summaryrefslogtreecommitdiffstats
path: root/msm8996
Commit message (Collapse)AuthorAgeFilesLines
* Escape '.' characterMichael Bestas2018-04-211-83/+83
| | | | Change-Id: I3d3c1c2d0c04f8dc77037cbf47ce7b1452fe8c33
* Merge tag 'LA.UM.6.6.r1-07200-89xx.0' of ↵Michael Bestas2018-04-051-0/+2
|\ | | | | | | | | | | https://source.codeaurora.org/quic/la/device/qcom/sepolicy into HEAD "LA.UM.6.6.r1-07200-89xx.0"
| * Add appropriate selabel to ImageFv partition.padarshr2018-03-121-0/+2
| | | | | | | | | | | | | | | | | | | | Since ImageFv is now an upgradable A/B partition, adding appropriate selabel to it. Even though this partition is added to sdm845 presently, assigning the label to all targets, so that OTA won't be broken if/when ImageFv partition is added in other targets. Change-Id: I188edb41aeb86945277d1ab4fabb885678c2a4ed
* | Merge tag 'LA.UM.6.6.r1-06700-89xx.0' of ↵Michael Bestas2018-03-213-37/+13
|\| | | | | | | | | | | | | | | https://source.codeaurora.org/quic/la/device/qcom/sepolicy into HEAD "LA.UM.6.6.r1-06700-89xx.0" Change-Id: I43cd6b355e62d352f3fe4a4bd989e073d85709ff
| * Declare context for emmc for commonClarence Wong2018-02-233-63/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Declare context for emmc and give permission for RIDL2.0. RIDL2.0 needs to be able to write to sysfs dload and dload_mode to enable emmc crashdumps and mini crashdumps. It also needs to be able to read/write to the rawdump device block to copy the crashdump for post processing and mark it as read. Initial support was for 8937, 8996, 8953, 8976, and 8998 for full dumps and then support was added for sdm660/670 for minidumps. This solution moves the target specific to common, which was needlessly getting replicated for new targets. Change-Id: I6a0a692a52c4a4a51716f844ea5361af2a2d12da CRs-Fixed: 2195014
| * sepolicy: add policy file for amfs-serviceTony Han2018-02-122-1/+40
| | | | | | | | | | | | | | Add te file to allow amfsservice process to access required resources. Change-Id: I1a5bf6c58b6ef4c1eb523d1ab5e797ca1a8ee927
* | Merge tag 'LA.UM.6.4.r1-06900-8x98.0' of ↵Michael Bestas2018-03-211-1/+5
|\| | | | | | | | | | | | | | | https://source.codeaurora.org/quic/la/device/qcom/sepolicy into HEAD "LA.UM.6.4.r1-06900-8x98.0" Change-Id: I29a3725d14986a130666cc9f30e2984d021b537e
| * msm8996: Use qti vehicle halAlex Yakavenka2018-02-011-1/+1
| | | | | | | | Change-Id: I0c4f01280d7c0bc2f8233a38831df6e3192dbb6b
| * sepolicy: add policy permission for spidev0.0 and i2c-6Rahul Sharma2017-12-281-0/+4
| | | | | | | | Change-Id: I42cf0e6b3d7b426bfdd2a26725eedfc6a6757a82
* | Use set_prop() macro for property setsMichael Bestas2018-01-211-1/+1
| | | | | | | | Change-Id: Id67a05f8ed718cad5856613c2700f4ce1e404cf0
* | Merge tag 'LA.UM.6.4.r1-05700-8x98.0' of ↵Michael Bestas2018-01-161-0/+40
|\| | | | | | | | | | | | | | | https://source.codeaurora.org/quic/la/device/qcom/sepolicy into HEAD "LA.UM.6.4.r1-05700-8x98.0" Change-Id: I03ae219ba55ca0e850890cb52c9c1b58521020c5
| * Add permissions for upgrade engine required for A/B upgradeSashidhar Ganiga2017-12-121-0/+40
| | | | | | | | | | | | | | | | Add permissions required by upgrade engine to perform A/B OTA upgrade process on all partitions successfully. Enabled for msm8937, msm8953 and msm8996 targets Change-Id: I3ec1cbd2872a567c96fc9d6011ef64bb39810928
* | qcom: Label vendor files with (vendor|system/vendor) instead of vendorRashed Abdel-Tawab2017-12-181-2/+2
|/ | | | | | | | | Not all devices have a vendor partition so these labels blatantly get ignored without labelling system/vendor on those devices. Also move msm8998 gralloc and vulkan labels to msm8998/file_contexts Change-Id: I244d667f6b3ddcf7eac71719a981dc25dc401873
* sepolicy: Allow required accesses to TV input HALRahul Sharma2017-10-091-0/+32
| | | | Change-Id: I0ab0e0f2f45d6c7380c258d83be805a612970962
