NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
128 Commits 2 Branches 0 Tags
Commit Graph

120 Commits

Author SHA1 Message Date
mtk14717
dd229ac506 [ALPS03853366] Fix kisd sepolicy issue for android p[1/3] 
[Detail]
Move kisd from system to vendor and add keymanage hidl
[Solution]
Modify related sepolicy in device/mediatek/sepolicy/basic

MTK-Commit-Id: c1826ac0bdcc18a4e6d3298e73514801a35a09ad

Change-Id: Iee4b65ba5addc5a21de53e76d3bb092e2f37ab01
CR-Id: ALPS03853366
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:45:51 +08:00
Roger Chang
f28d86070e Merge "[ALPS03859804] Remove wide_dhcpv6_data_file" into alps-trunk-p0.basic 
Change-Id: Idd38455f0310fc3bec21936e111214eb9d867ece
MTK-Commit-Id: 277df8d30a5eac6da3fa06a5c7d285ed56779122
 2020-01-18 09:43:54 +08:00
Jungo Lin
4fbf2c5f2c [ALPS03859804] Remove wide_dhcpv6_data_file 
Remove dhcpv6 selinux policy rules since it is unused.

MTK-Commit-Id: b9f566aa5b211b09ef163185b743b324fc06e2bb

Change-Id: Id9cdd914076655514bc7486bf80f0664f1002e82
CR-Id: ALPS03859804
Feature: [Module]IP Networking
 2020-01-18 09:43:46 +08:00
Joen Chen (陳建豪)
71e08e3ea3 Merge "[ALPS03869840] Modify for SELinux violation" into alps-trunk-p0.basic 
Change-Id: I1111f5d3f674e14ece4dc77587dd6072d6fe9d90
MTK-Commit-Id: c8fe918b45da1ec529a1d0a449549946efdb13b3
 2020-01-18 09:43:44 +08:00
mtk14318
02365e1543 [ALPS03869840] Modify for SELinux violation 
[Detail]
Because p has new SELinux policy,
we need to fix the violation part.

[Solution]
Mark the violation part.

MTK-Commit-Id: 9935b37d96538a2696ac34e0ef8e0f4c480d3167

Change-Id: Ia0fac8c2b94d2acfc29dec20dd29dca85f9f9cf0
CR-Id: ALPS03869840
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 09:43:36 +08:00
Jason Su
7798a42df8 Merge "[ALPS03866779] Remove acess agpsd file permission" into alps-trunk-p0.basic 
Change-Id: I55a8fdf3fca407ba1e49b8080c1a9831b7839180
MTK-Commit-Id: 35a8a02603f3f644a2262c1a5595f2619b15babf
 2020-01-18 09:43:25 +08:00
Jason Su
57afdb0683 [ALPS03866779] Remove acess agpsd file permission 
[Detail]
Remove acess agpsd file permission.

MTK-Commit-Id: 67838f3fc62978273c79451b52cd64c9699652d0

Change-Id: Ia322f984e6fbc5484f45714eca064cbe36187a98
CR-Id: ALPS03866779
Feature: Location AOSP
 2020-01-18 09:43:23 +08:00
Jimmy-YJ Huang
20ba53ed6e Merge "[ALPS03737981] power: hal version upgrade." into alps-trunk-p0.basic 
Change-Id: I03191566bcfb14b50215ec745319c1123da6f368
MTK-Commit-Id: 77336a30ebe4d5546ff4fc862d0d9c752d6913b5
 2020-01-18 09:43:18 +08:00
Jimmy-YJ.Huang
4484f0511a [ALPS03737981] power: hal version upgrade. 
[Detail]
hal version upgrade from V1.1 to V2.0

MTK-Commit-Id: 0a7d23e9f8fa3f982b4029292021e91176d66bf0

Change-Id: Ia51920ab3def49ff88d3c483d64cdcd730b8fdd7
CR-Id: ALPS03737981
Feature: System Performance
 2020-01-18 09:43:07 +08:00
Allen Chu
50e62148a7 [ALPS03804621] [P migration] Add property permission 
[Detail]
Add "vendor_radio_prop" permission at te file.

