[Detail]add a mtk_mdp_device lable and a allow rule for VP
[Solution]add a mtk_mdp_device lable and a allow rule for VP
MTK-Commit-Id: d015c8eba69f036e0f4770e045b1c99bd4d6c8c5
Change-Id: I9b72360ae4a31d849d8e6ada94d4ee8c49f36b1b
CR-Id: ALPS03598446
Feature: [Module]MDP Driver
(cherry picked from commit e10343315224b4b166767bc7e19fa0b14cc06892)
[Detail]
1. remove md_ctrl.te because we dont use md_ctrl in P.
2. remove debugfs_tracing policy
3. remove nvdata, protect_f, protect_s policy
MTK-Commit-Id: d4e5c9893970f0b214b518cba5f9300f130eace9
Change-Id: Iaafc30124fd69ef2b989b9e4e51d71a37d9571e9
CR-Id: ALPS03891225
Feature: Multi-Storage
[Detail]
Android has defined neverallow rules
to restrict direct access to system files.
We need to have a custom label for each policy.
[Solution]
Define custom label for drmserver
MTK-Commit-Id: 996de9ff486db13908f6d58b476613957d4f336d
Change-Id: I34c8d86c1baf9daa02e29323007e4136c6048b31
CR-Id: ALPS02333452
Feature: OMA DRM V1.0
[Detail]
Mobile Log selinux rule porting:
1. fix the violation on P
2. relable some kernel interfaces.
MTK-Commit-Id: 4108ed13f3e7693c3642b6f073c5444f133b3c38
Change-Id: I1fac185779510f10b9b94bdf6ec40573237d846a
CR-Id: ALPS03886572
Feature: Mobile Log Tool
Restore the policies accessing files labeled
as proc_xxx or sysfs_xxx, but there are some
exceptions for coredomain process, such as
meta_tst,dump_state,kpoc_charger
MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d
Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail] Google add new neverallows rules on android P,
some rule violate the rules
[Solution] Remove the rules which violate google new rules
MTK-Commit-Id: ff683b4eee0a6dd95ff25fbb6c7d1fc3a79c604d
Change-Id: Iead494212c6adcec234eaef14c83d1f8c7a49deb
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
