add some new rules for not exit files in basic/non_plat/,
allow dumpstate to open/read files
MTK-Commit-Id: 7d8021e582f9c10b7f9574f4fcdadee0be5d3c99
Change-Id: Ifc1ca446ce6cd40e36835acaf52ca5a12efedcdb
CR-Id: ALPS04383536
Feature: Android Exception Engine(AEE)
[Detail]
Only BASIC Sepolicy need to be applyed for BASIC,
we separate basic/bsp sepolicy for BASIC.
This workaround is for fixing the build errors that
cause by the declarations were defined in bsp/ dir
and neverallow rules.
MTK-Commit-Id: f1ed54e84b85f73e20dcc8c2ac5f0c42fddedc77
Change-Id: I568873fcc272d04b018efc4be00924b751bb3775
CR-Id: ALPS04340791
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
Factory mode tool for NFC only works with SElinux disabled.
[Solution]
Update NFC stack to latest release W48p0.
Create the communication socket into data/vendor and apply
a specific SElinux label.
MTK-Commit-Id: 910948f163c96cac14494e5951c504e63a3334ee
Change-Id: I9b89e828e344041ef5bb464cc872f442490a6e2a
CR-Id: ALPS04190424
Feature: NFC Chipset Capability
The data button cannot show checked
MTK-Commit-Id: c244f89abe8640c4bc8b362fcd4f5cf96216190c
Change-Id: I31d70b7540f098643bccc5db6bc2396abf226f91
CR-Id: ALPS04185953
Feature: Engineering Mode
Miss rule in aee_aedv.te and cause cmdq status blocking by rule.
Add rule and fix name typo.
MTK-Commit-Id: 589feaa73ff62b1893f30d5e4b1ce02d34c94edf
Change-Id: I046f73e29f404cb51908f8191599cb46a7c1399d
Signed-off-by: Dennis YC Hsieh <dennis-yc.hsieh@mediatek.com>
CR-Id: ALPS04023420
Feature: Android Exception Engine(AEE)
[Detail]
Add sepolicy access right for Hifi3 adsp device.
Mobilelog and AED will need these access right.
MTK-Commit-Id: 06ac39d7cebbab2bcb3468fcf14f19b7e1489819
Change-Id: Ic834ac687b4423500ef6036824a6d6f75e57ccb3
CR-Id: ALPS03738758
Feature: [Module]Audio OpenDSP
Move connsyslog to system image as
limitation to access phone storage in
andriod new version.
MTK-Commit-Id: 0ea895cbf9dcb98a392cce5d98dd38ef839ac452
Change-Id: I68a37f21635b0ffeaddcda6ab5f59f8202c86709
CR-Id: ALPS03973363
Feature: Connsys Log Tool
[Detail] modify sepolicy
[Solution]
modify sepolicy for read and write system and proc/bootprof
MTK-Commit-Id: 2df7f3b055778e043c9cc2ad75a2c9a7abcb7ad6
Change-Id: I3c4f4dd2435a2b2dee72c54d60e9e1adf2ec671f
CR-Id: ALPS03888283
Feature: SP META Tool
[Detail]
Fix tpd auto test fail in factory mode due to sysfs nodes
are not allowed to read directly.
[Solution]
update touch setting sysfs policy and add to factory mode
MTK-Commit-Id: d8733ca0938653098f5ec1f5462c1723d8f67894
Change-Id: I3fb6a46cfbf02fe050174501a2606404a53bb2ad
CR-Id: ALPS03869354
Feature: [Android Default] CapTouch
[Detail]
1. Change type name from sysfs_boot to sysfs_boot_mode
2. Add type name sysfs_boot_type
MTK-Commit-Id: 54d5bb31fc8ad1d9ac2e931fe5dc01ef4c1083cf
Change-Id: I445ecdf5a5e334a49ccc1d747daa87f6be351d20
Signed-off-by: Peter Wang <peter.wang@mediatek.com>
CR-Id: ALPS03901606
Feature: UFS Booting
Google has upgraded drm hidl to version 1.1, need upgrade
all config(device.mk, sepolicy, manifest) to new version.
MTK-Commit-Id: 50b87ab9d8654c2ea1bea22fa9a589fd85481324
Change-Id: I9a36ad250153bcbb446b790bae5942965409fab3
CR-Id: ALPS03916010
Feature: Google Widevine Level1
[Detail]
1. Remove the battery_node label.
2. Modify the path for sysfs_batteryinfo from
/sys/devices/platform/battery/power_supply to
/sys/devices/platform/battery to let fuelgauged
use it.
3. Add the sysfs_vbus and sysfs_pump_express label.
MTK-Commit-Id: 8603797a37fbb115f08a7c46a4292acbb34e1d05
Change-Id: I5a02d30d79a3564ef429f6dfe93f8df48004640b
CR-Id: ALPS03861775
Feature: Charger
[Detail]
Because p has new SELinux policy,
we need to fix the violation part.
[Solution]
Mark the violation part.
MTK-Commit-Id: 9935b37d96538a2696ac34e0ef8e0f4c480d3167
Change-Id: Ia0fac8c2b94d2acfc29dec20dd29dca85f9f9cf0
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
[Detail]
1.Google add new neverallow rule for untrusted apps
2.The file/dir in /proc must associate with proc_type
[Solution]
1.Remove rules which violate google neverallow rules
about untrusted apps
2.Add proc_type attribute for file/dir on /proc
MTK-Commit-Id: b94412725e3a7b18db9573056c2fb43367989ed5
Change-Id: I89de16a65f05d052969c794604b9c372ed1ce7e1
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
Mobile Log selinux rule porting:
1. fix the violation on P
2. relable some kernel interfaces.
MTK-Commit-Id: 4108ed13f3e7693c3642b6f073c5444f133b3c38
Change-Id: I1fac185779510f10b9b94bdf6ec40573237d846a
CR-Id: ALPS03886572
Feature: Mobile Log Tool
[Detail] Modify meta_tst.te for Android P
[Solution]
Add comport type and uart info sepolicy
MTK-Commit-Id: b2f1a2b46f1bc8135b98dd306ff4353b3ba5383f
Change-Id: Ib40eb5e5a9512d7d33b25b191e04eab9684fe121
CR-Id: ALPS03888283
Feature: SP META Tool
[Detail]
Since Android P, battery-related information should be declared as native
sysfs_batteryinfo, which can be accessed by healthd and other processes
asking for battery information.
[Solution]
1. Remove sysfs_power_supply.
2. Change the usage from sysfs_power_supply to sysfs_batteryinfo.
MTK-Commit-Id: 5713190900415312f7904cdf6d46a891996d5786
Change-Id: I10099570afdb48f0806d6979a3fb11b9b9e59fbe
CR-Id: ALPS03861775
Feature: Charger
[Detail]
1.The types on /sys/ must be associated with the
"sysfs_type" attribute: sysfs_keypad_file
2.sysfs_type only have read permission
[Solution]
1.Change sysfs_keypad_file to sysfs_type
2.Modify the permission to read about sysfs_type
MTK-Commit-Id: 4cf285589167b25623a67c6b951c796846a9a3ad
Change-Id: I3dd516eaf9959611c9a2b003cb3af07a35da5442
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
