NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,044 Commits 2 Branches 0 Tags
Commit Graph

1044 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
kai.zhao
c882363e4d [ALPS04608727] improve sepolicy for d2 plus 
[Detail] improve sepolicy for d2 plus

MTK-Commit-Id: 2340a49104f5457dbd4c02fdd0027d3a6487e203

Change-Id: Idf1d27da771e438b9e8a12ab54591775cdeefeb3
CR-Id: ALPS04608727
Feature: OpenGL|ES
 2020-01-18 10:14:41 +08:00
YC Shen
f9c68f4cad Merge "[ALPS04292313] Add sepolicy for MTK Wi-Fi lazy hal" into alps-trunk-q0.basic 
Change-Id: I8a72afdeff48a6372df0391c63fc6d03671ba8d9
MTK-Commit-Id: 6de0c92ba0fcd139dfe7065d067a2ba002f13c27
 2020-01-18 10:14:40 +08:00
TF Huang
bdf828cf29 [ALPS04292313] Add sepolicy for MTK Wi-Fi lazy hal 
Add sepolicy for new added Wi-Fi lazy hal

MTK-Commit-Id: 16ae21d83bc037845e2c6f5c17af86940998a90e

Change-Id: I7863c666aeb9ea782f8007b81124eb00cff430d0
CR-Id: ALPS04292313
Feature: [Module]Wi-Fi HAL
 2020-01-18 10:14:31 +08:00
Marx Chiu (邱弘志)
dde8ac8308 Merge "[ALPS04643911] Fix cameraserver permission GED_IO" into alps-trunk-q0.basic 
Change-Id: I9d3ccd9bb7dcd303ad54bcff4ed0fa0c211f4872
MTK-Commit-Id: 0a9d484fce7aee55b05e8fda923f2210e2b82b79
 2020-01-18 10:14:30 +08:00
Lovefool Tai
5deaf73ab0 [ALPS04643911] Fix cameraserver permission GED_IO 
[Detail]
To solve the kernel dump message when switch to stereo mode.
Enable the capability of mtk_hal_camera about GED_IO.

MTK-Commit-Id: 88e25a18c125c57a1bbf5c40102ef604f556be95

Change-Id: Ia5a462a2264e2b2ed68090c5ce2e24d5f21d9423
CR-Id: ALPS04643911
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:14:29 +08:00
Yogesh Tundele
470060d569 Merge "[ALPS04640555] Recovery: Add SELinux Permission" into alps-trunk-q0.basic 
Change-Id: Ie4ae365d24b95d6a45d9475d63dcdad5b941d71e
MTK-Commit-Id: fa1f39c95d5896492a4bf529f6f461d3b7bec096
 2020-01-18 10:14:27 +08:00
Yogesh Tundele
69a1acead8 [ALPS04640555] Recovery: Add SELinux Permission 
[Detail]
Uncrypt service need permission to write Setup bcb thus adding permission
[Solution]
uncrypt.te required for SELinux permission so added project wise.

MTK-Commit-Id: 449e4268822584641f10ce798271d33344d7fa5c

Change-Id: I8c2109029e4d5b58a1ca7aa8bc62954e1d939606
CR-Id: ALPS04640555
Feature: [Module]Settings
Signed-off-by: Yogesh Tundele <yogesh.tundele@mediatek.com>
 2020-01-18 10:14:26 +08:00
Shanshan Guo
c50b176f22 Merge "[ALPS04475279] Revert Sepolicy:move type sysfs_mmcblk" into alps-trunk-q0.basic 
Change-Id: Ib3f39b3e808c27ebc9e42a8fadaa708205d0db33
MTK-Commit-Id: ca7e92c24ecd2b6b5998af00ac090cc9bb00f45d
 2020-01-18 10:14:25 +08:00
Shanshan Guo
6b7634890e [ALPS04475279] Revert Sepolicy:move type sysfs_mmcblk 
Revert "[ALPS04475279] Sepolicy:move type sysfs_mmcblk"

