omni: add vnc server integration bits
Change-Id: Ic9a52c28ddc0bba4ae519d4f30de1adb6f127496
diff --git a/config/packages.mk b/config/packages.mk
index e10201e..8a6a8c4 100644
--- a/config/packages.mk
+++ b/config/packages.mk
@@ -34,7 +34,10 @@
mkshrc_vendor \
toybox_vendor \
sh_vendor \
- vim
+ vim \
+ vncflinger \
+ vncpasswd \
+ OmniRemote
ifeq ($(BOARD_INCLUDE_CMDLINE_TOOLS),true)
PRODUCT_PACKAGES += \
diff --git a/prebuilt/etc/init.local.rc b/prebuilt/etc/init.local.rc
index 8910602..9f52e9f 100644
--- a/prebuilt/etc/init.local.rc
+++ b/prebuilt/etc/init.local.rc
@@ -43,6 +43,9 @@
chown system system /sys/module/lowmemorykiller/parameters/minfree
chmod 0644 /sys/module/lowmemorykiller/parameters/minfree
+ # vnc
+ chmod 0666 /dev/uinput
+
# adb over network
on property:service.adb.tcp.port=5555
stop adbd
diff --git a/sepolicy/private/file_contexts b/sepolicy/private/file_contexts
index 1c7011b..a5b933d 100644
--- a/sepolicy/private/file_contexts
+++ b/sepolicy/private/file_contexts
@@ -7,5 +7,7 @@
/sys/block/[^/]+/queue/scheduler u:object_r:sysfs_block_scheduler:s0
/system/bin/fsck\.ntfs u:object_r:fsck_exec:s0
-#/system/bin/fsck\.exfat u:object_r:fsck_exec:s0
/system/bin/mount\.exfat u:object_r:fsck_exec:s0
+
+/system/bin/vncflinger u:object_r:vncflinger_exec:s0
+/system/bin/vncpasswd u:object_r:vncflinger_exec:s0
diff --git a/sepolicy/private/system_app.te b/sepolicy/private/system_app.te
index 08e4db4..e6f46c6 100644
--- a/sepolicy/private/system_app.te
+++ b/sepolicy/private/system_app.te
@@ -1,4 +1,7 @@
#selinux status
allow system_app selinuxfs:file r_file_perms;
+allow system_app vncflinger_exec:file { r_file_perms execute execute_no_trans map };
+# uinput
+allow system_app uhid_device:chr_file rw_file_perms;
diff --git a/sepolicy/private/vncflinger.te b/sepolicy/private/vncflinger.te
new file mode 100644
index 0000000..a6656b5
--- /dev/null
+++ b/sepolicy/private/vncflinger.te
@@ -0,0 +1,24 @@
+type vncflinger_exec, exec_type, file_type;
+type vncflinger, domain;
+typeattribute vncflinger coredomain;
+
+init_daemon_domain(vncflinger)
+binder_use(vncflinger)
+net_domain(vncflinger);
+
+# uinput
+allow vncflinger uhid_device:chr_file rw_file_perms;
+
+# read buffers from surfaceflinger
+allow vncflinger ion_device:chr_file r_file_perms;
+allow vncflinger surfaceflinger_service:service_manager find;
+binder_call(vncflinger, surfaceflinger);
+
+# buffer callbacks
+binder_call(surfaceflinger, vncflinger);
+
+get_prop(vncflinger, hwservicemanager_prop)
+allow vncflinger hal_graphics_allocator:fd use;
+allow vncflinger same_process_hal_file:file { execute read open getattr map };
+hal_client_domain(vncflinger, hal_graphics_allocator);
+hwbinder_use(vncflinger);