device_mediatek_wembley-sepolicy/non_plat/cameraserver.te, branch android11-mainline-release Unnamed repository; edit this file 'description' to name the repository. [ALPS05009976] SEPolicy: Merge folder non_plat and r_non_plat 2020-02-29T04:02:13+00:00 Shanshan Guo Shanshan.Guo@mediatek.com 2020-02-29T04:02:13+00:00 8c2ce28a36be318fd5ff2e224b2fb0dfc25f3d6e [Detail] BASIC and BSP project should have same sepolicies in basic/. [Solution] 1.Modify SEPolicies in non_plat/ by comparing with r_non_plat/ . 2.Remove r_non_plat/ . Change-Id: I24d3df00255779bd73f4075c1c4062176d5b6047 CR-Id: ALPS05009976 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK 
[Detail]
BASIC and BSP project should have same sepolicies in basic/.

[Solution]
1.Modify SEPolicies in non_plat/ by comparing with r_non_plat/ .
2.Remove r_non_plat/ .

Change-Id: I24d3df00255779bd73f4075c1c4062176d5b6047
CR-Id: ALPS05009976
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[ALPS04974468] SEPolicy: Add neverallow rule for system_data_file 2020-01-19T08:01:11+00:00 Shanshan Guo Shanshan.Guo@mediatek.com 2020-01-19T05:44:37+00:00 c35db1e5a50c311dfcca91618d7221bde6961e1b [Detail] Do not allow access to the generic system_data_file label. This is too broad. Instead, if access to part of system_data_file is desired, it should have a more specific label. [Solution] 1.Add neverallow rule for system_data_file. 2.Remove the conflicting SEPolicies. Change-Id: Ifc5a87d55b7ca18a53dd6ffe1fbccaf63e03e263 CR-Id: ALPS04974468 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK 
[Detail]
Do not allow access to the generic system_data_file label. This is too broad.
Instead, if access to part of system_data_file is desired, it should have a
more specific label.

[Solution]
1.Add neverallow rule for system_data_file.
2.Remove the conflicting SEPolicies.

Change-Id: Ifc5a87d55b7ca18a53dd6ffe1fbccaf63e03e263
CR-Id: ALPS04974468
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[ALPS04967689] SEPolicy: Add neverallow rule for proc 2020-01-11T13:58:41+00:00 Shanshan Guo Shanshan.Guo@mediatek.com 2020-01-11T13:58:41+00:00 4efc2b137c71b2b200e58bfa45c842290929caa4 [Detail] Do not allow access to the generic proc label. This is too broad. Instead, if access to part of proc is desired, it should have a more specific label. TODO: Remove mtk_hal_audio/audioserver and so on once there are no violations. EX. r_dir_file(hal_audio, proc) hal_server_domain(mtk_hal_audio, hal_audio) hal_client_domain(audioserver, hal_audio) [Solution] 1.Add neverallow rule for proc. 2.Remove the conflicting SEPolicies. Change-Id: Ie932149f8c642d4a05152117f1166daeaf9b2cff CR-Id: ALPS04967689 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK 
[Detail]
Do not allow access to the generic proc label. This is too broad.
Instead, if access to part of proc is desired, it should have a
more specific label.
TODO: Remove mtk_hal_audio/audioserver and so on once there are no violations.
EX.
   r_dir_file(hal_audio, proc)
   hal_server_domain(mtk_hal_audio, hal_audio)
   hal_client_domain(audioserver, hal_audio)

[Solution]
1.Add neverallow rule for proc.
2.Remove the conflicting SEPolicies.

Change-Id: Ie932149f8c642d4a05152117f1166daeaf9b2cff
CR-Id: ALPS04967689
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[ALPS04639771] SEPolicy: Modify workaround 2019-06-14T08:39:30+00:00 Shanshan Guo Shanshan.Guo@mediatek.com 2019-06-14T07:50:27+00:00 5a2b7e3fdc826a7ca6bc70a3810f14c1661e7d79 [Detail] There is a workaround for bring-up, now it needs to be modified. [Solution] 1.Split workaround to sepcial *.te 2.Modify ged sepolicy 3.Modify mistake 4.Add sepolicy Change-Id: I0894de45e014a5eae754e35b57fbc9b21bc4bf90 CR-Id: ALPS04639771 Feature: [Android Default] SELinux, SEAndroid, and SE-MTK 
[Detail]
There is a workaround for bring-up,
now it needs to be modified.

