tequilaOS/platform_device_qcom_sepolicy_vndr-legacy-um
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
3996 commits 1 branch 0 tags 5.5 MiB
Commit graph

3996 commits

This branch
This branch
All branches
Author SHA1 Message Date
Rui Wang
d80aa1b70a vpp: remove access to vendor_xdsp_device node. 
Change-Id: I043360fe7249d46c3d30654ed3cb6f613aee1c42
 2021-08-24 18:41:02 -07:00
Tyler Wear
6e027193f4 modemManager: Enable Deubgging Fallback 
Enable crash dump logging fallback policy.

Change-Id: I4ed8e3c3296a6e2841b8bc28e4304df2b67159d4
 2021-08-24 09:44:16 -07:00
Ashwani Jha
4b2a48a440 sepolicy: revert of qvrd changes from: Selinux enabled for qvr_vndr. 
Revert of commit ID: 7e0b5d1f1e
Change-Id: I5e73ce881873aeafde2699543684c16b159ad31d
 2021-08-22 21:47:29 -07:00
Benergy Meenan Ravuri
ed835a51d9 sepolicy: Fix the AVC denials for system daemon 
Fix the AVC denials for system daemon.

Change-Id: Ic9266b9f9c1ecbad348deb34612d2282c7f6de55
CRs-Fixed: 3014682
 2021-08-19 23:45:12 +05:30
mukul sharma
7e3c03bb79 Remove cdsp SE policy for lowirpcd daemon 
Currently, lowirpcd uses CDSP access SE policy
which is not by required for lowirpcd.

Change-Id: Ic161109c07bf1b87839494ed4c4d5d31449d3ab6
CRs-Fixed: 3017691
 2021-08-19 12:44:21 +05:30
Ashwani Jha
7e0b5d1f1e Selinux enabled for qvr_vndr. 
This change creates qvr_vndr service which acts
as a vendor hal service.

Change-Id: I6c39a54829a080d6d24715283d143f0c3f49735b
 2021-08-16 09:59:04 -07:00
Vasantha Balla
4581d2daf0 sepolicy_vndr: Update sepolicy rule for mediatranscoder 
Allow mediatranscoder to access hal_allocator.

Change-Id: Id1b467ba29f1ad40684654e67bfe4a32ac0ae6bf
 2021-08-13 04:52:27 -07:00
Vasantha Balla
e0cc5f73ea sepolicy_vndr: Update sepolicy rule for mediatranscoder 
Allow mediatranscoder to access hal_allocator.

Change-Id: Idf21562a66b0b10fdcb5357f33262babfe15aea1
 2021-08-11 01:57:49 -07:00
Kavya Nunna
c609ec6efd sepolicy_vndr: bengal: Add sepolicy rules for smb1394 
Add sepolicy rules for smb1394 for userspace to access
the nodes.

Change-Id: I8a1f7a4866da65b60ed81da77c6d2ab47df75932
 2021-08-08 09:15:40 -07:00
Benergy Meenan Ravuri
eab86dde57 sepolicy: Add rules to define and use soc model property 
Add rules to define and use soc model property.

Change-Id: I412f520f921c3479520b0981e6b06f85ebd5325f
 2021-08-04 06:35:26 -07:00
qctecmdr
0a36443c8c Merge "sepolicy_vndr:Adding new graphics compiler libraries" 2021-08-02 14:19:15 -07:00
Ramu Gottipati
322b47a801 sepolicy_vndr: Add sepolicy rules for audio nodes 
- Add sepolicy rules for audio nodes

Change-Id: Ifecf132d2a8ca85d23fb9d7700e70aea001a8963
 2021-08-01 21:59:06 -07:00
Kavya Nunna
105e3aba4f sepolicy_vndr: bengal: Add sepolicy labels for led nodes on khaje 
Add sepolicy rules for led nodes for khaje platform.

Change-Id: Iec1c2b35ffe14fb5c3173778af52270bdf8b94fa
 2021-07-30 04:17:27 -07:00
James Wyatt Guidry
6c642d06d7 QTI: Reading baseband property throwing avc denial 
- Sepolicy change to fix this denial

Change-Id: I08b50dee5c29787b048b0698d8e1ab7a5519e461
 2021-07-28 10:38:43 -07:00
vijaagra
d2651092c6 sepolicy_vndr:Adding new graphics compiler libraries 
Adding new graphics compiler libraries libadreno_compiler_core
and libadreno_compiler_gfx.

