tequilaOS/platform_device_qcom_sepolicy
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3592 commits 1 branch 0 tags 4.5 MiB
Commit graph

3592 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sneh Bansal
ce9d217c3c Allow radio domain to interact with IAtFwd 
Allow radio domain to interact with IAtFwd interface.

Change-Id: I3d57ef7ba5007af81f71995aabf9c3cdfa978002
CRs-Fixed: 3375535
 2023-01-10 21:29:57 +05:30
Sneh Bansal
b210af5760 Define attributes for AtFwd HAL Stable AIDL 
Change-Id: I8ebbb0949dd91a03502970cc5783ef23e53276dd
CRs-Fixed: 3375535
 2023-01-09 12:09:42 +05:30
Jaihind Yadav
2941cdd7f5 removing vendor_hal_minkipc_service to resolve the build error while generating super image. 
Change-Id: I3cfc09f937195728c08222713beeae594da7356e
 2022-12-28 11:49:46 +05:30
qctecmdr
d941db11bd Merge "Sepolicy: add rules for qsguard" 2022-12-22 05:34:38 -08:00
Zhiqing Xiong
1381e3e9cf Sepolicy: add rules for qsguard 
Qsguard is a native daemon process to monitor screen freeze.
add rules here to allow qsguard working fine

Change-Id: Ibbbc9525ef081c877ac604299feba4a867a17c53
CRs-Fixed: 3365426
 2022-12-22 13:27:12 +08:00
PavanKumar S.R
43dd6269b5 Remove vendor_qesdk_service_new 
Change-Id: I704ca491d1f1e43d66e8971fc6205f08f0967299
 2022-11-13 22:26:20 -08:00
PavanKumar S.R
19aab3c302 vendor_service replaced with hal_service_type 
Change-Id: I0f3e052f4bf5fecf4a8d225b2edbd08463dd1d06
 2022-09-28 00:41:00 -07:00
Jaihind Yadav
802dc91c24 adding compat/33.0.cil file for system_ext and product. 
Change-Id: I5979017c48f27363bd1fdc178ead5bd290da7105
 2022-08-01 23:57:59 -07:00
Arun Kumar Neelakantam
6ec871b660 sepolicy: Add systemhelper_app binder calls 
Add systemhelper_app binder client/server calls to allow clients to get
required permissions with hal_client_domain().

Change-Id: I1e181f2f03c32e013143b61d9caac7e720b4bdca
 2022-06-15 05:47:53 -07:00
Jaihind Yadav
007fd2fbe2 fixing the build error while making super image. 
vendor_afp_prop was not correctly added in *cil file.

Change-Id: I0473c076451f26fcf349a6a88b3c474fac9d3961
 2022-06-14 10:40:38 +05:30
Jaihind Yadav
880c16c6bd sepolicy: adding neverallow for custom halserverdomain. 
any hal domain which is using this custom bypass macro
will get the neverallow error unless it is whitelisted.

Change-Id: I87ecce04033e8fe5d5d6c4114c6af1ed774df916
 2022-06-10 23:15:49 +05:30
qctecmdr
d506f156a0 Merge "MinkIPC over AIBinder SEPolicy" 2022-06-08 15:58:16 -07:00
Tsung Cheng Lin
57eba52929 MinkIPC over AIBinder SEPolicy 
- Add SEPolicy for new service

Change-Id: I4e494e2391ec892942756ca76068b89a4f381a79
 2022-06-07 09:14:35 -07:00
Rajat Asthana
003b40203c Add rule to not audit when WLC accesses incremental_prop and proc 
While full scan in WLC, if an app invokes incfs filesystem, it causes
an avc denial denial for accessing incremental_prop and proc
filesystem. Since, WLC does not directly access the incremental
property, and that doesn't affects the classification of the apk,
add a rule to not audit when wlc reads the incremental_prop
and proc_filesystems.