[Solution]
1.Split workaround to sepcial *.te
2.Modify ged sepolicy
3.Modify mistake
4.Add sepolicy

Change-Id: I0894de45e014a5eae754e35b57fbc9b21bc4bf90
CR-Id: ALPS04639771
Feature: [Android Default] SELinux, SEAndroid, and SE-MTK
[ALPS04566986] Fix cameraserver permission 2019-06-04T07:42:35+00:00 Cheng Li Cheng.Li@mediatek.com 2019-06-04T07:03:30+00:00 01b85f4aed18628c9053fde9f4a2fd96509d49ec [Detail] allow permission of ioctl for cameraserver [Solution] Change-Id: Icddcd0e5eb51583d65aca6763d4b2f31683ffd7f CR-Id: ALPS04566986 Feature: [Android Default] Camera Application Basic Functions 
[Detail]
allow permission of ioctl for cameraserver

[Solution]

Change-Id: Icddcd0e5eb51583d65aca6763d4b2f31683ffd7f
CR-Id: ALPS04566986
Feature: [Android Default] Camera Application Basic Functions
[ALPS04328846] power: refine sepolicy 2019-05-22T09:48:45+00:00 Ian-Y Chen ian-y.chen@mediatek.com 2019-05-22T09:47:01+00:00 91ef99a47ee2de3c48426298c9a67d5e4dd10a6b [Detail] 1. Add prefix PERFMGR for performance related ioctl 2. Add property permission for PowerHAL Change-Id: I5979aefc7fb110ee540425bc53896babdcac08bd CR-Id: ALPS04328846 Feature: [Module]PowerHAL 
[Detail]
1. Add prefix PERFMGR for performance related ioctl
2. Add property permission for PowerHAL

Change-Id: I5979aefc7fb110ee540425bc53896babdcac08bd
CR-Id: ALPS04328846
Feature: [Module]PowerHAL
[ALPS04468274] add cameraservice ioctrol permission 2019-05-17T05:38:41+00:00 Cheng Li Cheng.Li@mediatek.com 2019-05-16T09:02:11+00:00 23fe7f9ba48f0ff2d27acf666670c1d4dba69a6e [Detail] add cameraserver permission [Solution] Change-Id: Ie4b9aa9cd836a3c96a353a8148e5ada5d21166f8 CR-Id: ALPS04468274 Feature: [Android Default] Camera Application Basic Functions 
[Detail]
add cameraserver permission

[Solution]

Change-Id: Ie4b9aa9cd836a3c96a353a8148e5ada5d21166f8
CR-Id: ALPS04468274
Feature: [Android Default] Camera Application Basic Functions
[ALPS04394576] MT6739:cameraserver sepolicy issue 2019-04-18T08:20:19+00:00 Boru Zhao boru.zhao@mediatek.com 2019-04-18T07:08:02+00:00 26f6cde989b082ee36067c3e01bdfd1855db046b [Detail] Sepolicy ioctl configure is changed after Q, we modify cameraserver ioctl configure. Change-Id: I59489c6ee27a9bb7913d0b49cdaa4e281024cb42 CR-Id: ALPS04394576 Feature: [Android Default] Camera Application Basic Functions 
[Detail]
Sepolicy ioctl configure is changed after Q, we modify
cameraserver ioctl configure.

Change-Id: I59489c6ee27a9bb7913d0b49cdaa4e281024cb42
CR-Id: ALPS04394576
Feature: [Android Default] Camera Application Basic Functions
Merge "[ALPS04401451] Fix ioctl permission issue for cameraserver" into alps-trunk-q0.basic 2019-04-18T03:52:38+00:00 Marx Chiu (邱弘志) marx.chiu@mediatek.com 2019-04-18T03:52:38+00:00 8f58167ddaa5256094a029c9d49c28b843769e58 






[ALPS04401451] Fix ioctl permission issue for cameraserver
2019-04-18T02:13:28+00:00

Michael Lai
michael.lai@mediatek.com

2019-04-17T09:36:07+00:00

4c7eba0c71d5bb65f244095ca93596b28ba60ad8

[Detail] Fix the ioctl permission issue for cameraserver

Change-Id: Idca3ad9f37e6aa38375ed008647e81f525a77618
CR-Id: ALPS04401451
Feature: [Android Default] Camera Application Basic Functions





[Detail] Fix the ioctl permission issue for cameraserver

Change-Id: Idca3ad9f37e6aa38375ed008647e81f525a77618
CR-Id: ALPS04401451
Feature: [Android Default] Camera Application Basic Functions