CRs-Fixed: 2919678

Change-Id: I7c402b48d55b94d6bcfe00052bef23f9c76cc14a
 2021-07-28 10:47:27 +05:30
Roopesh Nataraja
0ad8896a38 Allow vendor_pd_mapper to getattr and write to /dev/kmsg 
Enable debugging of PDR issues by allowing vendor_pd_mapper
to getattr and write to /dev/kmsg. Fixes below denials.

avc: denied { getattr } for comm="pd-mapper" path="/dev/kmsg"
dev="tmpfs" ino=5 scontext=u:r:vendor_pd_mapper:s0
tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0

avc: denied { write } for comm="pd-mapper" name="kmsg" dev="tmpfs"
ino=5 scontext=u:r:vendor_pd_mapper:s0
tcontext=u:object_r:kmsg_device:s0 tclass=chr_file permissive=0

Change-Id: I8a8cad7116acf4c300ac57f3ec170c9f8bb05a39
 2021-07-27 10:42:50 -07:00
qctecmdr
b5f871b63b Merge "sepolicy_vndr: holi: Add support to SMB1394 power_supply nodes" 2021-07-23 06:15:57 -07:00
Ashish Chavan
e0f7965d1b sepolicy_vndr: holi: Add support to SMB1394 power_supply nodes 
Add support for smb1394 power_supply nodes.

Change-Id: I2b549e44f218ef4afce4683cd764d0fc8906012c
 2021-07-23 03:37:48 -07:00
qctecmdr
0d55f9972b Merge "sepolicy_vndr: add sepolicy rule for hvdcp_opti" 2021-07-23 02:45:54 -07:00
qctecmdr
e377ae004e Merge "Sepolicy: Add sys ddr file read permission" 2021-07-22 22:31:50 -07:00
qctecmdr
b7dcb8d726 Merge "sepolicy_vndr: Add sepolicy for cnss-daemon" 2021-07-22 11:28:16 -07:00
qctecmdr
3411ac6de1 Merge "sepolicy_vndr: remove unused cnd rules." 2021-07-22 11:28:16 -07:00
Mohammad Asaad Akram
09c67f1178 sepolicy_vndr: Add sepolicy for cnss-daemon 
Allow cnss-daemon to call system apis in userdebug and eng builds.

Change-Id: I167ee8620e81224cbe99c7856da8c739c402f632
CRs-Fixed: 2946649
 2021-07-22 00:50:51 -07:00
Abhinav Sohane
d07461e4ed Sepolicy: Add sys ddr file read permission 
Need permission for ddr_device_type
Change-Id: I8da3d80b8eb931785a0181bf7bf542cd56b8fb77
 2021-07-22 00:05:15 -07:00
dexili
6c5fce9df2 sepolicy: QTEECONNECTOR: Add SELinux policy for accessing /dev/vndbinder 
1, Add SELinux policy for accessing /dev/vndbinder.

Change-Id: I32864696ebc5f04b400165c64bb8cb7d0d18aa4d
 2021-07-21 07:31:08 -07:00
Prerna Kalla
502b4faf77 sepolicy_vndr: add sepolicy kor keymasterd for msmnile 
Keymaster daemon is given permissions to access spcom related files
and devices. The daemon will start during late-fs and will create a
server that runs always to detect SPU SSR. When SSR is detected, the
daemon will set SPU related flags in KM to false so that ROT is sent
again from KM to SPU when a new KM operation comes into execution.

Test: Verified that daemon started successfully.

Change-Id: I9831c0ccdc2f57992f1ce1ba467d918f4df9596e
 2021-07-19 22:23:43 -07:00
Jishnu Prakash
046987f915 sepolicy_vndr: add sepolicy rule for hvdcp_opti 
Add sepolicy rule to allow hvdcp_opti service to start
and stop via ctl.start and ctl.stop.

Change-Id: I757c3f574c3b7803f10cf99acac48d19bc4a6223
 2021-07-19 01:45:56 -07:00
Pavan Kumar M
95378b99d4 sepolicy_vndr: remove unused cnd rules. 
Change-Id: I7377fc4b2997e4c57f7b9a2685c25ecde6844957
 2021-07-16 04:20:47 -07:00
Rajat Yadav
966b3d26b8 sepolicy : add sepolicy for vendor_display_notch_prop 
Change-Id: Ieb46fdceafd935955e1b5435e73101e8453f877e
 2021-07-15 02:08:36 -07:00
qctecmdr
568308aa9b Merge "sepolicy_vndr: Add sepolicy support for vendor limits hal for legacy targets" 2021-07-14 04:41:39 -07:00
jiaoyuan
fdd4e0c4f7 Snapcam: add qti-testscripts for snapcam 
add vendor-qti-testscripts policy for vendor_snapcam_app

Change-Id: Iee1dba0e32290a35849fa5924ab58dfe51a035f9
 2021-07-12 03:03:22 -07:00
Subash Abhinov Kasiviswanathan
3928a592c5 shsusrd: Allow to execute ioctls 
Add policies to execute IOCTLs using datagram sockets.
Fixes the following denials-

avc: denied { create } for comm="shsusrd" scontext=u:r:vendor_shsusrd:s0
tcontext=u:r:vendor_shsusrd:s0 tclass=udp_socket permissive=1
avc: denied { ioctl } for comm="shsusrd" path="socket:[253694]" dev="sockfs"
ino=253694 ioctlcmd=0x89fd scontext=u:r:vendor_shsusrd:s0
tcontext=u:r:vendor_shsusrd:s0 tclass=udp_socket permissive=1
avc: denied { net_admin } for comm="shsusrd" capability=12
scontext=u:r:vendor_shsusrd:s0 tcontext=u:r:vendor_shsusrd:s0
tclass=capability permissive=1

CRs-Fixed: 2978038
Change-Id: I51bf0b1cd7d517a2a3c336074f170e683e5a6426
 2021-07-09 15:45:27 -06:00
Hui Liu
b02974bde7 sepolicy_vndr: holi: Add label for led nodes on Holi 
Add label for led device node on Holi platform.

