android_device_mediatek_sepolicy

NekoSakura/android_device_mediatek_sepolicy

Author	SHA1	Message	Date
Denis Hsu	0b03f73f0c	[ALPS03943904] Act storagemanagerd as vold context [Detail] In order to meet selinux limitation, storagemanagerd act as vold context to mount storages [Solution] Add the following line in file_contexts. /system/bin/storagemanagerd u:object_r:vold_exec:s0 MTK-Commit-Id: 0b309fd0afc84f3da0ea91a324dca6f824366537 Change-Id: I68e568b8e7d37d218ae88e82cdd509c32abaea66 CR-Id: ALPS03943904 Feature: Mobile Log Tool	2020-01-18 09:57:15 +08:00
Linger Lee	b4490de2ae	[ALPS03946137] vibrator: fix selinux issue [Detail] Add new path for P0 MTK-Commit-Id: ea1afedcb6f95a885827b002df7f6f2ea5328c77 Change-Id: Iea0ba7fcafaac70c8ec3980fc0a4753b7cbbbc91 CR-Id: ALPS03946137 Feature: [Module]Vibrator	2020-01-18 09:56:52 +08:00
bo.shang	276c0764fc	[ALPS03943443] Modem Log start USB logging fail Fix SELinux errors: 1. Set vendor property 2. Set USB property [Solution] Add permission MTK-Commit-Id: f9bea7ca32b8ca70e6f015d786753a43491810aa Change-Id: I3e7cfc80eb34c3430a059b57afa1474ee49e75b1 CR-Id: ALPS03943443 Feature: Modem Log Tool	2020-01-18 09:55:57 +08:00
Ji Zhang	3dd4f888c5	[ALPS03890586] add setgid for aee_core_forwarder [Detail] Add setgid selinux rule for aee_core_forwarder to make it can add group to avoid dac_override MTK-Commit-Id: e25e5ae4c8f3b760c112efd8c8809d5e9790b967 Change-Id: I90a4af9b3fe86d7699f1fa3adbd9f402c4de88ac CR-Id: ALPS03890586 Feature: Android Exception Engine(AEE)	2020-01-18 09:55:08 +08:00
Bo Shang	2049228bfd	[ALPS03938824] MTKLogger cant start modem log revert code MTK-Commit-Id: bd9f5e9d378074d75b691d9a7d1d6db913e0f743 Change-Id: I13df8d2f18bb34d3f6aac4a024dd3ce84b963c7b CR-Id: ALPS03938824 Feature: Modem Log Tool	2020-01-18 09:53:42 +08:00
bo.shang	1228b041a5	[ALPS03938824] MTKLogger cant start modem log SElinux opened and selinux error caused many fail [Solution] Add permission for setpropty MTK-Commit-Id: d866e6798a30826ae8fc2f163541f7701481c0d0 Change-Id: I8f1513896afb4a751d1838200e03e41be8763d1d CR-Id: ALPS03938824 Feature: Modem Log Tool	2020-01-18 09:53:36 +08:00
bo.shang	06cc7d74f4	[ALPS03939119] MTKlogger start network log fail Root cause: SElinux error [Solution] Add permission MTK-Commit-Id: 70e0e5269742da491f639e9fdb620c0824b0d97f Change-Id: I13dd8542b51d36789c6d83c7eebfb8cec8105782 CR-Id: ALPS03939119 Feature: Network Log Tool	2020-01-18 09:53:33 +08:00
Guoyi Qu (曲国毅)	7c346aab63	Merge "[ALPS03921396] emdlogger SELinux error" into alps-trunk-p0.basic Change-Id: I5e5f12436d4d6984d8725ce1fdd82da6840581f4 MTK-Commit-Id: b35204130c2bdd173178550fcd11c7c476e4115a	2020-01-18 09:53:12 +08:00
bo.shang	38ae679b9b	[ALPS03921396] emdlogger SELinux error 1. Fix emdlogger selinux avc error on P [Solution] Modify SELinux file MTK-Commit-Id: dc981c59fc3c45b273ae31cb14269ada31ae668e Change-Id: Iaaf4198be65ad728b95497e2767e1b4c254b18d2 CR-Id: ALPS03921396 Feature: Modem Log Tool	2020-01-18 09:53:08 +08:00
mtk11285	c058e72a5b	[ALPS03841705] AEE porting on Android P about selinux [Detail] add some rules MTK-Commit-Id: 350fa2869fe9390bcb7ca562af5230a2ad711640 Change-Id: Ib4966ae42233270eb7a65ab036903791767b5ec8 CR-Id: ALPS03841705 Feature: Android Exception Engine(AEE)	2020-01-18 09:52:43 +08:00
Ji Zhang	e7cd43c12c	[ALPS03890586] add rules for aee_aed [Detail] Add selinux rules for aed in eng/userdebug: capability dac_override/dac_read_search MTK-Commit-Id: d3cb23b65eb02f7b4d57d818f0bfd617b96387ed Change-Id: Ie4e7efe212913aa7cbfb12aa471b911fbabcdae0 CR-Id: ALPS03890586 Feature: Android Exception Engine(AEE)	2020-01-18 09:50:50 +08:00
