tequilaOS/platform_device_qcom_sepolicy-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
2025 commits 1 branch 0 tags 4.7 MiB
Commit graph

2025 commits

This branch
This branch
All branches
Author SHA1 Message Date
Linux Build Service Account
b640da57bc Merge "Allow permissions to call CNE" 2018-02-24 00:06:53 -08:00
Linux Build Service Account
8343677b58 Merge "Update sysfs labeling" 2018-02-23 20:57:39 -08:00
Dante Russo
bd301074b6 Allow permissions to call CNE 
Allow XTRA permissions to call CNE

CRs-Fixed: 2195094
Change-Id: I895966bbb888e4d6141befe62171e56379debe7c
 2018-02-23 12:01:53 -08:00
Naseer Ahmed
704a55d170 sepolicy: Add policy for qti allocator and mapper 
Change-Id: I532940d043bc51515bbf89deea283a60628528d9
 2018-02-23 11:29:40 -08:00
Shaikh Shadul
f6c02fd2d2 sepolicy: allow init-qcom-sensors-sh to start sensors daemons 
Add rules to allow init-qcom-sensors-sh to start sensors
daemons sscrpcd, sensors.qti from sensors script.

Change-Id: Ifde06f15fea9d306f3783694724d3116481a2c06
 2018-02-23 08:48:28 -08:00
Sridhar Parasuram
db8636ccde Update sysfs labeling 
Change-Id: Ib698defb6e2accebda58c853c5c0be23becfedcb
 2018-02-23 08:01:27 -08:00
Sridhar Parasuram
1a761eb564 Update labeling for audio_data_file 
Change-Id: I04af86a64198c7e96f018a74aaf32ebed7bbc8b2
 2018-02-21 13:53:03 -08:00
Linux Build Service Account
dc58c3ab0c Merge "cnd: Net Admin" into sepolicy.lnx.4.9 2018-02-20 10:43:43 -08:00
Sridhar Parasuram
486aa76037 Add wifi_data_file to data_between_core_and_vendor_violators 
This change is needed until upstream fixes the wifi hal

Change-Id: Ie8c7b0df204d2274b3b0624ee5a9f47976c7fb20
 2018-02-14 11:22:44 -08:00
Sridhar Parasuram
32aac06248 Remove policies using dac_override and dac_read_search capability 
Change-Id: I591163c182f8c564f696fd3dd899041de24bdb6b
 2018-02-14 11:22:43 -08:00
Tyler Wear
8f8b9beb46 cnd: Net Admin 
Add net admin permission to CND.

Change-Id: I217d409b3813824de8822e719dc654df4a5c48fb
CRs-fixed: 2187775
 2018-02-13 18:06:59 -08:00
Tyler Wear
660907d4dd Data SE Linux Cleanup 
Sepolicy changes related to data modules needed for
the general cleanup effort.

Change-Id: I8b0247295e25faadfe63be9079055d76576958d3
 2018-02-09 16:29:57 -08:00
Sridhar Parasuram
cc31c50446 Address new neverallow policies 
Change-Id: I3fa9d205956c5a89f610893a9fd8d855b0383fd6
 2018-02-05 11:06:24 -08:00
Sridhar Parasuram
ea1eb0b08c Address denials and cleanup 
Change-Id: Id83d5c31fc168834b3cb89e7b32691770c4b7914
 2018-02-02 10:20:11 -08:00
Linux Build Service Account
f607fe78fe Merge "sepolicy: added new sepolicy files for chre" into sepolicy.lnx.4.9 2018-01-31 14:45:45 -08:00
Sridhar Parasuram
b73ca02e5a Add a separate te file for the following shell scripts 
* init.qcom.sensors.sh
    * init.qti.ims.sh
    * init.qcom.crashdata.sh

Add te files for ims, crashdata and sensors shell scripts

Change-Id: If482df2e2ef2dc257b79cece2bb1eb5f812007d2
 2018-01-31 10:07:05 -08:00
Sridhar Parasuram
7962575a24 Add test policies 
Change-Id: Ib8f60653e57388941e17d86be4495366930db89b
 2018-01-31 10:07:00 -08:00
Biswajit Paul
237fb5193c sepolicy: added new sepolicy files for chre 
Added new sepolicy files and socket node to make chre
daemon working

