NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
910 Commits 2 Branches 0 Tags
Commit Graph

910 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
YL Wang
02ac3a7894 Merge "[ALPS04294481] WMT: sepolicy adjustment" into alps-trunk-q0.basic 
Change-Id: I4139bacb99ce875feae2b6176bd97c19f7849ef0
MTK-Commit-Id: f7bb53ac352b4dc1baf90669ea96108aeb3f04f9
 2020-01-18 10:10:47 +08:00
Tim Chang
ae4cd2b056 [ALPS04294481] WMT: sepolicy adjustment 
change sepolicy of init for Android Q migration

MTK-Commit-Id: 97e5835a0515110fcf0c5fdef1f8f808b552dab0

Change-Id: I7c2065734270419c1a8eb7d791ba963b95de2763
CR-Id: ALPS04294481
Feature: [Module]WMT Driver
 2020-01-18 10:10:43 +08:00
Shanshan Guo
6e111f454d [ALPS04410351] Add MTK_LICENSE 
[Detail]
Add MTK_LICENSE

MTK-Commit-Id: 75a3255360d17b199543b48fa7dca5f94d12e7a2

Change-Id: I65ded556cf8007a704a3c554d4f16a800fa4afc5
CR-Id: ALPS04410351
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:10:42 +08:00
Shan Zhang
ab3d13a34a Merge "[ALPS04366101] mediacodec process selinux permission" into alps-trunk-q0.basic 
Change-Id: I5281d9da655b812fc77161916ea4a75b483e93a3
MTK-Commit-Id: cce799f6c0527deb1dd8fbe186c93ec40f15cf6d
 2020-01-18 10:10:41 +08:00
Bo Ye
2cb0b653a1 [ALPS04366101] mediacodec process selinux permission 
Need map permission for kernel 4.14

MTK-Commit-Id: 6ea8645273cb9a1642839c1473a9eaf15bb6594b

Change-Id: I31cdb274551457d975d5df6ac401d1254dd05faf
CR-Id: ALPS04366101
Feature: H.264 Decoder
 2020-01-18 10:10:40 +08:00
Joen Chen
09f5c5aeb7 Merge "[ALPS04384473] Add needed sepolicy" into alps-trunk-q0.basic 
Change-Id: I80706cc8d0b2676d803404810a4ccedf7ddf7584
MTK-Commit-Id: bbcff09cf9bfc46aa93a3f337f026a4b454fd453
 2020-01-18 10:10:38 +08:00
Kane Jhang
7ad3357d31 [ALPS04384473] Add needed sepolicy 
[Detail] SurfaceFlinger need to add sepolicy to do ioctl with ged node

[Solution] Add SurfaceFlinger sepolicy

MTK-Commit-Id: 8f848c40c9443a959fe564875aa5046458219ae5

Change-Id: Id88cd8d31f66bbdcb7df6e48127e789d341772ac
CR-Id: ALPS04384473
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 10:10:36 +08:00
Yuhui Zhang
ef8e6d37cd Merge "[ALPS04318555] PMU path change" into alps-trunk-q0.basic 
Change-Id: Ibd34c4fa710371999a4284a0dac344ed082b9583
MTK-Commit-Id: 58b0e3da9605a33bea51d598c1d086533424c2d5
 2020-01-18 10:10:31 +08:00
Juan Rong
d1df7349d6 [ALPS04318555] PMU path change 
PMU path changed, need modify relatd selinux path

MTK-Commit-Id: 9894024d40e75e43fe67405d1cf5fcdd76185eea

Change-Id: I6a30d42d5aacc79947d84dde3d806b205f00c437
CR-Id: ALPS04318555
Feature: Engineering Mode
 2020-01-18 10:10:30 +08:00
Black Chen
4d236156f2 Merge "[ALPS04409296] add BT enable SAP profile policy" into alps-trunk-q0.basic 
Change-Id: I87b2257db7b9141744a71ee44625a58927390a22
MTK-Commit-Id: 50418d8f06f04bda1ce8f9b14e66843ddc9baf30
 2020-01-18 10:10:28 +08:00
Sammy-CY Yang
1888305f75 [ALPS04409296] add BT enable SAP profile policy 
Enable BT SAP profile by properties rather than static resource overlay in Andorid Q.
Add the selinux rule for this property.

