tequilaOS/platform_device_qcom_sepolicy-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
2961 commits 1 branch 0 tags 4.7 MiB
Commit graph

2961 commits

This branch
This branch
All branches
Author SHA1 Message Date
Indranil
d7f2bae30c sepolicy: Enable WFD HAL to access UHID driver 
WFD HAL requires access to UHID driver to support HID events over
UIBC in a WFD session. Add requisite policy to grant it access.

Change-Id: If895fb2e6ee2fa4de62a2d51b0f6ed675640b83c
CRs-Fixed: 2489083
 2019-07-21 22:22:34 -07:00
qctecmdr
f90a05b5e1 Merge "sepolicy: add sepolicy label to parallel psy for lito" 2019-07-21 11:50:13 -07:00
qctecmdr
8f58785a19 Merge "Add sepolicy for super image" 2019-07-20 05:56:41 -07:00
qctecmdr
828a1b4bbc Merge "Adding self kill capability for perf hal" 2019-07-20 02:36:23 -07:00
qctecmdr
4fbb508cd5 Merge "sepolicy: add permissions for wfdvndservice" 2019-07-19 13:16:16 -07:00
qctecmdr
72635c8301 Merge "sepolicy: msmnile_au: add support for wlan dynamic detect" 2019-07-19 10:15:15 -07:00
richagar
4c9b4e5542 Adding self kill capability for perf hal 
Allow perf for self kill capability

Change-Id: I88c24af42e87112a2abeb3efe1656871cccf6751
 2019-07-19 00:00:21 -07:00
qctecmdr
c39df4864d Merge "sepolicy: Add write permission to proc file system" 2019-07-18 23:55:40 -07:00
Hu Wang
5b9fd371e8 sepolicy: msmnile_au: add support for wlan dynamic detect 
Add script init.qcom.wlan.sh for wlan device detecting
during system booting up; and property 'ro.vendor.wlan.chip'
to indicate the current wlan device.
With the help of the two upon, the correct wlan driver
can be selected and loaded properly when there are
more than one wlan drivers.

CRs-Fixed: 2470141
Change-Id: I06a914eeecef49ab42fe93f692b532f636e94637
 2019-07-18 22:37:46 -07:00
Lubin Yin
a7b7e69713 sepolicy: add permissions for wfdvndservice 
Allow wfdvndservice to access graphics_composer and qdisplay_service.

Change-Id: I7d4b7cb824032705f6e3c4cf192668c52672412d
 2019-07-17 13:54:03 -07:00
Benergy Meenan Ravuri
dda985d21c Add sepolicy for super image 
Label super partition as super_block_device.

Change-Id: Ibb7578216f47c35570ec9e8203b6bd2d5d444b0f
 2019-07-17 19:24:00 +05:30
Ankita Bajaj
bd1c72c440 sepolicy: Add write permission to proc file system 
Provide Wi-Fi HAL read and write access to proc file system.
Wi-Fi Hal needs access to proc file system in order to configure
kernel tcp parameters for achieving higher peak throughputs.

CRs-Fixed: 2491783
Change-Id: I36613f74aaa4adfc33e68442befcdb78af5edd5c
 2019-07-17 14:06:46 +05:30
Ramkumar Radhakrishnan
718f54d0f1 te: Add access permissions for feature_enabler_client 
Add read/write and get attribute permission for feature_enabler_client
to access files from /mnt/vendor/persist/feature_enabler_client folder

Change-Id: I9a690acd2a55358dfa5ba5a0411b1dad59e5e7f0
 2019-07-16 16:31:19 -07:00
qctecmdr
bec6e8c945 Merge "sepolicy : add rule to allow dpmd self kill" 2019-07-16 07:01:25 -07:00
qctecmdr
637902d73b Merge "Add sepolicy for super image" 2019-07-16 06:53:06 -07:00
Pavan Kumar M
a0bc72f6d9 sepolicy : add rule to allow dpmd self kill 
add self kill rule to kill dpmd child process
which executes iptable commands.

denial:
dpmd    : type=1400 audit(0.0:56633): avc: denied { kill }
for capability=5 scontext=u:r:dpmd:s0 tcontext=u:r:dpmd:s0
tclass=capability permissive=1

CRs-Fixed: 2490550
Change-Id: I4cc1f23a8c3ba37e33fd02c729c2f4d2a7eea4d4
 2019-07-16 12:07:53 +05:30
Ashay Jaiswal
6fc0ff1119 sepolicy: add sepolicy label to parallel psy for lito 
Add sepolicy label to parallel power supply sysfs exposed by
parallel charger, this is accessed by userspace daemon to control
parallel charging.

