diff options
| -rwxr-xr-x | msm8996.mk | 4 | ||||
| -rwxr-xr-x | rootdir/bin/init.qcom.sh | 6 | ||||
| -rw-r--r-- | sepolicy/property.te | 1 | ||||
| -rw-r--r-- | sepolicy/property_contexts | 3 | ||||
| -rw-r--r-- | sepolicy/qti_init_shell.te | 4 | ||||
| -rw-r--r-- | sepolicy/system_app.te | 1 |
6 files changed, 15 insertions, 4 deletions
@@ -284,10 +284,6 @@ PRODUCT_PACKAGES += \ libandroid_net \ netutils-wrapper-1.0 -# OEM Unlock reporting -PRODUCT_DEFAULT_PROPERTY_OVERRIDES += \ - ro.oem_unlock_supported=1 - # OMX PRODUCT_PACKAGES += \ libextmedia_jni \ diff --git a/rootdir/bin/init.qcom.sh b/rootdir/bin/init.qcom.sh index 12615aa..93439bb 100755 --- a/rootdir/bin/init.qcom.sh +++ b/rootdir/bin/init.qcom.sh @@ -65,3 +65,9 @@ if [ ! -f /vendor/firmware_mnt/verinfo/ver_info.txt -o "$prev_version_info" != " fi chmod g-w /data/vendor/modem_config setprop ro.vendor.ril.mbn_copy_completed 1 + +if [[ -z $(grep "androidboot.lock=unlocked" /proc/cmdline) ]]; then + setprop ro.oem_unlock_supported 1 +else + setprop ro.oem_unlock_supported 0 +fi diff --git a/sepolicy/property.te b/sepolicy/property.te index 550baf9..87aea86 100644 --- a/sepolicy/property.te +++ b/sepolicy/property.te @@ -1 +1,2 @@ type wcg_prop, property_type; +type oem_unlock_prop, property_type; diff --git a/sepolicy/property_contexts b/sepolicy/property_contexts index 18b724a..697ecaf 100644 --- a/sepolicy/property_contexts +++ b/sepolicy/property_contexts @@ -4,6 +4,9 @@ persist.camera. u:object_r:camera_prop:s0 # BootParsed sys.post_boot.parsed u:object_r:vendor_mpctl_prop:s0 +# OEM unlocking +ro.oem_unlock_supported u:object_r:oem_unlock_prop:s0 + # Qseecomd sys.listeners.registered u:object_r:vendor_tee_listener_prop:s0 diff --git a/sepolicy/qti_init_shell.te b/sepolicy/qti_init_shell.te index cc3ba68..c5b8387 100644 --- a/sepolicy/qti_init_shell.te +++ b/sepolicy/qti_init_shell.te @@ -5,4 +5,8 @@ allow qti_init_shell file_contexts_file:file { getattr open read }; allow qti_init_shell mnt_vendor_file:dir rw_dir_perms; allow qti_init_shell mnt_vendor_file:file create_file_perms; +# Allow qti_init_shell to read cmdline +allow qti_init_shell proc_cmdline:file { getattr open read }; + get_prop(qti_init_shell, wcg_prop) +set_prop(qti_init_shell, oem_unlock_prop) diff --git a/sepolicy/system_app.te b/sepolicy/system_app.te index 5fe4bd9..1158907 100644 --- a/sepolicy/system_app.te +++ b/sepolicy/system_app.te @@ -3,3 +3,4 @@ allow system_app sysfs_fingerprint:dir search; allow system_app shell_prop:property_service set; binder_call(system_app, wificond); +get_prop(system_app, oem_unlock_prop); |