[ROM][UNOFFICIAL][10][Q]LineageOS 17.1 for z5c (suzuran)

[Berni-0815]

LineageOS 18.1

 

[tntcl]

hi berni, thanks a lot for your tireless efforts, they were the reason why i felt confident enough to get a Z5C.

does anybody have advice on how to reduce the massive echo my call partners experience when loudspeaker is active (both phone and app calls)? without loudspeaker there is a slighter but still noticeable echo. curiously, the problem was the other way round in berni's los14.1. haven't tried 18.1 yet but would be my next option.

cheers from berlin

(E5823 with december build)

 

[esrevinu]

I have made a patch to device/sony/kitakami-common for the DRM issue.

diff --git a/sepolicy/vendor/hal_drm_clearkey.te b/sepolicy/vendor/hal_drm_clearkey.te
index 286e248..ac671a3 100644
--- a/sepolicy/vendor/hal_drm_clearkey.te
+++ b/sepolicy/vendor/hal_drm_clearkey.te
@@ -8,3 +8,6 @@ allow hal_drm_clearkey hal_drm_hwservice:hwservice_manager { add find };
 allow hal_drm_clearkey hidl_base_hwservice:hwservice_manager add;
 allow hal_drm_clearkey hwservicemanager:binder { call transfer };
 allow hal_drm_clearkey hwservicemanager_prop:file r_file_perms;
+
+allow mediadrmserver hal_drm_clearkey:binder { call transfer };
+allow hal_drm_clearkey mediadrmserver:binder { call transfer };
diff --git a/sepolicy/vendor/hal_drm_widevine.te b/sepolicy/vendor/hal_drm_widevine.te
new file mode 100644
index 0000000..b1b7867
--- /dev/null
+++ b/sepolicy/vendor/hal_drm_widevine.te
@@ -0,0 +1,2 @@
+allow hal_drm_widevine vendor_data_file:file create_file_perms;
+allow hal_drm_widevine vendor_data_file:dir create_dir_perms;

 

[Berni-0815]

does anybody have advice on how to reduce the massive echo

Echo and microphone gain and speaker volume and all the other things related to mic/speaker are a very complex theme and that's not easy to solve.

There is a file called "mixer_paths.xml", that can be adapted to whatever you want.

But my experience is, if a value is changed, another weird phenomenon will happen.

 

[Berni-0815]

I have made a patch to device/sony/kitakami-common for the DRM issue.

Does this issue occur at los18.1 too?
One question left: How do you know about those things? Don't you think you should involve yourself in LineageOS development?

 

[esrevinu]

Does this issue occur at los18.1 too?
One question left: How do you know about those things? Don't you think you should involve yourself in LineageOS development?

I haven't used los18.1 much because of sudden reboots, so I didn't check it.
I think I like to fix the problem. But I am not an expert, so I have googled hard.

 

[Berni-0815]

LOL!
I'm not an expert too. It's been a long process of learning to come to the point where I'm now; you can also say "trial and error"...
And I'm still learning a lot every day.
But there are still enough things I've no idea of.
Do you know the tool audit2allow? I'm using this tool to extract what should be included in sepolicy files.

 

[esrevinu]

hi berni, thanks a lot for your tireless efforts, they were the reason why i felt confident enough to get a Z5C.

does anybody have advice on how to reduce the massive echo my call partners experience when loudspeaker is active (both phone and app calls)? without loudspeaker there is a slighter but still noticeable echo. curiously, the problem was the other way round in berni's los14.1. haven't tried 18.1 yet but would be my next option.

cheers from berlin

(E5823 with december build)

Here is my version:

Taegil Bae / mixer_paths.xml for Xperia Z5c

/system/etc/mixer_paths.xml for Xperia Z5c

gitlab.com

Please try this. In recovery, replace (/system)/system/vendor/etc/mixer_paths.xml.

 

[esrevinu]

LOL!
I'm not an expert too. It's been a long process of learning to come to the point where I'm now; you can also say "trial and error"...
And I'm still learning a lot every day.
But there are still enough things I've no idea of.
Do you know the tool audit2allow? I'm using this tool to extract what should be included in sepolicy files.

I saw audit2allow reading google document yesterday and tried it, but it was not much helpful. I still don't know how to fix secd_exec access denials from many daemons.

 

[sabar_op]

I saw audit2allow reading google document yesterday and tried it, but it was not much helpful. I still don't know how to fix secd_exec access denials from many daemons.

I am using the old way with setenv LD_PRELOAD to lib-preload64 in Z4 tablet device to fix secd_exec denials... Perhaps it works in your device.

 

[esrevinu]

I am using the old way with setenv LD_PRELOAD to lib-preload64 in Z4 tablet device to fix secd_exec denials... Perhaps it works in your device.

Thanks. I will try it.

 

[Berni-0815]

I still don't know how to fix secd_exec access denials from many daemons.

Oh, don't do this. It's useless and does only spam your logs...

 

[Berni-0815]

the only issues I've encountered is with widevine and DRM

I've built a new version of LineageOS 18.1 in which this issue might be fixed. No further improvements made. Please try this version and report.

FYI: Using audit2allow the following changes would be enough to fix this DRM issue:

#============= hal_drm_widevine ==============
allow hal_drm_widevine vendor_data_file:file { getattr open read };

#============= mediadrmserver ==============
allow mediadrmserver hal_drm_clearkey:binder call;

But I've included all changes mentioned in this post.