MTK-Commit-Id: 32eeec317227518f6be67c8bacc1aef03a413568

Change-Id: Ide8429240862eb79b24a352272ceaeae3fd09b2a
CR-Id: ALPS04409296
Feature: BT AOSP
 2020-01-18 10:10:23 +08:00
Liu Cheng
865fce7f58 [ALPS04277923] SUPL SMS dispatch new feature 
Allow rild access to send SUPL INIT to mnld.

MTK-Commit-Id: c632adb702c3c11b60ee77d28aca477c44d5f6bd

Change-Id: If47a5702cd723e2cc1a6a214e1560ba19ae8c055
CR-Id: ALPS04277923
Feature: [Android Default] Message-SMS framework
 2020-01-18 10:10:22 +08:00
Boru Zhao
9f06829adb [ALPS04394576] MT6739:cameraserver sepolicy issue 
[Detail]
Sepolicy ioctl configure is changed after Q, we modify
cameraserver ioctl configure.

MTK-Commit-Id: 26f6cde989b082ee36067c3e01bdfd1855db046b

Change-Id: I59489c6ee27a9bb7913d0b49cdaa4e281024cb42
CR-Id: ALPS04394576
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:10:22 +08:00
Marx Chiu (邱弘志)
9ab7604179 Merge "[ALPS04401451] Fix ioctl permission issue for cameraserver" into alps-trunk-q0.basic 
Change-Id: Idbceb6f115c78b548cdf10b74b0ca8070682d2cf
MTK-Commit-Id: 8f58167ddaa5256094a029c9d49c28b843769e58
 2020-01-18 10:10:21 +08:00
Michael Lai
682f71fd6d [ALPS04401451] Fix ioctl permission issue for cameraserver 
[Detail] Fix the ioctl permission issue for cameraserver

MTK-Commit-Id: 4c7eba0c71d5bb65f244095ca93596b28ba60ad8

Change-Id: Idca3ad9f37e6aa38375ed008647e81f525a77618
CR-Id: ALPS04401451
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:10:20 +08:00
Kobe Wu
a25d1ca12f [ALPS04400836] Fix SELinux issue 
[Detail]
avc:  denied  { find } for interface=android.hardware.audio::
IDevicesFactory sid=u:r:audiocmdservice_atci:s0 pid=4193 scontext=u:r:
audiocmdservice_atci:s0 tcontext=u:object_r:hal_audio_hwservice:s0
tclass=hwservice_manager permissive=0

[Solution]
hal_client_domain(audiocmdservice_atci, hal_audio)
allow audiocmdservice_atci hal_audio_hwservice:hwservice_manager find;

MTK-Commit-Id: 19954438860104bb7e0036ce92d21429103e6149

Change-Id: Idc7fe552e63aec6e4e1081a0f4681d251b019be3
CR-Id: ALPS04400836
Feature: Audio Tuning Tool
Signed-off-by: Kobe Wu <kobe-cp.wu@mediatek.com>
 2020-01-18 10:10:18 +08:00
Boru Zhao
25996d6511 [ALPS04394576] mt6739:fix camera sepolicy issue 
[Detail]
Add gpu_device:map in non_plat/mtk_hal_camera.te and
non_plat/cameraserver

MTK-Commit-Id: a3544387d9eb532f03a1fd0603f96b9cef46f1cf

Change-Id: Ic3c0e82e87315c29bee5984ae74f579304710c9d
CR-Id: ALPS04394576
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:10:15 +08:00
Chris-YC Chen
112b2a020d [ALPS04257872] sepolicy: mdp-hidl 
add sepolicy for mms while using m4u

