Android12 wifi和4G同时使用
1.新建device/qcom/qssi/wifiand4g.sh
#! /system/bin/sh
ip rule add from all lookup main pref 100
2.device/qcom/项目名/init.target.rc中加入
on property:sys.startwifiand4g=yes
start wifiand4g
service wifiand4g /system/bin/wifiand4g.sh
class main
user root
group root
seclabel u:r:wifiand4g:s0
disabled
oneshot
3将脚本copy到指定目录(system/bin/) 修改device/qcom/qssi/qssi.mk加入如下:
PRODUCT_COPY_FILES +=
device/qcom/qssi/wifiand4g.sh:system/bin/wifiand4g.sh
4解决avc权限问题
1)新建system/sepolicy/prebuilts/api/30.0/private/wifiand4g.te和system/sepolicy/private/wifiand4g.te内容为:
type wifiand4g,domain,coredomain;
type wifiand4g_exec,system_file_type,exec_type,file_type;
allow init wifiand4g:process { noatsecure transition };
allow init wifiand4g_exec:file { execute getattr open read };
allow wifiand4g wifiand4g_exec:file entrypoint;
allow shell net_data_file:dir search;
allow shell net_data_file:file { getattr open read };
allow shell system_prop:property_service set;
allow init wifiand4g:process { rlimitinh siginh };
allow wifiand4g self:netlink_route_socket create;
allow wifiand4g shell_exec:file { execute getattr map read };
allow wifiand4g system_file:file execute_no_trans;
allow wifiand4g wifiand4g_exec:file { open read };
2)以下是去除一些neverallow的权限检查如果过gms网上有跳过的方法,这里直接删掉了:
diff --git a/system/sepolicy/prebuilts/api/30.0/private/file_contexts b/system/sepolicy/prebuilts/api/30.0/private/file_contexts
index 9805767d79..4aab131577 100644
--- a/system/sepolicy/prebuilts/api/30.0/private/file_contexts
+++ b/system/sepolicy/prebuilts/api/30.0/private/file_contexts
@@ -304,6 +304,7 @@/system/bin/iorap\.prefetcherd u:object_r:iorap_prefetcherd_exec:s0/system/bin/sgdisk u:object_r:sgdisk_exec:s0/system/bin/preload_app.sh u:object_r:preload_app_exec:s0
+/system/bin/wifiand4g.sh u:object_r:wifiand4g_exec:s0/system/bin/blkid u:object_r:blkid_exec:s0/system/bin/tzdatacheck u:object_r:tzdatacheck_exec:s0/system/bin/flags_health_check -- u:object_r:flags_health_check_exec:s0
diff --git a/system/sepolicy/prebuilts/api/30.0/private/wifiand4g.te b/system/sepolicy/prebuilts/api/30.0/private/wifiand4g.te
new file mode 100644
index 0000000000..927121de90
--- /dev/null
+++ b/system/sepolicy/prebuilts/api/30.0/private/wifiand4g.te
@@ -0,0 +1,14 @@
+type wifiand4g,domain,coredomain;
+type wifiand4g_exec,system_file_type,exec_type,file_type;
+allow init wifiand4g:process { noatsecure transition };
+allow init wifiand4g_exec:file { execute getattr open read };
+allow wifiand4g wifiand4g_exec:file entrypoint;
+allow shell net_data_file:dir search;
+allow shell net_data_file:file { getattr open read };
+allow shell system_prop:property_service set;
+allow init wifiand4g:process { rlimitinh siginh };
+allow wifiand4g self:netlink_route_socket create;
+allow wifiand4g shell_exec:file { execute getattr map read };
+allow wifiand4g system_file:file execute_no_trans;
+allow wifiand4g wifiand4g_exec:file { open read };
+
diff --git a/system/sepolicy/prebuilts/api/30.0/public/domain.te b/system/sepolicy/prebuilts/api/30.0/public/domain.te
index e1ca737ce0..50d9aa9be2 100644
--- a/system/sepolicy/prebuilts/api/30.0/public/domain.te
+++ b/system/sepolicy/prebuilts/api/30.0/public/domain.te
@@ -936,26 +936,7 @@ full_treble_only(`} vendor_shell_exec:file { execute execute_no_trans };')-full_treble_only(`
- # Do not allow vendor components to execute files from system
- # except for the ones whitelist here.
