aboutsummaryrefslogtreecommitdiff
path: root/sepolicy/file_contexts
AgeCommit message (Collapse)Author
2021-04-07shinano-common: rootdir: Introduce a service to start suntroldArian
* suntrold is a oneshot service and spawns a subprocess which is required for the rear camera. Since [1] oneshot services' process groups are killed which prevents suntrold from working correctly. * To work this issue around create a non-oneshot service, suntrold.sh, which never exits, so that suntrold can be started from it and it's subprocesses will not be killed. [1] https://github.com/aosp-mirror/platform_system_core/commit/d89ed132a0ee1a57046286b83e64a35b71774952 [Idea of this is from LuK1337] Co-authored-by: LuK1337 <priv.luk@gmail.com> Change-Id: Id9c4f56648168f0ffe19b2bb31c591750afe6f97
2020-12-21shinano-common: Cleanup sepolicyArian
Change-Id: If615758376413b16fcc80addd03a9ba5cd388e8a
2020-12-19shinano-common: Kill dumpstate serviceArian
Change-Id: I00fd40659fefb9208fb68abdeb204f9478452c0f
2020-12-18shinano-common: Import touch halGeorg Veichtlbauer
* from z3c, used by all shinano devices Squashed with: commit 5a3f9869745be6c5ded604810df7145e47db8858 Author: Arian <arian.kulmer@web.de> Date: Fri Dec 18 11:22:16 2020 +0100 shinano-common: touch: Fix formatting of Android.bp make blueprint_tools && bpfix device/sony/shinano-common/touch/Android.bp Change-Id: I33a0b2e03bde6278c6dec52f384e3f2f277019e0 commit 80d2c076a48d0f128d915cdf3c65a994f9914a90 Author: Arian <arian.kulmer@web.de> Date: Fri Dec 18 11:24:14 2020 +0100 shinano-common: touch: Move the manifest entry to vintf_fragments Change-Id: I590da80b5c1e7d6729d67b78e55164d33fa7d95b commit d76bab75f874ec15ec42dfaef036ea0476e6f3ec Author: Arian <arian.kulmer@web.de> Date: Fri Dec 18 11:31:02 2020 +0100 shinano-common: touch: clang-format Change-Id: I2e018de4544e4189336207902466e0e821673a5a Change-Id: Idf3e21f5530e40931b5f730dcf6fb2db851e9fb8
2020-02-23shinano-common: sepolicy: Label touch nodes device-sideArian
Change-Id: I227d33c5c556d2ae00852519c29ab5757eb1c4ff
2020-02-07shinano-common: sepolicy: Label Trim Area DaemonArian
Change-Id: I849c429d6b1fd57d6593f4b9a6152f31477c71a0
2019-11-10shinano-common: tfa9890: Move to vendorArian
Change-Id: Icdfdac046bc0bfc0ced4a2c1846579322f606153
2019-10-25shinano-common: rootdir: Move brc-uim-sysfs to vendorArian
Change-Id: I95d5f00b45c456f76b2adb3079144e8118b3ce69
2019-10-25shinano-common: sepolicy: Sort file_contexts alphabeticallyArian
Change-Id: Ie8f6db203696481b4a5ee304b5f579a58293e52f
2019-10-25shinano-common: sepolicy: clean upArian
2019-10-25sepolicy: Allow init to chown touchscreen sysfs filesSpiritCroc
Fixes double tap to wake on enforcing Change-Id: Iaef8822a283e18ad40656bf679acea7de6075662
2019-10-25shinano: Add HVDCP service for QC2.0Andrew Dodd
This is used to enabled HVDCP (Quick Charge 2.0) negotiation Without this service, HVDCP chargers will treat the device as a non-HVDCP-capable one. Signed-off-by: Humberto Borba <humberos@gmail.com> Change-Id: Ic6921af66e86eed3e41c523a5543530c409fda18 (cherry picked from commit 1996c89092a98db01981378a18906f59e6d6f32c)
2019-10-07Remove duplicate sepolicy definitionSpiritCroc
Already defined in device/aicp/sepolicy
2019-10-07shinano: sepolicy: label the dumpstate service.Alexander Diewald
Change-Id: Id6dd04a1c7c5fa5ce6d0158ace578c614c0e1639 Signed-off-by: Alexander Diewald <Diewi@diewald-net.com>
2019-10-07shinano: sepolicy: Fix wifi related denials.Alexander Diewald
* Label FW path (for the communication with the kernel). * Allow the HAL (Treble) service to read the FW files. Change-Id: I50c43882bf1837e87cc4609de74caf4ed7aa78c5 Signed-off-by: Alexander Diewald <Diewi@diewald-net.com>
2019-10-07shinano: init: Adjust vendor service path.Alexander Diewald
