea..990c8bc 100644 +index 74e29aa..eff1734 100644 --- a/libc/Android.bp +++ b/libc/Android.bp -@@ -1038,6 +1038,7 @@ cc_library_static { +@@ -1064,6 +1064,7 @@ cc_library_static { "stdio/stdio_ext.cpp", "stdio/vfscanf.cpp", "stdio/vfwscanf.cpp", + "hybris_support.c", + ], - // TODO: why isn't this in a static-libc-only module? - // This contains a weak stub implementation of __find_icu_symbol for wctype.cpp, + arch: { diff --git a/libc/bionic/ndk_cruft.cpp b/libc/bionic/ndk_cruft.cpp index b15a317..824982a 100644 --- a/libc/bionic/ndk_cruft.cpp @@ -71,11 +71,11 @@ index b15a317..824982a 100644 +} // extern "C" \ No newline at end of file diff --git a/libc/bionic/pthread_internal.h b/libc/bionic/pthread_internal.h -index 091f711..90b43ea 100644 +index cbaa9a6..6c6f6a4 100644 --- a/libc/bionic/pthread_internal.h +++ b/libc/bionic/pthread_internal.h -@@ -211,16 +211,16 @@ __LIBC_HIDDEN__ void __pthread_internal_remove_and_free(pthread_internal_t* thre - __LIBC_HIDDEN__ void __find_main_stack_limits(uintptr_t* low, uintptr_t* high); +@@ -219,16 +219,16 @@ __LIBC_HIDDEN__ void* __allocate_stack_mte_ringbuffer(size_t n, pthread_internal + #endif static inline __always_inline bionic_tcb* __get_bionic_tcb() { - return reinterpret_cast(&__get_tls()[MIN_TLS_SLOT]); @@ -114,7 +114,7 @@ index 2c8ec07..73dc54c 100644 __fwritable; # introduced=23 + __get_tls_hooks; # arm arm64 x86 introduced=21 __get_h_errno; - __getcpu; # arm x86 introduced-arm=12 introduced-x86=12 + __getcpu; # arm x86 __getcwd; # arm x86 diff --git a/libc/platform/bionic/tls.h b/libc/platform/bionic/tls.h index e01eccd..7bb292a 100644 diff --git a/frameworks/av/0004-halium-get-rid-of-using-AudioFlinger-for-recording.patch b/frameworks/av/0004-halium-get-rid-of-using-AudioFlinger-for-recording.patch index 1238ef2..985a9a4 100644 --- a/frameworks/av/0004-halium-get-rid-of-using-AudioFlinger-for-recording.patch +++ b/frameworks/av/0004-halium-get-rid-of-using-AudioFlinger-for-recording.patch @@ -80,22 +80,22 @@ index a1e1702..44817b5 100644 int32_t getState() const { return mCblk->mState; } uint32_t getBufferSizeInFrames() const { return mBufferSizeInFrames; } diff --git a/media/libaudioclient/Android.bp b/media/libaudioclient/Android.bp -index 90910a1..5ade32f 100644 +index 5785537..7d9eeb4 100644 --- a/media/libaudioclient/Android.bp +++ b/media/libaudioclient/Android.bp -@@ -75,6 +75,9 @@ cc_library { +@@ -76,6 +76,9 @@ cc_library { cflags: [ - "-Werror", "-Wall", + "-Werror", + "-Wno-error=unused-variable", + "-Wno-error=unused-parameter", + "-Wno-error=unused-private-field", ], include_dirs: ["system/media/audio_utils/include"], export_include_dirs: ["include"], -@@ -117,6 +120,9 @@ cc_library { - "PlayerBase.cpp", +@@ -118,6 +121,9 @@ cc_library { "RecordingActivityTracker.cpp", + "ToneGenerator.cpp", "TrackPlayerBase.cpp", + "record_thread.cpp", + "record_track.cpp", @@ -103,7 +103,7 @@ index 90910a1..5ade32f 100644 ], defaults: [ "latest_android_media_audio_common_types_cpp_shared", -@@ -144,6 +150,7 @@ cc_library { +@@ -146,6 +152,7 @@ cc_library { "libmediametrics", "libmediautils", "libnblog", @@ -111,7 +111,7 @@ index 90910a1..5ade32f 100644 "libprocessgroup", "libshmemcompat", "libutils", -@@ -161,6 +168,8 @@ cc_library { +@@ -163,6 +170,8 @@ cc_library { include_dirs: [ "frameworks/av/media/libnbaio/include_mono/", @@ -119,9 +119,9 @@ index 90910a1..5ade32f 100644 + "vendor/halium/libhybris/compat/media", ], local_include_dirs: [ - "include/media", + "aidl", diff --git a/media/libaudioclient/AudioRecord.cpp b/media/libaudioclient/AudioRecord.cpp -index 91bc700..7ced30a 100644 +index 9a4b45d..8d0fb43 100644 --- a/media/libaudioclient/AudioRecord.cpp +++ b/media/libaudioclient/AudioRecord.cpp @@ -16,7 +16,7 @@ @@ -141,7 +141,7 @@ index 91bc700..7ced30a 100644 #define WAIT_PERIOD_MS 10 -@@ -776,7 +777,6 @@ const char * AudioRecord::convertTransferToText(transfer_type transferType) { +@@ -825,7 +826,6 @@ const char * AudioRecord::convertTransferToText(transfer_type transferType) { status_t AudioRecord::createRecord_l(const Modulo &epoch) { const int64_t beginNs = systemTime(); @@ -149,14 +149,13 @@ index 91bc700..7ced30a 100644 IAudioFlinger::CreateRecordInput input; IAudioFlinger::CreateRecordOutput output; [[maybe_unused]] audio_session_t originalSessionId; -@@ -787,10 +787,11 @@ status_t AudioRecord::createRecord_l(const Modulo &epoch) +@@ -835,9 +835,11 @@ status_t AudioRecord::createRecord_l(const Modulo &epoch) + static const int32_t kMaxCreateAttempts = 3; int32_t remainingAttempts = kMaxCreateAttempts; - std::string errorMessage; - if (audioFlinger == 0) { -- errorMessage = StringPrintf("%s(%d): Could not get audioflinger", __func__, mPortId); -- status = NO_INIT; -- goto exit; +- return logIfErrorAndReturnStatus( +- NO_INIT, StringPrintf("%s(%d): Could not get audioflinger", __func__, mPortId), ""); + // Get an instance of the CameraRecordInstance over Binder + const sp& recordService = AudioSystem::get_camera_record_service(); + if (recordService == 0) { @@ -165,22 +164,47 @@ index 91bc700..7ced30a 100644 } // mFlags (not mOrigFlags) is modified depending on whether fast request is accepted. -@@ -846,26 +847,25 @@ status_t AudioRecord::createRecord_l(const Modulo &epoch) +@@ -893,44 +895,25 @@ status_t AudioRecord::createRecord_l(const Modulo &epoch) originalSessionId = mSessionId; input.maxSharedAudioHistoryMs = mMaxSharedAudioHistoryMs; - do { - media::CreateRecordResponse response; -- status = audioFlinger->createRecord(VALUE_OR_FATAL(input.toAidl()), response); -- output = VALUE_OR_FATAL(IAudioFlinger::CreateRecordOutput::fromAidl(response)); +- auto aidlInput = input.toAidl(); +- if (!aidlInput.ok()) { +- return logIfErrorAndReturnStatus( +- BAD_VALUE, +- StringPrintf("%s(%d): Could not create record due to invalid input", __func__, +- mPortId), +- ""); +- } +- status = audioFlinger->createRecord(aidlInput.value(), response); ++ // Initialize the input reader RecordThread: ++ status = recordService->initRecord(input.config.sample_rate, input.config.format, ++ input.config.channel_mask); ++ if (status != NO_ERROR) { ++ ALOGE("Failed to initialize RecordThread: %s", strerror(status)); ++ return status; ++ } + +- auto recordOutput = IAudioFlinger::CreateRecordOutput::fromAidl(response); +- if (!recordOutput.ok()) { +- return logIfErrorAndReturnStatus( +- BAD_VALUE, +- StringPrintf("%s(%d): Could not create record output due to invalid response", +- __func__, mPortId), +- ""); +- } +- output = recordOutput.value(); - if (status == NO_ERROR) { - break; - } - if (status != FAILED_TRANSACTION || --remainingAttempts <= 0) { -- errorMessage = StringPrintf( -- "%s(%d): AudioFlinger could not create record track, status: %d", -- __func__, mPortId, status); -- goto exit; +- return logIfErrorAndReturnStatus( +- status, +- StringPrintf("%s(%d): AudioFlinger could not create record track, status: %d", +- __func__, mPortId, status), +- ""); - } - // FAILED_TRANSACTION happens under very specific conditions causing a state mismatch - // between audio policy manager and audio flinger during the input stream open sequence @@ -189,14 +213,6 @@ index 91bc700..7ced30a 100644 - // to reduce the probability of concurrent retries in locked steps. - usleep((20 + rand() % 30) * 10000); - } while (1); -+ // Initialize the input reader RecordThread: -+ status = recordService->initRecord(input.config.sample_rate, input.config.format, -+ input.config.channel_mask); -+ if (status != NO_ERROR) { -+ ALOGE("Failed to initialize RecordThread: %s", strerror(status)); -+ return status; -+ } -+ + output.audioRecord = recordService->openRecord(input.config.sample_rate, input.config.format, + input.config.channel_mask, + input.frameCount, @@ -206,20 +222,21 @@ index 91bc700..7ced30a 100644 + + if (output.audioRecord == 0 || status != NO_ERROR) { + ALOGE("CameraRecordService could not create record track, status: %d", status); -+ goto exit; ++ return status; + } ALOG_ASSERT(output.audioRecord != 0); diff --git a/media/libaudioclient/AudioSystem.cpp b/media/libaudioclient/AudioSystem.cpp -index d1b1849..aa2ea71 100644 +index 1430913..c200dc7 100644 --- a/media/libaudioclient/AudioSystem.cpp +++ b/media/libaudioclient/AudioSystem.cpp -@@ -26,14 +26,17 @@ +@@ -26,17 +26,20 @@ #include #include #include +#include + #include #include #include #include @@ -227,22 +244,24 @@ index d1b1849..aa2ea71 100644 #include +#include #include + #include #include + #include +#include "cutils/atomic.h" #include #include #include -@@ -77,6 +80,7 @@ std::set AudioSystem::gAudioErrorCallbacks; +@@ -80,6 +83,7 @@ std::set AudioSystem::gAudioErrorCallbacks; std::mutex AudioSystem::gSoundTriggerMutex; sp AudioSystem::gSoundTriggerCaptureStateListener; +sp AudioSystem::gCameraRecord; - // Sets the Binder for the AudioFlinger service, passed to this client process - // from the system server. -@@ -224,6 +228,26 @@ sp AudioSystem::get_audio_flinger() { - return gAudioFlingerServiceHandler.getService(); + // ---------------------------- + +@@ -312,6 +316,26 @@ sp AudioSystem::getAudioFlingerClient() { + return AudioFlingerServiceTraits::getClient(); } +const sp& AudioSystem::get_camera_record_service() @@ -265,19 +284,19 @@ index d1b1849..aa2ea71 100644 + return gCameraRecord; +} + - sp AudioSystem::get_audio_flinger_for_fuzzer() { - return gAudioFlingerServiceHandler.getService(false /* canStartThreadPool */); + void AudioSystem::setAudioFlingerBinder(const sp& audioFlinger) { + AudioFlingerServiceTraits::setBinder(audioFlinger); } -@@ -264,7 +288,7 @@ sp AudioSystem::getIoDescriptor(audio_io_handle_t ioHandle) { +@@ -337,7 +361,7 @@ sp AudioSystem::getIoDescriptor(audio_io_handle_t ioHandle) { // FIXME Declare in binder opcode order, similarly to IAudioFlinger.h and IAudioFlinger.cpp status_t AudioSystem::muteMicrophone(bool state) { - const sp af = get_audio_flinger(); + const sp af = nullptr; /*get_audio_flinger();*/ - if (af == 0) return PERMISSION_DENIED; + if (af == nullptr) return AudioFlingerServiceTraits::getError(); return af->setMicMute(state); } -@@ -522,13 +546,71 @@ status_t AudioSystem::getLatency(audio_io_handle_t output, +@@ -591,13 +615,71 @@ status_t AudioSystem::getLatency(audio_io_handle_t output, return NO_ERROR; } @@ -351,7 +370,7 @@ index d1b1849..aa2ea71 100644 } status_t AudioSystem::setVoiceVolume(float value) { -@@ -555,11 +637,17 @@ uint32_t AudioSystem::getInputFramesLost(audio_io_handle_t ioHandle) { +@@ -624,11 +706,17 @@ uint32_t AudioSystem::getInputFramesLost(audio_io_handle_t ioHandle) { return result; } @@ -361,7 +380,7 @@ index d1b1849..aa2ea71 100644 // Must not use AF as IDs will re-roll on audioserver restart, b/130369529. + /* const sp af = get_audio_flinger(); - if (af == 0) return AUDIO_UNIQUE_ID_ALLOCATE; + if (af == nullptr) return AUDIO_UNIQUE_ID_ALLOCATE; return af->newAudioUniqueId(use); + */ + (void) use; @@ -696,7 +715,7 @@ index 0000000..10fbb62 + +} // namespace android diff --git a/media/libaudioclient/include/media/AudioSystem.h b/media/libaudioclient/include/media/AudioSystem.h -index 338534d..5b0e454 100644 +index 9cfd540..c863c8a 100644 --- a/media/libaudioclient/include/media/AudioSystem.h +++ b/media/libaudioclient/include/media/AudioSystem.h @@ -89,6 +89,7 @@ typedef void (*vol_range_init_req_callback)(); @@ -707,17 +726,17 @@ index 338534d..5b0e454 100644 class String8; namespace media { -@@ -189,6 +190,9 @@ public: +@@ -188,6 +189,9 @@ public: + // helper function to obtain AudioFlinger service handle static sp get_audio_flinger(); - static sp get_audio_flinger_for_fuzzer(); + // helper function to obtain CameraRecordService service handle + static const sp& get_camera_record_service(); + - static float linearToLog(int volume); - static int logToLinear(float volume); - static size_t calculateMinFrameCount( -@@ -922,6 +926,11 @@ public: + // function to disable creation of thread pool (Used for testing). + // This should be called before get_audio_flinger() or get_audio_policy_service(). + static void disableThreadPool(); +@@ -929,6 +933,11 @@ public: [[clang::no_destroy]] static std::mutex gSoundTriggerMutex; [[clang::no_destroy]] static sp gSoundTriggerCaptureStateListener GUARDED_BY(gSoundTriggerMutex); diff --git a/frameworks/av/0005-halium-Enable-video-and-audio-recording-from-camera.patch b/frameworks/av/0005-halium-Enable-video-and-audio-recording-from-camera.patch index 4c3cab3..c889b4d 100644 --- a/frameworks/av/0005-halium-Enable-video-and-audio-recording-from-camera.patch +++ b/frameworks/av/0005-halium-Enable-video-and-audio-recording-from-camera.patch @@ -54,7 +54,7 @@ index 7ced30a..a5bcabf 100644 - if (output.audioRecord == 0 || status != NO_ERROR) { + if (recording.ar == 0 || status != NO_ERROR) { ALOGE("CameraRecordService could not create record track, status: %d", status); - goto exit; + return status; } + output.audioRecord = recording.ar; + output.cblk = recording.cblk; diff --git a/frameworks/av/0007-Adjust-permissions-of-socket.-Provides-a-connection-.patch b/frameworks/av/0007-Adjust-permissions-of-socket.-Provides-a-connection-.patch index f98ae69..8c061c7 100644 --- a/frameworks/av/0007-Adjust-permissions-of-socket.-Provides-a-connection-.patch +++ b/frameworks/av/0007-Adjust-permissions-of-socket.-Provides-a-connection-.patch @@ -18,10 +18,10 @@ Signed-off-by: Thomas Voß 1 file changed, 203 insertions(+) diff --git a/services/camera/libcameraservice/CameraService.cpp b/services/camera/libcameraservice/CameraService.cpp -index 1dca676..993cd28 100644 +index fdb5b7d..d96fdef 100644 --- a/services/camera/libcameraservice/CameraService.cpp +++ b/services/camera/libcameraservice/CameraService.cpp -@@ -63,7 +63,9 @@ +@@ -64,7 +64,9 @@ #include #include #include @@ -31,9 +31,9 @@ index 1dca676..993cd28 100644 #include #include #include -@@ -94,6 +96,202 @@ namespace { - const char* kProcessInfoServiceName = "processinfo"; - }; // namespace anonymous +@@ -121,6 +123,202 @@ namespace { + } + } // namespace anonymous +#include + @@ -91,7 +91,7 @@ index 1dca676..993cd28 100644 + + // And bind to the endpoint in the filesystem. + static const int bindErrorCode = -1; -+ int rc = ::bind(socketFd, reinterpret_cast(&address), sizeof(sockaddr_un)); ++ int rc = ::bind(socketFd, reinterpret_cast(&address), sizeof(sockaddr_un)); + + if (rc == bindErrorCode) + { @@ -234,18 +234,19 @@ index 1dca676..993cd28 100644 namespace android { using namespace camera3; -@@ -1806,6 +2004,11 @@ Status CameraService::validateClientPermissionsLocked(const std::string& cameraI - // Check if we can trust clientUid - if (clientUid == USE_CALLING_UID) { - clientUid = callingUid; -+ // We try to reach out to a remote trust store instance to -+ // verify that the app with uid and pid is allowed to