Add security policies for the thermal-engine process
to access sysfs nodes, create, listen, and read from
network sockets.
Change-Id: I2907cb26a2f4e27a2ae229bce4de038412c92bae
Signed-off-by: Shiju Mathew <shijum@codeaurora.org>
Added the context for the various audio devices
to operate with other domains. We have also added
context for audiod.
Change-Id: Ibaa2beb2fc5ff4cc16481d8764b1d8c0bcfce16c
Added security policies needed for IPv6 tethering functionality
to perform operations on sockets. Also enabled qmuxd to operate
with smd devices
CRs-fixed: 590265
Change-Id: I32a9dd089abec3b33f2fdeca02e3e259492f8785
Adding required SEAndroid policies to enable rild_oem socket connection
from QcrilMsgTunnel app (radio UID group) as it is currently denied
by SEAndroid module.
Change-Id: Ie1a1d2fdd0fe85095d8e33c8c6d5d335c3dc2042
Allow domain transitions from shell, su and adbd for qmuxd and
netmgrd in case of engineering and user debug builds only
CRs-fixed: 590265
Change-Id: Ibaad1d0d547dca13fa17f7c909c6347e59a24d97
Confines qmi ping and test service tests as well as defines rules to grant
them appropriate access.
CRs-Fixed: 582040
Change-Id: I57c9a82d3efcd643a6d3ac26c4217cd51b1bb86b
HW based disk encryption wipes the data if user enters incorrect
password for a number of times. This requires that Vold has access
to cache file and recovery.
Change-Id: Ibb3069af6a15558202c02ae5454008bb8ecb62e9
Device encryption requries fsck to be run while attempting to
mount userdata partition. For encrypted device, it runs in VOLD
context. Hence, VOLD needs permission to complete the job.
Change-Id: I804153253d241050cfe5f35b3f5c129f9b91a3c6
HW based disk encryption depends upon qseecom and module request
operation from kernel. Adding permission for VOLD for smooth
functionality of HW based disk encryption.
Change-Id: If938f1be1067ac14d5d2f685902643c5d580d94e