Change-Id: I1b557be1588293472bd1e140cd568104f02c94a2
 2019-07-16 11:14:10 +05:30
Indranil
9ad0b0d451 sepolicy: Changes to support Sigma HAL 
Change-Id: Ieb4fcae90d2ff9d90a6976e41563bbd61ff7b1b9
 2019-07-15 18:55:41 +05:30
Jilai Wang
8a996616fd sepolicy: Allow appdomain to access NPU device driver node 
This change is to allow appdomain to access NPU device driver
node.

Change-Id: I5c3270afd105c236a8226d94ac7aa028e4ce1047
 2019-07-12 11:23:42 -04:00
Vinay Verma
6eb21e1ba4 Add sepolicy for super image 
- Label super partition as super_block_device

- Add rules for kernel 4.19 support for init domain

This is a set of vendor changes necessary for interworking
with kernel verison 4.19 properly.
With kernel 4.19, additional filesystem getattr operations
are performed by init for the firmware mount points.
In addition on bootup after adb remount with Android's
Dynamic Partition feature, init needs access to underlying
block devices for overlayfs mounting.  At that stage of
init, while SELinux is initialized (thus the need to add
these rules), the underlying block device nodes in tmpfs
have not yet be labeled.

Change-Id: I1f59d701e6ec73eb66a012337eab87593e1921f6
 2019-07-12 20:45:48 +05:30
Pavan Kumar M
bc2f64ad5b sepolicy : Add sysfs_net related path entries 
Update the secontexts for sysfs_net for
trinket and steppe targets

Change-Id: If263835eaf0a86960596d6ab97657fa6e23a1385
CRs-Fixed: 2485002
 2019-07-12 00:03:35 -07:00
jkalsi
8e0dc84de8 Sepolicy change for QDMAUtils 
Change-Id: I881983f83a99e60faecc6508fcc130820bcc8b58
 2019-07-11 17:12:35 -07:00
qctecmdr
832c6fad98 Merge "sepolicy for face3d" 2019-07-11 11:45:58 -07:00
Karthik Nagarajan
2fa08dee4a sepolicy for face3d 
sepolicy for face3d service

Change-Id: I28aa2130ebb4112b6b5f8bf594453e879778d2c0
 2019-07-10 15:40:24 -07:00
Indranil
aa006542d9 sepolicy: Adding changes for Sigma HAL 
Sigma requires SEAndroid policies due to design
re-architecure inorder to become qssi compliant.

Change-Id: I653aa6b8d6dca9a8a4f42281fe4f0598bfca93e9
 2019-07-09 18:40:39 +05:30
qctecmdr
5361807541 Merge "Perf: Allow perf hal service to access appdomain files" 2019-07-09 01:10:07 -07:00
Ravi Kumar Siddojigari
40c4aa3116 sepolicy : optimization [3/3] in file_contexts 
Cleanup of file_contexts which are no longer needed or optimize
the regexp which can help in betterment in bootup time.

Change-Id: I9b59f7c46290e14bb32d91219d5c2de408a240d9
 2019-07-08 22:41:32 -07:00
Ananth Raghavan Subramanian
3fd8770e09 sepolicy: Add rules for PASR-HAL 
Add contexts for memory offline nodes, and allow PASR-HAL to access
them.

Change-Id: I323f7a7369a3aea93f755bd7d2684374bf2f3b9e
 2019-07-08 11:40:48 -07:00
Libo Jin
6e5939a0b8 Perf: Allow perf hal service to access appdomain files 
Change-Id: Ibb772f43eb12d318c07875cb6930bc5e0c746988
CRs-Fixed:2478972
 2019-07-08 01:25:19 -07:00
Mohamed Moussa
da563d80ea qspmsvc: Add SE policy for qspmsvc 
Add SE policy for qspmsvc

Change-Id: I24d3ea90ac1c9d9ae485ca9cc5fd3fb65f537a4f
 2019-07-05 16:26:38 -07:00
Mohamed Moussa
462570fd1e qspmhal: Add SE policy for QSPM-hal 
Add SE policy for QSPM-hal.

