NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
721 Commits 2 Branches 0 Tags
Commit Graph

14 Commits

Author SHA1 Message Date
Lili Lin
9e64f5e935 [ALPS03878175] Remove system_writes_vendor_properties_violators 
system_writes_vendor_properties_violators is only workaround,
and will cause *TS test fail, so remove the workaround and
corresponding rules that cause build fail.

MTK-Commit-Id: f637c1416b591c821bc9c18fd3dbf3aa5f9038af

Change-Id: If09922120de0742ec47d7c0522168d4e78a4e74f
CR-Id: ALPS03878175
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:04:31 +08:00
mtk12101
722798a334 [ALPS03982747] Remove unused sepolicy rules 
Some rules is no need any more, need to remove it.

MTK-Commit-Id: 49685f1299d990a7195a2d54b955517d8f2cc699

Change-Id: I4a590ad781589cf94989ce72c88751ac10b82eae
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:02:25 +08:00
mtk12101
6c68a34641 [ALPS03982747] Remove unnecessary violators 
Remove violators of system_executes_vendor_violators
in all .te files for Google rule.

MTK-Commit-Id: 2ea1f525e8cd6ef3cda981b2a47eabc4582fe767

Change-Id: I3940095186b1a530e7ed442cc34658c2317b9a89
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:01:50 +08:00
jerry-sc.wu
2bb5e6af4a [ALPS03867358] Thermal: P Migration 
[Detail]
Resolve build warning.
Fix "neverallow coredomain from writing vendor properties".

MTK-Commit-Id: 41ae21ce71a19a8a1abce51e33ab93b66e4fa793

Change-Id: I85f9091cbddd1503579b69b4e3b14e63a7eb2dcc
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 10:01:37 +08:00
Michael Hsiao
f159454d74 [ALPS03889880] Audio: Remove un-used permission 
[Detail]
Mediaserver doesnt set property to audio hal,
Remove the sepolicy permission.

MTK-Commit-Id: d4d2c9bcfc7d6e1c400673da105aacf7af9a2577

Change-Id: I1ea50f192688f9065856c710c2b7af55b9a30bef
CR-Id: ALPS03889880
Feature: [Module]Audio HAL
 2020-01-18 10:01:16 +08:00
jerry-sc.wu
dbcc1e21fa [ALPS03867358] Thermal: P Migration 
[Detail]
System cannot execute vendor in Android P.
Need Remove violated policies.

[Solution]
Remove related violated policys.

MTK-Commit-Id: 5b111d320a150b06e8900b374c1f55a29ca38e5d

Change-Id: Ia36502819979925df3846d8c13c7a8bba89ed077
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 09:59:39 +08:00
Lili Lin
05f5d87b88 [ALPS03881723] Workaround to fix build break 
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break

cdb1624c27

[Solution] Declare system_writes_vendor_properties_violators as workaround

MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3

Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:56:13 +08:00
Iris Chang
47b92ae93a [ALPS03800946] Remove data_between_core_and_vendor_violators 
[Detail]
data_between_core_and_vendor_violators is used temporarily. We should
follow Android P SELinux rule to write sepolicy.

[Solution]
Remove data_between_core_and_vendor_violators from files which already
fix SELinux build errors

MTK-Commit-Id: b371583759e781b0fb353f08d27cf7e425ff40fe

Change-Id: Ibdd1d2c175eea0abc502728d3effc5ee1564ee75
CR-Id: ALPS03800946
Feature: Treble
 2020-01-18 09:51:00 +08:00
mtk12101
b086e609ac [ALPS03825066] Remove unused sepolicy 
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop

[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"

MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248

Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:50:11 +08:00
mtk12101
78d7f51370 [ALPS03825066] Fix boot fail 
[Detail] System processes have no permission to access
vendor_default_prop

[Solution] Add get vendor_default_prop rule for system
processes

MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515

Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:47:42 +08:00
Legis Lu
923a563374 [ALPS03917508] remvoe neverallow rule for Android P 
Update the rule of MM feature to follow Android P

MTK-Commit-Id: c1c04c0eb241b562ee73a0aaf250a8604c2a2093

Change-Id: Iac8c86c545cf53d7e837884fb34335a80ebb749e
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
CR-Id: ALPS03917508
 2020-01-18 09:46:52 +08:00
mtk14717
dd229ac506 [ALPS03853366] Fix kisd sepolicy issue for android p[1/3] 
[Detail]
Move kisd from system to vendor and add keymanage hidl
[Solution]
Modify related sepolicy in device/mediatek/sepolicy/basic

MTK-Commit-Id: c1826ac0bdcc18a4e6d3298e73514801a35a09ad

Change-Id: Iee4b65ba5addc5a21de53e76d3bb092e2f37ab01
CR-Id: ALPS03853366
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:45:51 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00