Change-Id: Iabb3a631aaf9aebaabf4cdbae23ca5ea5a3dda44
 2018-01-29 11:43:47 -08:00
Sridhar Parasuram
48d5ab5d3c Add policies for init-qti-fbe-sh 
Change-Id: Id768c70019a80d46a6e371d3573e700925209fdf
 2018-01-25 11:57:12 -08:00
Sridhar Parasuram
df17efd8b1 Remove init-sh files that are not needed 
Change-Id: I4b588c258f1d50b956bace1b61d0964fa0848c10
 2018-01-25 11:57:07 -08:00
Sridhar Parasuram
77eb26c3a3 Remove the keymaster passthrough 
Change-Id: I5d2497d5e6ff450a3be99e2a638b503d69c9e444
 2018-01-24 17:08:14 -08:00
Sridhar Parasuram
9e70bfd3ac Move common files inside vendor to vendor/common 
Change-Id: I0e5f67069463b6bd2bbfee355d95d490e64adad6
 2018-01-24 14:29:45 -08:00
Sridhar Parasuram
8f9839c487 Address denials needed for bootup 
Change-Id: I0cf893edf163692b637a490c3759dd13f5c74925
 2018-01-23 16:51:32 -08:00
Sridhar Parasuram
f58300a8c3 Remove legacy rules 
Change-Id: Id7e86dd4f772d9dd2e9bcf0f641ab25630a2f3a8
 2018-01-23 16:47:41 -08:00
Sridhar Parasuram
1154147746 Add new files needed for bootup 
Change-Id: I51a3bd1931709d375f6859054a9238b2f0ce9de5
 2018-01-23 16:47:35 -08:00
Sridhar Parasuram
e479b0cee6 Fix compile issues 
Change-Id: I26fd2e0ad503bbdd4235b2120737feb9f5711a0b
 2018-01-23 14:20:48 -08:00
Sridhar Parasuram
7eaf0fb2b2 Add new files 
Change-Id: Ib5cb0f02a9175b1154f9f933116a386a39581c0f
 2018-01-23 14:20:48 -08:00
Sridhar Parasuram
0579b0d176 Sync with upstream 
Change-Id: I53c51d4f5e98be617dac6aadecc81dbad809aeda
 2018-01-23 14:20:48 -08:00
Sridhar Parasuram
168d612523 Delete not needed te files 
Change-Id: If5d48ea45f10cd880b76497581f30c6c5acad0e2
 2018-01-23 14:08:55 -08:00
Sridhar Parasuram
dd0edaa506 Update makefile 
Change-Id: I617860882e0667fdd7a5b521de5366d7012978f0
 2018-01-19 10:19:35 -08:00
Sridhar Parasuram
de5802b907 Reorg with upstream structure 
Change-Id: I945f212747f6cda200468b943b62b3103aa866af
 2018-01-19 10:19:22 -08:00
Sridhar Parasuram
5324911929 Remove old target specific files 
Change-Id: I5df3eb5341ad8e4f5b1ccff49aafa303dc1b6711
 2018-01-03 09:13:07 -08:00
Paresh Purabhiya
98da1b9cae sepolicy : set write permissions for sysfs_boot_adsp. 
allow sysfs_boot_adsp write permissions to
/sys/kernel/boot_adsp/boot node.

