tequilaOS/platform_device_qcom_sepolicy-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
2787 commits 1 branch 0 tags 4.7 MiB
Commit graph

2787 commits

This branch
This branch
All branches
Author SHA1 Message Date
Amandeep Virk
57c728d261 sepolicy: Add iuicc device and its access for spdaemon 
Define iuicc device so that spdaemon can open an spcom
channel to corresponding iuicc application on Secure
Processor

Change-Id: I8028df28b12058cbb4d49023cf548755ec3f271c
 2019-06-07 10:47:19 -07:00
qctecmdr
8ef1adb229 Merge "sepolicy: xtwifi-client access to hlos_rfs shared" 2019-06-04 14:10:33 -07:00
qctecmdr
8da456b050 Merge "sepolicy : addressed dumpstate related denials." 2019-06-04 11:20:55 -07:00
qctecmdr
878819b0d9 Merge "sepolicy: Read vendor_pd_locater_dbg_prop in GNSS HIDL for legacy" 2019-06-04 05:44:15 -07:00
qctecmdr
fb960e3998 Merge "Sepolicy: Add vendor_adsprpc_prop to app.te" 2019-06-04 02:53:26 -07:00
qctecmdr
697281bf7f Merge "sepolicy: Add rule for audioserver to find audio_service" 2019-06-04 00:19:32 -07:00
Harikrishnan Hariharan
76007ff333 sepolicy: xtwifi-client access to hlos_rfs shared 
Change-Id: Ibaea6e128388ad6abb1df731017550a0cb28f377
CRs-Fixed: 2464825
 2019-06-04 12:29:08 +05:30
qctecmdr
56ec950386 Merge "sepolicy: Add permissions for feature_enabler_client app" 2019-06-03 15:59:39 -07:00
Ramkumar Radhakrishnan
9adc02b0ab sepolicy: Add permissions for feature_enabler_client app 
Add permission for feature enabler client app to have read and write
access to qseecom node, ion node,and mink socket

Change-Id: I08d5c5a27846fc5c22d505a66544645cb0543223
 2019-06-03 14:35:27 -07:00
qctecmdr
97c0281668 Merge "genfs_contexts: Add label to graphics sysfs nodes for kona" 2019-06-03 13:25:05 -07:00
Harikrishnan Hariharan
90d39e829c sepolicy: Read vendor_pd_locater_dbg_prop in GNSS HIDL for legacy 
Add rule to read vendor_pd_locater_dbg_prop in GNSS HIDL for legacy
devices

Change-Id: If7cc23dcf06278877c16f9d964b272ff08c24825
CRs-Fixed: 2464884
 2019-06-03 22:52:26 +05:30
Ravi Kumar Siddojigari
9767ee2638 sepolicy : addressed dumpstate related denials. 
As part of CTS testing its expected no denails should be seen
from dumpstate domain during testing so addressing generic
permission issue.

test :testNoBugreportDenials

Change-Id: Ic60a49e6330c42aa99280af8e6913af140e981e5
 2019-06-03 18:21:39 +05:30
Ravi Kumar Siddojigari
a0e764c972 sepolicy : bt services domains aligned with prebuilds version 29.0 
Change-Id: I095c5294daf29da389c2da16f03c6bb1508d6be6
 2019-06-03 16:30:32 +05:30
Ramjee Singh
cafb67c1ca sepolicy: Add rule for audioserver to find audio_service 
Add rule for audioserver to find audio_service for AAudio usecase

Change-Id: I1cd1b621b362124a338973aaeff6341e6862418d
 2019-06-03 14:40:57 +05:30
qctecmdr
15bee8edb0 Merge "Sepolicy : Enable qce_device" 2019-06-01 06:15:04 -07:00
qctecmdr
6b51f30af2 Merge "sepolicy: allow bluetooth to access perf hal" 2019-05-31 16:45:30 -07:00
Phalguni
0b9199016f Sepolicy : Enable qce_device 
Change-Id: Ibdb12124a8568759ba057ac6e7cce70c93a78889
 2019-05-31 11:11:12 -07:00
Abhimanyu Garg
2470da3fec genfs_contexts: Add label to graphics sysfs nodes for kona 
Add label to graphics sysfs nodes to avoid the denial for perf
features.

