NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
164 Commits 2 Branches 0 Tags
Commit Graph

20 Commits

Author SHA1 Message Date
Dian Wang
b84e8c94d9 [ALPS03909621] Move meta_tst 
[Detail] Move meta_tst from system to vendor

[Solution]
modify sepolicy/basic

MTK-Commit-Id: 4bac131e38e71904dfc6f69a0b1ec15f46a08881

Change-Id: I571edd67cf3f59c293aa2aa674292380b86fcf38
CR-Id: ALPS03909621
Feature: SP META Tool
 2020-01-18 09:50:34 +08:00
Long Yang
c1564d4dd2 Merge "[ALPS03853366] Fix kisd sepolicy issue for android p[1/3]" into alps-trunk-p0.basic 
Change-Id: Id7b550f47c0afcf7a1b7625275f9b898ffeac428
MTK-Commit-Id: 8077b66089b85bef61e63e73d4d827112a17c415
 2020-01-18 09:46:03 +08:00
mtk14717
dd229ac506 [ALPS03853366] Fix kisd sepolicy issue for android p[1/3] 
[Detail]
Move kisd from system to vendor and add keymanage hidl
[Solution]
Modify related sepolicy in device/mediatek/sepolicy/basic

MTK-Commit-Id: c1826ac0bdcc18a4e6d3298e73514801a35a09ad

Change-Id: Iee4b65ba5addc5a21de53e76d3bb092e2f37ab01
CR-Id: ALPS03853366
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:45:51 +08:00
Peng Qi
bf77ac2d12 [ALPS03866092] BT HCI snoop log (2/2) 
[Detail]
1. Add selinux right for MTKLogger to able to connect Bluetooth
via socket
2. Add selinux right for Bluetooth to set debug property for
MTKLogger state check

MTK-Commit-Id: db60d64b8ed91dfee48588fb5a32f2bedc2ba604

Change-Id: I31c5abb153c2bcd44a2dafca0f1f669e7310c3fe
CR-Id: ALPS03866092
Feature: BT AOSP
 2020-01-18 09:45:40 +08:00
Larry Liang
2e97184a4b Merge "[ALPS03841705] modify aee_core_forwarder selinux rule" into alps-trunk-p0.basic 
Change-Id: I4bad1d381c0ec3b1e76f1bc7a5ae7ae68ad8add9
MTK-Commit-Id: b01515bb610c7a0c60117c97d4f98b5c9f882071
 2020-01-18 09:40:46 +08:00
mtk11285
07c11d89ba [ALPS03841705] modify aee_core_forwarder selinux rule 
[Detail]
transfer aee_core_forwarder form /vendor/bin to /system/bin,
so modify aee_core_forwarder selinux rule.

[Solution]

MTK-Commit-Id: 5a583b375a0d33032e8004e1818f05c75363e4f5

Change-Id: I9ff1d0b5d521ce2f09780146f6b75c5378d03d4d
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:40:34 +08:00
Denis Hsu
977ad3f552 [ALPS03891225] Modify vold related policy 
[Detail]
1. remove md_ctrl.te because we dont use md_ctrl in P.
2. remove debugfs_tracing policy
3. remove nvdata, protect_f, protect_s policy

MTK-Commit-Id: d4e5c9893970f0b214b518cba5f9300f130eace9

Change-Id: Iaafc30124fd69ef2b989b9e4e51d71a37d9571e9
CR-Id: ALPS03891225
Feature: Multi-Storage
 2020-01-18 09:40:17 +08:00
Timo Liao
197ea4ad2a [ALPS03890927] battery: fix sepolicy violation 
[Detail]
1. fix data between core and vendor violator
2. remove fuelgauged_static.te
3. remove fg daemon access nvram sepolicy
4. add label for battery

MTK-Commit-Id: 1443b78b112739594e0633526c6966e4871bd125

Change-Id: I931a18bfb8ac963e71311ceace8a28b4a495e881
Signed-off-by: Timo Liao <timo.liao@mediatek.com>
CR-Id: ALPS03890927
Feature: Fuel Gauge
 2020-01-18 09:39:17 +08:00
mtk12101
c7ac9f171a [ALPS03825066] Resolve build error 
[Detail]
1.Google add new neverallow rule for untrusted apps
2.The file/dir in /proc must associate with proc_type