access the -+ // camera. -+ if (!trust_agent_registry->verifyConnectRequestFor(clientUid, callingPid)) -+ return PERMISSION_DENIED; - } else if (!isTrustedCallingUid(callingUid)) { - ALOGE("CameraService::connect X (calling PID %d, calling UID %d) rejected " - "(don't trust clientUid %d)", callingPid, callingUid, clientUid); +@@ -1762,6 +1960,12 @@ Status CameraService::validateClientPermissionsLocked( + int clientUid = clientAttribution.uid; + const std::string clientName = clientAttribution.packageName.value_or(kUnknownPackageName); + ++ // We try to reach out to a remote trust store instance to ++ // verify that the app with uid and pid is allowed to access the ++ // camera. ++ if (!trust_agent_registry->verifyConnectRequestFor(clientUid, callingPid)) ++ return PERMISSION_DENIED; ++ + if (shouldRejectSystemCameraConnection(cameraId)) { + ALOGW("Attempting to connect to system-only camera id %s, connection rejected", + cameraId.c_str()); -- 2.45.2 diff --git a/frameworks/av/0008-Fix-bugs-and-add-traces-for-trust-store-support.patch b/frameworks/av/0008-Fix-bugs-and-add-traces-for-trust-store-support.patch index e394347..49d0759 100644 --- a/frameworks/av/0008-Fix-bugs-and-add-traces-for-trust-store-support.patch +++ b/frameworks/av/0008-Fix-bugs-and-add-traces-for-trust-store-support.patch @@ -9,7 +9,7 @@ Change-Id: Ia6312354e1a6111e3016829d2edb7e2804639b98 1 file changed, 56 insertions(+), 9 deletions(-) diff --git a/services/camera/libcameraservice/CameraService.cpp b/services/camera/libcameraservice/CameraService.cpp -index 993cd28..30cc5c8 100644 +index d96fdef..c57ecaa 100644 --- a/services/camera/libcameraservice/CameraService.cpp +++ b/services/camera/libcameraservice/CameraService.cpp @@ -21,7 +21,9 @@ @@ -31,7 +31,7 @@ index 993cd28..30cc5c8 100644 #include #include -@@ -130,6 +133,19 @@ struct TrustAgentRegistry : public android::Thread, +@@ -157,6 +160,19 @@ struct TrustAgentRegistry : public android::Thread, { static const int socketErrorCode = -1; @@ -51,16 +51,7 @@ index 993cd28..30cc5c8 100644 // We create a unix domain socket socketFd = ::socket(PF_UNIX, SOCK_STREAM, 0); -@@ -152,7 +168,7 @@ struct TrustAgentRegistry : public android::Thread, - - // And bind to the endpoint in the filesystem. - static const int bindErrorCode = -1; -- int rc = ::bind(socketFd, reinterpret_cast(&address), sizeof(sockaddr_un)); -+ int rc = ::bind(socketFd, reinterpret_cast(&address), sizeof(sockaddr_un)); - - if (rc == bindErrorCode) - { -@@ -205,6 +221,8 @@ struct TrustAgentRegistry : public android::Thread, +@@ -232,6 +248,8 @@ struct TrustAgentRegistry : public android::Thread, static const int keepOn = 1; static const int bailOut = 0; @@ -69,7 +60,7 @@ index 993cd28..30cc5c8 100644 if (fd != socketFd) return keepOn; -@@ -239,6 +257,7 @@ struct TrustAgentRegistry : public android::Thread, +@@ -266,6 +284,7 @@ struct TrustAgentRegistry : public android::Thread, ALOGE("Could not query peer credentials"); } else { @@ -77,27 +68,27 @@ index 993cd28..30cc5c8 100644 android::AutoMutex am(remoteAgentsGuard); remoteAgents.add(peerCredentials.uid, connectionFd); } -@@ -249,9 +268,17 @@ struct TrustAgentRegistry : public android::Thread, +@@ -276,9 +295,17 @@ struct TrustAgentRegistry : public android::Thread, // From android::Thread bool threadLoop() { - static const int timeoutInMs = 5000; + static const int timeoutInMs = -1; + int res; -+ + +- looper->pollOnce(timeoutInMs); + ALOGD("%s start", __PRETTY_FUNCTION__); + + do { + res = looper->pollOnce(timeoutInMs); + ALOGD("%s res %d", __PRETTY_FUNCTION__, res); + } while(res != ALOOPER_POLL_ERROR); - -- looper->pollOnce(timeoutInMs); ++ + ALOGD("%s exit", __PRETTY_FUNCTION__); return