* sepolicy:8996: moved tloc policies to commonBrahmaji K2017-09-123-57/+0
| | | | | | | Tloc related polcies are moved to common. Hence removing the ones in 8996 Change-Id: I4d1c1a9b93114e5c1ee35680373535feb41c4a06
* Sepolicy changes for QVR ServiceKiran Rudramuni2017-08-183-104/+0
| | | | | | Change moves QVR service from vendor space into system space. Change-Id: If58cb9d11f53b9cd8ed2262fbaeaf3d91a1ed39c
* voiceprint: support vendor imageAbir Ghosh2017-08-117-163/+0
| | | | | | | New requirements have vendor binaries and data in the vendor image instead of the system image. Change-Id: Id797a497f04153d79548a79adfd2ceaaf7e74055
* Merge "msm8996: Add non-hlos file contexts for A/B"Linux Build Service Account2017-08-031-0/+51
|\
| * msm8996: Add non-hlos file contexts for A/BSashidhar Ganiga2017-08-021-0/+51
| | | | | | | | Change-Id: Idff3decb728b0e9f6ad0c660dc7ea62019988fbf
* | Remove perfd policies and move file to vendor partitionVarun Garg2017-07-311-2/+0
|/ | | | | | | | Remove all the policies related to perfd, as perfd daemon does not exist on O. Move data file used by perf_hal to /data/vendor/ partition. Change-Id: Ic2e3d3906605fd3c862fdd85dc8ac1a1e7a75a60
* Merge "Merge remote-tracking branch 'quic/sepolicy.lnx.2.9-rel' into HEAD"Linux Build Service Account2017-07-182-0/+37
|\
| * sepolicy: Add vehicle hal serviceAlex Yakavenka2017-07-062-0/+37
| | | | | | | | Change-Id: Ic1818043bb87c44c1aabaac342536d3ba7f9f59d
* | sepolicy: Resolve full treble compilation issues for 8996/53/37Bharat Pawar2017-07-126-17/+23
|/ | | | Change-Id: I2243dc1df8db5410e8f59a397cd14eae1e73f1d0
* bootctl: Move bootcontrol policy into commonAmeya Thakur2017-05-101-3/+0
| | | | | | | We now have one common policy file for the bootcontrol hal instead of one per target. Change-Id: Ic97c5e11694e254a0bf70a3cd3b45d63e0d9881a
* Add sepolicies for pure vendor path as wellpadarshr2017-03-221-2/+2
| | | | | | | For split system/vendor configuration build, take care of assigning contexts for pure vendor path too. Change-Id: I61b4acd4ca9c9a1bce1a351f652f6e4c2ca71dfd
* Remove domain_deprecated from all domain.Biswajit Paul2017-03-163-3/+3
| | | | | | | Services with domain_deprecated floods the messages with avc:granted. Fix the denials instead of granting permission. Change-Id: I10b8a63a7f1cc71780056f4160d8d7e292295edc
* msm8996: Remove support for socket ioctlVinay Verma2017-02-152-2/+2
| | | | | | | | All socket ioctls now has to be whitelisted. Remove the ioctls calls from daemon to fix compilation. Change-Id: I999059df693ff3de1496e0bcb8a17114f4931b0b
* sepolicy: allow qvrd access to sensorsSathish Ambley2016-10-071-0/+6
| | | | | | | | The VR service requires sensor access for compass data in order to correct 3DOF drift. Change-Id: Ia011f9625b7b2047ccd1da29516ae8610619588b CRs-Fixed: 1075295
* sepolicy: allow init script to read GPU frequencies sysfs nodeJonathan Wicks2016-09-141-0/+2
| | | | | | | | | init script will read GPU frequencies from sysfs node and copy the values to a system property to allow 3rd party apps that rely on these frequencies to still work. CRs-Fixed: 1066935 Change-Id: I0bb0f5e8e060090b0bc470a7113b23ce8cc4a964
* Declare context for emmc for other targetsClarence Wong2016-08-295-0/+102
| | | | | | | | | | | | | Declare context for emmc and give permission for RIDL/LogKit. RIDL needs to be able to write to sysfs dload to enable emmc crashdumps. It also needs to be able to read/write to the rawdump device block to copy the crashdump for post processing and mark it as read. Initial support was for 8937. This adds support for 8996, 8953, 8976, and msmcobalt. It also uses symbolic link add for both LogKit II and LogKit III. CRs-Fixed: 1002379 Change-Id: Ic7df28c392fbc918654da871dfbeef50b72765db
* Add sepolicies for logdumpd module.padarshr2016-07-281-0/+2