Change-Id: Ic64d0045095a089b1f6a0586f4b9c4a19ef9732c
 2019-07-05 16:18:13 -07:00
qctecmdr
790484ce21 Merge "sepolicy: Add policy rules for untrusted_app27" 2019-07-05 01:52:26 -07:00
qctecmdr
5dc80bd4b4 Merge "sepolicy : optimization [2/3] in file_contexts" 2019-07-04 23:35:22 -07:00
qctecmdr
27f397e091 Merge "sepolicy: add sepolicy for new added prop" 2019-07-04 16:57:00 -07:00
qctecmdr
96338f46ca Merge "sepolicy: add rules for audio properties" 2019-07-04 14:50:01 -07:00
qctecmdr
59ddc6c41d Merge "sepolicy: add sensing_vendor_data_file for sensing output" 2019-07-04 12:51:11 -07:00
qctecmdr
ab80bbb26c Merge "sepolicy: Add secure_element sepolicy rules" 2019-07-04 10:35:09 -07:00
qctecmdr
08d963728f Merge "sepolicy: add sepolicy for vpsservice" 2019-07-04 03:58:12 -07:00
Ravi Kumar Siddojigari
25a1bf7120 sepolicy : fixed sensors_vendor_data_file type error 
As the defination in file.te is not matching with the
rule in sensors.te due to typo errro corrected the
name .

Change-Id: Ia5355c2d37bb4d65f8cebeec4e4a6d3996dcef65
 2019-07-04 12:09:40 +05:30
Ravi Kumar Siddojigari
fc252511cb sepolicy : optimization [2/3] in file_contexts 
Cleanup of file_contexts which are no longer needed or optimize
the regexp which can help in betterment in bootup time.

Change-Id: I3d95b2e9387dfc8fe4a50237c75d79d83c87fa99
 2019-07-03 23:30:31 -07:00
qctecmdr
eefd2e03be Merge "sepolicy: Allow all processes to access non-secure DSP device node" 2019-07-03 21:50:38 -07:00
qctecmdr
72b1329cdb Merge "Moving some Sepolicies for Boot time optimization" 2019-07-03 21:49:11 -07:00
qctecmdr
3d74cc9774 Merge "sepolicy: Allow USTA test app to access /data/sensors/scripts for legacy path." 2019-07-03 21:48:10 -07:00
qctecmdr
6aa30ba53c Merge "Fixing avc denial for vendor_mpctl_prop" 2019-07-03 21:46:38 -07:00
qctecmdr
2f8e6c76ac Merge "sepolicy: Update thermal-engine sepolicy rules for generic vendor file" 2019-07-03 21:45:04 -07:00
qctecmdr
04ad6d3f83 Merge "sepolicy: add permissions to qoslat device on kona" 2019-07-03 21:44:05 -07:00
shoudil
fe25195b29 sepolicy: add sepolicy for new added prop 
Add sepolicy for new property ro.vendor.qti.va_odm.support,
and allow the prop settable for vendor_init.

Change-Id: Ie8b5fa13630c3dc332473088676a59404765745e
CRs-Fixed: 2483344
 2019-07-03 17:28:37 +08:00
Tharun Kumar Merugu
818b8a81de sepolicy: Allow all processes to access non-secure DSP device node 
Allow all processes to offload to CDSP using the non-secure device
node.

Change-Id: I17036280ab5ee35e802f6a5c0e5f95933a427f8f
 2019-07-03 04:21:20 +05:30
Sandeep Neerudu
39b6ea1f19 sepolicy-sensors:allow access to vendor_data_file for On Device Logging 
Change-Id: I85a31c39c82df7a33e632267a90ebfc38982b5d4
 2019-07-02 02:43:20 -07:00
Manaf Meethalavalappu Pallikunhi
00a7aae2a8 sepolicy: Update thermal-engine sepolicy rules for generic vendor file 
Update generic thermal-engine sepolicy rule by adding access of
thermal socket, QMI socket, dsprpc access, uio access etc. and
cleanup unwanted sepolicy access.

Change-Id: I83ba6cbe291d594b8b2d8720046851b3fb550aac
 2019-07-02 14:41:58 +05:30