tequilaOS/platform_device_qcom_sepolicy-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3474 commits 1 branch 0 tags 4.7 MiB
Commit graph

310 commits

Author SHA1 Message Date
Eruvaram Kumar Raja Reddy
f575fdf52f sepolicy: msm8937: Add sysnode for imsdatadaemon 
Add a change to fix avc denial for the imsdatadaemon

Change-Id: I0f2eacf7ee08660b5dd8d39b0ed3a096a3813b38
 2021-04-30 08:20:43 -07:00
qctecmdr
98d6c29eae Merge "sepolicy: msm8937: Add label for wakeup sources" 2021-04-26 04:53:35 -07:00
Himanshu Agrawal
53203d8bfb sepolicy: Add sepolicy rules for vm_bms 
create vendor_vm_bms_debug_prop for debug properties.

Change-Id: I6ac3986af96bb50288e404c377613c6b0d4dc998
 2021-04-22 22:53:53 -07:00
Eruvaram Kumar Raja Reddy
892ac25bce sepolicy: msm8937: Add label for wakeup sources 
Add a change to fix the avc denials for the wakeup source
used for different nodes.

Change-Id: I3f51e966e33fdabdae8cb43bc425ee42d8b3356d
 2021-04-22 02:42:45 -07:00
qctecmdr
6ed2f466d1 Merge "sepolicy: Addressing multiple on-boot denials present" 2021-04-21 23:48:23 -07:00
Himanshu Agrawal
c5495488d8 sepolicy: Addressing multiple on-boot denials present 
Multiple on boot denials has been addressed for
improving device performance.

Change-Id: If0db0c0bd334da91c879d9170d03171c2bf4a91d
 2021-04-20 15:50:51 +05:30
Himanshu Agrawal
efc87f7815 sepolicy: sdm439: Add cpu-ddr-latfloor devfreq node for K4.19 
Add cpu-ddr-latfloor devfreq node for sdm439 target

Change-Id: Id0d84edc1d6474a09ef5c90f9ea5c4f59537728e
 2021-04-19 11:09:26 +05:30
Himanshu Agrawal
38419ce515 sepolicy: Add cpu-ddr-latfloor devfreq node for K4.19 
cpu-ddr-latfloor devfreq node for K4.19

Change-Id: I55e72f915d8de62d47adda386ffabe8421e5c502
 2021-04-14 17:27:31 +05:30
Prerna Kalla
debf881517 sepolicy: Add label for KM 4.1 service 
Add label for KM 4.1 service.

Change-Id: Iab41f356da6562c9c0b9ed942f20442cfc6ec8f2
 2021-04-02 03:55:53 -07:00
qctecmdr
bfca115857 Merge "sepolicy: cpu-ddr devfreq nodes for K4.19" 2021-04-01 03:51:10 -07:00
Karthik Gopalan
3bfa6d9474 sepolicy: cpu-ddr devfreq nodes for K4.19 
cpu-ddr devfreq nodes for K4.19

Change-Id: I2e270c2e89b19b6eda9a020ff6d35cd7f0d04d84
 2021-04-01 02:38:57 -07:00
qctecmdr
e8d0a199a9 Merge "sensros : changing property name" 2021-04-01 01:48:49 -07:00
Akhil Manikoth Kallankandy
7849fcf55f sensros : changing property name 
Change-Id: I17e71ca56e9fa050221972c846a9f99db8761283
 2021-03-31 14:24:32 +05:30
Himanshu Agrawal
bdbe69b3b8 sepolicy: msm8937: Add label for wakeup sources 
Add a change to fix the avc denials for the wakeup source
used for different nodes.

Change-Id: I9309363b04aac163364809083edf359dcab2ab0c
 2021-03-30 03:26:17 -07:00
Himanshu Agrawal
58dfef56b4 sepolicy: msm8937: Add selinux rules for update engine 
Change-Id: I8ba1ca16083613445b7642f83fdccc73a252f658
 2021-03-23 14:20:43 +05:30
Himanshu Agrawal
d7706eea69 sepolicy: Create subsys nodes for QM215GO on kernel 4.19 
Add subsystem handling mapping for mss and venus firmware
for QM215GO on kernel 4.19.

Change-Id: I26799baf24a58c6f80d60560e232f9e8709b1cc6
 2021-03-11 09:51:59 -08:00
Akhil Manikoth Kallankandy
025be09c29 sensor:adding label for new property 
adding label for property use to enable qrtr-ns service

Change-Id: I5634c0c85a0dae9d13151d99f984e22987705636
 2021-03-09 20:26:02 +05:30
Rajshekar Eashwarappa
39c3a61ec2 sepolicy: Adding vbmeta and dtbo dev/block path 
Change required for A/B, DAP build.

