android_device_mediatek_sepolicy

NekoSakura/android_device_mediatek_sepolicy

Author	SHA1	Message	Date
Denis Hsu	ff55ca78e3	[ALPS04795693] Clear the vendor.powerhal.init for FDE encryption flow power-hal would be killed and re-start in the manual encryption flow. To prevenet the second power-hal would be stuck by other service, clear the vendor.powerhal.init property. MTK-Commit-Id: 0ec23aea4fa637f6e1e22a45c9afb914c48d20d8 Change-Id: Idaf2ad7b01337ce94afe507395588e299fb9cb8a CR-Id: ALPS04795693 Feature: Full Disk Encryption (FDE)	2020-01-18 10:21:07 +08:00
sharon.feng	bd4bfe1387	[ALPS04807382] Add sepolicy for mediacodec [Detail] Hybrid encoder would use /proc/m4u device that we have to enable its access permission. MTK-Commit-Id: ba554f2ef0c5e78a7f9df483453b04630c557391 Change-Id: I93d40947a40da9d17d63cb0ad79519837b64e643 CR-Id: ALPS04807382 Feature: H.264 Encoder	2020-01-18 10:21:03 +08:00
sharon.feng	c4a244736f	[ALPS04807382] Add sepolicy for mediacodec [Detail] Hybrid encoder would use /proc/m4u device that we have to enable its access permission. MTK-Commit-Id: 95d62cfe0a8c3c5f1b5992717c93872edf435668 Change-Id: I65cc0b24892afaba20a8433e548b05f005078a19 CR-Id: ALPS04807382 Feature: H.264 Encoder	2020-01-18 10:21:03 +08:00
James Hsu	e72c16be08	[ALPS04774560] mrdump: add sepolicy to drop caches add sepolicy to write /proc/sys/vm/drop_caches MTK-Commit-Id: 87067ad776cde751a3d2d416088df2cc4ef00e0f Change-Id: I793b166041b051f28dc2d443858bb469ce9edd9c Signed-off-by: James Hsu <james.hsu@mediatek.com> CR-Id: ALPS04774560 Feature: Memory RAM Dump (MRDUMP) (cherry picked from commit 42a3fcaceb572b4bdd6be2b36380383040f1d46b)	2020-01-18 10:21:03 +08:00
Ian-Y Chen	0386f1b975	[ALPS04802193] EAS: add proc_cpufreq sepolicy [Detail] EAS cannot control CPU freq [Solution] Add proc_cpufreq in vendor_init.te MTK-Commit-Id: 69955d988abbc3ba90ebefdb734212a9ff1e4e19 Change-Id: Id749e5d60bfa29a4b4c131557981b69eed7d5077 CR-Id: ALPS04802193 Feature: Energy Aware Scheduling Plus (EAS+)	2020-01-18 10:20:59 +08:00
Haojie Li	5e81b738ca	[ALPS04475916] D2+ Add M4U SELinux Permission [Detail] add selinux permission for camera MTK-Commit-Id: f21aac620680035891c6cab33de49a2c02f659eb Change-Id: I4a0134dda8c8411be3bb2c3a9c69f1e91803a91e CR-Id: ALPS04475916 Feature: [Android Default] Camera Application Basic Functions	2020-01-18 10:20:59 +08:00
mtk14723	979f4465f3	[ALPS04359407] EM: modify sepolicy from nvdata to nvcfg [Detail] Modify sepolicy of emhidl from nvdata to nvcfg for MCF to access nvcfg MTK-Commit-Id: 1027f0b3abdbca6457c0a20af765d063ea2f9a78 Change-Id: I95bde16e2910fb37d2f9ffc5a0f29f8fb618ec64 CR-Id: ALPS04359407 Feature: Engineering Mode	2020-01-18 10:20:55 +08:00
mtk11515	69fa27667a	[ALPS04799819] add system binder call permission [Solution] add system binder call permission for ATM app change MTK-Commit-Id: cf3c223076a71f242690524178ac5a5a6f6d651b Change-Id: I79c6b30d5611d1c8774f25218c65dbf732129fb9 CR-Id: ALPS04799819 Feature: ATM	2020-01-18 10:20:55 +08:00