MTK-Commit-Id: 4ac56594f5c0082f4560d9492feb4f8e258b07ac

Change-Id: Ie29850e01334be41d29ce3de3c359937da153641
CR-Id: ALPS03804621
Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)
 2020-01-18 09:43:02 +08:00
Chaoran Zhang
7b58e8932c Merge "[ALPS03872369] Rename GPS property to "vendor.xx"" into alps-trunk-p0.basic 
Change-Id: Ia62afdd9d0699208bd068a273a80ff427e71915b
MTK-Commit-Id: 7a3c0fac846f16fc84f2949f8307498a2464f9c3
 2020-01-18 09:42:59 +08:00
Chaoran Zhang
5f2560e086 [ALPS03872369] Rename GPS property to "vendor.xx" 
[Detail]
Rename GPS property to "vendor.xx"
[Solution]
Rename GPS property to "vendor.xx"

MTK-Commit-Id: ec44a72c9d682320199fd5d8b6e3275a8e038c6d

Change-Id: Iad18e35b9fae08ab3ac3daa300119d8b91e53786
CR-Id: ALPS03872369
Feature: Location Chipset Capability
 2020-01-18 09:42:47 +08:00
Josh Hsiao (蕭志遠)
d3a136efe9 Merge "[ALPS03867358] Thermal: P Migration" into alps-trunk-p0.basic 
Change-Id: Ia46712fc787f25fdb236af35b6a93b4d83b9ea50
MTK-Commit-Id: a768fea87cd4070ad92fdb58cea580660dc75e0b
 2020-01-18 09:42:45 +08:00
jerry-sc.wu
cbd89e878c [ALPS03867358] Thermal: P Migration 
[Detail]
In Android P, the main restriction is system and vendor cant
communicate with on-desk files.

[Solution]
1.Move thermal setting file to vendor.
2.Remove selinux violation policy.
3.Add thermal manager access vendor data file policy.

MTK-Commit-Id: e579309fd163aa58f632784ce9d594d09e673096

Change-Id: Ibdec1e275eccfbbbd697c413e70a57705e643817
CR-Id: ALPS03867358
Feature: Thermal Management
Signed-off-by: jerry-sc.wu <jerry-sc.wu@mediatek.com>
 2020-01-18 09:42:39 +08:00
Juju Sung
a37957a5f2 Merge "[ALPS03897468] kernel: remove sepolicy which violate neverallow rule" into alps-trunk-p0.basic 
Change-Id: Ic4c01efe0035577d1866b3d11c8a28127777aac5
MTK-Commit-Id: f16d29fba92f0ead81e812c7d67a942c7ecf4e08
 2020-01-18 09:42:32 +08:00
Sam-KY Lin
3006c81521 [ALPS03897468] kernel: remove sepolicy which violate neverallow rule 
[Detail]
Google introduced new neverallow rule for restricting core_domain &
non-core_domain communication via data partition.
This patch removes MTK sepolicy rules which violate neverallow rule.

MTK-Commit-Id: 2f3ae1f106cdf28f00ee75638dd77fd8242f9746

Change-Id: If6c64eec4f3cf5760988e3c266da83d1d93e649f
CR-Id: ALPS03897468
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:42:23 +08:00
Hochi Huang
6bedf6da41 Merge "[ALPS03898061] SeLinux: remove violate setting" into alps-trunk-p0.basic 
Change-Id: I917226ded146015c4f2f4308021d0812e82dcf19
MTK-Commit-Id: 089255a87efab90aeefb3118217c3bda42cd30af
 2020-01-18 09:42:20 +08:00
chien-wei hsu
f1cabb065e [ALPS03898061] SeLinux: remove violate setting 
[Detail]
remove workaround of data between core and vendor violator
1. remove audioserver.te violated setting
violated by allow audioserver nvdata_file:dir
violated by allow audioserver nvram_data_file:dir
violated by allow audioserver thermal_manager_data_file:dir
violated by allow audioserver mtk_audiohal_data_file:dir
violated by allow audioserver thermal_manager_data_file:file
violated by allow audioserver nvram_data_file:file
violated by allow audioserver nvdata_file:file

2. remove mtk_hal_audio.te violated setting
violated by allow mtk_hal_audio system_data_file:dir
violated by allow mtk_hal_audio media_rw_data_file:dir
violated by allow mtk_hal_audio radio_data_file:dir
violated by allow mtk_hal_audio radio_data_file:file
violated by allow mtk_hal_audio system_data_file:lnk_file
violated by allow mtk_hal_audio system_data_file:file
violated by allow mtk_hal_audio media_rw_data_file:file

audiohal_data_file is defined as core_data_file_type
it cant use in vendor partition. temporarily remove it.

