tequilaOS/platform_device_qcom_sepolicy

Author	SHA1	Message	Date
Roopesh Nataraja	d28a917a4a	sepolicy: Allow libsoc_helper vendor clients to read soc_id Change-Id: I530fa6d368471158ffc04c75d1f3bdb71f6cc0d3	2020-03-27 17:26:28 -07:00
qctecmdr	a88906f9e2	Merge "sepolicy: vendor modprobe changes"	2020-03-26 19:41:05 -07:00
Sayali Lokhande	4d86cb2738	sepolicy : Allow kernel to search debugfs_mmc dir Debugfs is failed to be initialized because of the denial below. Add selinux policy to fix it. avc: denied { search } for comm="kworker/0:1" name="mmc0" dev="debugfs" ino=6562 scontext=u:r:kernel:s0 tcontext=u:object_r:debugfs_mmc:s0 tclass=dir permissive=0 CRs-Fixed: 2636489 Change-Id: I831a363d448b3efe11960c3937b04dbca80d37f3	2020-03-25 23:02:57 -07:00
qctecmdr	f2ce4398c2	Merge "Update telephony SELinux policies to avoid name collision."	2020-03-25 13:55:36 -07:00
Garik Badalyan	bb15e90b05	Update telephony SELinux policies to avoid name collision. -Update telephony SELinux policies to avoid name collision in future. -Remove old unused telephony SELinux labels. Change-Id: I60224d6a34d95c853b7ad32a17ecbce4b7b9b204 CRs-Fixed: 2644933	2020-03-23 13:27:33 -07:00
Sreelakshmi Gownipalli	51359b97ab	diag: Add support for connecting to diag via unix sockets Add support to connect to diag unix socket from diag vendor clients. Change-Id: I65f8738e0473fe1bdbbf369a8f60e86e6c2f8284	2020-03-23 07:40:45 -07:00
Linux Build Service Account	4118b742f5	Merge "sepolicy: Define new policy rule to read gpu model" into sepolicy.lnx.6.0	2020-03-23 06:13:12 -07:00
Linux Build Service Account	5d80ff03be	Merge "Update device sepolicy rules for NN HAL 1.3" into sepolicy.lnx.6.0	2020-03-20 03:06:08 -07:00
kranthi	dbe56c1472	sepolicy: Define new policy rule to read gpu model Add a new file context label for gpu_model sysfs entry. allowed read access to that entry. Addressing the following denials : type=1400 audit(0.0:62): avc: denied { read } for name="gpu_model" dev="sysfs" ino=78734 scontext=u:r:mediaserver:s0 tcontext=u:object_r:vendor_sysfs_kgsl:s0 tclass=file permissive=0 type=1400 audit(0.0:88): avc: denied { read } for name="gpu_model" dev="sysfs" ino=78734 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:vendor_sysfs_kgsl:s0 tclass=file permissive=0 app=com.android.systemui type=1400 audit(0.0:100): avc: denied { read } for name="gpu_model" dev="sysfs" ino=78734 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:vendor_sysfs_kgsl:s0 tclass=file permissive=0 app=com.android.launcher3 Change-Id: I9e1b9ffbb88ea62b4cc530564d811d7cfc640bbc	2020-03-19 14:16:40 +05:30
qctecmdr	c2740d3582	Merge "sepolicy for imscmservice hal"	2020-03-18 22:44:28 -07:00
Alex Kuoch	1e2814c890	Update device sepolicy rules for NN HAL 1.3 Change-Id: Iaa6c1251cd3156887b58cf73ce565fb8a749af41	2020-03-18 14:42:41 -04:00
Shawn Shin	6c80bcc5f2	sepolicy: qcc: move QCC to system-ext partition qdmastatsd renamed to qcc_trd and qdma renamed to qcc vendor_ prefixed CRs-fixed: 2605804 Change-Id: I55b699228bcf46de57c2dc019fac80bcc55424a1	2020-03-18 09:20:50 -07:00
Ayishwarya Narasimhan	0a530f0119	sepolicy for imscmservice hal Change-Id: I673c43e91da3b66d685a994fe0718dbb1948bc35	2020-03-17 09:49:16 -07:00