MTK-Commit-Id: 29c0cafecc272113f799b08271f1ad71fd5abb30

Change-Id: I7b9988640f621e1dfb7129d9bf21ca446e447d04
CR-Id: ALPS04475279
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:14:23 +08:00
Marx Chiu (邱弘志)
e73950065c Merge "[ALPS04566986] Fix cameraserver permission" into alps-trunk-q0.basic 
Change-Id: I524976ce8b9c63d1e2a62ae3ce8c475053d41d79
MTK-Commit-Id: b0fbfb81e7ee33becde7236dcd4887e472ce70c2
 2020-01-18 10:14:21 +08:00
Cheng Li
be2c30ed8e [ALPS04566986] Fix cameraserver permission 
[Detail]
allow permission of ioctl for cameraserver

[Solution]

MTK-Commit-Id: 01b85f4aed18628c9053fde9f4a2fd96509d49ec

Change-Id: Icddcd0e5eb51583d65aca6763d4b2f31683ffd7f
CR-Id: ALPS04566986
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:14:19 +08:00
Vincent Sung
d82b26fb4d Merge "[ALPS04578241] GPU: Enable selinux of apphint shared lib" into alps-trunk-q0.basic 
Change-Id: Ic766960e09bf93730eae6018a4e9fc71cef80bc1
MTK-Commit-Id: ce7fe4da2e609a39c1f6b36b436ca9a439629d84
 2020-01-18 10:14:18 +08:00
Eric Chung
96acf6341d [ALPS04578241] GPU: Enable selinux of apphint shared lib 
[Detail]
Enable selinux for dlopen new GPU shared lib in GPU driver

MTK-Commit-Id: 2085a1ed91111ea79d8a99d8aa8707deb9fdf4d3

Change-Id: Ia7b3b633da12027328fe978adf652fedd18ccb3b
CR-Id: ALPS04578241
Feature: OpenGL|ES
 2020-01-18 10:14:13 +08:00
Jianping Jiang
11f88203b8 [ALPS04255502] lbs_dbg: move lbs_dbg sepolicy to system 
Move lbs_dbg sepolicy to system for System/vendor Layer decouple

MTK-Commit-Id: a4638ef15ca2020d8f7eba6ab2d053d7716d0ad4

Change-Id: I4ecfb1276b47ec75bab4c72ff04ebeb035d757b3
CR-Id: ALPS04255502
Feature: Location Aiding
 2020-01-18 10:14:12 +08:00
Coboy Chen
e4381125dc Merge "[ALPS04327011] sepolicy: add ioctl defines" into alps-trunk-q0.basic 
Change-Id: I9356ac43defb39a173f59d56cca537ebd0746b58
MTK-Commit-Id: faf136f811e8fc992beb60254bc5c34ab423a2cd
 2020-01-18 10:14:11 +08:00
Coboy Chen
045348b627 [ALPS04327011] sepolicy: add ioctl defines 
Add ioctl defines of MMC and UFS for storageproxyd.

MTK-Commit-Id: b274b0af303546e3dedb47510ca2f43460ee3f33

Change-Id: I9af1c8904c44d1d773c1f7248ac945fe8a991888
Signed-off-by: Coboy Chen <coboy.chen@mediatek.com>
CR-Id: ALPS04327011
Feature: GenieZone
 2020-01-18 10:14:10 +08:00
Shanshan Guo
57056d7216 Merge "[ALPS04475279] Sepolicy:move type sysfs_mmcblk" into alps-trunk-q0.basic 
Change-Id: Ic0e05fe2193f56681534c162c5bda2099f642b43
MTK-Commit-Id: 7163ce9a190023ad740e736f212512815b23f8c3
 2020-01-18 10:14:09 +08:00
Shanshan Guo
54b1880fd1 [ALPS04475279] Sepolicy:move type sysfs_mmcblk 
[Detail]
sysfs_mmcblk is used by vendor & system process,
its type need to be moved to plat_public.