mtk11285	628e0eccb8	[ALPS03841705] AEE porting on Android P about selinux [Detail] 1. add some rules 2. temp solution for getting ro..mediatek.version.branch/ ro..mediatek.version.release property MTK-Commit-Id: 12c4d79a10293c4611233c985c29dca94f6e24ae Change-Id: Ice4d565664f95a456f985ed138f302fe7ac4dbff CR-Id: ALPS03841705 Feature: Android Exception Engine(AEE)	2020-01-18 09:50:43 +08:00
Dian Wang	39aae26920	Merge "[ALPS03909621] Move meta_tst" into alps-trunk-p0.basic Change-Id: I8bf77adeabb1e8c9cb670d08f2e9c7547e3545c7 MTK-Commit-Id: 2d248dc848d56e791912f2ca6c3d17650b1e558f	2020-01-18 09:50:42 +08:00
Dian Wang	b84e8c94d9	[ALPS03909621] Move meta_tst [Detail] Move meta_tst from system to vendor [Solution] modify sepolicy/basic MTK-Commit-Id: 4bac131e38e71904dfc6f69a0b1ec15f46a08881 Change-Id: I571edd67cf3f59c293aa2aa674292380b86fcf38 CR-Id: ALPS03909621 Feature: SP META Tool	2020-01-18 09:50:34 +08:00
Bo Ye (叶波)	0bd12824eb	Merge "[ALPS03825066] Remove unused sepolicy" into alps-trunk-p0.basic Change-Id: Ie14a2d381dd27dc74f2182a0cef352d8dbfb4988 MTK-Commit-Id: b2e957a3d1a8993787927440ba2007397dcc7ac4	2020-01-18 09:50:20 +08:00
mtk12101	b086e609ac	[ALPS03825066] Remove unused sepolicy [Detail] Because "ro.vendor.net.upload.benchmark.default" is unlabeled property, so all use it will have name of vendor_default_prop [Solution] Need owner to relabel the property of "ro.vendor.net.upload.benchmark.default" MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248 Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:50:11 +08:00
Iris Chang	4ab7553919	Merge "[ALPS03800946] Remove data_between_core_and_vendor_violators" into alps-trunk-p0.basic Change-Id: I82c81a0dd1482265175253fd6bf2825d941c74cf MTK-Commit-Id: 46e7678936d83a74b8b07ad14815905718119c25	2020-01-18 09:49:41 +08:00
SW Integrator	700750af5e	[ALPS03800946] Remove data_between_core_and_vendor_violators [Detail] data_between_core_and_vendor_violators is used temporarily. We should follow Android P SELinux rule to write sepolicy. [Solution] Remove data_between_core_and_vendor_violators from files which already fix SELinux build errors MTK-Commit-Id: 6a75842a96d8997bca10caf6ca4d5b4e7e8f68a4 Change-Id: I5e840fdf6b61d44860429a7e5c7e24c9a48a9c75 CR-Id: ALPS03800946 Feature: Treble	2020-01-18 09:49:26 +08:00
Larry Liang	dc82c27ed1	Merge "[ALPS03841705] AEE porting on Android P about selinux" into alps-trunk-p0.basic Change-Id: I7b925410c8272b6cfa1311648f27ed858dec58a5 MTK-Commit-Id: 8250a3df471855f88e94a03603ca7aabe3839496	2020-01-18 09:49:06 +08:00
mtk11285	a76cdd9cee	[ALPS03841705] AEE porting on Android P about selinux [Detail] 1. add some rules 2. transfer aee_core_forwarder domain form kerenl to aee_core_forwarder MTK-Commit-Id: 7ad2c5df75565153ccec471f0eb2224c912515cd Change-Id: I9b576e3937d04b5848baeb156718d0469fa05a75 CR-Id: ALPS03841705 Feature: Android Exception Engine(AEE)	2020-01-18 09:48:59 +08:00
mtk12101	9cbf8fb766	[ALPS03825066] Fix boot fail [Detail] System processes have no permission to access vendor_default_prop [Solution] Add get vendor_default_prop rule for system processes MTK-Commit-Id: ad4fb4d8ae4fb38767c16b82ce9d8351f5f59702 Change-Id: I31cf13db6b50a3cff193aa0a34bc1130e5b18942 CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:48:37 +08:00
Chang-An Chen	ef0ff9c117	Merge "[ALPS03869354] refine vibrator sysfs label" into alps-trunk-p0.basic Change-Id: Icc4b82d34b13cbb295ed766531cc6fdca4bd9a5e MTK-Commit-Id: e51dd72260ca4f70bf3eb17b31ff7f5c3290a44c	2020-01-18 09:48:07 +08:00
