tequilaOS/platform_device_qcom_sepolicy_vndr-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
4279 commits 1 branch 0 tags 5.5 MiB
Commit graph

4279 commits

This branch
This branch
All branches
Author SHA1 Message Date
Phani Deepak Parasuramuni
6c0f15cf49 sepolicy_vndr: port qcc-tr.lnx.13.0 policies 
Change-Id: I866c3b63a78bad5a878a7fff0ff299739ce1b1bb
 2022-04-11 19:05:03 +05:30
Linux Build Service Account
2afb00878a Merge ef230ad9c6 on remote branch 
Change-Id: I2a5f5531ef5353385fdfa4a057cc04150f0a8bc0
 2022-04-07 23:11:28 -07:00
Sridhar Kasukurthi
70c33b0fc8 sepolicy_vndr: Add policy for atfwd client 
Add policy for atfwd daemon client

Change-Id: I0251b892ffdfbd02ba16b3dc08998581b1c45015
CRs-Fixed: 3164800
 2022-04-04 03:02:32 -07:00
Samyak Jain
ef230ad9c6 Add rule to allow access to sxr prop 
Change-Id: Iba44313089f5e7b1621ab31c970593b21633fd4c
 2022-03-22 15:39:02 +05:30
Mohammed Mirza Mandayappurath Manzoor
3fbee03d9b sepolicy_vndr: Add shell permission to /sys/class/kgsl/kgsl-3d0/perfcounter 
Allow shell users to have permission to update sysfs node
/sys/class/kgsl/kgsl-3d0/perfcounter

Change-Id: I648b7f4b25e4c8c1644be5046677f41e7b5d2f8c
 2022-03-12 04:32:05 -08:00
Linux Build Service Account
9c6c0a6b60 Merge d174c613ba on remote branch 
Change-Id: I32bee76cef4270ddaaa175b7477e8ac93c7a1b99
 2022-03-11 00:24:01 -08:00
Mohammed Mirza Mandayappurath Manzoor
ae74a4b7e6 sepolicy_vndr: Add shell permission to /sys/class/kgsl/kgsl-3d0/perfcounter 
Allow shell users to have permission to update sysfs node
/sys/class/kgsl/kgsl-3d0/perfcounter

Change-Id: I648b7f4b25e4c8c1644be5046677f41e7b5d2f8c
 2022-02-24 11:43:59 +05:30
Karthik Nagarajan
d174c613ba sepolicy change for 3dfa 
remove cdsp access permissions for 3dfa service.

Change-Id: I5015061f00ac7cf398feb011e2c529dcf12f421e
Signed-off-by: Karthik Nagarajan <quic_karnagar@quicinc.com>
 2022-02-15 21:09:28 -08:00
Zhen Wang
c6218ef824 sepolicy: fix copyright issue 
Change-Id: Ia80f4509e576d3acdf59bffab246c651a54f37d4
 2022-02-13 22:18:08 -08:00
Linux Build Service Account
08202ee619 Merge 9054e3414b on remote branch 
Change-Id: I259a3ab7fb73707c390365311f8e51b29c29131a
 2022-02-11 01:28:04 -08:00
Zhen Wang
fac585b0ee sepolicy: fix copyright issue 
Change-Id: Ia80f4509e576d3acdf59bffab246c651a54f37d4
 2022-02-06 21:01:05 -08:00
Jaihind Yadav
687622bcf4 sepoliy_vndr :labeling socid and granting the permission to the domains 
for legacy target.

Soc_id and family are set to be global read.

Change-Id: I2a30d75f6678f78c746b7b02d8a5abcda6248cea
 2022-02-03 01:37:18 -08:00
qctecmdr
9054e3414b Merge "sepolicy_vndr: allow qvrd to access sensors" 2022-01-28 03:09:58 -08:00
Zhen Wang
2b1454ef45 sepolicy: allow qvrd-vndr access camera hal service. 
Change-Id: Ice250eccc5fed4154abcee94cee5422cc7bd86ec
 2022-01-28 09:23:03 +08:00
Zhen Wang
1e138c3052 sepolicy_vndr: allow qvrd to access sensors 
1. Allow qvrservice to access native sensor services
   in system server via bind call.
2. Suppressing the dsp error messages.