| | | | | | | | This change will add selinux rules to logdumpd module. It allows logdumpd to read logd (to get logcat logs), and write to 'logdump' partition. Change-Id: I7be2cb1f663286dcb132c40d1109c28e09fda52d
* Merge "Use 'misc_block_device' instead of 'misc_partition'"Linux Build Service Account2016-06-211-2/+2
|\
| * Use 'misc_block_device' instead of 'misc_partition'padarshr2016-06-211-2/+2
| | | | | | | | | | | | | | | | | | Map misc partition to the selabel - misc_block_device instead of misc_partition. Uncrypt module will now have access to misc partition. CRs-Fixed: 1022226 Change-Id: Ida1b97914b279f790d46ee6df5d717bc972b1097
* | sepolicy: Add policy for VR serviceSathish Ambley2016-06-208-0/+254
|/ | | | | | | | Add policy for VR service. CRs-Fixed: 1026826 Change-Id: I5bfe220cc71545e67cead4f485e7d451ac1e8ab2
* sepolicy: inital selinux policies for N upgradeBiswajit Paul2016-04-263-3/+3
| | | | | | Add support for inital set of selinux polices for N upgrade Change-Id: I0bccc55db1d32866bb9b622f7c119c89d7e4348f
* sepolicy: mdm_helper: Update policy to allow boot over PCIeAmeya Thakur2015-11-101-1/+8
| | | | | | | mdm-helper can now handle booting up external modems connected over PCIe. Change-Id: I20be0aa976a0394b0a39c0bb26eef485617975da
* sepolicy: added seccamd policyElad Levi2015-10-293-0/+71
| | | | | | | This change is required to make sure the secure camera daemon cannot make anything it shouldn't. Change-Id: I59378b4821fd6e94f0146462febf7e66bb078bbd
* sepolicy: Add policies for TLOC Daemon.Kineret Berger2015-10-013-0/+53
| | | | | | | Add SE policies for TLOC Daemon for msm8996. Change-Id: I27c041bdca22bc6de026f95f00011900b894ca28 CRs-Fixed: 823360
* Merge "file_contexts: Adding context to block devices"Linux Build Service Account2015-09-181-0/+8
|\
| * file_contexts: Adding context to block devicesAvijit Kanti Das2015-09-081-0/+8
| | | | | | | | | | | | | | Adding context to boot, recovery, cache and frp block device Change-Id: Ib19d0a5fbff6f65cc45b42d8ebcb29df91e1beb7 CRs-fixed: 904364
* | file_contexts: Marking /dev/block/mmcblk0 as root_block_deviceAvijit Kanti Das2015-09-091-1/+1
|/ | | | | | | Changing the context of /dev/block/mmcblk0 from mmc_block_device to root_block_device Change-Id: Ia80ebc7ba58b9feadaf910fb83a19197d7eb2da8
* sepolicy: mdtp: Add MDTP and DIP block devicesAmit Blay2015-09-061-0/+7
| | | | | | Add MDTP and DIP block devices to the file_contexts. Change-Id: I7d48733ef630e1e274b2dbf7fe82e04335269940
* Adding seolicy for QVOP service.Avijit Kanti Das2015-08-187-0/+197
| | | | | | | Voice Print is a secure, client based user voice verification service. Adding sepolicy for QVOP Service. Change-Id: I4d630facd052acd3bc1576df31d908fdc80cb594
* Address Boot-up denials to boot the deviceAvijit Kanti Das2015-08-121-0/+2
| | | | | | | | | Setting context to msadp to address boot-up denials. avc: denied { read } for name="mmcblk0p31" dev="tmpfs" ino=14593 scontext=u:r:ueventd:s0 tcontext=u:object_r:block_device:s0 tclass=blk_file permissive=1. Change-Id: Ia2c5830222fcc3f70ebec50fb5b2a89f0e989b56
* msm8996: Add file contexts for eMMC-based devicesDavid Ng2015-07-301-3/+16
| | | | | | | Set file contexts for block device nodes that use eMMC for boot storage device in addition to UFS-based ones. Change-Id: I4a0ce2f62df1d7e597b70be689acf05bce5739b9
* msm8996: Setting file context to the block deviceBiswajit Paul2015-07-221-6/+10
| | | | | | Setting file context to modem and userdata block device Change-Id: I0049851f1e6aa4d4a0ba5a4f42ba4f56613759a1
* Replacing permissions with macrosAvijit Kanti Das2015-06-261-0/+35
Replacing all the permissions with macros Allow all domians except untrusted_app to access diag_device Restrict untrusted_app to access diag_device Change-Id: Ibad902746f25a23f10840fae3c0bac65b2ff74e0
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-31 10:48:50 +0000