tequilaOS/platform_device_qcom_sepolicy-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3478 commits 1 branch 0 tags 4.7 MiB
Commit graph

265 commits

Author SHA1 Message Date
Himanshu Agrawal
a473048fb3 sepolicy: Addressing post-boot denials 
Change-Id: I5282c1acf9f096c6363c77afc0443b06f00a6c37
 2021-05-17 17:12:16 +05:30
Himanshu Agrawal
d7eb0cc6b6 sepolicy: Fix /sys/devices/soc0 read permission issue 
Change-Id: I189fea846191f6407d6c6b9fb767595466b7dc06
 2021-05-05 22:14:35 -07:00
Akhil Manikoth Kallankandy
2906bf533d sensors : Updating property name 
changing property name according to VtsTrebleSysPropTest

Change-Id: I95bae88a4126606c4d5eef992d863e483766212f
 2021-04-30 05:45:21 -07:00
Himanshu Agrawal
53203d8bfb sepolicy: Add sepolicy rules for vm_bms 
create vendor_vm_bms_debug_prop for debug properties.

Change-Id: I6ac3986af96bb50288e404c377613c6b0d4dc998
 2021-04-22 22:53:53 -07:00
Himanshu Agrawal
c5495488d8 sepolicy: Addressing multiple on-boot denials present 
Multiple on boot denials has been addressed for
improving device performance.

Change-Id: If0db0c0bd334da91c879d9170d03171c2bf4a91d
 2021-04-20 15:50:51 +05:30
Prerna Kalla
debf881517 sepolicy: Add label for KM 4.1 service 
Add label for KM 4.1 service.

Change-Id: Iab41f356da6562c9c0b9ed942f20442cfc6ec8f2
 2021-04-02 03:55:53 -07:00
Akhil Manikoth Kallankandy
7849fcf55f sensros : changing property name 
Change-Id: I17e71ca56e9fa050221972c846a9f99db8761283
 2021-03-31 14:24:32 +05:30
Akhil Manikoth Kallankandy
025be09c29 sensor:adding label for new property 
adding label for property use to enable qrtr-ns service

Change-Id: I5634c0c85a0dae9d13151d99f984e22987705636
 2021-03-09 20:26:02 +05:30
Guixiong Wei
b69efc2215 sepolicy: Remove poweroffalarm system uid and redundant rules 
remove poweroffalarm system uid and redundant rules

Change-Id: If51e9ae948b68f1187c66d748935fd1014e72e11
 2020-12-15 18:39:22 -08:00
Gurram Pravalika
ffb6c9041c sepolicy: Add policies for for video in HAL1 
Change-Id: I954b96582719e3e7145fd0ab1afd0425494c3ba7
 2020-12-14 22:57:44 -08:00
qctecmdr
6cfdc77609 Merge "sepolicy : Upmerge changes." 2020-12-14 00:14:39 -08:00
Nitin Shivpure
d5327a1a9d sepolicy: allow bluetooth to make binder call to gpuservice 
allow bluetooth to make binder call to gpuservice.

CRs-fixed: 2748533
Change-Id: Idff3f3c0377fc5dae3e715417556c696f7e4620e
 2020-12-14 10:33:49 +05:30
Himanshu Agrawal
0240ff9832 sepolicy : Upmerge changes. 
Change-Id: I90fb0d6eb70bd5e0e790f8bae7b6cd0501442338
 2020-12-11 06:07:39 -08:00
Shayak Biswas
1442222426 Allow dumpstate for a binder call with power Hal 
This allows dumpstate to have a binder call with power
Hal, this is needed for a CTS testcase:
SELinuxHostTest#testNoBugreportDenials

Change-Id: I646fdce79776083df74df48134e85c65dbee69dc
 2020-12-11 09:56:09 +05:30
Kripa Bhat
5d40fe89f3 Allow dumpstate to have a binder call with Lights Hal 
This allows dumpstate to have a binder call with Lights
Hal, this is needed for a CTS testcase:
SELinuxHostTest#testNoBugreportDenials

Change-Id: Iec081b1069b2569c68b72ff009f12018c946a0a8
 2020-12-08 22:51:16 -08:00
Manjunatha Ramachandra
06bbb12f3f sepolicy: updating label on read_ahead_kb nodes 
Removing read_ahead_kb nodes from sysfs_mmc_host
node. And adding sysfs_dm to perf hal and
init_shell files' allow list.
This change is being made inorder to address
the bugnizer 161927268 for legacy msm8937_32go platforms.

