MiPad4/android_device_xiaomi_sdm660-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3913 commits 1 branch 0 tags 12 MiB
Commit graph

14 commits

Author SHA1 Message Date
pix106
d05ecaa812 sdm660-common: sepolicy: Address many sys_admin and kill denials 
sdm660-common: sepolicy: Address qti_init_shell kill denial
avc: denied { kill } for comm="init.class_main" capability=5 scontext=u:r:qti_init_shell:s0 tcontext=u:r:qti_init_shell:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address hal_power_default kill and sys_admin denial
avc: denied { sys_admin } for comm="android.hardwar" capability=21 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
avc: denied { kill } for comm="android.hardwar" capability=5 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address vdc sys_admin denial
avc: denied { sys_admin } for comm="vdc" capability=21 scontext=u:r:vdc:s0 tcontext=u:r:vdc:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address vold_prepare_subdirs sys_admin denial
avc: denied { sys_admin } for comm="vold_prepare_su" capability=21 scontext=u:r:vold_prepare_subdirs:s0 tcontext=u:r:vold_prepare_subdirs:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address fsck sys_admin denial
avc: denied { sys_admin } for comm="e2fsck" capability=21 scontext=u:r:fsck:s0 tcontext=u:r:fsck:s0 tclass=capability permissive=0

sdm660-common: sepolicy: address toolbox sys_admin, kill denial
avc: denied { sys_admin } for comm="mkswap" capability=21 scontext=u:r:toolbox:s0 tcontext=u:r:toolbox:s0 tclass=capability permissive=0
avc: denied { kill } for comm="mkswap" capability=5 scontext=u:r:toolbox:s0 tcontext=u:r:toolbox:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address ueventd kill and sys_admin denials
avc:  denied  { sys_admin } for  pid=460 comm="ueventd" capability=21  scontext=u:r:ueventd:s0 tcontext=u:r:ueventd:s0 tclass=capability permissive=0
avc: denied { kill } for comm="ueventd" capability=5 scontext=u:r:ueventd:s0 tcontext=u:r:ueventd:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address irsc_util sys_admin denial
avc: denied { sys_admin } for comm="irsc_util" capability=21 scontext=u:r:irsc_util:s0 tcontext=u:r:irsc_util:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address rfs_access sys_admin denial
avc: denied { sys_admin } for comm="tftp_server" capability=21 scontext=u:r:rfs_access:s0 tcontext=u:r:rfs_access:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address rmt_storage sys_admin denial
avc: denied { sys_admin } for comm="rmt_storage" capability=21 scontext=u:r:rmt_storage:s0 tcontext=u:r:rmt_storage:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address vendor_pd_mapper sys_admin denial

sdm660-common: sepolicy: Address vendor_modprobe sys_admin denial
avc: denied { sys_admin } for comm="modprobe" capability=21 scontext=u:r:vendor_modprobe:s0 tcontext=u:r:vendor_modprobe:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address adbd sys_admin denial
avc: denied { sys_admin } for comm="adbd" capability=21 scontext=u:r:adbd:s0 tcontext=u:r:adbd:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address vendor_dpmd sys_admin denial
avc: denied { sys_admin } for comm="dpmd" capability=21 scontext=u:r:vendor_dpmd:s0 tcontext=u:r:vendor_dpmd:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address thermal-engine sys_admin denial
avc: denied { sys_admin } for comm="thermal-engine" capability=21 scontext=u:r:thermal-engine:s0 tcontext=u:r:thermal-engine:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address usbd sys_admin denial
avc: denied { sys_admin } for comm="usbd" capability=21 scontext=u:r:usbd:s0 tcontext=u:r:usbd:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address vendor_msm_irqbalanced sys_admin denial
avc: denied { sys_admin } for comm="msm_irqbalance" capability=21 scontext=u:r:vendor_msm_irqbalanced:s0 tcontext=u:r:vendor_msm_irqbalanced:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address hal_wifi_supplicant_default sys_admin denial
avc: denied { sys_admin } for comm="wpa_supplicant" capability=21 scontext=u:r:hal_wifi_supplicant_default:s0 tcontext=u:r:hal_wifi_supplicant_default:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address boringssl_self_test sys_admin denial
avc:  denied  { sys_admin } for  pid=460 comm="boringssl_self_" capability=21  scontext=u:r:boringssl_self_test:s0 tcontext=u:r:boringssl_self_test:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address vendor_boringssl_self_test sys_admin denial
avc:  denied  { sys_admin } for  pid=462 comm="boringssl_self_" capability=21  scontext=u:r:vendor_boringssl_self_test:s0 tcontext=u:r:vendor_boringssl_self_test:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address linkerconfig sys_admin denial
avc:  denied  { sys_admin } for  pid=459 comm="linkerconfig" capability=21  scontext=u:r:linkerconfig:s0 tcontext=u:r:linkerconfig:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address fsverity_init sys_admin denial
avc: denied { sys_admin } for comm="fsverity_init" capability=21 scontext=u:r:fsverity_init:s0 tcontext=u:r:fsverity_init:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address migrate_legacy_obb_data sys_admin denial
avc: denied { sys_admin } for comm="migrate_legacy_" capability=21 scontext=u:r:migrate_legacy_obb_data:s0 tcontext=u:r:migrate_legacy_obb_data:s0 tclass=capability permissive=0
avc: denied { sys_admin } for comm="rm" capability=21 scontext=u:r:migrate_legacy_obb_data:s0 tcontext=u:r:migrate_legacy_obb_data:s0 tclass=capability permissive=0
avc: denied { sys_admin } for comm="mkdir" capability=21 scontext=u:r:migrate_legacy_obb_data:s0 tcontext=u:r:migrate_legacy_obb_data:s0 tclass=capability permissive=0
avc: denied { sys_admin } for comm="touch" capability=21 scontext=u:r:migrate_legacy_obb_data:s0 tcontext=u:r:migrate_legacy_obb_data:s0 tclass=capability permissive=0
avc: denied { sys_admin } for comm="rm" capability=21 scontext=u:r:migrate_legacy_obb_data:s0 tcontext=u:r:migrate_legacy_obb_data:s0 tclass=capability permissive=0
avc: denied { sys_admin } for comm="rmdir" capability=21 scontext=u:r:migrate_legacy_obb_data:s0 tcontext=u:r:migrate_legacy_obb_data:s0 tclass=capability permissive=0
avc: denied { sys_admin } for comm="log" capability=21 scontext=u:r:migrate_legacy_obb_data:s0 tcontext=u:r:migrate_legacy_obb_data:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address hvdcp sys_admin denial
avc: denied { sys_admin } for comm="hvdcp_opti" capability=21 scontext=u:r:hvdcp:s0 tcontext=u:r:hvdcp:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address netmgrd sys_admin denial
avc: denied { sys_admin } for comm="netmgrd" capability=21 scontext=u:r:netmgrd:s0 tcontext=u:r:netmgrd:s0 tclass=capability permissive=0