qctecmdr	7f04ba192b	Merge "sepolicy: Allow audio hal to access bluetooth property"	2020-03-17 03:38:00 -07:00
qctecmdr	047f367ee8	Merge "sepolicy: Add read dir permission to hal_bootctl.te"	2020-03-17 03:38:00 -07:00
Naval Saini	8778599f9d	sepolicy: Allow audio hal to access bluetooth property Allow audio hal to access(read) bluetooth persist property CRs-Fixed: 2620572 Change-Id: I6663a262bfd41ca1de8af8f743e319133045fe17	2020-03-15 23:12:18 -07:00
qctecmdr	db681779a2	Merge "sepolicy: Allow RPMB service and recovery access bsg device driver nodes"	2020-03-13 05:21:51 -07:00
himta ram	320c36231c	sepolicy: move the FM sepolicy rules to product Created the new domain for FM. Moved the FM sepolicy rules to product. CRs-Fixed: 2641193 Change-Id: I3cfe84dbe93c108124475a3e3825f7f80b5f6e57	2020-03-13 05:03:36 -07:00
Linux Build Service Account	406b8c8f27	Merge "ims : add tipc socket permission rule" into sepolicy.lnx.6.0	2020-03-12 21:59:52 -07:00
Linux Build Service Account	eefb643ced	Merge "sepolicy: adding protected_hwservice attr to hwservice." into sepolicy.lnx.6.0	2020-03-12 21:58:52 -07:00
Linux Build Service Account	42a45deb47	Merge "sepolicy: add permissions for devfreq nodes on lahaina" into sepolicy.lnx.6.0	2020-03-12 21:58:51 -07:00
Linux Build Service Account	d7beb87069	Merge "Adding Kill capability to perf hal service." into sepolicy.lnx.6.0	2020-03-11 19:00:38 -07:00
Amir Vajid	f5411bea95	sepolicy: add permissions for devfreq nodes on lahaina Add permissions to access devfreq dcvs nodes on lahaina. Change-Id: Idc5a192699a697cc8c2e7a2ae1119215a93b407f	2020-03-11 17:52:09 -07:00
Jaihind Yadav	6d99179f63	sepolicy: adding protected_hwservice attr to hwservice. Change-Id: Ic929f39a894cc86572fb55c53bd4d1e1e82306d7	2020-03-11 05:43:21 -07:00
qctecmdr	3e01e5c665	Merge "sepolicy: add sepolicy label for charge_pump"	2020-03-10 20:35:04 -07:00
Linux Build Service Account	e5489dfaa0	Merge "sepolicy: give se policy permission to npu dcvs nodes" into sepolicy.lnx.6.0	2020-03-10 19:59:05 -07:00
Manoj Basapathi	bfa6c2ffe5	ims : add tipc socket permission rule Change-Id: I688c50047a559d00386ec54093d665fffab853b3	2020-03-10 16:22:44 -07:00
Can Guo	6126a64578	sepolicy: Allow RPMB service and recovery access bsg device driver nodes This change is to allow RPMB service and Android recovery access storage bsg char device driver nodes. Change-Id: I2441f2de6273c2d44a24d4be5cf8c8d58ec6fcf6	2020-03-09 23:19:47 -07:00
Smita Ghosh	07d473667a	sepolicy: Add read dir permission to hal_bootctl.te hal_bootctl needs read permission to sysfs_dt_firmware_android Change-Id: I6e89b2db756d7070bc4b815cf15a6a4f241d137b	2020-03-05 17:06:08 -08:00
Wileen Chiu	106d993854	Revert "Revert "sepolicy: update SELinux rules for ims application"" This reverts commit `7a059d4202`. Change-Id: I3b5c615012bacc440362e23e343ab05db8d3253f CRs-Fixed: 2616500	2020-03-05 10:12:46 -08:00
Sai Manobhiram	bac8a9c806	Adding Kill capability to perf hal service. Adding permission to kill only the app domain from vendor. For lito, atoll, trinket. Change-Id: Id9377a993ca847aaa830d53a330aabad1db3cd17	2020-03-04 15:21:59 +05:30
Rishiraj Manwatkar	764c97ec56	sepolicy: vendor modprobe changes Change-Id: I8d86a719c97135c4b701a4cddd029dfd23aeda71	2020-03-02 16:33:06 -08:00
