NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
993 Commits 2 Branches 0 Tags
Commit Graph

40 Commits

Author SHA1 Message Date
Huaiming Li
6272c879bf [ALPS04719663] fix some avc denied issue 
update some sepolicy rules

MTK-Commit-Id: c1294d5ae7714677077e8d38c6c1624955816cdb

Change-Id: Id30499203b004677bf95b221195ef33749ec6a36
CR-Id: ALPS04719663
Feature: Android Exception Engine(AEE)
 2020-01-18 10:18:55 +08:00
Peter Wang
37d307c876 [ALPS04745028] dumpstate: add selinux policy 
add sda/sdb label sysfs_mmcblk for dumpstate

MTK-Commit-Id: 64c01c68f386bedd6413d9bc83eea1aaefca60be

Change-Id: I095d4ff29d37ef1104819a7f030011ac8d72aa75
CR-Id: ALPS04745028
Feature: UFS Booting
 2020-01-18 10:18:51 +08:00
Shanshan Guo
1e3c2c02a8 [ALPS04696074] SEPolicy: Fix debugfs path 
[Detail]
In genfs_contexts, /sys/kernel/debug/xxxx
should be genfscon debugfs /xxxx

[Solution]
Modify genfscon rule.

MTK-Commit-Id: a6a9c119776e0c41b36077dac56fcd658f00d1b2

Change-Id: Ic23e10a58558923fbff30500e740ec7955611232
CR-Id: ALPS04696074
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:18:46 +08:00
Juan Rong
a533597f9f [ALPS04725620] [EM] usb/power selinux issue 
Add usb/power path to selinux

MTK-Commit-Id: ad55ebdcbc2f2abd48f74cc7d2ea5b26f2051fcc

Change-Id: I20287cef1ffc4961cf522fbda2ae47236059c564
CR-Id: ALPS04725620
Feature: Engineering Mode
 2020-01-18 10:18:25 +08:00
Shanshan Guo
580f64da2c [ALPS04696074] SEPolicy: move contexts to genfs_contexts 
[Detail]
DoRestoreCon will spent more time in Coldboot for sys,proc & debugfs
if their contexts in file_contexts.
Genfscon can reduces time consumption.

[Solution]
Move contexts of sys,proc & debugfs from file_contexts to
genfs_contexts.

MTK-Commit-Id: a5b022f46a3285fa5ab48d418762497d49739948

Change-Id: I4619946e9f7f8f0bcb7503b737bdfac4c014edd1
CR-Id: ALPS04696074
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:18:20 +08:00
Huan Tang
943a2db478 [ALPS04714861] dumpstate: add selinux policy 
1.relabel mmcblk1 to sysfs_devices_block in sysfs
2.allow dumpstate access sysfs_devices_block

MTK-Commit-Id: 359f985388d45abc8b47a95ef71fccf72259ee35

Change-Id: I1e83b8f6f6bdba20965b7f976f9589363d28c48d
CR-Id: ALPS04714861
Feature: Android Exception Engine(AEE)
 2020-01-18 10:18:08 +08:00
Peng Zhou
2994db624c Merge "[ALPS04697232] msdc: label mmc1 in sysfs" into alps-trunk-q0.basic 
Change-Id: Ib12bc9c84519575922c5432a2e1e0487c4a10048
MTK-Commit-Id: d856b1ab48d980b6060ab451985418645fffb9b0
 2020-01-18 10:17:23 +08:00
Huaiming Li
ae04d1f49c [ALPS04697232] msdc: label mmc1 in sysfs 
label mmc1 in sysfs

MTK-Commit-Id: f779eb09ee01d25d6f6691ec14ab4fe7bc9d5d7a

Change-Id: I721f146682b32437dd6065824c87bb0d1182729f
CR-Id: ALPS04697232
Feature: [Android Default] SDCard
 2020-01-18 10:17:22 +08:00
Ian-Y Chen
8ae5f3bd2c [ALPS04328846] power: mt6779 migration 
[Detail]
1. Add VPU, MDLA debugfs permission
2. Add EARA dsbugfs permission
3. Add netdagent HIDL permission

