tequilaOS/platform_device_qcom_sepolicy_vndr-sm8450
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
4351 commits 1 branch 0 tags 5.8 MiB
Commit graph

1168 commits

Author SHA1 Message Date
qctecmdr
97187aee36 Merge "sepolicy_vndr: Update sepolicy rules for PMIC peripherals" 2022-07-26 00:27:28 -07:00
Jishnu Prakash
21b0223aa5 sepolicy_vndr: Update sepolicy rules for PMIC peripherals 
Update sepolicy rules for RGB, RTC and PON peripherals
for anorak.

Change-Id: I5e6762f6cd77789a040e0baf180e1ca83ad5ca38
 2022-07-22 11:29:15 +05:30
Chris Goldsworthy
bce4b5e6e0 sepolicy: Add selabel for new CDSP CMA heap 
Add a new selabel for the new CDSP CMA heap.

Change-Id: Ia169d61d8a672f5fcac45fc11f21d37279f01c24
 2022-07-13 10:47:39 -07:00
qctecmdr
77d06bc8ae Merge "Add:Sepolicy Rules for Neural Networks" 2022-07-07 05:47:44 -07:00
qctecmdr
aa9e4a2f25 Merge "Giving permission for mmc1 to mount SD Card in recovery mode" 2022-07-05 19:57:50 -07:00
Sasi Kumar Maddineni
729cc5d16f Neo: Labelling wakeup nodes 
Change-Id: I8932e1120a373e902f49cb848f3fa4e69c878b8c
 2022-07-03 21:44:25 -07:00
Saikumar Vutukuri
40e156ffbe Add:Sepolicy Rules for Neural Networks 
Change-Id: I9037b75c218710b8b601fb5f967b795eacbf74e8
 2022-07-01 13:17:08 +05:30
LAVEENA FULWANI
6fa13114cb Giving permission for mmc1 to mount SD Card in recovery mode 
Change-Id: Ia818c5a4f6cb30ef19f6a0e27c1c35fc6ab35a42
 2022-06-30 17:54:45 +05:30
zehugong
3852700093 sepolicy_vndr: remove common sepolicy of power-opt service 
Add sepolicy of soc name to target.

Change-Id: I5b20d169becfc61acff73a2bf353e7d00a3cbeb3
 2022-06-30 14:01:02 +08:00
qctecmdr
5883d3a390 Merge "Sepolicy:Add rules for init-qti-dcvs-sh" 2022-06-27 06:33:41 -07:00
Arvind Kumar
1e97fb6339 sepolicy_vndr: Update sepolicy for OTA partitions to fix AVC denials. 
1. Update sepolicy for OTA partitions.
2. Update sepolicy to fix AVC denials seen during OTA update.

Change-Id: If53e55c00d9be4ecb94cac2a71f21cb0977e2e27
 2022-06-21 22:54:45 -07:00
qctecmdr
8653c6284c Merge "Remove cdsp SE policy for lowirpcd daemon" 2022-06-21 16:14:04 -07:00
Saikumar Vutukuri
ce2bd36a16 Sepolicy:Add rules for init-qti-dcvs-sh 
Change-Id: Idd7c3635afd8fa6539d6d4a447cbb0962aefd684
 2022-06-21 20:47:42 +05:30
PavanKumar S.R
f426bc7fcd fix naming issue related to WPSS 
Change-Id: I941782be0e78602ff9a9e3c6a00dc9dc66f66072
 2022-06-19 21:51:41 -07:00
Pavan Kumar M
55dafc490c sepolicy : Add sysfs_net related path entries 
Update the secontexts for sysfs_net for parrot target

Change-Id: I2fea95de25b1cbf83b3b4ea4ff523ba4c301b373
 2022-06-14 03:37:56 -07:00
Michael Adisumarta
f621e3b2b2 sepolicy_vndr: add policies for ipa_lnx_agent 
Spearhead framework is used for collecting data path stats
for debugging. ipa_lnx_agent is the agent that will collect stats
related to dataipa driver. For this framework to function
we need to define new SELinux policies to provide the
required access privileges.

Change-Id: I47665d6bbea653572631b4260913ad458a216169
 2022-06-08 06:30:21 -07:00
zehugong
e37492c655 sepolicy_vndr: sepolicy change for XML parse 
Add property to support get soc name.