sdm660-common: sepolicy: Address adbroot sys_admin denial
avc: denied { sys_admin } for comm="adb_root" capability=21 scontext=u:r:adbroot:s0 tcontext=u:r:adbroot:s0 tclass=capability permissive=0

Signed-off-by: pix106 <sbordenave@gmail.com>
 2021-11-13 11:31:51 +01:00
ghostrider-reborn
79c64bc007 sdm660-common: Introduce kernelspace battery saver 
* Needs Kernel side support
 * This activates kernelspace battery saver via powerhal whenever
   battery saver is enabled in userspace, thereby lowering power
   consumption at kernel-level by disabling boosts and such

Signed-off-by: clarencelol <clarencekuiek@icloud.com>
Change-Id: I2623503db27d7518de519bcaa3f5af6ab83879d0
 2021-11-13 11:31:49 +01:00
OdSazib
478a2b33b6
sdm660-common: sepolicy: Rework sepolicy (No more neverallow) 
- Thanks to LineageOS and our sdm660 community

Change-Id: I54c7d76260041b7c383428449e149aa35d51de9b3c
 2021-05-18 05:03:51 +06:00
Subhajeet Muhuri
7c3beb85c9
sdm660-common: power-libperfmgr: Switch to AIDL Power HAL 
hardware/google/pixel/power-libperfmgr from android-11.0.0_r25

SQUASHED:
Revert all HIDL interface and nuke previous changes
Import Pixel libperfmgr AIDL Power HAL
Adapt and rebrand for xiaomi_sdm660
Remove Google-specific display LPM control
Remove Google-specific camera and audio hints
Remove VR hints handling
Remove audio hints handling
Remove dumpstate support
Initialize powerHAL when boot is completed
Add support for tap-to-wake feature control
Add sepolicy rules for power-libperfmgr
Enable power-libperfmgr

Signed-off-by: Subhajeet Muhuri <subhajeet.muhuri@aosip.dev>
 2021-03-10 12:37:27 +06:00
Subhajeet Muhuri
7d8fc30985
sdm660-common: Kang more pixel power HAL sepolicy 
* Kanged from mata (with all available nodes on msm4.4)
 2021-02-20 11:55:25 +06:00
Subhajeet Muhuri
06dfda6946
sdm660-common: Add sepolicy rules for power-libperfmgr 
Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-22 20:57:05 +06:00
OdSazib
9a192b7de0
sdm660-common: sepolicy: Update sepolicy and cleanup 
* Address some denials from android 11
* Fix video recording
* Sort in alphabetic order

Signed-off-by: OdSazib <odsazib@gmail.com>
 2020-12-21 09:16:25 +06:00
Max Weffers
a502a3904b
sdm660: sepolicy: Adjust sepolicy for new tap to wake nodes 2020-08-12 02:02:40 +06:00
dianlujitao
684521256a
sdm660-common: sepolicy: Label new TP node 
Change-Id: Id55db9b6614320650c8c61e698f71ddc9f04d086
 2020-08-12 02:02:38 +06:00
Max Weffers
eb97b49f0c
sdm660-common: Address SELiunx denials and clean up 
Change-Id: I997a268c9ce23eab80f1981293720e17d21bbb7a
 2020-08-12 02:02:38 +06:00
dianlujitao
6df111fbc1
sdm660-common: sepolicy: Adjust for lavender dt2w node 
Signed-off-by: Sebita <kjjjnob.seba@gmail.com>
Change-Id: If08946adbf5c2fa619178b3f15ae0635bacdf8a8
 2020-03-10 09:41:52 +01:00
Michael Bestas
559890d4f6
sdm660-common: sepolicy: Remove deprecated power HAL stats policies 2019-12-07 18:49:55 +01:00
Max Weffers
5bf9fe7f2c
sdm660-common: sepolicy: Grant power hal permission for dt2w 2019-08-15 15:31:17 +02:00
Dan Cashman
b1f434c446
wayne-common: Add BOARD_PLAT_[PUBLIC|PRIVATE]_SEPOLICY_DIR 
Move vendor policy to vendor and add a place for system extensions.
Also add such an extension: a labeling of the qti.ims.ext service.

Bug: 38151691
Bug: 62041272
Test: Policy binary identical before and after, except plat_service_contexts
has new service added.
Change-Id: Ie4e8527649787dcf2391b326daa80cf1c9bd9d2f

Change-Id: I1493c4c8876c4446a1de46b39942098bf49c79f8
 2019-08-14 10:04:10 +02:00
Renamed from sepolicy/hal_power_default.te (Browse further)