when open selinux, mp3 playback will lead to high power loading,
reason is that due to selinux,mediaextractor process cant get
music process name, so lower power feature cannot work
Add sepolicy to fix the issue.
MTK-Commit-Id: 10dad319efacefe5807a7932a63ca34f6bb881a5
Change-Id: I1e41f0e07134fad957fe3f98b99fcc8985f3ebd7
CR-Id: ALPS04427301
Feature: [Android Default] MP3 Playback
[Detail]
For Andorid Q, there is a more stringent restriction for ioctl,
app need some permissions to access proc_ged by ioctlcmd.
[Solution]
Group existing sepolicies for different types app to access
proc_ged by ioctlcmd together in appdomain.
MTK-Commit-Id: e9ba9a00dbbc063388c8120048a72fd8f7ce497c
Change-Id: I24a4671259a68a0fda756d37c16b7e61801e6cc8
CR-Id: ALPS04428389
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
Add selinux for lazy hidl, to make lazy hidl service can be started
MTK-Commit-Id: d2bbc3f95ab7f2d7dfafe932515053226747ea78
Change-Id: Id6fd21bf7794dbc42454202b081113a9c040722c
CR-Id: ALPS04423573
Feature: [Android Default] Backlight
[Detail]
add selinux for lazy hidl, to make lazy hidl service can be started
MTK-Commit-Id: 68eae2f272d3cee8db8377cb298e2227bf21c6fd
Change-Id: Ic1c4ce80ed2574093bdd42f1061aca66596f3dca
CR-Id: ALPS04411237
Feature: [Module]Vibrator
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permissoin to access proc_ged by ioctlcmd
in MTBF.
MTK-Commit-Id: f4a14dea0b118232234da13c860c66e1b31b3c5d
Change-Id: Idd1b3376f8980273f5e91985d91729c1ab50dd59
CR-Id: ALPS04424750
Feature: [Module]SystemServer
[Detail]
Set factory as an client of hal_light,
so that factory can access hal_light service
MTK-Commit-Id: aa59bfbc9d04a2ede701ff67e6ae587f6e5c4394
Change-Id: I86ddb045d73175f10ee57061150a387394009967
CR-Id: ALPS04414154
Feature: Factory Mode
[Detail]
More strictly selinux policy that system process cannot access vendor
partition,
unless label the specific vendor lib to same_process_hal_file
[Solution]
Add same-process HAL files and their dependencies
MTK-Commit-Id: 565e78ca92a83f2aaf44bc599b91f9cb61a5bec5
Change-Id: Id5450d9ae3467b9aae8be20d3d1934e3e1f8a375
CR-Id: ALPS04167940
Feature: MiraVision
(cherry picked from commit c62b2f1b4d75034ce130d909a574aa8d6879b345)
add selinux policy for app so that the video will not be green
MTK-Commit-Id: 10d2bab36c7cb7ecfda381975ff33621b7a03f5d
Change-Id: I76cd1036b1819c05f78ba1177ff201bc8dfab9bd
CR-Id: ALPS04421363
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
add some new rules for not exit files in basic/non_plat/,
allow dumpstate to open/read files
MTK-Commit-Id: 7d8021e582f9c10b7f9574f4fcdadee0be5d3c99
Change-Id: Ifc1ca446ce6cd40e36835acaf52ca5a12efedcdb
CR-Id: ALPS04383536
Feature: Android Exception Engine(AEE)
Give set telephony switching related properties for vendor_init.
MTK-Commit-Id: 7e9671dfc5abda29c5a76608d7746c8b2d6aee95
Change-Id: I371f37082ffd4685a6195185a4946b3390428f36
CR-Id: ALPS04344579
Feature: Telephony feature switch dynamically
[Detail] Add GED ioctl selinux policy to let SF and HWC
that can use GED.
[Solution] Add needed sepolicy
MTK-Commit-Id: 26f1f2fa7735d91ccbb51643b1ed7d200a013988
Change-Id: Ie20589d100473578a8fc824d57718537d7102f07
CR-Id: ALPS04393149
Feature: [Module]SurfaceFlinger/HWComposer
The Google change ag/7017729 introduces its own /devices/virtual/net
in system/sepolicy/private/genfs_contents. Thus, we need this
change to remove our own definition.
MTK-Commit-Id: 795196e337d6451991610a71be6b3dcb06a8850b
Test: Local build
Change-Id: I198fbeb3a4047797d9c01d37b1cd4614202fe66d
CR-Id: ALPS04239425
Feature: Engineering Mode
Due to we might replace system image to GSI image,
we need to maintain another vendor partition properties
to avoid unexpected errors.
MTK-Commit-Id: 2e80c29b78d158be175d350c14ee804a57e1ad41
Change-Id: I6da5eb3479bb93cbb9c0bdd41fd4c69bffb5dd15
CR-Id: ALPS03809072
Feature: Telephony feature switch dynamically
