NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,036 Commits 2 Branches 0 Tags
Commit Graph

1036 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Yifei Qiao
dd08af703d [ALPS04775042] Fix install drm key sepolicy error 
Fix install drm key sepolicy error

MTK-Commit-Id: e3c03327cba36fb5fc352203f0bbe8337316e5ae

Change-Id: I8e418d69dcdf5838cd94f242055526c7f897f9ab
CR-Id: ALPS04775042
Feature: [Module]keymaster
 2020-01-18 10:20:09 +08:00
Juju Sung
1dbf2b6dff [ALPS04387792] BGService: add sepolicy permission 
[Detail]
1. add BGService sepolicy permission

MTK-Commit-Id: 136f9e6df88b8e10652a3393405737b20e986f51

Change-Id: I62a077fbadd17a865c21e8c1551b2202d10bc6ce
CR-Id: ALPS04387792
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:20:09 +08:00
swintegrator
8d9e4a522f [ALPS04784782] Add SELinux sepolicy for TEEI OS communication 
Add hal_graphics_allocator_default SELinux sepolicy to
enable normal/secure world communication.

This is used for secure memory allocation from graphics allocator HAL
to TEEI OS.

MTK-Commit-Id: a47f2e49b8c563fdc457443e46af591a2691a441

Change-Id: I2bdc87303310f5acdd85f0491e58644b26963838
CR-Id: ALPS04784782
Feature: Microtrust TEEI
 2020-01-18 10:20:08 +08:00
yizheng.yang
51885451fa [ALPS04781447] Add selinux permission 
Add permission for atcid

MTK-Commit-Id: e4ab92c694185c03bbcc792fed84fdeaf0013409

Change-Id: Ib7f76d8c5f03da070559f8f73de6f611367b96a6
CR-Id: ALPS04781447
Feature: [Module]ATCI (AT Command Interface)
 2020-01-18 10:20:05 +08:00
Nancy Huang
9e238bfba9 [ALPS04760196] audioserver: fix high risk sepolicy 
[Detail]
1. Remove system_data_file access rule
2. Remove socket access in audioserver

MTK-Commit-Id: 53231b8b52745a21cc302833524911c55bab4960

Change-Id: I661f78bfbe0377bf88445494af0f33edb5f4fef7
CR-Id: ALPS04760196
Feature: [Module]Proprietary Audio Utility
 2020-01-18 10:20:04 +08:00
otis.huang
ae6fbad5e9 [ALPS04387792] BGService: add sepolicy permission 
[Detail]
1. add BGService sepolicy permission

MTK-Commit-Id: f5832af535feb84ff9f94ae25eb02fc6f5959762

Change-Id: I22a1e8d6e17a2f455771adf677d2ce8cb32e6550
CR-Id: ALPS04387792
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:20:04 +08:00
yizheng.yang
1a9ed28058 [ALPS04760107] Fix high risk selinux 
Fix high risk selinux in atci

MTK-Commit-Id: 920482c8d6406a57b2b653e98b8b28c30c2e6d1b

Change-Id: I6cbd85f3699f055312a5f6b2ea577bd9161ef29e
CR-Id: ALPS04760107
Feature: [Module]ATCI (AT Command Interface)
 2020-01-18 10:20:00 +08:00
Chun-Hung Wu
ef2d9a611a [ALPS04776340] dumpstate: add selinux policy 
[Detail]
Add sd card mmcblk0/mmcblk1 sysfs_mmcblk for dumpstate

MTK-Commit-Id: 6b8fde0993498cd8659b028f978ee118a082f81b

Change-Id: I4212764d39ee8752d6a5347d2a5e629f53205d0e
CR-Id: ALPS04776340
Feature: UFS Booting
 2020-01-18 10:20:00 +08:00
Eric Chung
606cbd7ddc [ALPS04761007] GPU: Fix high risk sepolicy 
[Detail]
Remove "allow property set" in mtk_hal_gpu