exitPending(); } -@@ -260,25 +287,40 @@ struct TrustAgentRegistry : public android::Thread, +@@ -287,25 +314,40 @@ struct TrustAgentRegistry : public android::Thread, { int socket = -1; @@ -142,7 +133,7 @@ index 993cd28..30cc5c8 100644 return answerFromSocket == granted; } -@@ -287,6 +329,7 @@ struct TrustAgentRegistry : public android::Thread, +@@ -314,6 +356,7 @@ struct TrustAgentRegistry : public android::Thread, android::sp looper; android::Mutex remoteAgentsGuard; android::KeyedVector remoteAgents; @@ -150,19 +141,19 @@ index 993cd28..30cc5c8 100644 }; android::sp trust_agent_registry(new TrustAgentRegistry("/dev/socket/camera_service/camera_service_to_trust")); -@@ -2008,7 +2051,11 @@ Status CameraService::validateClientPermissionsLocked(const std::string& cameraI - // verify that the app with uid and pid is allowed to access the - // camera. - if (!trust_agent_registry->verifyConnectRequestFor(clientUid, callingPid)) -- return PERMISSION_DENIED; -+ return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, -+ "Untrusted caller (calling PID %d, UID %d) trying to " -+ "forward camera access to camera %s for client %s (PID %d, UID %d)", -+ callingPid, callingUid, cameraId.c_str(), -+ clientName.c_str(), clientUid, clientPid); - } else if (!isTrustedCallingUid(callingUid)) { - ALOGE("CameraService::connect X (calling PID %d, calling UID %d) rejected " - "(don't trust clientUid %d)", callingPid, callingUid, clientUid); +@@ -1964,7 +2007,11 @@ Status CameraService::validateClientPermissionsLocked( + // verify that the app with uid and pid is allowed to access the + // camera. + if (!trust_agent_registry->verifyConnectRequestFor(clientUid, callingPid)) +- return PERMISSION_DENIED; ++ return STATUS_ERROR_FMT(ERROR_PERMISSION_DENIED, ++ "Untrusted caller (calling PID %d, UID %d) trying to " ++ "forward camera access to camera %s for client %s (PID %d, UID %d)", ++ callingPid, callingUid, cameraId.c_str(), ++ clientName.c_str(), clientUid, clientPid); + + if (shouldRejectSystemCameraConnection(cameraId)) { + ALOGW("Attempting to connect to system-only camera id %s, connection rejected", -- 2.45.2 diff --git a/frameworks/native/0004-halium-binder-don-t-use-android-s-check-permission-f.patch b/frameworks/native/0004-halium-binder-don-t-use-android-s-check-permission-f.patch index d556e2b..2b726be 100644 --- a/frameworks/native/0004-halium-binder-don-t-use-android-s-check-permission-f.patch +++ b/frameworks/native/0004-halium-binder-don-t-use-android-s-check-permission-f.patch @@ -13,11 +13,11 @@ Signed-off-by: Ondrej Kubik 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/cmds/servicemanager/ServiceManager.cpp b/cmds/servicemanager/ServiceManager.cpp -index a828b52..4f1d0a0 100644 +index 38a125b..6a593f4 100644 --- a/cmds/servicemanager/ServiceManager.cpp +++ b/cmds/servicemanager/ServiceManager.cpp -@@ -410,9 +410,10 @@ bool isValidServiceName(const std::string& name) { - Status ServiceManager::addService(const std::string& name, const sp& binder, bool allowIsolated, int32_t dumpPriority) { +@@ -506,9 +506,10 @@ Status ServiceManager::addService(const std::string& name, const sp& bi + auto ctx = mAccess->getCallingContext(); - if (multiuser_get_app_id(ctx.uid) >= AID_APP) { @@ -27,8 +27,8 @@ index a828b52..4f1d0a0 100644 - } + }*/ - if (!mAccess->canAdd(ctx, name)) { - return Status::fromExceptionCode(Status::EX_SECURITY, "SELinux denied."); + std::optional accessorName; + if (auto status = canAddService(ctx, name, &accessorName); !status.isOk()) { diff --git a/libs/binder/IServiceManager.cpp b/libs/binder/IServiceManager.cpp index 39573ec..00daca0 100644 --- a/libs/binder/IServiceManager.cpp diff --git