CRs-Fixed: 3103942
Change-Id: I6492c379a8b63dcf0d5faec2426094b616924b67
 2022-01-27 16:29:56 +08:00
qctecmdr
7af3050237 Merge "Snapcam:add sepolicy for snapcam" 2022-01-26 02:24:14 -08:00
qctecmdr
f4ccd6bf23 Merge "sepolicy: Add permission for QtiMapperExtension version 1.3" 2022-01-25 22:46:47 -08:00
qctecmdr
1dd945b8d9 Merge "Selinux enabled for sxr_vndr." 2022-01-24 01:58:05 -08:00
qctecmdr
00a5f61e7a Merge "sepolicy: Add permission for QtiMapperExtension version 1.2" 2022-01-21 01:28:34 -08:00
qctecmdr
8573d03737 Merge "Fix qvr selinux denials" 2022-01-21 01:28:34 -08:00
Samyak Jain
53aeda15ef Selinux enabled for sxr_vndr. 
This change creates sxr_vndr service which acts
as a vendor hal service and  enables the sxr_vndr
service to receive one of the socket pair fd sent
from xrcb application and directly communicates with
QXR client running in /data using socket pair fd

Change-Id: I9f7d12142c9fb3d8f6683e32f5abb0b62f2bc678
 2022-01-20 03:18:30 -08:00
Zhen Wang
3bd237cb49 Fix qvr selinux denials 
Change-Id: Ia5c434200dc36ef475ef5b04997cf6833c902089
 2022-01-19 17:40:54 -08:00
Jaihind Yadav
82f9d22a5c sepoliy_vndr :labeling socid and granting the permission to the domains. 
Soc_id and family are set to be global read .

Change-Id: I3f031918cec9aaec3cc626ec79d55cd64f190f69
 2022-01-16 21:11:13 -08:00
chunzhao
180f8902ce Snapcam:add sepolicy for snapcam 
Issue:avc: denied { read }
for comm="eaurora.snapcam
Fix:add sepolicy in snapcam

Change-Id: I908fc5a235fbc1eab579adce6ea0db0d4eda3e1e
 2022-01-16 19:08:06 -08:00
Linux Build Service Account
a0e9cf2fa9 Merge b695e943f4 on remote branch 
Change-Id: I75206553d3b55957c84121e7b163dc650705533d
 2022-01-13 04:12:26 -08:00
Qi Jin
10f3237397 sepolicy: Add permission for QtiMapperExtension version 1.3 
Change-Id: I7591ad02c90aa4ff6aeb5aeaf2ea2b1c156cc3d0
 2022-01-12 00:53:23 -08:00
Zube Molokwu
a5a552df6b sepolicy: Add permission for QtiMapperExtension version 1.2 
Change-Id: Iffbbccc05e7a33bd1dfa4783500571964e3a0b23
 2022-01-12 00:52:41 -08:00
qctecmdr
6e1148487c Merge "sepolicy: Add permission for cnss-daemon to write in persist folder" 2022-01-10 04:39:42 -08:00
Sandeep Singh
d22efe9d18 sepolicy: Add permission for cnss-daemon to write in persist folder 
Add permission for cnss-daemon to create file in
/mnt/vendor/persist/wlan folder.

Change-Id: I11690dee5383e8555260a1c6bbfa266043ed395e
 2022-01-05 15:07:28 +05:30
Satish Kumar Kodishala
b695e943f4 Add permissions to access btfmslim node 
Add permissions to access btfmslim node

Change-Id: I0d796623745616ef3c559aeec1564cee31cae0e8
 2022-01-04 06:10:55 -08:00
Jaihind Yadav
6fa6d80de3 remove read permission for untrusted app to read device info. 
Change-Id: I6d04b70ad23a08176ab9fa2c559460a4e6009efa
 2021-12-28 23:21:18 -08:00
Linux Build Service Account
fd48b697b7 Merge 02950739e3 on remote branch 
Change-Id: I918f7a3eeff334cd4b5363e91aec41cadcbbd390
 2021-12-13 00:20:16 -08:00
PavanKumar S.R
98c49facc5 sepolicy: Fix avc denials for wakeup nodes 
Label wakeup sysfs nodes listed by SuspendSepolicyTests.sh

Change-Id: Ie1276b0189c3ccec5b99d0cdb64ed84379c80f95
 2021-12-06 13:46:08 +05:30
urevanth
02950739e3 atoll: Addressing the syntax error in "qva/vendor/atoll/genfs_contexts" 
Change-Id: I18f6508e763b02ad1758dd549ad1325fda7eff5f
Signed-off-by: urevanth <quic_urevanth@quicinc.com>
 2021-12-02 17:05:17 +05:30
Baowei Liu
639219bf3a sepolicy: Add create socket file permission for vendor_wcnss_service 
cnss_cli use unix socket to communicate with cnss-daemon.
cnss-daemon need create unix socket server file when init.

