[Detail] modify sepolicy
[Solution]
modify sepolicy for read and write system and proc/bootprof
MTK-Commit-Id: 2df7f3b055778e043c9cc2ad75a2c9a7abcb7ad6
Change-Id: I3c4f4dd2435a2b2dee72c54d60e9e1adf2ec671f
CR-Id: ALPS03888283
Feature: SP META Tool
[Detail]
Fix tpd auto test fail in factory mode due to sysfs nodes
are not allowed to read directly.
[Solution]
update touch setting sysfs policy and add to factory mode
MTK-Commit-Id: d8733ca0938653098f5ec1f5462c1723d8f67894
Change-Id: I3fb6a46cfbf02fe050174501a2606404a53bb2ad
CR-Id: ALPS03869354
Feature: [Android Default] CapTouch
[Detail]
Google add a new tag in Android P
system/sepolicy/vendor/hal_thermal_default.te
Need to add mtktz and /proc/stat grant permission for thermal HAL.
[Solution]
Add grant permission in both
devicemediateksepolicybasicnon_plathal_thermal_default.te
devicemediateksepolicybasicnon_platmerged_hal_service.te
MTK-Commit-Id: b4e6eb391c134c4c4580fd352a0aa8fec56b0a5a
Change-Id: Ifb0aa31bf47d105429be2dad60477747f1009a5d
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
CR-Id: ALPS03946757
Feature: Thermal Management
[Detail] Change persist.bootanimation to persist.vendor.bootanimation
in property_contexts file
[Solution] As we have renamed the system property name to
persist.vendor.bootanimation.xx , we need to make changes in
property_contexts file to ensure effect of this renaming and to
avoid vts fail.
MTK-Commit-Id: 42a2213dcbd87a6acb5823a5b64b89d7207579cf
Change-Id: Ie7ea4a9df3fc1607c648288c527e94660fbea50e
CR-Id: ALPS03870695
Feature: Boot Animation
1. We have too many config properties set by PRODUCT_PROPERTY_OVERRIDES,
and these properties usually are not sensitive and allow all processes to read.
2. Since Android P, properties should follow naming rule to add "vendor",
and then this will cause properties to be labeled as vendor_default_prop.
By default, coredomain is not granted to read vendor_default_prop.
Actually these properties are read widely from system/vendor processes.
3. So we introduce "mtk_default_prop" type that grant read access to
all processes, including system and vendor.
MTK-Commit-Id: 18077a2cb14b7b1ddadb7000e8abb565f0fd49e3
Change-Id: Ia378db3dbb9d0bf388139be3419e013228c79d6e
CR-Id: ALPS03934986
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
1. Backlight level test in factory mode fail due to no sepolicy
applied, and sysfs_leds is not allow to add to factory.te.
2. Vibrator test fail due to no corresponding selinux policy.
[Solution]
1. Using hidl for backlight in factory mode.
2. Add vibrator policy.
MTK-Commit-Id: 9470dca00da2fecfb373af94aae3502714d31ea3
Change-Id: I42cd45951054a267449e79f559b3761fce34d497
CR-Id: ALPS03869354
Feature: [Android Default] Backlight
[Detail]
Let lmkd visit systemServer, it will connect with duraspeed socket
MTK-Commit-Id: 51e15fadc8dbb29d3cd5578589666fed1b853162
Change-Id: Iaa127d47e737e82abe721a937d4373cc38978808
CR-Id: ALPS03949661
Feature: DuraSpeed
[Detail]
1.Property new change
neverallow coredomain from writing vendor properties
(allow audioserver_28_0 audiohal_prop (property_service (set)))
(allow audioserver_28_0 mtk_thermal_config_prop (property_service (set)))
audio_hal property which prefix is af. use to audiodump.
it will replace by the audio_prop which property prefix is vendor.af
before, mtk_thermal_config_prop use to set powerhal.
And we use it by HIDL now, so this permission can remove.
[Solution]
remove violate properties setting.
MTK-Commit-Id: 2942812bb4a57655898d407f84162fbdae9c3fc9
Change-Id: I1a01ddd8b83fa7eb0c499f67400660b738e9b986
CR-Id: ALPS03902666
Feature: [Module]Native AudioFlinger
[Solution]
Factory mode should build in vendor partiton, so move
factory from system partition to vendor partition
MTK-Commit-Id: c55354593a97aed3af9d0b2584037d03d3d2669c
Change-Id: I5a607b60f9ac974380c5e440a6fa0c51797d6b1b
CR-Id: ALPS03932298
Feature: Factory Mode
Change property name for new rule in P branch
MTK-Commit-Id: f6085b301d89b12bf36fd0d8fe2cea8144204bad
Change-Id: I0b9945db11eae1a1a59d201389ba001a18a3fc50
CR-Id: ALPS03934599
Feature: Connsys Log Tool
[Detail]
Rename CT VoLTE system property and allow other module to access
persist.vendor.mtk_ct_volte_support.
MTK-Commit-Id: bc5a52b6998d941aa12c7532f095d1a8c67d663f
Change-Id: I33881fd6684dc76e148ac4917e5c146f949e24f7
CR-Id: ALPS03929399
Feature: [China Telecom]VoLTE Customization
[Detail]
1. remove set vendor usb property
2. add set system usb property
MTK-Commit-Id: 993587b76581472ff751db17bb4f7210926c6342
Change-Id: Ib7da63617e3ac0c0f3fb271ef082db602d39ca37
CR-Id: ALPS03885057
Feature: Modem Log Tool
[Detail] As title
[Solution] As title
MTK-Commit-Id: 2e0d48205919bc075721a6470a4102a95cf841de
Change-Id: I88e7bdf77940d7d89379af3d73996d998235f093
CR-Id: ALPS03943803
Feature: [Android Default] Camera Application Basic Functions
