NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
756 Commits 2 Branches 0 Tags
Commit Graph

721 Commits

Author SHA1 Message Date
Ian-Y Chen
f6646fd2a6 [ALPS04328846] power: add system server permission 
[Detail]
1. Add system server permission for power_hal_mgr_service
2. Remove su permission
3. Use macro to set permission

MTK-Commit-Id: 465f6b986296ecd46404c4cfd497bfd80c0a1842

Change-Id: I65041fd264cae53b850e013f12679c84c3b9eb36
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:12:13 +08:00
Shanshan Guo
203b3d02de [ALPS04428389] SEPlolicy: for app to access ged by ioctlcmd 
[Detail]
For Andorid Q, there is a more stringent restriction for ioctl,
app need some permissions to access proc_ged by ioctlcmd.

[Solution]
Group existing sepolicies for different types app to access
proc_ged by ioctlcmd together in appdomain.

MTK-Commit-Id: e9ba9a00dbbc063388c8120048a72fd8f7ce497c

Change-Id: I24a4671259a68a0fda756d37c16b7e61801e6cc8
CR-Id: ALPS04428389
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:12:00 +08:00
Ning Cui
be375a5c38 Merge "[ALPS04423573] Led: add sepolicy for lazy hal" into alps-trunk-q0.basic 
Change-Id: I3240f308da6632df550a32b5607e89bf72315acb
MTK-Commit-Id: 78f8b67b3716c647d416b4e384656237f824d7c7
 2020-01-18 10:11:59 +08:00
mtk14723
d28ce5e220 [ALPS04423573] Led: add sepolicy for lazy hal 
[Detail]
Add selinux for lazy hidl, to make lazy hidl service can be started

MTK-Commit-Id: d2bbc3f95ab7f2d7dfafe932515053226747ea78

Change-Id: Id6fd21bf7794dbc42454202b081113a9c040722c
CR-Id: ALPS04423573
Feature: [Android Default] Backlight
 2020-01-18 10:11:57 +08:00
Ning Cui
735845c0fc Merge "[ALPS04411237] Vibrator: add sepolicy lazy hidl" into alps-trunk-q0.basic 
Change-Id: I5524e06ee343d2e1d87d300722d622c5382a8f63
MTK-Commit-Id: 288239634030deafcfe540670e6fc420dea7a6be
 2020-01-18 10:11:56 +08:00
mtk14723
5ae2f3b4d1 [ALPS04411237] Vibrator: add sepolicy lazy hidl 
[Detail]
add selinux for lazy hidl, to make lazy hidl service can be started

MTK-Commit-Id: 68eae2f272d3cee8db8377cb298e2227bf21c6fd

Change-Id: Ic1c4ce80ed2574093bdd42f1061aca66596f3dca
CR-Id: ALPS04411237
Feature: [Module]Vibrator
 2020-01-18 10:11:54 +08:00
mtk07742
bc8a258620 [ALPS04424750] SEPolicy:add perm for system_server 
For Android Q, there is a more stringent restriction for ioctl,
system_server need some permissoin to access proc_ged by ioctlcmd
in MTBF.

MTK-Commit-Id: f4a14dea0b118232234da13c860c66e1b31b3c5d

Change-Id: Idd1b3376f8980273f5e91985d91729c1ab50dd59
CR-Id: ALPS04424750
Feature: [Module]SystemServer
 2020-01-18 10:11:50 +08:00
Larry Liang
a0555034dc Merge "[ALPS04424749] add aee_aedv allow rule" into alps-trunk-q0.basic 
Change-Id: Iae7a214cb298ac05e17cd0cef897f0d89cf017f2
MTK-Commit-Id: 4a6e3b3d334bd65f0cf4c4c1dd91eb9b962071f7
 2020-01-18 10:11:49 +08:00
Huaiming Li
1bc79d92c7 [ALPS04424749] add aee_aedv allow rule 
add aee_aedv allow rule to map hwservicemanager_prop file in MTBF

MTK-Commit-Id: cedf4801cb6014d22b030b4b56740e2f04a20302

Change-Id: I8b701883eba743bfc6bc311526ab974a91a9803b
CR-Id: ALPS04424749
Feature: Android Exception Engine(AEE)
 2020-01-18 10:11:48 +08:00
mtk14723
ce2ae4de97 [ALPS04414154] Backlight: set factory as an client of hal_light 
[Detail]
Set factory as an client of hal_light,
so that factory can access hal_light service

