| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
* Add back the fstab contexts to prevent some vfat denials
* Remove a lot of not needed addresses
* Create a domain for double tap to wake to not let the powerhal access all the sysfs files
Change-Id: I44dfc5e9903eb562748215541f2d71f9a3d111d7
|
| |
|
|
|
|
|
|
|
|
| |
* genfs_context cleanup after b5b41d341dd744c40d3908550daaafcee6fe7b4b in which it has randomly been imported from Marlin
* Slightly cleanup indentation
* Remove a lot of domains which were being used in genfs_context as most of it is already labelled differently in qcom common sepolicy and already addressed
* Remove violators where not needed
* Remove some old properties we're not using anymore
Change-Id: Ic72853dfaf71ba3f0596e75d1bdd5b5c93cd70be
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Change-Id: I71e47d5f203adb7e28d37447e19a8041a1d02840
msm8996-common: PocketMode: Apply LineageOS rebrand
Change-Id: I1de627062f56bd125f430033e8bb7aad8fe48f69
msm8996-common: pocketmode: Bump sdk version
Change-Id: Ic521e380868bdc886e15c6a8a472564a98dbc094
msm8996-common: PocketMode: Explicitly include Android support libs
* Fixes non-jack build
Change-Id: I9d8346193577c7be218e12efb20f52ca9946eb14
msm8996-common: PocketMode: Properly depend on Lineage SDK
* This is actually the proper library to include
(only spotted while buidling with Jack disabled,
because app compilation was failing).
Change-Id: Ib61f93704c6411a4cb1f91d9e8693a1775934037
msm8996-common: PocketMode: Remove useless cast
Change-Id: I655b0b80ccafdaae422a2464d2b8409f70be0e8c
msm8996-common: Adapt to Zuk
Change-Id: I9050faac37de0a8392b31fed5c3562d4553c546f
msm8996-common: Set LOCAL_SDK_VERSION where possible.
This change sets LOCAL_SDK_VERSION for all packages where
this is possible without breaking the build, and
LOCAL_PRIVATE_PLATFORM_APIS := true otherwise.
Setting one of these two will be made required soon, and this
is a change in preparation for that. Not setting LOCAL_SDK_VERSION
makes the app implicitly depend on the bootclasspath, which is
often not required. This change effectively makes depending on
private apis opt-in rather than opt-out.
Test: make relevant packages
Bug: 73535841
Change-Id: Ic906adbd670c4dbfe2cdf0b71cdbeaf9ac08a27e
msm8996-common: sepolicy: Address a fingerprint denial
Change-Id: I07c75d58357f7eea2dcc68ed80dacbab76bb30f5
Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
|
| |
|
|
|
|
| |
They're not under /data/vendor.
Change-Id: I63ad040967c985925b05cf139710dc35b33291c5
|
| |
|
|
|
| |
Change-Id: I36ba7dfe4bccae83703f65cd1afb57a8673e5471
Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
|
| |
|
|
|
| |
Change-Id: If6f7c4310f34239d49af0cad4cc481b507803f80
Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
SELinux: Could not read /sys/devices/soc/2080000.qcom,mss/firmware/modem.mdt/power: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/2080000.qcom,mss/firmware/msadp/power: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/soc:qcom,kgsl-hyp/firmware/a530_zap.mdt/power: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/soc:qcom,kgsl-hyp/firmware/a530_zap.b02: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/2080000.qcom,mss/firmware/modem.b09/power: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/2080000.qcom,mss/firmware/modem.b10/power: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/600000.qcom,pcie/pci0000:00/0000:00:00.0/0000:01:00.0/firmware/evicted30.bin: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/600000.qcom,pcie/pci0000:00/0000:00:00.0/0000:01:00.0/firmware/bdwlan30.b00: No such file or directory.\x0a
SELinux: Could not read /sys/devices/soc/600000.qcom,pcie/pci0000:00/0000:00:00.0/0000:01:00.0/firmware/bdwlan30.bin: No such file or directory.\x0a
|
| |
|
|
| |
* The rules came from marlin's sepolicy.
|
| |
|
|
|
|
|
|
|
|
| |
Add required permissions for netmgrd to use the new netutils wrappers
Bug: 36463595
Test: boot sailfish, test LTE, wifi, wifi calling and phone calls work
Change-Id: I5894ee2659f97fce4f4f2b16c54c10f42484b454
Signed-off-by: Sandeep Patil <sspatil@google.com>
|
| |
|
|
| |
Change-Id: Ie0c94ac657127b1653afbbb82b06789dfe34032d
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
system_server is configured to access idc and keylayout files in
/vendor/usr/idc and /vendor/usr/keylayout. This explicitly grants this
access to system_server, instead of relying on overly broad access
granted by hal_client_domain(system_server, ...) macros which is no
longer going to grant this overly broad access soon.
Test: Modify hal_client_domain to no longer associate hal_x_client with
hal_x, observe that there are no violations form system_server
trying to read /vendor/usr/idc and /vendor/usr/keylayouts.
Bug: 37160141
Change-Id: I136df8713f2f9ff03096e5f6cf35e3e804733040
|
| |
|
|
|
| |
* Remove never-allow rules and enable SELinux permissive for now.
* Enable PRODUCT_FULL_TREBLE_OVERRIDE.
|
| |
|
|
| |
Change-Id: I46669d8c727dce1ca4e28403ca7c24a126d5510f
|
| |
|
|
| |
Signed-off-by: Davide Garberi <dade.garberi@gmail.com>
|
| |
|
|
|
|
|
| |
* Lots of parts are from the old one so thanks to everyone who contributed to that one
* Still it doesn't boot in enforcing though
Signed-off-by: dd3boh <dade.garberi@gmail.com>
|
| |
|
|
| |
Signed-off-by: dd3boh <dade.garberi@gmail.com>
|
| |
|
|
|
|
| |
- fix path in cmhw
- change permissions on boot for sysfs
- add selinux rule for sysfs
|
| |
|
|
| |
Change-Id: Ie5c1edde619cb273bdeb07cf6cafc83c4b314e6b
|
| | |
|
| |
|