MTK-Commit-Id: b815b51044d2be0e70d2e987d792f273b4bd19a2

Change-Id: I104264b1ab146ac7e71e337184f3407ccc58a79b
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:17:11 +08:00
Freddy Hsin
2cbde35002 [ALPS04674968] siu update: add permission for mmcblk access 
add permission for mmcblk access to fix
kb3 basic project update issue

MTK-Commit-Id: d3aa3acd7f6f2cf0d4382ed36fb1e6c23218b97d

Change-Id: I2c52fc77e56ef8e09bbc528c75cbd18e249d11e2
Signed-off-by: Freddy Hsin <freddy.hsin@mediatek.com>
CR-Id: ALPS04674968
Feature: [Android Default] SIU (SD Image Update)
 2020-01-18 10:16:55 +08:00
Stanley Chu
328d60ea9c [ALPS04682157] aee: ufs: Add proc_ufs_debug 
Add proc_ufs_debug SEPolicy definition.

MTK-Commit-Id: cbcfb406d1dfdb0d25205da21a1e99cb166659e8

Change-Id: Iee4bfba2116a7f005f8b9b8d831d0e10523b61d1
CR-Id: ALPS04682157
Feature: Android Exception Engine(AEE)
 2020-01-18 10:16:37 +08:00
sharon.feng
8a77128e9d [ALPS04428522] Add selinux policy for svp 
[Detail] For android Q, we need to add more policy for secure video playback

MTK-Commit-Id: 49b4ab8e0047f4a5002c82af075c77e8bc4e790f

Change-Id: Ib81885e40b14416b57e0776c56cb85591509501a
CR-Id: ALPS04428522
Feature: Trustonic TEE (Trusted Execution Environment)
 2020-01-18 10:16:31 +08:00
jhua.zhang
0986f7cfba [ALPS04533784] Move sepolicy of cam cooler to bsp 
[Detail]
Move camera coolers sepolicy to bsp/plat_private.
This reverts commit 869396b2725b78c55382a9f34b016b5236505965.

MTK-Commit-Id: 31387ebc1f29a342b39a8bd809cdc3f2f56c85fd

Change-Id: I64c36cefdefe72846971ec323cae0c6e89c675a1
Signed-off-by: jhua.zhang <jhua.zhang@mediatek.com>
CR-Id: ALPS04533784
Feature: Thermal Management
 2020-01-18 10:13:55 +08:00
jhua.zhang
c95ef58ba5 [ALPS04533784] Thermal: add sepolicy for cam cooler 
[Detail]
Add sepolicy to allow camera app to access /proc/driver/cl_cam_status
for camera shutdown cooler.

MTK-Commit-Id: 869396b2725b78c55382a9f34b016b5236505965

Change-Id: Iadfcfb95923c15384c7a6508525b7167e1a6e16f
Signed-off-by: jhua.zhang <jhua.zhang@mediatek.com>
CR-Id: ALPS04533784
Feature: Thermal Management
 2020-01-18 10:13:40 +08:00
Wy Chuang
509a95b365 Merge "[ALPS04431500] battery: add selinux policy in em_svr" into alps-trunk-q0.basic 
Change-Id: I1dd23be2b709812426a1d85e673d4b751fe9af82
MTK-Commit-Id: 3c6fefaadbbd74b2374e6ceb52253e59e1d1164d
 2020-01-18 10:13:07 +08:00
Timo Liao
7bb01a1e2e [ALPS04431500] battery: add selinux policy in em_svr 
add new labels for em_svr mode

MTK-Commit-Id: a0e12cdf7848d47c065cc10eeb144a929dcccace

Change-Id: Ic198120736d63e4b8d1615092b39ba26269c0518
Signed-off-by: Timo Liao <timo.liao@mediatek.com>
CR-Id: ALPS04431500
Feature: Fuel Gauge
 2020-01-18 10:13:04 +08:00
jamy.tseng
142bfb6b36 [ALPS04421353] MtkCam: modify sepolicy for jpeg 
[Detail]
add ioctl for camerahalserver jpegnode
jpegnode need to control jpeg io