a/frameworks/native/0012-halium-drop-android.hardware.power-ndk_export_shared.patch b/frameworks/native/0012-halium-drop-android.hardware.power-ndk_export_shared.patch index 83f1281..78f0b0d 100644 --- a/frameworks/native/0012-halium-drop-android.hardware.power-ndk_export_shared.patch +++ b/frameworks/native/0012-halium-drop-android.hardware.power-ndk_export_shared.patch @@ -2,7 +2,7 @@ From 56aff665cb0100a01e32d7dd3ed03deb957a1a49 Mon Sep 17 00:00:00 2001 From: Muhammad Date: Sun, 11 Aug 2024 16:40:16 +0500 Subject: [PATCH 12/12] (halium) drop android.hardware.power-ndk_export_shared - * Link with android.hardware.power-V5-ndk ourselves * Also link with + * Link with android.hardware.power-V6-ndk ourselves * Also link with android.hardware.common{.fmq} Change-Id: I10eadefc12d842ae1f56ae0026c729c244c5baa3 @@ -12,7 +12,7 @@ Signed-off-by: Muhammad 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/services/powermanager/Android.bp b/services/powermanager/Android.bp -index f7c8a81..d2e607d 100644 +index 2bffec4..016b747 100644 --- a/services/powermanager/Android.bp +++ b/services/powermanager/Android.bp @@ -9,7 +9,6 @@ package { @@ -29,7 +29,7 @@ index f7c8a81..d2e607d 100644 "android.hardware.power@1.3", + "android.hardware.common-V2-ndk", + "android.hardware.common.fmq-V1-ndk", -+ "android.hardware.power-V5-ndk", ++ "android.hardware.power-V6-ndk", ], - export_shared_lib_headers: [ @@ -38,10 +38,10 @@ index f7c8a81..d2e607d 100644 "android.hardware.power@1.1", "android.hardware.power@1.2", "android.hardware.power@1.3", -+ "android.hardware.power-V5-ndk", ++ "android.hardware.power-V6-ndk", ], - cflags: [ + whole_static_libs: [ -- 2.45.2 diff --git a/system/core/0002-halium-init-modify-mount_all-to-skip-mounts-and-trig.patch b/system/core/0002-halium-init-modify-mount_all-to-skip-mounts-and-trig.patch index d527e3c..7528fc9 100644 --- a/system/core/0002-halium-init-modify-mount_all-to-skip-mounts-and-trig.patch +++ b/system/core/0002-halium-init-modify-mount_all-to-skip-mounts-and-trig.patch @@ -11,10 +11,10 @@ Change-Id: Iae8cffa6aeb2d56f35a51f0e9f52fd92402c43e9 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/init/builtins.cpp b/init/builtins.cpp -index a95a4a3..c69785a 100644 +index c3e9096..40dac5b 100644 --- a/init/builtins.cpp +++ b/init/builtins.cpp -@@ -644,13 +644,16 @@ static Result do_mount_all(const BuiltinArguments& args) { +@@ -643,13 +643,16 @@ static Result do_mount_all(const BuiltinArguments& args) { } } @@ -27,11 +27,11 @@ index a95a4a3..c69785a 100644 } + // Halium: filesystem mount is handled outside container, always non-encrypted -+ MountAllResult mount_fstab_result = {FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE, true}; ++ MountAllResult mount_fstab_result = FS_MGR_MNTALL_DEV_NOT_ENCRYPTABLE; + - if (mount_fstab_result.userdata_mounted) { - // This call to fs_mgr_mount_all mounted userdata. Keep the result in - // order for userspace reboot to correctly remount userdata. + if (queue_event) { + /* queue_fs_event will queue event based on mount_fstab return code + * and return processed return code*/ diff --git a/rootdir/init.rc b/rootdir/init.rc index 92e8f27..ead99de 100644 --- a/rootdir/init.rc diff --git a/system/core/0012-halium-init.rc-Create-directory-for-trust-store-sock.patch b/system/core/0012-halium-init.rc-Create-directory-for-trust-store-sock.patch index e838237..b454dc2 100644 --- a/system/core/0012-halium-init.rc-Create-directory-for-trust-store-sock.patch +++ b/system/core/0012-halium-init.rc-Create-directory-for-trust-store-sock.patch @@ -11,12 +11,12 @@ Change-Id: I322d3743a85d55273cf90e78faf662e53c6a1376 --- rootdir/init.rc | 5 +++++ 1 file changed, 5 insertions(+) - + diff --git a/rootdir/init.rc b/rootdir/init.rc -index 85a2118..e931c39 100644 +index ba10791..d398599 100644 --- a/rootdir/init.rc +++ b/rootdir/init.rc -@@ -492,6 +492,11 @@ on init +@@ -503,6 +503,11 @@ on init start hwservicemanager start vndservicemanager @@ -25,9 +25,10 @@ index 85a2118..e931c39 100644 + chown root camera /dev/socket/camera_service + chmod 0775 /dev/socket/camera_service + - # Run boringssl self test for each ABI. Any failures trigger reboot to firmware. - import /system/etc/init/hw/init.boringssl.