MTK-Commit-Id: c0453cc6ede361322deb8f138055accc473511b8

Change-Id: I15649ad3351f1a7ee29956668862aad05efc0778
CR-Id: ALPS03898061
Feature: Phone Sound
 2020-01-18 09:42:13 +08:00
Gang Wei
bc6d87511e Merge "[ALPS03888283] [P Migration]Property Rename" into alps-trunk-p0.basic 
Change-Id: I31c2347d1a71a7143d4a09d940fed7326f88a3ff
MTK-Commit-Id: e4216535b2264566474d3a79f2ff6b20e46d46b9
 2020-01-18 09:42:05 +08:00
Dian Wang
e8b0ff9895 [ALPS03888283] [P Migration]Property Rename 
[Detail] Property rename in sepolicy

[Solution]
According P property rule

MTK-Commit-Id: dccca517eb8386e9e509da7461dddd82e3cbb06d

Change-Id: I9b38830f8792d40c954f251656d5623bb6c731c6
CR-Id: ALPS03888283
Feature: SP META Tool
 2020-01-18 09:42:02 +08:00
Chang-An Chen
dae8e38414 Merge "[ALPS03892700] partition: move mtk mount point to /mnt/vendor" into alps-trunk-p0.basic 
Change-Id: I68e8369083ba3d6cad7a35ed0141a2765a1b161a
MTK-Commit-Id: c6307813909f1dff6c87a80debee2950c16efd90
 2020-01-18 09:41:55 +08:00
Chang-An Chen
48a77a4a2c [ALPS03892700] partition: move mtk mount point to /mnt/vendor 
[Detail]
Move MTK mount point to /mnt/vendor

MTK-Commit-Id: b82563f14020ab90a563ec3c9ce14e6c3bbe7531

Change-Id: I8699303125d48589baf0f2b768cf66b848da7357
CR-Id: ALPS03892700
Feature: eMMC Boot Up
 2020-01-18 09:41:46 +08:00
Larry Liang
98ff8e508f Merge "[ALPS03841705] add selinux on android P" into alps-trunk-p0.basic 
Change-Id: I74e00354a30a88f749810d37ba1e01b5aa4e1b14
MTK-Commit-Id: 6b57c8e64e1923ccaf4cd191bbd60455d4c4ca89
 2020-01-18 09:41:44 +08:00
mtk11285
f54afd92e5 [ALPS03841705] add selinux on android P 
[Detail] allow platform_app to read /data/vendor/mtklog/aee_exp

MTK-Commit-Id: a94d29a0e64fc3583032946481c6e61159477f49

Change-Id: Ieb6c79a4f5668aff6dbc8c271da2ed88327f1cd9
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:41:34 +08:00
Lili Lin
87b1d46893 [ALPS03881723] Workaround build error 
[Detail] vendor binary cannot set debug_prop
after enabling PRODUCT_COMPATIBLE_PROPERTY_OVERRIDE

[Solution] Mark it

MTK-Commit-Id: ab4a34b8a5afdef574ac2f42464925832328d48b

CR-Id: ALPS03881723
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
Change-Id: I9bed16503eb2d1e3f31f1225d58c99b42ca61940
 2020-01-18 09:41:26 +08:00
Dom Lin
f0be2264f5 Merge "[ALPS03894499] Modify SELinux policy" into alps-trunk-p0.basic 
Change-Id: I3dfd8d985ec7e86a3cace143296434e7ef97e16a
MTK-Commit-Id: 9c6815b0936f900f579a85947be0674836f1aefb
 2020-01-18 09:41:25 +08:00
ILEX Lin
85b71fe67d [ALPS03894499] Modify SELinux policy 
[Detail]
Remove "allow radio debugfs_tracing:file write"

MTK-Commit-Id: 793d7934f1412512906eaba15bf7c86357a350bc

Change-Id: I02065c831a4dfb0bb26a267469f8a48b2562ed2e
CR-Id: ALPS03894499
Feature: NFC Chipset Capability
 2020-01-18 09:41:15 +08:00
Eddie Hung (洪正鑫)
4149e289a1 Merge "[ALPS02941470] SELinux poilcy porting" into alps-trunk-p0.basic 
Change-Id: Idbbcfbd34c469a31675a644cb73aad348e2697c6
MTK-Commit-Id: 773b815da5eaa505b8f7aa2bf39f87caaedb67c3
 2020-01-18 09:40:54 +08:00
chihhao.chen
a9b55cd784 [ALPS02941470] SELinux poilcy porting 
[Detail]
Remove redundant rules

MTK-Commit-Id: 9da4c1f0093221b9aa09893dcd6eaaf42c05cb9a

Change-Id: I6ad20f128418bd729c0ecbd2bd5cf9e80b211aa0
CR-Id: ALPS02941470
Feature: [Android Default] ADB (Android Debug Bridge)
 2020-01-18 09:40:49 +08:00
Larry Liang
2e97184a4b Merge "[ALPS03841705] modify aee_core_forwarder selinux rule" into alps-trunk-p0.basic 
Change-Id: I4bad1d381c0ec3b1e76f1bc7a5ae7ae68ad8add9
MTK-Commit-Id: b01515bb610c7a0c60117c97d4f98b5c9f882071
 2020-01-18 09:40:46 +08:00
mtk11285
07c11d89ba [ALPS03841705] modify aee_core_forwarder selinux rule 
[Detail]
transfer aee_core_forwarder form /vendor/bin to /system/bin,
so modify aee_core_forwarder selinux rule.

