tequilaOS/platform_device_qcom_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3663 commits 1 branch 0 tags 4.5 MiB
Commit graph

760 commits

Author SHA1 Message Date
Arian
709e83a4ed
generic: Don't dontaudit vendor_persist_camera_prop read denials 
This needs to be allowed in order for
I15910154c6df205e6d4e00bfad30a00c9e3d5bee to work. This will be
allowed in device/lineage/sepolicy.

Change-Id: Ie22121ee75e048bfa002d8980e15aeab1376f6b4
 2023-10-20 01:19:53 +03:00
dianlujitao
0a58051f8f
sepolicy: Unlabel aux camera whitelist prop 
* This will be properly labeled in device/lineage/sepolicy
   to make it readable to everything on every device

Change-Id: Idec6cad06c51ba73519f61e95c74e1c8915d301b
 2023-10-20 01:19:53 +03:00
Roopesh Nataraja
4698670d6d sepolicy: Add rule to allow untrusted app to find qspm hal 
Add rule to allow unstrusted app to find qspm hal and be its client.

Change-Id: I53ba1309284dc130d673d1f2fb8f63db39927d5c
 2023-08-11 19:17:32 -07:00
qctecmdr
6652255a6c Merge "rkapdapp: sepolicy to write tcmd socket." 2023-07-21 11:13:15 -07:00
Manoj Basapathi
6c28b8d4e9 rkapdapp: sepolicy to write tcmd socket. 
- any app using OkHttp stack needs tcmd socket access privilege.

- rkpdapp uses OkHttp stack, so it needs tcmd socket
 access privilege.

Change-Id: I0260936964caa8274490af69514b2cac9ac491fd
 2023-07-21 11:29:14 +05:30
Divyanand Rangu
00e3ac2928 sepolicy: allow lmkd to access lru_gen node 
Allow lmkd to read lru_gen node for making decisions
based on MGLRU enablememnt.

Change-Id: I0fe819baa166f793f52a8fc45529daad9d22770c
 2023-07-17 03:32:48 -07:00
Karra Harshitha
62a97e1b82 Adding sepolicy changes in attributes for qspa aidl 
Change-Id: I922ad9a30ad188a07a438c4b1698ff812ceedb8a
 2023-07-07 00:21:58 -07:00
Sandeep Gangadharaiah
0b9d71adfc sepolicy: Add perf_hal policy for mediaserver 
mediaserver service needs to access perf HAL APIs for boosting
performance during HEIF/thumbnails decoding. This change adds the
sepolicy to give permission access.

CRs-Fixed: 3499137

Change-Id: I8859de3af09b1ae592f543ce5531020bd20ec0e4
 2023-06-12 09:50:08 -07:00
qctecmdr
74e4e37701 Merge "sepolicy: allow binder transactions from lmkd" 2023-06-02 14:01:41 -07:00
Divyanand Rangu
69bfdb8587 sepolicy: allow binder transactions from lmkd 
Change-Id: I1eb5b951600744c9af4b76ef59d462c44af867f0
 2023-06-01 12:34:38 +05:30
Samyak Jain
ae681add1c Add rules to allow to set property 
Change-Id: I56fac5f23a27a3a71ef700569cd9c9429785ff15
 2023-05-31 05:48:10 -07:00
qctecmdr
d70fdccf9a Merge "hwbinder permission for qti testscript for diag binary" 2023-05-25 06:06:21 -07:00
qctecmdr
3f9d81b184 Merge "Integrate PhoneLink 14-3 sepolicy change" 2023-05-19 10:19:52 -07:00
qctecmdr
2ac92009f1 Merge "Allow dumpstate to getattr on vendor_vm_qti_system_file" 2023-05-19 03:49:43 -07:00
qctecmdr
a6e4a4fc6f Merge "DpmService system sepolicy rules for tcm" 2023-05-18 05:26:45 -07:00
Karra Harshitha
1af866422d Allow dumpstate to getattr on vendor_vm_qti_system_file 
Change-Id: Ic34993db1e8886b9869d375a34dd7afe1788cd6d
 2023-05-18 00:46:10 -07:00
Manoj Basapathi
116ad64c2b DpmService system sepolicy rules for tcm 
Change-Id: I537849a84a991f4f9d322234b89d3b7485311a5b
 2023-05-17 17:12:09 +05:30
PavanKumar S.R
5a34d01bab hwbinder permission for qti testscript for diag binary 
Change-Id: Idf1740fdb57fc2e6d723d7780a3ade9d801de949
 2023-05-17 16:32:07 +05:30
chawan
0acbdcc988 Integrate PhoneLink 14-3 sepolicy change 
Change-Id: I3682d3f79110baa61e9de7e39049313174c4b5df
 2023-05-15 10:49:48 +08:00
Anubhav
b4ce30e12d Sepolicy: To access QESDK's own data file 
Change-Id: I1ab1e5cd70383539fcfd98ca70b4d4b31607ec24
 2023-05-07 23:32:22 -07:00
Aleti Nageshwar Reddy
616756ac55 Add permission for system apps to access wifimyftm service 
Add sepolicy rule to allow system apps to access wifimyftm aidl
service.

