Evolution-X-Devices/device_google_gs201
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: Evolution-X-Devices:bka
Branches Tags
Evolution-X-Devices:bka Evolution-X-Devices:bq2 Evolution-X-Devices:bq1 Evolution-X-Devices:vic Evolution-X-Devices:udc
...
pull from: Evolution-X-Devices:udc
Branches Tags
Evolution-X-Devices:bq2 Evolution-X-Devices:bq1 Evolution-X-Devices:bka Evolution-X-Devices:vic Evolution-X-Devices:udc

2878 Commits
bka ... udc

Author SHA1 Message Date
AnierinB
1f54fc6a4d gs201: Initialize for Evolution X 9.x 
Signed-off-by: AnierinB <anierin@evolution-x.org>
 2024-09-10 14:09:28 -07:00
Nolen Johnson
c03fc89b04 Revert "gs201: Build with 64-bit only GMS if WITH_GMS" 
This reverts commit 015c0ed681.

Reason for revert: GMS combined these makefiles.

Change-Id: I55b4c78fc0ef3bd4c752c234695989c4bf89ee05
 2024-09-09 21:28:08 +00:00
Aaron Kling
19ae1d6ed1 gs201: Remove elf files in copy files check 
New extract files uses packages instead of copy files

Change-Id: I337c07d13bd350958d4808e1693cc6e03753a96c
 2024-09-07 14:25:51 +03:00
basamaryan
0db58100ec gs201: Drop unnecessary BOARD_USERDATAIMAGE_FILE_SYSTEM_TYPE flag 
Change-Id: Ibb96c529ac64239d7bb919e46f5a625a6deebf98
 2024-06-23 00:32:36 -04:00
Michael Bestas
ac8643eb0c Merge tag 'android-14.0.0_r50' into staging/lineage-21_merge-android-14.0.0_r50 
Android 14.0.0 Release 50 (AP2A.240605.024)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZmdzmgAKCRDorT+BmrEO
# eOaXAJ9UlCc7TZKGS56NNhdmIXj1eQr3GwCeMnWYHXeLam9ZWrbUpVkzZIB/zD8=
# =SMos
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Jun 11 00:43:54 2024 EEST
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2543 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Wilson Sung (6) and others
# Via Android Build Coastguard Worker (20) and others
* tag 'android-14.0.0_r50': (21 commits)
  add dsim wakeup labels
  Remove SELinux exception
  Revert^2 "Remove persist.bootanim.color property definitions"
  Revert "Remove persist.bootanim.color property definitions"
  Remove persist.bootanim.color property definitions
  Update tcpm i2c sepolicy with new device name
  [gs201] Use common settings for Contexthub HAL
  Update i2c device paths
  Update SELinux error
  sepolicy: allow hal_power_stats to read sysfs_display
  dontaudit on dir search for vendor_charger_debugfs
  Update SELinux error
  Update SELinux error
  Update SELinux error
  Remove modem_svc selinux error from denials bug_map
  selinux: label wakeup for BMS I2C 0x36, 0x69
  gs201: move mediacodec_samsung sepolicy to gs-common
  Remove obsolete entries
  Update SELinux error
  Allow GRIL to get power stats.
  ...

Change-Id: Icefd487fd2f0b98f239ebf19fc1d371e005f49d8
 2024-06-15 22:36:31 +03:00
Michael Bestas
d188c01011 Merge tag 'android-14.0.0_r50' into staging/lineage-21_merge-android-14.0.0_r50 
Android 14.0.0 Release 50 (AP2A.240605.024)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZmdzmgAKCRDorT+BmrEO
# eOlUAJ0TWkW8QcVO31vny0XkQ2HaLOxz+ACeLRL6jaHuXBT08TgmRHAcDuGXjC0=
# =6CHm
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Jun 11 00:43:54 2024 EEST
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2543 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Jenny Ho (4) and others
# Via Android Build Coastguard Worker (36) and others
* tag 'android-14.0.0_r50': (42 commits)
  gs201: bigocean: Enable width-height swap
  Revert "Add betterbug mk to gs201"
  Adding android.software.contextualsearch to gs-201 devices.
  bcl: Adjust GPU LIGHT clk divider ratio
  pixelstats: added multiple GMSR paths
  Add betterbug mk to gs201
  pixelstats: gs201: add Learning/Update/ModelLoad path
  dumpstate: moving charger nodes to user build
  [gs201] Enable multiclient HAL
  bcl: Adjust GPU clk divider ratio
  Move manifest entries to gs-common.
  [Refactor] Include edgetpu targets in final image
  Add Youtube back in MRR Small Area Detection Allowlist
  Update i2c device paths
  Revert "usb: Select usb-service rc files based on kernel versions"
  gs201: enable dynamic color mode
  usb: Select usb-service rc files based on kernel versions
  usb: Runtime search the i2c path
  gs201: Remove sysprop forcing renderengine to skiaglthreaded
  remove build log spam
  ...

 Conflicts:
	conf/init.gs201.rc
	device.mk
	dumpstate/dump_power_gs201.sh

Change-Id: I6580599a453d7575dc9d02a28900a925e6c5640f
 2024-06-15 22:36:25 +03:00
Tommy Webb
22e7439a3d Revert "Add back saturated color mode" 
This presence of this color mode now leads to problems deactivating
color inversion and color correction, even if it is not selected.

This reverts commit d37aac0531.

Issue: calyxos#2312
Change-Id: I1ce6aec9d32d4b3fd2d88545c91c579b8313e50a
 2024-04-30 20:21:19 +03:00
Michael Bestas
df371b8a52 gs201: Update AiAi configs 
Extracted from stock cheetah AP1A.240405.002

Change-Id: Ief71f77fb2475311ed555fece837f46ff1eae4aa
 2024-04-26 18:34:37 +03:00
Michael Bestas
4bfd1fce2e fixup! Disable userdebug diagnostics 
Change-Id: Ic3f40892d4654e853bcd11803e43ecb7f0ff9366
 2024-04-24 20:00:35 +03:00
Michael Bestas
1ee5a39c5f Merge tag 'android-14.0.0_r30' into staging/lineage-21_merge-android-14.0.0_r30 
Android 14.0.0 Release 30 (AP1A.240405.002)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZgs+ygAKCRDorT+BmrEO
# eA4AAJ4nhXb62reEpMDl0rpCQe76Y1MongCfTXgrsOwSW1Kaf/CY+ckNKqJLOTs=
# =x+yL
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Apr  2 02:10:02 2024 EEST
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2412 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By George Lee
# Via Android Build Coastguard Worker
* tag 'android-14.0.0_r30':
  bcl: Adjust GPU clk divider ratio

Change-Id: Ic2e84279ed267e903b187eb6606fa430d665c79f
 2024-04-03 14:15:22 +03:00
Michael Bestas
54b5e2e9c0 gs201: overlay: Enable battery cycle count 
Change-Id: I92bc8363e1c9e2ad54c29a0a30dce992e25f697d
 2024-03-28 00:08:19 +02:00
LuK1337
9f47851953 fixup! Update sepolicy path 
Change-Id: I7506dfd0f51912a768cbfc56f4f2e423dc3054c8
 2024-03-20 23:38:14 +01:00
Michael Bestas
855708aac3 Merge tag 'android-14.0.0_r29' into staging/lineage-21_merge-android-14.0.0_r29 
Android 14.0.0 release 29

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZeZWygAKCRDorT+BmrEO
# eD7OAJ432TWMe9grx03PWAXroMGubhrqOQCfa4pJGdaN9YVr/L8ZI6WdQdsjy6U=
# =3gr6
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Mar  5 01:18:34 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2383 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Wilson Sung (13) and others
# Via Automerger Merge Worker (428) and others
* tag 'android-14.0.0_r29': (55 commits)
  sepolicy: add read wlc sysfs permission
  Fix rlsservice sepolicy
  Update SELinux error
  Update SELinux error
  Add Secretkeeper HAL
  gs201: move sepolicy related to bootctrl hal to gs-common
  Removes duplicate hidraw_device type definition.
  Suppress avc error log on debugfs's usb folder.
  Move sg_device related policy
  aoc: add sysfs file entry
  Add Pixel Mapper as a sp-HAL
  dontaudit on dir search for vendor_votable_debugfs
  Removes duplicate hidraw_device type definition.
  Change the MDS to platform app in selinux ap context.
  sensors: Move USF related sepolicy to gs-common.
  Update SELinux error
  Add selinux policy change to allow MDS access Samsung OemRil hal.
  Update SELinux policies for rlsservice
  pixelstats: Add Brownout Detection sepolicy
  Update SELinux error
  ...

 Conflicts:
	sepolicy/gs201-sepolicy.mk
	sepolicy/whitechapel_pro/keys.conf

Change-Id: I9fc4aff3c5cc921195544f85b2c176e50712e7d0
 2024-03-10 09:21:42 +02:00
Michael Bestas
d1e0a12fdb Merge tag 'android-14.0.0_r29' into staging/lineage-21_merge-android-14.0.0_r29 
Android 14.0.0 release 29

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZeZWygAKCRDorT+BmrEO
# eDSNAJ9wqDj+MjTkLxlVtDrIJfY8Snw+mwCeNsBpbgOGLGUe+yZUutCeS44QeFs=
# =PW52
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Mar  5 01:18:34 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2382 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Roy Luo (7) and others
# Via Automerger Merge Worker (846) and others
* tag 'android-14.0.0_r29': (84 commits)
  Revert^3 "Use graphics allocator 2"
  usb: enable media-presence polling for SD cards
  pixelstats: Fix access permission by adding total call count and update cca path sysfs
  config: Use carrier config in ROM by default
  Revert^2 "usb: introduce UsbDataSessionMonitor class"
  gs201: use android.hardware.boot aidl interface
  gs201: update manifest HAL android.hardware.boot from hidl 1.2 to aidl
  Revert "usb: introduce UsbDataSessionMonitor class"
  gs201: include bootctrl_hidl_1.2.mk from gs-common
  gs201: move bootctrl service declaration to gs-common
  gs201: move bootctrl hal to gs-common
  bcl: adjust heavy clk divider ratio
  usb: introduce UsbDataSessionMonitor class
  Update default color temperature for night light
  Add webview pinning for gs201 devices
  Enable adaptive playback for BigOcean
  gs201: add c2.android.av1-dav1d.decoder in media_codecs_performance_c2.xml
  usb: update usb hal version to v3
  gs201: update AIDL IGoogleBattery manifest version to 3
  usb: update incompatible charger warning reason
  ...

 Conflicts:
	device.mk

Change-Id: I3e4ae1e4aebe25a1d14ced1f99cfdfc16955d21c
 2024-03-10 09:20:14 +02:00
Android Build Coastguard Worker
f56393a464 Snap for 11526283 from 1c7d8f80f2 to 24Q2-release 
Change-Id: Ie93680c98d2077e03d8b4c6a90ab9b6768067fa1
 2024-03-05 00:30:20 +00:00
Peter Lin
1c7d8f80f2 add dsim wakeup labels 
Bug: 322035303
Bug: 321733124
test: ls sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/wakeup -Z
Change-Id: Ifcf73176620f44743a8aa252f8afed85c3af475c
 2024-03-04 03:02:14 +00:00
Michael Bestas
732b8dd047 Revert "Bypass build time check for users-libs" 
This reverts commit a8a4ca2748.