MTK-Commit-Id: aa59bfbc9d04a2ede701ff67e6ae587f6e5c4394

Change-Id: I86ddb045d73175f10ee57061150a387394009967
CR-Id: ALPS04414154
Feature: Factory Mode
 2020-01-18 10:11:47 +08:00
Jamy Tseng
e36513694d Merge "[ALPS04421353] MtkCam: modify sepolicy for jpeg" into alps-trunk-q0.basic 
Change-Id: I2b2e3b23760f93ef27ca627e16a874d38b6ae9eb
MTK-Commit-Id: e36f1561a6d79042b0cada9acc6c66d9e0aa40ac
 2020-01-18 10:11:46 +08:00
gang.wei
30e74341f8 [ALPS04383447] ATM support 
[Detail] add permission for ATM feature.

MTK-Commit-Id: d087a9725316afb22da601262442c6a897e82922

Change-Id: I2432069bb99588e39c12a5775ce49959e3a45e95
CR-Id: ALPS04383447
Feature: SP META Tool
 2020-01-18 10:11:46 +08:00
jamy.tseng
142bfb6b36 [ALPS04421353] MtkCam: modify sepolicy for jpeg 
[Detail]
add ioctl for camerahalserver jpegnode
jpegnode need to control jpeg io

MTK-Commit-Id: c1adc06defb2aab6e9402f45c0f2b92bcfa83a5e

Change-Id: Ie8f65b38133fc46b3a46e3ed04b42d6f09ad13cc
CR-Id: ALPS04421353
Feature: Cshot (Continuous Shot)
 2020-01-18 10:11:44 +08:00
Shiuan Huang
a0f777e564 [ALPS04167940] PQ : Add sepolicy for libscltm and libhdrvideo 
[Detail]
More strictly selinux policy that system process cannot access vendor
partition,
unless label the specific vendor lib to same_process_hal_file

[Solution]
Add same-process HAL files and their dependencies

MTK-Commit-Id: 565e78ca92a83f2aaf44bc599b91f9cb61a5bec5

Change-Id: Id5450d9ae3467b9aae8be20d3d1934e3e1f8a375
CR-Id: ALPS04167940
Feature: MiraVision
(cherry picked from commit c62b2f1b4d75034ce130d909a574aa8d6879b345)
 2020-01-18 10:11:43 +08:00
GW Chen
990a78584a Merge "[ALPS04383692] GPU: gpu hidl ioctl permission" into alps-trunk-q0.basic 
Change-Id: I371680559e57520a098cba4e3760bd9ff20c85bc
MTK-Commit-Id: 20d27a464529c092fe3d4e9ed90cbab5ae8dbc85
 2020-01-18 10:11:43 +08:00
GuanWen Chen
6775f03fcb [ALPS04383692] GPU: gpu hidl ioctl permission 
[Detail]
Add gpu hidl ioctl permission

MTK-Commit-Id: 0a22c8a73634941e3559a82396c587d41a68e1c2

Change-Id: I0dfbc9c69689a3906e5c84fd0991333aff79c0c7
CR-Id: ALPS04383692
Feature: OpenGL|ES
 2020-01-18 10:11:41 +08:00
Chang-An Chen
a805926cb2 Merge "[ALPS04401328] ota update: fix selinux permission for AB update with dynamic partition" into alps-trunk-q0.basic 
Change-Id: I3c9b01edb02113777792a9810ac80d898a73220f
MTK-Commit-Id: 0f4eecb18e01ddab215d735d8e79f31713f77162
 2020-01-18 10:11:39 +08:00
Freddy Hsin
379d6e6659 [ALPS04401328] ota update: fix selinux permission for AB update with dynamic partition 
fix selinux permission for AB update with dynamic partition

MTK-Commit-Id: c2d57620806b07535ab52f11924d25561d8758f8

Change-Id: I8d2dfae862ace8f7b82d4b7cd543291886b19078
Signed-off-by: Freddy Hsin <freddy.hsin@mediatek.com>
CR-Id: ALPS04401328
Feature: [Android Default] SIU (SD Image Update)
 2020-01-18 10:11:37 +08:00
Shanshan Guo
2f13573484 Merge "[ALPS04421363] add untrusted app selinux policy" into alps-trunk-q0.basic 
Change-Id: Ic22f02f1ca17eb62435109d5fa0a1189de4a387f
MTK-Commit-Id: 6593cb2c3566aa654ebf9841b015e9a65aba9280
 2020-01-18 10:11:30 +08:00
Eve
47c1e6591c [ALPS04421363] add untrusted app selinux policy 
add selinux policy for app so that the video will not be green