Change-Id: I43d91e029935f347ebd9cc00fd129dbc810c94a7
 2021-02-22 01:00:54 -08:00
Akhil Manikoth Kallankandy
86ab7112b8 sepolicy : add new qsta_app.te file for QSTA app 
Change-Id: I7c1086ef983a2a74415a5291b39dfc0305bcc601
 2021-02-11 10:40:40 +05:30
qctecmdr
34ef27f337 Merge "sepolicy: msm8998: Add sepolicy labels for charger/fg nodes" 2021-01-06 22:31:07 -08:00
Guixiong Wei
b69efc2215 sepolicy: Remove poweroffalarm system uid and redundant rules 
remove poweroffalarm system uid and redundant rules

Change-Id: If51e9ae948b68f1187c66d748935fd1014e72e11
 2020-12-15 18:39:22 -08:00
Gurram Pravalika
ffb6c9041c sepolicy: Add policies for for video in HAL1 
Change-Id: I954b96582719e3e7145fd0ab1afd0425494c3ba7
 2020-12-14 22:57:44 -08:00
qctecmdr
6cfdc77609 Merge "sepolicy : Upmerge changes." 2020-12-14 00:14:39 -08:00
Nitin Shivpure
d5327a1a9d sepolicy: allow bluetooth to make binder call to gpuservice 
allow bluetooth to make binder call to gpuservice.

CRs-fixed: 2748533
Change-Id: Idff3f3c0377fc5dae3e715417556c696f7e4620e
 2020-12-14 10:33:49 +05:30
Himanshu Agrawal
0240ff9832 sepolicy : Upmerge changes. 
Change-Id: I90fb0d6eb70bd5e0e790f8bae7b6cd0501442338
 2020-12-11 06:07:39 -08:00
Shayak Biswas
1442222426 Allow dumpstate for a binder call with power Hal 
This allows dumpstate to have a binder call with power
Hal, this is needed for a CTS testcase:
SELinuxHostTest#testNoBugreportDenials

Change-Id: I646fdce79776083df74df48134e85c65dbee69dc
 2020-12-11 09:56:09 +05:30
Himanshu Agrawal
7fdf0be393 sepolicy: msm8998: Add sepolicy labels for charger/fg nodes 
Add sepolicy labels for charger/fg nodes,
to allow access permissions to userspace.

Change-Id: I74a193a6dd3be6ecceb5939ca814661029d8105b
 2020-12-10 18:31:36 +05:30
Kripa Bhat
5d40fe89f3 Allow dumpstate to have a binder call with Lights Hal 
This allows dumpstate to have a binder call with Lights
Hal, this is needed for a CTS testcase:
SELinuxHostTest#testNoBugreportDenials

Change-Id: Iec081b1069b2569c68b72ff009f12018c946a0a8
 2020-12-08 22:51:16 -08:00
Manjunatha Ramachandra
06bbb12f3f sepolicy: updating label on read_ahead_kb nodes 
Removing read_ahead_kb nodes from sysfs_mmc_host
node. And adding sysfs_dm to perf hal and
init_shell files' allow list.
This change is being made inorder to address
the bugnizer 161927268 for legacy msm8937_32go platforms.

CRs-Fixed: 2826612
Change-Id: I190b9891eaf52fc4eb7d4fd73567572101ee288e
 2020-12-02 23:27:09 -08:00
Himanshu Agrawal
7cde36f779 Add sepolices to update engine domain. 
While applying OTA update package, update engine
    loops through partitions entries/mountpoints.
    Add few policies and supress the dac ones.

- Allow update_engine to access recovery partition for OTA
- Allow update engine to access to metadata_file.
    With virtual-ab feature, update engine needs access
    to metadata_file, allow the same.

Change-Id: I07636f79870594a07755c54e55b5b6846e53c2e9
 2020-12-01 06:08:31 -08:00
Eruvaram Kumar Raja Reddy
f997082943 sepolicy: adding vendor prefix to avoid naming colision 
Update legacy properties with vendor prefix to void VTS failure
due to API30 changes

CRs-Fixed: 2825382

Change-Id: I39a5de4ad6450d805bf74e88aabc38c8347d89a4
 2020-11-30 17:01:29 +05:30
Himanshu Agrawal
9871e2edb6 Allow vendor_init to set ubwc property 
vendor.video.disable.ubwc is added to /vendor/build.prop,
allowing vendor_init to set this property to ensure the
property can be read by mm-video and through getprop

Change-Id: I99f658ea60cb83d4ebea6709db27e93166ad0667
 2020-11-27 11:51:38 +05:30
Milap Gajjar
2ef09c6613 genfs_context: Enabling Vibrator for msm8998 
Sepolicy: Added Access permission for vibrator

