Commit graph

100 commits

Author SHA1 Message Date
=?UTF-8?q?=C2=A8raystef66=C2=A8?=
ba34567e76
sm6375-common: sepolicy: Adress isolated_app denial
* E SELinux : avc:  denied  { find } for pid=6182 uid=99000 name=content_capture scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=0
* E SELinux : avc:  denied  { find } for pid=6771 uid=99001 name=content_capture scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=0
* E SELinux : avc:  denied  { find } for pid=8222 uid=99002 name=content_capture scontext=u:r:isolated_app:s0:c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=0

Change-Id: Ifd164ef55a73c16b68eba4a3fdff5b3632219f5d
2024-07-26 20:16:00 +05:30
Anand S
e20781cc82
sm6375-common: sepolicy: Address radio service denials
* E SELinux : avc:  denied  { find } for pid=2577 uid=10160 name=vendor.qti.hardware.radio.qcrilhook.IQtiOemHook/oemhook0 scontext=u:r:vendor_qtelephony:s0:c160,c256,c512,c768 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0
* E SELinux : avc:  denied  { find } for pid=2577 uid=10160 name=vendor.qti.hardware.radio.am.IQcRilAudio/slot1 scontext=u:r:vendor_qtelephony:s0:c160,c256,c512,c768 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0

Change-Id: I7f31e90c42e0f5a8f5b85147f34f4c30448e6208
2024-07-25 20:16:00 +05:30
Anand S
b3f68d0b14
sm6375-common: sepolicy: Address input sysfs nodes as sysfs_sensors
Change-Id: I74bcef0780be332a6b0ca8b11e562d0f82a27cae
2024-07-25 20:16:00 +05:30
Anand S
7e713efdbb
sm6375-common: sepolicy: Label dt-gesture nodes for Power HAL
Change-Id: Ie84e6eaf7748e2d5371f3239aff631eeafc1e982
2024-07-25 20:16:00 +05:30
Anand S
41c90591ea
sm6375-common: sepolicy: Allow libperfmgr to write to sysfs_sensors nodes
Change-Id: I22ce808b706adfc8dedc976283129ba4d8ded815
2024-07-25 20:16:00 +05:30
Anand S
5c7c376986
sm6375-common: sepolicy: Add capsense_reset sepolicies
Change-Id: Ie329c52951965b3de54fd701e5011981fabc216b
2024-07-25 20:16:00 +05:30
Vaisakh Murali
038d9e8853
sm6375-common: Introduce a stub blair-post-boot script
This will be used to tune some parameters in the device. Only run
this script after proprietary kernel post-boot has run, so that
these changes are not overriden by the same.

Change-Id: Ibcef27a2813870c62d54c9d762eae9e03da677ad
Signed-off-by: Vaisakh Murali <mvaisakh@statixos.com>
2024-07-21 20:16:00 +05:30
me-cafebabe
8931f83873
sm6375-common: sepolicy: Allow vendor_init write to proc_sched
Change-Id: I7665a5f03f3ce383e00956b67023626604422093
2024-07-21 20:16:00 +05:30
LuK1337
3491348ec3
sm6375-common: sepolicy: Allow libperfmgr to read and write to sde-crtc-*
Change-Id: I5abde96b2a6bdde7f7b5cd577f878ce93b8dc8b3
2024-07-21 20:16:00 +05:30
Anand S
3092927bb5
sm6375-common: sepolicy: Address some denials for fogos
Change-Id: I3ab1949c10eb3313a3fb701bbddeffb4bf15237c
2024-07-21 20:16:00 +05:30
Anand S
8d0f27975b
sm6375-common: Remove in-tree Livedisplay HAL
Change-Id: I6f6ccfdc816c2bfb7267f13b6e6787014282f446
2024-07-21 20:16:00 +05:30
Bruno Martins
4ec7aee975
sm6375-common: Use common libqti-perfd-client and power-libperfmgr
Change-Id: I22d6b35c72629553817005deaefcae60abc72cfd
2024-07-20 20:16:00 +05:30
Anand S
1f580a9b66
sm6375-common: sepolicy: Label fogos touch hal
Change-Id: I02521006113b41d985ce5d84a1acf54596401b97
2024-07-19 20:16:00 +05:30
Anand S
876282f246
sm6375-common: sepolicy: Drop duplicate genfs entries
Change-Id: I26195c1faa12dd2eaf8d7c5b0ec6487d82527f72
2024-07-19 20:16:00 +05:30
EcrosoftXiao
e03aec7112
sm6375-common: Switch to Thermal 2.0 mock
* QTI Thermal couldn't read the temperature for some reason
* sepolicy: Adjust sepolicy for thermal