Chang-An Chen	5e3fcfb472	[ALPS03869354] refine vibrator sysfs label [Detail] Refine vibrator sysfs label, using aosp defined device Moreover, move it to basic folder due to its basic used MTK-Commit-Id: 41053b65c8c26973005988d1ad14208fff98fde6 Change-Id: I9ed6ece496ea1ffff9f777fb1f90c76638ad979f CR-Id: ALPS03869354 Feature: [Android Default] Backlight	2020-01-18 09:48:04 +08:00
mtk12101	78d7f51370	[ALPS03825066] Fix boot fail [Detail] System processes have no permission to access vendor_default_prop [Solution] Add get vendor_default_prop rule for system processes MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515 Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:47:42 +08:00
Long Yang	c1564d4dd2	Merge "[ALPS03853366] Fix kisd sepolicy issue for android p[1/3]" into alps-trunk-p0.basic Change-Id: Id7b550f47c0afcf7a1b7625275f9b898ffeac428 MTK-Commit-Id: 8077b66089b85bef61e63e73d4d827112a17c415	2020-01-18 09:46:03 +08:00
mtk14717	dd229ac506	[ALPS03853366] Fix kisd sepolicy issue for android p[1/3] [Detail] Move kisd from system to vendor and add keymanage hidl [Solution] Modify related sepolicy in device/mediatek/sepolicy/basic MTK-Commit-Id: c1826ac0bdcc18a4e6d3298e73514801a35a09ad Change-Id: Iee4b65ba5addc5a21de53e76d3bb092e2f37ab01 CR-Id: ALPS03853366 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:45:51 +08:00
Peng Qi	bf77ac2d12	[ALPS03866092] BT HCI snoop log (2/2) [Detail] 1. Add selinux right for MTKLogger to able to connect Bluetooth via socket 2. Add selinux right for Bluetooth to set debug property for MTKLogger state check MTK-Commit-Id: db60d64b8ed91dfee48588fb5a32f2bedc2ba604 Change-Id: I31c5abb153c2bcd44a2dafca0f1f669e7310c3fe CR-Id: ALPS03866092 Feature: BT AOSP	2020-01-18 09:45:40 +08:00
Larry Liang	2e97184a4b	Merge "[ALPS03841705] modify aee_core_forwarder selinux rule" into alps-trunk-p0.basic Change-Id: I4bad1d381c0ec3b1e76f1bc7a5ae7ae68ad8add9 MTK-Commit-Id: b01515bb610c7a0c60117c97d4f98b5c9f882071	2020-01-18 09:40:46 +08:00
mtk11285	07c11d89ba	[ALPS03841705] modify aee_core_forwarder selinux rule [Detail] transfer aee_core_forwarder form /vendor/bin to /system/bin, so modify aee_core_forwarder selinux rule. [Solution] MTK-Commit-Id: 5a583b375a0d33032e8004e1818f05c75363e4f5 Change-Id: I9ff1d0b5d521ce2f09780146f6b75c5378d03d4d CR-Id: ALPS03841705 Feature: Android Exception Engine(AEE)	2020-01-18 09:40:34 +08:00
Denis Hsu	977ad3f552	[ALPS03891225] Modify vold related policy [Detail] 1. remove md_ctrl.te because we dont use md_ctrl in P. 2. remove debugfs_tracing policy 3. remove nvdata, protect_f, protect_s policy MTK-Commit-Id: d4e5c9893970f0b214b518cba5f9300f130eace9 Change-Id: Iaafc30124fd69ef2b989b9e4e51d71a37d9571e9 CR-Id: ALPS03891225 Feature: Multi-Storage	2020-01-18 09:40:17 +08:00
Timo Liao	197ea4ad2a	[ALPS03890927] battery: fix sepolicy violation [Detail] 1. fix data between core and vendor violator 2. remove fuelgauged_static.te 3. remove fg daemon access nvram sepolicy 4. add label for battery MTK-Commit-Id: 1443b78b112739594e0633526c6966e4871bd125 Change-Id: I931a18bfb8ac963e71311ceace8a28b4a495e881 Signed-off-by: Timo Liao <timo.liao@mediatek.com> CR-Id: ALPS03890927 Feature: Fuel Gauge	2020-01-18 09:39:17 +08:00
mtk12101	c7ac9f171a	[ALPS03825066] Resolve build error [Detail] 1.Google add new neverallow rule for untrusted apps 2.The file/dir in /proc must associate with proc_type [Solution] 1.Remove rules which violate google neverallow rules about untrusted apps 2.Add proc_type attribute for file/dir on /proc MTK-Commit-Id: b94412725e3a7b18db9573056c2fb43367989ed5 Change-Id: I89de16a65f05d052969c794604b9c372ed1ce7e1 CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:38:47 +08:00