Change-Id: I6f61d58e2dd419cb11f2aeb4f0faf54145c6a5ce
 2024-03-02 04:20:57 +02:00
Android Build Coastguard Worker
c03e09217a Snap for 11504324 from 1e0e9963e3 to 24Q2-release 
Change-Id: I41e62b251fa7b00e8e788514e08fa49b05e32df8
 2024-02-28 00:02:32 +00:00
Nathan Kulczak
1e0e9963e3 Remove SELinux exception 
Remove SELinux dontaudit section after cl to fix race condition was merged.

Bug: 306344298
Test: Passed on local and automated SELinuxUncheckedDenialBootTest
Change-Id: I5b17c49d47775253491c61e54f1a268fd16081a1
Signed-off-by: Nathan Kulczak <nathankulczak@google.com>
 2024-02-27 05:27:01 +00:00
Thiébaud Weksteen
988131fe3d Revert^2 "Remove persist.bootanim.color property definitions" 
d9b51a61ce

Change-Id: I18c3a290947c21a572754eeecd1d5204c2cbe523
 2024-02-25 23:58:59 +00:00
Android Build Coastguard Worker
4676c7e06e Snap for 11491255 from d9b51a61ce to 24Q2-release 
Change-Id: I1abf3591e0e7a284022e0f346bb3d66693f83287
 2024-02-24 02:02:22 +00:00
Rubin Xu
d9b51a61ce Revert "Remove persist.bootanim.color property definitions" 
Revert submission 26301396-bootanim_prop

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/quarterdeck/?branch=git_main&target=sdk_goog3_x86_64-trunk_staging-userdebug&lkgb=11487950&lkbb=11488141&fkbb=11488141

Bug: 326521604

Reverted changes: /q/submissionid:26301396-bootanim_prop

Change-Id: Ia393a62bd05546f19e326cce013a009ad77c5d52
 2024-02-23 12:25:04 +00:00
Thiébaud Weksteen
4baa59a176 Remove persist.bootanim.color property definitions 
These now belong to the platform policy.

Bug: 321088135
Test: build
Change-Id: I9d92456d7e790398a79a941738e3290975f7b659
 2024-02-23 02:59:53 +00:00
Android Build Coastguard Worker
df2ba369d6 Snap for 11486370 from 9be1081f00 to 24Q2-release 
Change-Id: I14f4b087a2789a9fb61e1fd4bf0b150244970cf8
 2024-02-23 00:02:29 +00:00
Will McVicker
9be1081f00 Update tcpm i2c sepolicy with new device name 
The new name fixes uninformative kernel wakelock names.

Bug: 315190967
Bug: 323447554
Change-Id: I88ecec344fd1eb84c5ca12a6bd3fad38cc40295b
 2024-02-22 17:54:36 +00:00
Android Build Coastguard Worker
83215ca864 Merge cherrypicks of ['googleplex-android-review.googlesource.com/26243077'] into 24Q1-release. 
Change-Id: I3c612d574d06290ee32cd99f822ec846453ba974
 2024-02-22 00:08:54 +00:00
George Lee
65f33e967c bcl: Adjust GPU clk divider ratio 
Revert GPU clk divider ratios.

Bug: 324534203
Test: Confirm no DATA_INVALID_FAULT while running GFXBench under stress
Signed-off-by: George Lee <geolee@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:49a63dad63edcb86ffd2b82068a8de1ae5d6b340)
Merged-In: I84682b476af162eff904ed5bec66ae2e6fa6449a
Change-Id: I84682b476af162eff904ed5bec66ae2e6fa6449a
 2024-02-22 00:06:01 +00:00
Android Build Coastguard Worker
9616b630eb Snap for 11479893 from 967204e373 to 24Q2-release 
Change-Id: Ia4a35e4342a95e30c3091f56668870e57ea9f22e
 2024-02-22 00:02:41 +00:00
Lei Ju
967204e373 [gs201] Use common settings for Contexthub HAL 
The change also labeled files under /data/vendor/chre/ to grant
required access.

Test: compilation
Bug: 248615564
Change-Id: Ia96b7a592523e7b5e64acb8cb7ae4f0f1fc3a78b
 2024-02-18 11:43:27 -08:00
Android Build Coastguard Worker
1552549000 Snap for 11420186 from 28c042f51a to 24Q2-release 
Change-Id: I0e5200550e8357631c322bb8ef88b49be7295431
 2024-02-08 00:02:44 +00:00
Michael Bestas
91d7cf5d05 gs201: Squashed revert of inline kernel build 
Revert "gs201: Add kernel dependency"

This reverts commit 21e31e937a.

Revert "Build kernel with clang r450784e"

This reverts commit f518943284.

Revert "gs201: Inline kernel building"

This reverts commit af5951eef5.

Change-Id: I780cedbab50ba946633b220f6f3818be47097831
 2024-02-08 00:12:58 +02:00
Jacky Liu
28c042f51a Update i2c device paths 
Update i2c device paths with static bus numbers.

Bug: 323447554
Test: Boot to home
Change-Id: I3d41e1819aa7df896322a0dca44449c1e871dff8
 2024-02-06 16:16:53 +00:00
Android Build Coastguard Worker
d44be77d58 Snap for 11386701 from 51d66f9b58 to 24Q2-release 
Change-Id: I38e2d4bc99b18b8ca376287254d580c5e874ad5d
 2024-02-01 00:02:02 +00:00
Wilson Sung
51d66f9b58 Update SELinux error 
Test: scanBugreport
Bug: 323086890
Test: scanAvcDeniedLogRightAfterReboot
Bug: 323086703
Change-Id: Idfe9e28e668b0b268acbaa68ae23083972dd146f
 2024-01-31 02:58:24 +00:00
Xin Li
f3a672ab0c [automerger skipped] Merge Android 24Q1 Release (ab/11220357) am: 0395eebcad -s ours 
am skip reason: Merged-In I3381aaa1e08637c1cc8eb278bd775c81b32ed3bd with SHA-1 04bc1d210a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/25973468

Change-Id: I737857f2de84411f52bf91c44c0b1b2527bf86ec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-31 02:03:14 +00:00
Android Build Coastguard Worker
922e9509c9 Snap for 11373247 from 1f8b299ace to 24Q2-release 
Change-Id: I6a609f7ff22522f44fa8247205c4b3851a0adc40
 2024-01-30 02:02:41 +00:00
Darren Hsu
1f8b299ace sepolicy: allow hal_power_stats to read sysfs_display 
avc:  denied  { read } for  name="available_disp_stats"
dev="sysfs" ino=76162 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 317767775
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I272f69f4c4720eb4800a8a13ef62e1ab34cbaedf
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-01-29 05:59:52 +00:00
Android Build Coastguard Worker
ac2f1ec767 Snap for 11367679 from f32bd56cb0 to 24Q2-release 
Change-Id: Id026e2e4c81b015ed9f95f235d7f00866d5a12ba
 2024-01-27 02:02:30 +00:00
Jack Wu
f32bd56cb0 dontaudit on dir search for vendor_charger_debugfs 
Bug: 307863370
Change-Id: I6da7b9426cdcc6152ff05ef7cd0cf18b718ab875
Signed-off-by: Jack Wu <wjack@google.com>
 2024-01-26 20:13:23 +08:00
Android Build Coastguard Worker
2bd42deea8 Snap for 11355999 from bbb8e0618f to 24Q2-release 
Change-Id: I7f04cd459c73a733f210a98d0a6b39319af158a3
 2024-01-25 02:33:21 +00:00
Wilson Sung
bbb8e0618f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 322036333
Test: scanBugreport
Bug: 322035303
Bug: 315104803
Test: scanAvcDeniedLogRightAfterReboot
Bug: 322036333
Bug: 315104803
Change-Id: Ide2a5f5d6636d0374e724de9991a71123396a85f
 2024-01-23 22:22:36 +00:00
Android Build Coastguard Worker
8974f8e693 Snap for 11343021 from f52acbf0cf to 24Q2-release 
Change-Id: I0c503d8f50909bbcc6b18284332c069e1834df4d
 2024-01-23 00:02:44 +00:00
Wilson Sung
f52acbf0cf Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 321731318
Test: scanBugreport
Bug: 315104803
Test: scanAvcDeniedLogRightAfterReboot
Bug: 315104803
Change-Id: I5fc3c161edc102c2418145c69c1f94125d73783e
 2024-01-22 17:41:28 +00:00
Xin Li
0395eebcad Merge Android 24Q1 Release (ab/11220357) 
Bug: 319669529
Merged-In: I3381aaa1e08637c1cc8eb278bd775c81b32ed3bd
Change-Id: I75fb73fcb7f1adbcc511fec0e64c9fbd311e5e0c
 2024-01-17 22:12:36 -08:00
Android Build Coastguard Worker
3ffd6aa8ea Snap for 11324029 from 25835bcc61 to 24Q2-release 
Change-Id: Ida73ab82638fe5b87a4e3ad8623e983698ee8077
 2024-01-18 00:02:55 +00:00
Wilson Sung
25835bcc61 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 319403445
Test: scanBugreport
Bug: 319403445
Test: scanAvcDeniedLogRightAfterReboot
Bug: 319403445
Change-Id: I739ae803828538555a92989e71d85df5c77c0bd2
 2024-01-16 20:01:43 +00:00
Android Build Coastguard Worker
80eafb38a6 Snap for 11308440 from 00d82676e9 to 24Q2-release 
Change-Id: I908cdea9aebc784325ecf67028b2fbfee65357f9
 2024-01-13 02:08:06 +00:00
Mahesh Kallelil
00d82676e9 Remove modem_svc selinux error from denials bug_map 
This property was removed and is not being used anymore. So
modem_svc will not need to read it.

Bug: 316816342
Change-Id: I9fe6002e34f7dd5fea0371d41d417c778c3d0905
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2024-01-12 06:43:47 +00:00
Android Build Coastguard Worker
258ed74282 Merge cherrypicks of ['googleplex-android-review.googlesource.com/25842883'] into 24Q1-release. 
Change-Id: I5e6bef62e973b389044692644275e52cea750354
 2024-01-11 22:19:14 +00:00
Devika Krishnadas
7a4af20680 Revert^3 "Use graphics allocator 2" 
4217a458ba

Reverting to comply with the Allocator VTS for 24Q1, do not merge to main.

Bug: 310046460
Test: VtsHalGraphicsAllocatorAidl_TargetTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2470105392a2a220b2cffd9c7dd4da0693a481d6)
Merged-In: I322cdf9452a80e5da87f1808b324ac2e499fe9cd
Change-Id: I322cdf9452a80e5da87f1808b324ac2e499fe9cd
 2024-01-11 22:17:08 +00:00
Android Build Coastguard Worker
48ea06f3e3 Snap for 11297328 from f1c2498079 to 24Q2-release 
Change-Id: If76aa3acc5a906bd9ade1a3aa3b614f8cae91964
 2024-01-11 00:05:21 +00:00
Ken Yang
f1c2498079 selinux: label wakeup for BMS I2C 0x36, 0x69 
Bug: 319035561
Change-Id: I45a80157d2a1d12a27a748aed31bb0ae5b08e7b5
Signed-off-by: Ken Yang <yangken@google.com>
 2024-01-10 06:12:19 +00:00
Android Build Coastguard Worker
6622dcf6ea Snap for 11292102 from 997782c603 to 24Q2-release 
Change-Id: Iecfaa4b751f43e4e88bce41f16ce27020838f11d
 2024-01-10 00:03:11 +00:00
wenchangliu
997782c603 gs201: move mediacodec_samsung sepolicy to gs-common 
remove mediacodec_samsung sepolicy in legacy path since we will include it from gs-common.