Change-Id: Ibbe1eb1f418da17c0155a0663f6a94d8777ef80f
 2021-11-30 00:24:53 -08:00
qctecmdr
f6efb39ffb Merge "sepolicy_vndr: Remove ffs_prop form recovery.te" 2021-11-24 21:12:56 -08:00
Linux Build Service Account
dc1d778ee8 Merge 9021b7aa45 on remote branch 
Change-Id: Ic4f02565d4f1076b6c08272c8a816fac4f2895ad
 2021-11-24 06:00:17 -08:00
qctecmdr
c2dbc25d4e Merge "sepolicy: Add SE-Linux rules to access NFC properties" 2021-11-16 22:00:29 -08:00
Udipto Goswami
e7c14cfe10 sepolicy_vndr: Remove ffs_prop form recovery.te 
The AOSP code already defines and gives permission
to this label. Further this is renames in latest code
to ffs_config_prop so referring the label here gives
compilation error.
Removing it since already the permissions are there.

Change-Id: I14154df9cf269e3524c80a539c97bcb77dd97fc0
Signed-off-by: Udipto Goswami <quic_ugoswami@quicinc.com>
 2021-11-16 15:45:05 +05:30
Bhuvan Varshney
aa1eb500fd sepolicy: Add SE-Linux rules to access NFC properties 
Add sepolicy rules to allow secure element HAL to
read NFC properties.

Change-Id: Icf2436b523d9854ad31ac56cb75b75b200b0bb2b
 2021-11-12 10:13:09 +05:30
Himanshu Agrawal
c61c806e02 sepolicy_vndr: Compilation fix for S upgrade 
Change-Id: Ie41b7cc0bb91d5d92480fafa9d44bcbe8b855343
 2021-11-11 06:34:38 -08:00
qctecmdr
9021b7aa45 Merge "sepolicy_vndr: add policy for hostapd" 2021-11-02 02:30:04 -07:00
David Arellanes
a9d871dfb8 selinux attribute mlstrustedsubject added to qvrd_vndr 
Change-Id: I0f93db13f2b2bff64cd54b324bce5d320b2430b9
 2021-10-29 15:48:25 -07:00
Linux Build Service Account
979619d301 Merge 9e1dcf7de5 on remote branch 
Change-Id: I2a6ed3fcf04b0014aba6fe4b54dff6372d63c9f2
 2021-10-24 02:20:40 -07:00
qctecmdr
d3b3dd6472 Merge "sepolicy_vndr: suppress xdsp denial." 2021-10-21 02:43:29 -07:00
qctecmdr
a0b37c2922 Merge "sepolicy: sepolicy rules for accessing read_ahead_kb" 2021-10-17 23:19:41 -07:00
Sarthak Garg
c0420f57f3 sepolicy: sepolicy rules for accessing read_ahead_kb 
Adding sepolicy rule to fix avc denials while accessing
read_ahead_kb node for vold.

Change-Id: I078b00b07b31a813a2151595e24332cfa2361901
Signed-off-by: Sarthak Garg <sartgarg@codeaurora.org>
 2021-10-12 20:13:13 +05:30
Rui Wang
182ddd2394 sepolicy_vndr: suppress xdsp denial. 
Change-Id: Ie33815a9fbf1b4b8ee7b7acdfdeae896805fae1c
 2021-10-11 22:36:08 -07:00
Sauvik Saha
9e1dcf7de5 sepolicy_vndr: Fixing avc denial 
* avc: denied { call } for comm="ims_rtp_daemon"
* scontext=u:r:vendor_hal_imsrtp:s0 tcontext=u:r:
* vtloopback_app:s0:c165,c256,c512,c768 tclass=binder permissive=0

Change-Id: Iec4288d24a3ca9559fa213eb7ffff75d67c777dd
 2021-10-07 23:12:10 -07:00
Ashish Jain
e9e26698a5 se-policy: Added donot audit rule. 
Added donot audit rule for dac override warning for perf serivce.

Change-Id: I975452c82c2fdd28fef1015e5eafca23ccfb7016
 2021-10-04 11:04:41 +05:30