MTK-Commit-Id: 431f4e539496a36b144601d8fe9cbfc31ac0aa3f

Change-Id: I7aec7ccdcf48522e6a3cada1a164356a06b0dbbd
CR-Id: ALPS04257872
Feature: [Module]MDP Driver
 2020-01-18 10:10:15 +08:00
Hongxu Zhao
74a77e408a Merge "[ALPS04392816] sensor: add hidl 2.0 architecture" into alps-trunk-q0.basic 
Change-Id: I72e3e71787669fa648d6ebd16b78f8538809b2b1
MTK-Commit-Id: 6ceb53687c0959b82ea3827e52f60c3b22862642
 2020-01-18 10:10:14 +08:00
hongxu.zhao
dd0eaad9fd [ALPS04392816] sensor: add hidl 2.0 architecture 
add hidl 2.0 architecture

MTK-Commit-Id: b0365c02b90b073ac85a1a4ed350967c3f1b1187

Change-Id: I4b17f59113f3085ef6df16814524353862f7d8b5
CR-Id: ALPS04392816
Feature: Sensor Hub
 2020-01-18 10:10:09 +08:00
Jih-Cheng Chiu (邱日成)
99b2e3391e Merge "[ALPS04384473] Remove relabel graphics_debug_prop" into alps-trunk-q0.basic 
Change-Id: Ic744d8a7ced13594f6dc0ca3cdd3d09fb133c3dc
MTK-Commit-Id: f942f2456178ddda3fb66f1bff9fbe79779de518
 2020-01-18 10:10:08 +08:00
Ju-Yi Cheng
2a4126739f [ALPS04384473] Remove relabel graphics_debug_prop 
[Detail] No need to relabel graphics_debug_prop since
no process need to setproperty in runtime

MTK-Commit-Id: d7f0964bc3a857471cd9891ec64dcb225c886d0f

Change-Id: I59baa11790e0dea1652097c6fe0127a25406d046
CR-Id: ALPS04384473
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 10:10:07 +08:00
Archilis Wang
1b7b6d077e [ALPS04385947] Add access rule for property 
mtk_agpsd uses libapmonitor to report info.
libapmonitor needs the access right to hwservicemanager_prop.

MTK-Commit-Id: ce3c3e4f204c2e607c903669601b00720cc1c5f4

Change-Id: I9a241d28ef5f6dd000cd350c3cdf05930aa9bf26
CR-Id: ALPS04385947
Feature: A-GPS
 2020-01-18 10:10:06 +08:00
Andrew Yang
243af8a9aa Merge "[ALPS04385961] RTC: add permission for power-off alarm" into alps-trunk-q0.basic 
Change-Id: I33f8647fe7ae70eb9dab4c49faf033f2a037d05c
MTK-Commit-Id: 6b07f51f7b144a3bc60c0dcc0ee3d957708cb41f
 2020-01-18 10:10:05 +08:00
andrew.yang
b8f0e2db69 [ALPS04385961] RTC: add permission for power-off alarm 
Allow alarm manager to access /dev/alarm for power-off
alarm function.

MTK-Commit-Id: 01de6e5669b8e97c12818256915885dc32c45b9f

Change-Id: I5e3759e9d11357c3f302aa2557dc71de80476262
CR-Id: ALPS04385961
Feature: Power-Off Alarm
 2020-01-18 10:10:03 +08:00
James Hsu
b2cea54f9d [ALPS04296234] mrdump_tool: apply new selinux policy 
[Detail]
Add new selinux policy to fix preallocate file failed

avc denied log
1. ioctl permission denied
mrdump_tool: type=1400 audit(0.0:517): avc: denied { ioctl }
for path="/data/vendor/dumpsys/mrdump_preallocated" dev="dm-0"
ino=1966 ioctlcmd=0x660b scontext=u:r:aee_aedv:s0
tcontext=u:object_r:aee_dumpsys_vendor_file:s0 tclass=file permissive=0

2. open /dev/block/platform/bootdevice/by-name/para fail
[SYSENV]sysenv_get_with_area():317 , get env name=mrdump_output
[SYSENV]get_env_info():217 , initialize
/vendor/bin/mrdump_tool: [libfs_mgr]Warning: unknown flag: resize
[SYSENV]get_partition_path():78 ,
partition path = /dev/block/platform/bootdevice/by-name/para
[SYSENV]read_env_area():136 ,
open /dev/block/platform/bootdevice/by-name/para fail: Permission denied
[SYSENV]get_env_info():238 , read_env_area fail

