tequilaOS/platform_device_qcom_sepolicy_vndr-sm8450
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
4635 commits 1 branch 0 tags 5.8 MiB
Commit graph

44 commits

Author SHA1 Message Date
PavanKumar S.R
2d0e2f3281 sepolicy: Fix avc denials for wakeup nodes 
Label wakeup sysfs nodes listed by SuspendSepolicyTests.sh

Change-Id: Icca51aa06d6c66cc9be1ff98ee53730edcb9cbbf
 2021-11-25 14:36:36 +05:30
kranthi
8871a4e3cf sepolicy-vndr:Allowing system process to read gpu model 
type=1400 audit(0.0:307): avc: denied { read } for name=""gpu_model""
dev=""sysfs"" ino=111904 scontext=u:r:vendor_voiceui_app:s0
tcontext=u:object_r:vendor_sysfs_kgsl:s0 tclass=file permissive=0
app=com.qualcomm.qti.sva

Change-Id: If9f89c010bfc8a733f6ad6e842a1f5c61e97b8af
 2021-10-22 04:02:03 -07:00
appadura
297e3cb4d2 Filecontext changed for vm-system mount 
On platform using qvirtmgr/qcrosvm, switch to using
same_process_hal_file label for vendor vm images as
they are loaded by system.

Change-Id: Id859e1114fdcd3e190fb006768226e47cec2db38
 2021-09-07 19:28:38 -07:00
Sauvik Saha
e95f50faba ims: Add sepolicy rules for vendor_ims_service 
Add new sepolicy rules for single RCS registration
and cleanup legacy unused rules.

CRs-fixed: 2937994

Change-Id: I06f91c53aa780944f047670fae3cb24d96f30b56
 2021-05-13 12:48:56 +05:30
Vini Vennapusa
4c36d51112 sepolicy_vndr: Add policies for powermodule app 
Change-Id: I761db56f236579db42ad80a9ab5d365acbda5b5b
 2021-04-05 03:08:20 -07:00
Vini Vennapusa
e4e5d80916 sepolicy_vndr: Added policies for powermodule HAL 
Policies required for conversion of powermodule
standalone service to HAL service.

Change-Id: Ib73dfd5be704cb4b90dc45e88e32ffe42d2ce3ad
 2021-02-09 14:40:02 +05:30
Christopher Braga
16a54acf05 sepolicy_vndr: Introduce policies for new QMCS partition 
A new display partition has been introduced on Lahaina family
targets. Update SELINUX policies to allow partition mounting,
unmounting, autoformatting, and read only access by
the graphics composer HAL.

Change-Id: Ia61df85566525fc1c24ab3dcd2130839286a3cd9
 2021-01-14 17:02:29 -05:00
qctecmdr
51e8a8e236 Merge "sepolicy_vndr: Add label for wakeup sources" 2020-09-22 08:21:30 -07:00
Kavya Nunna
552783a313 sepolicy_vndr: Add label for wakeup sources 
Add a change to fix the avc denials for the wakeup source
used for pmic nodes.

Change-Id: I71825746b232a624094b32a4e47ede2f6982f41a
 2020-09-21 11:30:41 +05:30
Benergy Meenan Ravuri
b16aee73d8 shima: Add sepolicy rules for subsystem nodes 
Add sepolicy rules for lpass and turing subsystem nodes
CRs-Fixed: 2780204

Change-Id: I29ba8d3ba4920710adab562888e71a6ff9499b10
 2020-09-18 09:11:18 -07:00
Santosh Mardi
04e9ab1d54 sepolicy_vndr: give permission to silver ddr latfloor 
Give permission to silver cluster ddr latfloor for shima target.

Change-Id: Iadbfa2aaee0428e7d3854a0edf03748efd12d02c
 2020-09-14 12:47:38 +05:30
Linux Build Service Account
dae5e87cd6 Merge "lahaina: update file context for new partition" into sepolicy.vndr.lnx.1.0 2020-09-04 08:36:47 -07:00
Dileep Marchya
48ee8e195c shima: Added sepolicy rules to access qfprom0 node 
Added permissions to access feat_conf_m7 and feat_conf_qc_spare_20_lsb
node for display features.

