NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
411 Commits 2 Branches 0 Tags
Commit Graph

9 Commits

Author SHA1 Message Date
mtk12101
6c68a34641 [ALPS03982747] Remove unnecessary violators 
Remove violators of system_executes_vendor_violators
in all .te files for Google rule.

MTK-Commit-Id: 2ea1f525e8cd6ef3cda981b2a47eabc4582fe767

Change-Id: I3940095186b1a530e7ed442cc34658c2317b9a89
CR-Id: ALPS03982747
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:01:50 +08:00
jerry-sc.wu
2bb5e6af4a [ALPS03867358] Thermal: P Migration 
[Detail]
Resolve build warning.
Fix "neverallow coredomain from writing vendor properties".

MTK-Commit-Id: 41ae21ce71a19a8a1abce51e33ab93b66e4fa793

Change-Id: I85f9091cbddd1503579b69b4e3b14e63a7eb2dcc
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 10:01:37 +08:00
jerry-sc.wu
dbcc1e21fa [ALPS03867358] Thermal: P Migration 
[Detail]
System cannot execute vendor in Android P.
Need Remove violated policies.

[Solution]
Remove related violated policys.

MTK-Commit-Id: 5b111d320a150b06e8900b374c1f55a29ca38e5d

Change-Id: Ia36502819979925df3846d8c13c7a8bba89ed077
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 09:59:39 +08:00
Lili Lin
05f5d87b88 [ALPS03881723] Workaround to fix build break 
[Detail] Googles new commit
neverallow coredomain from writing vendor properties
cause build break

cdb1624c27

[Solution] Declare system_writes_vendor_properties_violators as workaround

MTK-Commit-Id: 2b19515d2d98945b0aadfbc9043352ae927497f3

Change-Id: I7be59b6811f6c75ea47da205be902417311fe1d0
CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:56:13 +08:00
mtk12101
b086e609ac [ALPS03825066] Remove unused sepolicy 
[Detail] Because "ro.vendor.net.upload.benchmark.default"
is unlabeled property, so all use it will have name of
vendor_default_prop

[Solution] Need owner to relabel the property of
"ro.vendor.net.upload.benchmark.default"

MTK-Commit-Id: 3a772e2b252536c9bbe9829b75f3464c2df68248

Change-Id: I42f341bf01cea16a16a0e73d13e0c03b5c270dad
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:50:11 +08:00
mtk12101
78d7f51370 [ALPS03825066] Fix boot fail 
[Detail] System processes have no permission to access
vendor_default_prop

[Solution] Add get vendor_default_prop rule for system
processes

MTK-Commit-Id: 412119fb578fc32e9f046c09a13817cf3c755515

Change-Id: I791997e6bb44c61b69d32c6da0cc80c6f2a9759e
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:47:42 +08:00
Bo Ye
3ace839be3 [ALPS03825066] Mark file context to fix build fails 
Restore the policies accessing files labeled
    as proc_xxx or sysfs_xxx, but there are some
    exceptions for coredomain process, such as
    meta_tst,dump_state,kpoc_charger

MTK-Commit-Id: 7953b5203bb3cac099c3326d330643b4cd73746d

Change-Id: I4b16c09c352891783e837bea370c264966ca6d13
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:41 +08:00
Bo Ye
5849c224e3 [ALPS03825066] P migration selinux build failed fix 
1. Mark polices which accessing proc/sysfs file system
    2. Add violator attribute to modules violate vendor/system rule.

MTK-Commit-Id: 3954cad7a1428cda694d8428c2235a78aa6e7cc8

Change-Id: I401ae5b87eb9a03f324bef83c6678149606b15a8
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:29:36 +08:00
Chunyan Zhang
37e0caa36e import from mediatek/master to mediatek/alps-mp-o1.mp1 
Change-Id: Ic78db8195c5c51f85c9c6fd3ef8333489afd6e79
MTK-Commit-Id: 848bf57127be9d01fd1df4aab95737855456afee
 2020-01-18 09:29:32 +08:00