MTK-Commit-Id: 25a78a9e7e593ba2e376b2e243774d5b4dfc6205

Change-Id: I79c62a0f65e1781ca6d0c2eefe77078d168d146a
Signed-off-by: James Hsu <james.hsu@mediatek.com>
CR-Id: ALPS04296234
Feature: Memory RAM Dump (MRDUMP)
 2020-01-18 10:10:02 +08:00
Qian Dong
311772663d Merge "[ALPS04385687] fix mp3 playback start slowly because of sepolicy" into alps-trunk-q0.basic 
Change-Id: I7213c41ca1441576dbe6d7c2199e8e76277856fa
MTK-Commit-Id: c9a4799508b4216588720540fe3fb86d36b7eb11
 2020-01-18 10:10:01 +08:00
jianying duan
191ebc6318 [ALPS04385687] fix mp3 playback start slowly because of sepolicy 
when open selinux, mp3 playback will start slowly,
it because selinux issue,mediaextractor process cant getservice
and when MtkMp3Extractor call the function
of MediaCodecList:findMatchingCodecs,it will fail.
so,mtkmp3extractors patch cant take effect,
and because of selinuxs limit, mp3 playback start will slowly.

MTK-Commit-Id: 9bb746686dce1176a8a47f1d730c0864bb6b6d52

Change-Id: Iba512638d87ff055a8ddb98853eca956e2ec72d9
CR-Id: ALPS04385687
Feature: [Android Default] MP3 Playback
 2020-01-18 10:09:56 +08:00
yuhui.zhang
03dda6b5df [ALPS04316338] EM: battery temperature settings 
[Detail]
Add sepolicy rule to set battery temperature

MTK-Commit-Id: 9fcd042bd04632fa952af7ac51833695b8a50f7c

Change-Id: I82b8b6649849403a1b1cd8a2e5093a3664719bc2
CR-Id: ALPS04316338
Feature: Engineering Mode
 2020-01-18 10:09:55 +08:00
Miles Chuang
6594dfe902 [ALPS04385399] Separate sepolicy for BASIC/BSP project 
[Detail]
Separate sepolicy for BASIC/BSP project
So we need to modify CXP Selinux setting.
1. Move type definition "usp_srv_prop" from bsp to basic.
2. Remove type "usp_prop" which phased out.

MTK-Commit-Id: e6e9cd8c817fafcdf1f4083be515e781f7658f10

Change-Id: I3c95f5bf2bc2992a141a141dbaa6a5cfe0ed3407
CR-Id: ALPS04385399
Feature: Regional Carrier Express Pack
 2020-01-18 10:09:55 +08:00
Bo Shang
6f9e880db8 Merge "[ALPS04298621] MTKLogger can not get md/netlog property" into alps-trunk-q0.basic 
Change-Id: I5daae42ae2b33849a82ac75d8983c6612c8a9a2d
MTK-Commit-Id: 615863bcde62a1bbefc3999893fe85e9b08a3745
 2020-01-18 10:09:54 +08:00
bo.shang
5344ba81e4 [ALPS04383637] phase out emdlogger permission 
1. logmuch_prop is used for debug load.
2. Could be instead by setenforce 0

MTK-Commit-Id: 5a405882d7853dc0915064d7bfffcc30978ebd86

Change-Id: I35d963d08cbcb921ee0e98d2a2fe6c4123a1f56b
CR-Id: ALPS04383637
Feature: Modem Log Tool
 2020-01-18 10:09:54 +08:00
Jason Hsu
802ee2afa1 [ALPS04377757] Fix mediacodec sepolicy issue 
[Detail]
Fix mediacodec sepolicy issue

[Solution]
Add following to mediacodec due to new check rules after Android Q.
GED_BRIDGE_IO_GE_GET
GED_BRIDGE_IO_GE_SET

