NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,026 Commits 2 Branches 0 Tags
Commit Graph

35 Commits

Author SHA1 Message Date
Shanshan Guo
62cf1a413a [ALPS04639771] SEPolicy: Modify workaround 
[Detail]
There is a workaround for bring-up,
now it needs to be modified.

[Solution]
1.Split workaround to sepcial *.te
2.Modify ged sepolicy
3.Modify mistake
4.Add sepolicy

MTK-Commit-Id: 5a2b7e3fdc826a7ca6bc70a3810f14c1661e7d79

Change-Id: I0894de45e014a5eae754e35b57fbc9b21bc4bf90
CR-Id: ALPS04639771
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:15:29 +08:00
Yongjun Luo
dfc26f2e82 Merge "[ALPS04525727] SEPolicy:add perm for system_server" into alps-trunk-q0.basic 
Change-Id: I962cc508a89f9263f41f4578a4fb7e3be45fd794
MTK-Commit-Id: 2d624def2223c4cbb8ad095636b55eb509f1bb92
 2020-01-18 10:13:36 +08:00
mtk07742
a07397dc56 [ALPS04525727] SEPolicy:add perm for system_server 
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permission to access proc_ged by ioctlcmd
in MTBF.

MTK-Commit-Id: d79045e8bfe072a3125efa56cf5012cfb84e416b

Change-Id: Ic82c4ff92333077d9260f931c67453b9e53d305e
CR-Id: ALPS04525727
Feature: [Module]SystemServer
 2020-01-18 10:13:34 +08:00
Ian-Y Chen
9fcf99ba09 [ALPS04328846] power: refine sepolicy 
[Detail]
1. Add prefix PERFMGR for performance related ioctl
2. Add property permission for PowerHAL

MTK-Commit-Id: 91ef99a47ee2de3c48426298c9a67d5e4dd10a6b

Change-Id: I5979aefc7fb110ee540425bc53896babdcac08bd
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:13:32 +08:00
mtk07742
734b5286a2 [ALPS04462320] SEPolicy:add perm for system_server 
For Android Q, there is a more stringent restriction for ioctl,

system_server need some permission to access proc_ged by ioctlcmd

in MTBF.

MTK-Commit-Id: b3250e2378854b801fd8602b5369b48d91268993

Change-Id: I46d46e62dfb7fcc8a5675cc7584fd8f8e069238f
CR-Id: ALPS04462320
Feature: [Module]SystemServer
 2020-01-18 10:12:48 +08:00
mtk07742
b110192c83 [ALPS04462320] SEPolicy:add perm for system_server 
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permission to access proc_ged by ioctlcmd
in MTBF.

MTK-Commit-Id: 6fe037cc18f278a95a919bb3188ae50fb880a36e

Change-Id: I4f4a3b13f3ee49920ebb588ed5e7094ae0065494
CR-Id: ALPS04462320
Feature: [Module]SystemServer
 2020-01-18 10:12:48 +08:00
Ben Lai
014e70be61 [ALPS04423688] wlan: Remove unused codes 
Remove unused codes for hotspot.

MTK-Commit-Id: 8fb09c8c6cb3d9362ae657285dd81f8648e2b271

Change-Id: Idcf2f7359dfb324028a752d8fe3824e0caa93862
CR-Id: ALPS04423688
Feature: Wi-Fi Tethering
Signed-off-by: Ben Lai <ben.lai@mediatek.com>
 2020-01-18 10:12:45 +08:00
mtk07742
bc8a258620 [ALPS04424750] SEPolicy:add perm for system_server 
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permissoin to access proc_ged by ioctlcmd
in MTBF.

MTK-Commit-Id: f4a14dea0b118232234da13c860c66e1b31b3c5d

Change-Id: Idd1b3376f8980273f5e91985d91729c1ab50dd59
CR-Id: ALPS04424750
Feature: [Module]SystemServer
 2020-01-18 10:11:50 +08:00
andrew.yang
b8f0e2db69 [ALPS04385961] RTC: add permission for power-off alarm 
Allow alarm manager to access /dev/alarm for power-off
alarm function.

