From 2408ce9f328fd03c9e5a1f45cb2b59e6f444ba6b Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Mon, 4 Jul 2022 12:56:20 +0800 Subject: [PATCH 01/16] Setup SELinux bug_map Bug: 234547283 Change-Id: I202ae9cee77a4b7344875d15ce76143f655e7a33 --- tracking_denials/bug_map | 0 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 tracking_denials/bug_map diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map new file mode 100644 index 0000000..e69de29 From 304eb6100b08a7d2980c9c1fc1736e071ea24eec Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Thu, 7 Jul 2022 11:28:30 +0800 Subject: [PATCH 02/16] Update SELinux error Test: checkLockScreen Bug: 238263416 Bug: 238263849 Change-Id: I8c64f9950a54d1b5368b4e7020e352abeb53a867 --- tracking_denials/bug_map | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index e69de29..68cf649 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -0,0 +1,2 @@ +hal_drm_widevine default_prop file b/238263416 +hal_googlebattery dumpstate fd b/238263849 From 98118414f7ba5221115039cc6a8bdebf8f0fd6fb Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Wed, 13 Jul 2022 14:36:46 +0800 Subject: [PATCH 03/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 238837441 Change-Id: Icffca2788a7198195f541b9b0ccd2cbd2596b3f5 --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 68cf649..989abd9 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,2 +1,3 @@ hal_drm_widevine default_prop file b/238263416 hal_googlebattery dumpstate fd b/238263849 +su firmware_file filesystem b/238837441 From 85459505668a54a08caf68c2416e7364774f25bc Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Thu, 14 Jul 2022 09:45:40 +0800 Subject: [PATCH 04/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 238953936 Change-Id: I5adbf8222ef8aa9f2aee09493873df640714d384 --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 989abd9..d292a74 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,3 +1,4 @@ hal_drm_widevine default_prop file b/238263416 hal_googlebattery dumpstate fd b/238263849 su firmware_file filesystem b/238837441 +shell qemu_sf_lcd_density_prop file b/238953936 From 53912eca3d9ec8814af7f71fbd4f0370146c5c2f Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Thu, 14 Jul 2022 06:46:41 +0000 Subject: [PATCH 05/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 238971088 Bug: 238953936 Change-Id: I22665647ea094777a9a7e7f2ab74bc69348cde03 --- tracking_denials/bug_map | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index d292a74..4090d70 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,4 +1,5 @@ hal_drm_widevine default_prop file b/238263416 hal_googlebattery dumpstate fd b/238263849 -su firmware_file filesystem b/238837441 shell qemu_sf_lcd_density_prop file b/238953936 +su firmware_file filesystem b/238837441 +su ramdump_vendor_fs filesystem b/238971088 From ce7df1a5dbbdac3adb268fdc307d05c5ccadc229 Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Fri, 15 Jul 2022 01:01:44 +0000 Subject: [PATCH 06/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 239107943 Change-Id: I3669df41c995bedc0a4ad41c7b2997f6056c2470 --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 4090d70..2901754 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -3,3 +3,4 @@ hal_googlebattery dumpstate fd b/238263849 shell qemu_sf_lcd_density_prop file b/238953936 su firmware_file filesystem b/238837441 su ramdump_vendor_fs filesystem b/238971088 +untrusted_app app_data_file dir b/239107943 From 401b1db7ad456acc26bb90520cc8e4daff0c82fd Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Wed, 20 Jul 2022 09:12:05 +0800 Subject: [PATCH 07/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 239632601 Change-Id: I06be29cefba8f0a416d6309a96847f6251a0fdfc --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 2901754..c72571c 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,5 +1,6 @@ hal_drm_widevine default_prop file b/238263416 hal_googlebattery dumpstate fd b/238263849 +netutils_wrapper netutils_wrapper capability b/239632601 shell qemu_sf_lcd_density_prop file b/238953936 su firmware_file filesystem b/238837441 su ramdump_vendor_fs filesystem b/238971088 From d45ed61517605ae572765c8d3b064479b3187272 Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Fri, 22 Jul 2022 10:34:26 +0800 Subject: [PATCH 08/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 239887266 Change-Id: I9eae838c1f19b1806b3d27e61cf8830898f846d7 --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index c72571c..43ce656 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -2,6 +2,7 @@ hal_drm_widevine default_prop file b/238263416 hal_googlebattery dumpstate fd b/238263849 netutils_wrapper netutils_wrapper capability b/239632601 shell qemu_sf_lcd_density_prop file b/238953936 +shell ramdump_exec file b/239887266 su firmware_file filesystem b/238837441 su ramdump_vendor_fs filesystem b/238971088 untrusted_app app_data_file dir b/239107943 From ecb9ed5582f6d758104eabe34e80dc49f45c8fdb Mon Sep 17 00:00:00 2001 From: Stephane Lee Date: Fri, 22 Jul 2022 16:52:03 -0700 Subject: [PATCH 09/16] Bug fixed in ag/19153533 Bug: 238263849 Test: N/A Ignore-AOSP-First: Change was only merged in master Change-Id: I46f290316d347ffb0a8b02dd2af1c30a5db0556a --- tracking_denials/bug_map | 1 - 1 file changed, 1 deletion(-) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 