CRs-Fixed: 2826612
Change-Id: I190b9891eaf52fc4eb7d4fd73567572101ee288e
 2020-12-02 23:27:09 -08:00
Eruvaram Kumar Raja Reddy
f997082943 sepolicy: adding vendor prefix to avoid naming colision 
Update legacy properties with vendor prefix to void VTS failure
due to API30 changes

CRs-Fixed: 2825382

Change-Id: I39a5de4ad6450d805bf74e88aabc38c8347d89a4
 2020-11-30 17:01:29 +05:30
Jeya R
29b1061aaa sepolicy: Add permissions in init for vendor_adsprpc_prop 
Add permissions in init shell to modify vendor_adsprpc_prop.
Change-Id: I5a4dcbf54686c3add9fa0756aff7bb694d96adcb
Acked-by: Deepika Singh <dsi@qti.qualcomm.com>
 2020-11-18 15:22:36 +05:30
Shawn Shin
ce33f422e7 sepolicy:qcc add to legacy 
Change-Id: I7031cd4070c478f1fccfe8e0b1e7053d6c57c36e
 2020-10-30 16:10:52 -07:00
qctecmdr
758b6d2b99 Merge "sepolicy: align fst-manager and wigig legacy rules" 2020-10-29 23:51:22 -07:00
qctecmdr
887dc95b06 Merge "sepolicy: allow block_suspend deniel for lmkd" 2020-10-28 00:12:18 -07:00
Dedy Lansky
046ff067d0 sepolicy: align fst-manager and wigig legacy rules 
Add legacy rules for enabling fst-manager to act
as a HAL service, and allow fst-manager and wigig
framework to access the capability config store.
These rules were missing in the legacy folder and
copied from the qva rules since there are still
platforms that need them.

Change-Id: I7a08bec9f3f84599a6392e8a5bd22c26e28e00a3
 2020-10-27 22:53:42 -07:00
Himanshu Agrawal
21fbe23415 sepolicy: allow block_suspend deniel for lmkd 
Avoid below deniel for lmkd:
avc: denied{ block_suspend }for comm="lmkd" capability=36
scontext=u:r:lmkd:s0 tcontext=u:r:lmkd:s0 tclass=capability2
permissive=0.

Change-Id: I332281110d4fa1fa208349a302fdc33a3a40d8ef
 2020-10-27 22:31:24 -07:00
Arvind Kumar
7af4487b0c Add file context for Light AIDL HAL Service 
Change-Id: I1e5a79a5846910f90362d97899e5fc0d7dbfadbb
 2020-10-27 00:54:23 -07:00
Ankur Sharma
ae9d933056 Sepolicy denials xtra for legacy R targets 
- Fix sepolicy denial when xtra-daemon access the cacert
service.
- Allow location clientdomain to perform binder IPC to
qtidataservices_app serverdomain.

Change-Id: I0aae254fb4b4a67336d67f96856a2cf0d70954fc
CRs-Fixed: 2778560
 2020-10-21 07:34:12 -07:00
c_gopir
7dff049400 Sepolicy : Add power AIDL to context 
Add power HAL exec to file contexts

Change-Id: Ib97298e739f030454256c88f78e6862c2f4838bb
 2020-10-19 21:44:18 -07:00
Paras Nagda
44e4db86e8 sepolicy: Add video property to get permission 
Allow Zygote to read video property

Change-Id: Iac936e84549cde02e2b87309f32cdbd2d8a0fe5f
 2020-10-14 06:30:06 -07:00
Paras Nagda
5bc47cdaf0 sepolicy: Add video property get permission 
Allow mediaserver to read video sys property

Change-Id: Id09d5fbcbacbba3130ca9d7759ff67ade3a839b3
 2020-10-06 22:26:31 -07:00
qctecmdr
b22751353a Merge "sepolicy: add policies for DSP HAL manager" 2020-09-30 00:50:57 -07:00
Jiten Patel
c4f5909333 sepolicy: Policy fix for rpmb partition 
On 4.19 kernel, due to upstream commit <97548575be>
(mmc: block: Convert RPMB to a character device),
Block device design for RPMB is now changed to char device.
This change add required permissions for qseecom daemon to
be able to access new device design for RPMB eMMC device.

Change-Id: I77a4ffc2107e61f66fe75cd2ccdc4d8da2685523
 2020-09-26 17:09:23 +05:30
qctecmdr
e40220732a Merge "sepolicy: Allow all app domains to search sysfs_kgsl" 2020-09-23 01:51:40 -07:00
Vamsi Krishna Gattupalli
fa6d5b4fdc sepolicy: add policies for DSP HAL manager 
Add DSP HAL manager related attributes and policies. Allow untrusted
shell apps and APKs to be a client of the DSP HAL server. Mark the
DSP HAL interface library as same process HAL.