MTK-Commit-Id: c1adc06defb2aab6e9402f45c0f2b92bcfa83a5e

Change-Id: Ie8f65b38133fc46b3a46e3ed04b42d6f09ad13cc
CR-Id: ALPS04421353
Feature: Cshot (Continuous Shot)
 2020-01-18 10:11:44 +08:00
HungWen Hsieh
2278c51caa [ALPS04419954] sync code from android p 
[Detail]
sync code from android p

MTK-Commit-Id: d0b19b83da618bab91caff90dbe9525f3f6a22a3

Change-Id: Ib664dbb0b8a1b69012fc81a2ad1bde770ccf478b
CR-Id:ALPS04419954
Feature:[Android Default] Camera Application Basic Functions
 2020-01-18 10:11:22 +08:00
Juju Sung
5756adf040 [ALPS04239425] Fix build from sepolicy change 
The Google change ag/7017729 introduces its own /devices/virtual/net
in system/sepolicy/private/genfs_contents.  Thus, we need this
change to remove our own definition.

MTK-Commit-Id: 795196e337d6451991610a71be6b3dcb06a8850b

Test: Local build
Change-Id: I198fbeb3a4047797d9c01d37b1cd4614202fe66d
CR-Id: ALPS04239425
Feature: Engineering Mode
 2020-01-18 10:10:50 +08:00
Juan Rong
d1df7349d6 [ALPS04318555] PMU path change 
PMU path changed, need modify relatd selinux path

MTK-Commit-Id: 9894024d40e75e43fe67405d1cf5fcdd76185eea

Change-Id: I6a30d42d5aacc79947d84dde3d806b205f00c437
CR-Id: ALPS04318555
Feature: Engineering Mode
 2020-01-18 10:10:30 +08:00
yuhui.zhang
03dda6b5df [ALPS04316338] EM: battery temperature settings 
[Detail]
Add sepolicy rule to set battery temperature

MTK-Commit-Id: 9fcd042bd04632fa952af7ac51833695b8a50f7c

Change-Id: I82b8b6649849403a1b1cd8a2e5093a3664719bc2
CR-Id: ALPS04316338
Feature: Engineering Mode
 2020-01-18 10:09:55 +08:00
mtk11285
85b3620577 [ALPS04325589] AEE: remove unuse rules 
1. remove unuse rules
2. allow dumpstate to r/w /proc/msdc_debug
3. allow aee_core_forwarder to access hwservicemanager_prop
4. allow aee_core_forwarder to connect aee_aed socket

MTK-Commit-Id: a43676c734f74636df65e59cdcace017eca79706

Change-Id: I3c45ed83499c0079b38af34cf462dcd80fec501d
CR-Id: ALPS04325589
Feature: Android Exception Engine(AEE)
 2020-01-18 10:09:44 +08:00
Juju Sung
12bc2025e2 [ALPS04239425] Sepolicy: fix undefined type declration 
[Detail]
Unknown type:untrusted_v2_app,alarm_device,qtaguid_proc,mtd_device
Duplicated type:proc_slabinfo

MTK-Commit-Id: 11ccfcffb994452eb58a697e94a8da748ac73933

Change-Id: I2e847041d14d6b6613044cfaa98f242b7fd9381a
CR-Id: ALPS04239425
Feature: Build System
 2020-01-18 10:08:05 +08:00
Guoyi Qu
20d2ca6bd9 [ALPS04153997] get modem dump info 
change device node to get modem dump info

 add permission to read mddb

MTK-Commit-Id: 461f3252135aa29a2bf88c43ddf23eea7c235f10

Change-Id: Id8da2ece58aad29d1ed66ecbc34a6a9f96634b55
CR-Id: ALPS04153997
Feature: Modem Log Tool
 2020-01-18 10:07:53 +08:00
dengwei.xu
9e520e8fef [ALPS04185953] EM c2k bypass ui display issues 
The data button cannot show checked