43ce656..c0650cd 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,5 +1,4 @@ hal_drm_widevine default_prop file b/238263416 -hal_googlebattery dumpstate fd b/238263849 netutils_wrapper netutils_wrapper capability b/239632601 shell qemu_sf_lcd_density_prop file b/238953936 shell ramdump_exec file b/239887266 From 47737745fc743b6307fa610a9bb28977a9070a8b Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Wed, 3 Aug 2022 01:08:14 +0000 Subject: [PATCH 10/16] Update SELinux error Test: checkLockScreen Bug: 241172508 Test: scanBugreport Bug: 241172508 Test: SELinuxUncheckedDenialBootTest Bug: 241172508 Change-Id: I98db4f1e6ebebb6dd9ba9a1a645bd4cd70ce00eb --- tracking_denials/bug_map | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index c0650cd..e952132 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,4 +1,8 @@ hal_drm_widevine default_prop file b/238263416 +init app_data_file dir b/241172508 +init gsi_data_file file b/241172508 +init privapp_data_file dir b/241172508 +init system_app_data_file dir b/241172508 netutils_wrapper netutils_wrapper capability b/239632601 shell qemu_sf_lcd_density_prop file b/238953936 shell ramdump_exec file b/239887266 From 96e4154970918838d790b83dbc32a90c2cb550e8 Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Thu, 5 Jan 2023 11:03:56 +0800 Subject: [PATCH 11/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 264483669 Change-Id: Ic582d1eb32a874173bc9e932364bbbfa6b35fd8b --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index e952132..9365626 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -8,4 +8,5 @@ shell qemu_sf_lcd_density_prop file b/238953936 shell ramdump_exec file b/239887266 su firmware_file filesystem b/238837441 su ramdump_vendor_fs filesystem b/238971088 +system_server vendor_incremental_module file b/264483669 untrusted_app app_data_file dir b/239107943 From af110c3704772d42c9e53fe72196149230d356f8 Mon Sep 17 00:00:00 2001 From: Adam Shih Date: Fri, 6 Jan 2023 09:19:32 +0800 Subject: [PATCH 12/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 264600139 Change-Id: Ifa7ba7fc4a8fc45cd291cf038b0df66ce923a47c --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 9365626..7b4f781 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -4,6 +4,7 @@ init gsi_data_file file b/241172508 init privapp_data_file dir b/241172508 init system_app_data_file dir b/241172508 netutils_wrapper netutils_wrapper capability b/239632601 +qtelephony default_android_service service_manager b/264600139 shell qemu_sf_lcd_density_prop file b/238953936 shell ramdump_exec file b/239887266 su firmware_file filesystem b/238837441 From 577fef6de3b3d890ab058608adcc1b896961e9cb Mon Sep 17 00:00:00 2001 From: sukiliu Date: Wed, 11 Jan 2023 08:37:34 +0800 Subject: [PATCH 13/16] Update error on ROM 9475915 Bug: 265076220 Bug: 265014876 Test: SELinuxUncheckedDenialBootTest Change-Id: I5dec505570e996d735700dee47eff9ed90454d28 --- tracking_denials/platform_app.te | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 tracking_denials/platform_app.te diff --git a/tracking_denials/platform_app.te b/tracking_denials/platform_app.te new file mode 100644 index 0000000..2e775b3 --- /dev/null +++ b/tracking_denials/platform_app.te @@ -0,0 +1,2 @@ +# b/265076220 +dontaudit platform_app hal_wireless_charger_service:service_manager { find }; From 3e5b7f11bc45eeeb4512e378d6d285c815cf1198 Mon Sep 17 00:00:00 2001 From: Cody Northrop Date: Fri, 3 Feb 2023 09:51:17 -0700 Subject: [PATCH 14/16] Track denial for new graphics config properties Bug: 267752967 Test: TreeHugger Change-Id: I268e2e8eb0b1b045b09dd22d2c0d9d24e8e1ed5a (cherry picked from commit 08852d32b94ad65c3a0d8f848db064c1960d70df) Merged-In: I268e2e8eb0b1b045b09dd22d2c0d9d24e8e1ed5a --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 7b4f781..e08dde8 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,3 +1,4 @@ +hal_camera_default graphics_config_prop file b/267752967 hal_drm_widevine default_prop file b/238263416 init app_data_file dir b/241172508 init gsi_data_file file b/241172508 From 1b6cd9dc714525fb9ee807237e9357c1bba87b78 Mon Sep 17 00:00:00 2001 From: sukiliu Date: Mon, 13 Feb 2023 10:40:50 +0800 Subject: [PATCH 15/16] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 264600139 Test: scanBugreport Bug: 263178967 Change-Id: I6540dc9752def99bd7de557810388750f6b7bd3f --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 7b4f781..b46f360 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,3 +1,4 @@ +dumpstate system_data_file dir b/263178967 hal_drm_widevine default_prop file b/238263416 init app_data_file dir b/241172508 init gsi_data_file file b/241172508 From 7e53d8f76288c86fae12f72ce4ce4bf95ff7e79b Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Tue, 18 Apr 2023 11:25:44 +0800 Subject: [PATCH 16/16] Update error on ROM 9892652 Bug: 277155616 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: Ice03656807cc498976cba4ac7bf717ac898a0788 --- tracking_denials/dumpstate.te | 2 ++ 1 file changed, 2 insertions(+) create mode 100644 tracking_denials/dumpstate.te diff --git a/tracking_denials/dumpstate.te b/tracking_denials/dumpstate.te new file mode 100644 index 0000000..8fde23b --- /dev/null +++ b/tracking_denials/dumpstate.te @@ -0,0 +1,2 @@ +# b/277155616 +dontaudit dumpstate default_android_service:service_manager { find };