mtk33297	1cbaa678fe	[ALPS02333452] Android p selinux change [Detail] Android has defined neverallow rules to restrict direct access to system files. We need to have a custom label for each policy. [Solution] Define custom label for drmserver MTK-Commit-Id: c84c43b87a6ac2651a0562b8818bc66516e4a50b Change-Id: Ide4fc49628508aee77e67f3213749210430153a3 CR-Id: ALPS02333452 Feature: OMA DRM V1.0	2020-01-18 09:38:07 +08:00
Yuxian Xu	af8b6473d2	[ALPS03886572] Mobile Log selinux rule porting [Detail] Mobile Log selinux rule porting: 1. fix the violation on P 2. relable some kernel interfaces. MTK-Commit-Id: 4108ed13f3e7693c3642b6f073c5444f133b3c38 Change-Id: I1fac185779510f10b9b94bdf6ec40573237d846a CR-Id: ALPS03886572 Feature: Mobile Log Tool	2020-01-18 09:37:45 +08:00
Larry Liang	a94ac3e353	Merge "[ALPS03841705] AEE porting on Android P" into alps-trunk-p0.basic Change-Id: Ie88c8fb29e6e51f122cb41103b6807dc9486b8a5 MTK-Commit-Id: 17ddd9047c584201262777a2b7209980d600ab49	2020-01-18 09:35:50 +08:00
mtk11285	457f1855f1	[ALPS03841705] AEE porting on Android P [Detail] 1. modify property according to P rule 2. add some selinux rules 3. relable /proc/slabinfo /proc/zraminfo MTK-Commit-Id: aa654138c8b48d223b614c81d2f39d7cd6eedd1f Change-Id: Ib47383553b0d320d3766780f35c397be60dc1339 CR-Id: ALPS03841705 Feature: Android Exception Engine(AEE)	2020-01-18 09:35:48 +08:00
bo.shang	933f54b148	[ALPS03879689] mdlogger SELinux error [Solution] Fix boot mode selinux error MTK-Commit-Id: 561f4064456c585ee83e66fc863065d77f256ff8 Change-Id: Id272b61b7e2fc462726770ccde9bd31c1725ce9e CR-Id: ALPS03879689 Feature: C2K Modem Log Tool	2020-01-18 09:34:33 +08:00
yuhui.zhang	5aa62a3b04	[ALPS03860173] Modify em_svr SEPolicy [Detail] Modify em_svr SEPolicy to support Android P MTK-Commit-Id: bb10076f302a7f07d7fabb0b281a01ff3694efb6 Change-Id: Ic56cf6be0f82d0c146cdeebbc85ed00958577aff CR-Id: ALPS03860173 Feature: Engineering Mode	2020-01-18 09:30:40 +08:00
Bo Ye	3ace839be3	[ALPS03825066] Mark file context to fix build fails Restore the policies accessing files labeled as proc_xxx or sysfs_xxx, but there are some exceptions for coredomain process, such as meta_tst,dump_state,kpoc_charger MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d Change-Id: I4b16c09c352891783e837bea370c264966ca6d13 CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:29:41 +08:00
Bo Ye	4dc7f49e69	[ALPS03825066] Mark file context to fix build fails Should add vendor_file_type for vendor files, and add core_data_file_type for system files. Vendor files and system files are differented by file path. MTK-Commit-Id: 602eb35b36c658789e093e2730b16b9b5c892c0f Change-Id: Ibacc08427f332741f12757c66ecbb8ce91b76416 CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:29:36 +08:00
Bo Ye	5849c224e3	[ALPS03825066] P migration selinux build failed fix 1. Mark polices which accessing proc/sysfs file system 2. Add violator attribute to modules violate vendor/system rule. MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8 Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8 CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:29:36 +08:00
mtk12101	bbecfaa68b	[ALPS03825066] Resolve vendor violates [Detail] Google add new neverallows rules on android P, some rule violate the rules [Solution] Remove the rules which violate google new rules MTK-Commit-Id: ff683b4eee0a6dd95ff25fbb6c7d1fc3a79c604d Change-Id: Iead494212c6adcec234eaef14c83d1f8c7a49deb CR-Id: ALPS03825066 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK	2020-01-18 09:29:34 +08:00
Chunyan Zhang	37e0caa36e	import from mediatek/master to mediatek/alps-mp-o1.mp1 Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79 MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee	2020-01-18 09:29:32 +08:00

1 2

93 Commits