pa-fazil
/
android_device_qcom_common
mirror of https://github.com/fazilsheik96/android_device_qcom_common.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
2,423 Commits 20 Branches 0 Tags 11 MiB
Commit Graph

135 Commits

Author SHA1 Message Date
Jake Weinstein 5d67c870c3 common: sepolicy: Label ipebpsstriping170 for pinner 
Change-Id: I75ffd066ff6a5989bb6bd735278f63c7d9e57ea6
 2022-11-08 08:17:11 +00:00
Sandeep Singh d9f6752cbb common: sepolicy: Add permission for cnss-daemon to write in persist folder 
Add permission for cnss-daemon to create file in
/mnt/vendor/persist/wlan folder.

Change-Id: I11690dee5383e8555260a1c6bbfa266043ed395e
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-11-06 14:51:27 +00:00
UtsavBalar1231 39942ef559 common: sepolicy: Allow flipendo to find vendor_hal_perf 
This fixes ANDR-PERF-CLIENT-SYS not being accessed by flipendo
E SELinux : avc:  denied  { find } for interface=vendor.qti.hardware.perf::IPerf sid=u:r:flipendo:s0:c199,c256,c512,c768 pid=21903 scontext=u:r:flipendo:s0:c199,c256,c512,c768 tcontext=u:object_r:vendor_hal_perf_hwservice:s0 tclass=hwservice_manager permissive=0
E ANDR-PERF-CLIENT-SYS: IPerf:: Perf HAL Service 2.2 is not available.

Change-Id: I42a582864309f17e183e10baf04cbd01eba04913
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-11-06 14:48:40 +00:00
Omkar Chandorkar 7a8a93d1a4 common: sepolicy: suppress harmless denials 
- for cleaner avc logs

Change-Id: I55f0317e38e6a2fc74739db9993f59e628d099c3
Co-authored-by: UtsavBalar1231 <utsavabalar1231@gmail.com>
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-11-05 17:33:25 +00:00
UtsavBalar1231 f50136a7a6 common: sepolicy: Allow init.qcom.usb.sh to create files in uvc.0 dir 
During the UVC conifguration initialiation qcom USB script tries to create multiple folder and symlinks
so allow qcom USB script to succesfully create them without any denials.

This fixes:
W init.qcom.usb.s: type=1400 audit(0.0:10): avc: denied { write } for name="uvc.0" dev="configfs" ino=27535 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W init.qcom.usb.s: type=1400 audit(0.0:11): avc: denied { write } for name="uvc.0" dev="configfs" ino=27535 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:12): avc: denied { write } for name="header" dev="configfs" ino=27537 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:13): avc: denied { write } for name="fs" dev="configfs" ino=27546 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:14): avc: denied { write } for name="ss" dev="configfs" ino=27547 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:15): avc: denied { write } for name="uncompressed" dev="configfs" ino=27550 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:16): avc: denied { write } for name="uncompressed" dev="configfs" ino=27550 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:17): avc: denied { write } for name="mjpeg" dev="configfs" ino=27551 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:18): avc: denied { write } for name="mjpeg" dev="configfs" ino=27551 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:19): avc: denied { write } for name="h264" dev="configfs" ino=27552 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:20): avc: denied { write } for name="h264" dev="configfs" ino=27552 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W mkdir   : type=1400 audit(0.0:21): avc: denied { write } for name="header" dev="configfs" ino=27549 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:22): avc: denied { write } for name="header" dev="configfs" ino=27549 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:23): avc: denied { write } for name="header" dev="configfs" ino=27549 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:24): avc: denied { write } for name="header" dev="configfs" ino=27549 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:25): avc: denied { write } for name="fs" dev="configfs" ino=27556 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:26): avc: denied { write } for name="hs" dev="configfs" ino=27557 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0
W ln      : type=1400 audit(0.0:27): avc: denied { write } for name="ss" dev="configfs" ino=27558 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=0

Change-Id: Ic092fe1d6ea0d42f0d4939ac3a4241ec0063697d
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-11-05 17:33:25 +00:00
UtsavBalar1231 522391750b common: sepolicy: Allow init.qcom.post_boot.sh to set 
watermark_scale_factor

- addresses
W init.qcom.post_: type=1400 audit(0.0:42): avc: denied { write } for name="watermark_scale_factor" dev="proc" ino=52566 scontext=u:r:vendor_qti_init_shell:s0 tcontext=u:object_r:proc_watermark_scale_factor:s0 tclass=file permissive=0

