From 9da00512d5b02866f1925aaa589059307bff8df8 Mon Sep 17 00:00:00 2001 From: Paul Keith Date: Thu, 15 Feb 2018 23:33:28 +0100 Subject: shi-m-ano-common: Transition to TARGET_LD_SHIM_LIBS * Limits security exposure from shims * As a bonus, we no longer need noatsecure to make LD_SHIM_LIBS persist through services Change-Id: I877192422062f3e59c81a7130ad1a2b4be5d1647 --- BoardConfigCommon.mk | 11 +++++++++++ rootdir/init.camera.rc | 10 ---------- 2 files changed, 11 insertions(+), 10 deletions(-) diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk index be7c3b4..45ac60a 100644 --- a/BoardConfigCommon.mk +++ b/BoardConfigCommon.mk @@ -78,6 +78,17 @@ TARGET_KEYMASTER_WAIT_FOR_QSEE := true BOARD_SEPOLICY_DIRS += \ device/sony/shinano-common/sepolicy +# Shims +TARGET_LD_SHIM_LIBS := \ + /system/vendor/bin/credmgrd|/system/vendor/lib/libshims_signal.so \ + /system/vendor/bin/iddd|/system/vendor/lib/libshims_idd.so \ + /system/vendor/bin/suntrold|/system/vendor/lib/libshims_signal.so \ + /system/lib/hw/camera.vendor.qcom.so|/system/vendor/lib/libsonycamera.so \ + /system/vendor/bin/mm-qcamera-daemon|libandroid.so \ + /system/lib/libcammw.so|libsensor.so \ + /system/lib/libsomc_chokoballpal.so|/system/vendor/lib/libGraphicBuffer.so \ + /system/lib/hw/camera.vendor.qcom.so|libsensor.so + # Props for hotplugging TARGET_SYSTEM_PROP += device/sony/shinano-common/system.prop diff --git a/rootdir/init.camera.rc b/rootdir/init.camera.rc index 0f12b5b..c14d9c7 100644 --- a/rootdir/init.camera.rc +++ b/rootdir/init.camera.rc @@ -15,16 +15,6 @@ # on init -export LD_SHIM_LIBS " \ -:/system/vendor/bin/credmgrd|/system/vendor/lib/libshims_signal.so \ -:/system/vendor/bin/iddd|/system/vendor/lib/libshims_idd.so \ -:/system/vendor/bin/suntrold|/system/vendor/lib/libshims_signal.so \ -:/system/lib/hw/camera.vendor.qcom.so|/system/vendor/lib/libsonycamera.so \ -:/system/vendor/bin/mm-qcamera-daemon|libandroid.so \ -:/system/lib/libcammw.so|libsensor.so \ -:/system/lib/libsomc_chokoballpal.so|/system/vendor/lib/libGraphicBuffer.so \ -:/system/lib/hw/camera.vendor.qcom.so|libsensor.so \ -" on early-fs wait /dev/block/mmcblk0p1 -- cgit v1.2.3