Ian-Y Chen	8695ad239f	[ALPS04328846] power: add fliperfs policy [Detail] 1. Add proc_fliperfs policy 2. Add fliperfs permission to powerhal MTK-Commit-Id: 519ec87e9f32de2f987acad288224be03b1fdde8 Change-Id: Ie3d58e1e48e0862864a70a281e2c2e3040206f09 CR-Id: ALPS04328846 Feature: [Module]PowerHAL	2020-01-18 10:20:54 +08:00
bo.shang	34e4338c7e	[ALPS04760404] Remove SElinux code 1. Dont create folder in data by process self MTK-Commit-Id: 137bc58be1b0069794c7b52db91f8532e406bf31 Change-Id: I20c0ca16c66490b81a03192eb642131b50933933 CR-Id: ALPS04760404 Feature: Modem Log Tool	2020-01-18 10:20:51 +08:00
Freddy Hsin	b069f1aff7	[ALPS04794271] bootctl: add misc access permission for bootctrl add misc access permission for bootctrl MTK-Commit-Id: 5c7ec0779ccca3fd9f9cc516cdae1b003fed2112 Change-Id: Ia8327de54f3e8e429506f2d58309cf46a1a0513a CR-Id: ALPS04794271 Feature: [Android Default] SIU (SD Image Update)	2020-01-18 10:20:50 +08:00
Ian-Y Chen	c3f01bd285	[ALPS04760857] power: remove redundant policy [Detail] Remove SE policy which is used by powerhal MTK-Commit-Id: 08a121d90319599509142fb1b76a8bae7d287b6b Change-Id: Idfca0859f22e880ff9ec6d55db315911438f9e53 CR-Id: ALPS04760857 Feature: [Module]PowerHAL	2020-01-18 10:20:45 +08:00
Vineet Goyal	b5f7f8fef6	[ALPS04793667] MSDC: Change block device path Change block device path so that access from user space need not take care platform-dependent device address. MTK-Commit-Id: 0c06dba2f545b1ecbf614f6fab0f8f9faef7199a Change-Id: I68746d22e61259a9bcdbf4124446b9c81077edbe Signed-off-by: Vineet Goyal <vineet.goyal@mediatek.com> CR-Id: ALPS04793667 Feature: eMMC Boot Up	2020-01-18 10:20:45 +08:00
Ian-Y Chen	bf78be7a61	[ALPS04328846] power: add sys_fs_f2fs permission [Detail] Add sys_fs_f2fs permission to PowerHal MTK-Commit-Id: 4bd3689745cf60eaf6e1f43705b45edba8c71b9d Change-Id: Ibe9f83936f9b8c60bd94582849d1f9a4672b992a CR-Id: ALPS04328846 Feature: [Module]PowerHAL	2020-01-18 10:20:44 +08:00
Huaiming Li	b14829ba29	[ALPS04719663] add some sepolicy rules 1. set prop to allow vendor init rc set property 2. allow aee_aedv to read reboot reason file MTK-Commit-Id: c12035a6290abbc0144f8840b2081e8b3e31b0d9 Change-Id: Id1521fab2999bff15ca4f2e2399e16f672636284 CR-Id: ALPS04719663 Feature: Android Exception Engine(AEE)	2020-01-18 10:20:41 +08:00
Guoyi Qu	cf0ffa1738	[ALPS04760297] SEPolicy Optimize Revise high risk SEPolicies. MTK-Commit-Id: 54290cb8aeb0fbb67310ed0cffe826684158effe CR-Id: ALPS04760297 Feature: Connsys Log Tool Change-Id: I369c7a917f8ee9cc95e0db14e552ce9195583a14	2020-01-18 10:20:40 +08:00