MTK-Commit-Id: 10d2bab36c7cb7ecfda381975ff33621b7a03f5d

Change-Id: I76cd1036b1819c05f78ba1177ff201bc8dfab9bd
CR-Id: ALPS04421363
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
 2020-01-18 10:11:29 +08:00
GW Chen
3c4854c9f5 Merge "[ALPS04383692] GPU: GPU HIDL" into alps-trunk-q0.basic 
Change-Id: I93d8b6a0f28f49c517f54df90b7cf0b2a44a8265
MTK-Commit-Id: eaa711f5f9142e1901062874bb3d23447f1d01f0
 2020-01-18 10:11:27 +08:00
GuanWen Chen
01ae15f287 [ALPS04383692] GPU: GPU HIDL 
[Detail]
Add sepolicy for gpu hidl

MTK-Commit-Id: c603f9f321c0f50cf21227787ccc3c35e50e55d2

Change-Id: I7a0ed82e546391a509687ef1b4cf5927cfbefe46
CR-Id: ALPS04383692
Feature: OpenGL|ES
 2020-01-18 10:11:25 +08:00
Sokonisa Wei
211b424c1e Merge "[ALPS04419954] sync code from android p" into alps-trunk-q0.basic 
Change-Id: I39ab50fef0f43ce30d520809713e886a0fa88b43
MTK-Commit-Id: 2afafca07620f6de79a9311210f0ff33c8193c59
 2020-01-18 10:11:23 +08:00
HungWen Hsieh
2278c51caa [ALPS04419954] sync code from android p 
[Detail]
sync code from android p

MTK-Commit-Id: d0b19b83da618bab91caff90dbe9525f3f6a22a3

Change-Id: Ib664dbb0b8a1b69012fc81a2ad1bde770ccf478b
CR-Id:ALPS04419954
Feature:[Android Default] Camera Application Basic Functions
 2020-01-18 10:11:22 +08:00
Chang-An Chen
a9a3b6ecef Merge "[ALPS04388343] add selinux label for super partition" into alps-trunk-q0.basic 
Change-Id: I649efbc60f05a10c75b9b77df3ea02f6dc4cb5f3
MTK-Commit-Id: f48fa79698750ccb5823a1ad23f1ae52027ed316
 2020-01-18 10:11:20 +08:00
Chang-An Chen
f5a260cb8f [ALPS04388343] add selinux label for super partition 
Add selinux label for super partition

MTK-Commit-Id: b32e5dcbb09628fd0272c0752e434e5e081420c4

Change-Id: I90b05a2e6a46608d56c67726e6f752c9947c360a
CR-Id: ALPS04388343
Feature: [Module]Partition
 2020-01-18 10:11:18 +08:00
Larry Liang
6247cd3587 Merge changes I4981c061,Ifc1ca446 into alps-trunk-q0.basic 
* changes:
  [ALPS04383536] debugfs_tracing_debug allow rule
  [ALPS04383536] AEE: add some new rules

Change-Id: I2fc6397bbdecfa58abec7702838f461560082fb7
MTK-Commit-Id: 1c3d1f9a790848826c31aef5ccfc23c410d90686
 2020-01-18 10:11:17 +08:00
Huaiming Li
2cd4f92785 [ALPS04383536] debugfs_tracing_debug allow rule 
add debugfs_tracing_debug allow rule for aee_aedv

MTK-Commit-Id: b41cff1758cf4f62b8e177cb51f885056b476f17

Change-Id: I4981c061795d745628eae68f56b8697990f8005f
CR-Id: ALPS04383536
Feature: Android Exception Engine(AEE)
 2020-01-18 10:11:12 +08:00
Huaiming Li
6572ac2fa3 [ALPS04383536] AEE: add some new rules 
add some new rules for not exit files in basic/non_plat/,
allow dumpstate to open/read files

MTK-Commit-Id: 7d8021e582f9c10b7f9574f4fcdadee0be5d3c99

Change-Id: Ifc1ca446ce6cd40e36835acaf52ca5a12efedcdb
CR-Id: ALPS04383536
Feature: Android Exception Engine(AEE)
 2020-01-18 10:11:11 +08:00
Sharon Feng
059dc2118b Merge "[ALPS04416069] add sepolicy for streaming playback" into alps-trunk-q0.basic 
Change-Id: I5de579611c06d8a1af903a9959da04d2e04e5d23
MTK-Commit-Id: 7c7a4485cdc88e4d29a2f10818ff62cfcedd3353
 2020-01-18 10:11:10 +08:00
Jason Hsu
99aeb78cbb [ALPS04416069] add sepolicy for streaming playback 
[Detail] add ioctl sepolicy extension for
         mediaserver and platform_app