Change-Id: I38017a3641c84aa570d53c1e339082bc781c5187
CRs-Fixed: 2810219
 2020-11-24 20:36:33 -08:00
qctecmdr
aa7d66b220 Merge "genfs_context: Enabling Vibrator for sdm660" 2020-11-24 03:02:24 -08:00
Jeya R
29b1061aaa sepolicy: Add permissions in init for vendor_adsprpc_prop 
Add permissions in init shell to modify vendor_adsprpc_prop.
Change-Id: I5a4dcbf54686c3add9fa0756aff7bb694d96adcb
Acked-by: Deepika Singh <dsi@qti.qualcomm.com>
 2020-11-18 15:22:36 +05:30
Mandeep Singh
3de9ff4499 genfs_context: Enabling Vibrator for sdm660 
Sepolicy: Added Access permission for vibrator

Change-Id: I7152a77d676c8b97bd5da1f5c86446f42ac65c97
CRs-Fixed: 2810635
 2020-11-03 09:37:37 +05:30
Shawn Shin
ce33f422e7 sepolicy:qcc add to legacy 
Change-Id: I7031cd4070c478f1fccfe8e0b1e7053d6c57c36e
 2020-10-30 16:10:52 -07:00
qctecmdr
758b6d2b99 Merge "sepolicy: align fst-manager and wigig legacy rules" 2020-10-29 23:51:22 -07:00
qctecmdr
887dc95b06 Merge "sepolicy: allow block_suspend deniel for lmkd" 2020-10-28 00:12:18 -07:00
Dedy Lansky
046ff067d0 sepolicy: align fst-manager and wigig legacy rules 
Add legacy rules for enabling fst-manager to act
as a HAL service, and allow fst-manager and wigig
framework to access the capability config store.
These rules were missing in the legacy folder and
copied from the qva rules since there are still
platforms that need them.

Change-Id: I7a08bec9f3f84599a6392e8a5bd22c26e28e00a3
 2020-10-27 22:53:42 -07:00
Himanshu Agrawal
21fbe23415 sepolicy: allow block_suspend deniel for lmkd 
Avoid below deniel for lmkd:
avc: denied{ block_suspend }for comm="lmkd" capability=36
scontext=u:r:lmkd:s0 tcontext=u:r:lmkd:s0 tclass=capability2
permissive=0.

Change-Id: I332281110d4fa1fa208349a302fdc33a3a40d8ef
 2020-10-27 22:31:24 -07:00
Arvind Kumar
7af4487b0c Add file context for Light AIDL HAL Service 
Change-Id: I1e5a79a5846910f90362d97899e5fc0d7dbfadbb
 2020-10-27 00:54:23 -07:00
Ankur Sharma
ae9d933056 Sepolicy denials xtra for legacy R targets 
- Fix sepolicy denial when xtra-daemon access the cacert
service.
- Allow location clientdomain to perform binder IPC to
qtidataservices_app serverdomain.

Change-Id: I0aae254fb4b4a67336d67f96856a2cf0d70954fc
CRs-Fixed: 2778560
 2020-10-21 07:34:12 -07:00
c_gopir
7dff049400 Sepolicy : Add power AIDL to context 
Add power HAL exec to file contexts

Change-Id: Ib97298e739f030454256c88f78e6862c2f4838bb
 2020-10-19 21:44:18 -07:00
qctecmdr
1e9503d754 Merge "sepolicy: Add video property to get permission" 2020-10-15 22:17:56 -07:00
Milap Gajjar
78877b8b75 msm8998 inital bringup with enforce mode 
Change-Id: If8164daa32ca0ba796a4bf78e9c450ce1669b509
 2020-10-15 01:56:39 -07:00
Paras Nagda
44e4db86e8 sepolicy: Add video property to get permission 
Allow Zygote to read video property

Change-Id: Iac936e84549cde02e2b87309f32cdbd2d8a0fe5f
 2020-10-14 06:30:06 -07:00
Milap Gajjar
ef77a8cdd5 sdm660: Initial bring up sepolicy changes 
Change-Id: Ifa42b7bebd66884698697fecc538f1ff6057519d
 2020-10-14 03:27:54 -07:00
Paras Nagda
5bc47cdaf0 sepolicy: Add video property get permission 
Allow mediaserver to read video sys property

Change-Id: Id09d5fbcbacbba3130ca9d7759ff67ade3a839b3
 2020-10-06 22:26:31 -07:00
qctecmdr
b22751353a Merge "sepolicy: add policies for DSP HAL manager" 2020-09-30 00:50:57 -07:00