MTK-Commit-Id: 846c697e7b7766010b31a37371fbbe0babaa8203

Change-Id: I87f87982ea5c0147a60c6120548d4a44dd8c7f29
CR-Id: ALPS04761007
Feature: OpenGL|ES
 2020-01-18 10:19:59 +08:00
bo.shang
6eceb7c147 [ALPS04761154] Remove risk selinux permission 
Remove create folder in data selinux permission

MTK-Commit-Id: d6a218ddee9f5bcde67381631e400a8c3d5a4497

Change-Id: I031aa0ba9463796a11e6ba68774595ad2ff40ce4
CR-Id: ALPS04761154
Feature: Network Log Tool
 2020-01-18 10:19:53 +08:00
chien-wei hsu
6bc8ac8bdb [ALPS04760982] audiohal: fix High risk SEPolicies of mtk_hal_audio 
[detail]
remove sysfs file permission,
only request the sysfs_ccci file

MTK-Commit-Id: 0649e6c55c648d65fa9c599d73bfa98e02e918fe

Change-Id: Idab0ac8e4aff9234887f70dc60fe51339d78cd2b
CR-Id: ALPS04760982
Feature: [Module]Audio HAL
 2020-01-18 10:19:52 +08:00
Huaiming Li
9f9773fc1f [ALPS04772922] fix dumpstate SF_RTT dir avc error 
[Detail]
dumpstate SF_RTT dir getattr avc error in xTS

[Solution]
add getattr rule into dumpstate.te

MTK-Commit-Id: 20c47c82db9b6dfc5091f1fa03f8505c619343ee

Change-Id: Ic6de198bfd4736ba2fa3f3aea6024eeda0f57a16
CR-Id: ALPS04772922
Feature: Android Exception Engine(AEE)
 2020-01-18 10:19:52 +08:00
Guobao Wang
0b9d1a7568 [ALPS04763239] Remove the high risk sepolicy sysfs_vcorefs_pwrctrl 
Remove the high risk sepolicy sysfs_vcorefs_pwrctrl because its no
longer in use.

MTK-Commit-Id: 7aec1b3e31558366c3d3f098eb7c9eac02398a2a

Change-Id: I2e0dcd99be464f01435f8e96ea6dd5fa6ca12716
CR-Id: ALPS04763239
Feature: SIM
 2020-01-18 10:19:51 +08:00
Youxiu Wang
6f8abd5708 [ALPS04763237] Modify permission forRIL 
Reduce the scope of permission for RIL to access proc node.

MTK-Commit-Id: 4f0402b23acbbcf90e195f4c0bfc3bd249c1489e

Change-Id: I442119bd6696a40aa1a49bec781cfb947869b995
CR-Id: ALPS04763237
Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)
 2020-01-18 10:19:51 +08:00
Jen-Chih Chang
f4b78200ab [ALPS04761137] Remove mtkrild emulator SEPolicies 
Remove ununsed mtkrild emulator SEPolicies

MTK-Commit-Id: c6a07a483b3ff3c64b356d44808009aff7bb95b8

Change-Id: Ifbc17574943048f2f855ceb3282a89b892d7dc8c
CR-Id: ALPS04761137
Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)
 2020-01-18 10:19:50 +08:00
mtk14723
dc117a90e7 [ALPS04761108] Backlight: remove the unused sepolicy 
[Detail]
Remove the unused sepolicy, which has high risk

MTK-Commit-Id: 93b6fa2d6408dc551867fb24b260b053a9b746a7

Change-Id: Id8ddccde37e766c59b1d258d17db2759da6a3ef9
CR-Id: ALPS04761108
Feature: [Android Default] Backlight
 2020-01-18 10:19:50 +08:00
mtk10871
6d71aabb69 [ALPS04690934] BT feature: log in data area 
[Detail]
Log is available to store in data area.
Change api for setting corresponding permission.