MTK-Commit-Id: 3991f29fab0fcb0f710c2f2ca0d0a902982b963a

Change-Id: I49a787c2451b2655a343a73e7f9cf678f1f0bdc1
CR-Id: ALPS04416069
Feature: [Module]Video Driver
 2020-01-18 10:11:09 +08:00
Chunhui Li (李春辉)
23e0248e63 Merge "[ALPS04325589] unlinker libdirect-coredump.so for mediaswcodec" into alps-trunk-q0.basic 
Change-Id: I99704ee06915b5f0f0b497a2a251e0a5406ed4cb
MTK-Commit-Id: 3dbed486470d1099f0d38c1479ed58f610ca39a2
 2020-01-18 10:11:07 +08:00
mtk11285
a96aab6d83 [ALPS04325589] unlinker libdirect-coredump.so for mediaswcodec 
disable AT_SECURE for mediaswcodec

MTK-Commit-Id: 1da6ba52d9df2792d72e999b2bdc591f7d79312f

Change-Id: Ie02830670e05346333edc0dcad972d675d497c1b
CR-Id: ALPS04325589
Feature: Android Exception Engine(AEE)
 2020-01-18 10:11:02 +08:00
Denis Hsu
50ed5a3026 [ALPS04348647] Implement lazy hidl for nvram 
Implement lazy hidl for nvram

MTK-Commit-Id: da2bab99d1bd0f9e68f97a24242828e47a79d3b5

Change-Id: Ie8723938223349b19a697d1f367327181eee5f6a
CR-Id: ALPS04348647
Feature: NVRAM Partition
 2020-01-18 10:11:01 +08:00
Huan Tang
46302b2c36 [ALPS04414221] msdc:add permission for sdcard 
add ioctl permission for sdcard in factory mode

MTK-Commit-Id: 79229bd04c17e617dc40b00fa178648fe37fec0b

Change-Id: I9641b36a26c79499a92aeee37ff3e72c0fe5e510
CR-Id: ALPS04414221
Feature: Factory Mode
 2020-01-18 10:11:01 +08:00
May Huang
e072982e03 Merge "[ALPS04328846] power: remove redundant setting" into alps-trunk-q0.basic 
Change-Id: Id57cb9d4b93289d57dff6be51c38a692435cd7d1
MTK-Commit-Id: ff09fea940bdd394fcd0281f64442d146ce66613
 2020-01-18 10:11:00 +08:00
May Huang
985baf3ef3 [ALPS04328846] power: remove redundant setting 
[Detail]
remove permission to access su, its redundant setting

MTK-Commit-Id: f217e0fd57190661d49f53eeddbc62f481127665

Change-Id: I9dad7652e5ef7e1c8a8343d495f17c478370055a
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
 2020-01-18 10:10:55 +08:00
ming-pei.hsu
92ab2e09f7 [ALPS04344579] Add set properties permission for vendor_init 
Give set telephony switching related properties for vendor_init.

MTK-Commit-Id: 7e9671dfc5abda29c5a76608d7746c8b2d6aee95

Change-Id: I371f37082ffd4685a6195185a4946b3390428f36
CR-Id: ALPS04344579
Feature: Telephony feature switch dynamically
 2020-01-18 10:10:54 +08:00
albert-zl.huang
11842c24f8 [ALPS04378873] suspend: allow ftm do block suspend 
Allow ftm do block suspend

MTK-Commit-Id: e77e031b2c9e1075e185dcdadedb752538688730

Change-Id: I0cb75b5f7caa1852b72a28cc512b22700785e615
CR-Id: ALPS04378873
Feature: Power Management
 2020-01-18 10:10:53 +08:00
Jih-Cheng Chiu (邱日成)
601860bd03 Merge "[ALPS04393149] Add needed sepolicy for SF/HWC to use GED" into alps-trunk-q0.basic 
Change-Id: Id0d8b8b886080efbb2c393ad0624d62ebf7505c7
MTK-Commit-Id: 544f3f2c23ace212f051ac90b83d3c12871bc3d2
 2020-01-18 10:10:53 +08:00
Kane Jhang
c5181b4250 [ALPS04393149] Add needed sepolicy for SF/HWC to use GED 
[Detail] Add GED ioctl selinux policy to let SF and HWC
         that can use GED.