Bug: 318793681
Test: build pass, camera record, youtube
Change-Id: I08a9ce89155324b0ac749bde4a9d205585a57320
Signed-off-by: wenchangliu <wenchangliu@google.com>
 2024-01-09 14:49:56 +00:00
Nolen Johnson
015c0ed681 gs201: Build with 64-bit only GMS if WITH_GMS 
* We are 64-bit only and therefore need this config selected.

Change-Id: Ifa31c29bad479f3a54859f51f2ce7a72b29895fa
 2024-01-08 06:59:51 +00:00
Michael Bestas
a94238c410 Merge tag 'android-14.0.0_r20' into staging/lineage-21_merge-android-14.0.0_r20 
Android 14.0.0 release 20

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZZXyBQAKCRDorT+BmrEO
# eAvqAKCQEBK7YcuKGulZhDtox4EMWVzcSQCfYMYllTDWhXK1MfXCrAcRqvgedlc=
# =pmkj
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu Jan  4 01:47:17 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2228 signatures in the past
#      2 years.  Encrypted 4 messages in the past 24 months.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Hungyen Weng
# Via Android Build Coastguard Worker
* tag 'android-14.0.0_r20':
  config: Use carrier config in ROM by default

Change-Id: I70f50993a7d4821f976f45ee7df688c54cfa6d31
 2024-01-06 15:00:02 +02:00
Android Build Coastguard Worker
a10858ce0c Snap for 11260009 from 8c955289ca to 24Q2-release 
Change-Id: Ia9d4168ceee155d6ed8bc46c77cb9df139ef1650
 2023-12-29 00:02:47 +00:00
timtmlin
8c955289ca Remove obsolete entries 
Bug: 315720727
Bug: 315721328
Test: make
Change-Id: I176dd469a78d8c6c80bdfc72f377951955ffd543
 2023-12-27 15:42:02 +08:00
Android Build Coastguard Worker
b059516597 Snap for 11255311 from 8751aabb8a to 24Q2-release 
Change-Id: Idee880668657deb513d377f19ce7bc3c1f14cb91
 2023-12-27 00:04:08 +00:00
Wilson Sung
8751aabb8a Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 317734397
Test: scanBugreport
Bug: 317734683
Bug: 315104803
Test: scanAvcDeniedLogRightAfterReboot
Bug: 317734963
Bug: 315104803
Change-Id: If88b24f947ed750b9e6ca8d83c1762e09b9cfebb
 2023-12-26 03:43:31 +00:00
Android Build Coastguard Worker
615f4cf932 Snap for 11251507 from c45f36f10e to 24Q2-release 
Change-Id: Id47e2e16b5c3e67e66019540097351c3d0ce0a2c
 2023-12-23 02:02:33 +00:00
Chi Zhang
c45f36f10e Allow GRIL to get power stats. 
SELinux : avc:  denied  { find } for pid=3147 uid=10219 name=android.hardware.power.stats.IPowerStats/default scontext=u:r:grilservice_app:s0:c219,c256,c512,c768 tcontext=u:object_r:hal_power_stats_service:s0 tclass=service_manager permissive=1

Bug: 286187143
Test: build and boot
Change-Id: I4588708267fc0f582c767a93e5a422a6e40b6369
 2023-12-19 12:21:45 -08:00
Michael Bestas
5091a4e563 gs201: Update AiAi configs 
Extracted from stock cheetah UQ1A.231205.015

Change-Id: I56bdf976af36cee52f35ef2dd6a91b6001126b7f
 2023-12-19 05:11:28 +02:00
Michael Bestas
0403333fdb gs201: Update ConnectivityThermalPowerManager config 
Extracted from stock cheetah UQ1A.231205.015

Change-Id: I64a01f21c22b925bee2a3dfecf5fded52ff64b40
 2023-12-19 05:11:23 +02:00
Android Build Coastguard Worker
cc77c850ee Snap for 11232546 from c131634ccf to 24Q2-release 
Change-Id: I50e0e6ea8ef65b98342b75795d56b9c01a2cc129
 2023-12-19 00:03:45 +00:00
Wilson Sung
c131634ccf Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 316816342
Test: scanBugreport
Bug: 316817103
Bug: 315104803
Test: scanAvcDeniedLogRightAfterReboot
Bug: 316816342
Bug: 315104803
Change-Id: I4806c007ce70fab72a3754afbf3cf218dfc4b4fc
 2023-12-18 03:26:48 +00:00
Android Build Coastguard Worker
eb6da0a98e Snap for 11227258 from 04bc1d210a to 24Q2-release 
Change-Id: Ie847c935e0eaa054e1914958557bfa213a5f9dc6
 2023-12-16 02:01:51 +00:00
Michael Bestas
21e31e937a gs201: Add kernel dependency 
Change-Id: I79a7e9eb7043e536068386acaed81822ec11e89e
 2023-12-14 22:58:21 +02:00
Michael Bestas
bea8640474 fixup! Add AiAi allowlist 
Change-Id: Ic14411fd5da455988f028e0c7666516847e35f64
 2023-12-14 22:55:35 +02:00
Android Build Coastguard Worker
8f30c6f2b0 Snap for 11216811 from 04bc1d210a to 24Q1-release 
Change-Id: I99676f6472adc317340e2b5794e6ef0ce31447bf
 2023-12-14 00:02:35 +00:00
Jenny Ho
04bc1d210a sepolicy: add read wlc sysfs permission 
12-12 18:33:17.960000  1000   906   906 I auditd  : type=1400 audit(0.0:10): avc:  denied  { read } for  comm="android.hardwar" name="type" dev="sysfs" ino=75851 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0

Bug: 306534100
Change-Id: I3381aaa1e08637c1cc8eb278bd775c81b32ed3bd
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-12-13 07:31:13 +00:00
Android Build Coastguard Worker
2c7e671ecd Snap for 11211173 from 8412883458 to 24Q1-release 
Change-Id: I307a100412c75673a2801b81e5a3712d27890c03
 2023-12-13 00:05:13 +00:00
Android Build Coastguard Worker
f2b4bb7bef Merge cherrypicks of ['googleplex-android-review.googlesource.com/25616534'] into udc-qpr1-release. 
Change-Id: I971d965776c71919c20ffdc73135b80f6fc3bf01
 2023-12-12 05:02:32 +00:00
Hungyen Weng
89b5f3fca3 config: Use carrier config in ROM by default 
Bug: 314890118

Test: Flash ROM and confirm the carrier config follows the ROM.
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8dbc173f2bf04255ce22dd1e13e888050aad36ca)
Merged-In: Id0407802e2027397ca7a409345c51273b75079e7
Change-Id: Id0407802e2027397ca7a409345c51273b75079e7
 2023-12-12 05:00:28 +00:00
Android Build Coastguard Worker
e64d0f0805 Snap for 11206181 from ea3f55a026 to 24Q1-release 
Change-Id: I6e885d4709efd06482db3bd52a18e7758c9ba0bc
 2023-12-12 02:02:00 +00:00
Android Build Coastguard Worker
0a493ec75d Snap for 11206181 from 75ebe9dcd3 to 24Q1-release 
Change-Id: I5a377817785f9db14eecc37f99a37a3fdb9651b7
 2023-12-12 02:02:00 +00:00
Xin Li
ea3f55a026 [automerger skipped] Merge Android 14 QPR1 am: 5f9cc46c75 -s ours am: 7af1b9d304 -s ours am: e8cb7392ba -s ours 
am skip reason: Merged-In I8ee515e5ae5498296342d1f432ba9fa5716f221d with SHA-1 3dbfb9e35f is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2866361

Change-Id: I2dfdcd71b09693fc3e9f6de7f3c376b94ee43846
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-11 22:57:29 +00:00
Xin Li
e8cb7392ba [automerger skipped] Merge Android 14 QPR1 am: 5f9cc46c75 -s ours am: 7af1b9d304 -s ours 
am skip reason: Merged-In I8ee515e5ae5498296342d1f432ba9fa5716f221d with SHA-1 3dbfb9e35f is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2866361

Change-Id: If5980ad15bebe1ae2b83e8ea8971044658c1cbd8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-11 22:02:16 +00:00
Xin Li
7af1b9d304 [automerger skipped] Merge Android 14 QPR1 am: 5f9cc46c75 -s ours 
am skip reason: Merged-In I8ee515e5ae5498296342d1f432ba9fa5716f221d with SHA-1 3dbfb9e35f is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2866361

Change-Id: Iee7d406102b238debd416fed74724025a032c946
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-11 21:16:27 +00:00
LuK1337
12d59feba0 gs201: Add liboemcrypto.so to vendor linker config 
This lets com.google.android.widevine.apex access it.

Change-Id: I4e9654fe6317b722f5fbf43b92abb367c18640ce
 2023-12-11 15:03:02 +00:00
Boon Jun Soh
a4fa4427bc Fix rlsservice sepolicy 
Allows bugreport generation

Bug: 315255760
Bug: 309379465
Test: abd bugreport & ensure lack of rls avc denied logs
Change-Id: Ic390d6ddd6bac78e5979c78bc6d02262f08b3468
 2023-12-11 07:30:24 +00:00
Wilson Sung
c118ee96ab Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 315720727
Test: scanBugreport
Bug: 315721328
Bug: 315104479
Test: scanAvcDeniedLogRightAfterReboot
Bug: 315104479
Bug: 315720727
Change-Id: I936dba39a2d2cfbd6c2924aed7c1e2f8b9e00fb2
 2023-12-11 02:54:55 +00:00
Michael Bestas
ff7bf1a24d Merge tag 'android-14.0.0_r17' into staging/lineage-21_merge-android-14.0.0_r17 
Android 14.0.0 Release 17 (UQ1A.231205.015)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZXDPIgAKCRDorT+BmrEO
# eKW+AKCSKOvswyMxQEPeAGlxB0qYhYPLagCeKng8NIvA1PoQ+GiKvm4qGPNnqyg=
# =Zxbc
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed Dec  6 21:44:34 2023 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2194 signatures in the past
#      2 years.  Encrypted 4 messages in the past 23 months.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Samuel Gosselin (2) and others
# Via Automerger Merge Worker (71) and others
* tag 'android-14.0.0_r17':
  Grant the MDS access to the IPowerStats hal service.
  gs201: ufs_firmware_update: add scsi directory permission
  Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices"
  Revert "Introduce CameraServices seinfo tag for PixelCameraServices"
  Introduce CameraServices seinfo tag for PixelCameraServices
  Revert "Revert "Create telephony.ril.silent_reset system_ext pro..."
  Revert "Allow bthal to access vendor bluetooth folder"
  Allow bthal to access vendor bluetooth folder
  Revert "Create telephony.ril.silent_reset system_ext property fo..."
  Create telephony.ril.silent_reset system_ext property for RILD restart
  genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node.
  genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node.
  Add chre channel sepolicy entries
  remove fixed selinux bug from bug map.
  [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common
  Remove obsolete entries

 Conflicts:
	sepolicy/whitechapel_pro/keys.conf

Change-Id: If62362077dd47387f5d5dc070375b54b0f74ee8a
 2023-12-10 16:27:59 +02:00
Michael Bestas
6d49eb094d Merge tag 'android-14.0.0_r17' into staging/lineage-21_merge-android-14.0.0_r17 
Android 14.0.0 Release 17 (UQ1A.231205.015)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZXDPIgAKCRDorT+BmrEO
# eCoeAKCMl4tu2uBiBg4bJRWlUY4yWJP62ACffzqUwXKRgfOiCdUcO/rAck5EXDk=
# =0jpY
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed Dec  6 21:44:34 2023 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2194 signatures in the past
#      2 years.  Encrypted 4 messages in the past 23 months.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By qinyiyan (3) and others
# Via Automerger Merge Worker (142) and Android Build Coastguard Worker (61)
* tag 'android-14.0.0_r17': (51 commits)
  Run fsck to resolve possible data corruption
  Revert "gs201: Enable SkiaVk as RenderEngine backend"
  usb.rc: Advertise 360p and 480p support through UVC
  Usb.cpp: Fix typos when unable to disable USB data
  [SELinux] Add gyotaku_app doamin to Pixel 2022.
  UsbGadget: Update SDP enum timeout when gadget is pulled up
  usb: Modify sdp enumeration timeout value in charger mode
  init.gs201.rc: Disable util-awareness
  Disable variable refresh rate when typing on gs201
  gs201: ffu: add lifeC and activated date as condition
  wifi: Update p2p overlay config
  gs201: update media_codecs_performance_c2.xml based on UQ1A.230911.001
  gs201: tweak memory management
  Grant default permissions to PCS for camera connectivity
  Revert "Enable small dirty detection for variable refresh rate"
  Enable small dirty detection for variable refresh rate
  Support variable refresh rate when typing on gs201
  Set USF SoC from board makefile.
  Enable dimming in gamma space in screenshots for adaptive mode
  suspend: enable adaptive suspend
  ...