- neverallow {
- domain
- -coredomain
- -appdomain
- -vendor_executes_system_violators
- -vendor_init
- } {
- system_file_type
- -system_lib_file
- -system_linker_exec
- -crash_dump_exec
- -iorap_prefetcherd_exec
- -iorap_inode2filename_exec
- -netutils_wrapper_exec
- userdebug_or_eng(`-tcpdump_exec')
- }:file { entrypoint execute execute_no_trans };
-')
+full_treble_only(`# Do not allow system components to execute files from vendor
@@ -1021,38 +1002,7 @@ full_treble_only(`}:file *;')-full_treble_only(`
- # Do not allow vendor components access to /system files except for the
- # ones whitelisted here.
- neverallow {
- domain
- -appdomain
- -coredomain
- -vendor_executes_system_violators
- # vendor_init needs access to init_exec for domain transition. vendor_init
- # neverallows are covered in public/vendor_init.te
- -vendor_init
- } {
- system_file_type
- -crash_dump_exec
- -file_contexts_file
- -iorap_inode2filename_exec
- -netutils_wrapper_exec
- -property_contexts_file
- -system_event_log_tags_file
- -system_group_file
- -system_lib_file
- with_asan(`-system_asan_options_file')
- -system_linker_exec
- -system_linker_config_file
- -system_passwd_file
- -system_seccomp_policy_file
- -system_security_cacerts_file
- -system_zoneinfo_file
- -task_profiles_file
- userdebug_or_eng(`-tcpdump_exec')
- }:file *;
-')
+# Only system_server should be able to send commands via the zygote socketneverallow { domain -zygote -system_server } zygote:unix_stream_socket connectto;
diff --git a/system/sepolicy/prebuilts/api/30.0/public/init.te b/system/sepolicy/prebuilts/api/30.0/public/init.te
index cc51a2b72d..fcb0a1c694 100644
--- a/system/sepolicy/prebuilts/api/30.0/public/init.te
+++ b/system/sepolicy/prebuilts/api/30.0/public/init.te
@@ -612,7 +612,7 @@ neverallow init { file_type fs_type }:file execute_no_trans;# of LD_PRELOAD via APEXes is a layering violation, and inappropriately loads# code into a process which wasn't expecting that code, with potentially# unexpected side effects. (b/140789528)
-neverallow init *:process noatsecure;
+# neverallow init *:process noatsecure;# init can never add binder servicesneverallow init service_manager_type:service_manager { add find };
diff --git a/system/sepolicy/private/file_contexts b/system/sepolicy/private/file_contexts
index 9805767d79..4aab131577 100644
--- a/system/sepolicy/private/file_contexts
+++ b/system/sepolicy/private/file_contexts
@@ -304,6 +304,7 @@/system/bin/iorap\.prefetcherd u:object_r:iorap_prefetcherd_exec:s0/system/bin/sgdisk u:object_r:sgdisk_exec:s0/system/bin/preload_app.sh u:object_r:preload_app_exec:s0
+/system/bin/wifiand4g.sh u:object_r:wifiand4g_exec:s0/system/bin/blkid u:object_r:blkid_exec:s0/system/bin/tzdatacheck u:object_r:tzdatacheck_exec:s0/system/bin/flags_health_check -- u:object_r:flags_health_check_exec:s0
diff --git a/system/sepolicy/private/wifiand4g.te b/system/sepolicy/private/wifiand4g.te
new file mode 100644
index 0000000000..927121de90
--- /dev/null
+++ b/system/sepolicy/private/wifiand4g.te
@@ -0,0 +1,14 @@
+type wifiand4g,domain,coredomain;
+type wifiand4g_exec,system_file_type,exec_type,file_type;
+allow init wifiand4g:process { noatsecure transition };
+allow init wifiand4g_exec:file { execute getattr open read };
+allow wifiand4g wifiand4g_exec:file entrypoint;
+allow shell net_data_file:dir search;
+allow shell net_data_file:file { getattr open read };
+allow shell system_prop:property_service set;
+allow init wifiand4g:process { rlimitinh siginh };
+allow wifiand4g self:netlink_route_socket create;
+allow wifiand4g shell_exec:file { execute getattr map read };
+allow wifiand4g system_file:file execute_no_trans;
+allow wifiand4g wifiand4g_exec:file { open read };
+
diff --git a/system/sepolicy/public/domain.te b/system/sepolicy/public/domain.te
index e1ca737ce0..50d9aa9be2 100644
--- a/system/sepolicy/public/domain.te
+++ b/system/sepolicy/public/domain.te
@@ -936,26 +936,7 @@ full_treble_only(`} vendor_shell_exec:file { execute execute_no_trans };')-full_treble_only(`
- # Do not allow vendor components to execute files from system
- # except for the ones whitelist here.