[Solution] Add needed sepolicy

MTK-Commit-Id: 26f1f2fa7735d91ccbb51643b1ed7d200a013988

Change-Id: Ie20589d100473578a8fc824d57718537d7102f07
CR-Id: ALPS04393149
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 10:10:51 +08:00
Juju Sung
5756adf040 [ALPS04239425] Fix build from sepolicy change 
The Google change ag/7017729 introduces its own /devices/virtual/net
in system/sepolicy/private/genfs_contents.  Thus, we need this
change to remove our own definition.

MTK-Commit-Id: 795196e337d6451991610a71be6b3dcb06a8850b

Test: Local build
Change-Id: I198fbeb3a4047797d9c01d37b1cd4614202fe66d
CR-Id: ALPS04239425
Feature: Engineering Mode
 2020-01-18 10:10:50 +08:00
Nan Zhao (赵楠)
c20ed36dc6 Merge "[ALPS03809072] Add vendor partition property" into alps-trunk-q0.basic 
Change-Id: I8873802ce975898fbc7b3aae9138cff82391bdf8
MTK-Commit-Id: 9a520b3af0c885c061b88288490c07379ee1314c
 2020-01-18 10:10:49 +08:00
Muyi Lan
19d36b81a9 [ALPS03809072] Add vendor partition property 
Due to we might replace system image to GSI image,
we need to maintain another vendor partition properties
to avoid unexpected errors.

MTK-Commit-Id: 2e80c29b78d158be175d350c14ee804a57e1ad41

Change-Id: I6da5eb3479bb93cbb9c0bdd41fd4c69bffb5dd15
CR-Id: ALPS03809072
Feature: Telephony feature switch dynamically
 2020-01-18 10:10:48 +08:00
YL Wang
02ac3a7894 Merge "[ALPS04294481] WMT: sepolicy adjustment" into alps-trunk-q0.basic 
Change-Id: I4139bacb99ce875feae2b6176bd97c19f7849ef0
MTK-Commit-Id: f7bb53ac352b4dc1baf90669ea96108aeb3f04f9
 2020-01-18 10:10:47 +08:00
Tim Chang
ae4cd2b056 [ALPS04294481] WMT: sepolicy adjustment 
change sepolicy of init for Android Q migration

MTK-Commit-Id: 97e5835a0515110fcf0c5fdef1f8f808b552dab0

Change-Id: I7c2065734270419c1a8eb7d791ba963b95de2763
CR-Id: ALPS04294481
Feature: [Module]WMT Driver
 2020-01-18 10:10:43 +08:00
Shan Zhang
ab3d13a34a Merge "[ALPS04366101] mediacodec process selinux permission" into alps-trunk-q0.basic 
Change-Id: I5281d9da655b812fc77161916ea4a75b483e93a3
MTK-Commit-Id: cce799f6c0527deb1dd8fbe186c93ec40f15cf6d
 2020-01-18 10:10:41 +08:00
Bo Ye
2cb0b653a1 [ALPS04366101] mediacodec process selinux permission 
Need map permission for kernel 4.14

MTK-Commit-Id: 6ea8645273cb9a1642839c1473a9eaf15bb6594b

Change-Id: I31cdb274551457d975d5df6ac401d1254dd05faf
CR-Id: ALPS04366101
Feature: H.264 Decoder
 2020-01-18 10:10:40 +08:00
Joen Chen
09f5c5aeb7 Merge "[ALPS04384473] Add needed sepolicy" into alps-trunk-q0.basic 
Change-Id: I80706cc8d0b2676d803404810a4ccedf7ddf7584
MTK-Commit-Id: bbcff09cf9bfc46aa93a3f337f026a4b454fd453
 2020-01-18 10:10:38 +08:00
Kane Jhang
7ad3357d31 [ALPS04384473] Add needed sepolicy 
[Detail] SurfaceFlinger need to add sepolicy to do ioctl with ged node

[Solution] Add SurfaceFlinger sepolicy

MTK-Commit-Id: 8f848c40c9443a959fe564875aa5046458219ae5

Change-Id: Id88cd8d31f66bbdcb7df6e48127e789d341772ac
CR-Id: ALPS04384473
Feature: [Module]SurfaceFlinger/HWComposer
 2020-01-18 10:10:36 +08:00