Change-Id: I98cdbe0e82b6f65e698c2724bd8f0444384d2405
 2022-06-02 10:04:10 +08:00
qctecmdr
51ae90c02f Merge "sepolicy: add labels to /sys/block/dev/sd*" 2022-05-30 21:58:13 -07:00
qctecmdr
e4d94b6b19 Merge "sepolicy_vndr: hal_trustedui: Add sepolicy rules to access touch nodes" 2022-05-30 04:06:54 -07:00
Divyanand Rangu
c0a273e70b sepolicy: add labels to /sys/block/dev/sd* 
Adding a new label to /sys/block/dev/sd* on parrot
Allow vendor_qti_init_shell to have permissions to
update read_ahead_kb nodes of /sys/block/sd*

Change-Id: Iefdb929caad160053aedc64b82663628deb451b8
 2022-05-27 16:41:31 +05:30
qctecmdr
7e31d49ce8 Merge "Neural Networks: add NNHAL-1.3 configuration" 2022-05-24 06:48:52 -07:00
Mohit Sharma
ce61654432 sepolicy: Add sepolicy rules for sdhci nodes. 
Change-Id: I8797cb5ddf0ecfc0ad389830e03a989e90423291
 2022-05-24 10:35:06 +05:30
Piyush Pradeep Jain
41104a6721 sepolicy_vndr: hal_trustedui: Add sepolicy rules to access touch nodes 
Add sepolicy rules to access new trusted_touch_enable,
trusted_touch_type and trusted_touch_event nodes in TUI HAL

Change-Id: I8a2691b821dd4c500591d2e7864484b9e4fcd0b8
 2022-05-20 22:32:00 -07:00
qctecmdr
2065823971 Merge "sepolicy: Fix avc denials for wakeup nodes" 2022-05-19 22:21:16 -07:00
mukul sharma
9d3c47c936 Remove cdsp SE policy for lowirpcd daemon 
Currently, lowirpcd uses CDSP access SE policy
which is not by required for lowirpcd

Change-Id: Ic161109c07bf1b87839494ed4c4d5d31449d3ab6
CRs-Fixed: 3017691
 2022-05-19 05:25:28 -07:00
PavanKumar S.R
8109c8d864 sepolicy: Fix avc denials for wakeup nodes 
Label wakeup sysfs nodes listed by SuspendSepolicyTests.sh

Change-Id: I2a098274a9d316806805fb9f4c10b7ffd4de0c87
 2022-05-19 04:58:07 -07:00
Arvind Kumar
94e62f5b47 sepolicy: Adding nodes for missing partition 
Change-Id: I4170b3dc6ced3b2ba16c93ebcadca0831962ad7f
 2022-05-18 22:20:28 -07:00
qctecmdr
0ac811e7ab Merge "sepolicy_vndr:Adding new graphics libraries" 2022-05-18 11:28:55 -07:00
Kaustubh Pandey
29b35e7784 sepolicy_vndr: update policies for Spearhead 
Fixed avc denial for Sprhdd that is observed
in bootup.

Change-Id: I2acbef740a29afdba1c339fc94f3ab708f82bed1
 2022-05-17 16:22:04 +05:30
Saikumar Vutukuri
e47f8fcfcc Neural Networks: add NNHAL-1.3 configuration 
Change-Id: I61c5657a5700de4069041316dc9592561d4ed184
 2022-05-13 09:46:44 +05:30
qctecmdr
10b71cfdd2 Merge "Revert for sepolicy for QC signing for ssg services" 2022-05-11 11:29:26 -07:00
qctecmdr
e9d0b300ed Merge "ims: Add sepolicy rules for ims service" 2022-05-10 03:55:10 -07:00
Charles McGrath
bdeff5d3b3 Revert for sepolicy for QC signing for ssg services 
Revert "Remove custom signing cert and rules"

   This reverts commit f2ea07094a.

Revert "sepolicy_vndr: Add sepolicy for ssg system service"

   This reverts commit bcb76b2ebc.

Change-Id: I91ad0e09954becddc164c1a969b32dddd8ac8d09
 2022-05-09 17:59:46 -07:00
qctecmdr
38bdb8f5eb Merge "sepolicy: Add dac_read_search dontaudit exceptions" 2022-05-09 01:04:29 -07:00
Naman Jain
0ae2e49467 sepolicy_vndr: Allow getprop for persist.debug.trace property 
Allow vendor init scripts to getprop persist.debug.trace property
to fix avc denial issues.