MTK-Commit-Id: c244f89abe8640c4bc8b362fcd4f5cf96216190c

Change-Id: I31d70b7540f098643bccc5db6bc2396abf226f91
CR-Id: ALPS04185953
Feature: Engineering Mode
 2020-01-18 10:07:52 +08:00
mtk13799
70c56e670a [ALPS04087170] add selinux rule for netd 
[Detail]netd cannot set MTU, add selinux rule
for netd to set MTU

MTK-Commit-Id: b43024fafdf05a661b3e27bf84c46df56d5a312f

Change-Id: Iccb6b82dd32bf8f74d5c03d5b3fa120203a1971e
Signed-off-by: mtk13799 <xin.huang@mediatek.com>
CR-Id: ALPS04087170
Feature: [Android Default] USB Tethering
 2020-01-18 10:07:15 +08:00
Willy Yu
11bf606dc5 [ALPS04080300] Connsys log: catch log when host suspend 
add permission of setprop on user load

MTK-Commit-Id: 417b98edd6ff2731c9ebc676db6877dc2c3a7225

Change-Id: I5ed35f2494298cdfc7ea36e7434cc5cbd16260fc
CR-Id: ALPS04080300
Feature: [Module]WMT Driver
Signed-off-by: Willy Yu <willy.yu@mediatek.com>
 2020-01-18 10:07:02 +08:00
mtk12101
f20ee5e7ab [ALPS04017619] SELinux policy rule optimization 
Spending more bootup time after label kernel interface node
in file_contexts, there is another way to label kerner interface
node on genfs_contexts file. When move the label rule to
genfs_contexts file, the bootup time will speed more than 500ms.

MTK-Commit-Id: e237c9367e74f2953b843cc9224a98b4e7cfddbc

Change-Id: I1a1e369c3eaaf359c3bf7c051793a3ffba4c71fc
CR-Id: ALPS04017619
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:06:36 +08:00
mtk11285
c54cc72936 [ALPS04036690] add selinxu rules 
[Detail]
1. relable /proc/chip/info and replace /proc/chip/hw_ver lable
2. add "allow aee_aed sysfs_leds:dir search" for red screen

MTK-Commit-Id: 9a2bac1e41aad51276011d48a65fc58fa16d2fc9

Change-Id: Ifdfb536a9fb763301960b4e771e50c0c49636e7e
CR-Id: ALPS04036690
Feature: Android Exception Engine(AEE)
 2020-01-18 10:06:25 +08:00
Dennis YC Hsieh
28cf5af63a [ALPS04023420] cmdq: CMDQ_STATUS not gen in db 
Miss rule in aee_aedv.te and cause cmdq status blocking by rule.
Add rule and fix name typo.

MTK-Commit-Id: 589feaa73ff62b1893f30d5e4b1ce02d34c94edf

Change-Id: I046f73e29f404cb51908f8191599cb46a7c1399d
Signed-off-by: Dennis YC Hsieh <dennis-yc.hsieh@mediatek.com>
CR-Id: ALPS04023420
Feature: Android Exception Engine(AEE)
 2020-01-18 10:06:20 +08:00
andrew.yang
040b7b3d45 [ALPS04030866] RTC: add permission for timerfd interface 
Label MTK rtc device to sysfs_rtc for timerfd interface.