Change-Id: Ib79c0208e758f03df5ce6652322802354836d6a5
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-11-05 17:33:25 +00:00
UtsavBalar1231 24cc0790bc common: sepolicy: Allow init to modify read_ahead_kb and discard_max_bytes 
Change-Id: Ie5eee0883558a489c8cda2e4418f7a7144bf1ae1
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-11-05 17:33:25 +00:00
kocolin 574d2193e2 common: sepolicy: Label libipebpsstriping for pinner 
Change-Id: I6806151eee833725e173903d03e9459839333565
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-11-05 17:33:25 +00:00
Himanshu Agrawal 97b4c0d232 common: sepolicy: Fix compilation issues for newer upgrade 
Change-Id: I60686d0066a1aa099a7dffbca091c9a7e2bac7f8
 2022-10-30 04:50:58 +00:00
Jake Weinstein 4cf4a266c1 common: sepolicy: Remove blank msmsteppe policies 
Qualcomm removed them at
"removing some of the target dir from the component.", which
we reverted.

Change-Id: If2d407c03c112099b67bcd88d2ec4b31c0425642
 2022-10-30 02:31:07 +09:00
PainKiller3 89e506c28a sepolicy: Update paths for new sepolicy location 
Change-Id: I4fa022c674cf031fa2c89fabad1f457ac3516132
 2022-10-29 17:12:55 +00:00
Jyotiraditya Panda 4bd3d38ceb sepolicy_vndr: lahaina: Fix rtc0 wakeup node label path. 
Fixes:

  W Binder:601_2: type=1400 audit(0.0:797): avc: denied { read } for name="wakeup15" dev="sysfs" ino=65223
    scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs_rtc:s0 tclass=dir permissive=0
  E android.system.suspend@1.0-service: Error opening kernel wakelock stats for: wakeup15: Permission denied

Change-Id: I7e3d90eab1b0a7ad73d810221bf1c7aca3936883
Signed-off-by: Jyotiraditya Panda <jyotiraditya@aospa.co>
 2022-10-29 11:58:28 +09:00
Jake Weinstein 9373746f3b common: sepolicy: Remove waipio policies 
These were added back at 'Revert "removing some of the target dir from the component."',
however, taro uses the taro directory.

Change-Id: Ide946d9db03f1f2ffbabab0203090238b18475f3
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 717123bb4d sepolicy_vndr: generic: allow tlocd to search for vendor_location_data_file 
Change-Id: I7a6e3679e8b3c216e034f0897218898539337e42
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 4e2cc088a4 sepolicy_vndr: generic: address ims denials for legacy stack 
Change-Id: Icd379fdefdeb8feabe7ec658cf8a4e8056b35e53
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 960bf8f349 Revert "Neural Networks: Remove NNHAL-1.3 configuration" 
This reverts commit b0b589b96c18ed37c77479ece367c6b34af7c56b.

Change-Id: Ifadb4bc83d580735ba9be940f0e77057f9e70e68
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 1c575c42d0 sepolicy_vndr: qva: allow vppservice to access ion_device 
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
Change-Id: I10edaf60af3682599b55d9877f7ef11e5aba9b81
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 782b7e8229 sepolicy_vndr: qva: allow esepowermanager to access ion_device 
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
Change-Id: I16291a16ffac819960aeb681af9ecae1b48f4b61
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 20d7c954dd sepolicy_vndr: generic: add poweropt sepolicy for kona 
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
Change-Id: I8477b7455b12dfa783d7e646b92726e6dc91361a
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 0e4a4ed479 sepolicy_vndr: qva: allow vendor_hal_qteeconnector to access ion_devices 
- addresses
W qteeconnector@1: type=1400 audit(0.0:144): avc: denied { read } for name="ion" dev="tmpfs" ino=1280 scontext=u:r:vendor_hal_qteeconnector_qti:s0 tcontext=u:object_r:ion_device:s0 tclass=chr_file permissive=0

Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
Change-Id: I743a9efe95c4d56dd613722f6e61c200297a0b16
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar 1dbfe6c867 sepolicy_vndr: qva: allow netmgrd to modify rmnet module parameters 
- addresses
W netmgrd : type=1400 audit(0.0:135): avc: denied { search } for name="parameters" dev="sysfs" ino=51272 scontext=u:r:vendor_netmgrd:s0 tcontext=u:object_r:vendor_sysfs_rmnet:s0 tclass=dir permissive=0

