NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

[ALPS04672388] Change selinux permission for MDP user

Browse Source 
Change selinux permission for MDP user on /dev/mdp_sync

MTK-Commit-Id: a9c03563cf5e96815399788228dc62d18d88026e

CR-Id: ALPS04672388
Change-Id: I3622da7b8ba4151f9cf79e9d4d9c8f73109ef684
Feature: [Module]MDP Driver
This commit is contained in:
Mike Hsieh 2020-01-18 10:16:18 +08:00
parent c8a28bd034
commit dc6c9adc15
8 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
non_plat/app.te
View File

@ -31,6 +31,7 @@ allowxperm appdomain proc_perfmgr:file ioctl {
# Date : W19.4
# Purpose : Allow MDP user access mdp driver
allow appdomain mdp_device:chr_file rw_file_perms;
allow appdomain mtk_mdp_device:chr_file rw_file_perms;
# Date : W19.23
# Operation : Migration

1
non_plat/atci_service.te
View File

@ -115,6 +115,7 @@ allow atci_service hidl_allocator_hwservice:hwservice_manager find;
allow atci_service hidl_memory_hwservice:hwservice_manager find;
allow atci_service ion_device:chr_file { read ioctl open };
allow atci_service mtk_cmdq_device:chr_file { read ioctl open };
allow atci_service mtk_mdp_device:chr_file rw_file_perms;
allow atci_service mtk_hal_power:binder call;
allow atci_service mtk_hal_power_hwservice:hwservice_manager find;
allow atci_service sysfs_batteryinfo:dir search;

1
non_plat/factory.te
View File

@ -278,6 +278,7 @@ hal_client_domain(factory, hal_nfc);
# Operation : O Migration
# Purpose: Allow to access cmdq driver
allow factory mtk_cmdq_device:chr_file { read ioctl open };
allow factory mtk_mdp_device:chr_file rw_file_perms;
# Date: WK1733
# Purpose: add selinux policy to stop 'ccci_fsd' for clear emmc in factory mode

2
non_plat/hal_graphics_composer_default.te
View File

@ -42,7 +42,7 @@ set_prop(hal_graphics_composer_default, graphics_hwc_latch_unsignaled_prop)
# Date : WK18.03
# Purpose: Allow to access property dev/mdp_sync
allow hal_graphics_composer_default mtk_mdp_device:chr_file { read write open ioctl };
allow hal_graphics_composer_default mtk_mdp_device:chr_file rw_file_perms;
allow hal_graphics_composer_default mdp_device:chr_file rw_file_perms;
allow hal_graphics_composer_default tee_device:chr_file rw_file_perms;
allowxperm hal_graphics_composer_default proc_ged:file ioctl { proc_ged_ioctls };

1
non_plat/mediacodec.te
View File

@ -118,6 +118,7 @@ allow mediacodec debugfs_ion:dir search;
# Operation : O Migration
# Purpose: Allow mediacodec to access cmdq driver
allow mediacodec mtk_cmdq_device:chr_file { read ioctl open };
allow mediacodec mtk_mdp_device:chr_file rw_file_perms;
# Date : WK17.28
# Operation : MT6757 SQC

1
non_plat/mediaserver.te
View File

@ -295,6 +295,7 @@ allow mediaserver camera_owe_device:chr_file rw_file_perms;
# Operation : O Migration
# Purpose: Allow to access cmdq driver
allow mediaserver mtk_cmdq_device:chr_file { read ioctl open };
allow mediaserver mtk_mdp_device:chr_file rw_file_perms;
# Date : WK17.43
# Operation : Migration

1
non_plat/mtk_hal_camera.te
View File

@ -269,6 +269,7 @@ allow mtk_hal_camera property_socket:sock_file write;
# Operation : O Migration
# Purpose: Allow to access cmdq driver
allow mtk_hal_camera mtk_cmdq_device:chr_file { read ioctl open };
allow mtk_hal_camera mtk_mdp_device:chr_file rw_file_perms;
# Date : WK17.36
# Operation : O Migration

1
non_plat/mtk_hal_mms.te
View File

@ -28,6 +28,7 @@ add_hwservice(hal_mms_server, mtk_hal_mms_hwservice)
allow mtk_hal_mms graphics_device:chr_file { read write open ioctl };
allow mtk_hal_mms ion_device:chr_file { read open ioctl };
allow mtk_hal_mms mtk_cmdq_device:chr_file { read open ioctl };
allow mtk_hal_mms mtk_mdp_device:chr_file rw_file_perms;
allow mtk_hal_mms mtk_hal_pq_hwservice:hwservice_manager find;
allow mtk_hal_mms proc:file r_file_perms;