Change-Id: I7b2e5c716c6191d480d26d39a3adf188dc3aefb3
 2020-09-22 10:52:41 +05:30
Murthy Nidadavolu
8d4a25335b sepolicy: Updating sepolicy for DRM HAL 
Adding 1.3 drm HAL to file_contexts.

Change-Id: I59f87fb9eb4a1605cf299a973986164f6761dab2
 2020-09-18 13:39:59 +05:30
qctecmdr
ee00935244 Merge "sepolicy: Update thermal-engine sepolicy rules for legacy vendor file" 2020-09-16 03:30:27 -07:00
Nilesh Gharde
07cedab877 Sepolicy denials for location on legacy R targets 
Fix for denial when xtra-demon trying getting
qccsyshal service  instance

Change-Id: I522531dee26dd5ee426a7ae966e49a0a4e685481
CRs-fixed: 2765244
 2020-09-15 11:55:49 +05:30
Asha Magadi Venkateshamurthy
7ef030e945 sepolicy: Update thermal-engine sepolicy rules for legacy vendor file 
Update legacy thermal-engine sepolicy rule for SDM660 target by adding
access of sysfs nodes of thermal devices, kgsl and devfreq by adding
sepolicy rules.

Change-Id: I49c511d2dbc67169daa937102d58839eb799b977
 2020-09-14 12:14:23 +05:30
qctecmdr
7036682bb5 Merge "sepolicy: add support for separate dcvs script for sdm660" 2020-09-04 05:32:35 -07:00
Asha Magadi Venkateshamurthy
c7c8131f02 sepolicy: add support for separate dcvs script for sdm660 
Give sepolicy permission to dcvs node used to set
memlat parameters.

Change-Id: Iadddf5d11375a6d7cc48d523ed8c44baf4643be1
 2020-09-04 10:55:17 +05:30
Bharat Pawar
b4ca9cb07f sepolicy: Allow all app domains to search sysfs_kgsl 
Fixing below avc denails
type=1400 audit(0.0:86144): avc: denied { search } for
name="kgsl-3d0" dev="sysfs" ino=43551 scontext=u:r:mediaswcodec:s0

Change-Id: Ibf7a9a231119c23c4830538323587edbe95150a2
 2020-09-03 19:15:02 +05:30
Bharat Pawar
90dc370d64 sepolicy: Adding rules for servicetracker HAL for legacy target. 
Also adding file_context for servicetracker V1.2
Change-Id: I7145f86093c954376e6dd8bbcd8f6d2e6005a981
 2020-09-03 17:47:59 +05:30
Bharat Pawar
3bdddf83fd sepolicy: Add label for vibrator AIDL HAL service 
Add selinux label for vibrator AIDL HAL service
so that it can accessthe vibrator device correctly.

Change-Id: I6486b6cf399ce60a671b187c624993820c6f246c
 2020-08-21 15:48:02 +05:30
qctecmdr
f95a6b8611 Merge "perf: Fix sepolicy errors during boot" 2020-08-13 07:28:05 -07:00
qctecmdr
33281c7bda Merge "Sepolicy: ported all Wfd sepolicy from sepolicy.lnx.5.0" 2020-08-13 05:34:25 -07:00
qctecmdr
3c94562422 Merge "sepolicy: Remove all qssi specific WFD sepolicy change" 2020-08-13 03:40:25 -07:00
Shashi Shekar Shankar
ded4b6e973 perf: Fix sepolicy errors during boot 
Fix sepolicy errors on legacy targets.

Change-Id: Ia491e7e3330243d3ec70fba97c3beafc65f93afc
 2020-08-12 19:57:11 -07:00
Pavan Kumar M
b7b9097e20 sepolicy: Add sepolicy rules for IImsFactory HAL for legacy targets 
Change-Id: I371457018f309bb3a23138ac8d71d4628430f69e
 2020-08-07 04:26:38 -07:00
Rajeswari N
ae41118035 sepolicy: Add perf 2.2 hal 
Support for perf HAL 2.2 uprev

Change-Id: Ia6abea00751494803bf78839ef96608dfbc9b09d
 2020-08-04 15:15:36 +05:30
Shivam Agrawal
ff436b9716 Sepolicy: ported all Wfd sepolicy from sepolicy.lnx.5.0 
- WFD sepolicy fix.

Change-Id: I1000b0277318ca7439a5bb177787dffe8d51b7c9
 2020-07-29 14:10:43 +05:30
qctecmdr
d580bc7940 Merge "Allow BT LAZY HAL serivce to access bluetooth hal" 2020-07-28 08:46:15 -07:00
qctecmdr
8e93513c1d Merge "sepolicy: Add interface entry for Legacy HAL" 2020-07-28 06:48:53 -07:00