NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,130 Commits 2 Branches 0 Tags
Commit Graph

8 Commits

Author SHA1 Message Date
Shanshan Guo
62cf1a413a [ALPS04639771] SEPolicy: Modify workaround 
[Detail]
There is a workaround for bring-up,
now it needs to be modified.

[Solution]
1.Split workaround to sepcial *.te
2.Modify ged sepolicy
3.Modify mistake
4.Add sepolicy

MTK-Commit-Id: 5a2b7e3fdc826a7ca6bc70a3810f14c1661e7d79

Change-Id: I0894de45e014a5eae754e35b57fbc9b21bc4bf90
CR-Id: ALPS04639771
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:15:29 +08:00
Lili Lin
98a7fdc4b2 [ALPS03934986] Fix Selinux issue 
[Detail]
Command chown system system /mnt/vendor/nvcfg action=post-fs-data (/vendor/etc/init/hw/init.mt6739.rc:138) took 1ms and failed: lchown() failed: Permission denied

[Solution] Add unlabeled permission for vendor_init

MTK-Commit-Id: 511397f101d5d63593199c212888e674e661199d

Change-Id: Ia22badf945b52f76be3176f3081ada35aaada17b
CR-Id: ALPS03934986
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:51:11 +08:00
mtk12101
b086e609ac [ALPS03825066] Remove unused sepolicy 
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop

[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"

MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248

Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:50:11 +08:00
mtk12101
78d7f51370 [ALPS03825066] Fix boot fail 
[Detail] System processes have no permission to access
vendor_default_prop

[Solution] Add get vendor_default_prop rule for system
processes

MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515

Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:47:42 +08:00
Ju-Yi Cheng
80531326ac [ALPS03869840] P migration: Remove label aosp prop 
[Detail] Vendor partition shouldnt access aosp defined property
which is not in whitlist. So remove the related changes of labeled
aosp property.
  This reverts commit 9d534a80d67e7457a1411b8b36249898ed4c6986.
  This reverts commit 901fb42d2e3856a139b90420922f558d7231ea7d.
  This reverts commit 41dc8fb567b409e149e59f4f514268ca5883c7ab.

[Solution] Remove label of ro.sf.lcd_density.

MTK-Commit-Id: 02cf063b8407a9d9242f064c86767200e9c0ac0a

Change-Id: I02dcc2fa3fda95c498f0ef70d9aa6bd9224d3b02
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 09:37:01 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00