Change-Id: Ie60b95236598f286396c73a47e894e5be7aab05e
 2020-09-04 00:36:18 -07:00
Nirmal Kumar
d12731aa0a lahaina: update file context for new partition 
Use existing boot_block_device label for qweslicstore_[ab]

Change-Id: Ib7e7f8bff3093a54551b0655b70289cb8e8a8e06
 2020-09-03 10:16:11 -07:00
Linux Build Service Account
6f128dd8bd Merge "sepolicy: add permissions for cpu7 qos latfloor on lahaina" into sepolicy.vndr.lnx.1.0 2020-09-03 05:31:45 -07:00
Amir Vajid
d543937395 sepolicy: add permissions for cpu7 qos latfloor on lahaina 
Add permissions to access cpu7 qos latfloor device on lahaina.

Change-Id: Icc26c1af849b78b30f97a3e409efb2915296460c
 2020-09-01 16:27:58 -07:00
Rajeswari N
3d8dbc816d sepolicy_vndr: Enable video poweropt 
Added policies to enable video poweropt

Change-Id: Ic99d593d5305e9e0dc0aebe2046ddf068f46cdf6
 2020-08-31 17:19:36 +05:30
Arthur Shuai
b6d7cdb755 sepolicy_vndr: label configuration for Scsi node 
Add configration of lable Scsi generic node
to vendor_sysfs_scsi_target.

Change-Id: I6006cbeb8238419e3ada31687ab62e72fd799cbb
 2020-08-24 20:30:55 +08:00
Linux Build Service Account
9de02a3436 Merge "hal_bootctl_default needs access to scsi_generic fs" into sepolicy.vndr.lnx.1.0 2020-08-21 09:09:32 -07:00
Smita Ghosh
8168a3571f hal_bootctl_default needs access to scsi_generic fs 
hal_bootdtl_default calls bootctl which tries to access scsi_generic

boot@1.1-servic: type=1400 audit(0.0:9793): avc: denied { read } for
name="scsi_generic" dev="sysfs" ino=68468
scontext=u:r:hal_bootctl_default:s0 tcontext=u:object_r:sysfs:s0
tclass=dir permissive=0

Change-Id: I90849795471bdf2d3980712b41c1a8956f99573d
 2020-08-19 21:04:25 -07:00
Amir Vajid
818a12aebf sepolicy: add permissions for cpu7 L3 latfloor on lahaina 
Add permissions to access cpu7 L3 latfloor device on lahaina.

Change-Id: I8ff1692e95358b6be584b65cca166cff3c2c4006
 2020-08-03 15:09:22 -07:00
vijay.rayabarapu
7f2599b985 Revert "Sepolicy: Add ssr node path for lahaina" 
This reverts commit 46f1669b79.

Change-Id: I465b9db7ed687ab1c0ac339640ae12096704816a
 2020-07-22 16:17:14 +05:30
Nilesh Gharde
46f1669b79 Sepolicy: Add ssr node path for lahaina 
Added SSR node path was not available in the genfs_contexts
for lahaina

Change-Id: I2817fcfa6f7e8b83cc0a7bbb749c744bbd8bf3a3
CRs-fixed: 2730358
 2020-07-20 09:45:05 -07:00
Linux Build Service Account
c0e16fd29f Merge "Add support for new subsystem" into sepolicy.vndr.lnx.1.0 2020-07-18 10:21:03 -07:00
Himateja Reddy
8e214f0b11 sepolicy: remove fastrpc device open permission for untrusted app 
Restrict untrusted applications from opening the fastrpc
non-secure device node only for Lahaina. Allow all syscalls for
other targets.

Change-Id: I3c1bf11059513ada8d1a19620f02738788025afa
 2020-07-17 13:28:56 -07:00
Smita Ghosh
ddcaf6f137 Add support for new subsystem 
Add support for EVASS.

Fix below denial
type=1400 audit(635.260:328): avc: denied { read } for
comm="rmt_storage" name="name" dev="sysfs" ino=66887
scontext=u:r:vendor_rmt_storage:s0 tcontext=u:object_r:sysfs:s0
tclass=file permissive=0

Change-Id: I0a1297df708c290f102f0349a74a0b82ea72281a
 2020-07-16 13:17:55 -07:00
vijay rayabarapu
bf1f054da6 Revert "sepolicy: remove fastrpc device open permission for untrusted app" 
This reverts commit 5eb452299b.

Change-Id: Ie706ab6aa3e6077b15b3965405d30fdacd1bc68e
 2020-07-15 23:35:25 +05:30
Himateja Reddy
5eb452299b sepolicy: remove fastrpc device open permission for untrusted app 
Restrict untrusted applications from opening the fastrpc
non-secure device node only for Lahaina.