* In order to be compliant with the proprietary file locations, adjust the path to the binaries in the init files. The blob binaries have been moved from "/system/bin" to "/system/vendor/bin" * The idea behind the move is to profit from qcom's sepolicy file labelling. Change-Id: I78b96730638258ffd54640f7951ceebc7f503fc4 Signed-off-by: Alexander Diewald <Diewi@diewald-net.com>
2019-10-07shinano-common: move common sepolicy to msm8974-commonNikhil Punathil
Change-Id: I270a673ac8c13dd192799e2513ec377919653458 Signed-off-by: Nikhil Punathil <nikhilpe@gmail.com>
2017-08-04shinano: Rework In Device Diagnostics sepolicyKeita Espinoza
- Fix symlinking and reading denials for iddd and credmgrd Change-Id: I786301f2cb4f2aaa76e8f5b96a036ada0563463b
2017-05-10shinano-common: sepolicy: Rework credmgr initnailyk-fr
* Credmgrdinit script had some mistakes. Adjust policies according to the new changes. Change-Id: I6e865f756225a1d8decdbc1833123dced27e75de
2017-05-01shinano-common: sepolicy: Reorganise policiesnailyk-fr
* No policies added or removed, only moved between files to improve se linux management. Change-Id: Ifa7cb9ce84f75c99f2d96dd0a71ced26f2580ba9
2017-04-05shinano-common: fix several selinux denialsDerfElot
when it is set to enforced (from logcat and dmesg): 04-01 22:29:40.566 W/macaddrsetup(362): type=1400 audit(0.0:302): avc: denied { dac_override } for capability=1 scontext=u:r:addrsetup:s0 tcontext=u:r:addrsetup:s0 tclass=capability permissive=0 04-01 22:31:46.119 W/credmgrd(333): type=1400 audit(0.0:380): avc: denied { search } for name="suntory" dev="tmpfs" ino=6960 scontext=u:r:credmgrd:s0 tcontext=u:object_r:suntrold_sock_socket:s0 tclass=dir permissive=0 04-01 22:31:46.123 W/credmgrd(333): type=1400 audit(0.0:381): avc: denied { search } for name="/" dev="tmpfs" ino=7367 scontext=u:r:credmgrd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0 04-01 22:31:41.186 W/iddd (12977): type=1400 audit(0.0:378): avc: denied { search } for name="/" dev="tmpfs" ino=7367 scontext=u:r:iddd:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0 04-01 22:31:46.249 W/scd (13064): type=1400 audit(0.0:382): avc: denied { getattr } for path="/dev/socket/scd/scd.sock" dev="tmpfs" ino=9384 scontext=u:r:scd:s0 tcontext=u:object_r:socket_device:s0 tclass=sock_file permissive=0 04-02 01:54:06.328 W/scd (7200): type=1400 audit(0.0:47): avc: denied { remove_name } for name="scd.sock" dev="tmpfs" ino=8437 scontext=u:r:scd:s0 tcontext=u:object_r:socket_device:s0 tclass=dir permissive=0 04-02 02:36:47.050 W/scd (6544): type=1400 audit(0.0:53): avc: denied { unlink } for name="scd.sock" dev="tmpfs" ino=8369 scontext=u:r:scd:s0 tcontext=u:object_r:socket_device:s0 tclass=sock_file permissive=0 04-02 03:09:36.677 W/scd (7902): type=1400 audit(0.0:72): avc: denied { search } for name="scd" dev="mmcblk0p25" ino=382769 scontext=u:r:scd:s0 tcontext=u:object_r:scd_data:s0 tclass=dir permissive=0 04-02 03:42:10.207 W/excal:HalCtrl(6497): type=1400 audit(0.0:16): avc: denied { write } for name="current1" dev="sysfs" ino=19887 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 [ 29.029135] type=1400 audit(7343886.976:11): avc: denied { search } for pid=365 comm="mm-qcamera-daem" name="etc" dev="mmcblk0p25" ino=716673 scontext=u:r:mm-qcamerad:s0 tcontext=u:object_r:ta_data_file:s0 tclass=dir permissive=0 [ 27.905847] type=1400 audit(7343885.850:6): avc: denied { search } for pid=254 comm="wvkbd" name="suntory" dev="tmpfs" ino=7537 scontext=u:r:wv:s0 tcontext=u:object_r:suntrold_sock_socket:s0 tclass=dir permissive=0 04-02 13:20:48.566 W/excal:ExposureC(7212): type=1400 audit(0.0:18): avc: denied { search } for name="battery" dev="sysfs" ino=18957 