NekoSakura/android_device_mediatek_sepolicy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
855 Commits 2 Branches 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Shanshan Guo 2bd9ab2104 [ALPS04654001] SEPolicy: add ioctlcmd for app 
[Detail]
For Andorid Q, there is a more stringent restriction
for ioctl, app need to access pipe by ioctlcmd=0x5402.
avc: denied { ioctl } for comm="kd" path="pipe:[7173861]"
dev="pipefs" ino=7173861 ioctlcmd=0x5402
scontext=u:r:untrusted_app_25:s0:c512,c768
tcontext=u:r:untrusted_app_25:s0:c512,c768
tclass=fifo_file permissive=0 app=com.tencent.qqpimsecure

[Solution]
Add sepolicy for app to access pipe by ioctlcmd=0x5402

MTK-Commit-Id: d38b9f7f97aab7b23d80d0f3aac8e25a790c8c91

Change-Id: I5ac20bf2dffa0c297b32aaebd75db9e04c35cc79
CR-Id: ALPS04654001
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
2020-01-18 10:14:59 +08:00
non_plat
[ALPS04654001] SEPolicy: add ioctlcmd for app
2020-01-18 10:14:59 +08:00
plat_private
[ALPS04255502] lbs_dbg: move lbs_dbg sepolicy to system
2020-01-18 10:14:12 +08:00
plat_public
[ALPS04475279] Revert Sepolicy:move type sysfs_mmcblk
2020-01-18 10:14:23 +08:00
prebuilts/api/26.0
[ALPS04284125] Sepolicy: add lost label
2020-01-18 10:13:13 +08:00
private/compat/26.0
[ALPS04284125] Sepolicy: add lost label
2020-01-18 10:13:13 +08:00
MTK_LICENSE
[ALPS04410351] Add MTK_LICENSE
2020-01-18 10:10:42 +08:00
Description
No description provided
1.4 MiB
Languages
Makefile 100%