[Solution]
1.Remove rules which violate google neverallow rules
about untrusted apps
2.Add proc_type attribute for file/dir on /proc

MTK-Commit-Id: b94412725e3a7b18db9573056c2fb43367989ed5

Change-Id: I89de16a65f05d052969c794604b9c372ed1ce7e1
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:38:47 +08:00
mtk33297
1cbaa678fe [ALPS02333452] Android p selinux change 
[Detail]
Android has defined neverallow rules
to restrict direct access to system files.
We need to have a custom label for each policy.

[Solution]
Define custom label for drmserver

MTK-Commit-Id: c84c43b87a6ac2651a0562b8818bc66516e4a50b

Change-Id: Ide4fc49628508aee77e67f3213749210430153a3
CR-Id: ALPS02333452
Feature: OMA DRM V1.0
 2020-01-18 09:38:07 +08:00
Yuxian Xu
af8b6473d2 [ALPS03886572] Mobile Log selinux rule porting 
[Detail]
Mobile Log selinux rule porting:
1. fix the violation on P
2. relable some kernel interfaces.

MTK-Commit-Id: 4108ed13f3e7693c3642b6f073c5444f133b3c38

Change-Id: I1fac185779510f10b9b94bdf6ec40573237d846a
CR-Id: ALPS03886572
Feature: Mobile Log Tool
 2020-01-18 09:37:45 +08:00
Larry Liang
a94ac3e353 Merge "[ALPS03841705] AEE porting on Android P" into alps-trunk-p0.basic 
Change-Id: Ie88c8fb29e6e51f122cb41103b6807dc9486b8a5
MTK-Commit-Id: 17ddd9047c584201262777a2b7209980d600ab49
 2020-01-18 09:35:50 +08:00
mtk11285
457f1855f1 [ALPS03841705] AEE porting on Android P 
[Detail]
1. modify property according to P rule
2. add some selinux rules
3. relable /proc/slabinfo /proc/zraminfo

MTK-Commit-Id: aa654138c8b48d223b614c81d2f39d7cd6eedd1f

Change-Id: Ib47383553b0d320d3766780f35c397be60dc1339
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:35:48 +08:00
bo.shang
933f54b148 [ALPS03879689] mdlogger SELinux error 
[Solution] Fix boot mode selinux error

MTK-Commit-Id: 561f4064456c585ee83e66fc863065d77f256ff8

Change-Id: Id272b61b7e2fc462726770ccde9bd31c1725ce9e
CR-Id: ALPS03879689
Feature: C2K Modem Log Tool
 2020-01-18 09:34:33 +08:00
yuhui.zhang
5aa62a3b04 [ALPS03860173] Modify em_svr SEPolicy 
[Detail]
Modify em_svr SEPolicy to support Android P

MTK-Commit-Id: bb10076f302a7f07d7fabb0b281a01ff3694efb6

Change-Id: Ic56cf6be0f82d0c146cdeebbc85ed00958577aff
CR-Id: ALPS03860173
Feature: Engineering Mode
 2020-01-18 09:30:40 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
4dc7f49e69 [ALPS03825066] Mark file context to fix build fails 
Should add vendor_file_type for vendor files, and
    add core_data_file_type for system files. Vendor files
    and system files are differented by file path.

MTK-Commit-Id: 602eb35b36c658789e093e2730b16b9b5c892c0f

Change-Id: Ibacc08427f332741f12757c66ecbb8ce91b76416
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
mtk12101
bbecfaa68b [ALPS03825066] Resolve vendor violates 
[Detail] Google add new neverallows rules on android P,
some rule violate the rules

[Solution] Remove the rules which violate google new rules

MTK-Commit-Id: ff683b4eee0a6dd95ff25fbb6c7d1fc3a79c604d

Change-Id: Iead494212c6adcec234eaef14c83d1f8c7a49deb
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:34 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00