Cui Zhang	ba7ce778ea	[ALPS04791203] m4u: add ioctl define for permissioin control [Detail] Add ioctl define for permissioin control if user need to add m4u permission, need to add it in its process .te file MTK-Commit-Id: 450b6a3cf6177d0befee4dbe3e41104c8e957191 Change-Id: If708b999fd398a2388cdf7fc764d91814a9bbf86 Signed-off-by: Cui Zhang <cui.zhang@mediatek.com> CR-Id: ALPS04791203 Feature: [Module]ION/M4U	2020-01-18 10:20:36 +08:00
Ian-Y Chen	19ad399e64	[ALPS04328846] power: enable cache audit [Detail] 1. Add label for cache audit 2. Add permission to PowerHal MTK-Commit-Id: b0f9581a8cb23b9dcb655b33b7255aedb597574e Change-Id: Iea67821d04cb287c3492bf2eb6f3c4adc07aef84 CR-Id: ALPS04328846 Feature: [Module]PowerHAL	2020-01-18 10:20:33 +08:00
Peter Wang	e32b6f7663	[ALPS04786311] eMMC : patch clear eMMC fail in factory When clear eMMC, need umount bootfs, add permission to stop mdlogger process which access bootfs. MTK-Commit-Id: 9ebab1fae0665a8c08af9b2d59b52a40f570054b Change-Id: If4a9667906698b812a45b17d1162df3db3ed61f3 CR-Id: ALPS04786311 Feature: Factory Mode	2020-01-18 10:20:33 +08:00
Peter Wang	af17e4d54a	[ALPS04786311] eMMC : patch clear eMMC fail in factory When clear eMMC, need umount bootfs, add permission to stop mdlogger process which access bootfs. MTK-Commit-Id: 2d39dc0341e703f5ae92797146c0d2cec8defe77 Change-Id: I32bb7e94db970361a9f3a345f0cf7541fc9fd634 CR-Id: ALPS04786311 Feature: Factory Mode	2020-01-18 10:20:32 +08:00
Gang Xu	667f0f00df	[ALPS04785930] Add ICCID to sensitive property ICCID belongs to sensitive information and is not allowed to print. Add IMSI property to sensitive group and it is not printed in mtklogger property files. MTK-Commit-Id: 9a8e54973852a5afc01083ffe6ef2b7ac91d9347 Change-Id: I6e8a799bc5299deca730add0d0dfee77550b2a63 CR-Id: ALPS04785930 Feature: Mobile Data Service	2020-01-18 10:20:28 +08:00
Jimmy Lai	b1dfbc5f60	[ALPS04763260] Fix Permission add sysfs_device_tree_model sepolicy /firmware/devicetree/base/model MTK-Commit-Id: 1b81ac4c2d260969ee02b1ffa81cf0bdfb99d019 Change-Id: I9c9bc011ec7f35a264af3bee6340991e9c2a2bec CR-Id: ALPS04763260 Feature: [Module]Video Driver	2020-01-18 10:20:28 +08:00
Cosmo Sung	d5f4f31ade	[ALPS04773384] SeLinux permission Remove general socket permission. MTK-Commit-Id: 82b1e7c7fdc88ecec8fe72e2dc97023feda7f932 Change-Id: I48cb912ae8aa3480476dd451d7ebb0657a1c3793 CR-Id: ALPS04773384 Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)	2020-01-18 10:20:24 +08:00
jerry-sc.wu	31f4d86bf1	[ALPS04763250] Thermal: SEPolicy de-risk [Detail] 1. using set_prop for SEPolicy optimize. 2. modify high risk sysfs write operation for security. MTK-Commit-Id: 48b34c3013d5402a3d6253945d3b41a148f0d167 Change-Id: I9657ab3f5eee2616f452a442fb6201779edd831c Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com> CR-Id: ALPS04763250 Feature: Thermal Management	2020-01-18 10:20:24 +08:00
