tequilaOS/platform_device_qcom_sepolicy_vndr-legacy-um

Author	SHA1	Message	Date
Sandeep Singh	d22efe9d18	sepolicy: Add permission for cnss-daemon to write in persist folder Add permission for cnss-daemon to create file in /mnt/vendor/persist/wlan folder. Change-Id: I11690dee5383e8555260a1c6bbfa266043ed395e	2022-01-05 15:07:28 +05:30
Jaihind Yadav	6fa6d80de3	remove read permission for untrusted app to read device info. Change-Id: I6d04b70ad23a08176ab9fa2c559460a4e6009efa	2021-12-28 23:21:18 -08:00
PavanKumar S.R	98c49facc5	sepolicy: Fix avc denials for wakeup nodes Label wakeup sysfs nodes listed by SuspendSepolicyTests.sh Change-Id: Ie1276b0189c3ccec5b99d0cdb64ed84379c80f95	2021-12-06 13:46:08 +05:30
urevanth	02950739e3	atoll: Addressing the syntax error in "qva/vendor/atoll/genfs_contexts" Change-Id: I18f6508e763b02ad1758dd549ad1325fda7eff5f Signed-off-by: urevanth <quic_urevanth@quicinc.com>	2021-12-02 17:05:17 +05:30
Baowei Liu	639219bf3a	sepolicy: Add create socket file permission for vendor_wcnss_service cnss_cli use unix socket to communicate with cnss-daemon. cnss-daemon need create unix socket server file when init. Change-Id: Ibbe1eb1f418da17c0155a0663f6a94d8777ef80f	2021-11-30 00:24:53 -08:00
qctecmdr	f6efb39ffb	Merge "sepolicy_vndr: Remove ffs_prop form recovery.te"	2021-11-24 21:12:56 -08:00
qctecmdr	c2dbc25d4e	Merge "sepolicy: Add SE-Linux rules to access NFC properties"	2021-11-16 22:00:29 -08:00
Udipto Goswami	e7c14cfe10	sepolicy_vndr: Remove ffs_prop form recovery.te The AOSP code already defines and gives permission to this label. Further this is renames in latest code to ffs_config_prop so referring the label here gives compilation error. Removing it since already the permissions are there. Change-Id: I14154df9cf269e3524c80a539c97bcb77dd97fc0 Signed-off-by: Udipto Goswami <quic_ugoswami@quicinc.com>	2021-11-16 15:45:05 +05:30
Bhuvan Varshney	aa1eb500fd	sepolicy: Add SE-Linux rules to access NFC properties Add sepolicy rules to allow secure element HAL to read NFC properties. Change-Id: Icf2436b523d9854ad31ac56cb75b75b200b0bb2b	2021-11-12 10:13:09 +05:30
Himanshu Agrawal	c61c806e02	sepolicy_vndr: Compilation fix for S upgrade Change-Id: Ie41b7cc0bb91d5d92480fafa9d44bcbe8b855343	2021-11-11 06:34:38 -08:00
qctecmdr	9021b7aa45	Merge "sepolicy_vndr: add policy for hostapd"	2021-11-02 02:30:04 -07:00
David Arellanes	a9d871dfb8	selinux attribute mlstrustedsubject added to qvrd_vndr Change-Id: I0f93db13f2b2bff64cd54b324bce5d320b2430b9	2021-10-29 15:48:25 -07:00
qctecmdr	d3b3dd6472	Merge "sepolicy_vndr: suppress xdsp denial."	2021-10-21 02:43:29 -07:00
qctecmdr	a0b37c2922	Merge "sepolicy: sepolicy rules for accessing read_ahead_kb"	2021-10-17 23:19:41 -07:00
Sarthak Garg	c0420f57f3	sepolicy: sepolicy rules for accessing read_ahead_kb Adding sepolicy rule to fix avc denials while accessing read_ahead_kb node for vold. Change-Id: I078b00b07b31a813a2151595e24332cfa2361901 Signed-off-by: Sarthak Garg <sartgarg@codeaurora.org>	2021-10-12 20:13:13 +05:30
Rui Wang	182ddd2394	sepolicy_vndr: suppress xdsp denial. Change-Id: Ie33815a9fbf1b4b8ee7b7acdfdeae896805fae1c	2021-10-11 22:36:08 -07:00
Sauvik Saha	9e1dcf7de5	sepolicy_vndr: Fixing avc denial * avc: denied { call } for comm="ims_rtp_daemon" * scontext=u:r:vendor_hal_imsrtp:s0 tcontext=u:r: * vtloopback_app:s0:c165,c256,c512,c768 tclass=binder permissive=0 Change-Id: Iec4288d24a3ca9559fa213eb7ffff75d67c777dd	2021-10-07 23:12:10 -07:00