Change-Id: I649f91fa146f6204961ac4e775ec2650cdf462fe
CRs-Fixed: 3472027
 2023-05-05 12:15:34 +05:30
Jason Wojcik
9cdd74001f Virtualization Service: Rust Implementation 
Change-Id: Ief96bf7dcf76bcf28cc60c34bbeb0db628018ae9
 2023-04-28 10:08:18 -07:00
Libo Jin
7d87edc645 Perf: dontaudit domain while reading vendor.perf.framepacing. 
CRs-Fixed: 3253303
Change-Id: I7d7865103f9b8e2f6ee9572a451f565c03a30d28
 2023-04-25 17:09:22 -07:00
Karra Harshitha
b98853022e Add sepolicy rule for init domain 
Add rule to allow read for vendor_vm_qti_system_file.

Change-Id: Ib0d035d8e11bcbcd654aa05a3d8c76460deb068f
 2023-04-21 04:42:47 -07:00
Kartik Mathur
c9e0d46cc2 SEPOLICY:Disable remote_prov_app for UP1A.230406.001 
Commenting remote_prov_app definition from remote_prov_app.te
for platform LKG UP1A.230406.001

Change-Id: I5086015fdf05b4956a3bfc543852aa1f50b93a8c
 2023-04-19 22:57:35 -07:00
Vamsi Krishna Gattupalli
cf14fad52b Added permission for untrusted app to dsp hal 
Added rule to give unstrusted app permission to
access DSP HAL.

Change-Id: I7a33e402de27d48a5856fd6c7c4c908e6f6a4a25
 2023-04-12 14:28:22 +05:30
Karra Harshitha
aab52cb7a8 Add sepolices to update engine domain. 
While applying OTA update package, update engine
loops through partitions entries/mountpoints.
Add rule to supress search for vendor_vm_qti_system_file.

Change-Id: I23622b14c0329ee24bf98fce81351119e46e1dea
 2023-04-10 22:32:16 -07:00
Anirudh Radhakrishnan
afb8ba7dca Added permission for untrusted app to dsp hal 
Added rule to give unstrusted app permission to
access dsp hal

Change-Id: I8655ebedec1a4065e17b3972c02f44d45f312890
 2023-03-30 22:37:04 -07:00
Swarn Singh
0cbe74eadd Add sepolicy for qtiwifiservice to interact with IWifi hidl 
This commit defines required sepolicy rules for qtiwifiservice apk to
interact with IWifi HAL.

Change-Id: Icabbee484129fc3e686d6c3076ccc87612ecc0fc
CRs-Fixed: 3282372
 2023-03-29 09:54:19 -07:00
qctecmdr
2f85120b27 Merge "sepolicy: Remove deprecated xtra_t_app" 2023-03-26 03:47:23 -07:00
qctecmdr
c158fedaef Merge "The sepolicy update for phone link" 2023-03-23 07:01:00 -07:00
qctecmdr
dd468af44b Merge "sepolicy: add qesdk access for untrusted_app_32" 2023-03-20 04:26:27 -07:00
yingjiew
8730afa596 sepolicy: Remove deprecated xtra_t_app 
Change-Id: I85db17f09dbbef61d2b8cccba5cc1ea80f6d4db0
CRs-Fixed: 3438481
 2023-03-17 14:02:47 +08:00
Garrett Slone
5f86d57a42 sepolicy: add qesdk access for untrusted_app_32 
Change-Id: I32709aeb825e2dbbc5ad8049361c569bcd708aa7
 2023-03-07 12:12:54 -08:00
Arthur Shuai
b18d572169 The sepolicy update for phone link 
Change-Id: I8248f7caff7ec0826f7e9285850392ce376e3250
 2023-03-01 09:10:12 -08:00
qctecmdr
e97785ff47 Merge "sepolicy: Add new Sepolicy context for WFD R2 Enablement Property" 2023-02-22 07:35:21 -08:00
Amit Agrawal
77acdc98f1 sepolicy: Add new Sepolicy context for WFD R2 Enablement Property 
Add new SEPolicy Context for WFD R2 Enablement property and allow
system_server and wfdservice to have read permission for the same.