Ian-Y Chen	c947a234d9	[ALPS04760762] power: remove high risk policy [Detail] Remove procfs and sysfs root permission MTK-Commit-Id: 1af6e86e9f71ef919ec46a7eda2f2901a5c63a80 Change-Id: I3ddea266511017eba1b51d7879be3a5a81b497e6 CR-Id: ALPS04760762 Feature: [Module]PowerHAL	2020-01-18 10:20:20 +08:00
Wilma wu	854a8b9f99	[ALPS04387262] RTC: label sysfs_rtc files fix hctosys permission. MTK-Commit-Id: 58c00437a1e1bd2c06f4745ce38c505f36ea32e4 Change-Id: I878a9bbe0f3d42d2dd3e205c3bcc2108c8976889 Signed-off-by: Wilma wu <wilma.wu@mediatek.com> CR-Id: ALPS04387262 Feature: RTC-Power Drop Auto Reboot	2020-01-18 10:20:20 +08:00
Huaiming Li	ebb30438c8	[ALPS04776332] fix google dumpstate avc issue [Detail] 09-05 15:58:31.552000 9693 9693 W df : type=1400 audit(0.0:990): avc: denied { search } for name="expand" dev="tmpfs" ino=10779 scontext=u:r:dumpstate:s0 tcontext=u:object_r:mnt_expand_file:s0 tclass=dir permissive=0 [Solution] add sepolicy rule: allow dumpstate mnt_expand_file:dir search; MTK-Commit-Id: 2117b8897e13ad2e52f8f7b9b16532e20cc8f477 Change-Id: I428cc52d30c3396d9d355af286bcdaa94d170eec CR-Id: ALPS04776332 Feature: Android Exception Engine(AEE)	2020-01-18 10:20:13 +08:00
yuhui.zhang	92bb4e88bb	[ALPS04316338] Fix wcn coredump JE problem [Detail] Wcn coredump move to vendor on Android Q. EM need to set property by vendor hidl MTK-Commit-Id: 7b93a89746c7d9f5c2672418babb22c9a23513b0 Change-Id: I9ff4d54918c9becab9dcaaae9f5cbb3d04d17ac6 CR-Id: ALPS04316338 Feature: Engineering Mode	2020-01-18 10:20:13 +08:00
Jun Zhao	655451ea9e	[ALPS04768250] occur fatal SWT when have some proccess in background Add policy for wfd & HDMI MTK-Commit-Id: d45ac4bdc336432a8d59d9bf2ec09d2954a39988 Change-Id: I7e36f4c93131b98d9e6273e7b410c0b59866ec0a CR-Id: ALPS04768250 Feature: Wi-Fi Display	2020-01-18 10:20:12 +08:00
Yifei Qiao	dd08af703d	[ALPS04775042] Fix install drm key sepolicy error Fix install drm key sepolicy error MTK-Commit-Id: e3c03327cba36fb5fc352203f0bbe8337316e5ae Change-Id: I8e418d69dcdf5838cd94f242055526c7f897f9ab CR-Id: ALPS04775042 Feature: [Module]keymaster	2020-01-18 10:20:09 +08:00
swintegrator	8d9e4a522f	[ALPS04784782] Add SELinux sepolicy for TEEI OS communication Add hal_graphics_allocator_default SELinux sepolicy to enable normal/secure world communication. This is used for secure memory allocation from graphics allocator HAL to TEEI OS. MTK-Commit-Id: a47f2e49b8c563fdc457443e46af591a2691a441 Change-Id: I2bdc87303310f5acdd85f0491e58644b26963838 CR-Id: ALPS04784782 Feature: Microtrust TEEI	2020-01-18 10:20:08 +08:00
yizheng.yang	51885451fa	[ALPS04781447] Add selinux permission Add permission for atcid MTK-Commit-Id: e4ab92c694185c03bbcc792fed84fdeaf0013409 Change-Id: Ib7f76d8c5f03da070559f8f73de6f611367b96a6 CR-Id: ALPS04781447 Feature: [Module]ATCI (AT Command Interface)	2020-01-18 10:20:05 +08:00
