tequilaOS/platform_device_qcom_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3187 commits 1 branch 0 tags 4.5 MiB
Commit graph

441 commits

Author SHA1 Message Date
Smita Ghosh
07d473667a sepolicy: Add read dir permission to hal_bootctl.te 
hal_bootctl needs read permission to sysfs_dt_firmware_android

Change-Id: I6e89b2db756d7070bc4b815cf15a6a4f241d137b
 2020-03-05 17:06:08 -08:00
qctecmdr
2030effbfe Merge "Revert "sepolicy: Define key for TimeService apk"" 2020-02-27 03:04:34 -08:00
vijay rayabarapu
7a059d4202 Revert "sepolicy: update SELinux rules for ims application" 
This reverts commit a9e385381b.

Change-Id: I9006b1af2506bf0b8f0efe62e7aafd16e15ccbb1
 2020-02-26 16:40:05 +05:30
qctecmdr
65ddd18b92 Merge "sepolicy: add audio daemon" 2020-02-23 03:51:27 -08:00
qctecmdr
192c565c82 Merge "sepolicy: update SELinux rules for ims application" 2020-02-20 12:36:54 -08:00
Amritendu Biswas
bcecad1de5 sepolicy for embms hal service 
Allow embmssl hal to access unix_stream_socket,
Allow embmssl hal to access qipcrtr_socket

Change-Id: I84024db652dc839c9f07e46a620e7b9659da7297
 2020-02-19 17:59:07 -08:00
Aalique Grahame
07fe88eee7 sepolicy: add audio daemon 
Add policy for audio adsprpc daemon

Change-Id: Ib05cf29a3e06571e5a718bde9032b19625b5a300
 2020-02-19 16:35:40 -08:00
Wileen Chiu
a9e385381b sepolicy: update SELinux rules for ims application 
Change-Id: I82638566030d660140430176cee0fe4ca605b1ed
CRs-Fixed: 2616500
 2020-02-19 15:10:16 -08:00
qctecmdr
2753577d08 Merge "Add Device Info hal vendor.qti.hardware.radio.internal.deviceinfo@1.0" 2020-02-19 06:56:04 -08:00
Linux Build Service Account
f0545d99ef Merge "sepolicy: categorising product partition sepolicy b/w generic and qva." into sepolicy.lnx.6.0 2020-02-18 19:18:47 -08:00
Avinash Nalluri
17c98d98c5 Add Device Info hal vendor.qti.hardware.radio.internal.deviceinfo@1.0 
- Add new HAL to the config files
- vendor.qti.hardware.radio.internal.deviceinfo@1.0

Change-Id: Ia32ee8d8742850bc95fe5ac8876aca8843d73f3e
CRs-Fixed: 2605646
 2020-02-18 09:55:57 -08:00
qctecmdr
d4ca30ba03 Merge "sepolicy: Add selinux policy for kernel debug script" 2020-02-18 08:57:34 -08:00
qctecmdr
d4cb924ee2 Merge "sepolicy: Add vm block devices labeling" 2020-02-18 05:46:28 -08:00
qctecmdr
a7c80aa192 Merge "lito: Assign subsys nodes file contexts in a dynamic way." 2020-02-18 02:56:24 -08:00
qctecmdr
50f7bc43d5 Merge "Sepolicy changes for new mutualex daemon" 2020-02-18 00:19:38 -08:00
Mohit Aggarwal
6987530a28 Revert "sepolicy: Define key for TimeService apk" 
This reverts commit 6886e3677e.

Change-Id: I9b4414691680c399717370b118e01dbc0d4aac09
 2020-02-18 11:48:29 +05:30
qctecmdr
6cacff8bb7 Merge "sepolicy: add property to generic for loading shsusrd via netmgr" 2020-02-17 21:20:54 -08:00
Jaihind Yadav
9a10acbf78 sepolicy: categorising product partition sepolicy b/w generic and qva. 
Change-Id: I10cb485e1b461e30f5c0e12d277a9b6fda8decee
 2020-02-17 03:34:29 -08:00
P.Adarsh Reddy
f072a4ac23 lito: Assign subsys nodes file contexts in a dynamic way. 
The subsystem name to subsys number mapping is not constant
and can change based on the order of probing OR incase a new
subsystem gets added.
To handle such cases, this change assigns the contexts in a
more dynamic way using regex within file-contexts file.