MTK-Commit-Id: 00be41e217b22f187a664d5d51cb18d52bc63635

Change-Id: I69c0869067e8f815c0f41930248b1c0e2c7f6358
CR-Id: ALPS04690934
Feature: BT AOSP
(cherry picked from commit e7396905545c154bc2ff6e76b4fa117ddbca0bb9)
 2020-01-18 10:19:50 +08:00
hao.wang
36fcc17d60 [ALPS04760753] add hal mms sepolicy 
Add merged_hal_service plolicy

MTK-Commit-Id: b098be0f7ff7c5f3755b9f7dfbf07dd17cf5eb65

Change-Id: I064377cb7628c703563fe2b3acc5e8718c0bd458
CR-Id: ALPS04760753
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:19:49 +08:00
Denis Hsu
4aa82d78c9 [ALPS04761184] Remove high risk policy for nvram 
Remove high risk policy for nvram.

MTK-Commit-Id: 6b89d790d606c06b3c48ef2711ad4e1f3b3132de

Change-Id: Iae4a7b021816f771d77b3f58f150de03863dfb9f
CR-Id: ALPS04761184
Feature: NVRAM Partition
 2020-01-18 10:19:49 +08:00
Cosmo Sung
979dff06fc [ALPS04761137] SeLinux permission 
Add rild socket type.

MTK-Commit-Id: d6850afb4aa38dbb3ec7e439b40a3379edf131a0

Change-Id: I3593adadabeffbe98bacdc27579f392073a40300
CR-Id: ALPS04761137
Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)
 2020-01-18 10:19:48 +08:00
Huaiming Li
b42ff07e97 [ALPS04719663] fix avc denied issue 
add aee_aedv allow to read proc_pl_lk file

MTK-Commit-Id: ffc098c939b46f9df94d41e901d3c0f9ab7a9169

Change-Id: Ib3dbfce32dd63afe83998d2c5dea977ab9dcc6c4
CR-Id: ALPS04719663
Feature: Android Exception Engine(AEE)
 2020-01-18 10:19:48 +08:00
Juju Sung
61d7044c46 [ALPS04767749] Selinux: Add new TE path 
[Detail]
New sepolicy path declared and also support
legacy android.

MTK-Commit-Id: 8982268bbef8f852c153428f1a5f83849953c7c2

Change-Id: Ic10f297a312ff2e89e44a0aa323ffa11bc78ff6e
CR-Id: ALPS04767749
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:19:48 +08:00
Nixy Hsu
2f89f8a47a [ALPS04754649] gz: add mtee trusty selinux perms 
fix sysfs permission for dumpstate under selinux.

MTK-Commit-Id: bca4ec3babf362b7f9d21b7c1ea8290f55d8d74c

Change-Id: I26cfbb4e959f0dbd89d46d6088284f36e6450c42
CR-Id: ALPS04754649
Feature: GenieZone
Signed-off-by: Nixy Hsu <nixy.hsu@mediatek.com>
 2020-01-18 10:19:30 +08:00
Yanjie Jiang
725c0b46e1 [ALPS04760260] ccci: delete rule not used 
Change sepolicy rule for security.

MTK-Commit-Id: 0fe0072748de8b9077117a9d4d67bebea46cf9ec

Change-Id: I85a2991ffa2928330989a53ad0597d403274ccce
CR-Id: ALPS04760260
Feature: Modem Interface Driver
Signed-off-by: Yanjie Jiang <yanjie.jiang@mediatek.com>
 2020-01-18 10:19:29 +08:00
Cosmo Sung
a49221caf7 [ALPS04763240] SeLinux permission 
Remove unused policies.