Change-Id: I739d8eb63d305b810af16dd2e31e5fead42037a7
 2022-05-06 00:43:45 -07:00
Naveen Kumar Goud Arepalli
b2f45a1087 sepolicy: Add dac_read_search dontaudit exceptions 
Add dac_read_search self capability for vendor_rfs
to avoid avc denial messages as below during bootup

AVC avc: denied { dac_read_search } for pid=2695 comm="tftp_server"
capability=2 scontext=u:r:vendor_rfs_access:s0
tcontext=u:r:vendor_rfs_access:s0 tclass=capability permissive=0

AVC avc: denied { dac_override } for pid=2695 comm="tftp_server"
capability=1 scontext=u:r:vendor_rfs_access:s0
tcontext=u:r:vendor_rfs_access:s0 tclass=capability permissive=0

Change-Id: I238c1cf4a89aaa7e07c4c6aa61df36ea8d881c56
 2022-05-05 22:18:23 -07:00
PavanKumar S.R
7429a9fe29 sepolicy: Fix avc denials for wakeup nodes 
Label wakeup sysfs nodes listed by SuspendSepolicyTests.sh

Change-Id: I06e43361959c6a1f99beece85dc7c51c0458e189
 2022-05-04 10:44:29 +05:30
Kranthi Kumar Kommalapati
03000f5344 sepolicy_vndr:Adding new graphics libraries 
Adding new graphics libraries libkernelmanager.so and libkcl.so.

Change-Id: I6b02ed933d7e0c33453965c084928daac943333b
 2022-05-02 10:29:54 -07:00
Saikumar Vutukuri
8ef88a1510 ims: Add sepolicy rules for ims service 
Change-Id: I0db29f948a5ba7d2ba04eb21cca7d038372f03a6
 2022-05-02 17:28:32 +05:30
Naman Jain
d5cbbda6b0 vendor_modprobe: add new debugfs dir search permissions 
Add dir search permissions in vendor_modprobe for new
debugfs labels debugfs_bootreceiver_tracing and debugfs_wifi_tracing.

Change-Id: I9f95cb0d623a5ebc80eb69cd135099f7b3b31085
 2022-04-27 11:27:36 +05:30
qctecmdr
6c882d65bb Merge "sepolicy_vndr: Update context for /sys/class/kgsl/kgsl-3d0/perfcounter" 2022-04-20 13:26:57 -07:00
qctecmdr
e9d5e496c6 Merge "sepolicy: msmsteppe: Add vendor specific sepolicies for msmsteppe" 2022-04-19 05:14:41 -07:00
Zhenlin Lian
4508176307 sepolicy: msmsteppe: Add vendor specific sepolicies for msmsteppe 
Change-Id: I75459b4c29ccb4ce34f5f888fbaf9039fc867048
 2022-04-18 17:13:37 +05:30
qctecmdr
a683ea8594 Merge "sepolicy: add selinux label for LED devices" 2022-04-18 03:00:38 -07:00
qctecmdr
a2f4fa90c4 Merge "Enable sepolicies for anorak Change-Id: Ic2b4812ba4d8c7c8a83907fe6e12547348da9d85" 2022-04-15 03:58:27 -07:00
qctecmdr
c0f840d935 Merge "sepolicy_vndr: Correct paths for RGB nodes for parrot" 2022-04-14 15:35:05 -07:00
qctecmdr
d8ee5f04f1 Merge "sepolicy_vndr: Move qti-media file contexts to genfs" 2022-04-14 11:08:49 -07:00
Mohammed Mirza Mandayappurath Manzoor
8759fd85ec sepolicy_vndr: Update context for /sys/class/kgsl/kgsl-3d0/perfcounter 
Shell permissions set in genfs_contexts for SELinux context applicable
for /sys/class/kgsl/kgsl-3d0/perfcounter is overridden if not set in
file_contexts.

Change-Id: I3eb818226abf497e1106af68ece9356bee0a3702
 2022-04-11 11:10:07 -07:00
sasikumar maddineni
ebd9b412c3 Enable sepolicies for anorak 
Change-Id: Ic2b4812ba4d8c7c8a83907fe6e12547348da9d85
 2022-04-06 22:36:42 -07:00
Priyanka Gujjula
24bc99f79d sepolicy_vndr: Move qti-media file contexts to genfs 
[1] sku version file contexts are loaded by early-
init phase and sku version node is created after
file contexts are loaded. The transistion time
from early init to post-fs is around ~2.5 seconds.
avc denied messages are observed when sku_version
is accessed as vendor file contexts are slow in
reporting.
[2] Hence, move file contexts to genfs as genfs
helps to track and label the node even if the
node is created afterwards.

Change-Id: Idcdebf0dbc5a4e9e97bddc9a5f4e3151f6a97d8b
 2022-04-03 18:15:55 -07:00