 

[esrevinu]

FYI: Using audit2allow the following changes would be enough to fix this DRM issue:

#============= hal_drm_widevine ==============
allow hal_drm_widevine vendor_data_file:file { getattr open read };

#============= mediadrmserver ==============
allow mediadrmserver hal_drm_clearkey:binder call;

But I've included all changes mentioned in this post.

audit2allow's suggestion is not enough. widevine needs create file and dir permissions to create files in /data/vender/mediadrm directory. If widevine already create that files, denials for create does not happen. clearkey also needs call and transfer permissions from and to mediadrmserver.

 

[tntcl]

Please try this.

thx! unfortunately that killed all sound, outgoing and incoming, in phone and all apps
also unfortunately, after restoring the original file, i still lost all sound

 

[&(*)]

Wipe everything from within TWRP (Dalvik, Data, Cache, System, Internal) then format data. Flash the original 32.4.A.1.54 firmware and do not perform a .TA recovery from backup. Before booting into system flash recovery. Boot 7.1.1 system and complete basic setup (added from reply below). Boot into recovery and repeat first step: wipe everything followed by a format of data. Flash 18.1, after setup and report back as to the status of the sound issues.

 

[&(*)]

removed: error in reply form, see above

 

[esrevinu]

There is qcom's new sepolicy in LOSROOT/device/qcom/sepolicy, while kitakami uses LOSROOT/device/qcom/sepolicy-legacy.
The new one has policy on widevine DRM. Following this, I changed the patch:

diff --git a/sepolicy/vendor/file.te b/sepolicy/vendor/file.te
index 1111362..3f125e9 100644
--- a/sepolicy/vendor/file.te
+++ b/sepolicy/vendor/file.te
@@ -12,3 +12,6 @@ type sysfs_timekeep, fs_type, sysfs_type;
 type ta_data_file, file_type;
 type tad_socket, file_type;
 type timekeep_data_file, file_type, data_file_type;
+#widevine data file
+type mediadrm_vendor_data_file, file_type, data_file_type;
+
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index b1b988e..cc70ffa 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -22,6 +22,7 @@
 # DRM
 /(vendor|system/vendor)/bin/hw/android\.hardware\[email protected]\.2-service.clearkey u:object_r:hal_drm_clearkey_exec:s0
 /(vendor|system/vendor)/bin/hw/android\.hardware\[email protected]\.1-service.widevine u:object_r:hal_drm_widevine_exec:s0
+/data/vendor/mediadrm(/.*)?                                u:object_r:mediadrm_vendor_data_file:s0
 
 # BRCM BT FM
 /sys/bus/platform/drivers/bcm_ldisc/bcmbt_ldisc(/.*)?      u:object_r:brcm_ldisc_sysfs:s0
diff --git a/sepolicy/vendor/hal_drm_clearkey.te b/sepolicy/vendor/hal_drm_clearkey.te
index 286e248..ac671a3 100644
--- a/sepolicy/vendor/hal_drm_clearkey.te
+++ b/sepolicy/vendor/hal_drm_clearkey.te
@@ -8,3 +8,6 @@ allow hal_drm_clearkey hal_drm_hwservice:hwservice_manager { add find };
 allow hal_drm_clearkey hidl_base_hwservice:hwservice_manager add;
 allow hal_drm_clearkey hwservicemanager:binder { call transfer };
 allow hal_drm_clearkey hwservicemanager_prop:file r_file_perms;
+
+allow mediadrmserver hal_drm_clearkey:binder { call transfer };
+allow hal_drm_clearkey mediadrmserver:binder { call transfer };
diff --git a/sepolicy/vendor/hal_drm_widevine.te b/sepolicy/vendor/hal_drm_widevine.te
new file mode 100644
index 0000000..105b2e9
--- /dev/null
+++ b/sepolicy/vendor/hal_drm_widevine.te
@@ -0,0 +1,2 @@
+allow hal_drm_widevine mediadrm_vendor_data_file:file create_file_perms;
+allow hal_drm_widevine mediadrm_vendor_data_file:dir create_dir_perms;

 

[esrevinu]

I have tried removing secd from TARGET_LD_SHIM_LIBS.
Now secd_exec denials disappear, and the phone works fine so far.

diff --git a/BoardConfigCommon.mk b/BoardConfigCommon.mk
index 5aba7ff..341af83 100644
--- a/BoardConfigCommon.mk
+++ b/BoardConfigCommon.mk
@@ -197,7 +197,9 @@ TARGET_LD_SHIM_LIBS := \
      /system/lib/libcammw.so|libsensor.so \
      /system/vendor/lib/libizat_core.so|/system/vendor/lib/libshim_gps.so \
      /system/vendor/lib64/libizat_core.so|/system/vendor/lib64/libshim_gps.so \
-     /system/bin/secd|/system/lib64/lib-preload64.so
+
+
+     #/system/bin/secd|/system/lib64/lib-preload64.so
 
 # SELinux
 include device/qcom/sepolicy-legacy/sepolicy.mk

 

[Berni-0815]

audit2allow's suggestion is not enough. widevine needs create file and dir permissions to create files in /data/vender/mediadrm directory. If widevine already create that files, denials for create does not happen. clearkey also needs call and transfer permissions from and to mediadrmserver.

Where is this information from?
FYI: I'm not an expert in SELinux related thing. I'm just doing, what I'm able to do.
I often need more information; so, if you're able to, please help me!