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=dir permissive=0 04-02 14:03:30.945 W/excal:ExposureC(6244): type=1400 audit(0.0:14): avc: denied { read } for name="voltage_now" dev="sysfs" ino=18973 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=file permissive=0 04-02 14:35:55.034 W/excal:ExposureC(6197): type=1400 audit(0.0:17): avc: denied { open } for name="voltage_now" dev="sysfs" ino=18870 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=file permissive=0 04-02 15:05:29.858 W/excal:ExposureC(5947): type=1400 audit(0.0:15): avc: denied { getattr } for path="/sys/devices/qpnp-charger-14/power_supply/battery/technology" dev="sysfs" ino=18969 scontext=u:r:mediaserver:s0 tcontext=u:object_r:sysfs_battery_supply:s0 tclass=file permissive=0 04-02 17:38:33.610 W/Binder:5021_3(5299): type=1400 audit(0.0:11): avc: denied { read } for name="/" dev="tmpfs" ino=6614 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=dir permissive=0 04-02 18:27:24.996 W/Binder:5251_1(5266): type=1400 audit(0.0:13): avc: denied { open } for name="/" dev="tmpfs" ino=7203 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=dir permissive=0 Change-Id: Ifbc5ef57cadea4d3f35d52dce23c1b56966bd981
2017-03-27shinano-common: vendor: Camera initnailyk-fr
Change-Id: I0b85560bb56beee0d21751fe55587c2de4b8ff00
2017-03-27Delete unneeded file context for secdMax Weffers
2017-03-27sepolicy: avoid macaddrsetup denialsMax Weffers
Change-Id: I0e726ca654ac6758569b6c754461872dcc9e60c0
2017-03-27Build and use macaddrsetupChirayu Desai
Change-Id: I6f81296829673f66bcb27f444945b9bddd54929c This fixes random mac adress at boot
2017-03-14sepolicy: changes for bluetooth denialstunturn
Change-Id: I2ca85cd2c555b74f8de63c05e1e6dd2cc292dac9
2017-03-14sepolicy: update contextstunturn
Change-Id: Ie6504c205fa9fbe54803331f5f40c765ace1a1e8
2017-03-14Fix bluetooth SE denialsNickolay Semendyaev
Change-Id: Ife9e06092421bffc0b77ef38b68df3196938f788
2017-02-21shinano-common: sepolicies: Add camera related entriesnailyk-fr
Change-Id: Icfc6a998c6c5615351ed59111284858b9f27893c shinano-common: Rework credmgrd sepolicies Change-Id: Id922021b05ed0313b5cd7e506641632277a82105 shinano-common: Fix last camera denials Change-Id: Ibf96ebf0a136ffa40be85369896f57645c24157c
2017-02-21shinano-common: Solve camera denialsnailyk-fr
Change-Id: I62e1e9b87e48b0f5d436ef44bb816eedf5328347 shinano-common: Solve camera services denials Change-Id: I36479598ada099da4949d999f7485b69ccd59c19
2017-02-21shinano-common: Adjust idd permsnailyk-fr
Change-Id: If920b5e5265aca89020bd000904d586cd879cc85
2017-02-21shinano-common: sepolicies: Add idd policy contextnailyk-fr
Change-Id: I38050b1701c4bf3ee3929c17a1e8dad849b9e815
2015-02-02Add SELinux policy for the TFA amp serviceChirayu Desai
Change-Id: I698f56bca42ffef6e83f46dbdf6e8b798267028a
2015-02-02sepolicy: Label the vibrator sysfs nodeChirayu Desai
Change-Id: Ib7d69d95adbef765429a7ba9f7112b6296bc6f1b
2015-01-31Remove CMHW CABC controlChirayu Desai
Change-Id: I42971cd8dc77655c066aabfb198b7eac033cd484
2015-01-20init: Add mlog_qmi serviceShane Francis
All Z3 series need this service to keep modem alive Change-Id: Iba8ac16083d878a9a9864472d350ee4868f20c6a
2015-01-15Add SELinux policy for hardware tunablesdavid
Change-Id: Ie58527ef6ca5b9aed48e68d0ec74a6453b3b4643
2014-11-21Re-add family-specific SELinux policyChirayu Desai
This partially reverts commit 21ae2255e1cd2e17a4b9e7766aa1f86eec2f18a6 Change-Id: Ic4e063ef166466843f2f0708c6531cf68c7074ef
2014-11-14Move SELinux policy to msm8974-commonChirayu Desai
Change-Id: I312eb2c2eec3787809a9aff767cca24c6695bdcf
2014-04-27Initial Shinano importGiulio Cervera
based on rhine-common 7e2a33e
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 08:33:36 +0000