 Conflicts:
	BoardConfig-common.mk
	device.mk

Change-Id: Ib822c3f6b53087a800eb32a537cd764c1abf0e63
 2023-12-10 16:27:06 +02:00
Android Build Coastguard Worker
3cbb96c5fe Snap for 11200327 from 8d10e34fe0 to 24Q1-release 
Change-Id: I3ae47805403cdb0f345d77edebc54c7d4c74f67c
 2023-12-09 04:02:21 +00:00
Xin Li
5f9cc46c75 Merge Android 14 QPR1 
Merged-In: I8ee515e5ae5498296342d1f432ba9fa5716f221d
Bug: 315507370
Change-Id: Ifae34bf7561f1fd8f5997b3690ac0d9e5a0c3335
 2023-12-08 13:13:24 -08:00
Android Build Coastguard Worker
91d67cdcc1 Snap for 11192287 from bf2cd60aaa to 24Q1-release 
Change-Id: I5f4156c5205649cb470bc4faf33ec53a29d7cb89
 2023-12-08 00:02:42 +00:00
Android Build Coastguard Worker
09417ff9b6 Snap for 11186783 from a509a4b067 to 24Q1-release 
Change-Id: I425ec3dd376aba53fd81d11f7f61fb3a3cceaa78
 2023-12-07 00:02:04 +00:00
Android Build Coastguard Worker
cf69c20b41 Snap for 11186783 from eca39285c5 to 24Q1-release 
Change-Id: Icc13e7f0f74de8d16cfc3e08b1a069cd1b817426
 2023-12-07 00:02:04 +00:00
Wilson Sung
bf2cd60aaa Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 315104803
Test: scanBugreport
Bug: 315104594
Bug: 315104803
Test: scanAvcDeniedLogRightAfterReboot
Bug: 315104803
Change-Id: Iad6a4ea7a3a58c161359a87a6083a015665d5b14
 2023-12-06 10:43:28 +00:00
David Drysdale
eca39285c5 Add Secretkeeper HAL 
Test: VtsAidlAuthGraphSessionTest
Bug: 306364873
Change-Id: I84d4098960d6445da1eb7e58e25a015cd591d6b3
 2023-12-06 10:21:00 +00:00
Android Build Coastguard Worker
13bc69a0d5 Snap for 11180250 from a9ac5d5869 to 24Q1-release 
Change-Id: I8e40b14deff1a904c5b6d03e6d84ce12bc715a8b
 2023-12-06 00:04:24 +00:00
Android Build Coastguard Worker
448333c762 Snap for 11180250 from e2d9795558 to 24Q1-release 
Change-Id: Ieff21452dd2fe4add4f11027de36f2760d090538
 2023-12-06 00:04:24 +00:00
Jason Chiu
e2d9795558 gs201: move sepolicy related to bootctrl hal to gs-common 
Bug: 265063384
Change-Id: I30a71900c2a305b05ae6e17d658df32d95097d14
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-12-05 01:21:53 +08:00
Android Build Coastguard Worker
522239486f Snap for 11169761 from 505ad2718a to 24Q1-release 
Change-Id: I884c987c9f0b4d88c032af9eb6c8d6220d3a619a
 2023-12-02 02:01:58 +00:00
Android Build Coastguard Worker
6fd17485db Snap for 11169761 from 3555bbe0a8 to 24Q1-release 
Change-Id: Ic73c094231d9b603ff086051f9918782d98eef40
 2023-12-02 02:01:56 +00:00
Daniel Norman
505ad2718a [automerger skipped] Removes duplicate hidraw_device type definition. am: da3e268e93 am: bd29602190 -s ours am: 5d4faaf6e3 -s ours 
am skip reason: Merged-In Ia2f817ce99548c30f39a5164c8f6ec323db66155 with SHA-1 da3e268e93 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2855385

Change-Id: I719477aa9af015d4939c978a01dbbafac5569c4c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-01 19:29:26 +00:00
Daniel Norman
5d4faaf6e3 [automerger skipped] Removes duplicate hidraw_device type definition. am: da3e268e93 am: bd29602190 -s ours 
am skip reason: Merged-In Ia2f817ce99548c30f39a5164c8f6ec323db66155 with SHA-1 da3e268e93 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2855385

Change-Id: I7df8e98a28dbd73224a9ea246e704d077043018e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-01 19:24:43 +00:00
Daniel Norman
839207f924 [automerger skipped] Removes duplicate hidraw_device type definition. am: da3e268e93 am: 3dbfb9e35f am: 15b83914ec -s ours 
am skip reason: Merged-In Ia2f817ce99548c30f39a5164c8f6ec323db66155 with SHA-1 b204558a73 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2855385

Change-Id: I2ff31ebd9a9938a13c752d86c11e840a97420e0d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-01 19:23:58 +00:00
Daniel Norman
bd29602190 Removes duplicate hidraw_device type definition. am: da3e268e93 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2855385

Change-Id: Ibde6e0c05689f4849c37564e310859d82af26c69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-01 18:51:10 +00:00
Daniel Norman
15b83914ec Removes duplicate hidraw_device type definition. am: da3e268e93 am: 3dbfb9e35f 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2855385

Change-Id: I5a54857df8d56e73b69d2f14eb39c7c58eb58fa8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-01 18:48:23 +00:00
Daniel Norman
3dbfb9e35f Removes duplicate hidraw_device type definition. am: da3e268e93 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2855385

Change-Id: I8ee515e5ae5498296342d1f432ba9fa5716f221d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-01 18:45:34 +00:00
Daniel Norman
da3e268e93 Removes duplicate hidraw_device type definition. 
This type is now defined by the platform.

Bug: 303522222
Test: ls -z /dev/hidraw0
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b204558a731d6a6a79b701dc8d7c017f59e9af93)
Merged-In: Ia2f817ce99548c30f39a5164c8f6ec323db66155
Change-Id: Ia2f817ce99548c30f39a5164c8f6ec323db66155
 2023-11-30 23:27:56 +00:00
Khoa Hong
a2847d4475 Suppress avc error log on debugfs's usb folder. 
The XHCI driver in kernel will write debugging information to DebugFS on
some USB host operations (for example: plugging in a USB headphone). We
are not using those information right now.

Bug: 305880925
Bug: 311088739
Test: No error when plugging a USB headphone in.
Change-Id: I3b53a3924a1fb3f2a37b0d8a1ae9df037cbc1dd2
 2023-11-30 14:59:09 +08:00
Android Build Coastguard Worker
fcf53d96e8 Snap for 11146061 from baca0e0e4d to 24Q1-release 
Change-Id: I22e4a84a52bfd9de5a744e5b0b2cdc06e684ff0c
 2023-11-28 00:02:32 +00:00
Android Build Coastguard Worker
8f2561170e Snap for 11135477 from 2bd12254f4 to 24Q1-release 
Change-Id: Id4264df30ec5df5d602e4c2ad15013cbf4e2b087
 2023-11-23 00:02:28 +00:00
Michael Bestas
9b3ed02735 gs201: Inherit common partition reserved sizes 
Change-Id: I444ce2fcd37cdfa58d83a7e872dc547fb05a2a89
 2023-11-22 19:32:22 +02:00
Randall Huang
2bd12254f4 Move sg_device related policy 
Bug: 312582937
Test: make selinux_policy
Change-Id: I18617643e66d6d2fe5ff19e440dea204206b3035
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-11-22 14:16:38 +08:00
Android Build Coastguard Worker
bce6a9b893 Snap for 11130229 from 8f30df1dcf to 24Q1-release 
Change-Id: Icc7ba59b9b9f3fd8d78b740e2c90426d13996b3f
 2023-11-22 00:03:26 +00:00
Android Build Coastguard Worker
dafdd19aa7 Snap for 11124398 from 3b40f18e29 to 24Q1-release 
Change-Id: I8942421e38bd71856bcd534d87d4af1fd7864da6
 2023-11-21 00:01:58 +00:00
Alex Iacobucci
8f30df1dcf aoc: add sysfs file entry 
Test: on device
Bug: 309950738
Change-Id: Ie5437a02b3a4f69d05ecb274169b4bd328315a22
Signed-off-by: Alex Iacobucci <alexiacobucci@google.com>
 2023-11-20 20:22:25 +00:00
Devika Krishnadas
3b40f18e29 Add Pixel Mapper as a sp-HAL 
Bug: 267352318

Change-Id: I460f379d8d6904f5bda3f67a7158c0ac6f2e7b5f
Signed-off-by: Devika Krishnadas <kdevika@google.com>
 2023-11-20 18:17:26 +00:00
Android Build Coastguard Worker
2e2a298b6e Snap for 11120126 from 1ecee14a46 to 24Q1-release 
Change-Id: Ic7021e363a7e94b35d398218304e2bf08a89b0a9
 2023-11-19 00:01:52 +00:00
Android Build Coastguard Worker
2a6e01f447 Snap for 11117647 from 7411947a02 to 24Q1-release 
Change-Id: Ie9cc2ce2dfbd6bc59475bf2df6f0c76825ee6bbf
 2023-11-18 02:01:53 +00:00
Android Build Coastguard Worker
459c086d08 Snap for 11117647 from b4cd7bf619 to 24Q1-release 
Change-Id: Ifaa7d2f273f47498990e3d07202feed595819cdc
 2023-11-18 02:01:52 +00:00
Kyle Tso
7411947a02 dontaudit on dir search for vendor_votable_debugfs 
Bug: 305880925
Bug: 309379994
Change-Id: I7317bdb4ec80eb73a57cbb924d3132579e0b4f98
Signed-off-by: Kyle Tso <kyletso@google.com>
 2023-11-17 05:22:09 +00:00
Android Build Coastguard Worker
fb3ab9da92 Snap for 11104212 from a99d48c10e to 24Q1-release 
Change-Id: I7f5fb7fe5dc8e0cd89f66e3ee871e37527d61d60
 2023-11-16 00:02:37 +00:00
Android Build Coastguard Worker
042a2ba4e1 Snap for 11097608 from b204558a73 to 24Q1-release 
Change-Id: I1a5ff1342489c49bc9fa44497cbe6f5befbce4c7
 2023-11-15 00:02:21 +00:00
Android Build Coastguard Worker
fc19078949 Snap for 11089623 from 6d978bc632 to 24Q1-release 
Change-Id: Iaa8cf2d845e099f33be3ee61a4b1c4de1641cf9f
 2023-11-14 00:02:00 +00:00
Android Build Coastguard Worker
49c9e763ac Snap for 11084970 from bc4af7cd50 to 24Q1-release 
Change-Id: Ic12a6f3dcc9a8e3841759241770ecee7c80f591d
 2023-11-11 02:02:22 +00:00
Daniel Norman
b204558a73 Removes duplicate hidraw_device type definition. 
This type is now defined by the platform.

