ADHOC/replicant-vendor_replicant
3
0
Fork 0
Code Issues 6 Pull Requests Releases Activity
2,282 Commits 2 Branches 0 Tags 430 MiB
0ab505f1ad
Commit Graph

62 Commits

Author SHA1 Message Date
Steve Kondik
002b4f0a4f cm: sepolicy: Allow ueventd to properly handle cpufreq changes 
* We need to allow relabeling since these files can pop in and out if
   the governor is changed.

Change-Id: Id75099290e24dac9962d4fed8148ec2df9e256b2
 2014-04-05 14:05:13 -07:00
Pawit Pornkitprasan
54c91b849c sepolicy: allow vold to mount fuse-based sdcard 
exfat and NTFS-3g requires access to /dev/fuse

Change-Id: I35b13ada586c8de3fbe04156c2d10bf5e3c07b3a
 2013-12-10 17:10:50 +07:00
Pawit Pornkitprasan
9a19f575a4 sepolicy: allow vold to mount ext4 sdcard 
When vold mounts an ext4 sdcard, it needs to force the context to
sdcard_external.

avc:  denied  { relabelfrom } for  pid=190 comm=vold scontext=u:r:vold:s0 tcontext=u:object_r:labeledfs:s0 tclass=filesystem
avc:  denied  { relabelto } for  pid=190 comm=vold scontext=u:r:vold:s0 tcontext=u:object_r:sdcard_external:s0 tclass=filesystem
avc:  denied  { relabelfrom } for  pid=190 comm=vold scontext=u:r:vold:s0 tcontext=u:object_r:sdcard_external:s0 tclass=filesystem

Change-Id: I80f42fbdf738dee10958ce1bdc1893a41234f0d9
 2013-11-15 10:02:25 +07:00
Pawit Pornkitprasan
ef907713b7 sepolicy: allow vold to create files on external sdcard 
This is required for ASEC support. Vold can already create and
access directories, but do not yet have the permission for files.

Change-Id: I5082bbff692e5dc53c7000e4b3a293e42d33f901
 2013-11-14 10:48:08 +07:00
Pawit Pornkitprasan
1b6aa84f9d sepolicy: allow installd to query ASEC size 
installd need to query ASEC size on sdcard_external
to show on the Settings -> Apps page correctly.

Change-Id: I2d9a49b8f0652f05d73d0ff464a3835595e2cc3c
 2013-11-13 22:35:17 +07:00
Pawit Pornkitprasan
a30ec115e3 sepolicy: treat fuseblk as sdcard_external 
Allow fuse-mounted NTFS/exFAT file systems to be written to

Change-Id: I1492914dd269a305e27aba58e61064d853adf2bc
 2013-11-13 09:37:42 +07:00
Ricardo Cerqueira
98c81ead7a selinux: Fix asec mounting 
Change-Id: I92392f3d810dfaf8dfc35f5c9170178a651d28dc
 2013-11-12 21:05:31 +00:00
dhacker29
26a925919b sepolicy: f2fs: Allow fs_use_xattr 
Change-Id: I458d464598777fa06751dad0aa9cfd4d903a4de1
 2013-11-10 15:01:44 -06:00
Ricardo Cerqueira
e58e23e131 selinux: Add missing seapp_contexts file 
Change-Id: I6bda9e4876b9053ea16fe3c11c21b9c1e7acb17a
 2013-11-06 11:39:24 +00:00
Ricardo Cerqueira
ac8d09538e selinux: Add CM-specific file_contexts 
Change-Id: Ie70c59acedbb7be2f5b34a83c1d3d011f440ba05
 2013-11-06 03:00:16 +00:00
Ricardo Cerqueira
8521d46944 selinux: CM policies are now inserted last 
Inclusion of the makefile is done by the build system to enforce
the wanted order

Change-Id: I86d7c6fb08b6bb1f6e0385e951a54827345aaf84
 2013-11-05 22:19:33 +00:00
William Roberts
9642d1dd8b sepolicy: Start CM Common sepolicy 
Rather than having to maintain out of tree changes, it is often
easier to maintain a hiearchy of changes, starting with the vendors
common config file. From there, inheriting products can pick up a base
and start to add or remove certain bits from it, making use of the
BOARD_SEPOLICY_* functions documented in external/sepolicy/README.

Change-Id: I28a4aaf6c126535f0a88001582641b234a750015
 2013-08-17 22:27:45 +01:00