MTK-Commit-Id: 01de6e5669b8e97c12818256915885dc32c45b9f

Change-Id: I5e3759e9d11357c3f302aa2557dc71de80476262
CR-Id: ALPS04385961
Feature: Power-Off Alarm
 2020-01-18 10:10:03 +08:00
Ian-Y Chen
ee2308acc8 [ALPS04328846] power: add ioctl permission 
[Detail]
Add PowerHal and FPSGO permission for system server
1. Add mtk_hal_power_hwservice:hwservice_manager find
2. Add FPSGO ioctl permission

MTK-Commit-Id: c006057773df6fe4d9e55d54162215c65efc8f00

Change-Id: I3d9e81d408248c79201984e5f269de7eb2f3813e
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:09:14 +08:00
Juju Sung
12bc2025e2 [ALPS04239425] Sepolicy: fix undefined type declration 
[Detail]
Unknown type:untrusted_v2_app,alarm_device,qtaguid_proc,mtd_device
Duplicated type:proc_slabinfo

MTK-Commit-Id: 11ccfcffb994452eb58a697e94a8da748ac73933

Change-Id: I2e847041d14d6b6613044cfaa98f242b7fd9381a
CR-Id: ALPS04239425
Feature: Build System
 2020-01-18 10:08:05 +08:00
mtk11285
ba131d38e4 [ALPS04036690] cant catch 3 party JE/ANR 
[Detail] cant catch 3 party JE/ANR

MTK-Commit-Id: 4b396afa0693797d0e85b06ab3b3c29e6b770830

Change-Id: If5eb62a767ffd4bd18ac5d97013ead24469deb95
CR-Id: ALPS04036690
Feature: Android Exception Engine(AEE)
 2020-01-18 10:06:41 +08:00
Lili Lin
9e64f5e935 [ALPS03878175] Remove system_writes_vendor_properties_violators 
system_writes_vendor_properties_violators is only workaround,
and will cause *TS test fail, so remove the workaround and
corresponding rules that cause build fail.

MTK-Commit-Id: f637c1416b591c821bc9c18fd3dbf3aa5f9038af

Change-Id: If09922120de0742ec47d7c0522168d4e78a4e74f
CR-Id: ALPS03878175
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:04:31 +08:00
mtk12101
722798a334 [ALPS03982747] Remove unused sepolicy rules 
Some rules is no need any more, need to remove it.

MTK-Commit-Id: 49685f1299d990a7195a2d54b955517d8f2cc699

Change-Id: I4a590ad781589cf94989ce72c88751ac10b82eae
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:02:25 +08:00
jerry-sc.wu
2bb5e6af4a [ALPS03867358] Thermal: P Migration 
[Detail]
Resolve build warning.
Fix "neverallow coredomain from writing vendor properties".

MTK-Commit-Id: 41ae21ce71a19a8a1abce51e33ab93b66e4fa793

Change-Id: I85f9091cbddd1503579b69b4e3b14e63a7eb2dcc
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 10:01:37 +08:00
lena wang
3988ce4bc2 [ALPS03856250] SIM: Revise property permission 
Change set_prop to get_prop to avoid breaking neverallow rule.

MTK-Commit-Id: 484857faf4481c9b0f815520e3cb1f558d72df3b

Change-Id: I7fc44f080bd887a2218d542feb10533151c4604a
CR-Id: ALPS03856250
Feature: SIM
 2020-01-18 10:00:51 +08:00
Dean Chiang
e13ddf727b [ALPS03945159] Add sepolicy for MTK wifi hidl 
Add sepolicy for MTK wifi hidl.

MTK-Commit-Id: d88eefe1d29e7b73ad58a032cec50b5d675e3edf

Change-Id: Ibdacf7752bb434ff678e1573c21484d98d367005
CR-Id: ALPS03945159
Feature: Wi-Fi Tethering
 2020-01-18 09:57:13 +08:00
Lili Lin
05f5d87b88 [ALPS03881723] Workaround to fix build break 
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break

cdb1624c27

[Solution] Declare system_writes_vendor_properties_violators as workaround

MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3

Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:56:13 +08:00
Chuanghua Zhao
4cf86a27c9 [ALPS03923695] Add read rule for bootprof. 
[Detail]
Add read rule for bootprof log in systemserver.

MTK-Commit-Id: f48bdd8c28acc10d9f1f4463b3f15cb342d7ce49

Change-Id: Iec34c82a36f6b66601ca44fbe978a38a6c483600
CR-Id: ALPS03923695
Feature: [Module]SystemServer
 2020-01-18 09:52:11 +08:00
mtk12101
b086e609ac [ALPS03825066] Remove unused sepolicy 
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop

[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"

MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248

Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:50:11 +08:00
Chuanghua Zhao
631c50a10a Merge "[ALPS03923695] Modify systemserver selinux rule" into alps-trunk-p0.basic 
Change-Id: If8bc499d4026331db3395821d8c3bc7eeccc0673
MTK-Commit-Id: b785c570c1b61892dd9c96c0ebf9c0eb461a21fd
 2020-01-18 09:48:51 +08:00
Chuanghua Zhao
34fd142b88 [ALPS03923695] Modify systemserver selinux rule 
[Detail]
1>.Android P remove proc selinux rule.
2>.Need add proc_bootprof for bootprof feature.