Bug: 303522222
Change-Id: Ia2f817ce99548c30f39a5164c8f6ec323db66155
Test: ls -z /dev/hidraw0
 2023-11-10 22:52:26 +00:00
Android Build Coastguard Worker
93e116bcd0 Snap for 11078623 from 757c5f81ee to 24Q1-release 
Change-Id: I96774bdbb2c3ea090e6dc3be1f5efda70a227c14
 2023-11-10 00:02:03 +00:00
Android Build Coastguard Worker
4cb02c1748 Snap for 11071763 from 551b83f7c5 to 24Q1-release 
Change-Id: I90ed2224785d3d0455c36c10eb9ba8455b2e686b
 2023-11-09 00:02:05 +00:00
Android Build Coastguard Worker
08554b5003 Snap for 11071763 from b438a64948 to 24Q1-release 
Change-Id: I55d8cc0be77a8ac98a3b1ea6dbe6c7b60df3838f
 2023-11-09 00:02:04 +00:00
Mike Wang
551b83f7c5 Change the MDS to platform app in selinux ap context. 
The MDS will be signed with platform key and become a platform app. To
make the selinux rules for modem_diagnostic_app work, need to set it to
platform app in app context.

Bug: 287683516

Test: Tested with both dev key or platform key signed MDS apps and the selinux rules works.
Change-Id: Ia0dacafc5e096c101e115b7356d8490391cb6bbd
 2023-11-08 05:23:35 +00:00
Android Build Coastguard Worker
be552bc1f9 Snap for 11065517 from e22b188d9d to 24Q1-release 
Change-Id: Ic7ce5376a8200d34a45f632f3cecada6b3215546
 2023-11-08 00:03:45 +00:00
Michael Bestas
2b69ac69aa Merge tag 'android-14.0.0_r14' into staging/lineage-21_merge-android-14.0.0_r14 
Android 14.0.0 release 14

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZUmd6wAKCRDorT+BmrEO
# eOY5AJ9bnJM1agZfCbQJIodkjxyuLLgwPwCfRHjtKbZq9zXf4y1sivqyrNE/png=
# =FgnN
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Nov  7 04:16:11 2023 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2046 signatures in the past
#      2 years.  Encrypted 4 messages in the past 22 months.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Paul Lawrence
# Via Android Build Coastguard Worker
* tag 'android-14.0.0_r14':
  Run fsck to resolve possible data corruption
  Run fsck to resolve possible data corruption

Change-Id: I47b25d94a257bee552401c3d11f6a5123b93740e
 2023-11-08 01:29:00 +02:00
Rick Chen
e22b188d9d sensors: Move USF related sepolicy to gs-common. 
Bug: 305120274
Test: Compile pass. Flash the build to WHI_PRO devices and no sensor
      related avc denied log.
Change-Id: I48d959d439565e9c31ce83812bf29b6d8025c35b
Signed-off-by: Rick Chen <rickctchen@google.com>
 2023-11-07 06:49:05 +00:00
Android Build Coastguard Worker
76c58826c5 Snap for 11059422 from d50939ab22 to 24Q1-release 
Change-Id: Ib15b8aff4d1ad35aed22b1af85d996c8738838b4
 2023-11-07 02:02:27 +00:00
Wilson Sung
d50939ab22 Update SELinux error 
Test: scanBugreport
Bug: 309379465
Bug: 309379994
Test: scanAvcDeniedLogRightAfterReboot
Bug: 309379994
Change-Id: I45a01648f4c412b99e3fdcb70008e21c5d99fef3
 2023-11-06 08:01:29 +00:00
Mike Wang
ac39f865e1 Add selinux policy change to allow MDS access Samsung OemRil hal. 
Bug: 301641283

selinux log:
11-03 15:32:38.850  2643  2643 I auditd  : type=1400 audit(0.0:1616): avc:  denied  { call } for  comm="binder:2643_3" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.850  2643  2643 I binder:2643_3: type=1400 audit(0.0:1616): avc:  denied  { call } for  scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.854  2643  2643 I auditd  : type=1400 audit(0.0:1617): avc:  denied  { transfer } for  comm="binder:2643_3" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.854  2643  2643 I binder:2643_3: type=1400 audit(0.0:1617): avc:  denied  { transfer } for  scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.854  1095  1095 I auditd  : type=1400 audit(0.0:1618): avc:  denied  { call } for  comm="HwBinder:1095_1" scontext=u:r:rild:s0 tcontext=u:r:modem_diagnostic_app:s0:c512,c768 tclass=binder permissive=1
11-03 15:32:38.854  1095  1095 I HwBinder:1095_1: type=1400 audit(0.0:1618): avc:  denied  { call } for  scontext=u:r:rild:s0 tcontext=u:r:modem_diagnostic_app:s0:c512,c768 tclass=binder permissive=1

Change-Id: I62986e4bb0a4ed04616f8f3a8521f01934e63d74
 2023-11-06 02:30:52 +00:00
Android Build Coastguard Worker
de1d64a8cb Snap for 11051137 from 4f1d96210d to 24Q1-release 
Change-Id: I9253dd57bc75c6fe82505df3a2cc199eb50fb64d
 2023-11-04 03:02:15 +00:00
JimiChen
4f1d96210d Update SELinux policies for rlsservice 
1. Move rls_service context from vndservice_contexts to
   service_contexts.
2. Allow binder calls from rlsservice to servicemanager
3. Change rls_service type from vndservice_manager_type to
   service_manager_type.

Bug: 301520085
Test: GCA
Change-Id: Ief845b5691487f48d570c531de1ea99945087e42
 2023-11-03 03:33:52 +00:00
Android Build Coastguard Worker
6fda956127 Snap for 11044623 from 5187b301cb to 24Q1-release 
Change-Id: Ifebfae1c2e4fc7c3890567e3292f2bcc7a2f32b5
 2023-11-03 01:02:54 +00:00
Android Build Coastguard Worker
3c4b405c8f Snap for 11038355 from 2f628f5fd2 to 24Q1-release 
Change-Id: I53b44b93b964e7a3cd17e2c8586e1fce90035e33
 2023-11-02 01:02:41 +00:00
Android Build Coastguard Worker
aafe6e214c Snap for 11031655 from 435e0aafa8 to 24Q1-release 
Change-Id: I31a5f891830e6f4f3cacd70663ec19950ad648ac
 2023-11-01 01:02:37 +00:00
Android Build Coastguard Worker
c408e48566 Snap for 11031655 from 6c78c45aae to 24Q1-release 
Change-Id: Ic7b1948d74c39044156c52c8bb95805e099a00d5
 2023-11-01 01:02:36 +00:00
George Lee
435e0aafa8 pixelstats: Add Brownout Detection sepolicy 
Bug: 307392882
Test: Confirm lastmeal data upload
Change-Id: I9f7386c6c813c2790dcba1c79ce80531b6819b65
Signed-off-by: George Lee <geolee@google.com>
 2023-10-31 04:10:23 +00:00
Android Build Coastguard Worker
bdf73c5b4f Snap for 11025555 from 037d5cccf3 to 24Q1-release 
Change-Id: I6116d86767693bccb6364bc0c97abdb8dca09169
 2023-10-31 01:02:14 +00:00
Wilson Sung
037d5cccf3 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 307863370
Change-Id: I6efdf65cee3cb3c13fbf091659a7afaf01222d55
 2023-10-30 03:37:45 +00:00
Android Build Coastguard Worker
a19b52d31c Snap for 11020550 from 39337da9be to 24Q1-release 
Change-Id: I6e4f52aa3a81ec66f0a98b6b8a05b4804f61cca9
 2023-10-29 23:02:37 +00:00
Michael Bestas
4eb01fc6ed Add lineage.dependencies 
Change-Id: I69ea95e240cca3f3b700ae68a4853e5a4d4fd5bc
 2023-10-29 23:23:11 +02:00
Michael Bestas
f518943284 Build kernel with clang r450784e 
Pixel 5.10 kernel doesn't compile with r487747c and we don't want to
bother fixing all the new errors in kernel source and modules.

Change-Id: I4495c751e0fd7707fe5068416a04eed96948b954
 2023-10-29 23:23:11 +02:00
Michael Bestas
af5951eef5 gs201: Inline kernel building 
Change-Id: I5cdfc16b5537541b0eb930d7dc02860994d89619
 2023-10-29 23:23:11 +02:00
Rashed Abdel-Tawab
8dc092ae68 gs201: Build a disabled vbmeta image 
Squashed with:
Author: Nolen Johnson <johnsonnolen@gmail.com>
Date:   Sun May 9 16:04:34 2021 -0400

    Simplify AVB flag logic

    * AVB's `--flags 3` argument builds a disabled VBMeta with
      disabled hashtree, so no need to set both flags individually.

    Change-Id: Ibe9ee322a5af58f13e76d53e18dee49451fe8838

Change-Id: Ie8f1e0929b037b35b5e45c2e31be9253fa0bb097
 2023-10-29 23:23:11 +02:00
Neel Chauhan
cdff2a709f Revert "Enable compressed snapshots/VABc." 
Virtual AB compression prevents GApps from being installed to
cheetah/panther.

This reverts commit 2bfa6d3ba01856d99c6ffdb64627c6e9391c4a41.

Change-Id: I119b8e042e4cdeec27a19ab5dd4f0666cc115ae1
 2023-10-29 23:23:10 +02:00
Michael Bestas
3243b526d7 gs201: Build Lineage Health HAL 
Change-Id: I70cc903a03ac9fa3303bb8fa039c9de4806449bf
 2023-10-29 23:23:10 +02:00
Alessandro Astone
bb8bd4334a Build pixel touch HAL 
Change-Id: I45cff81e1159613094440dd7b2b73b53519c9de6
 2023-10-29 23:23:10 +02:00
LuK1337
6eebc19c3e gs201: don't inherit aosp_product.mk 
This includes some unnecessary telephony bits and overrides.

Change-Id: Id75d9fd584a9981e756bb65a668ed526b4d1cd05
 2023-10-29 23:23:10 +02:00
LuK1337
6345542a06 gs201: add 'tablet' to product characteristics when needed 
Change-Id: I20105565a1b313fe6ff8499b49d3691f776f9267
 2023-10-29 23:23:10 +02:00
LuK1337
437b2a63af gs201: don't explicitly build messaging 
It's included via aosp_base_telephony.mk.