otis.huang	ae6fbad5e9	[ALPS04387792] BGService: add sepolicy permission [Detail] 1. add BGService sepolicy permission MTK-Commit-Id: f5832af535feb84ff9f94ae25eb02fc6f5959762 Change-Id: I22a1e8d6e17a2f455771adf677d2ce8cb32e6550 CR-Id: ALPS04387792 Feature: [Android Default] Camera Application Basic Functions	2020-01-18 10:20:04 +08:00
yizheng.yang	1a9ed28058	[ALPS04760107] Fix high risk selinux Fix high risk selinux in atci MTK-Commit-Id: 920482c8d6406a57b2b653e98b8b28c30c2e6d1b Change-Id: I6cbd85f3699f055312a5f6b2ea577bd9161ef29e CR-Id: ALPS04760107 Feature: [Module]ATCI (AT Command Interface)	2020-01-18 10:20:00 +08:00
Chun-Hung Wu	ef2d9a611a	[ALPS04776340] dumpstate: add selinux policy [Detail] Add sd card mmcblk0/mmcblk1 sysfs_mmcblk for dumpstate MTK-Commit-Id: 6b8fde0993498cd8659b028f978ee118a082f81b Change-Id: I4212764d39ee8752d6a5347d2a5e629f53205d0e CR-Id: ALPS04776340 Feature: UFS Booting	2020-01-18 10:20:00 +08:00
Eric Chung	606cbd7ddc	[ALPS04761007] GPU: Fix high risk sepolicy [Detail] Remove "allow property set" in mtk_hal_gpu MTK-Commit-Id: 846c697e7b7766010b31a37371fbbe0babaa8203 Change-Id: I87f87982ea5c0147a60c6120548d4a44dd8c7f29 CR-Id: ALPS04761007 Feature: OpenGL\|ES	2020-01-18 10:19:59 +08:00
chien-wei hsu	6bc8ac8bdb	[ALPS04760982] audiohal: fix High risk SEPolicies of mtk_hal_audio [detail] remove sysfs file permission, only request the sysfs_ccci file MTK-Commit-Id: 0649e6c55c648d65fa9c599d73bfa98e02e918fe Change-Id: Idab0ac8e4aff9234887f70dc60fe51339d78cd2b CR-Id: ALPS04760982 Feature: [Module]Audio HAL	2020-01-18 10:19:52 +08:00
Huaiming Li	9f9773fc1f	[ALPS04772922] fix dumpstate SF_RTT dir avc error [Detail] dumpstate SF_RTT dir getattr avc error in xTS [Solution] add getattr rule into dumpstate.te MTK-Commit-Id: 20c47c82db9b6dfc5091f1fa03f8505c619343ee Change-Id: Ic6de198bfd4736ba2fa3f3aea6024eeda0f57a16 CR-Id: ALPS04772922 Feature: Android Exception Engine(AEE)	2020-01-18 10:19:52 +08:00
Guobao Wang	0b9d1a7568	[ALPS04763239] Remove the high risk sepolicy sysfs_vcorefs_pwrctrl Remove the high risk sepolicy sysfs_vcorefs_pwrctrl because its no longer in use. MTK-Commit-Id: 7aec1b3e31558366c3d3f098eb7c9eac02398a2a Change-Id: I2e0dcd99be464f01435f8e96ea6dd5fa6ca12716 CR-Id: ALPS04763239 Feature: SIM	2020-01-18 10:19:51 +08:00
Youxiu Wang	6f8abd5708	[ALPS04763237] Modify permission forRIL Reduce the scope of permission for RIL to access proc node. MTK-Commit-Id: 4f0402b23acbbcf90e195f4c0bfc3bd249c1489e Change-Id: I442119bd6696a40aa1a49bec781cfb947869b995 CR-Id: ALPS04763237 Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)	2020-01-18 10:19:51 +08:00
Jen-Chih Chang	f4b78200ab	[ALPS04761137] Remove mtkrild emulator SEPolicies Remove ununsed mtkrild emulator SEPolicies MTK-Commit-Id: c6a07a483b3ff3c64b356d44808009aff7bb95b8 Change-Id: Ifbc17574943048f2f855ceb3282a89b892d7dc8c CR-Id: ALPS04761137 Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)	2020-01-18 10:19:50 +08:00