Change-Id: Idd20e300963eac9f1cf96eff1aa3d1f3fc7dc9f2
 2020-07-14 12:02:27 -07:00
Linux Build Service Account
d4d6d2a00c Merge "sepolicy: add subsys nodes in file_contexts" into sepolicy.vndr.lnx.1.0 2020-06-06 02:26:14 -07:00
Vivekanand Tryambake
4161dc2b67 sepolicy: add subsys nodes in file_contexts 
Change-Id: I41b604c9de08ed6eeb7e646469ec9d9ae4406b49
(cherry picked from commit c7e48a241c68cc560614758e96a5ab276997a268)
 2020-06-04 14:58:04 -07:00
Amir Vajid
d35c0b5127 sepolicy: add permissions for new devfreq nodes on lahaina 
Add permissions to access new devfreq dcvs nodes on lahaina.

Change-Id: I73fa7e1f8e10bcb7a01dd73613264a31de0889bd
 2020-06-03 11:43:45 -07:00
Varun Arora
8ef5bc3220 Fix path for power/control node 
Change-Id: Icfe9cb049691b6fb07b197c113ecff544e8371fc
 2020-05-28 08:16:42 -07:00
Varun Arora
2be68bfbd5 sepolicy: Add card0 Display Sysfs Nodes 
Port nodes from previous target and add power/control

Change-Id: I57072c02bd3b67334e1513dc1753eef0dccdb7b7
 2020-05-26 13:26:26 -07:00
Pavan Kumar M
7fc0a0e994 sepolicy changes for new imsdaemon 
Add target specific policy for
imsdaemon and existing rcsservice.

Change-Id: I9094cfebdaad5588654ed5b0a642cd37e8155704
 2020-05-18 15:55:10 -07:00
qctecmdr
2e3eff5c12 Merge "File context for vendor_boot in Lahaina - Use existing boot_block_device label for vendor_boot_[a/b] vendor_custom_ab_block_device cpucp_[a/b] & shrm_[a/b] " 2020-04-09 14:40:36 -07:00
David Ng
557f3d3547 sepolicy: Create subsys nodes for Lahaina 
Add subsystem handling mapping for various hw variants of the target.

Change-Id: I1bc38fd92eef09e6f81a6914d3c876e711075d2c
 2020-04-06 17:33:48 -07:00
Nirmal Kumar
4c86698a6c File context for vendor_boot in Lahaina 
- Use existing boot_block_device label for vendor_boot_[a/b]
      vendor_custom_ab_block_device cpucp_[a/b]  & shrm_[a/b]
        

Change-Id: If3b72642c3b78cd5ca96d3e4e6d8e3252d19f920
 2020-04-01 10:42:30 -07:00
Amir Vajid
cc752ea78a sepolicy: add permissions for devfreq nodes on lahaina 
Add permissions to access devfreq dcvs nodes on lahaina.

Change-Id: Idc5a192699a697cc8c2e7a2ae1119215a93b407f
 2020-03-11 17:52:09 -07:00
qctecmdr
974a82ac78 Merge "sepolicy: Add vm block devices labeling" 2020-02-18 05:46:28 -08:00
David Ng
6fb17fefbf sepolicy: Add vm block devices labeling 
Add VM (virtual machine) partition block devices and associated
firmware file labeling and handling policies.

Centralize update_engine_common.te under generic/vendor/common
as the content are all common at this time.

Change-Id: Iba8bf4150db861f97bc9b78b70683f73b6fa7607
 2020-02-13 15:10:53 -08:00
Subbaraman Narayanamurthy
9cc676df60 sepolicy: add genfs_contexts for Lahaina 
Add genfs_contexts for Lahaina with adding rules for power supply
class and LED devices.

Change-Id: Id9e2dbb52a944d59e5e95550de062ed81a3c94fe
 2020-02-13 12:38:44 -08:00
Mao Jinlong
05bd3590f1 genfs_contexts: Add label to qdss sysfs nodes for lahaina 
Add label to qdss sysfs nodes to avoid the denial when qcomsysd accesses
qdss sysfs.

Change-Id: Ifdc5e9c30fed0f2affe7c4601791809b3d1e9ff8
 2020-01-27 12:14:27 -08:00
Jaihind Yadav
865b2f7060 sepolicy: adding vendor prefix to avoid naming colision 
Change-Id: Ib403824c380696e1fca97ef744863a6e15000395
 2020-01-14 20:31:42 +05:30
Smita Ghosh
be3a15e4a7 Add support for lahaina file_contexts 
Change-Id: Ic0c1b9c865debf567d13a6ebecee3c6f0c9e0573
 2019-12-07 16:38:08 -08:00