Change-Id: Ic260cc12fb63cf804fab1f842fad7d68b622785d
 2023-10-29 23:23:10 +02:00
Michael Bestas
adce9b34d8 gs201: exclude telephony components if BOARD_WITHOUT_RADIO 
Change-Id: I0298d04c1ca814417aef275d3f6a144101d2f7a6
 2023-10-29 23:23:10 +02:00
Michael Bestas
d5786a0cb2 Include missing vendor sepolicy 
Change-Id: Id35fb4b22e2ee8dfafdfb8ae601ab823435d2b94
 2023-10-29 23:23:09 +02:00
Michael Bestas
7d26e0a490 Label vendor.dolby.media.c2@1.0-service 
Change-Id: I89fb4c149aed94cf2f7c3d34f7fde5877175b1e2
 2023-10-29 23:23:09 +02:00
Chirayu Desai
0cb6c743d7 Allow radio access to IOemSlsiRadioExternal 
Change-Id: Ib5d57b199b3e8288cd3de0c12898f0c1d679be4a
 2023-10-29 23:23:09 +02:00
Danny Lin
153c5687e9 Update seapp certificates to match stock presigned apps 
Certificates extracted from stock vendor_mac_permissions.xml using
adevtool: https://github.com/kdrag0n/adevtool

Change-Id: Iaf59f1548905d16fe7ad231c039ba43941c15710
 2023-10-29 23:23:09 +02:00
Alessandro Astone
c05185e38d Fix public key for EuiccSupportPixel sepolicy domain 
Change-Id: I00f7a9a2b0f41d08af3262b0efd625dd2b6e1c9f
 2023-10-29 23:23:09 +02:00
ReallySnow
3e9152ff93 Add AiAi allowlist 
* In Android 12, Android System Intelligence (com.google.android.as) uses
  some of the Private Compute Service (com.google.android.as.oss) services.
  The absence of these Allowlists will cause Android System Intelligence
  to fail to connect to the network and cause collapse.
* We don't need to extract google.xml to fix it, just extract the AiAi part

Change-Id: I446ae5d243cff134901094f82c90a0bbf3bb4381
 2023-10-29 23:23:09 +02:00
Danny Lin
d485885130 Squashed import of AiAi configs 
Co-authored-by: Alessandro Astone <ales.astone@gmail.com>
Co-authored-by: Michael Bestas <mkbestas@lineageos.org>
Change-Id: I78bd7d04cbd0b35f6a8c01df3a8c1013d99bbf42
 2023-10-29 23:23:09 +02:00
razorloves
339bf187d0 Hide user facing crash dialog for EUICC app 
The GoogleParts app disables the EUICC app when there's no GMS, but it
doesn't happen quick enough. The crash dialog pops up a few times right
after initial boot up. There's no need to alarm the user, so hide it.

Change-Id: Ia06b336b30a8886bae522c6e8a76a1ca15da5edd
 2023-10-29 23:22:29 +02:00
Peter Cai
0a92be0e28 Disable Euicc when GMS and GSF are not installed 
* This avoids EuiccGoogle / GoogleCarrierServices crashing, taking the
  whole telephony stack with them when no GMS or GSF is installed.
* Compared to change 274251, this approach is no-op when GAPPS add-on is
  flashed before the first boot, and thus should not cause issues with
  eSIM when GAPPS is flashed.
* With microG, this also works after installing the microG GMS & GSF
  packages and rebooting, although manual activation of the eSIM is
  needed via Settings - Network.
* The only downside is that users will still see one or two crashes
  during the first boot because our application only starts after the
  device is booted.

Change-Id: I4a11c93e855978abbf8d84fdbe4ffc8b2aedc27c
 2023-10-29 23:22:29 +02:00
Android Build Coastguard Worker
0416a1f301 Snap for 11017726 from 042122f0dd to 24Q1-release 
Change-Id: I5b24bf34dd2ad74e7bd5f8e1e3bfa74e1be24f84
 2023-10-28 03:11:52 +00:00
Android Build Coastguard Worker
d3a2b06623 Snap for 11012804 from c0b7446f14 to 24Q1-release 
Change-Id: I9a0e8a6ee5693e22d18fc6ac4922d31ee8fc9aca
 2023-10-27 03:19:00 +00:00
Android Build Coastguard Worker
19a776f316 Merge cherrypicks of ['googleplex-android-review.googlesource.com/25159378'] into udc-release. 
Change-Id: I9e9b3d558723ffc483dc8b4048fcc96dc8e7851a
 2023-10-26 19:49:52 +00:00
Paul Lawrence
cd377bf81e Run fsck to resolve possible data corruption 
Trigger fsck on mount of /data if the value of ro.preventative_fsck is
not equal to the contents of /metadata/vold/preventative_fsck, then set
the file to the property to prevent future runs

See b/305658663 for context

Bug: 305658663
Test: Make sure fsck run after first boot and not after second
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e4a81c0e8f9f8d89f0e42e8fd7ec40cec6b887ed)
Merged-In: I1263d2d55fe22d994ae8c8654b1e75ad9e4ddafe
Change-Id: I1263d2d55fe22d994ae8c8654b1e75ad9e4ddafe
 2023-10-26 19:46:50 +00:00
Wilson Sung
042122f0dd Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 306344298
Test: scanBugreport
Bug: 307863753
Change-Id: I8da3045a59949d41992ac4240f63609f9cc49fa3
 2023-10-26 07:46:26 +00:00
Android Build Coastguard Worker
baaac3045c [coastguard skipped] Merge sparse cherrypicks from sparse-10873617-L38100000963723257 into udc-release. 
COASTGUARD_SKIP: I67e1be25496c637c78de986f57df1b951343bd71
COASTGUARD_SKIP: I1263d2d55fe22d994ae8c8654b1e75ad9e4ddafe

Change-Id: I11015a23c68c88d6299cf5d5091103f8e50a1cea
 2023-10-25 22:16:51 +00:00
Android Build Coastguard Worker
d35c6201a6 Merge cherrypicks of ['googleplex-android-review.googlesource.com/25159378'] into sparse-10873617-L38100000963723257. 
SPARSE_CHANGE: I1263d2d55fe22d994ae8c8654b1e75ad9e4ddafe

Change-Id: I67e1be25496c637c78de986f57df1b951343bd71
 2023-10-25 22:07:49 +00:00
Paul Lawrence
daff6b1e40 Run fsck to resolve possible data corruption 
Trigger fsck on mount of /data if the value of ro.preventative_fsck is
not equal to the contents of /metadata/vold/preventative_fsck, then set
the file to the property to prevent future runs

See b/305658663 for context

Bug: 305658663
Test: Make sure fsck run after first boot and not after second
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:48bae782fc3b798b8ea57335ec6c02431af5e1a8)
Merged-In: I1263d2d55fe22d994ae8c8654b1e75ad9e4ddafe
Change-Id: I1263d2d55fe22d994ae8c8654b1e75ad9e4ddafe
 2023-10-25 22:06:00 +00:00
Android Build Coastguard Worker
8015ca09b2 Snap for 10998418 from 8135bd2ba4 to 24Q1-release 
Change-Id: I3f40dfc5b8a525b2d148c23c2935f39030874286
 2023-10-25 01:05:34 +00:00
Android Build Coastguard Worker
e63881396f Snap for 10985023 from d7f1523b35 to 24Q1-release 
Change-Id: I1dfdfc0b89c35098e87596c6190e49a2bedd0c5a
 2023-10-21 03:05:24 +00:00
Android Build Coastguard Worker
4258b2b3f4 Snap for 10985023 from 000cf085d1 to 24Q1-release 
Change-Id: I1c99c23c8079f82fb2d5f4a496250026d223a9ad
 2023-10-21 03:05:23 +00:00
Android Build Coastguard Worker
362f8f84f1 Snap for 10975086 from c13cd03ccf to 24Q1-release 
Change-Id: I43e7283da056abb2490c814817235f96b47dcde8
 2023-10-20 03:10:27 +00:00
Xin Li
d7f1523b35 [automerger skipped] Merge 10952656 am: 540882642e -s ours am: aa82f2fdc0 -s ours 
am skip reason: Merged-In I804c55ffdefd1f70b4db10e9b62975f4b3da1863 with SHA-1 aa35403dfa is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/25089593

Change-Id: I61d5bc2c463eff5941acc513ee30e902c0a496b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-19 23:54:28 +00:00
Xin Li
aa82f2fdc0 [automerger skipped] Merge 10952656 am: 540882642e -s ours 
am skip reason: Merged-In I804c55ffdefd1f70b4db10e9b62975f4b3da1863 with SHA-1 aa35403dfa is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/25089593

Change-Id: I3c173b2f9efcd7abb5e3e0d4c1ec6a11335d4c0b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-19 18:47:43 +00:00
Android Build Coastguard Worker
028be53751 Snap for 10970117 from 5f50ee6ebb to 24Q1-release 
Change-Id: I50d355f1f09e3cbc5b0a23935b72f037297f2052
 2023-10-19 01:09:06 +00:00
Android Build Coastguard Worker
1e5f720709 Snap for 10970117 from 131a635fe9 to 24Q1-release 
Change-Id: Ie61741baf16ddc8f59aa272d8ce77fd883dd3458
 2023-10-19 01:09:05 +00:00
Michael Bestas
91ed6f8e24 Include missing ConnectivityThermalPowerManager sepolicy 
Change-Id: I1e0f05159a6797251ed85360966aa45246005bbd
 2023-10-18 16:52:00 +03:00
Danny Lin
19d9cc5749 Allow ConnectivityThermalPowerManager to request thermal mitigation 
ConnectivityThermalPowerManager mainly exists to manage thermal
mitigation.

Change-Id: I7d1ad7cb45a24697e444ac1f85ccfb507cb1ce49
 2023-10-18 16:52:00 +03:00
Danny Lin
1167b25995 Configure ConnectivityThermalPowerManager 
Extracted from stock RQ1A.201205.010 on redfin.

Change-Id: I71ad5adf9bf64bb1e30354446220d5769a9d44ca
 2023-10-18 16:52:00 +03:00
Danny Lin
8c462c722a Enable Adaptive Connectivity setting 
This feature is provided by the ConnectivityThermalPowerManager app that
we extract as a proprietary blob, so we can expose it.

Change-Id: I407e9e2235531fbca0b2c0e48b68105b1e77ad1f
 2023-10-18 16:52:00 +03:00
Michael Bestas
91248b74ac Remove quick_qs_{offset,total}_height overlays 
Commit 49895bb361e74ffe92a3c0b76f988c8e4697b5c1 in device/google/gs101
failed to remove these overlays. Since this tree was created from
device/google/gs101, this results in the following issue on pantah:
* Pull down status bar
* Try to adjust brightness, network settings open instead

This is caused by the 171px offset that causes the status bar
to overlap the brightness slider.

Test: Reliably adjust brightness, confirm with "Show layout bounds"
      from developer settings.
Change-Id: I1b97a28c257cb5b0faba830f29e9058d2dbe50fa
 2023-10-18 16:52:00 +03:00
Nolen Johnson
a8660a0cba Set camera extension package to Google package 
Change-Id: I519ebf8a1e2a9d06561471206c91c01b352ebd47
 2023-10-18 16:52:00 +03:00
LuK1337
244428a3c8 overlay: Add reboot to fastbootd 
Change-Id: I733b4d29129f85b92222e292af46602310b9f29f
 2023-10-18 16:51:59 +03:00
Michael Bestas
f1ad67a058 Set default screen brightness 
Extracted from stock.

Change-Id: I8a5e2c8717c145e66aaa0e926ceefc7e117b04c2
 2023-10-18 16:51:59 +03:00
razorloves
dcdbc2bcc3 Set auto brightness mode on by default 
* Stock sets this on by default, mirror that behavior.