MTK-Commit-Id: fb08d7258914676e713d5a4522b8ecb3b35d56d9

Change-Id: I1be805ef301abfefc1723be2ebd97153ddba1d23
CR-Id: ALPS04763240
Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)
 2020-01-18 10:19:29 +08:00
Hao Dong
0ae7f56165 [ALPS04765260] BT open fail 
[Description]
Sepolicy modification for BT Driver setprop

MTK-Commit-Id: fa7f679e819436f0a49387411103ce866734dc2f

Change-Id: I4b4edf6d45333d1ed4cb5a4fee17697dbae87acc
Signed-off-by: Hao Dong <hao.dong@mediatek.com>
CR-Id: ALPS04765260
Feature: BT AOSP
 2020-01-18 10:19:25 +08:00
mtk10721
24cdf7e61e [ALPS04758146] fix selinux 
[Detail] ioctl is not allowed

[Solution] Fix it

MTK-Commit-Id: 92a8921309a104dab501f57264e8939a57df0c30

Change-Id: I670513bdc93979217ea068b0aca61e1bda11364f
CR-Id: ALPS04758146
Feature: [Android Default] Camera Application Basic Functions
 2020-01-18 10:19:25 +08:00
Caroline Yang
61181c335d [ALPS04763248] Remove unused sepolicies 
[Detail]
Remove unused sepolicies of thermalindicator.

MTK-Commit-Id: 3a0b1cc66e7e651ee0f0307654389e25c4e721d9

Change-Id: I535e42ae60b0170f621452aca19419283a7fa3fe
CR-Id: ALPS04763248
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:19:24 +08:00
Leo Hsieh
a61938f39c [ALPS04740849] Add sepolicy for 3-apk 
Add sepolicy ro.vendor.mtk_nn.option for 3-apk.

MTK-Commit-Id: fab2092fdc76055e29ff31c900da0bee29f7ac5e

Change-Id: I0b44a239fb76f3cde51fa0e992023fbf34e4a57f
CR-Id: ALPS04740849
Feature: NeuroPilot
 2020-01-18 10:19:23 +08:00
zhuoliang zhang
35c1be8aab [ALPS04760322] high risk sepolicies of dhcp 
delete the legacy selinux file :dhcp.te

MTK-Commit-Id: b963a9f2c64ece1174cd78d6602cd7ddc768e347

Change-Id: I8a2a10f3c1f2626836abc3b514c97df43a1795de
CR-Id: ALPS04760322
Feature: [Module]IP Networking
 2020-01-18 10:19:23 +08:00
hongxu.zhao
f57f7914f3 [ALPS04761129] sensor: high risk sepolicy of mtk_hal_sensors 
give /sys/class/sensor folder perms for mtk_hal_sensors

MTK-Commit-Id: 7d2c08aad389eb68e423d9fa75d5c4f0d514577c

Change-Id: I63c5300a31b523de5d4c22ac53e5e03ba8cdd048
CR-Id: ALPS04761129
Feature: Sensor Hub
 2020-01-18 10:19:22 +08:00
Shanshan Guo
f4c7151104 [ALPS04760380] SEPolicy: remove unused sepolicies of libudf.so 
[Detail]
libudf.so has been place in both system and vendor,
so dont need these sepolicies anymore.

[Solution]
Remove unused sepolicies of libudf.so

MTK-Commit-Id: 8e79905072cf0855c1c50c679681fd33b936b54f

Change-Id: I051c61e5be725dab8b3375adc6f52882556cc3c1
CR-Id: ALPS04760380
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:19:19 +08:00
Eric Chung
7876720527 [ALPS04735709] GPU: Add selinux policy to enable GED new ioctl 
[Detail]
New GED ioctl: GED_BRIDGE_IO_HINT_FORCE_MDP

MTK-Commit-Id: 49b81814f6f14ea55b6dcff2780726a71533f9ae

Change-Id: I9c2d10c8e10f67c0618b7daee7d980a783fa86bf
CR-Id: ALPS04735709
Feature: Vulkan
 2020-01-18 10:19:15 +08:00
Jimmy Lai
bf88392bfa [ALPS04740488] SVP IT 
1. Add tag for vcodec internal log file

