NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
694 Commits 2 Branches 0 Tags
Commit Graph

14 Commits

Author SHA1 Message Date
Ju-Yi Cheng
2a4126739f [ALPS04384473] Remove relabel graphics_debug_prop 
[Detail] No need to relabel graphics_debug_prop since
no process need to setproperty in runtime

MTK-Commit-Id: d7f0964bc3a857471cd9891ec64dcb225c886d0f

Change-Id: I59baa11790e0dea1652097c6fe0127a25406d046
CR-Id: ALPS04384473
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 10:10:07 +08:00
Poting Chen
de970ad094 [ALPS04331194] FPSGO: add ioctl permission 
[Detail]
add FPSGO ioctl permission

MTK-Commit-Id: 4466c4e3c548c134be6939fa50e4c8d3f37a257a

Change-Id: I0c10abd0e780f764ff423442ea3d1b6ed66177c6
CR-Id: ALPS04331194
Feature: FPSGO
 2020-01-18 10:09:36 +08:00
Juju Sung
0a3b110ac5 [ALPS04357449] Sepolicy: workaround for denied policy 
[Detail]
Set proc node specific node
- hraphic_composer
- bootanimation
- aee_core_forwarder
- surfaceflinger

MTK-Commit-Id: 46901e2900a497c472b8a7c01f1350bdd28bbdae

Change-Id: I89a1ab578a2841d3a16718153d5a716ad45c399b
CR-Id: ALPS04357449
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:09:09 +08:00
mtk14318
2cc63df1a0 [ALPS04099835] Modify for SF access prop 
[Detail]
Because SF cant access get debug_bq_dump_prop,
we add the authority for SF to access it.

MTK-Commit-Id: ab026c0d236e280404e58d1b2f1fbeac188e3f2b

Change-Id: I6bd7bbf0b562f81ae219036adfb12847ea14ff6b
CR-Id: ALPS04099835
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 10:07:14 +08:00
mtk14318
99dcd98d32 [ALPS04034495] Latch unsignaled buffer 
[Detail]
Read latch unsignaled buffer by vendor property.

[Solution]
Read latch unsignaled buffer by vendor property.

MTK-Commit-Id: 62e601385bce5a890d9d46ce81318e4d5c19e643

Change-Id: I5737f589a3d3bb48ad5a30ee2ef670de602b30c3
CR-Id: ALPS04034495
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 10:05:54 +08:00
mtk12101
722798a334 [ALPS03982747] Remove unused sepolicy rules 
Some rules is no need any more, need to remove it.

MTK-Commit-Id: 49685f1299d990a7195a2d54b955517d8f2cc699

Change-Id: I4a590ad781589cf94989ce72c88751ac10b82eae
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:02:25 +08:00
Ju-Yi Cheng
8f98a88a89 [ALPS03869840] Add selinux for graphic debug prop 
[Detail]
Relable vendor defined debug property for android P
and label the following property:
1. vendor.debug.sf
2. vendor.debug.hwc
3. vendor.debug.bq

MTK-Commit-Id: 597f4da4e53b1d45c556895e0d85bdb3c6cd80a1

Change-Id: Iaa311f9049a519bd891a45f2b2ca73a61861e353
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 09:51:06 +08:00
mtk12101
b086e609ac [ALPS03825066] Remove unused sepolicy 
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop

[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"

MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248

Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:50:11 +08:00
mtk12101
78d7f51370 [ALPS03825066] Fix boot fail 
[Detail] System processes have no permission to access
vendor_default_prop

[Solution] Add get vendor_default_prop rule for system
processes

MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515

Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:47:42 +08:00
mtk14318
02365e1543 [ALPS03869840] Modify for SELinux violation 
[Detail]
Because p has new SELinux policy,
we need to fix the violation part.

[Solution]
Mark the violation part.

MTK-Commit-Id: 9935b37d96538a2696ac34e0ef8e0f4c480d3167

Change-Id: Ia0fac8c2b94d2acfc29dec20dd29dca85f9f9cf0
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 09:43:36 +08:00
Ju-Yi Cheng
80531326ac [ALPS03869840] P migration: Remove label aosp prop 
[Detail] Vendor partition shouldnt access aosp defined property
which is not in whitlist. So remove the related changes of labeled
aosp property.
  This reverts commit 9d534a80d67e7457a1411b8b36249898ed4c6986.
  This reverts commit 901fb42d2e3856a139b90420922f558d7231ea7d.
  This reverts commit 41dc8fb567b409e149e59f4f514268ca5883c7ab.

[Solution] Remove label of ro.sf.lcd_density.

MTK-Commit-Id: 02cf063b8407a9d9242f064c86767200e9c0ac0a

Change-Id: I02dcc2fa3fda95c498f0ef70d9aa6bd9224d3b02
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 09:37:01 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00