Change-Id: I88a99677ae3a1a0070111d1978c48d1cf43094e1
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-10-29 11:58:28 +09:00
Arian 8ede8d6ad2 sepolicy_vndr: qva: Update vendor property types 
Change-Id: I93335f35c94250bc62defb36552ac5db2efbb98b
 2022-10-29 11:58:28 +09:00
Foxtrot47 09af1dabaf sepolicy_vndr: generic: Drop hbtp rule from msmnile 
Change-Id: Ib14ff840d752713da5cd1ca72e6516d5359beb6a
 2022-10-29 11:58:28 +09:00
chrisl7 df490c97ef sepolicy: vndr: Remove hal_rcsservice to all platform 
Signed-off-by: chrisl7 <wandersonrodriguesf1@gmail.com>
Change-Id: I140ee0b92bd1b47bb91e1c2df422e7e2b2676774
 2022-10-29 11:58:28 +09:00
Arian 87fd803d2a sepolicy_vndr: qva: Remove mediatranscoding sepolicy 
commit [1] made the mediatranscoding type private.
Instead [2] was merged into android12-gsi which
moves the rule to system/sepolicy.

[1]: 63655462bb
[2]: https://android-review.googlesource.com/c/platform/system/sepolicy/+/1880325

Change-Id: Ic6d9db21c437cbafe4d008eba9d67c5f3ce5842a

qva: Remove mediatranscoding sepolicy

Change-Id: Ie9818d52e997de166f8f9229369d2e29f78d8e95
 2022-10-29 11:58:28 +09:00
MoetaYuko 3b251dd74c sepolicy: Fix genfscon for kona 
Change-Id: I4ed9e080904d7d2dbbb88a2da0aaffda37a0277b
 2022-10-29 11:58:28 +09:00
Omkar Chandorkar ae1f27b0b6 kona: fix compile 
Change-Id: I18270f41c2d53ce2b3628ab4bc843e8560557ba3
Signed-off-by: Omkar Chandorkar <gotenksIN@aospa.co>
 2022-10-29 11:58:28 +09:00
Jake Weinstein 5a5b143fcd sepolicy: Add missing 8150-8350 policies from LA.UM.9.14 
Change-Id: Ibdecba5a310e3a2af4bb54f625986c8126d9669a
 2022-10-29 11:58:28 +09:00
Jake Weinstein 4649ff3ef3 sepolicy: Import 710/845 changes from LA.UM.9.14 
Change-Id: I221bd822701b131828c7889def64f54106431e74
 2022-10-29 07:33:03 +09:00
Jake Weinstein 6f4c4eb90d common: sepolicy: Build custom policies 
Moving to device/qcom/common so we don't need
to rebase so many changes going forward.

Change-Id: I0a51c45e0bd54fe14a0bf95e7460bcd9688705ca
 2022-10-29 07:33:03 +09:00
Jaihind Yadav 62f8f7040b Revert "removing legacy dir from the component." 
This adds back support for 845 and 710

This reverts commit 033dcb081f233962f9a549910ffb796c943720c7.

Change-Id: I4198a69889b3b1bf6f352cc0a4e579cee2c633ac
 2022-10-29 05:31:21 +09:00
Jake Weinstein dcca525fb8 Revert "removing some of the target dir from the component." 
This adds back SDM845, SM6125, SM8150, SM8250, SM8350,
and others.

This reverts commit 4346ce0d904984c5582d62cd9586a15abf2d62d5.

Change-Id: Idc0f96e28b4d47481d1281d34bf13859a45be1d8
 2022-10-29 05:03:45 +09:00
Jake Weinstein 157b56fb51 common: remove stuff that either belongs in device or doesn't belong at all. 
* Note: cryptfs_hw was removed so that devices can use their own.

Change-Id: I6f83ceb7b32a0f578ecdd1a9ad0b92211deace6b
 2015-10-11 20:20:17 +00:00
Georgi Hristov f52d033228 sepolicy: add policies for camera 
Added security policies needed for camera daemon, for
domain transition, device policies

CRs-fixed: 569218
Change-Id: Ib7126a0465a88a629afee871d242e27ad8221a66
 2014-04-17 03:27:48 -07:00
Harout Hedeshian a5cb2cbe0b sepolicy: Policies for IPV6 Tethering 
Added security policies needed for IPV6 tethering functionality
to create, listen and read from sockets

CRs-fixed: 555006
Change-Id: I138005b9acf8a2ae7505ef34f7ba722105554cf2
 2013-10-24 14:21:28 -06:00