Change-Id: Idea1bcdea070913ef35b699fafd1242d740453a9
2024-07-19 20:16:00 +05:30
Vivekachooz
b96db6ee48
sm6375-common: Update permissions for powerhal
Change-Id: Id43043a24dd19eab0234def5121e811d18174096
2024-07-18 20:16:00 +05:30
Sugakesshaa
ca771e2087
sm6375-common: sepolicy: Allow libperfmgr to write to proc_sched nodes
Change-Id: Ic8d9f03befb2ea5722d340d9f2b797b1cf8f0f50
2024-07-18 20:16:00 +05:30
Arian
4bbb9ac9bc
sm6375-common: sepolicy: Address pixel power HAL denials
Change-Id: I7327bd54c0d12fde03472695a5598d2a3d22f716
2024-07-18 20:16:00 +05:30
Anand S
3addce0935
sm6375-common: sepolicy: Allow hal_health_default to access sysfs
Change-Id: I5d09337f045ee6f523d6b534113f4b563f7f1e23
2024-07-16 12:56:42 +05:30
Anand S
bfce9c1935
sm6375-common: sepolicy: Label goodix fingerprint init service
Change-Id: I4d8ac2418fcd44473a6ff0077208b3792d774520
2024-07-16 12:56:42 +05:30
UtsavBalar1231
397da7dd83
sm6375-common: sepolicy: Allow setting read_ahead_kb on /data partition
Change-Id: I2ac458dfcad8bb51b3c25da9dc03bdea91540ca3
Signed-off-by: UtsavBalar1231 <utsavbalar1231@gmail.com>
2024-07-16 12:56:42 +05:30
Sevenrock
3969c8d426
sm6375-common: sepolicy: Allow system_server to read vendor_sysfs_battery_supply
Change-Id: Iac8be40b8cc928a378d415f5c36e0cef249c3aab
2024-07-16 12:56:42 +05:30
Jack Pham
e61118e7a9
sm6375-common: sepolicy: Allow init (recovery) to access USB sysfs
Add genfs contexts for USB sysfs entry that control the operational
mode and assign them as vendor_sysfs_usb_device type.

Change-Id: Ic1f0c5e9237848ac47cebca6e2cbbe9bd25270ad
2024-07-16 12:56:42 +05:30
Julian Veit
2753c420ea
sm6375-common: sepolicy: Allow bootanim and surfaceflinger call vendor_hal_qspmhal_default
Original patch:
df6b106517

Change-Id: I70e2fb64d94ce551b751028ff04af6ed95f68f09
2024-07-16 12:56:42 +05:30
Julian Veit
1c172dc934
sm6375-common: sepolicy: Allow Don't audit system_server access sysfs
Original patch:
119dca5600

Change-Id: Ib87c05d9e2bf7c5d90a43e6e67376add49ec4898
2024-07-16 12:56:42 +05:30
Julian Veit
69b10c73af
sm6375-common: sepolicy: Allow system_server to read sysfs
Original patch:
7c6511ebe5

Change-Id: I1f4283c9bdfea286a268ccb027229b05ff45333b
2024-07-16 12:56:42 +05:30
Julian Veit
782f2994b9
sm6375-common: sepolicy: Allow vendor_hal_perf_default ro access to sysfs
Original patch:
3e30e78ca0

