msm8976-common: Transition to TARGET_LD_SHIM_LIBS

* Limits security exposure from shims

 * As a bonus, we no longer need noatsecure
   to make LD_SHIM_LIBS persist through services

Change-Id: I877192422062f3e59c81a7130ad1a2b4be5d1647
lineage-17.1
Paul Keith 6 years ago committed by Lukasz Patron
parent af54e51b92
commit a3186e740e

@ -206,6 +206,9 @@ include device/qcom/sepolicy/sepolicy.mk
include device/qcom/sepolicy/legacy-sepolicy.mk
BOARD_SEPOLICY_DIRS += $(VENDOR_PATH)/sepolicy
# Shims
TARGET_LD_SHIM_LIBS := /system/lib/libcamera_client.so|libcamera_parameters_shim.so:/system/vendor/lib64/libizat_core.so|libshims_get_process_name.so:/system/lib64/libsec-ril.so|libshims_rild_socket.so
# Wifi
BOARD_HAS_QCOM_WLAN := true
BOARD_HAS_QCOM_WLAN_SDK := true

@ -34,8 +34,6 @@ on early-init
chmod 0755 /sys/kernel/debug
on init
export LD_SHIM_LIBS /system/lib/libcamera_client.so|libcamera_parameters_shim.so:/system/vendor/lib64/libizat_core.so|libshims_get_process_name.so:/system/lib64/libsec-ril.so|libshims_rild_socket.so
# Support legacy paths
symlink /sdcard /storage/sdcard0

@ -1,3 +1,2 @@
allow init { domain -lmkd -crash_dump }:process noatsecure;
allow init debugfs:file write;
allow init sysfs:lnk_file setattr;

Loading…
Cancel
Save