MTK-Commit-Id: db58a2ce3a8da459758983b8a1b439c3e5d59d87

Change-Id: Ibd30a2fa55cf2d5463ab320d4c7d9e64f02bb90f
CR-Id: ALPS03923695
Feature: [Module]SystemServer
 2020-01-18 09:48:47 +08:00
mtk12101
9cbf8fb766 [ALPS03825066] Fix boot fail 
[Detail] System processes have no permission to access
vendor_default_prop

[Solution] Add get vendor_default_prop rule for system
processes

MTK-Commit-Id: ad4fb4d8ae4fb38767c16b82ce9d8351f5f59702

Change-Id: I31cf13db6b50a3cff193aa0a34bc1130e5b18942
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:48:37 +08:00
ZH Chen
ce3a0f44e7 [ALPS03614388] Sepolicy: Add ttyS to sepolicy 
[Detail]
Add ttyS to sepolicy

MTK-Commit-Id: f51e0700ff76c53befa5c15f1bfa6d1726905fed

Change-Id: I88aaa49b470ff98fcbd0d3720c641b74ca42bdeb
CR-Id: ALPS03614388
Feature: Headset Cable/Button Detection and Reaction
(cherry picked from commit 7e314d2dbea64a05f626115e5beccce53bb2a07f)
 2020-01-18 09:46:05 +08:00
Browse Zhang
86704b8c18 [ALPS03503758] P migration selinux build failed fix 
Remove dontpanic_data_file access

MTK-Commit-Id: 9f55b7e012eab9b051ed659b812da5b95865db6a

Change-Id: Ie1160eadb77a5f94e7be557e85622aac7fcb2bc7
CR-Id: ALPS03503758
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:44:46 +08:00
Chaoran Zhang
b1c632cd74 [ALPS03872369] Fix GPS SELinux issue 
[Detail]
Fix GPS SELinux issue
[Solution]
Fix GPS SELinux issue

MTK-Commit-Id: 1fb50aea5455f9c9f45e9193a8c07c57f0f636f2

Change-Id: I312c3cd8051b2705d74db7797683ba072b22e167
CR-Id: ALPS03872369
Feature: Location Chipset Capability
 2020-01-18 09:44:18 +08:00
Roger Chang
f28d86070e Merge "[ALPS03859804] Remove wide_dhcpv6_data_file" into alps-trunk-p0.basic 
Change-Id: Idd38455f0310fc3bec21936e111214eb9d867ece
MTK-Commit-Id: 277df8d30a5eac6da3fa06a5c7d285ed56779122
 2020-01-18 09:43:54 +08:00
Jungo Lin
4fbf2c5f2c [ALPS03859804] Remove wide_dhcpv6_data_file 
Remove dhcpv6 selinux policy rules since it is unused.

MTK-Commit-Id: b9f566aa5b211b09ef163185b743b324fc06e2bb

Change-Id: Id9cdd914076655514bc7486bf80f0664f1002e82
CR-Id: ALPS03859804
Feature: [Module]IP Networking
 2020-01-18 09:43:46 +08:00
Jason Su
57afdb0683 [ALPS03866779] Remove acess agpsd file permission 
[Detail]
Remove acess agpsd file permission.

MTK-Commit-Id: 67838f3fc62978273c79451b52cd64c9699652d0

Change-Id: Ia322f984e6fbc5484f45714eca064cbe36187a98
CR-Id: ALPS03866779
Feature: Location AOSP
 2020-01-18 09:43:23 +08:00
Browse Zhang
9416039241 [ALPS03503758] P migration selinux build failed fix 
Remove data_between_core_and_vendor_violators.

MTK-Commit-Id: c23b6831f425df0b4bb60486dbd7c92b048d3159

Change-Id: I8e9f64a19852fa72076e813cb529c94dc50248ae
CR-Id: ALPS03503758
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:39:27 +08:00
Browse Zhang
db6998fe2a [ALPS03503758] Revert "[ALPS03503758]P migration selinux build failed fix" 
This reverts commit c2f372432b08f78b8e5b9f7cc08b1b436bfe7161.

MTK-Commit-Id: 95e449825c77815d477a926f0244165934aef748

Change-Id: Ic2c4ee2de46803679c01b0bc83bbef3f9d585b32
CR-Id: ALPS03503758
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:39:10 +08:00
Browse Zhang
340e51e71c [ALPS03503758] P migration selinux build failed fix 
For /proc/uid_procstat/set from UsageStatsService

MTK-Commit-Id: c2f372432b08f78b8e5b9f7cc08b1b436bfe7161

Change-Id: I45b7bbfbd2c0ab7e098983d40722e4274e8e783a
CR-Id: ALPS03503758
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:39:04 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00