[Solution]
move type sysfs_mmcblk form non_plat to plat_public.

MTK-Commit-Id: 9221eb0ec44290e461e5602f7bfaf08b72994b4d

Change-Id: Ibe9a39e70e2071bfa9c88518fd34e232fc4844d6
CR-Id: ALPS04475279
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:14:07 +08:00
Seiya Wang
cfa7fc2798 Merge "[ALPS04361666] hal_bootctl_default: add permission" into alps-trunk-q0.basic 
Change-Id: Ib1679b854be96342c041b267d961bff687fdf058
MTK-Commit-Id: 43f805c7e7377791900f451efb0e1683d1ef8f80
 2020-01-18 10:14:06 +08:00
ryan-c.hsu
5bb4c4434f [ALPS04361666] hal_bootctl_default: add permission 
[Detail]
add permission to get boot_type

MTK-Commit-Id: fc9f66eee3c02575c4ef55812136ceee31dcf080

Change-Id: Ia783a03546f7c63d0190fb59a0bd815217b0af38
CR-Id: ALPS04361666
Feature: A/B System Updates
(cherry picked from commit 0feea4c29acf9f596373c0c1dc2e3afb11cdd2b7)
 2020-01-18 10:14:01 +08:00
Seiya Wang
ad89badb13 Merge "[ALPS04361666] add sys_rawio permission for user load" into alps-trunk-q0.basic 
Change-Id: I8f7a2001e3732748a922efb3d7cbc734f2dff7f4
MTK-Commit-Id: 521e2266317875a87e18db61209a5919d286dc58
 2020-01-18 10:14:00 +08:00
ryan-c.hsu
0235a29737 [ALPS04361666] add sys_rawio permission for user load 
[Detail]
user load is also need this permission to update boot slot

MTK-Commit-Id: 1d36ab48bb02c462f86732182cd15c2803efc524

Change-Id: If3ea6ef5e89c6beed827752b4ee777004b386647
CR-Id: ALPS04361666
Feature: A/B System Updates
(cherry picked from commit 91b20c70ead67f39b68a61648ed41c417d39adf2)
 2020-01-18 10:13:58 +08:00
Neng Kou
ba7500624e Merge "[ALPS04533784] Move sepolicy of cam cooler to bsp" into alps-trunk-q0.basic 
Change-Id: I77e3a7ad16f7160bdaae2376ccf67f7262f7d043
MTK-Commit-Id: 99c86f6f19543e4edfb81f3e7b1e73fec1a32b07
 2020-01-18 10:13:57 +08:00
Ian-Y Chen
817a9684d5 [ALPS04328846] power: add wifi permission 
[Detail]
Add wifi permission for PowerHAL

MTK-Commit-Id: 5b5ccb13e75e84bc72212f45996be381cd905136

Change-Id: I5f7672e8fdfd99f5c1c11cf448a7477b3a3d4b31
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:13:57 +08:00
jhua.zhang
0986f7cfba [ALPS04533784] Move sepolicy of cam cooler to bsp 
[Detail]
Move camera coolers sepolicy to bsp/plat_private.
This reverts commit 869396b2725b78c55382a9f34b016b5236505965.

MTK-Commit-Id: 31387ebc1f29a342b39a8bd809cdc3f2f56c85fd

Change-Id: I64c36cefdefe72846971ec323cae0c6e89c675a1
Signed-off-by: jhua.zhang <jhua.zhang@mediatek.com>
CR-Id: ALPS04533784
Feature: Thermal Management
 2020-01-18 10:13:55 +08:00
dengwei.xu
c6ed642277 [ALPS04285435] EM hidl server sepolicy 
Fix the EM hidl server sepllicy build errro

