Add whitelist for the following properties,
ro.lmk.use_minfree_levels
ro.lmk.low
ro.lmk.medium
ro.lmk.critical
ro.lmk.kill_timeout_ms
ro.lmk.swap_free_low_percentage
This is just a temp solution because those properties should be
put in system/sepolicy/public/property_contexts, but it is not
ready currently. Once it is ready for those properties, this
patch will be rolled back.
MTK-Commit-Id: bc8b76b56605d264af1727cd234a5406da372744
Change-Id: Id8db6725e9dfeeeebd401c8922fe8004c5f5c5b4
CR-Id: ALPS04455690
Feature: Memory Optimization
mtk_agpsd needs to save some data in mnt_vendor
MTK-Commit-Id: 9a16e787248a3b6e07dea75bdeee2428ef8ceb2c
Change-Id: I55715e48c3c56e700725cc223ac08f753433cd5d
CR-Id: ALPS04418703
Feature: A-GPS
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permission to access proc_ged by ioctlcmd
in MTBF.
MTK-Commit-Id: 6fe037cc18f278a95a919bb3188ae50fb880a36e
Change-Id: I4f4a3b13f3ee49920ebb588ed5e7094ae0065494
CR-Id: ALPS04462320
Feature: [Module]SystemServer
[Detail]
Same process hal modification
MTK-Commit-Id: 54746202d1051616f8d4e65c13d516063899040f
Change-Id: I31873741ce1a25106552d3cc83b22ef866f49433
CR-Id: ALPS04431046
Feature: OpenGL|ES
(cherry picked from commit 53d59eca15de0fdfc5ab1eb6e7ebe45a8dc9ba91)
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permission to access proc_ged by ioctlcmd
in MTBF.
MTK-Commit-Id: b3250e2378854b801fd8602b5369b48d91268993
Change-Id: I46d46e62dfb7fcc8a5675cc7584fd8f8e069238f
CR-Id: ALPS04462320
Feature: [Module]SystemServer
[Detail]
For Andorid Q, there is a more stringent restriction for ioctl,
app need some permissions to access proc_ged by ioctlcmd.
[Solution]
Add sepolicy for app to access proc_ged by
ioctlcmd=GED_BRIDGE_IO_BOOST_GPU_FREQ.
MTK-Commit-Id: 1d7bd0172f33336abcc94349978bbbd008f5fe9d
Change-Id: I62f422f072dc0881ea4c9f082a4c548b7164d58d
CR-Id: ALPS04449311
Feature: Power Management
[Detail]
Build error due to miss ;
MTK-Commit-Id: 9ff79edcad3b00db3ed3143b62a5078a8765f3de
Change-Id: Idccb173c592417bd36bc71c096b21c1f255204d4
CR-Id: ALPS04400468
Feature: [Android Default] Camera Application Basic Functions
[Detail]
1. Add system server permission for power_hal_mgr_service
2. Remove su permission
3. Use macro to set permission
MTK-Commit-Id: 465f6b986296ecd46404c4cfd497bfd80c0a1842
Change-Id: I65041fd264cae53b850e013f12679c84c3b9eb36
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
when open selinux, mp3 playback will lead to high power loading,
reason is that due to selinux,mediaextractor process cant get
music process name, so lower power feature cannot work
Add sepolicy to fix the issue.
MTK-Commit-Id: 10dad319efacefe5807a7932a63ca34f6bb881a5
Change-Id: I1e41f0e07134fad957fe3f98b99fcc8985f3ebd7
CR-Id: ALPS04427301
Feature: [Android Default] MP3 Playback
[Detail]
For Andorid Q, there is a more stringent restriction for ioctl,
app need some permissions to access proc_ged by ioctlcmd.
[Solution]
Group existing sepolicies for different types app to access
proc_ged by ioctlcmd together in appdomain.
MTK-Commit-Id: e9ba9a00dbbc063388c8120048a72fd8f7ce497c
Change-Id: I24a4671259a68a0fda756d37c16b7e61801e6cc8
CR-Id: ALPS04428389
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
Add selinux for lazy hidl, to make lazy hidl service can be started
MTK-Commit-Id: d2bbc3f95ab7f2d7dfafe932515053226747ea78
Change-Id: Id6fd21bf7794dbc42454202b081113a9c040722c
CR-Id: ALPS04423573
Feature: [Android Default] Backlight
[Detail]
add selinux for lazy hidl, to make lazy hidl service can be started
MTK-Commit-Id: 68eae2f272d3cee8db8377cb298e2227bf21c6fd
Change-Id: Ic1c4ce80ed2574093bdd42f1061aca66596f3dca
CR-Id: ALPS04411237
Feature: [Module]Vibrator
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permissoin to access proc_ged by ioctlcmd
in MTBF.
MTK-Commit-Id: f4a14dea0b118232234da13c860c66e1b31b3c5d
Change-Id: Idd1b3376f8980273f5e91985d91729c1ab50dd59
CR-Id: ALPS04424750
Feature: [Module]SystemServer
[Detail]
Set factory as an client of hal_light,
so that factory can access hal_light service
MTK-Commit-Id: aa59bfbc9d04a2ede701ff67e6ae587f6e5c4394
Change-Id: I86ddb045d73175f10ee57061150a387394009967
CR-Id: ALPS04414154
Feature: Factory Mode
[Detail]
More strictly selinux policy that system process cannot access vendor
partition,
unless label the specific vendor lib to same_process_hal_file
[Solution]
Add same-process HAL files and their dependencies
MTK-Commit-Id: 565e78ca92a83f2aaf44bc599b91f9cb61a5bec5
Change-Id: Id5450d9ae3467b9aae8be20d3d1934e3e1f8a375
CR-Id: ALPS04167940
Feature: MiraVision
(cherry picked from commit c62b2f1b4d75034ce130d909a574aa8d6879b345)