[Solution]

MTK-Commit-Id: 5a583b375a0d33032e8004e1818f05c75363e4f5

Change-Id: I9ff1d0b5d521ce2f09780146f6b75c5378d03d4d
CR-Id: ALPS03841705
Feature: Android Exception Engine(AEE)
 2020-01-18 09:40:34 +08:00
Denis Hsu
636a543a21 Merge "[ALPS03891225] Modify vold related policy" into alps-trunk-p0.basic 
Change-Id: I80bcd27ca3f7cb2ef2ad0aa1521ff6b7c09fc42b
MTK-Commit-Id: 0b44547d98de2938b70ae9dcdfb1ba4595d1561c
 2020-01-18 09:40:23 +08:00
Denis Hsu
977ad3f552 [ALPS03891225] Modify vold related policy 
[Detail]
1. remove md_ctrl.te because we dont use md_ctrl in P.
2. remove debugfs_tracing policy
3. remove nvdata, protect_f, protect_s policy

MTK-Commit-Id: d4e5c9893970f0b214b518cba5f9300f130eace9

Change-Id: Iaafc30124fd69ef2b989b9e4e51d71a37d9571e9
CR-Id: ALPS03891225
Feature: Multi-Storage
 2020-01-18 09:40:17 +08:00
Henry Huang (黃健智)
4991b689c6 Merge "[ALPS03841839] nvram init property rename" into alps-trunk-p0.basic 
Change-Id: I05c4129f1579d908a416fa97bb3650d01b2de842
MTK-Commit-Id: 107e79ea03725db288290347d30cdcfd8e354a18
 2020-01-18 09:40:15 +08:00
henry huang
77e5a274ef [ALPS03841839] nvram init property rename 
[Detail]nvram init property rename for Android P

[Solution]as detail

MTK-Commit-Id: 65ecb62d61060ac65847faf0706c752523ed3610

Change-Id: I8fd4a5a64681a92d0346dabab4d30821a232581b
CR-Id: ALPS03841839
Feature: NVRAM Partition
 2020-01-18 09:40:06 +08:00
Peng QI
a2739588f2 Merge "[ALPS03893095] Selinux: MTK BT HAL" into alps-trunk-p0.basic 
Change-Id: If66b0db98642b59fca39ad6f579e2a4f3e2f3c91
MTK-Commit-Id: f0220d29d1a6d04933839f97a09e94143d958097
 2020-01-18 09:40:01 +08:00
Peng Qi
9e04bd90cc [ALPS03893095] Selinux: MTK BT HAL 
[Detail]
AOSP has defined neverallow rules
to restrict direct access to system files.

[Solution]
Since MTK does not use "/data/misc/bluedroid/" to
store BT address. It should be alright to remove
this kind of thing.

MTK-Commit-Id: 5b3aae9aebd39c24a3846c27c7ca9fceda9513d3

Change-Id: I5a8420e9f5259259b2bd11a6da033a140f0bea7c
CR-Id: ALPS03893095
Feature: BT Chipset Capability
 2020-01-18 09:39:50 +08:00
Weilun Liu (劉維倫)
2f7073ef01 Merge "[ALPS03804621] [P migration] Add property context" into alps-trunk-p0.basic 
Change-Id: If1821c0dfac7705f4d3c93c29b2d00cc1d35e450
MTK-Commit-Id: 1c7ed862646c368963c9108545c206723ba7f3ae
 2020-01-18 09:39:42 +08:00
Allen Chu
64d6f4722e [ALPS03804621] [P migration] Add property context 
[Detail]
Add the following prefix property to vendor_radio_prop:
vendor.ril.
ro.vendor.ril.
vendor.gsm.
persist.vendor.radio

And declare permission at te file.

MTK-Commit-Id: 2754547c48d8cb78008c8b59e01d43e8d242813a

Change-Id: I593d7d1cdaf0caa5a92c65d0f7b03591cc8cbac8
CR-Id: ALPS03804621
Feature: DSDS (Dual SIM Dual Standby) Framework-Common Framework(RIL)
 2020-01-18 09:39:37 +08:00
Browse Zhang
8b54882c09 Merge "[ALPS03503758] P migration selinux build failed fix" into alps-trunk-p0.basic 
Change-Id: I502b4726ed1f2aace4cff7dd346513112ed128d8
MTK-Commit-Id: 2e94fc1b0084a36d8badb3a447d21c613ef2c949
 2020-01-18 09:39:32 +08:00
Browse Zhang
9416039241 [ALPS03503758] P migration selinux build failed fix 
Remove data_between_core_and_vendor_violators.