Change-Id: Iadd8414f48815c3d5ecc2b0dd7d947cb496d3179
 2021-07-08 21:30:18 -07:00
Jiju Kinattingal
4bcb32799e sepolicy_vndr: Add policy to allow rild tombstones 
Add policy to allow the successful generation of rild tombstones

Change-Id: I8d9f60dcf9d5d450ceb8dd728e63c745fc3e421a
 2021-07-05 23:33:41 -07:00
Manaf Meethalavalappu Pallikunhi
7c2cb7d04a sepolicy_vndr: Add sepolicy support for vendor limits hal for legacy targets 
Add sepolicy support for vendor limits hal and limits
hal service for legacy targets.

Change-Id: Ie4ac97e2c393e29b58f9a24cf4ae6104b735c710
 2021-07-05 15:18:46 +05:30
Ritesh Kumar
7d15b3990f sepolicy_vndr: Update sepolicy access rules for hbtp 
Remove hbtp accessing dsp on targets which does not
support improve touch.

Change-Id: Iaf792b71dc058b5c0708bf258ed715d8483dc0c3
 2021-06-30 22:57:19 -07:00
Vasantha Balla
76c4c937e5 sepolicy_vndr: Update sepolicy access rules for vc1 
Allow mediacodec accessing dsp only on targets
which support vc1.

Change-Id: I7a09e687e8f74ef0439292223f86dbc9acf4de68
 2021-06-29 21:33:51 -07:00
Samyak Jain
8e9e3444a4 Temp sepolicy: Allow sxrhalservice to use graphics allocator 
Allow sxrhalservice to use graphics allocator

Change-Id: Ia385683678cd36bc3e96978315ce41c064d6b913
 2021-06-28 21:16:22 -07:00
qctecmdr
1bd9bb1516 Merge "sepolicy: remove CDSP access for sensors" 2021-06-28 02:03:22 -07:00
qctecmdr
c4d9fc5fa9 Merge "sepolicy: Add sepolicy rules for khaje" 2021-06-25 00:37:56 -07:00
Kavya Nunna
457f69eee9 sepolicy: Add sepolicy rules for khaje 
Add sepolicy rules for pm7250b nodes for khaje.

Change-Id: I7a223ad8a1bdf719732a7282dceea2e32c875b89
 2021-06-24 15:18:47 +05:30
qctecmdr
f2b66c08eb Merge "sepolicy: Do not audit kill request on IOP." 2021-06-22 03:55:35 -07:00
Fenglin Wu
4bcf882c3f sepolicy_vndr: holi: Add label for SMB1394 node resides on i2c2 
There is another Holi platform with SMB1394 on i2c2 so add the support
as well.

Change-Id: Ia33eaa3bb284367c50bf36eb83799424284906d0
 2021-06-17 07:35:00 +08:00
Sandeep Neerudu
b35595cbeb sepolicy: remove CDSP access for sensors 
Change-Id: I0b007855d38797ebcaff667fd46772499250d9ce
 2021-06-16 16:33:50 +05:30
qctecmdr
6e2c23628a Merge "add policies for vendor location." 2021-06-14 09:06:39 -07:00
Ashish Dhiman
799cd733d2 add policies for vendor location. 
Change-Id: I064d192c91342b52ef28420259740484533cb23d
 2021-06-10 11:22:54 +05:30
qctecmdr
4dbd4a5830 Merge "Mannar: donot audit rule for qlogcat test app" 2021-06-08 21:41:45 -07:00
Nilesh Gharde
b76698e69d Mannar: donot audit rule for qlogcat test app 
Change-Id: I013c5bd5e527b3b117402e2077a047424f2d8836
CRs-fixed: 2962231
 2021-06-04 17:56:57 +05:30
Sai Manobhiram
01d5bef4d6 sepolicy: Do not audit kill request on IOP. 
Change-Id: I9cb639d2c6608ea86af1a25a4d14c6796d7517d0
 2021-06-04 14:25:06 +05:30
Ashish Chavan
3c5af94b76 sepolicy_vndr: holi: Add support for pm6125 and smb1394 nodes 
Add support for pm6125 VADC and smb1394 nodes.

Change-Id: Iface7e5b23c5d1f979e8b29411a493e3248bab9a
 2021-06-03 12:53:49 +05:30