MTK-Commit-Id: a037b13e90f3b02999539d17dfde4e1827523b9d

Change-Id: If8e986a630803a9c2eee0c9654b728f5178ee0e9
CR-Id: ALPS04377757
Feature: [Module]Video Driver
 2020-01-18 10:09:54 +08:00
mtk11515
56945bbceb [ALPS04298621] MTKLogger can not get md/netlog property 
[Detail] kernel 4.14 SE linux change

[Solution] change group read file map

MTK-Commit-Id: 971e30bb8a9a2170588e9f363f6617fd90f7e2c8

Change-Id: I2834fa7c081058d49f6c0370160bb94b08cad7f7
CR-Id: ALPS04298621
Feature: MTKLogger
(cherry picked from commit 6ff5e6fc63519d2298d04d1a980349f9c8169f48)
 2020-01-18 10:09:50 +08:00
Larry Liang
10cad58309 Merge "[ALPS04325589] AEE: remove unuse rules" into alps-trunk-q0.basic 
Change-Id: Ia92a7b6be46762af09a64e2c7e92607a1c734858
MTK-Commit-Id: e98481807b7d50c68a8e5bd8926df0dcf4398017
 2020-01-18 10:09:48 +08:00
mtk11285
85b3620577 [ALPS04325589] AEE: remove unuse rules 
1. remove unuse rules
2. allow dumpstate to r/w /proc/msdc_debug
3. allow aee_core_forwarder to access hwservicemanager_prop
4. allow aee_core_forwarder to connect aee_aed socket

MTK-Commit-Id: a43676c734f74636df65e59cdcace017eca79706

Change-Id: I3c45ed83499c0079b38af34cf462dcd80fec501d
CR-Id: ALPS04325589
Feature: Android Exception Engine(AEE)
 2020-01-18 10:09:44 +08:00
Marx Chiu (邱弘志)
75faa0ba65 Merge "[ALPS04377757] Fix camera sepolicy issue" into alps-trunk-q0.basic 
Change-Id: I3638ae1428e25ba0b782473365fda52084495192
MTK-Commit-Id: a2e2ec0b075ee9c69309c82b90d0b5ead97517d7
 2020-01-18 10:09:42 +08:00
mtk03805
217b4fa948 [ALPS04377757] Fix camera sepolicy issue 
[Detail]
Fix camera sepolicy issue

[Solution]
Add following to mtk_hal_camera.
GED_BRIDGE_IO_GE_GET
GED_BRIDGE_IO_GE_SET

MTK-Commit-Id: 37a5c97590fe0d61c553d282e6c79cfa96a71dc9

Change-Id: I6c32d4345296182274a1c24852a87b0b9eb8fd25
CR-Id: ALPS04377757
Feature: Camcorder Application
 2020-01-18 10:09:39 +08:00
Ian-Y Chen (陳尹)
c9ea8dd7b4 Merge "[ALPS04331194] FPSGO: add ioctl permission" into alps-trunk-q0.basic 
Change-Id: I7075fa8fd2af0240703602cc4952cc1d0f8348e8
MTK-Commit-Id: ea29b11fa2ea2e6bfb81772d2fbee163487ff987
 2020-01-18 10:09:38 +08:00
Poting Chen
de970ad094 [ALPS04331194] FPSGO: add ioctl permission 
[Detail]
add FPSGO ioctl permission

MTK-Commit-Id: 4466c4e3c548c134be6939fa50e4c8d3f37a257a

Change-Id: I0c10abd0e780f764ff423442ea3d1b6ed66177c6
CR-Id: ALPS04331194
Feature: FPSGO
 2020-01-18 10:09:36 +08:00
Cosmo Sung
88e528d73d Merge "[ALPS04365408] IMEI crash handler" into alps-trunk-q0.basic 
Change-Id: I882e94a18985867178851557807ffad672d0ad6b
MTK-Commit-Id: 29d7e7bc2a2463b37061f8622762d4a9a620e888
 2020-01-18 10:09:35 +08:00
Cosmo Sung
ee61f89be9 [ALPS04365408] IMEI crash handler 
When modem verify NVRAM fail, it will send URC to RILD and ask AP
to enter recovery mode. This change allows rild to modify powerctl_prop.