mtk14723	dc117a90e7	[ALPS04761108] Backlight: remove the unused sepolicy [Detail] Remove the unused sepolicy, which has high risk MTK-Commit-Id: 93b6fa2d6408dc551867fb24b260b053a9b746a7 Change-Id: Id8ddccde37e766c59b1d258d17db2759da6a3ef9 CR-Id: ALPS04761108 Feature: [Android Default] Backlight	2020-01-18 10:19:50 +08:00
hao.wang	36fcc17d60	[ALPS04760753] add hal mms sepolicy Add merged_hal_service plolicy MTK-Commit-Id: b098be0f7ff7c5f3755b9f7dfbf07dd17cf5eb65 Change-Id: I064377cb7628c703563fe2b3acc5e8718c0bd458 CR-Id: ALPS04760753 Feature: [Android Default] Camera Application Basic Functions	2020-01-18 10:19:49 +08:00
Denis Hsu	4aa82d78c9	[ALPS04761184] Remove high risk policy for nvram Remove high risk policy for nvram. MTK-Commit-Id: 6b89d790d606c06b3c48ef2711ad4e1f3b3132de Change-Id: Iae4a7b021816f771d77b3f58f150de03863dfb9f CR-Id: ALPS04761184 Feature: NVRAM Partition	2020-01-18 10:19:49 +08:00
Cosmo Sung	979dff06fc	[ALPS04761137] SeLinux permission Add rild socket type. MTK-Commit-Id: d6850afb4aa38dbb3ec7e439b40a3379edf131a0 Change-Id: I3593adadabeffbe98bacdc27579f392073a40300 CR-Id: ALPS04761137 Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)	2020-01-18 10:19:48 +08:00
Huaiming Li	b42ff07e97	[ALPS04719663] fix avc denied issue add aee_aedv allow to read proc_pl_lk file MTK-Commit-Id: ffc098c939b46f9df94d41e901d3c0f9ab7a9169 Change-Id: Ib3dbfce32dd63afe83998d2c5dea977ab9dcc6c4 CR-Id: ALPS04719663 Feature: Android Exception Engine(AEE)	2020-01-18 10:19:48 +08:00
Nixy Hsu	2f89f8a47a	[ALPS04754649] gz: add mtee trusty selinux perms fix sysfs permission for dumpstate under selinux. MTK-Commit-Id: bca4ec3babf362b7f9d21b7c1ea8290f55d8d74c Change-Id: I26cfbb4e959f0dbd89d46d6088284f36e6450c42 CR-Id: ALPS04754649 Feature: GenieZone Signed-off-by: Nixy Hsu <nixy.hsu@mediatek.com>	2020-01-18 10:19:30 +08:00
Yanjie Jiang	725c0b46e1	[ALPS04760260] ccci: delete rule not used Change sepolicy rule for security. MTK-Commit-Id: 0fe0072748de8b9077117a9d4d67bebea46cf9ec Change-Id: I85a2991ffa2928330989a53ad0597d403274ccce CR-Id: ALPS04760260 Feature: Modem Interface Driver Signed-off-by: Yanjie Jiang <yanjie.jiang@mediatek.com>	2020-01-18 10:19:29 +08:00
Cosmo Sung	a49221caf7	[ALPS04763240] SeLinux permission Remove unused policies. MTK-Commit-Id: fb08d7258914676e713d5a4522b8ecb3b35d56d9 Change-Id: I1be805ef301abfefc1723be2ebd97153ddba1d23 CR-Id: ALPS04763240 Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)	2020-01-18 10:19:29 +08:00
Hao Dong	0ae7f56165	[ALPS04765260] BT open fail [Description] Sepolicy modification for BT Driver setprop MTK-Commit-Id: fa7f679e819436f0a49387411103ce866734dc2f Change-Id: I4b4edf6d45333d1ed4cb5a4fee17697dbae87acc Signed-off-by: Hao Dong <hao.dong@mediatek.com> CR-Id: ALPS04765260 Feature: BT AOSP	2020-01-18 10:19:25 +08:00

1 2 3 4 5 ...

1063 Commits