NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
984 Commits 2 Branches 0 Tags
Commit Graph

20 Commits

Author SHA1 Message Date
Shanshan Guo
62cf1a413a [ALPS04639771] SEPolicy: Modify workaround 
[Detail]
There is a workaround for bring-up,
now it needs to be modified.

[Solution]
1.Split workaround to sepcial *.te
2.Modify ged sepolicy
3.Modify mistake
4.Add sepolicy

MTK-Commit-Id: 5a2b7e3fdc826a7ca6bc70a3810f14c1661e7d79

Change-Id: I0894de45e014a5eae754e35b57fbc9b21bc4bf90
CR-Id: ALPS04639771
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:15:29 +08:00
Cheng Li
be2c30ed8e [ALPS04566986] Fix cameraserver permission 
[Detail]
allow permission of ioctl for cameraserver

[Solution]

MTK-Commit-Id: 01b85f4aed18628c9053fde9f4a2fd96509d49ec

Change-Id: Icddcd0e5eb51583d65aca6763d4b2f31683ffd7f
CR-Id: ALPS04566986
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:14:19 +08:00
Ian-Y Chen
9fcf99ba09 [ALPS04328846] power: refine sepolicy 
[Detail]
1. Add prefix PERFMGR for performance related ioctl
2. Add property permission for PowerHAL

MTK-Commit-Id: 91ef99a47ee2de3c48426298c9a67d5e4dd10a6b

Change-Id: I5979aefc7fb110ee540425bc53896babdcac08bd
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:13:32 +08:00
Cheng Li
414a5bfec1 [ALPS04468274] add cameraservice ioctrol permission 
[Detail]
add cameraserver permission

[Solution]

MTK-Commit-Id: 23fe7f9ba48f0ff2d27acf666670c1d4dba69a6e

Change-Id: Ie4b9aa9cd836a3c96a353a8148e5ada5d21166f8
CR-Id: ALPS04468274
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:13:00 +08:00
Boru Zhao
9f06829adb [ALPS04394576] MT6739:cameraserver sepolicy issue 
[Detail]
Sepolicy ioctl configure is changed after Q, we modify
cameraserver ioctl configure.

MTK-Commit-Id: 26f6cde989b082ee36067c3e01bdfd1855db046b

Change-Id: I59489c6ee27a9bb7913d0b49cdaa4e281024cb42
CR-Id: ALPS04394576
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:10:22 +08:00
Marx Chiu (邱弘志)
9ab7604179 Merge "[ALPS04401451] Fix ioctl permission issue for cameraserver" into alps-trunk-q0.basic 
Change-Id: Idbceb6f115c78b548cdf10b74b0ca8070682d2cf
MTK-Commit-Id: 8f58167ddaa5256094a029c9d49c28b843769e58
 2020-01-18 10:10:21 +08:00
Michael Lai
682f71fd6d [ALPS04401451] Fix ioctl permission issue for cameraserver 
[Detail] Fix the ioctl permission issue for cameraserver

MTK-Commit-Id: 4c7eba0c71d5bb65f244095ca93596b28ba60ad8

Change-Id: Idca3ad9f37e6aa38375ed008647e81f525a77618
CR-Id: ALPS04401451
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:10:20 +08:00
Boru Zhao
25996d6511 [ALPS04394576] mt6739:fix camera sepolicy issue 
[Detail]
Add gpu_device:map in non_plat/mtk_hal_camera.te and
non_plat/cameraserver

MTK-Commit-Id: a3544387d9eb532f03a1fd0603f96b9cef46f1cf

Change-Id: Ic3c0e82e87315c29bee5984ae74f579304710c9d
CR-Id: ALPS04394576
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:10:15 +08:00
Lili Lin
9e64f5e935 [ALPS03878175] Remove system_writes_vendor_properties_violators 
system_writes_vendor_properties_violators is only workaround,
and will cause *TS test fail, so remove the workaround and
corresponding rules that cause build fail.

MTK-Commit-Id: f637c1416b591c821bc9c18fd3dbf3aa5f9038af

Change-Id: If09922120de0742ec47d7c0522168d4e78a4e74f
CR-Id: ALPS03878175
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:04:31 +08:00
Michael Tsai
51d7df5f8e [ALPS03941128] Comment unused rules 
Comment for Android P

MTK-Commit-Id: 1368fff2508a51f016a815057477c056ce7627d6

Change-Id: I0be97764a2116c8a47b6ac243e318ebc86a0b47b
CR-Id: ALPS03941128
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:03:20 +08:00
mtk12101
722798a334 [ALPS03982747] Remove unused sepolicy rules 
Some rules is no need any more, need to remove it.

MTK-Commit-Id: 49685f1299d990a7195a2d54b955517d8f2cc699

Change-Id: I4a590ad781589cf94989ce72c88751ac10b82eae
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:02:25 +08:00
mtk12101
6c68a34641 [ALPS03982747] Remove unnecessary violators 
Remove violators of system_executes_vendor_violators
in all .te files for Google rule.

MTK-Commit-Id: 2ea1f525e8cd6ef3cda981b2a47eabc4582fe767

Change-Id: I3940095186b1a530e7ed442cc34658c2317b9a89
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:01:50 +08:00
jerry-sc.wu
2bb5e6af4a [ALPS03867358] Thermal: P Migration 
[Detail]
Resolve build warning.
Fix "neverallow coredomain from writing vendor properties".

MTK-Commit-Id: 41ae21ce71a19a8a1abce51e33ab93b66e4fa793

Change-Id: I85f9091cbddd1503579b69b4e3b14e63a7eb2dcc
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 10:01:37 +08:00
jerry-sc.wu
dbcc1e21fa [ALPS03867358] Thermal: P Migration 
[Detail]
System cannot execute vendor in Android P.
Need Remove violated policies.

[Solution]
Remove related violated policys.

MTK-Commit-Id: 5b111d320a150b06e8900b374c1f55a29ca38e5d

Change-Id: Ia36502819979925df3846d8c13c7a8bba89ed077
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 09:59:39 +08:00
Lili Lin
05f5d87b88 [ALPS03881723] Workaround to fix build break 
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break

cdb1624c27

[Solution] Declare system_writes_vendor_properties_violators as workaround

MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3

Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:56:13 +08:00
mtk12101
b086e609ac [ALPS03825066] Remove unused sepolicy 
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop

[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"

MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248

Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:50:11 +08:00
mtk12101
78d7f51370 [ALPS03825066] Fix boot fail 
[Detail] System processes have no permission to access
vendor_default_prop

[Solution] Add get vendor_default_prop rule for system
processes

MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515

Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:47:42 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00