Change-Id: I29004d6c688aafb107e2c50037740a347e5e7694
2024-07-16 12:56:42 +05:30
Anand S
4feee76329
sm6375-common: sepolicy: Label bangkk lineage touch hal
Change-Id: I3d39dfd159c2002edd39c1e198a2ee2064b36927
2024-07-05 12:56:42 +05:30
Anand S
df686badb7
sm6375-common: sepolicy: Label more wakeup nodes
Change-Id: I84b6bbf9851ff9d176e3c46519af591a8351656c
2024-07-05 12:56:42 +05:30
Anand S
2589a27276
sm6375-common: sepolicy: Address charge control related denials
* avc:  denied  { getattr } for  comm="thermal-engine" path="/sys/devices/platform/soc/soc:mmi_chrg_manager/power_supply/mmi_chrg_manager/charge_control_limit_max" dev="sysfs" ino=82898 scontext=u:r:vendor_thermal-engine:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Change-Id: Icde2cfa035bc13e71280c844db7ee0278c7284dd
2024-07-05 12:56:42 +05:30
inferno0230
017bc6073d
sm6375-common: sepolicy: Address battery related denials
Signed-off-by: inferno0230 <mail@inferno0230.in>

Change-Id: Iff32fd8fed9143524bf4a1747c5b3cd4d330cd05
2024-07-04 12:56:42 +05:30
TALU
fa18dfa143
sm6375-common: sepolicy: Label the new Samsung NFC HAL
Change-Id: I7a8ba9bc0bc78f8426c8cb94311498f3735eca3d
2024-07-04 12:56:42 +05:30
Anand S
a16fe13425
sm6375-common: Adapt sepolicies for moto sm6375
Change-Id: I1b49afc2d8148ee25a36e99385c28a257117814f
2024-07-04 12:56:42 +05:30
Marc Bourgoin
c236e4ee06 sm7325-common: Address some sepolicy denials from xpeng
Change-Id: I6e6c8f774f800628f52dde1b081956f8d17f30bd
2024-06-22 03:11:20 +00:00
Nolen Johnson
d40cb2d754 sm7325-common: Rename chargeonly_data_file to chargeonly_vendor_data_file
* For some magical reason, the naming (and not just associations)
  matter as of a few days ago - no clue why.

Change-Id: I6cf12b455dbf460a9be607d796af3536093e8427
2024-03-05 22:20:15 -05:00
Nolen Johnson
3c3de6b813 sm7325-common: sepolicy: Allow some processes to kill themselves
Change-Id: I6b51f99d76ba82aca9498d8218373958b8df938d
2024-01-24 01:54:45 +00:00
Nolen Johnson
c2e8af7507 Revert "sm7325-common: sepolicy: address schedtune*"
This reverts commit 55772d45005910e6764c0b457e840f1cc85f1f71.

Reason for revert: Brought to my attention that this is way too broad. Agree.

Change-Id: I3e2fec355960844d2af8af3212780245fc53d66b
(cherry picked from commit 5cd03a02dcc34e31fe40c15ec9c7217b66089234)
2023-11-03 17:31:12 +00:00
Andrew Hexen
efd7c01bac sm7325-common: sepolicy: address schedtune*
avc: denied { create } for name="schedtune.prefer_idle" scontext=u:r:vendor_init:s0 tcontext=u:object_r:device:s0 tclass=file permissive=0
init: Command 'write /dev/stune/camera-daemon/schedtune.prefer_idle 1' action=boot (/vendor/etc/init/hw/init.target.rc:109) took 2ms and failed: Unable to write to file '/dev/stune/camera-daemon/schedtune.prefer_idle': open() failed: Permission denied

avc: denied { create } for name="schedtune.boost" scontext=u:r:vendor_init:s0 tcontext=u:object_r:device:s0 tclass=file
init: Command 'write /dev/stune/camera-daemon/schedtune.boost 0' action=boot (/vendor/etc/init/hw/init.target.rc:110) took 3ms and failed: Unable to write to file '/dev/stune/camera-daemon/schedtune.boost': open() failed: Permission denied

Signed-off-by: Andrew Hexen <SyberHexen@gmail.com>
Change-Id: I4111e507598a18c246593f6a7a92769e8d7e7013
(cherry picked from commit 55772d45005910e6764c0b457e840f1cc85f1f71)
2023-11-03 16:50:15 +00:00
Andrew Hexen
56d93f30a0
sm7325-common: symlink vendor/fsg to system_root
* Seems to be an issue where if modemst1/2 (efs) is wiped modem only looks for fsg to rebuild efs in the root_directory.