Change-Id: I553f629493cbab21affb2d91b9695bc9263ed405
 2019-05-31 10:24:32 -07:00
qctecmdr
598fb80fab Merge "sepolicy: add sepolicy for usta_app to open system_data_file" 2019-05-31 10:19:46 -07:00
Nitin Shivpure
3f4efd7619 sepolicy: allow bluetooth to access perf hal 
allow bluetooth to access perf hal

Change-Id: Ibe71b00b71b010c8032a563638debea7990067b6
 2019-05-31 03:00:48 -07:00
shann
674bed6d2f sepolicy: add sepolicy for usta_app to open system_data_file 
The error is encountered when usta_app (test app) is trying to open
system_data_file(/data/misc/gpu/adreno_config.txt). Providing only open
permission to the test app.

Addressing the issue:
avc: denied { open } for comm="RenderThread" path="/data/misc/gpu/adreno_config.txt"
dev="dm-0" ino=1180432 scontext=u:r:usta_app:s0 tcontext=u:object_r:system_data_file:s0
tclass=file permissive=1

JIRAs-Fixed: APTSEC-22
CRs-Fixed: 2460155

Change-Id: I73828c62fac6022197ff58f04494331a609a4175
 2019-05-31 02:40:34 -07:00
qctecmdr
c3e77cff36 Merge "sepolicy: give se policy permission to dcvs nodes" 2019-05-31 01:23:13 -07:00
Santosh Mardi
c36cb42ae9 sepolicy: give se policy permission to dcvs nodes 
Give SE policy permission to dcvs nodes used to scale L3,
LLCC and DDR frequency based on traffic.

Change-Id: I37758b21eee4546f4966575e523ff36ce3b0949f
 2019-05-31 12:03:10 +05:30
qctecmdr
72e7df6cd9 Merge "sepolicy: add missing permission for location.te" 2019-05-30 22:46:20 -07:00
qctecmdr
ccdd1c9ed8 Merge "sepolicy: Adding permissions for location apps" 2019-05-30 11:12:22 -07:00
qctecmdr
af62dc76a8 Merge "sepolicy: allow gnss hal to access health hal" 2019-05-30 08:51:25 -07:00
Ashish Dhiman
52aefeeada sepolicy: add missing permission for location.te 
added missing sepolicy for xtwifi-client location
client

CRs-Fixed: 2460415
Change-Id: I0cd2182ef287619759fe86b654133bd7026dbc70
 2019-05-30 08:48:40 -07:00
Harikrishnan Hariharan
1bc9e92696 sepolicy: Adding permissions for location apps 
Adding perf hal permissions to location_app.te and
location_app_test.te.

Change-Id: I564848d17439cd1b1aeef85efe21fa83b84a4dea
CRs-Fixed: 2457559
 2019-05-29 23:28:29 -07:00
Harikrishnan Hariharan
4829c3a00a sepolicy: allow gnss hal to access health hal 
Add rule for gnss hal to listen battery status.

Change-Id: If9874ab9bbb92a42b74ec696f55725b98a913f9e
CRs-fixed: 2411905
 2019-05-29 23:28:21 -07:00
Anmolpreet Kaur
b59a8af1bb sepolicy: private: Remove smcinvoke daemon sepolicy 
smcinvoke daemon will no longer be available in system.
Sepolicy rules are not needed to be defined as smcinvoked
is deprecated from system.