MTK-Commit-Id: 8b95a2baf6f04fd1c8ec5fa6548f78203a581e3d

Change-Id: Iac820d493352c5d37991c23cb10c01f9615ed888
CR-Id: ALPS04285435
Feature: Engineering Mode
 2020-01-18 10:13:51 +08:00
GW Chen
c04d8c0283 Merge "[ALPS04421300] HIDL refining" into alps-trunk-q0.basic 
Change-Id: I8ecab5601ac1a7d6e94406cbd1868b5f6555dd15
MTK-Commit-Id: bcea8f14cfb619d4c4082bd3b4d27c1f32a72321
 2020-01-18 10:13:50 +08:00
mtk16965
314a88d69a [ALPS04421300] HIDL refining 
[Detail]
fix some error of HIDL

MTK-Commit-Id: c4b3c65a31fa7e181cd67064123a338e958ad066

Change-Id: Ic512b22308d788267c2e0049cc119b8ec506ed91
CR-Id: ALPS04421300
Feature: OpenGL|ES
 2020-01-18 10:13:49 +08:00
guanglai guo
6a377f89f8 [ALPS04579367] selinux: change bootprof target context 
change bootprof target context from proc to proc_bootprof,
for fixing bootprof caused permission issue.

MTK-Commit-Id: ea15ac71efba2703e15022ac79344c5cc2c93520

Change-Id: I1031f33200306ecb2edcf8c8c8fe7d1afa79b5ad
Signed-off-by: guanglai guo <guanglai.guo@mediatek.com>
CR-Id: ALPS04579367
Feature: Modem Interface Driver
(cherry picked from commit f6f909a3ecfa41b1633769f83282ffd9e2487937)
 2020-01-18 10:13:48 +08:00
Qian Dong
cb1094e975 Merge "[ALPS04577521] remove ro.vendor.mtk_wmv_playback_support property" into alps-trunk-q0.basic 
Change-Id: I8954fa076a07fda6e6c60d8af769142e4f2e5092
MTK-Commit-Id: 3f108f6389ae686aeea3af05a452aef5dc398386
 2020-01-18 10:13:47 +08:00
Yuxiu Zhang
db6b8b4297 [ALPS04577521] remove ro.vendor.mtk_wmv_playback_support property 
AP(MediaFile.java) do not need it from Android Q

MTK-Commit-Id: 796885860cf7c950e2ac5ebc4e0b3ee6996171c0

Change-Id: I7ca0d4827a88118e84b7c33687b1e7ca6897a185
CR-Id: ALPS04577521
Feature: ASF Playback
 2020-01-18 10:13:45 +08:00
zhiyong.wang
0f9a4e559f [ALPS04474673] allow vendor init write expdb 
[   34.641681] <0>.(7)[346:logd.auditd]type=1400
audit(1558666535.652:116): avc: denied { read write } for comm="init"
name="mmcblk0p4" dev="tmpfs" ino=14428 scontext=u:r:vendor_init:s0
tcontext=u:object_r:expdb_block_device:s0 tclass=blk_file permissive=0

allow vendor init write into expdb partition.

MTK-Commit-Id: f46025981c46c95f7cc42a3c1380cf71b686d1e6

Change-Id: I573ed127c93cd84d49042ae5671b19ca967dd2e1
CR-Id: ALPS04474673
Feature: Android Exception Engine(AEE)
 2020-01-18 10:13:41 +08:00
Yuhui Zhang
e11759c46c Merge "[ALPS04325771] [EM] power: search subpmic register" into alps-trunk-q0.basic 
Change-Id: I2457dcce47210ae66566ab1b551bcc2086d71f1a
MTK-Commit-Id: 9b8f930c6c741de7eb59cf0ce606817917721193
 2020-01-18 10:13:40 +08:00
jhua.zhang
c95ef58ba5 [ALPS04533784] Thermal: add sepolicy for cam cooler 
[Detail]
Add sepolicy to allow camera app to access /proc/driver/cl_cam_status
for camera shutdown cooler.