Change-Id: I5cb8e3db27849ebd90459a6d70e053158c05bcc9
 2023-10-18 16:51:59 +03:00
Danny Baumann
9626d4364f Enable call recording 
Change-Id: I1b4478b330b13cf5d0fe1ed0d40f43e4b3825f33
 2023-10-18 16:51:59 +03:00
razorloves
516199c5e6 Set OPA property to enable google assistant 
Change-Id: I741171219d64a28d56531f063f95f3f6f6cf81e6
 2023-10-18 16:51:59 +03:00
razorloves
b3f30bf6a9 Use CarrierSettings app instead of CarrierConfig 
The CarrierSettings app enables/disables carrier apps based on sim
inserted, so use it instead of CarrierConfig.

Change-Id: I163dd615e9d8268c5f94a28ae234a30f74c7e83b
 2023-10-18 16:51:59 +03:00
Michael Bestas
d54cae16c8 Set config_nightDisplayColorTemperatureCoefficients 
Extracted from stock.

Change-Id: I5d69d01204b0dd86a7205eb3b16e02f97a7f3db2
 2023-10-18 16:51:59 +03:00
Danny Lin
2655187223 Enable USB and skin temperature warnings 
Extracted from stock.

Change-Id: I951f60579a4b7fa2dcc270b5acd433ad1ecb083c
 2023-10-18 16:51:58 +03:00
Dan Pasanen
009810fe8b enable config_vibrateOnIconAnimation 
* need those sexy vibes

Change-Id: If5671135879f6f4069d0ed881b41b0a243890349
(cherry picked from commit 5b829c486d89568ece0a2baafedfdf1b4ffbac06)
 2023-10-18 16:51:58 +03:00
Michael Bestas
0522c04a87 overlay: Update multiple vibration strength levels overlay for 13 
Change-Id: If17503f2dd4bd4d6e333891f9649a7db8d809852
 2023-10-18 16:51:58 +03:00
Danny Lin
0d5845cadf overlay: Settings: Enable multiple vibration strength levels 
All production GS201 devices have CS40L2x haptic driver ICs that support
multiple intensities, so expose the Off/Low/Medium/High vibration
strength options like stock.

Change-Id: I72645b5bd5772e182592a630df86f9b6166b4923
 2023-10-18 16:51:58 +03:00
mydongistiny
d37aac0531 Add back saturated color mode 
Change-Id: I183c2eabe7c3918fde6c37b0aa360ed7e94f6b61
 2023-10-18 16:51:58 +03:00
Danny Lin
58d15a721b Don't pin camera app in memory 
The default camera app can be *huge* in some cases, e.g. when the app in
question is Google Camera. The system will only pin up to the first 80
MiB of the APK file, as well as the first 80 MiB of its odex. There are
several problems with this:

  - We could easily end up with 160 MiB of camera app files pinned,
    which is a tall order with the 6 GiB of usable RAM that we have
  - The data that gets pinned may not even be the most critical data for
    launching the camera

Let's disable pinning of the camera app to save RAM.

Change-Id: I745e39b6ff212dfaf9213517d2a2be8ff7384e24
 2023-10-18 16:51:58 +03:00
Ethan Chen
7e2cd8f092 Disable userdebug diagnostics 
* We can't make use of most of the debug features on userdebug builds.

Change-Id: I31df2090b31243b742c4e82dc08cd8491dada54f
 2023-10-18 16:51:58 +03:00
Wilson Sung
5f50ee6ebb Move kernel avc error to bug_map 
Bug: 305880925
Test: SELinuxUncheckedDenialBootTest
Change-Id: Id153cd26801a6b3f635954515e0e8aead5b22f41
 2023-10-18 09:11:04 +00:00
Android Build Coastguard Worker
44c496c5e2 Snap for 10963245 from b289045b39 to 24Q1-release 
Change-Id: I774f947421f6c6e2890aa4822e84ab9886a43f1c
 2023-10-18 01:04:26 +00:00
Android Build Coastguard Worker
359f69ee08 Snap for 10963245 from cc794e617c to 24Q1-release 
Change-Id: I36775040f5620151ce19c9eec13c25e7402fcbb6
 2023-10-18 01:04:25 +00:00
Xin Li
540882642e Merge 10952656 
Merged-In: I804c55ffdefd1f70b4db10e9b62975f4b3da1863
Change-Id: Ibdee15c7d22ac725cb92de2565cdfc733dd202b2
 2023-10-17 10:06:30 -07:00
Wilson Sung
b289045b39 Supress kernel avc log before SELinux initialized 
Fix: 305600863
Bug: 305880925
Change-Id: I795c7cd3b1df318a9164d0e3ec15d2930ecd7e21
 2023-10-17 07:20:47 +00:00
Android Build Coastguard Worker
59c6073296 Snap for 10958510 from 151844f3ad to 24Q1-release 
Change-Id: Ia22e1ad6dbacc3b3589487bcac714d09f0268bf3
 2023-10-17 02:29:47 +00:00
Wilson Sung
151844f3ad Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 305601096
Bug: 305600808
Change-Id: I5552e22e252b257156891eab5fcea35faaef9485
 2023-10-16 05:58:23 +00:00
Android Build Coastguard Worker
c66b25abf4 Snap for 10950137 from 7b8a531469 to 24Q1-release 
Change-Id: I983e2f134c27ec8705f1ff07fef276d8f5a22cd5
 2023-10-14 05:04:22 +00:00
Android Build Coastguard Worker
35b8f1638c Snap for 10942032 from 66608337b7 to 24Q1-release 
Change-Id: I6c926146c7694dc8f5bdb258c96c05100e6ed887
 2023-10-13 03:09:34 +00:00
Chirayu Desai
5a322be262 Add device manifest for radio & keymint 
Change-Id: Ib6c4b28d33fb64cb05c715d86a96a829a498beac
 2023-10-12 16:27:29 +03:00
Chirayu Desai
dfcf0b1899 Build vbmeta_vendor 
Change-Id: I74c028a2e5ade8830526e95f8ec90b1a1da35afb
 2023-10-12 16:26:43 +03:00
Chirayu Desai
2a3a032362 Set BUILD_BROKEN_ELF_PREBUILT_PRODUCT_COPY_FILES = true 
Change-Id: I0eeaa3ba0f87e5fbe64234d413b5e4eee36957b0
 2023-10-12 16:26:38 +03:00
Chirayu Desai
2be347354c Build vendor 
Change-Id: I08dff42223ae54386a5ed050b51aa4a39e08bdb6
 2023-10-12 16:26:33 +03:00
Chirayu Desai
f10bef71b8 Build vendor_dlkm 
Change-Id: Ic2a0e4cdfdcc448a73bef41e0d2140e9d0aefcf0
 2023-10-12 16:26:30 +03:00
Chirayu Desai
a9e08f01d3 Allow building vendor image 
* We don't have access to these files, but we still want to
  build vendor images without errors

Change-Id: I4c09f7134b218b5fc10d180a6ef05015cad54f5d
 2023-10-12 16:26:25 +03:00
Danny Lin
d31839caf4 Build OpenCL NNAPI backend when blobs are present 
Change-Id: Ib2c5176e4c95ca5f32c2c181ec33376437d38dc5
 2023-10-12 16:26:12 +03:00
mydongistiny
376bea3228 Use Google's wifi_ext service 
* Use vendor.google.wifi_ext@1.0-service
  that is in the vendor partition instead
  of the AOSP WiFi service.

Change-Id: Ia0fff6ffc532cc6b5e41f8ac242d00e64627cee8
 2023-10-12 16:25:50 +03:00
Bruno Martins
c0e0850259 Pin standard SystemUI instead of Google's 
Change-Id: If96bb13d6cc2c2156d8df111a1037247c96c6e0f
(cherry picked from commit 043d76955467053dcf8f615f6637bdc66b667c0c)
 2023-10-12 16:25:29 +03:00
Chirayu Desai
ed9c9fa491 Create BoardConfigLineage 
Change-Id: I8136e9f0df40ca3bf96dbfd2453275481178cdaa
 2023-10-12 16:25:16 +03:00
Michael Bestas
61fb7857c5 Update sepolicy path 
Change-Id: I428e79c2c49f27a1245f21876b916aee513db06b
 2023-10-12 16:24:46 +03:00
Michael Bestas
b43c519a73 Add .gitupstream 
Change-Id: I79747ef989659c069386a6ed34a59bba2e8ea860
 2023-10-12 16:23:18 +03:00
Michael Bestas
c26d44d7b5 Add 'sepolicy/' from tag 'android-14.0.0_r1' 
git-subtree-dir: sepolicy
git-subtree-mainline: a61212cb07
git-subtree-split: e215ee0263
Change-Id: I0e9a57b8d151d69586815602262bc425a75dc6d2
 2023-10-12 16:16:16 +03:00
Android Build Coastguard Worker
92329e9f56 Snap for 10917888 from e4653947a9 to 24Q1-release 
Change-Id: If9c6f8990d383dde5de668761b9d1ea04831797a
 2023-10-07 23:03:52 +00:00
Android Build Coastguard Worker
5e3735dce7 Snap for 10917888 from 338aaa1572 to 24Q1-release 
Change-Id: I8d4955fc2b898f4fe01f0650cdb42cd99023b39d
 2023-10-07 23:03:51 +00:00
Android Build Coastguard Worker
d75b0a5247 Snap for 10915631 from 26abdf4ee2 to 24Q1-release 
Change-Id: Ia909185b38842c3400523cd141bec326683735cf
 2023-10-07 03:05:02 +00:00
Xin Li
e4653947a9 [automerger skipped] Merge Android 14 am: 736b3ae447 -s ours am: 97bad78aea -s ours am: 83c4f71a75 -s ours am: 8ba387f1dc -s ours am: aa35403dfa -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 02343c4ca2 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2776947

Change-Id: I8a1699f5f3fb9bbe1388d27a3fd890f6b66fe0ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-07 00:20:16 +00:00
Xin Li
aa35403dfa [automerger skipped] Merge Android 14 am: 736b3ae447 -s ours am: 97bad78aea -s ours am: 83c4f71a75 -s ours am: 8ba387f1dc -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 02343c4ca2 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2776947

Change-Id: I804c55ffdefd1f70b4db10e9b62975f4b3da1863
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-06 11:00:45 +00:00
Xin Li
8ba387f1dc [automerger skipped] Merge Android 14 am: 736b3ae447 -s ours am: 97bad78aea -s ours am: 83c4f71a75 -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 02343c4ca2 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2776947

Change-Id: Ic9271d1985a0e84c653afaf31841ba074366fd10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-06 09:50:55 +00:00
Xin Li
83c4f71a75 [automerger skipped] Merge Android 14 am: 736b3ae447 -s ours am: 97bad78aea -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 02343c4ca2 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2776947

Change-Id: If66eb1f9c653df235ff099673256c28b3fba1c88
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-06 08:59:20 +00:00
Xin Li
97bad78aea [automerger skipped] Merge Android 14 am: 736b3ae447 -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 02343c4ca2 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2776947

Change-Id: I507a4c09358065783d8744b17af7be46ebf64d09
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-06 07:52:15 +00:00
Android Build Coastguard Worker
da2d5774fe Snap for 10909147 from e0cc9659dd to 24Q1-release 
Change-Id: I4fe35d26f1242d1f5a4dd4e26501ff66def095fe
 2023-10-06 01:04:21 +00:00
Android Build Coastguard Worker
a308cb0408 Snap for 10909010 from b256bc86c0 to udc-qpr1-release 
Change-Id: Id2d5b00c79c52e5e04cf618d0ccda4ca6915de36
 2023-10-05 23:02:42 +00:00
Xin Li
736b3ae447 Merge Android 14 
Bug: 298295554
Merged-In: I00a1c45f05cc52a9ce93234921d0b759a3143f16
Change-Id: I219683f908540fffcba6a694409eb5f6d48a0f64
 2023-10-05 15:33:40 -07:00
Mike Wang
e0cc9659dd Grant the MDS access to the IPowerStats hal service. am: b256bc86c0 am: ea3e7e07b1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24887316

