[Detail] SurfaceFlinger need to add sepolicy to do ioctl with ged node
[Solution] Add SurfaceFlinger sepolicy
MTK-Commit-Id: 8f848c40c9443a959fe564875aa5046458219ae5
Change-Id: Id88cd8d31f66bbdcb7df6e48127e789d341772ac
CR-Id: ALPS04384473
Feature: [Module]SurfaceFlinger/HWComposer
[Detail] No need to relabel graphics_debug_prop since
no process need to setproperty in runtime
MTK-Commit-Id: d7f0964bc3a857471cd9891ec64dcb225c886d0f
Change-Id: I59baa11790e0dea1652097c6fe0127a25406d046
CR-Id: ALPS04384473
Feature: [Module]SurfaceFlinger/HWComposer
[Detail]
Because SF cant access get debug_bq_dump_prop,
we add the authority for SF to access it.
MTK-Commit-Id: ab026c0d236e280404e58d1b2f1fbeac188e3f2b
Change-Id: I6bd7bbf0b562f81ae219036adfb12847ea14ff6b
CR-Id: ALPS04099835
Feature: [Module]SurfaceFlinger/HWComposer
Some rules is no need any more, need to remove it.
MTK-Commit-Id: 49685f1299d990a7195a2d54b955517d8f2cc699
Change-Id: I4a590ad781589cf94989ce72c88751ac10b82eae
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
Relable vendor defined debug property for android P
and label the following property:
1. vendor.debug.sf
2. vendor.debug.hwc
3. vendor.debug.bq
MTK-Commit-Id: 597f4da4e53b1d45c556895e0d85bdb3c6cd80a1
Change-Id: Iaa311f9049a519bd891a45f2b2ca73a61861e353
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop
[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"
MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248
Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail] System processes have no permission to access
vendor_default_prop
[Solution] Add get vendor_default_prop rule for system
processes
MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515
Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[Detail]
Because p has new SELinux policy,
we need to fix the violation part.
[Solution]
Mark the violation part.
MTK-Commit-Id: 9935b37d96538a2696ac34e0ef8e0f4c480d3167
Change-Id: Ia0fac8c2b94d2acfc29dec20dd29dca85f9f9cf0
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
[Detail] Vendor partition shouldnt access aosp defined property
which is not in whitlist. So remove the related changes of labeled
aosp property.
This reverts commit 9d534a80d67e7457a1411b8b36249898ed4c6986.
This reverts commit 901fb42d2e3856a139b90420922f558d7231ea7d.
This reverts commit 41dc8fb567b409e149e59f4f514268ca5883c7ab.
[Solution] Remove label of ro.sf.lcd_density.
MTK-Commit-Id: 02cf063b8407a9d9242f064c86767200e9c0ac0a
Change-Id: I02dcc2fa3fda95c498f0ef70d9aa6bd9224d3b02
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
Restore the policies accessing files labeled
as proc_xxx or sysfs_xxx, but there are some
exceptions for coredomain process, such as
meta_tst,dump_state,kpoc_charger
MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d
Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