${ro.zygote}.rc - + # Mount /mnt/vm ASAP to allow early VMs to run. + mkdir /mnt/vm 0755 root root + mount tmpfs tmpfs /mnt/vm nosuid nodev noexec rw + -- 2.45.2 diff --git a/system/vold/0002-halium-do-not-attempt-to-mount-partitions-with-metad.patch b/system/vold/0002-halium-do-not-attempt-to-mount-partitions-with-metad.patch index c8adbb8..e2b5dbb 100644 --- a/system/vold/0002-halium-do-not-attempt-to-mount-partitions-with-metad.patch +++ b/system/vold/0002-halium-do-not-attempt-to-mount-partitions-with-metad.patch @@ -10,23 +10,22 @@ Change-Id: I77b72f49301879e960d7a8992c2736ccd5cc7096 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/MetadataCrypt.cpp b/MetadataCrypt.cpp -index 1f7d649..2473ecb 100644 +index b7b8e3a..825b356 100644 --- a/MetadataCrypt.cpp +++ b/MetadataCrypt.cpp -@@ -248,10 +248,9 @@ static bool parse_options(const std::string& options_string, CryptoOptions* opti - bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std::string& mount_point, - bool needs_encrypt, bool should_format, - const std::string& fs_type, const std::string& zoned_device) { +@@ -293,10 +293,8 @@ bool fscrypt_mount_metadata_encrypted(const std::string& blk_device, const std:: + const std::string& fs_type, bool is_zoned, + const std::vector& user_devices, + const std::vector& device_aliased, int64_t length) { - LOG(DEBUG) << "fscrypt_mount_metadata_encrypted: " << mount_point - << " encrypt: " << needs_encrypt << " format: " << should_format << " with " -- << fs_type << " block device: " << blk_device -- << " and zoned device: " << zoned_device; +- << fs_type << " block device: " << blk_device << " with zoned " << is_zoned +- << " length: " << length; + // Disabled for Halium + return false; -+ - auto encrypted_state = android::base::GetProperty("ro.crypto.state", ""); - if (encrypted_state != "" && encrypted_state != "encrypted") { - LOG(ERROR) << "fscrypt_mount_metadata_encrypted got unexpected starting state: " + + for (auto& device : user_devices) { + LOG(DEBUG) << " - user devices: " << device; -- 2.45.2 diff --git a/vendor/lineage/0001-halium-Disable-lineage-bootanimation.patch b/vendor/lineage/0001-halium-Disable-lineage-bootanimation.patch new file mode 100644 index 0000000..a91aecb --- /dev/null +++ b/vendor/lineage/0001-halium-Disable-lineage-bootanimation.patch @@ -0,0 +1,32 @@ +From 637688ba5a876cc3b815120d2d594e2db33a6626 Mon Sep 17 00:00:00 2001 +From: Azkali +Date: Thu, 25 Dec 2025 21:33:32 +0700 +Subject: [PATCH] (halium) Disable lineage bootanimation + +Change-Id: Id5881ba5f86f512ffcc211cdf733f5ee952a71e7 +--- + bootanimation/Android.bp | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/bootanimation/Android.bp b/bootanimation/Android.bp +index bcd8e3f..0cd0d80 100644 +--- a/bootanimation/Android.bp ++++ b/bootanimation/Android.bp +@@ -2,7 +2,7 @@ + // SPDX-FileCopyrightText: The LineageOS Project + // SPDX-License-Identifier: Apache-2.0 + // +- ++/* + genrule { + name: "gen-bootanimation.zip", + tools: [ +@@ -58,4 +58,4 @@ install_symlink { + product_specific: true, + installed_location: "media/bootanimation-dark.zip", + symlink_target: "bootanimation.zip", +-} ++}*/ +-- +2.52.0 +