MTK-Commit-Id: 869396b2725b78c55382a9f34b016b5236505965

Change-Id: Iadfcfb95923c15384c7a6508525b7167e1a6e16f
Signed-off-by: jhua.zhang <jhua.zhang@mediatek.com>
CR-Id: ALPS04533784
Feature: Thermal Management
 2020-01-18 10:13:40 +08:00
Juan Rong
50e9eaca5b [ALPS04325771] [EM] power: search subpmic register 
EM need search subpmic register file

MTK-Commit-Id: bdbeb20b46586062dbeaa4337487b0780ded4429

Change-Id: I210c153ea810908d9aaa148fc231d4e2635c2665
CR-Id: ALPS04325771
Feature: Engineering Mode
 2020-01-18 10:13:38 +08:00
Yongjun Luo
dfc26f2e82 Merge "[ALPS04525727] SEPolicy:add perm for system_server" into alps-trunk-q0.basic 
Change-Id: I962cc508a89f9263f41f4578a4fb7e3be45fd794
MTK-Commit-Id: 2d624def2223c4cbb8ad095636b55eb509f1bb92
 2020-01-18 10:13:36 +08:00
mtk07742
a07397dc56 [ALPS04525727] SEPolicy:add perm for system_server 
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permission to access proc_ged by ioctlcmd
in MTBF.

MTK-Commit-Id: d79045e8bfe072a3125efa56cf5012cfb84e416b

Change-Id: Ic82c4ff92333077d9260f931c67453b9e53d305e
CR-Id: ALPS04525727
Feature: [Module]SystemServer
 2020-01-18 10:13:34 +08:00
Ian-Y Chen (陳尹)
1e6a5072dc Merge "[ALPS04328846] power: refine sepolicy" into alps-trunk-q0.basic 
Change-Id: Iaf3710c91ea35b6019f6f969b78854f28bc3dcf8
MTK-Commit-Id: c0705d2f416d71357824bbea7d70237068f7b921
 2020-01-18 10:13:33 +08:00
Ian-Y Chen
9fcf99ba09 [ALPS04328846] power: refine sepolicy 
[Detail]
1. Add prefix PERFMGR for performance related ioctl
2. Add property permission for PowerHAL

MTK-Commit-Id: 91ef99a47ee2de3c48426298c9a67d5e4dd10a6b

Change-Id: I5979aefc7fb110ee540425bc53896babdcac08bd
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:13:32 +08:00
Johnny Yao
b05b2ccb3d Merge "[ALPS04294481] WMT: add sepolicy for wmt_dbg" into alps-trunk-q0.basic 
Change-Id: Iae9b6e7f67f5243bf01511e827eb65a0afc10f7f
MTK-Commit-Id: 25881f143852f7ccc0b35330ef4e8e02a5625b48
 2020-01-18 10:13:30 +08:00
Tim Chang
a02af82882 [ALPS04294481] WMT: add sepolicy for wmt_dbg 
Add a rule to allow vendor_init have write permission
to proc_wmtdbg.

MTK-Commit-Id: fcdffbb167f1e860b31027357c5249c99b4b0281

Change-Id: I7b74e284ce9d9de1400c59bbf1f3e11188ec5245
Signed-off-by: Tim Chang <tim.chang@mediatek.com>
CR-Id: ALPS04294481
Feature: [Module]WMT Driver
 2020-01-18 10:13:25 +08:00
mtk11285
a250fc423c [ALPS03806577] catch manual coredump fail 
add some rules for aee_aedv/aee_aed to read /proc/*/exe

