From f12ef27cb9fc9f9cda9078230c5ab5b4ce0d4d93 Mon Sep 17 00:00:00 2001
From: Arian <arian.kulmer@web.de>
Date: Fri, 11 Dec 2020 00:07:18 +0100
Subject: shinano-common: Cleanup sepolicy

Change-Id: If615758376413b16fcc80addd03a9ba5cd388e8a
---
 rootdir/etc/init.camera.rc | 31 +++++++++++++++++++------------
 rootdir/etc/init.qcom.rc   | 29 +----------------------------
 2 files changed, 20 insertions(+), 40 deletions(-)

(limited to 'rootdir/etc')

diff --git a/rootdir/etc/init.camera.rc b/rootdir/etc/init.camera.rc
index 7a6d857..ce77064 100644
--- a/rootdir/etc/init.camera.rc
+++ b/rootdir/etc/init.camera.rc
@@ -14,10 +14,6 @@
 # limitations under the License.
 #
 
-on early-fs
-    wait /dev/block/mmcblk0p1
-    class_start trimarea
-
 on early-boot
     #SONY early boot
     start ta_qmi_service
@@ -48,10 +44,15 @@ on post-fs-data
     mkdir /dev/socket/scd 0755 system system
     mkdir /data/scd 0755 system system
 
+    # Change to socket location on libkeyctrl/suntory for /data encryption
+    # Create suntory data directory
+    mkdir /dev/socket/suntory 0755 system system
+    mkdir /data/suntory 0755 system system
+
 on post-fs-data
     # SONY: Start early TA-users
     mkdir /data/etc 0755 root shell
-    exec -- /vendor/bin/taimport
+    start taimport
 
     # SONY: Create dir for Widevine keybox
     mkdir /data/persist/wv 0700 system system
@@ -65,21 +66,27 @@ on post-fs-data
     chmod 0660 /sys/devices/sony_camera_1/info
 
     # SONY: Import MiscTA to System properties
-    exec -- /vendor/bin/taimport property
+    start property_taimport
     setprop init.taimport.ready true
     # taimport ready, use this as trigger for multi-cdf-symlinker
 
 service taimport /vendor/bin/taimport
-    class late_start
-    user root
+    user system
     group system
     oneshot
+    disabled
+
+service property_taimport /vendor/bin/taimport property
+    user system
+    group system
+    oneshot
+    disabled
 
 # This script init /cache/CredentialManagerData if /data/credmgr doesn't meet our requirements
 service initcredmgr /vendor/bin/credmgrfirstboot.sh
     class late_start
-    user root
-    group root
+    user system
+    group system
     oneshot
 
 # When credmgrfirstboot is ready it set sys.credmgrdready=true.
@@ -102,7 +109,7 @@ service sct_service /vendor/bin/sct_service
 # Trim Area QMI service
 service ta_qmi_service /vendor/bin/ta_qmi_service
     user system
-    group system root net_raw wakelock
+    group system net_raw wakelock
     disabled
 
 service scd /vendor/bin/scd
@@ -126,7 +133,7 @@ on property:init.svc.servicemanager=restarting
 service tad_static /vendor/bin/tad_static /dev/block/bootdevice/by-name/TA 0,16
     class core
     user system
-    group system root camera media
+    group system camera media
     socket tad stream 0770 system system
 
 service updatemiscta /vendor/bin/updatemiscta
diff --git a/rootdir/etc/init.qcom.rc b/rootdir/etc/init.qcom.rc
index 6fb9141..a815a3b 100644
--- a/rootdir/etc/init.qcom.rc
+++ b/rootdir/etc/init.qcom.rc
@@ -46,9 +46,6 @@ on init
 
     write /sys/module/qpnp_rtc/parameters/poweron_alarm 1
 
-    # Enable panic on out of memory
-    write /proc/sys/vm/panic_on_oom 2
-
     # Setup zram options
     write /sys/block/zram0/comp_algorithm lz4
 
@@ -83,9 +80,6 @@ on early-boot
 
     write /sys/kernel/boot_adsp/boot 1
 
-    # Run pre_hw_config.sh before entering charge only mode.
-    exec /system/bin/sh /system/etc/pre_hw_config.sh
-
 on boot
     write /sys/module/qpnp_power_on/parameters/forcecrash_on 1
 
@@ -223,10 +217,6 @@ on boot
     # an ack packet comes out of order
     write /proc/sys/net/netfilter/nf_conntrack_tcp_be_liberal 1
 
-    # Set the console loglevel to < KERN_INFO
-    # Set the default message loglevel to KERN_INFO
-    write /proc/sys/kernel/printk "6 6 1 7"
-
     chown system /sys/devices/virtual/timed_output/vibrator/vtg_level
 
     # charger
@@ -250,11 +240,6 @@ on boot
     chown system system /sys/devices/virtual/input/max1187x/wakeup_gesture
 
 on post-fs
-    # Change to socket location on libkeyctrl/suntory for /data encryption
-    # Create suntory data directory
-    mkdir /dev/socket/suntory 0755 system system
-    mkdir /data/suntory 0755 system system
-
     # led RGB
     chown system system /sys/class/leds/rgb/sync_state
     chown system system /sys/class/leds/rgb/start_blink
@@ -360,10 +345,6 @@ on post-fs-data
     # SONY: Create dir for marlin sdata
     mkdir /data/persist/marlin 0700 system system
 
-    # SONY: Create a dir for pin-cache components
-    mkdir /data/pc 0600 radio radio
-    mkdir /cache/pc 0770 radio system
-
 on property:bluetooth.isEnabled=true
 #    start btwlancoex
     write /sys/class/bluetooth/hci0/idle_timeout 7000
@@ -380,8 +361,7 @@ service qmuxd /vendor/bin/qmuxd
 service netmgrd /vendor/bin/netmgrd
     class late_start
     user root
-    group root wifi wakelock radio inet system
-    seclabel u:r:netmgrd:s0
+    group root wifi wakelock radio inet oem_2950
 
 on property:ro.radio.noril=true
     stop ril-daemon
@@ -447,17 +427,11 @@ service sensors /vendor/bin/sensors.qcom
     user root
     group root wakelock
 
-service qcom-sensor-sh /vendor/bin/init.qcom-sensor.sh
-    class main
-    user root
-    oneshot
-
 # HexagonDSP FastRPC daemon
 service adsprpcd /vendor/bin/adsprpcd
    class main
    user media
    group media
-   seclabel u:r:adsprpcd:s0
 
 service charger /system/bin/charger
     class charger
@@ -503,7 +477,6 @@ service uim /vendor/bin/brcm-uim-sysfs
     class late_start
     user root
     group bluetooth net_bt
-    seclabel u:r:uim:s0
 
 # Quick Charge
 service hvdcp /vendor/bin/hvdcp
-- 
cgit v1.2.3