MTK-Commit-Id: 62b18b6f1e14daa1e4068d51fdf8e8b6fa9644a4

Change-Id: Ib44f8eaf9b601b4765e82231a87d8fbde451a335
CR-Id: ALPS04030866
Feature: Power-Off Alarm
(cherry picked from commit 25189a471be6555bdd85ce28127a9d8e54007eff)
 2020-01-18 10:05:55 +08:00
Juan Rong
d18a53f680 [ALPS03886705] EM:hardware-testing SELinux 
[Detail]
Fix EM hardware-testing SELinux issue
 1. power->PMU read
 2. power->debug_log
 3. audio->detect headset
 4. memory->flash
 5. touchscreen->settings
 6. AAL get/set prop

MTK-Commit-Id: 5a00b957045b7a83722c4f6d2f926b38d9625342

Change-Id: I781c756404015997d130a342d123f8cdb8f33810
CR-Id: ALPS03886705
Feature: Engineering Mode
 2020-01-18 10:01:41 +08:00
Stanley Chu
f98f18c9c8 [ALPS03866203] pidmap: Add SELinux policy for Android P 
[Detail]
Add SELinux policy for Android P:
Allow aee_aedv and dumpstate to read pidmap proc file.

MTK-Commit-Id: 16f120df6c33e20cdb0ce7f8c2040356ffecf02a

Change-Id: If1aa665003f70a2621687fcf291433d80f0d54d3
CR-Id: ALPS03866203
Feature: Android Exception Engine(AEE)
 2020-01-18 09:58:17 +08:00
mtk11285
a76cdd9cee [ALPS03841705] AEE porting on Android P about selinux 
[Detail]
1. add some rules
2. transfer aee_core_forwarder domain form kerenl to aee_core_forwarder

MTK-Commit-Id: 7ad2c5df75565153ccec471f0eb2224c912515cd

Change-Id: I9b576e3937d04b5848baeb156718d0469fa05a75
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:48:59 +08:00
Elvin Lin
3af6d2d836 [ALPS03861775] modify sysfs_batteryinfo 
[Detail]
1. Remove the battery_node label.
2. Modify the path for sysfs_batteryinfo from
   /sys/devices/platform/battery/power_supply to
   /sys/devices/platform/battery to let fuelgauged
   use it.
3. Add the sysfs_vbus and sysfs_pump_express label.

MTK-Commit-Id: 8603797a37fbb115f08a7c46a4292acbb34e1d05

Change-Id: I5a02d30d79a3564ef429f6dfe93f8df48004640b
CR-Id: ALPS03861775
Feature: Charger
 2020-01-18 09:47:11 +08:00
Yuxian Xu
af8b6473d2 [ALPS03886572] Mobile Log selinux rule porting 
[Detail]
Mobile Log selinux rule porting:
1. fix the violation on P
2. relable some kernel interfaces.

MTK-Commit-Id: 4108ed13f3e7693c3642b6f073c5444f133b3c38

Change-Id: I1fac185779510f10b9b94bdf6ec40573237d846a
CR-Id: ALPS03886572
Feature: Mobile Log Tool
 2020-01-18 09:37:45 +08:00
Larry Liang
a94ac3e353 Merge "[ALPS03841705] AEE porting on Android P" into alps-trunk-p0.basic 
Change-Id: Ie88c8fb29e6e51f122cb41103b6807dc9486b8a5
MTK-Commit-Id: 17ddd9047c584201262777a2b7209980d600ab49
 2020-01-18 09:35:50 +08:00
mtk11285
457f1855f1 [ALPS03841705] AEE porting on Android P 
[Detail]
1. modify property according to P rule
2. add some selinux rules
3. relable /proc/slabinfo /proc/zraminfo

MTK-Commit-Id: aa654138c8b48d223b614c81d2f39d7cd6eedd1f

Change-Id: Ib47383553b0d320d3766780f35c397be60dc1339
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:35:48 +08:00
Elvin Lin
c25696d051 [ALPS03861775] Remove the sysfs_power_supply label 
[Detail]
Since Android P, battery-related information should be declared as native
sysfs_batteryinfo, which can be accessed by healthd and other processes
asking for battery information.

[Solution]
1. Remove sysfs_power_supply.
2. Change the usage from sysfs_power_supply to sysfs_batteryinfo.

MTK-Commit-Id: 5713190900415312f7904cdf6d46a891996d5786

Change-Id: I10099570afdb48f0806d6979a3fb11b9b9e59fbe
CR-Id: ALPS03861775
Feature: Charger
 2020-01-18 09:34:44 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00