NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge "[ALPS04367884] Sepolicy: workaround for denied policy(2)" into alps-trunk-q0.basic

Browse Source 
Change-Id: I6cc0cece99dbf67f754bfa3b9d4e690b5265cdb3
MTK-Commit-Id: 9b27cd1ac23a980a210622c7471c854ffe135ce3
This commit is contained in:
Juju Sung 2020-01-18 10:09:23 +08:00 committed by Gerrit Code Review
commit f0b368fd1d
4 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
non_plat/bootanim.te
View File

@ -25,7 +25,7 @@ allow bootanim proc_perfmgr:file {open read ioctl};
# Date : WK19.11
# Operation : Migration
# Purpose : Allow to access ged for ioctl related functions
allowxperm bootanim proc_ged:file ioctl { GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET GED_BRIDGE_IO_MONITOR_3D_FENCE GED_BRIDGE_IO_QUERY_INFO };
allowxperm bootanim proc_ged:file ioctl { GED_BRIDGE_IO_LOG_BUF_WRITE GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET GED_BRIDGE_IO_MONITOR_3D_FENCE GED_BRIDGE_IO_QUERY_INFO };
allowxperm bootanim proc_perfmgr:file ioctl { GED_BRIDGE_IO_LOG_BUF_WRITE GED_BRIDGE_IO_BOOST_GPU_FREQ GED_BRIDGE_IO_IOCTLCMD_0F GED_BRIDGE_IO_IOCTLCMD_10 };

4
non_plat/hal_graphics_allocator.te
View File

@ -2,4 +2,6 @@
# Operation : Add sepolicy
# Purpose : Add policy for gralloc HIDL
allow hal_graphics_allocator proc_ged:file { read ioctl open };
allow hal_graphics_allocator proc_ged:file { read ioctl open };
allowxperm hal_graphics_allocator_default proc_ged:file ioctl { GED_BRIDGE_IO_GE_ALLOC GED_BRIDGE_IO_GE_GET };

2
non_plat/hal_graphics_composer_default.te
View File

@ -51,4 +51,4 @@ set_prop(hal_graphics_composer_default, graphics_hwc_latch_unsignaled_prop)
#============= hal_graphics_composer_default ==============
allow hal_graphics_composer_default mtk_mdp_device:chr_file { read write open ioctl };
allowxperm hal_graphics_composer_default proc_ged:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_INFO GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET};
allowxperm hal_graphics_composer_default proc_ged:file ioctl {GED_BRIDGE_IO_LOG_BUF_GET GED_BRIDGE_IO_GE_INFO GED_BRIDGE_IO_GE_GET GED_BRIDGE_IO_GE_SET GED_BRIDGE_IO_LOG_BUF_WRITE };

1
non_plat/workaround.te
View File

@ -51,3 +51,4 @@ allow hal_audio hal_audio_hwservice:hwservice_manager find;
# interface=android.system.suspend::ISystemSuspend for aee_core_forwarder
allow aee_core_forwarder system_suspend_hwservice:hwservice_manager find;
allow hwservicemanager aee_core_forwarder:binder transfer;