Age | Commit message (Collapse) | Author |
|
Change-Id: I172349433946883aa1035e91ab3ab703a96e7912
|
|
Change-Id: I47490bfa19bfb6162d161ba0c5e9f48556ab6eff
|
|
Before it had permissions to use hal_graphics_allocator_hwservice,
but it didn't declare itself to be an allocator_client.
Bug: 80319537
Test: boot + sanity
Change-Id: I93a23cd3db270491e82b378507f3cb55063561e8
|
|
Addresses:
avc: denied { find } for
interface=android.hardware.configstore::ISurfaceFlingerConfigs pid=817
scontext=u:r:hal_camera_default:s0
tcontext=u:object_r:hal_configstore_ISurfaceFlingerConfigs:s0
tclass=hwservice_manager permissive=0
Bug: 65454046
Test: camera app
Change-Id: I84b92e5809b89b7f755322d485b92f5e7175a06a
|
|
Change-Id: I589b8196c201baebd9c952a70043d317f2eb5d6b
|
|
Change-Id: If37262e6be3d31f51dcd482db04ce647ecd57e4d
|
|
Change-Id: I471c0d1fedb51eabc32b54ab35a9823db8efd034
|
|
Change-Id: I777042d5ade15bfa02724880f4bab4931e5772f5
|
|
* In device/qcom/sepolicy-legacy-um now.
Change-Id: I80b877d4b65a3d22cf7a61d70e08e48edeb627de
|
|
* Used by GCAM for DSP-accelerated HDR processing
* Arguably we should label /vendor/dsp/cdsp/fastrpc_shell_3 to
same_process_hal_file like Pixels, but the partition is prebuilt thus
we're unable to relabel it.
* Copy the file to writable tmpfs, setup attributes and bind mount back
to workaround the limitation.
Change-Id: Ide90e5c7307d413db5ece736e859559f06679545
|
|
Change-Id: I14b172af1fac85448e4f632bfb128427d136376b
|
|
Change-Id: If1b846c96c7c029afe73b9676e42b38cd2889dc8
|
|
* Also add more, drop unused props
Change-Id: I4cf605b6f6a5e5fcf05e84ceb30497bb7a29cfab
|
|
Change-Id: Iaba642838e51a2c39c2961e30456148f9794f60e
|
|
Change-Id: I997a268c9ce23eab80f1981293720e17d21bbb7a
|
|
Change-Id: I594a07fc3e68f1b50f181c4b254811814990c599
|
|
Change-Id: I9d7312e6aaafdde2c0751f4887f05d8d5029ee04
|
|
Change-Id: Id55db9b6614320650c8c61e698f71ddc9f04d086
|
|
Change-Id: I62bfac69bdcebaf7d484bbc39ea4e16f8beb8e6b
|
|
Change-Id: I7ba6af074485509a501f656587379fb0ba5b07d3
|
|
Change-Id: Ib3935dac1de548da5ba6902365b2bab969b3b3b1
|
|
Change-Id: Ia7c3c47efb628f851dd377b2e09b6f8e150013e3
|
|
Change-Id: I7d824f1066638ec6e73ae80093737b380436ba80
|
|
Change-Id: Ie2abb5480d3442e5f64d532561ce657362f9f081
|
|
Change-Id: I8a6258abb13755a51d9babd1074ea3893cd13f51
|
|
Change-Id: I7e427c56a44931c99fc0e029b09bde69bacd4aa5
|
|
Change-Id: Iff6632bfd67bf00dbf8980482b37b5a2c265f675
|
|
* Q sepolicy doesn't have labels for these root folders anymore
Change-Id: Ibc1f13968eb4de0868de149f1347ca07da1c581c
|
|
Change-Id: I648c03dab608d6989d69664d222ac1afff9231a8
|
|
* We can just use fingerprintd data file, which is already declared
Change-Id: I1e7f176643142cd4326b45b3435040659b51d882
|
|
avc: denied { find } for interface=com.fingerprints.extension::IFingerprintNavigation sid=u:r:system_server:s0 pid=1282 scontext=u:r:system_server:s0 tcontext=u:object_r:default_android_hwservice:s0 tclass=hwservice_manager
avc: denied { find } for interface=vendor.qti.hardware.perf::IPerf sid=u:r:hal_fingerprint_sdm660:s0 pid=845 scontext=u:r:hal_fingerprint_sdm660:s0 tcontext=u:object_r:hal_perf_hwservice:s0 tclass=hwservice_manager
Change-Id: Id8a26ab1134d8ea4e7b0e712f19784180372ee8b
|
|
* Mostly just for goodix
Change-Id: Ia8fb90fca742a220e31f206b344026c69e751bb0
|
|
Change-Id: Ica6c87d562f257e7395fab7a80dfc8f4e5b8553c
|
|
avc: denied { write } for pid=4565 comm="init.qcom.post_" name="read_ahead_kb" dev="sysfs" ino=52742 scontext=u:r:qti_init_shell:s0 tcontext=u:object_r:sysfs_dm:s0 tclass=file
Change-Id: I3e5350eb67aa9a0e539d74c2ecbd7114e03ffdc5
|
|
Change-Id: Icaefcf91ea08813bb84ce33effec44d037bd5145
|
|
* Commonized procfs node for all the variants of tulip, whyred and wayne/jasmine
Change-Id: I234761530e5567ac6d46ad9fa912496046c3c4bd
|
|
Change-Id: I903039730f4181f6a326f28e0ea212db68bdabcc
|
|
Move vendor policy to vendor and add a place for system extensions.
Also add such an extension: a labeling of the qti.ims.ext service.
Bug: 38151691
Bug: 62041272
Test: Policy binary identical before and after, except plat_service_contexts
has new service added.
Change-Id: I1493c4c8876c4446a1de46b39942098bf49c79f8
|
|
Signed-off-by: Isaac Chen <tingyi364@gmail.com>
Change-Id: I6759914e91c1cc437304d74328e970daeb3d25e3
|
|
* Untrusted apps are no longer allowed to directly access hwbinder on
Pie, implement a system service as a middleware between mlipay hal
and untrusted apps.
* Xiaomi uses similar solution for MIUI on Pie.
Change-Id: Ie52376b1f7bcd84d219fe73bceb4bdd6cc2b9980
|
|
Change-Id: Ice50a9c83a708d7f8300978048cd00c71e88abc8
|
|
* IFAA manager is based on OnePlusOSS, but adapted for Xiaomi's mlipay
interface.Also hardcode model detection to pass Alipay check.
* vendor.xiaomi.hardware.mtdservice@1.0.so is not actually used, thus
patchelf to drop it rather than shipping a blob.
* Modify libmlipay.so to allow load firmware from vendor
Change-Id: Idf3d3a8d40245984767f4ef5f60f9fe584e69f21
|
|
Signed-off-by: Isaac Chen <isaacchen@isaacchen.cn>
|
|
Signed-off-by: Isaac Chen <isaacchen@isaacchen.cn>
|
|
Signed-off-by: Isaac Chen <isaacchen@isaacchen.cn>
|
|
Change-Id: Ic8b7dba6a5660c17f5db1c743e5d22f31ae1b1b3
|
|
Signed-off-by: Isaac Chen <isaacchen@isaacchen.cn>
|