* Even though this isn't correct it should allow radio to be easily flashed during future firmware upgrades as the stock radio.img is a container which flashes fsg/modem then passes the command to wipe modemst*

Signed-off-by: Andrew Hexen <SyberHexen@gmail.com>
Change-Id: Ic7acabbe16d66740b3aee414be60c24d3a0de43d
2023-10-26 06:09:48 -07:00
Andrew Hexen
cb11d4250f
sm7325-common: sepolicy: fix init.oem.fingerprint2.sh
* For dynamic fingerprint.

Signed-off-by: Andrew Hexen <SyberHexen@gmail.com>
Change-Id: I3f3b4904b8ca3d0e3fb7d8eae235a65996df2434
2023-08-31 03:24:56 -07:00
Andrew Hexen
d2f6ea07a5
sm7325-common: lights: remove non-existant node
* original bringup on 19.1 this did exist but no longer seems to be the case.

Signed-off-by: Andrew Hexen <SyberHexen@gmail.com>
Change-Id: I09998c24652faab76ce0cb58b74e65d3a87295a8
2023-08-10 10:48:50 -07:00
Erik Drozina
497a7b1b61 sm7325-common: sepolicy: Label some RIL property
W/libc: Access denied finding property "{ro.vendor.ril.svlte1x,ro.vendor.ril.svdo,ro.fota.oem,ro.product.marketname}"

Signed-off-by: Erik Drozina <erikdro41@gmail.com>
Change-Id: I7272823540980a927cfb8243122de941e16a97c2
2023-06-22 02:33:27 +02:00
Michael Bestas
17da50dfc4 sm7325-common: sepolicy: Resolve vendor_init_touch denials
Change-Id: Ia71c46662f12f3939e1a4d51b4ab06101f8cc9b7
2023-06-21 13:26:42 -03:00
Michael Bestas
f958dbb553 sm7325-common: sepolicy: Allow rild read mnt_vendor_file dir
Change-Id: I099d1ea9e0c690af7e96764852b2122ac8bf6ae9
2023-06-21 13:26:30 -03:00
Marc Bourgoin
c233285c22 sm7325-common: Commonize sepolicy
Change-Id: Idbc4e5f655fd19cc4754aab99d8bb236a73f9a12
2023-04-28 08:46:40 -06:00
Marc Bourgoin
a149d5bf76 sm7325-common: Address some xpeng fingerprint denials
Change-Id: Ie49d70441f5440c92b8dea3d086bda5502b95be6
2023-04-23 00:45:15 -06:00
Marc Bourgoin
bb40495639 sm7325-common: Initial xpeng support
Motorola Moto g200 5G (aka Motorola Edge S30)

Change-Id: Iea52112fefb54cc60c2c99f66ae848e54dc2be1c
2023-04-23 00:45:11 -06:00
Andrew Hexen
c42e6238fa sm7325-common: sepolicy: address berlna inclusion
Signed-off-by: Andrew Hexen <SyberHexen@gmail.com>
Change-Id: I7fe90b00a54e56abb977f6edfef2da7fbcf1509c
(cherry picked from commit e9023f971a09242e69ef14788c0c9af83291ac42)
2023-02-08 19:15:05 +01:00
Andrew Hexen
99f323a64e sm7325-common: sepolicy: address vendor_hal_imsfactory_hwservice
Fixes:
avc: denied  { find } for interface=vendor.qti.ims.factory::IImsFactory sid=u:r:vendor_dataservice_app:s0 pid=2653 scontext=u:r:vendor_dataservice_app:s0 tcontext=u:object_r:vendor_hal_imsfactory_hwservice:s0 tclass=hwservice_manager

Signed-off-by: Andrew Hexen <SyberHexen@gmail.com>
Change-Id: Icda45278cd964f545be7f757deafb2a5a9cda0c1
(cherry picked from commit 7eb7df7e96a9a59b493b4346c6a3d62085b4ca68)
2023-02-08 19:14:41 +01:00
Andrew Hexen
133239452c sm7325-common: Add berlna to guards
Signed-off-by: Andrew Hexen <SyberHexen@gmail.com>
Change-Id: Iac7b5aa9778ecb9d01c1dc54f18eccdbdfde48d7
2023-01-25 22:58:01 +01:00