Change-Id: I370c6be54b0cad987fb679b66c3d8f8552c3c99a
 2017-12-21 13:29:55 +05:30
Sridhar Parasuram
badf0524e0 Use macro for fsck.te 
Change-Id: I62a67ef25318d1077e0c216cb375f5f87c636494
 2017-12-20 10:56:37 -08:00
Sridhar Parasuram
aa9fe27d1f Add support for fsck on persist partition 
Change-Id: I5600fcabb2ec6a282739de35b0b78434b83b0575
 2017-12-20 10:56:37 -08:00
Sridhar Parasuram
a750a0bb6a Rules needed for adb to work 
Change-Id: I6ed3c10fcd3ab9c6f818e40c04de6365560ab3de
 2017-12-20 10:56:32 -08:00
Sridhar Parasuram
9899503048 Add vendor_init file and fix persist labeling 
Change-Id: Icc568fc957323abb146358b4ba22f6d2a3c5904d
 2017-12-19 16:35:50 -08:00
Sridhar Parasuram
bb9d40ee22 Add new usb rules 
Change-Id: I961d86c0ee2504b1380815a204e9df60edf99595
 2017-12-19 16:35:45 -08:00
Tyler Wear
14df450d9e rcs: Add permissions for wake lock 
Change-Id: I66b96303bdf9567dc50e1c1689d539c24aa741b5
 2017-12-18 19:14:18 -08:00
Linux Build Service Account
b9379c2c62 Merge "sepolicy : correct the matching expression of sysfs_ssr" into sepolicy.lnx.4.0 2017-12-18 18:25:49 -08:00
Rajiv Ranjan
8074830455 sepolicy: Add rule to enable creating wlan_logs folder 
As cnss_diag utility uses sdcard partition to created wlan_logs
folder, now FUSE file system has been replaced by SDCARDFS.
As a result define new sepolicy rule to enable creation of
wlan_logs folder in /sdcard partition.

Change-Id: I7bef7ded797b6660271756d14b1ee4f2e6743994
CRs-Fixed: 2134785
 2017-12-18 11:52:36 -08:00
Sridhar Parasuram
c9fd3261b6 sepolicy : correct the matching expression of sysfs_ssr 
Current expression is unable to match all the name files of sysfs_ssr.
There are denials of sysfs files because of this. Correct it to fix
the denials.
CRs-Fixed: 2111501
Change-Id: I7786b34e10b36232186e55fb9cef8dcb5710d6a4
 2017-12-13 09:11:33 -08:00
Subash Abhinov Kasiviswanathan
a8f9a311b3 netmgrd: Changes in netmgr SEPolicy to fix denial 
Change-Id: I156c49478c8282c49a883074c61f15b6e20a1f03
 2017-12-08 11:11:19 -08:00
Sridhar Parasuram
299b7b696d Partial revert of '6b71400d6f0fafe8ef95d39bbd10f70665c6d2ab' 
Change-Id: I03a45deb164581d12bb2154fbf132113a6496aad
 2017-12-06 18:56:54 -08:00
Aalique Grahame
1820577300 sepolicy: update allow rules names 
update the allow rules names in audioserver from the
generic sysfs label to one more specific.

CRs-Fixed: 2057938
Change-Id: I23d9f640cdfab6f5ad895eebbc8cefe0399933c2
 2017-12-06 18:56:48 -08:00
Jaihind Yadav
7c2fd2875c sepolicy : fix compile time issue on new aosp version 
added fix for neverallow compilation issues.

Change-Id: I0dc3a47be561809fae33c4ff1208974236b03f1e
 2017-11-28 19:02:58 +05:30
Sridhar Parasuram
6b71400d6f sepolicy : fix compile time issue on new aosp version 
to unblock we are commeting  rule which are showing up
neverallow compilation issues.

Change-Id: Iebf1530781360570df307dddd55ca9c8beb0255f
 2017-11-27 16:21:31 +05:30
Karthik Gopalan
7c268994a7 Add rule for lib_name access from perfhal 
Adding new sysfs label and sepolcies for perfhal
denials, related to lib_name access.

CRs-Fixed: 2102404

Change-Id: Id6c89b34688fa5b172aba89166c25ba32206e6c3
 2017-10-26 12:57:55 +05:30
Linux Build Service Account
d4dbdef6fb Merge "sepolicy: Assign sysfs nodes to sensors label" 2017-10-24 14:29:54 -07:00
Shaikh Shadul
47ac73576d sepolicy: Assign sysfs nodes to sensors label 
Assign sysfs nodes to sensors label to avoid avc denials
in enforcing mode.

Change-Id: I5377d47b87a1abb1bc92a359de573358a0426678
 2017-10-24 06:06:35 -07:00