MTK-Commit-Id: 48f1f4a9c9b47cd55d03b3b99d800dd3a9a7645f

Change-Id: I84850f0da7631d6345b96c607ecf8b4b0c6f4883
CR-Id: ALPS04365408
Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)
(cherry picked from commit d54eff14a5941798e35798f8b2bbf349360989ed)
(cherry picked from commit 033e399e8a9f4d16dd1ff653c47ac90d9f5c5309)
(cherry picked from commit 139ffbfc706c4c1b74bac5f8e5edaf95b1909ac8)
 2020-01-18 10:09:29 +08:00
Shanshan Guo
427c135bd6 [ALPS04340791] SEPOLICY: workaround fix BASIC build error 
[Detail]
Only BASIC Sepolicy need to be applyed for BASIC,
we separate basic/bsp sepolicy for BASIC.
This workaround is for fixing the build errors that
cause by the declarations were defined in bsp/ dir
and neverallow rules.

MTK-Commit-Id: f1ed54e84b85f73e20dcc8c2ac5f0c42fddedc77

Change-Id: I568873fcc272d04b018efc4be00924b751bb3775
CR-Id: ALPS04340791
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:09:28 +08:00
Larry Liang
a27e813df1 Merge "[ALPS04362997] AEE porting" into alps-trunk-q0.basic 
Change-Id: Ic35bcf9c2b1f85995001eb859cab80655ab92ed5
MTK-Commit-Id: b22cfd44bf202f086389d9e9ec7a8eafb0e4b447
 2020-01-18 10:09:26 +08:00
Huaiming Li
62b7308528 [ALPS04362997] AEE porting 
modify file_contexts, remove "mtklog"

MTK-Commit-Id: 8199b206c4b429921a7ffdf742deb4ccb9bc5c06

Change-Id: Iaa02b89ab3469f236da7898f0adc1a196840346e
CR-Id: ALPS04362997
Feature: Android Exception Engine(AEE)
 2020-01-18 10:09:24 +08:00
Juju Sung
f0b368fd1d Merge "[ALPS04367884] Sepolicy: workaround for denied policy(2)" into alps-trunk-q0.basic 
Change-Id: I6cc0cece99dbf67f754bfa3b9d4e690b5265cdb3
MTK-Commit-Id: 9b27cd1ac23a980a210622c7471c854ffe135ce3
 2020-01-18 10:09:23 +08:00
Juju Sung
ef49210dc0 [ALPS04367884] Sepolicy: workaround for denied policy(2) 
[Detail]
Set proc node specific node
- hraphic_allocator
- bootanim
- aee_core_forwarder

MTK-Commit-Id: 3a2620f6c38a355ad1fc22e570cc2bc119ab6d48

Change-Id: I4b0572c43b44c730b9cd368870c4ff0d79f6de8d
CR-Id: ALPS04367884
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:09:22 +08:00
Bo Shang
4cb2af0a23 Merge "[ALPS04365111] Fix selinux error" into alps-trunk-q0.basic 
Change-Id: Ib9793203f1bd6a81367784d7bed9b32e6e296e8c
MTK-Commit-Id: 39bbf6cd4890f3fca9f87de1c844787677878f73
 2020-01-18 10:09:17 +08:00
bo.shang
aa52b35cf1 [ALPS04365111] Fix selinux error 
Add socket map permission

MTK-Commit-Id: 5a8050e1faffde6adc067eea37fe99434a2f88a5

Change-Id: Ie3009b81bdae187422fb26644834bec2d145d491
CR-Id: ALPS04365111
Feature: Network Log Tool
 2020-01-18 10:09:15 +08:00
Ian-Y Chen
ee2308acc8 [ALPS04328846] power: add ioctl permission 
[Detail]
Add PowerHal and FPSGO permission for system server
1. Add mtk_hal_power_hwservice:hwservice_manager find
2. Add FPSGO ioctl permission

MTK-Commit-Id: c006057773df6fe4d9e55d54162215c65efc8f00

Change-Id: I3d9e81d408248c79201984e5f269de7eb2f3813e
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:09:14 +08:00