NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,166 Commits 2 Branches 0 Tags
Commit Graph

16 Commits

Author SHA1 Message Date
Aayush Gupta
22380a4614 non_plat: Label /dev/tee* and grant required perms to domains 
/dev/tee* are accessed by domains that interact with TEE and thus
require access to them too.

Test: Boot and observe that denials are not visible in logs anymore

Signed-off-by: Aayush Gupta <aayushgupta219@gmail.com>
Change-Id: I7b0944a1063da8561d2928e4110674ce4845ecea
 2020-12-30 17:00:34 +05:30
Anthony Huang
4769fb0d97 [ALPS04925594] EMI: add permission to concurrency_scenario node 
Add permission to concurrency_scenario node for mediacodec

MTK-Commit-Id: df9f4afc7ecdf7a62b3bd7b79de24d2cde4ebd6a

Change-Id: I3b98ddd5d5b28c9f8f46df1a5089088edc5e4991
CR-Id: ALPS04925594
Feature: DRAM
 2020-01-18 10:22:18 +08:00
Marcus Huang
51fa64d7f5 [ALPS04760813] Remove high risk SEPolicy 
Remove it first; user has to add it back later with specified file.

MTK-Commit-Id: b01231f987504c3e0826537cb126f7a4c5cfe715

Change-Id: I03a2ffd9b109f8712fc2c7b37cf335ba0f1daadc
CR-Id: ALPS04760813
Feature: H.264 Encoder
 2020-01-18 10:21:51 +08:00
Chalos YL
8af759bcb1 [ALPS04821745] Add sepolicy for mediacodec 
Codec using /proc/m4u have not permission to perform cmd 0x671a
(MTK_M4U_CONFIG_PORT ARRAY)

MTK-Commit-Id: edb1f46ed2152cbc05d0e91873283363ea5c39ad

Change-Id: I8c2b91cf92ad2b13ba62d88affc31f21c193d2d5
CR-Id: ALPS04821745
Feature: H.264 Encoder
 2020-01-18 10:21:28 +08:00
sharon.feng
c4a244736f [ALPS04807382] Add sepolicy for mediacodec 
[Detail] Hybrid encoder would use /proc/m4u device that we have to enable its access permission.

MTK-Commit-Id: 95d62cfe0a8c3c5f1b5992717c93872edf435668

Change-Id: I65cc0b24892afaba20a8433e548b05f005078a19
CR-Id: ALPS04807382
Feature: H.264 Encoder
 2020-01-18 10:21:03 +08:00
Mike Hsieh
cff428b385 [ALPS04702268] Change sw_sync permission for 3rd party app access 
Change sw_sync permission for 3rd party app use.

MTK-Commit-Id: 756f028f822b28e5863c772c977f3fdfad1eb338

Change-Id: I5f1f4566e8d60b16fd300dc91ddba8cc6aa7e5c4
CR-Id: ALPS04702268
Feature: [Module]MDP Driver
(cherry picked from commit 8d036ea19e62d9f509f1c54d395d4a711b4a4bd7)
 2020-01-18 10:18:34 +08:00
sharon.feng
8a77128e9d [ALPS04428522] Add selinux policy for svp 
[Detail] For android Q, we need to add more policy for secure video playback

MTK-Commit-Id: 49b4ab8e0047f4a5002c82af075c77e8bc4e790f

Change-Id: Ib81885e40b14416b57e0776c56cb85591509501a
CR-Id: ALPS04428522
Feature: Trustonic TEE (Trusted Execution Environment)
 2020-01-18 10:16:31 +08:00
Mike Hsieh
dc6c9adc15 [ALPS04672388] Change selinux permission for MDP user 
Change selinux permission for MDP user on /dev/mdp_sync

MTK-Commit-Id: a9c03563cf5e96815399788228dc62d18d88026e

CR-Id: ALPS04672388
Change-Id: I3622da7b8ba4151f9cf79e9d4d9c8f73109ef684
Feature: [Module]MDP Driver
 2020-01-18 10:16:18 +08:00
stephen.wong
c9ac72bb74 [ALPS04667747] selinux config 
add selinx config for thermal property

MTK-Commit-Id: 3399f43cfdc0e8ede5cd28b79737c35525cb50ee

Change-Id: Ic0cbbf250baea60347602e284cb6961cd453d721
CR-Id: ALPS04667747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:15:58 +08:00
Shanshan Guo
62cf1a413a [ALPS04639771] SEPolicy: Modify workaround 
[Detail]
There is a workaround for bring-up,
now it needs to be modified.

[Solution]
1.Split workaround to sepcial *.te
2.Modify ged sepolicy
3.Modify mistake
4.Add sepolicy

MTK-Commit-Id: 5a2b7e3fdc826a7ca6bc70a3810f14c1661e7d79

Change-Id: I0894de45e014a5eae754e35b57fbc9b21bc4bf90
CR-Id: ALPS04639771
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:15:29 +08:00
Bo Ye
2cb0b653a1 [ALPS04366101] mediacodec process selinux permission 
Need map permission for kernel 4.14

MTK-Commit-Id: 6ea8645273cb9a1642839c1473a9eaf15bb6594b

Change-Id: I31cdb274551457d975d5df6ac401d1254dd05faf
CR-Id: ALPS04366101
Feature: H.264 Decoder
 2020-01-18 10:10:40 +08:00
Jason Hsu
802ee2afa1 [ALPS04377757] Fix mediacodec sepolicy issue 
[Detail]
Fix mediacodec sepolicy issue

[Solution]
Add following to mediacodec due to new check rules after Android Q.
GED_BRIDGE_IO_GE_GET
GED_BRIDGE_IO_GE_SET

MTK-Commit-Id: a037b13e90f3b02999539d17dfde4e1827523b9d

Change-Id: If8e986a630803a9c2eee0c9654b728f5178ee0e9
CR-Id: ALPS04377757
Feature: [Module]Video Driver
 2020-01-18 10:09:54 +08:00
mtk12101
722798a334 [ALPS03982747] Remove unused sepolicy rules 
Some rules is no need any more, need to remove it.

MTK-Commit-Id: 49685f1299d990a7195a2d54b955517d8f2cc699

Change-Id: I4a590ad781589cf94989ce72c88751ac10b82eae
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:02:25 +08:00
mkt15300
59d02b5260 [ALPS03852480] add sepolicy for mediacodec getattr proc_thermal 
[Detail]
Add sepolicy for mediacodec since SW decoder would control CPU freq and will need to getattr proc_thermal

MTK-Commit-Id: 5ce3aa68771bdb3af46a43b1c3455d365256c99c

Change-Id: I4ca98c4ae7b06e616e19f582190826beec490a04
CR-Id: ALPS03852480
Feature: VP9 Decoder
(cherry picked from commit f173ea13c62696f30465a4cb23061e1512c0ae1f)
 2020-01-18 09:45:32 +08:00
Lili Lin
59f0ec9f6e [ALPS03881723] Workaround build error 
[Detail] enable PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE = true, will cause build error

[Solution] Mark rules that violate AOSP neverallow rules

MTK-Commit-Id: c850c6f1fcb8de76235ea2be51becb7a2ccc6190

Change-Id: Ib9a80f4495d6db588133f929c9ea70e7215ad2aa
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:35:54 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00