Change-Id: Ibc688f334381dffec2bf5419305fabcf2ecd72e6
 2020-02-17 14:09:12 +05:30
Ayishwarya Narasimhan
1da1d96826 Sepolicy changes for new mutualex daemon 
Change-Id: Ie3cd5f9c1ced4f40fba5144cc079344c0ab4e2d9
 2020-02-14 10:31:57 -08:00
Subash Abhinov Kasiviswanathan
fb0b4167cb sepolicy: add property to generic for loading shsusrd via netmgr 
Add property to generic sepolicy for loading shsusrd from netmgr.
Fixes the following-

[   66.051992] type=1107 audit(1549.328:591): uid=0 auid=4294967295
ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for
property=persist.vendor.data.shsusr_load pid=921 uid=1001 gid=1001
scontext=u:r:vendor_netmgrd:s0 tcontext=u:object_r:vendor_default_prop:s0
tclass=property_service permissive=0'

CRs-Fixed: 2575687
Change-Id: I32fb31a7f5e64c2095aee081fd855900be0d0701
 2020-02-13 18:09:30 -07:00
David Ng
ba68c652cf sepolicy: Add vm block devices labeling 
Add VM (virtual machine) partition block devices and associated
firmware file labeling and handling policies.

Centralize update_engine_common.te under generic/vendor/common
as the content are all common at this time.

Change-Id: Iba8bf4150db861f97bc9b78b70683f73b6fa7607
 2020-02-13 15:10:53 -08:00
Subbaraman Narayanamurthy
8b21758fcb sepolicy: add genfs_contexts for Lahaina 
Add genfs_contexts for Lahaina with adding rules for power supply
class and LED devices.

Change-Id: Id9e2dbb52a944d59e5e95550de062ed81a3c94fe
 2020-02-13 12:38:44 -08:00
qctecmdr
dc207e5ce7 Merge "Update context of qtidataservices from radio to app" 2020-02-12 13:36:31 -08:00
qctecmdr
7d21b2bf0c Merge "sepolicy: Add sepolicy rules to the kernel-scripts" 2020-02-12 05:43:04 -08:00
Mao Jinlong
467908b46b sepolicy: Add selinux policy for kernel debug script 
Add selinux policy for kernel debug script. This script is
run in boot up phase by vendor init.
·
Change-Id: I8e3fade00c85a48fe2899de8f87b7322bdebf147
 2020-02-12 02:42:03 -08:00
qctecmdr
4265545064 Merge "diag: Fix diag-router selinux denials" 2020-02-11 15:06:36 -08:00
qctecmdr
8c6c92a997 Merge "Add sepolicy for diag-router app" 2020-02-11 11:09:48 -08:00
qctecmdr
47224bd2a5 Merge "sepolicy: Add policies for mapper 4" 2020-02-11 06:13:57 -08:00
qctecmdr
e616895b0d Merge "genfs_contexts: Add label to qdss sysfs nodes for lahaina" 2020-02-10 21:36:38 -08:00
Sreelakshmi Gownipalli
19e2586c95 diag: Fix diag-router selinux denials 
Fix diag-router  selinux denials

Change-Id: Ib50b147ad74b5bd7f8ae744d3b50a13d76c99c8e
 2020-02-06 11:40:17 -08:00
Rama Aparna Mallavarapu
8cdff3101e sepolicy: Add sepolicy rules to the kernel-scripts 
Add file permissions to the kernel scripts.

Change-Id: Ibe2310126ba561be6b842ae93e31695bc45d6c06
 2020-02-05 11:57:26 -08:00
Pavan Kumar M
ae09195021 Update context of qtidataservices from radio to app 
Change-Id: I0d8a6bada4f7e4b73a8bb1bcbb7118fdd28f49f5
 2020-02-05 01:17:44 -08:00
Sreelakshmi Gownipalli
0ac2ef91f5 Add sepolicy for diag-router app 
Add sepolicy to start diag-router app
as daemon.

