NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,131 Commits 2 Branches 0 Tags
Commit Graph

15 Commits

Author SHA1 Message Date
Huaiming Li
cd6459c6ee [ALPS04758557] fix aee high risk rules 
1. fix some aee high risk rules

MTK-Commit-Id: 4031a4610757debf0aa0de48408c72517fd61bcb

Change-Id: I637d723cba54ba7119d15617bd2935a4b00dd6c5
CR-Id: ALPS04758557
Feature: Android Exception Engine(AEE)
 2020-01-18 10:21:37 +08:00
Juju Sung
12bc2025e2 [ALPS04239425] Sepolicy: fix undefined type declration 
[Detail]
Unknown type:untrusted_v2_app,alarm_device,qtaguid_proc,mtd_device
Duplicated type:proc_slabinfo

MTK-Commit-Id: 11ccfcffb994452eb58a697e94a8da748ac73933

Change-Id: I2e847041d14d6b6613044cfaa98f242b7fd9381a
CR-Id: ALPS04239425
Feature: Build System
 2020-01-18 10:08:05 +08:00
mtk11285
c54cc72936 [ALPS04036690] add selinxu rules 
[Detail]
1. relable /proc/chip/info and replace /proc/chip/hw_ver lable
2. add "allow aee_aed sysfs_leds:dir search" for red screen

MTK-Commit-Id: 9a2bac1e41aad51276011d48a65fc58fa16d2fc9

Change-Id: Ifdfb536a9fb763301960b4e771e50c0c49636e7e
CR-Id: ALPS04036690
Feature: Android Exception Engine(AEE)
 2020-01-18 10:06:25 +08:00
mtk11285
26163d7263 [ALPS04020173] create /data/aee_exp at runtime 
[Detail]
1. create /data/aee_exp at runtime.
2. debug utils dispaly error, because engineermode cant get
aee system property, allow engineermode to get aee vendor property.

MTK-Commit-Id: f269072cba0351e65d92452bbd1b7b304d295cf6

Change-Id: I4d51ca658f6a03d18e5dde7e5028b94a08d3e17d
CR-Id: ALPS04020173
Feature: Power Management
 2020-01-18 10:05:43 +08:00
mtk11285
eb025d3be3 [ALPS03948310] vendor/system property split 
[Detail]
1. vendor/system property split
2. add selinux rule about aee hidl service

MTK-Commit-Id: 4e654c789c95ca8851d8aaae2c643a08a00bb4e0

Change-Id: Ifc8eed74558a3ae83789798e99e21eafead2089b
CR-Id: ALPS03948310
Feature: Android Exception Engine(AEE)
(cherry picked from commit 8b81da18cfa29378d01ebf5be9b39e641a202c64)
 2020-01-18 10:03:12 +08:00
Lili Lin
05f5d87b88 [ALPS03881723] Workaround to fix build break 
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break

cdb1624c27

[Solution] Declare system_writes_vendor_properties_violators as workaround

MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3

Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:56:13 +08:00
mtk11285
628e0eccb8 [ALPS03841705] AEE porting on Android P about selinux 
[Detail]
1. add some rules
2. temp solution for getting ro.*.mediatek.version.branch/ ro.*.mediatek.version.release property

MTK-Commit-Id: 12c4d79a10293c4611233c985c29dca94f6e24ae

Change-Id: Ice4d565664f95a456f985ed138f302fe7ac4dbff
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:50:43 +08:00
mtk12101
b086e609ac [ALPS03825066] Remove unused sepolicy 
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop

[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"

MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248

Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:50:11 +08:00
mtk11285
a76cdd9cee [ALPS03841705] AEE porting on Android P about selinux 
[Detail]
1. add some rules
2. transfer aee_core_forwarder domain form kerenl to aee_core_forwarder

MTK-Commit-Id: 7ad2c5df75565153ccec471f0eb2224c912515cd

Change-Id: I9b576e3937d04b5848baeb156718d0469fa05a75
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:48:59 +08:00
mtk12101
78d7f51370 [ALPS03825066] Fix boot fail 
[Detail] System processes have no permission to access
vendor_default_prop

[Solution] Add get vendor_default_prop rule for system
processes

MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515

Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:47:42 +08:00
mtk11285
457f1855f1 [ALPS03841705] AEE porting on Android P 
[Detail]
1. modify property according to P rule
2. add some selinux rules
3. relable /proc/slabinfo /proc/zraminfo

MTK-Commit-Id: aa654138c8b48d223b614c81d2f39d7cd6eedd1f

Change-Id: Ib47383553b0d320d3766780f35c397be60dc1339
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:35:48 +08:00
mtk11285
3f1078bbd4 [ALPS03841705] fix the violation during Android P migration 
[Detail] fix the violation during Android P migration

MTK-Commit-Id: 7dae33f4c7435a7eeae86a738d88dc6c3e52e3c3

Change-Id: I1000b278dd411438bf43ca0bda22d83aab52616f
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:30:11 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00