NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
224 Commits 2 Branches 0 Tags
Commit Graph

13 Commits

Author SHA1 Message Date
SW Integrator
38f6afbf14 [ALPS03800946] Remove vold_socket 
[Detail]
Remove vold_socket because its not allowed

[Solution]
Remove marked code

MTK-Commit-Id: 8c940b5494f7631fce98a251f2d0ba857f9346df

Change-Id: I50c1d6cfd21f4877b0c1f08bd3f3bacb2c47885e
CR-Id: ALPS03800946
Feature: Treble
 2020-01-18 09:52:12 +08:00
SW Integrator
700750af5e [ALPS03800946] Remove data_between_core_and_vendor_violators 
[Detail]
data_between_core_and_vendor_violators is used temporarily. We should
follow Android P SELinux rule to write sepolicy.

[Solution]
Remove data_between_core_and_vendor_violators from files which already
fix SELinux build errors

MTK-Commit-Id: 6a75842a96d8997bca10caf6ca4d5b4e7e8f68a4

Change-Id: I5e840fdf6b61d44860429a7e5c7e24c9a48a9c75
CR-Id: ALPS03800946
Feature: Treble
 2020-01-18 09:49:26 +08:00
mtk14717
dd229ac506 [ALPS03853366] Fix kisd sepolicy issue for android p[1/3] 
[Detail]
Move kisd from system to vendor and add keymanage hidl
[Solution]
Modify related sepolicy in device/mediatek/sepolicy/basic

MTK-Commit-Id: c1826ac0bdcc18a4e6d3298e73514801a35a09ad

Change-Id: Iee4b65ba5addc5a21de53e76d3bb092e2f37ab01
CR-Id: ALPS03853366
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:45:51 +08:00
Larry Liang
f9ccc3b4ea Merge "[ALPS03841705] remove unuse selinux rule" into alps-trunk-p0.basic 
Change-Id: If10189a5f8f50b9dd1cd3f9eafab6eb45abb5b31
MTK-Commit-Id: ffdde889a9b9d4233902fc634a6ab071f2e38c0c
 2020-01-18 09:41:08 +08:00
mtk11285
33f97ac789 [ALPS03841705] remove unuse selinux rule 
[Detail] remove unuse selinux rule

MTK-Commit-Id: 83678f3c246610d78ddac840511df45153e9121e

Change-Id: Ibc862ad2b990bcf77642e271f45ad0e1d1fa9574
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:41:02 +08:00
Denis Hsu
977ad3f552 [ALPS03891225] Modify vold related policy 
[Detail]
1. remove md_ctrl.te because we dont use md_ctrl in P.
2. remove debugfs_tracing policy
3. remove nvdata, protect_f, protect_s policy

MTK-Commit-Id: d4e5c9893970f0b214b518cba5f9300f130eace9

Change-Id: Iaafc30124fd69ef2b989b9e4e51d71a37d9571e9
CR-Id: ALPS03891225
Feature: Multi-Storage
 2020-01-18 09:40:17 +08:00
mtk33297
56f34167cf [ALPS02333452] Android p selinux change 
[Detail]
Android has defined neverallow rules
to restrict direct access to system files.
We need to have a custom label for each policy.

[Solution]
Define custom label for drmserver

MTK-Commit-Id: 996de9ff486db13908f6d58b476613957d4f336d

Change-Id: I34c8d86c1baf9daa02e29323007e4136c6048b31
CR-Id: ALPS02333452
Feature: OMA DRM V1.0
 2020-01-18 09:38:57 +08:00
Yuxian Xu
af8b6473d2 [ALPS03886572] Mobile Log selinux rule porting 
[Detail]
Mobile Log selinux rule porting:
1. fix the violation on P
2. relable some kernel interfaces.

MTK-Commit-Id: 4108ed13f3e7693c3642b6f073c5444f133b3c38

Change-Id: I1fac185779510f10b9b94bdf6ec40573237d846a
CR-Id: ALPS03886572
Feature: Mobile Log Tool
 2020-01-18 09:37:45 +08:00
yuhui.zhang
cfa692cd89 [ALPS03860173] Update em_svr te file 
[Detail]
Update em_svr te file on Android P rules

MTK-Commit-Id: 209e5983cf99919666577929b0c4861131c8c9f7

Change-Id: Ifc5c86499abbf712c3388776a993178f8d14df32
CR-Id: ALPS03860173
Feature: Engineering Mode
 2020-01-18 09:37:16 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
mtk12101
bbecfaa68b [ALPS03825066] Resolve vendor violates 
[Detail] Google add new neverallows rules on android P,
some rule violate the rules

[Solution] Remove the rules which violate google new rules

MTK-Commit-Id: ff683b4eee0a6dd95ff25fbb6c7d1fc3a79c604d

Change-Id: Iead494212c6adcec234eaef14c83d1f8c7a49deb
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:34 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00