MTK-Commit-Id: 2b4abdfbddc7095bf9a0a721c650917bc8bbddd6

Change-Id: I72d45bed4a61f5234ae0b82b7c4958bfe1da5ad2
CR-Id: ALPS04740488
Feature: Secure Video Path (SVP)
 2020-01-18 10:19:15 +08:00
Juan Rong
03a9cc799a [ALPS04753766] [EM]AAL: set property 
Allow EM set AAL property

MTK-Commit-Id: 7395aeb88595801b47a52b473d102d672181a58d

Change-Id: Iea2bd4fc8d761a1103277352c1c90b0ed1da98b6
CR-Id: ALPS04753766
Feature: Engineering Mode
 2020-01-18 10:19:15 +08:00
Chris-YC Chen
6af540cfae [ALPS04723991] mmservice 1.3 
1. update mmservice to 1.3
2. PQ func sup in MMS by FD

MTK-Commit-Id: 667fe3cc027eb10d8f637b53ed95191f0775fdc0

Change-Id: I2519b020e10af3036ad30c59d7761cf741417456
CR-Id: ALPS04723991
Feature: [Module]MDP Driver
 2020-01-18 10:19:11 +08:00
mtk11285
b913b95845 [ALPS04754945] aee: phase out unused selinux rules 
NE DB is created by /system/bin/aee_aed* on Q,
so remove selinux rules about /data/vendor/tombstones.

MTK-Commit-Id: f3b5da9438aa0fe4cc6e96bcafe0b253da475fee

Change-Id: I875ed2f4c62413e4b438b36945cda9ec7933f9b3
CR-Id: ALPS04754945
Feature: Android Exception Engine(AEE)
 2020-01-18 10:19:11 +08:00
Zhongchao Xia
489d71fd5e [ALPS04741328] MMS HIDL use lazy mode 
MMS HIDL use lazy mode if MTK_GMO_RAM_OPTIMIZE
is true.

MTK-Commit-Id: fd8a40b123a05c3b49eeec138c9326ead2cc5288

Change-Id: I23fd115254a9e74aa0068b8ecd36fd9ebcf1fad8
CR-Id: ALPS04741328
Feature: [Module]MDP Driver
(cherry picked from commit 25220c503042401944a96a1dba27df45058419d3)
 2020-01-18 10:19:10 +08:00
guozhen.tang
9da18d4d0b [ALPS04753953] gps sanity fail 
add permission for gps to read prop file

MTK-Commit-Id: 5876b325d9ddbe6a6a3c800f830432f64fd3a5b6

Change-Id: I2aad7aebe615a27b21aaef33aa94dfcc8bf4c429
CR-Id: ALPS04753953
Feature: A-Glonass
 2020-01-18 10:19:04 +08:00
hua.tian
482be9e9f2 [ALPS04746763] Remove unsafe rules 
Remove the rules to create folder under /data in own process.

MTK-Commit-Id: 7bda57233e721387cb85dc246253a66de9e1ee46

Change-Id: I904278893497cd1270840b7e2bd4d20e3bc9dde9
CR-Id: ALPS04746763
Feature: Mobile Log Tool
 2020-01-18 10:19:04 +08:00
Xiangsheng Hou
dc891f1bc7 [ALPS04747012] SEPolicy: label mtd in procfs 
[Solution]
label mtd in procfs

MTK-Commit-Id: f8ed85a97de48e92e6585070ce7ae467b62275ff

Change-Id: I928aad7c422194c5e1a59345dfbd888379550cb1
Signed-off-by: Xiangsheng Hou <xiangsheng.hou@mediatek.com>
CR-Id: ALPS04747012
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:19:03 +08:00
Hanks Chen
5ed9e36984 [ALPS04748405] add sepolicy for ion cache api 
[Detail]
add sepolicy for ion cache api

MTK-Commit-Id: 86e313906832c12901114ba414334902b8d99353

Change-Id: I64c867ab4a59c93b51c72e1d4ce362f039d6c26b
CR-Id: ALPS04748405
Feature: System Performance
Signed-off-by: Hanks Chen <hanks.chen@mediatek.com>
 2020-01-18 10:19:00 +08:00
Qilin Tan
980fcee399 [ALPS04745284] sepolicy: add BLKGETSIZE rule for bootdevice in MT6763 
In factory mode, It is failed that get size of sdcard in sdcard test.
Because the policy BLKGETSIZE is missed. Add the policy rule, the
test case will pass.

