Piteball/android_device_samsung_klte-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
750 commits 1 branch 0 tags 1.8 MiB
Commit graph

10 commits

Author SHA1 Message Date
Kevin F. Haggerty
933059f487
klte-common: sepolicy: Label sysfs_fingerprint, resolve denials 
* avc: denied { setattr } for name="type_check" dev="sysfs" ino=28060
  scontext=u:r:init:s0 tcontext=u:object_r:sysfs:s0 tclass=file
  permissive=0

Change-Id: Ide1be660eaa005a7268161a4ab8d301b793ba062
 2018-11-29 07:01:06 -07:00
Kevin F. Haggerty
b5bfa3d797
klte-common: sepolicy: Label sysfs_audio nodes 
Change-Id: I46a0067241a3ce4567992c7437336f4a9c4bab8e
 2018-11-25 08:10:41 -07:00
Kevin F. Haggerty
1075fc17bb
klte-common: sepolicy: Resolve fingerprint HAL denials 
* avc: denied { write } for name=fpdata dev=mmcblk0p26 ino=106076
  scontext=u:r:hal_fingerprint_default:s0
  tcontext=u:object_r:fingerprintd_data_file:s0 tclass=dir
  permissive=1

Change-Id: I624acde27d157daa473179980af30abd82b51131
 2018-11-15 21:17:28 -07:00
Paul Keith
4cab6270ec klte-common: Stop abusing global contexts for fingerprint 
* vcs_device is used to label /dev/vcs*, which are virtual consoles
* Create and use our own label for /dev/vfsspi so our fingerprint
  hal can access it, and rename vcs_data_file while we're at it

Change-Id: I01f0e8c4924d3847383319ce59dbbf802f89a36b
 2018-05-15 14:02:21 +02:00
Kevin F. Haggerty
9d1c38d6ab klte-common: sepolicy: Label sysfs nodes for power HAL 
Change-Id: I0fa2297ebb219421ad59a49836b9a39ece0843af
 2018-03-01 04:42:08 +00:00
Kevin F. Haggerty
01ebfad97a klte-common: sepolicy: Allow FP HAL more privs for vcs_data_file 
avc: denied { read } for name="validity" dev="mmcblk0p26"
  ino=219889 scontext=u:r:hal_fingerprint_default:s0
  tcontext=u:object_r:vcs_data_file:s0 tclass=dir permissive=0
avc: denied { write } for name="validity" dev="mmcblk0p26"
  ino=219889 scontext=u:r:hal_fingerprint_default:s0
  tcontext=u:object_r:vcs_data_file:s0 tclass=dir permissive=0
avc: denied { create } for name="finger.db"
  scontext=u:r:hal_fingerprint_default:s0
  tcontext=u:object_r:vcs_data_file:s0 tclass=file permissive=0

Change-Id: I2e0caa8b3763b8cdcd19b40d174f1a8fc3dc332e
 2018-02-15 21:45:17 -07:00
Kevin F. Haggerty
61eedfac83 klte-common: sepolicy: Allow tee more privs for vcs_data_file 
avc: denied { add_name } for name="5dsokxEEDXgQhkN50bp-Z2K5InM_"
  scontext=u:r:tee:s0 tcontext=u:object_r:vcs_data_file:s0 tclass=dir
  permissive=0
avc: denied { create } for name="5dsokxEEDXgQhkN50bp-Z2K5InM_"
  scontext=u:r:tee:s0 tcontext=u:object_r:vcs_data_file:s0 tclass=dir
  permissive=0
avc: denied { write } for name="validity" dev="mmcblk0p26" ino=81441
  scontext=u:r:tee:s0 tcontext=u:object_r:vcs_data_file:s0 tclass=dir
  permissive=0
avc: denied { create } for name="AdVIudLPitjpV7ZB04m7UvhkKdg_"
  scontext=u:r:tee:s0 tcontext=u:object_r:vcs_data_file:s0 tclass=file
  permissive=0

Change-Id: I4798dd5cff58b7948222124b6879d8303c36af27
 2018-02-15 21:44:53 -07:00
Kevin F. Haggerty
96de9ccf0d klte-common: sepolicy: Move common items to msm8974-common 
* The bulk of this policy isn't specific to klte, so let's move
  it somewhere that allows the maintenace of it to help other
  impacted devices.

Change-Id: I57b0d24d25e5871c5aa69d415b94ca21f89c1794
 2018-02-03 15:15:57 -07:00
Kevin F. Haggerty
669f00e706 klte-common: sepolicy: Clean up previous commit 
* Some idiot did a 'git push lineage HEAD;refs/for/lineage-15.1'
  instead of a 'git push lineage HEAD:refs/for/lineage-15.1'.
  Do you see the difference?
* Delete all of the old policy items and commented-out lines like
  the previous commit promised.

Change-Id: I6cd8a8cffc76661b6de486e6b8550bafa83f5de9
 2018-01-19 16:18:46 -07:00
Kevin F. Haggerty
5045387dec [DO NOT MERGE] klte-common: sepolicy: Rewrite for O 
* WIP
* KILL that sepolicy/old/ before merging
* KILL the dontaudits before merging

Change-Id: I6694567fa1c834b262941b9be362c96cbd16625e
 2018-01-19 16:07:35 -07:00