Ashay Jaiswal	e23a4ade5e	sepolicy: add sepolicy label for charge_pump Add sepolicy label to files exposed by charger_pump master and slave devices. Change-Id: Id70e39695444573638055f88734f0ae02df25a02	2020-03-02 09:21:26 +05:30
Santosh Mardi	dce94f494f	sepolicy: give se policy permission to npu dcvs nodes Give SE policy permission to npu dcvs nodes used to scale DDR frequency based on traffic from npu->llcc and llcc->ddr. Change-Id: Ib58f75a65b7979d58128a594769916ec25bf9082	2020-02-28 01:16:41 -08:00
qctecmdr	2030effbfe	Merge "Revert "sepolicy: Define key for TimeService apk""	2020-02-27 03:04:34 -08:00
vijay rayabarapu	7a059d4202	Revert "sepolicy: update SELinux rules for ims application" This reverts commit `a9e385381b`. Change-Id: I9006b1af2506bf0b8f0efe62e7aafd16e15ccbb1	2020-02-26 16:40:05 +05:30
qctecmdr	65ddd18b92	Merge "sepolicy: add audio daemon"	2020-02-23 03:51:27 -08:00
qctecmdr	192c565c82	Merge "sepolicy: update SELinux rules for ims application"	2020-02-20 12:36:54 -08:00
Amritendu Biswas	bcecad1de5	sepolicy for embms hal service Allow embmssl hal to access unix_stream_socket, Allow embmssl hal to access qipcrtr_socket Change-Id: I84024db652dc839c9f07e46a620e7b9659da7297	2020-02-19 17:59:07 -08:00
Aalique Grahame	07fe88eee7	sepolicy: add audio daemon Add policy for audio adsprpc daemon Change-Id: Ib05cf29a3e06571e5a718bde9032b19625b5a300	2020-02-19 16:35:40 -08:00
Wileen Chiu	a9e385381b	sepolicy: update SELinux rules for ims application Change-Id: I82638566030d660140430176cee0fe4ca605b1ed CRs-Fixed: 2616500	2020-02-19 15:10:16 -08:00
qctecmdr	2753577d08	Merge "Add Device Info hal vendor.qti.hardware.radio.internal.deviceinfo@1.0"	2020-02-19 06:56:04 -08:00
Avinash Nalluri	17c98d98c5	Add Device Info hal vendor.qti.hardware.radio.internal.deviceinfo@1.0 - Add new HAL to the config files - vendor.qti.hardware.radio.internal.deviceinfo@1.0 Change-Id: Ia32ee8d8742850bc95fe5ac8876aca8843d73f3e CRs-Fixed: 2605646	2020-02-18 09:55:57 -08:00
qctecmdr	d4ca30ba03	Merge "sepolicy: Add selinux policy for kernel debug script"	2020-02-18 08:57:34 -08:00
qctecmdr	d4cb924ee2	Merge "sepolicy: Add vm block devices labeling"	2020-02-18 05:46:28 -08:00
qctecmdr	a7c80aa192	Merge "lito: Assign subsys nodes file contexts in a dynamic way."	2020-02-18 02:56:24 -08:00
qctecmdr	50f7bc43d5	Merge "Sepolicy changes for new mutualex daemon"	2020-02-18 00:19:38 -08:00
Mohit Aggarwal	6987530a28	Revert "sepolicy: Define key for TimeService apk" This reverts commit `6886e3677e`. Change-Id: I9b4414691680c399717370b118e01dbc0d4aac09	2020-02-18 11:48:29 +05:30
qctecmdr	6cacff8bb7	Merge "sepolicy: add property to generic for loading shsusrd via netmgr"	2020-02-17 21:20:54 -08:00
P.Adarsh Reddy	f072a4ac23	lito: Assign subsys nodes file contexts in a dynamic way. The subsystem name to subsys number mapping is not constant and can change based on the order of probing OR incase a new subsystem gets added. To handle such cases, this change assigns the contexts in a more dynamic way using regex within file-contexts file. Change-Id: Ibc688f334381dffec2bf5419305fabcf2ecd72e6	2020-02-17 14:09:12 +05:30

1 2 3 4 5 ...

462 commits