MTK-Commit-Id: 80a2d4ddd763ea35fb6c7fdf5dda40d158c1c95c

Change-Id: I88c685e98bb1439b0992d39285a715020a7c1ce3
CR-Id: ALPS04745284
Feature: Factory Mode
 2020-01-18 10:18:59 +08:00
Ian-Y Chen
b2327f2a22 [ALPS04328846] power: add block device permission 
[Detail]
1. Add sysfs_dm permission
2. Add sysfs_mmcblk permission

MTK-Commit-Id: c4e4b2e30f593f462d38978937c12a44f5d9f16f

Change-Id: I6d301787a9df8af54a5c66e8483cd51e6d0938ad
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:18:59 +08:00
Huaiming Li
6272c879bf [ALPS04719663] fix some avc denied issue 
update some sepolicy rules

MTK-Commit-Id: c1294d5ae7714677077e8d38c6c1624955816cdb

Change-Id: Id30499203b004677bf95b221195ef33749ec6a36
CR-Id: ALPS04719663
Feature: Android Exception Engine(AEE)
 2020-01-18 10:18:55 +08:00
hao.wang
81a6fb6c62 [ALPS04724423] Add Vcodec in mms sepolicy 
Add Vcodec device selinux permission.

MTK-Commit-Id: 8a70eea017980005696af3e55c1a716d49751e7e

Change-Id: Ia6924c9eb35ab0a2a4cc4a2f635507efcd811ba5
CR-Id: ALPS04724423
Feature: Camera Application
 2020-01-18 10:18:55 +08:00
jerry-sc.wu
d53957c10d [ALPS04525779] Thermal: modify permission for power hal 
[Detail]
Modify change thermal policy permission for power hal.
Fix gaming change thermal policy via power hal fail issue.

MTK-Commit-Id: 5e5b22a7b90aae3740ba34c1dfba5c975fb37ebf

Change-Id: Ia0a9f5e1afaaad7a4c8e620c42fac6f38bcdd220
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
CR-Id: ALPS04525779
Feature: Thermal Management
 2020-01-18 10:18:54 +08:00
Peter Wang
37d307c876 [ALPS04745028] dumpstate: add selinux policy 
add sda/sdb label sysfs_mmcblk for dumpstate

MTK-Commit-Id: 64c01c68f386bedd6413d9bc83eea1aaefca60be

Change-Id: I095d4ff29d37ef1104819a7f030011ac8d72aa75
CR-Id: ALPS04745028
Feature: UFS Booting
 2020-01-18 10:18:51 +08:00
Light Hsieh
63145bc394 [ALPS04688289] sepolicy: Add sepolicy rule for mke2fs 
Add sepolicy rule for mke2fs

MTK-Commit-Id: 979d9a74c16df6bac1dc47f7d40f0f6cb153c864

Change-Id: I774a962e4df4608921c8e29bec5019fcedfdfbd9
CR-Id: ALPS04688289
Feature: eMMC Boot Up
 2020-01-18 10:18:50 +08:00
yuru.zhu
4f38a2249a [ALPS04742139] Support save log to data partition 
[Solution] Add se-linux permission for delete & taglog

MTK-Commit-Id: e6e9a17da095f4f4e9d7c2c62eb5aa32b65a7bd9

Change-Id: I2c9d255ec0a8629dfb9f9b57cdc0ea8a25c8d852
CR-Id: ALPS04742139
Feature: MTKLogger
(cherry picked from commit a0eb93aae4b3fef928490e78dad057a1a315593a)
 2020-01-18 10:18:50 +08:00