MTK-Commit-Id: a1ee357e85a32beded54046bb1b638eb8fe4b3c9

Change-Id: Ideeb8002a9d1b9b166709442195124cce8e4e427
CR-Id: ALPS03806577
Feature: Android Exception Engine(AEE)
 2020-01-18 10:13:24 +08:00
James Hsu
61b25561f6 [ALPS04515390] mrdump: add sepolicy for mrdump partition 
[Detail]
Add sepolicy for aee access mrdump partition

error log:
mrdump partition /dev/block/platform/bootdevice/by-name/mrdump
 open failed (13), Permission denied

MTK-Commit-Id: f837dec83ec395bddca7806ef5ff2d35ed2f8f7a

Change-Id: Iad2414cdebb66cc3b7046fbe2570ea972101854a
Signed-off-by: James Hsu <james.hsu@mediatek.com>
CR-Id: ALPS04515390
Feature: Memory RAM Dump (MRDUMP)
 2020-01-18 10:13:21 +08:00
Shanshan Guo
7010a1c7bd [ALPS04501651] Sepolicy: Kernel API dump 
[Detail]
For Andorid Q, there is a more stringent restriction
for ioctl, app need to access proc_ged by ioctlcmds.

[Solution]
Add sepolicy for app to access proc_ged by ioctlcmds.

MTK-Commit-Id: 630cfe13e5928346453bb3800b75439d5e9e1235

Change-Id: I1bde81017e78d5b70fc78dd5fa148667360d2af4
CR-Id: ALPS04501651
Feature: Power Management
 2020-01-18 10:13:20 +08:00
Gang Wei
edfe850621 Merge "[ALPS04418515] [META]change to vendor_de" into alps-trunk-q0.basic 
Change-Id: I09eb4d1e2169689537356c598026813fdb0e592c
MTK-Commit-Id: 5b5870298b5f9daca992d6b2ca738fa6d6bc5316
 2020-01-18 10:13:20 +08:00
jing.li
2286610683 [ALPS04418515] [META]change to vendor_de 
[META]
Change /data/vendor to /data/vendor_de

MTK-Commit-Id: 4f8a9f9adadd9c32da5d6f781553b4256fec9c38

Change-Id: I3cee972d9d19eafc6bfe465df5229eff584d9ea6
CR-Id: ALPS04418515
Feature: SP META Tool
 2020-01-18 10:13:18 +08:00
Larry Liang
800af6c731 Merge "[ALPS03806577] add DropBoxReceiver feature" into alps-trunk-q0.basic 
Change-Id: I876e115e17378f7f9978c51d51283b77ae210268
MTK-Commit-Id: e8bc82cbeff2e189a1aed8cc2346607a1f94cd31
 2020-01-18 10:13:17 +08:00
mtk11285
0b7ed7df47 [ALPS03806577] add DropBoxReceiver feature 
1. allow dropboxreceiver to receive dropbox message
2. allow aee_aed to read packages.list

MTK-Commit-Id: 03d7fff0159d697f13fd574b132503ba6063cfab

Change-Id: Id717233c2ade4b0b8c3d6a8319647ff6e783a60a
CR-Id: ALPS03806577
Feature: Android Exception Engine(AEE)
 2020-01-18 10:13:14 +08:00
Juju Sung
f680189e6c [ALPS04284125] Sepolicy: add lost label 
[Detail]
netd_socket is deprecated in a/26f84c6.
The netd_socket used in mulitple modem generation,
for cross modem compatibility we add a dummy label to
prevent splitting new branch.

MTK-Commit-Id: b949378b387f9eb942de90b7475aea4ec711f68c

Change-Id: I5179175d9df973a0da01d4520269468b70f742ce
CR-Id: ALPS04284125
Feature: Modem Interface Driver
 2020-01-18 10:13:13 +08:00
Marc Huang
9581c04e51 Merge "[ALPS04501667] SELINUX: Kernel API dump of GED access" into alps-trunk-q0.basic 
Change-Id: If901823ae54b939e2608145cdecae627551434e7
MTK-Commit-Id: 255dcf4dab6d5987452adacdb3b09150d99e98e0
 2020-01-18 10:13:12 +08:00