Change-Id: Ic89327a7c048b760c24a1fc272dd2ee848689699
 2022-06-06 08:02:11 -07:00
Sanghoon Shin
419ded622f sepolicy:qcc: add qcc path to dropbox 
allow both "qcc" and "qdma" in preparation to transition to "qcc"
to avoid use "qdma" word in implementation

Change-Id: I608f8ecc14e56f3b17823c759c7064f09601f594
 2022-05-31 14:43:47 -07:00
qctecmdr
20b0f2dece Merge "Sepolicy: allow vendor_perfetto_dump to read/write trace_data_file" 2022-05-31 08:54:27 -07:00
Zhiqing Xiong
e640ad7890 Sepolicy: allow vendor_perfetto_dump to read/write trace_data_file 
As perfetto_traces_data_file is going to be neverallow, change
to trace_data_file instead.
add allow rules vendor_perfetto_dump to read/write trace_data_file

Change-Id: Ic0569110c81c95cc6756ddc3e551733cd5411ae9
CRs-Fixed: 3194279
 2022-05-25 11:00:26 +08:00
Kripa Bhat
b4c37c6568 Add sepolicy for supporting gpu profiling 
Add missing vendor_hal_qspmhal policy

Change-Id: I9aae25a16a9ce3f32516ceecc758f54ec3d4e4f4
 2022-05-18 23:48:18 -07:00
Libo Jin
55d88c0c3e Perf:add property permission for AFP 
CRs-Fixed: 3155750
Change-Id: Ibb58a13cbcc4f148a55a9c3a5ada82fc031a0cac
 2022-05-16 00:01:07 -07:00
Gnaneshwar Gatla
984c09ecd9 update mutualex permissions to qms 
Change-Id: I8e8c261341349840e3b34888da10ed7c8d530663
 2022-05-10 12:05:45 -07:00
Gnaneshwar Gatla
9ccd77d71d define mutualex hal service and client 
Change-Id: Ifa80eab98a122840d33e9094f16a48c0dbe7edb9
 2022-05-02 12:59:12 -07:00
Rohit Soneta
561a6cb426 sepolicy: Update sepolicy rules for seccamservice 
Change-Id: I698bf9d57c861f38ab4b414deb692f21607bdbc6
 2022-04-29 03:14:38 -07:00
qctecmdr
34278db4dd Merge "Sepolicy: allow PowerSaveMode app in UI to access system property." 2022-04-28 05:29:43 -07:00
qctecmdr
251782a8b7 Merge "sepolicy: Update sepolicy rules for seccamservice" 2022-04-26 00:49:08 -07:00
zehugong
df7469d4e4 Sepolicy: allow PowerSaveMode app in UI to access system property. 
Change-Id: I06d7f7f57af6f26c7327f42845dc0711899ab5ec
 2022-04-25 15:03:56 +08:00
qctecmdr
be45f3492a Merge "Allow untrusted apps to be client of the DSP HAL server" 2022-04-19 21:00:27 -07:00
Vamsi Krishna Gattupalli
313e9194d9 Allow untrusted apps to be client of the DSP HAL server 
Allow untrusted APK to be a client of the DSP HAL server on user
builds.

Change-Id: I20b7ac551a66d6e02a09d0a283209ae14786066b
Signed-off-by: Vamsi Krishna Gattupalli <quic_vgattupa@quicinc.com>
 2022-04-19 12:51:52 +05:30
qctecmdr
063f99d96c Merge "sepolicy: QCC package rename to com.qti.qcc" 2022-04-18 23:35:25 -07:00
qctecmdr
702b1a4b62 Merge "sepolicy: Add sepolicy for AtCmdFwd app" 2022-04-18 13:28:20 -07:00
Rohit Soneta
9559e2f564 sepolicy: Update sepolicy rules for seccamservice 
Change-Id: Ib76f6d936da45208d0e46dc68b17ab08948e46f4
 2022-04-14 01:53:48 -07:00
P.Adarsh Reddy
da05f122b6 Sepolicy: Add sepolicies for Qvirtmgr properties. 
Change-Id: I9fba0474a73331bcdfc6a230b1cd955847c3c698
 2022-04-14 12:43:23 +05:30
Phani Deepak Parasuramuni
9c9783a79f sepolicy: QCC package rename to com.qti.qcc 
Change-Id: I50654d7786d1e086e52bf6dec33ef9c407799d8c
 2022-04-11 10:30:29 +05:30
Sridhar Kasukurthi
efad11956d sepolicy: Add sepolicy for AtCmdFwd app 
Change-Id: I5b3bf28701a785988dcaaaf207a98d0d1cb3f002
 2022-04-01 13:47:02 +05:30
Shivam Agrawal
49fc190404 sepolicy: Allow wfdservice to access debug properties 
Change-Id: I30159d970c5cdc31c2c7f828dc76f838e644ee69
 2022-03-23 15:45:44 +05:30
Phani Deepak Parasuramuni
743d06f18a Sepolicy: make qccsyshal service file path generic in file_contexts 
Change-Id: I01af575c04a4911a249652316258d99a4655a50b
 2022-03-08 02:53:12 -08:00
Rui Wang
f8244c160c sepolicy: remove the permission for app to access qconfig. 
Change-Id: I730b067330fa606a26e014e0ac5b3737d43c0717
 2022-02-16 17:32:48 +08:00
Jaihind Yadav
7c3d92dfce creating 32.0.cil files and 32.0 prebuilt sepolicies. 
Change-Id: Ib92095628d41d2409ba951e01f0abd201338b30d
 2022-01-28 20:46:40 +05:30
qctecmdr
1649e15f5b Merge "Remove conflicting service to avoid bootup failure" 2022-01-20 05:33:04 -08:00
Suresh Koleti
850899fd1c Remove IImsRadio and IQtiRadioStable definitions 
- Remove IImsRadio, IQtiRadioStable and IQcRilAudio
  definitions as these needs to be defined in vendor
  to support GSI images.