Change-Id: Ie800787d132db204dcdedf5520ef4a07c47b4762
 2023-02-16 13:33:54 +05:30
Prakash Pabba
a4be1b097c remote_prov_app: sepolicy to write tcmd socket. 
- any app using OkHttp stack needs tcmd socket access privilege.

- remote_priv_app uses OkHttp stack, so it needs tcmd socket
 access privilege.

Change-Id: Idcd5e28ebe8af466779ad1112e4da09c3385f27b
 2023-02-15 21:55:42 -08:00
Ayishwarya Narasimhan
4cba34c409 IMS: sepolicy for dcservice 
desc: Add sepolicy for dcservice in dataappservice

Change-Id: Idf332e1df33c06b783b17b82ddfa4791dbdc68d9
 2023-02-03 11:40:07 -08:00
Vaishali Rai
e7e6fdb57b sepolicy: define vendor_hal_imsrtphal attribute 
* define vendor_hal_imsrtphal attribute
* for ImsRtpService AIDL migration

Change-Id: I4fb9c2e4c874c6f991bab06977d775d4c3815771
 2023-02-01 14:45:33 +05:30
Sanghoon Shin
3cdf8e631e sepolicy:qcc: switch to platform app 
qcc app domain switch to platform app from  system

Change-Id: I661fef3af7d0a9518f67e14f2787999f268485e0
 2023-01-31 14:47:44 -08:00
qctecmdr
e08714600b Merge "Qvirtservice hal selinux changes" 2023-01-27 03:19:41 -08:00
qctecmdr
3cb12da175 Merge "Allow qtelephony domain to interact with IAtFwd" 2023-01-27 01:59:35 -08:00
Karra Harshitha
10fd7ed18c Qvirtservice hal selinux changes 
Change-Id: I58d2580c50f4000c47ba0320f7ccf306f91218ef
 2023-01-25 05:31:26 -08:00
Sneh Bansal
d2eb39bf7a Allow qtelephony domain to interact with IAtFwd 
Allow qtelephony domain to interact with IAtFwd interface.

Change-Id: Ibb0f8bed86a8a1bdd084a559b31bf76302a4eef1
CRs-Fixed: 3375535
 2023-01-25 13:02:26 +05:30
P.Adarsh Reddy
2f0bc4276d Adding sepolicies to support vm-system mountpoint on /product. 
Change-Id: Ia28484bbe96057ecf1079e65aa28ca9bc0d83380
 2023-01-16 01:25:11 -08:00
Sneh Bansal
ce9d217c3c Allow radio domain to interact with IAtFwd 
Allow radio domain to interact with IAtFwd interface.

Change-Id: I3d57ef7ba5007af81f71995aabf9c3cdfa978002
CRs-Fixed: 3375535
 2023-01-10 21:29:57 +05:30
Sneh Bansal
b210af5760 Define attributes for AtFwd HAL Stable AIDL 
Change-Id: I8ebbb0949dd91a03502970cc5783ef23e53276dd
CRs-Fixed: 3375535
 2023-01-09 12:09:42 +05:30
Jaihind Yadav
2941cdd7f5 removing vendor_hal_minkipc_service to resolve the build error while generating super image. 
Change-Id: I3cfc09f937195728c08222713beeae594da7356e
 2022-12-28 11:49:46 +05:30
qctecmdr
d941db11bd Merge "Sepolicy: add rules for qsguard" 2022-12-22 05:34:38 -08:00