Ashish Jain	e9e26698a5	se-policy: Added donot audit rule. Added donot audit rule for dac override warning for perf serivce. Change-Id: I975452c82c2fdd28fef1015e5eafca23ccfb7016	2021-10-04 11:04:41 +05:30
Abhinav Sohane	fedcf427f5	Sepolicy: Add sepolicy change to not audit for xdsp Issue: AVC denials seen for hal_camera_default while accessing vendor_xdsp_service. Fix: Addeddontaudit for hal_camera_defaiult to access vendor_xdsp_service. CRs-Fixed: 3027156 Change-Id: I915389a2073e4774c00a1129d6ddf371681138c3	2021-09-29 17:40:06 +05:30
Swarn Singh	809262547f	sepolicy_vndr: add policy for hostapd This commit gives hostapd permissions rw_dir_perms to open, search, write, add_name, remove_name in wifi data files. Change-Id: Ifc39cd245da035512af89733b55f57e9ce608f00 CRs-Fixed: 3008412	2021-09-28 22:45:42 -07:00
Sauvik Saha	26c2f7d447	sepolicy_vndr: Fixing avc denials for loopback app * [Kodiak]avc: denied { read } for name="u:object_r: * vendor_ims_prop:s0" dev="tmpfs" ino=30786 scontext=u:r: * platform_app:s0:c512,c768 tcontext=u:object_r:vendor_ims_prop: * s0 tclass=file permissive=0 app=com.qti.vtloopback Change-Id: I8b2658ff7fe8d18812aa45c9daa3a2906f7e942f	2021-09-28 14:32:03 +05:30
qctecmdr	a251aa73d3	Merge "sepolicy_vndr: Update sepolicy rule for mediatranscoder"	2021-09-24 02:24:58 -07:00
Sanjay Singh	19155d0f01	sepolicy_vndr: Update sepolicy rule for mediatranscoder Allow mediatranscoder to access hal_allocator. Change-Id: I62511ef6c48a4276845edebb04298d23ab927739	2021-09-23 23:16:43 -07:00
Kavya Nunna	90758a130c	sepolicy_vndr: Add labels for wakeup sources for atoll and msmnile Add a change to fix the avc denials for the wakeup source used for pmic nodes. Change-Id: Id836c0890e197d9d32b69fb0b3d9f3ca960a65f1	2021-09-23 22:02:37 -07:00
Gerald Dasal	80aa433441	sepolicy_vndr: Add sepolicy for ssg system service mlid and ssgtzd need to be able to talk to service apps as well as other vendor services. Change-Id: Iaee709672f4dd83c428a047be17bb0c087a50215	2021-09-22 11:42:55 -07:00
qctecmdr	645b321192	Merge "NeuralNetworks: Modify nnhal to access adsp properties"	2021-09-19 22:37:32 -07:00
qctecmdr	617ddb988d	Merge "sepolicy_vndr: khaje: sepolicy rules for perf-lm"	2021-09-17 03:14:52 -07:00
Malathi Gottam	cdfabfff36	sepolicy_vndr: dontaudit qti-media access to default prop Vendor qti-media service is not making use of any of the properties under default-prop, so suppress this access denial using dontaudit. Change-Id: I860d2e534dcfbf05be733706b780fd4784c3467d	2021-09-16 22:39:03 +05:30
Aman Mehta	64a6d79aff	sepolicy_vndr: khaje: sepolicy rules for perf-lm Path correction for sepolicy rules Change-Id: I12efeaa94fd5216626a33bc6bd3f05d0f6ed56d2	2021-09-16 20:34:35 +05:30
Rajashekar Adi	0bba91b894	NeuralNetworks: Modify nnhal to access adsp properties Modify NNHAL sepolicy rules to read adsp properties. Change-Id: I53ffab1e039a5a07fa58de53baddf6c962a92565	2021-09-15 16:52:09 +05:30
Arvind Kumar	976a3c7982	sepolicy: Add rules for init.qti.early_init.sh scripts Add rules to allow execution of init.qti.early_init.sh Change-Id: I8199a084a1913eb77123be04eecda4a3f5a85992	2021-09-15 01:58:05 -07:00
Vivek Arugula	ba1fe38dcc	sepolicy: Add dontaudit for init.qcom.sensors.sh This script file is used to move few files from vendor to data path. This doesn't read any properties within it explicitly. Change-Id: I9bc986d30ca96371c9ffc1670cf220a5c2a5f920	2021-09-14 10:29:45 +05:30