Change-Id: Ide457c27a393eab878e8f12a2e5d24df93b8dedf
 2020-02-04 23:04:57 -08:00
Tharaga Balachandran
d5c3eb7cba sepolicy: Add policies for mapper 4 
CRs-Fixed: 2612324
Change-Id: I780984a35d22571e8e1cd5de5655f2bb6d563a96
 2020-02-04 11:56:52 -05:00
Jaihind Yadav
3e0f3c1cdc sepolicy : adding misc changes. 
1- adding vendor_ for product partition.
2- adding some of missing change.
3- adding back IAnt hwservice.

Change-Id: I180dced0680f38c7a1817a70b8e0dc24bfb726bf
 2020-02-02 22:29:35 -08:00
Roopesh Nataraja
c98b903f68 sepolicy: Add macro for libsoc helper module 
Adds permissions needed for vendor modules to
get soc info at run time. All native clients
using the libsoc helper module must use
the macro for their domain.

The existing permission needs are empty
(already part of domain) but added placeholder
to allow any underlying mechanism changes that
may require new permissions.

Change-Id: Iaeb93c5473f03c7b3b7956e8bbb5ec6ed733ae4f
 2020-01-29 17:15:50 -08:00
Mao Jinlong
c8a6e9329f genfs_contexts: Add label to qdss sysfs nodes for lahaina 
Add label to qdss sysfs nodes to avoid the denial when qcomsysd accesses
qdss sysfs.

Change-Id: Ifdc5e9c30fed0f2affe7c4601791809b3d1e9ff8
 2020-01-27 12:14:27 -08:00
P.Adarsh Reddy
eca8ae265e Allow update engine to access to metadata_file. 
With virtual-ab feature, update engine needs access
to metadata_file, allow the same.

Change-Id: Ia366da18517db28f4404f2605987e1b36906a83a
 2020-01-23 19:56:47 +05:30
Roopesh Nataraja
b773abb1d9 sepolicy: Add sepolicies to define and use vendor_soc_prop 
Change-Id: I4a144280ae808344bdad6aa6ab67f9aed3354c88
 2020-01-22 15:37:21 -08:00
Indranil
feb73ab88c sepolicy: Add rules for feature_enabler_client for DRM playback 
Change-Id: I580ba99411430d06c664f01b2599a5b49b83b593
 2020-01-22 02:14:18 -08:00
Likai Ding
25515d4cd1 sepolicy: categorize vendor properties 
CRs-Fixed: 2595377
Change-Id: I6d7045e4a235b49c0a312c253c4e236a635a84ad
 2020-01-20 03:16:42 -08:00
Jaihind Yadav
c03022a303 sepolicy: adding vendor_ prefix changes for pub/priv dirs. 
to avoid naming colision with system types we are adding vendor_ prefix for all vendor defined types.

Change-Id: I1396f2c6d9576af3c3755096bb1e69d254b6db4e
 2020-01-14 07:14:38 -08:00
Jaihind Yadav
9d9631c596 sepolicy: adding vendor prefix to avoid naming colision 
Change-Id: Ib403824c380696e1fca97ef744863a6e15000395
 2020-01-14 20:31:42 +05:30
Mahesh Sharma
a418dabea1 sepolicy: Add rules for ANT HAL 
Change-Id: I1eb832cc45b50965611e848b78e64ae6fac73977
 2020-01-08 18:03:51 -08:00
qctecmdr
924c188375 Merge "sepolicy: use protected_hwservice" 2020-01-03 01:05:52 -08:00
Likai Ding
4ac1f7d737 sepolicy: use protected_hwservice 
CRs-Fixed: 2595378
Change-Id: I9e2d0cd52162ef5be50e8955c507f49321352ce0
 2020-01-02 15:12:45 +08:00
padarshr
c2ac5d1a41 Add QSPM related dontaudit and thermal sepolicy rules. 
Change-Id: Ie54119ada98cb8692912ca04661e577b4d337a23
 2020-01-01 22:03:26 -08:00
padarshr
3f883456e5 Add file contexts for few new partitions. 
This adds file contexts to few new partitions so
that the ota update engine is allowed to do OTA
over them.

Change-Id: I0290b50a92a7a051a4b285a01b3b70d204be6b82
 2019-12-31 16:58:54 +05:30
qctecmdr
bcd5ee2774 Merge "Add support for lahaina file_contexts" 2019-12-15 23:24:23 -08:00