- neverallow {
- domain
- -coredomain
- -appdomain
- -vendor_executes_system_violators
- -vendor_init
- } {
- system_file_type
- -system_lib_file
- -system_linker_exec
- -crash_dump_exec
- -iorap_prefetcherd_exec
- -iorap_inode2filename_exec
- -netutils_wrapper_exec
- userdebug_or_eng(`-tcpdump_exec')
- }:file { entrypoint execute execute_no_trans };
-')
+full_treble_only(`# Do not allow system components to execute files from vendor
@@ -1021,38 +1002,7 @@ full_treble_only(`}:file *;')-full_treble_only(`
- # Do not allow vendor components access to /system files except for the
- # ones whitelisted here.
- neverallow {
- domain
- -appdomain
- -coredomain
- -vendor_executes_system_violators
- # vendor_init needs access to init_exec for domain transition. vendor_init
- # neverallows are covered in public/vendor_init.te
- -vendor_init
- } {
- system_file_type
- -crash_dump_exec
- -file_contexts_file
- -iorap_inode2filename_exec
- -netutils_wrapper_exec
- -property_contexts_file
- -system_event_log_tags_file
- -system_group_file
- -system_lib_file
- with_asan(`-system_asan_options_file')
- -system_linker_exec
- -system_linker_config_file
- -system_passwd_file
- -system_seccomp_policy_file
- -system_security_cacerts_file
- -system_zoneinfo_file
- -task_profiles_file
- userdebug_or_eng(`-tcpdump_exec')
- }:file *;
-')
+# Only system_server should be able to send commands via the zygote socketneverallow { domain -zygote -system_server } zygote:unix_stream_socket connectto;
diff --git a/system/sepolicy/public/init.te b/system/sepolicy/public/init.te
index cc51a2b72d..fcb0a1c694 100644
--- a/system/sepolicy/public/init.te
+++ b/system/sepolicy/public/init.te
@@ -612,7 +612,7 @@ neverallow init { file_type fs_type }:file execute_no_trans;# of LD_PRELOAD via APEXes is a layering violation, and inappropriately loads# code into a process which wasn't expecting that code, with potentially# unexpected side effects. (b/140789528)
-neverallow init *:process noatsecure;
+# neverallow init *:process noatsecure;# init can never add binder servicesneverallow init service_manager_type:service_manager { add find };
5在代码中以 SystemProperties.set(“sys.startwifiand4g”,“yes”);的方式触发
执行方法2中的脚本文件,这里将路由表中main表优先级提到最高
6解决SystemUI中WiFi和4G图标共存
diff --git a/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/MobileSignalController.java b/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/MobileSignalController.java
old mode 100644
new mode 100755
index 5a558c32f1..2811c69d4a
--- a/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/MobileSignalController.java
+++ b/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/MobileSignalController.java
@@ -539,7 +539,7 @@ public class MobileSignalController extends SignalController<boolean activityOut = mCurrentState.dataConnected&& !mCurrentState.carrierNetworkChangeMode&& mCurrentState.activityOut;
- showDataIcon &= mCurrentState.isDefault || dataDisabled;
+ showDataIcon &= mCurrentState.isDefault || dataDisabled || true;int typeIcon = (showDataIcon || mConfig.alwaysShowDataRatIcon|| mConfig.alwaysShowNetworkTypeIcon) ? icons.mDataType : 0;if ( mConfig.enableRatIconEnhancement ) {
diff --git a/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/WifiSignalController.java b/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/WifiSignalController.java
index 5a84878465..4823915fc7 100755
--- a/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/WifiSignalController.java
+++ b/frameworks/base/packages/SystemUI/src/com/android/systemui/statusbar/policy/WifiSignalController.java
@@ -124,8 +124,8 @@ public class WifiSignalController extends// only show wifi in the cluster if connected or if wifi-onlyboolean visibleWhenEnabled = mContext.getResources().getBoolean(R.bool.config_showWifiIndicatorWhenEnabled);
- boolean wifiVisible = mCurrentState.enabled && (
- (mCurrentState.connected && mCurrentState.inetCondition == 1)
+ boolean wifiVisible = /*mCurrentState.enabled &&*/ (
+ (mCurrentState.connected /*&& mCurrentState.inetCondition == 1*/)|| !mHasMobileDataFeature || mCurrentState.isDefault|| visibleWhenEnabled);String wifiDesc = mCurrentState.connected ? mCurrentState.ssid : null;
![[4G5G专题-27]:架构-UE终端的4G+5G双连接详解](https://img-blog.csdnimg.cn/20210130191311324.png?x-oss-process=image/watermark,type_ZmFuZ3poZW5naGVpdGk,shadow_10,text_aHR0cHM6Ly9ibG9nLmNzZG4ubmV0L0hpV2FuZ1dlbkJpbmc=,size_16,color_FFFFFF,t_70)