MTK-Commit-Id: c23b6831f425df0b4bb60486dbd7c92b048d3159

Change-Id: I8e9f64a19852fa72076e813cb529c94dc50248ae
CR-Id: ALPS03503758
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:39:27 +08:00
Timo Liao
197ea4ad2a [ALPS03890927] battery: fix sepolicy violation 
[Detail]
1. fix data between core and vendor violator
2. remove fuelgauged_static.te
3. remove fg daemon access nvram sepolicy
4. add label for battery

MTK-Commit-Id: 1443b78b112739594e0633526c6966e4871bd125

Change-Id: I931a18bfb8ac963e71311ceace8a28b4a495e881
Signed-off-by: Timo Liao <timo.liao@mediatek.com>
CR-Id: ALPS03890927
Feature: Fuel Gauge
 2020-01-18 09:39:17 +08:00
Browse Zhang
db6998fe2a [ALPS03503758] Revert "[ALPS03503758]P migration selinux build failed fix" 
This reverts commit c2f372432b08f78b8e5b9f7cc08b1b436bfe7161.

MTK-Commit-Id: 95e449825c77815d477a926f0244165934aef748

Change-Id: Ic2c4ee2de46803679c01b0bc83bbef3f9d585b32
CR-Id: ALPS03503758
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:39:10 +08:00
Browse Zhang
340e51e71c [ALPS03503758] P migration selinux build failed fix 
For /proc/uid_procstat/set from UsageStatsService

MTK-Commit-Id: c2f372432b08f78b8e5b9f7cc08b1b436bfe7161

Change-Id: I45b7bbfbd2c0ab7e098983d40722e4274e8e783a
CR-Id: ALPS03503758
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:39:04 +08:00
Bo Ye (叶波)
a0c381a5c3 Merge "[ALPS03825066] Resolve build error" into alps-trunk-p0.basic 
Change-Id: I1ce2ce669828181b405fe640eda280592732d776
MTK-Commit-Id: b077564d3665292ca9d6cb3e9278450e5d46736e
 2020-01-18 09:38:56 +08:00
mtk12101
c7ac9f171a [ALPS03825066] Resolve build error 
[Detail]
1.Google add new neverallow rule for untrusted apps
2.The file/dir in /proc must associate with proc_type

[Solution]
1.Remove rules which violate google neverallow rules
about untrusted apps
2.Add proc_type attribute for file/dir on /proc

MTK-Commit-Id: b94412725e3a7b18db9573056c2fb43367989ed5

Change-Id: I89de16a65f05d052969c794604b9c372ed1ce7e1
CR-Id: ALPS03825066
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 09:38:47 +08:00
Yuhui Zhang
931dce4dc1 Merge "[ALPS03830074] EM telephony property selinux" into alps-trunk-p0.basic 
Change-Id: I9051921cd06c7ca689de719fdf8b6962b7eb8607
MTK-Commit-Id: 9013bc0156f6b26a4859067a9a1ea46299fd0f9f
 2020-01-18 09:38:41 +08:00
dengwei.xu
05776353bd [ALPS03830074] EM telephony property selinux 
[Detail]
The Basic EM selinux modify

MTK-Commit-Id: 6b4156244ced418aa502dc771ae63d47015c4e66

Change-Id: I01f8927774f3fac7a477a510d4a7d2c265e01f4a
CR-Id: ALPS03830074
Feature: Engineering Mode
 2020-01-18 09:38:35 +08:00
Archilis Wang
2cd382c5d0 Merge "[ALPS03885737] Correct agps sepolicy" into alps-trunk-p0.basic 
Change-Id: I230be47b417acda0389d0f6bd62c426c8eebe125
MTK-Commit-Id: 7bedf66ca5fe633252754247a93a73d551e6985b
 2020-01-18 09:38:28 +08:00
Archilis Wang
9afa8ed220 [ALPS03885737] Correct agps sepolicy 
Adjust the policy for sdcard

MTK-Commit-Id: 40655afcc8e97b13642f5164987134d506579680

Change-Id: I338ea9b4b6b452b3e59230e692a7ff1850a63c6d
CR-Id: ALPS03885737
Feature: A-GPS
 2020-01-18 09:38:17 +08:00