Change-Id: I12d00976789db4cf00aabeeb2781e34b19830eed
 2019-05-29 23:18:20 -07:00
qctecmdr
aa536e05d4 Merge "sepolicy: Adding permissions for nfc" 2019-05-29 16:35:06 -07:00
qctecmdr
8db4440147 Merge "sepolicy: Allow init to access mem_sleep" 2019-05-29 13:50:14 -07:00
qctecmdr
a7ff30b3c2 Merge "sepolicy: permit graphics hwcomposer to read kgsl sysfs nodes" 2019-05-29 11:11:13 -07:00
Ananth Raghavan Subramanian
ab0c44baeb sepolicy: Allow init to access mem_sleep 
Add labels for the mem_sleep node and allow the init shell to access it.

Change-Id: Id9ba40a2c0c52e9ab08b249291a5090b249ce64d
 2019-05-29 09:51:38 -07:00
qctecmdr
fa61edc076 Merge "Add sepolicy for dynamic partition." 2019-05-29 08:27:03 -07:00
qctecmdr
a8130be8b8 Merge "sepolicy : Add rule to set property for wlan driver/fw ver info" 2019-05-29 01:50:22 -07:00
Padmanabhan Komanduru
00ddb37c5f sepolicy: permit graphics hwcomposer to read kgsl sysfs nodes 
Permit graphics hwcomposer to access kgsl sysfs node to get
the value of maximum GPU clock supported.

Change-Id: Idc3966029364436cbca445a9bc704ee2a2caf874
 2019-05-29 14:02:15 +05:30
Vinay Verma
bdbf9d49aa Add sepolicy for dynamic partition. 
Change-Id: Ic2ebaf716195e64015b3beb457f1364cf4fec604
 2019-05-29 13:25:19 +05:30
qctecmdr
3c447db2dc Merge "sepolicy: msmnile: Add vehicle hal rules for Q bringup" 2019-05-28 12:26:16 -07:00
qctecmdr
4fd76090d3 Merge "sepolicy: add SE policy rules for hta runtime libraries" 2019-05-28 10:21:15 -07:00
Vinay Gannevaram
839229b542 sepolicy : Add rule to set property for wlan driver/fw ver info 
wlan driver/fw version are set at property at enforcing mode.
Add rules to allow to set wlan driver/fw version info

CRs-Fixed: 2460816
Change-Id: Ic0bb570cd53fe450512496c5864f432ce3219bbe
 2019-05-28 20:44:09 +05:30
qctecmdr
e159097d13 Merge "sepolicy: Allow read for avextension debug property" 2019-05-28 03:02:41 -07:00
qctecmdr
cc5fa63528 Merge "sepolicy : clean-up of netd_socket usage." 2019-05-28 00:46:25 -07:00
Brijesh Patel
5b813bd3f4 sepolicy: Allow read for avextension debug property 
- Multiple processes and applications use avextension
  directly or indirectly causing property read denials
  for debug property.

Change-Id: Ibe71b00b71b010c8032a563638debea7990057a6
 2019-05-28 00:28:03 -07:00
Ravi Kumar Siddojigari
4cb4eee99e sepolicy : clean-up of netd_socket usage. 
As public defination of netd_scoket is removed removing all the
references to this.

Change-Id: I752d1d546d5d6e76dc4e43fc3d4a90b0aca077c8
 2019-05-28 11:47:01 +05:30
qctecmdr
bd64e5e5d2 Merge "sepolicy: add device sepolicy rule for NNHAL-1.2v" 2019-05-27 22:34:05 -07:00
qctecmdr
7191695bde Merge "sepolicy: add rules for imshelper_app" 2019-05-27 04:56:35 -07:00
qctecmdr
94af206963 Merge "sepolicy : Remove deprecated smcinvoke_daemon" 2019-05-27 02:41:16 -07:00
Devi Sandeep Endluri V V
6a63afe092 sepolicy: add rules for imshelper_app 
Add rules to allow imshelper_app to search
radio_data_file

Change-Id: I1184833d2cde889292aa4cf205e748cecb23ae3c
 2019-05-27 00:37:30 -07:00
qctecmdr
c2bc90639c Merge "sepolicy : Remove deprecated smcinvoke_daemon" 2019-05-27 00:35:59 -07:00