Missing newline causes compile-time error when sepolicy squashes all given
service-contexts into single file to pack into the build. This change
fixes that issue.
Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
These types are already defined in system/sepolicy and gives compile-time
errors. Remove them to resolve the issues.
Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
[Detail]
The mode of sepolicy files should be -rw-r--r--,
and the type should be ASCII text with Unix/Linux format.
[Solution]
1.Use chmod 0644 to change sepolicy files mode.
2.Use iconv -t ASCII and dos2unix to change sepolicy files
type and format.
MTK-Commit-Id: ee386fd7ca89105f70b96f6b58c5f0e372fe9a4b
Change-Id: Iac13b1ea8a4546168f68a7918acdcdb0588f6630
CR-Id: ALPS04968083
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
BASIC and BSP project should have same sepolicies in basic/.
[Solution]
1.Modify SEPolicies in non_plat/ by comparing with r_non_plat/ .
2.Remove r_non_plat/ .
Change-Id: I24d3df00255779bd73f4075c1c4062176d5b6047
CR-Id: ALPS05009976
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
Add permission to concurrency_scenario node for mediacodec
MTK-Commit-Id: df9f4afc7ecdf7a62b3bd7b79de24d2cde4ebd6a
Change-Id: I3b98ddd5d5b28c9f8f46df1a5089088edc5e4991
CR-Id: ALPS04925594
Feature: DRAM
[Detail]
set the same as trusty-ipc-dev0
MTK-Commit-Id: e5f995940b04d6bfde3760214f560d7458012700
Change-Id: I2cd96a5f196e3b1f7987e2b44ca708462e03ad06
CR-Id: ALPS04859387
Feature: GenieZone
Signed-off-by: Nixy Hsu <nixy.hsu@mediatek.com>
AEE_Warning Infinite-loop due to bootanim se_linux warning
System is in the terrible slow status, it is always reproduce
and cannot be recover when restarting system
MTK-Commit-Id: 4b2baa60941648e69063ecad0018e9c91c71253c
Change-Id: Ib80ee53ae09de42439a1851008a9884c006b707e
CR-Id: ALPS04888892
Feature: Boot Animation
[Detail]
Add selinux policy for gpuservice for gts issue
GtsGraphicsHostTestCases---com.google.android.graphics.gts.VulkanTest#checkVulkan1_1Requirements
This reverts commit b36a0ce9d20b7e39b4c932335842a861b00f676e.
Reason for revert: The GTS fail is not caused by sepolicy.
MTK-Commit-Id: 11cd557fb681b511edfbbf9bd363d75856a7dc2d
Change-Id: Iae1618bf7d91b324444affd3b11037a0340fc369
Feature: Vulkan
CR-Id: ALPS04870741
Because teei_client_device and mobicore_user_device belong to BSP project,
we need to move SELinux sepolicy from BASIC to BSP project as well.
MTK-Commit-Id: f33102728ebc2c0969605800d73558741c3f0732
Change-Id: Ib9f8a68bde615593d971220655edb3bb9e83e3af
CR-Id: ALPS04879324
Feature: Secure Facial Recognition - 2D Sensor
1. allow domain process can use fd
2. allow domain process can write data to file in /data/vendor/aee_exp/
MTK-Commit-Id: 7b021c62aa51a474e12c59a805f97b27b940e357
Change-Id: I286e248c8fd3fe05492753a91806c19ffce0079d
CR-Id: ALPS04864227
Feature: Android Exception Engine(AEE)
Remove it first; user has to add it back later with specified file.
MTK-Commit-Id: b01231f987504c3e0826537cb126f7a4c5cfe715
Change-Id: I03a2ffd9b109f8712fc2c7b37cf335ba0f1daadc
CR-Id: ALPS04760813
Feature: H.264 Encoder
[Detail]
Make EM BT functions have right to access NVRAM
MTK-Commit-Id: 48b88d77cbc4334a61b5ae0cabcfd296fc3a699d
Change-Id: Ib82b72c26068ea8cd09a170d252089885d9c7fb0
CR-Id: ALPS04859964
Feature: Engineering Mode
(cherry picked from commit 257e62c385534b7690039f7a8dc9436b8d4d63ef)
Add search rule for proc_chip and setsched rule for zygote in system_server.
MTK-Commit-Id: e6b2c39860f7cb83d54f1c01b9fe90969d8ede3b
Change-Id: If7fb47b1873a688b047a919eb726e18f4daadc19
CR-Id: ALPS04855246
Feature: [Module]SystemServer
[Detail]
It has risk for allow process to get permission of atag,chipid
by using u:object_rsysfs:s0
To avoid that, need to add specail SELabel for atag,chipid
[Solution]
Add specail SELabel for atag,chipid
MTK-Commit-Id: b727ba4e2b59c1dbe59f5e1d9f6b9c5d94c5ffad
Change-Id: Ibaf69f387015790c657783bb1234e584e56f67aa
CR-Id: ALPS04833608
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
It has risk for allow process to get permission of /proc/chip by
using u:object_r:proc:s0
To avoid that, need to Add specail SELabel for /proc/chip
[Solution]
Add specail SELabel for /proc/chip
MTK-Commit-Id: 84d8e9654281e4f7ee8a602e91084c320feff658
Change-Id: Ia6d4be26491fa11f81734cbb80b0b98b2b88f64a
CR-Id: ALPS04833608
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Solution]
When run VTS test, theres no WOS module due to its AOSP system image.
So we need to skip the edpg related function.
MTK-Commit-Id: 8f8e5faded18d6bcee1eb96dba37a2d708f3995f
Change-Id: I9cee39eea1dd75bccf6cc442f16ed3fe4e72ae95
CR-Id: ALPS04817575
Feature: WiFi Calling Service
[Detail]
There is SE Linux warning when system server
uses perf lock api
[Solution]
Add sysfs_boot_mode permission
MTK-Commit-Id: ab3e875f72f0ec5a55cb7682d6ac4a21f6dfe6dc
Change-Id: Ifd9c2acb54022de9297f7c7b62516a58fdf1c25b
CR-Id: ALPS04838812
Feature: [Module]PowerHAL
coredump tool needs to expose system and vendor image
fingerprint to know the relative version info.
MTK-Commit-Id: e8794c35f056dfeb20c0dff8b8aa506bd938fbd6
Change-Id: I009e10ccc8838b032d2192055fe1defcf81cebee
CR-Id: ALPS04823486
Feature: Android Exception Engine(AEE)
Add rules for proc_wlan_status and sysfs_pages_shared and
sysfs_pages_sharing and sysfs_pages_unshared and sysfs_pages_volatile.
MTK-Commit-Id: 7c7249f4597a69f068100da07e2773962c0bdba7
Change-Id: I6a3d7823295fd19b934ac0a28bef1f14ca8de2fa
CR-Id: ALPS04821191
Feature: [Module]SystemServer