Change-Id: Icfef4c5895ccae51374d83069ae93260be0f376c
CRs-Fixed: 3078236
 2022-01-18 22:26:54 -08:00
Zube Molokwu
d3c5ecc91b Remove conflicting service to avoid bootup failure 
Moving IDisplayConfig AIDL service to sepolicy_vndr in order to satisfy
VTS compliance.Removing this service from private/service_contexts to
avoid bootup failure on non GSI builds.

Change-Id: I2077dcfec71fd2b5a3d8dc970b1e3658e325847a
 2022-01-18 16:39:51 -08:00
Devendar Gali
fd0b9d688d NFC: FR74324, Add the new STM NFC extensions 
As a part FR74324 requirement, added the new STM NFC extensions.

Change-Id: Idce9ba00b4075aa9b769850297b80df83f9ba9b1
 2021-12-29 12:48:27 +05:30
Jaihind Yadav
7fb3761a9e adding <system_ext/product> versioned cil files. 
Change-Id: I24cd7430d9eca69472f1594a8ed24ada3dba2647
 2021-12-13 16:14:42 +05:30
qctecmdr
0540f3364f Merge "se-policy: Added permission for a new property support for WLC." 2021-12-10 01:39:04 -08:00
Ashish Jain
1fa36f96c0 se-policy: Added permission for a new property support for WLC. 
Added permission for a new property support for WLC.
This property is updated in vendor side to signal perf hal is up.

Change-Id: I7bf2e08b1b73aaa3b800c9ee8c8a6e459fd4ca0b
 2021-12-02 00:38:11 +05:30
Manoj Basapathi
ff8bd3acf1 sepolicy: allow platform to vendor tcmd 
fixes denials of
W TcmReceiver: type=1400 audit(0.0:730): avc: denied { connectto }
for path="/dev/socket/tcmd" scontext=u:r: platform_app:s0:c512,c768
tcontext=u:r:vendor_tcmd:s0 tclass=unix_stream_socket permissive=0
app=com.qualcomm.qti.qccvendortest

Change-Id: Ic8ae27b555758f9694981de82716e67b5e4d6c8b
 2021-11-09 11:50:36 +05:30
ysr
e4523f42f6 sepolicy: Update 31.0 sepolicy 
Change-Id: I5276ae85f151caf186953fa79dce7b3b307b7b63
 2021-10-07 16:04:50 -07:00
Jaihind Yadav
1edbb7d331 creating plat_pub_versioned.cil and vendor_sepolicy.cil for 31.0 
Change-Id: Id80c4d02550407d9d2b513f50de99ff104c7d308
 2021-10-06 18:55:14 +05:30
Jaihind Yadav
85a1c173c7 creating 31.0 preuilt sepolicy from android-S sepolicy. 
Change-Id: I562cf94dfe4bc722c56c9f64db006e7635f67f1e
 2021-10-06 18:46:10 +05:30
qctecmdr
597f2ec7f0 Merge "Remove violator rule in qvirtmgr." 2021-09-08 10:42:20 -07:00
qctecmdr
b9ab250e8e Merge "Sepolicy for ro.vendor.bootreceiver.enable" 2021-09-08 04:52:21 -07:00