summaryrefslogtreecommitdiffstats
path: root/sepolicy/qcom
Commit message (Collapse)AuthorAgeFilesLines
* cm: Allow LiveDisplay to write to display misc dirSteve Kondik2016-08-151-1/+1
| | | | | | * Need write permission to create file containing the current mode. Change-Id: I4ed26412e7ec38861156110c7eb51ef707a0999f
* sepolicy: Move new QCOM-specific policy to the right placeSteve Kondik2016-08-091-0/+3
| | | | | | | * Don't wanna break the build for anyone again :( The native stuff is very QCOM specific and won't work elsewhere. Change-Id: Id5dbba1a46dc12cbd5914cf3072ed92a72039b31
* sepolicy: Put theme service in its own contextd34d2016-08-021-2/+3
| | | | | | | Allow the theme manager and its data to be sandboxed in its own context Change-Id: I7898663d1c196bfe04fa4c539d20191a43fde284
* sepolicy: More IOP rulesSteve Kondik2016-08-011-0/+1
| | | | Change-Id: I6d6cfd7202c94135344eb718e0c6ac5347a0ece7
* sepolicy: Let the IO prefetcher look at sdcardfsSteve Kondik2016-07-291-1/+2
| | | | Change-Id: Ie618887fbf292c702df720f04840ab3c8ff222f7
* persist.dbg/data for radio to control QC prop'sDeepak Kundra2016-06-031-0/+2
| | | | | | Issue-id:FEIJ-679 Change-Id: Iafe0405fd4a83c8f22e1af7152c1c3a009cd2e71
* cm: Extend policy for IOPSteve Kondik2016-05-141-0/+4
| | | | | | * IO prefetcher needs to dig into themes and media as well. Change-Id: I72cd7fca3a7cacf28764023a73c66e4ea8a58be5
* cm: Add SE policy for iop serviceSteve Kondik2016-05-061-0/+6
| | | | Change-Id: I14338a03c469cd71a6d5c7fecc71eb2290b2e6c4
* sepolicy: Add perfprofd with set_prop macromyfluxi2016-01-121-0/+5
| | | | | | | | Addresses: avc: denied { write } for pid=293 comm="perfprofd" name="property_service" dev="tmpfs" ino=9229 scontext=u:r:perfprofd:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 Change-Id: I5a88722eda4d0751fd9a081c434d385ac1c785ef
* sepolicy: Allow adb pull of executables without rootSteve Kondik2015-11-291-0/+14
| | | | | | * Because we aren't actually jerks, contrary to popular belief. Change-Id: Ie39cce65ecc6a2861547865ff554b108b8b534fa
* sepolicy: qcom: Allow reading PSU sysfs by system_serverDiogo Ferreira2015-11-271-0/+4
| | | | | | | | | BatteryService queries the usb state to check whether the usb type is HVDCP. This patch adds a rule to allow that. For more context check BatteryService#Led#isHvdcpPresent. Change-Id: Ifacf13dde4b1df81c92bf5d92196e504e61dd402
* sepolicy: Rule for CM's perfd extensionSteve Kondik2015-11-231-0/+2
| | | | | | | | | | Manual apply and refactor of cm-12.1 patch: e04329df88211264e7a9c8f1d6b87a16d8d5639b Use the unix_socket_connect macro and switch to the new perfd domain. Change-Id: Ibb83220b32bad7805653140751c978e629f87ffb
* sepolicy: add persist_block_device typeDan Pasanen2015-11-171-0/+1
| | | | | | | | * This is likely defined in several device trees, but not all remove it from your device trees if we're going to write rules for it here. Change-Id: I1dda04647d36db52525a3d57b485860dfe3eeb30
* sepolicy: Remove some denialsSteve Kondik2015-11-162-0/+5
| | | | | | | * Allow apps to run the "df" command to look at disk usage. * Allow thermal engine to check/set battery limits. Change-Id: I67c863a82a94007e7a5e8ccfde9c095b7277ab84
* sepolicy: Add policy for thermal engine changesSteve Kondik2015-11-141-0/+4
| | | | | | * Cyngn devices will need this. Change-Id: I1e7528e92d0d4ed8c4029667d7ef3cf9081a6575
* sepolicy: qcom: Remove duplicate entrymyfluxi2015-11-101-1/+0
| | | | | | We have this in qcom/sepolicy/common already. Change-Id: Ibe6ada531f77d3ec00ff61081d21b3d36a1fe7a7
* sepolicy: allow vold to trim persistEd Falk2015-09-301-0/+1
| | | | | Change-Id: I6441c00bfd173f1f3fd4c09a67c678c5bd4f8090 Issue-id: SYSTEMS-62
* cm: Fix a few denialsSteve Kondik2015-09-192-0/+10
| | | | | | * Missed a few things when cleaning up devices. Change-Id: Ib71afd696a564aeeaa80c34ca9744a39891f4b63
* cm: sepolicy: Create central place for QC-specific policySteve Kondik2015-09-154-0/+17
* We have a number of policy items due to changes in our BSPs or for other things which interact with the QC sepolicy. Add a place for us to store this stuff so we don't need to copy it around to every device. Change-Id: I155ca202694501d42b42e2bd703d74049d547df0
generated by cgit v1.1 at 2025-01-09 07:05:54 +0000