NekoSakura/Android_Device_Mediatek_Sepolicy_Vndr
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
113 Commits 2 Branches 0 Tags
Commit Graph

21 Commits

Author SHA1 Message Date
Matsvei Niaverau
4098d11dc5 bsp: plat_private: Label system_ext kpoc_charger 
Change-Id: If9f3fef45a1a99703552efd70a3130d94abac0f6
 2024-02-09 15:45:16 +01:00
Giovanni Ricca
6d2525868e
bsp: Allow netutils_wrapper access to misc devices 
Change-Id: I114b30b1a46b7d5ceec1664423e7c25f1be29448
 2024-01-02 16:08:20 +01:00
Giovanni Ricca
ff24786f5a
bsp: Label system_ext vtservice 
Change-Id: I792cf32154884ebbdbd4907006a75857e366f1d2
 2024-01-01 22:20:52 +01:00
Giovanni Ricca
532b60ca02
sepolicy: Guard invalid labels 
* MTK devices with R vendor and older still depends on those labels

Change-Id: If2e78d5a22722b0038afbb6f9a651bc073b8f4c8
 2023-12-28 11:50:04 +01:00
Giovanni Ricca
6de1ec34cc
bsp: plat_private: Define mtk_hal_sf_service 
Change-Id: I1d3e52b574c09505a77161a5508f4960dad3250f
 2023-12-27 22:33:42 +00:00
Giovanni Ricca
c420b9b98e
bsp: non_plat: Remove duplicate labels 
Change-Id: I86f4700a6a2e123f7693eda5daf088011bd2c35a
 2023-12-27 22:31:18 +00:00
bengris32
a55780d6aa
bsp: plat_private: Allow radio to get system_mtk_vodata_prop 
Change-Id: Ie95160741a6e7a5c9955992a267163bf733c296f
Signed-off-by: bengris32 <bengris32@protonmail.ch>
 2023-12-25 12:14:15 +00:00
SamarV-121
a58d7459e5 sepolicy: isolated_app -> isolated_app_all 
* neverallow

Change-Id: If7dbddf30472de3b7c04c2e4f9a27e03e6ada619
 2023-10-29 17:44:17 +00:00
bengris32
1313d51047
treewide: Completely drop mtk_hal_audio type 
* We can just use AOSP's hal_audio_default. This removes the
  need for a renamed audio service.

Change-Id: Id698bd318194c942ea117aefde7ff7864216e1e3
Signed-off-by: bengris32 <bengris32@protonmail.ch>
 2023-09-05 00:06:24 +01:00
Erfan Abdi
c322485915
sepolicy: bsp: private: Add support for T ims 
Change-Id: Ifbbbeb994d570f8f165c974bd5ef5a0adddd6ab0
 2023-08-07 15:03:49 +01:00
SamarV-121
22b3052286
sepolicy: Allow init to create wfca_rds sockets 
I auditd  : type=1400 audit(0.0:196): avc: denied { create } for comm="init" name="wfca_rds" scontext=u:r:init:s0 tcontext=u:object_r:socket_device:s0 tclass=sock_file permissive=0

Change-Id: I6205d0ac2e30e0558f1a1ba3b57283c433c8ac0b
 2023-04-27 14:43:49 +05:30
LinkBoi00
dc84220dbd sepolicy: bsp: plat_private: Fixup musb-hdrc cmode device typo 
Signed-off-by: LinkBoi00 <linkdevel@protonmail.com>
Change-Id: I972c7af0d7ec2f0f85f317d4e0135045c82917a9
 2023-02-11 13:15:56 +01:00
SamarV-121
173aae2fb1 sepolicy: bsp: non_plat: Grant all network permissions to ipsec_mon 
Change-Id: I01ffcf9cc31332f45f9a1d3120c6d2946d3dc650
 2023-01-02 23:49:48 +01:00
TheMalachite
e24c0688e9 sepolicy: bsp: Fix Netflix widevine L1 denies 
Change-Id: I9553462fea01deb7d953d0c885218d3490dcfee7
Reviewed-on: https://review.statixos.com/c/android_device_mediatek_sepolicy_vndr/+/7763
Reviewed-by: Vaisakh Murali <mvaisakh@statixos.com>
Tested-by: Vaisakh Murali <mvaisakh@statixos.com>
 2023-01-02 23:48:50 +01:00
bengris32
3538c267c2 sepolicy: basic: non_plat: Add rules for MediaTek GPU HAL 
* Dropped in S sepolicy but we need it since we have
  blobs from R.

Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: Ifb8fa7d8e28b1d74c1bf3ea6b817afd3c84a90c6
 2023-01-02 23:47:59 +01:00
bengris32
9235669c21 sepolicy: bsp: non_plat: Label camera debuglog props 
Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: I5c3c83f5d655426b1fce1fa43b3bcb7f009ee624
 2023-01-02 23:47:52 +01:00
bengris32
6f37ffbe81 sepolicy: bsp: non_plat: Label ril.cdma.inecmmode property 
Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: I9dbbc28d5c3b047c1fce6e759e88c432f254242f
 2023-01-02 23:47:36 +01:00
bengris32
367ef77f0d sepolicy: bsp: non_plat: Label ccci_fsd executable 
* This label was dropped in S sepolicy but the rules
  for it are still here.

Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: I7e0aab508243629faa846249516c46c95fd246bf
 2023-01-02 23:46:05 +01:00
bengris32
ed9ea3b405 sepolicy: bsp: non_plat: Label MTK keyinstall interface 
* This was dropped in the S sepolicy, but we still need
  it since we're on R blobs.

Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: Ie0c2ea88b1a8aed96183cce856bbdb0b73c50f65
 2023-01-02 23:45:59 +01:00
bengris32
94e69231d7 sepolicy: Initial bringup 
* Rename BoardSEPolicyConfig.mk to SEPolicy.mk
* Drop useless OTA upgrade sepolicy
* Unconditionally include debug sepolicy

Signed-off-by: bengris32 <bengris32@protonmail.ch>
Change-Id: I0c43f3c4783127aad1e5f653bf12b5286cba74ed
 2023-01-02 23:43:03 +01:00
TheMalachite
961041ba3e mtk-sepolicy: Initial SEPolicy rules 2022-08-14 15:07:12 +02:00