xiaohuin	062c4adf81	sepolicy: rename hang_guard to qguard change hang_guard to qguard. Change-Id: I7122c99c702c2661c1cc9c33e0ddada7d9f4ab86 CRs-Fixed: 3005281	2021-09-09 20:17:28 -07:00
qctecmdr	f98e4b6f9d	Merge "epolicy : add rule for tipc socket permission"	2021-09-09 08:13:23 -07:00
qctecmdr	b1a63c8d9c	Merge "sepolicy_vndr: Add sepolicy changes for eID services"	2021-09-09 04:50:16 -07:00
Kaustubh Pandey	bd175d470b	epolicy : add rule for tipc socket permission Change-Id: I46790b52188de7a0502cd6b2768a2863297b4f88 Signed-off-by: Kaustubh Pandey <kapandey@codeaurora.org> Acked-by: Anagh G <anaghg@qti.qualcomm.com>	2021-09-09 16:22:15 +05:30
dexili	8a2a0c462d	sepolicy_vndr: Add sepolicy changes for eID services Add sepolicy changes for eID services Change-Id: I3fd5138df6dddeff98736eab82a8e9f487576402	2021-09-09 17:19:57 +08:00
Bipin Kumar	56c2153eed	sepolicy_vndr: bengal: Add permission for khaje sysfs Change-Id: I0bb4ae1600dce25c4da3dc4cddf7083f8229f2c6	2021-09-08 06:10:39 -07:00
Sharath Chandra Vurukala	76fc996cd8	sepolicy_vndr: dontaudit system_server search of proc shs dir Dontaudit system_server search of the vendor proc shs directory. Change-Id: I93b528f2680fd087b9c42cbe1beaae74c9703a61 Acked-by: Divyarajsinh Jhala <djhala@qti.qualcomm.com> Signed-off-by: Sharath Chandra Vurukala <sharathv@codeaurora.org>	2021-09-08 02:49:12 -07:00
kranthi	5bfc9e2b16	sepolicy-vndr:Allowing applications to read gpubusy type=1400 audit(0.0:4717): avc: denied { read } for name="gpubusy" dev="sysfs" ino=52014 scontext=u:r:untrusted_app_29:s0:c224,c256,c512,c768 tcontext=u:object_r:vendor_sysfs_kgsl:s0 tclass=file permissive=0 app=com.activision.callofduty.shooter CRS-Fixed: 3027339 Change-Id: I93b00ef59e35c7336351234d6e41b34fb7b46c10	2021-09-07 21:45:31 -07:00
qctecmdr	95aa1ccbb1	Merge "sepolicy_vndr: Update sepolicy rule for mediatranscoder"	2021-09-07 09:04:15 -07:00
qctecmdr	eec30e15e3	Merge "sepolicy_vndr: Update sepolicy rule for mediatranscoder"	2021-09-07 04:22:10 -07:00
Sanjay Singh	e8c4018001	sepolicy_vndr: Update sepolicy rule for mediatranscoder Allow mediatranscoder to access hal_allocator. Change-Id: I808d317dab759961db810bc2bb12252989ae268b	2021-09-06 22:08:55 -07:00
Sanjay Singh	9c74a229b6	sepolicy_vndr: Update sepolicy rule for mediatranscoder Allow mediatranscoder to access hal_allocator. Change-Id: Ibf5a5b15a55391410f35c76f5ca0259636b70add	2021-09-03 11:20:12 +05:30
Sanjay Singh	8950ce727b	sepolicy_vndr: Update sepolicy rule for mediatranscoder Allow mediatranscoder to access hal_allocator. Change-Id: If2f5d683a76dd08a81e34554ef04436ea9b2941c	2021-09-03 10:54:11 +05:30
Aman Mehta	c20fc6e1db	sepolicy_vndr: khaje: sepolicy rules for perf-lm Add sepolicy rules for perf-lm-gameopt Change-Id: I5ef16a6ce522dfb8716209ba0c8577a6f63c6ce3	2021-08-31 16:46:35 +05:30
qctecmdr	1923e875f0	Merge "vpp: remove access to vendor_xdsp_device node."	2021-08-30 10:59:25 -07:00
qctecmdr	d7ee2be4ff	Merge "sepolicy: Fix the AVC denials for system daemon"	2021-08-25 23:14:08 -07:00
qctecmdr	88063c9f14	Merge "sepolicy: revert of qvrd changes from: Selinux enabled for qvr_vndr."	2021-08-25 23:14:08 -07:00
qctecmdr	b9e489c364	Merge "Remove cdsp SE policy for lowirpcd daemon"	2021-08-25 19:10:28 -07:00

1 2 3 4 5 ...

3996 commits