Change-Id: I41c7b162db1fab83ad1f5f549c8b9083e8443f7a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-05 17:11:46 +00:00
Mike Wang
ea3e7e07b1 Grant the MDS access to the IPowerStats hal service. am: b256bc86c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24887316

Change-Id: I6e51e56d42bb6143a58666112de9efac8a5d0c8f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-05 16:24:15 +00:00
Android Build Coastguard Worker
63a8590df3 Snap for 10903783 from d6af0eeb28 to 24Q1-release 
Change-Id: I4a46cb42816a86fa9c1ca077633f2c09b235e8b6
 2023-10-05 03:04:13 +00:00
Android Build Coastguard Worker
b22fd2b175 Snap for 10897809 from 99c4d0f276 to 24Q1-release 
Change-Id: I0e9938f40fe0bd3c5b30efc6748e0079165303f4
 2023-10-04 02:29:03 +00:00
Android Build Coastguard Worker
7689c0d4dc Snap for 10889587 from 6116a993a4 to 24Q1-release 
Change-Id: Ieec16723ba5c1c94f5bf6cfd73f7b494261fc381
 2023-10-03 03:04:13 +00:00
Android Build Coastguard Worker
7cd7d69d5c Snap for 10884074 from 076b774f9e to 24Q1-release 
Change-Id: I44d7a7b10dd4355e12d831a08f5b400e4fc6c729
 2023-09-30 03:04:12 +00:00
Android Build Coastguard Worker
2750ef5a33 Snap for 10878163 from 050b892544 to 24Q1-release 
Change-Id: I5d8399c919c1cfa88239ccca7cb44143df6035dc
 2023-09-29 01:03:56 +00:00
Mike Wang
b256bc86c0 Grant the MDS access to the IPowerStats hal service. 
ref logs:
09-06 10:07:18.006   536   536 I auditd  : avc:  denied  { find } for pid=22543 uid=10225 name=android.hardware.power.stats.IPowerStats/default scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:hal_power_stats_service:s0 tclass=service_manager permissive=1
09-06 10:07:18.010 22543 22543 I auditd  : type=1400 audit(0.0:65): avc:  denied  { call } for  comm="pool-4-thread-1" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=1 app=com.google.mds

Test: Tested with MDS app and the MDS can get IPowerStats binder and
call the interface.

Bug: 297250368
Change-Id: I54b6b93179987b9db23d5327711338553906134c
 2023-09-28 15:22:58 +00:00
Android Build Coastguard Worker
5fdbdcddf5 Snap for 10865348 from fc6c1c9837 to 24Q1-release 
Change-Id: I267e5fbacf8e4f3664b033ee6d19988dac55f62b
 2023-09-27 01:03:03 +00:00
Android Build Coastguard Worker
d1d763ba08 Snap for 10851067 from 537da0f60c to 24Q1-release 
Change-Id: I7af29e98f8eeb2c5cdb522bc37d3573b85fba7e9
 2023-09-23 03:02:55 +00:00
Android Build Coastguard Worker
451101a700 Snap for 10843824 from 764e677ff0 to 24Q1-release 
Change-Id: Ib5026f4b43ccb5dad3ade8f53cb038e376b6c06f
 2023-09-21 21:52:33 +00:00
Android Build Coastguard Worker
9fdff6ca39 Snap for 10843824 from 4156589ff6 to 24Q1-release 
Change-Id: Iba30556e893376b2be457cc55e7d2488310085f4
 2023-09-21 21:52:32 +00:00
Android Build Coastguard Worker
6238b240eb Snap for 10832001 from e39998954f to udc-qpr1-release 
Change-Id: I475420c1246e40647318a72cadbf72e7861608b5
 2023-09-19 23:03:02 +00:00
Leo Liou
764e677ff0 gs201: ufs_firmware_update: add scsi directory permission am: e39998954f am: fc3bc416f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24752203

Change-Id: I316f7ef124e388466caf94dddb161ae178ff7840
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-19 05:22:28 +00:00
Leo Liou
fc3bc416f2 gs201: ufs_firmware_update: add scsi directory permission am: e39998954f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24752203

Change-Id: Iad507da50c43cc68cf37a7733c3b4d432008d9a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-19 04:27:42 +00:00
Leo Liou
e39998954f gs201: ufs_firmware_update: add scsi directory permission 
Bug: 273305600
Test: run ufs ffu flow
Change-Id: I36715c1b3500da64863db4cbec08c037df74d3e6
Signed-off-by: Leo Liou <leoliou@google.com>
 2023-09-15 15:12:31 +08:00
Desmond Huang
8cec9e510e Relocate common tracking denial entries 
Bug: 299029620
Change-Id: I1db32cbefb531f48c5a45dcf0f564e89e1b5c4e7
 2023-09-14 06:30:14 +00:00
Desmond Huang
9b94fedda8 Remove obsolete entries 
Bug: 299029620
Change-Id: I12d75de143c76a338806938755d6e08767314aa6
 2023-09-14 06:30:14 +00:00
Woody Lin
98620c3b10 Add vendor_sjtag_lock_state_prop and init-check_ap_pd_auth-sh 
1. Add init-check_ap_pd_auth-sh for the vendor daemon script
   `/vendor/bin/init.check_ap_pd_auth.sh`.
2. Add policy for properties `ro.vendor.sjtag_{ap,gsa}_is_unlocked` for
   init, init-check_ap_pd_auth-sh and ssr_detector to access them.

SjtagService: type=1400 audit(0.0:1005): avc:  denied  { open } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1006): avc:  denied  { getattr } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1007): avc:  denied  { map } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1008): avc:  denied  { write } for  name="property_service" dev="tmpfs" ino=446 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
SjtagService: type=1400 audit(0.0:1009): avc:  denied  { connectto } for  path="/dev/socket/property_service" scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1

Bug: 298314432
Change-Id: Ib5dbcc50e266e33797626280504ea9e2cdc9f942
 2023-09-13 04:10:09 +00:00
Wilson Sung
28eafede39 [automerger skipped] Move uwb to system_ext am: 02343c4ca2 -s ours am: 5816c3ef40 -s ours am: e94124ff4f -s ours am: 9fe26fea11 -s ours am: 60dd68913e -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 93f3237f8a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2740413

Change-Id: I5664777c82aa53a18b3971ee6103bf65aec268cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-06 02:33:59 +00:00
Wilson Sung
60dd68913e [automerger skipped] Move uwb to system_ext am: 02343c4ca2 -s ours am: 5816c3ef40 -s ours am: e94124ff4f -s ours am: 9fe26fea11 -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 93f3237f8a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2740413

Change-Id: I1099ba12b190cedd65600c11c9e8e8e688946e23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-06 01:38:40 +00:00
Wilson Sung
9fe26fea11 [automerger skipped] Move uwb to system_ext am: 02343c4ca2 -s ours am: 5816c3ef40 -s ours am: e94124ff4f -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 93f3237f8a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2740413

Change-Id: I139c87346517a3dc83eead612cb5e323d6b69a58
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-06 01:03:30 +00:00
Wilson Sung
e94124ff4f [automerger skipped] Move uwb to system_ext am: 02343c4ca2 -s ours am: 5816c3ef40 -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 93f3237f8a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2740413

Change-Id: I8b2ae64f8ab308f2106e4f1e895f71577722df74
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-06 00:18:14 +00:00
Wilson Sung
46681ac384 Move uwb to system_ext am: 93f3237f8a am: 01996371c8 am: 1b3cee89b1 am: 17ebe78899 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24611215

Change-Id: I73577cdf624ba9fde6a45fef132a50beaf8cb413
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-06 00:15:58 +00:00
Wilson Sung
5816c3ef40 [automerger skipped] Move uwb to system_ext am: 02343c4ca2 -s ours 
am skip reason: Merged-In I00a1c45f05cc52a9ce93234921d0b759a3143f16 with SHA-1 93f3237f8a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2740413

Change-Id: Ibadd9409861b8f9be13ca0a29541732295ad655a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-05 23:26:40 +00:00
Wilson Sung
17ebe78899 Move uwb to system_ext am: 93f3237f8a am: 01996371c8 am: 1b3cee89b1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24611215

Change-Id: Icbfe98948cdd507c715cef727367197208bc8cc7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-05 23:19:21 +00:00
Wilson Sung
dffd68a4d0 Move uwb to system_ext am: 5e75eaa1a5 am: a7fd020e52 am: 212bd9a779 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24660422

Change-Id: Ia3e2fa23d7158e2e2bcd9647fe9c92ce032779fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-05 22:48:13 +00:00
Wilson Sung
1b3cee89b1 Move uwb to system_ext am: 93f3237f8a am: 01996371c8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24611215

Change-Id: I82f7ad32188476614af6e6a8a4a63be572c853a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-05 22:45:04 +00:00
Wilson Sung
01996371c8 Move uwb to system_ext am: 93f3237f8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24611215

Change-Id: If2818394361d060d6bcc40bc7a4513a45f992d69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-05 22:00:18 +00:00
Wilson Sung
212bd9a779 Move uwb to system_ext am: 5e75eaa1a5 am: a7fd020e52 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24660422

Change-Id: Ie0e020624f04ee835d414ff467ff937a6e7783bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-05 21:48:16 +00:00
Wilson Sung
a7fd020e52 Move uwb to system_ext am: 5e75eaa1a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24660422

Change-Id: Icf239b4a7ffa79cfe8b7db705e0cd0df279e0198
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-05 21:13:51 +00:00
Wilson Sung
02343c4ca2 Move uwb to system_ext 
Bug: 290766628
Test: boot-to-home
Merged-In: I00a1c45f05cc52a9ce93234921d0b759a3143f16
Change-Id: I00a1c45f05cc52a9ce93234921d0b759a3143f16
 2023-09-05 20:55:59 +00:00
Wilson Sung
5e75eaa1a5 Move uwb to system_ext 
Bug: 290766628
Test: Boot-to-home, no uwb related avc error
Change-Id: I00a1c45f05cc52a9ce93234921d0b759a3143f16
 2023-09-05 20:43:35 +00:00
Wilson Sung
7627d8a7f8 Move uwb to system_ext 
Bug: 290766628
Test: Boot-to-home, no uwb related avc error
Change-Id: I00a1c45f05cc52a9ce93234921d0b759a3143f16
 2023-09-05 20:35:02 +00:00
Wilson Sung
93f3237f8a Move uwb to system_ext 
Bug: 290766628
Change-Id: I00a1c45f05cc52a9ce93234921d0b759a3143f16
 2023-09-05 20:19:02 +08:00
Wilson Sung
1dbc8f2685 [automerger skipped] Update SELinux error am: f4eada749f am: 9461aea1a2 am: 801570790f am: ea97df2725 -s ours 
am skip reason: Merged-In If623bee7f1050f814a2a3531bfa5de414fa32104 with SHA-1 1f1f647570 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24622013

Change-Id: Ibbd6f7dee4a7bc8580175883df7c3355905c96b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-04 14:07:51 +00:00
Wilson Sung
ea97df2725 Update SELinux error am: f4eada749f am: 9461aea1a2 am: 801570790f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24622013

Change-Id: I391939c276294a3508cc2b2ed4e02f4a17df74c6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-04 13:06:22 +00:00
Wilson Sung
801570790f Update SELinux error am: f4eada749f am: 9461aea1a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24622013

Change-Id: I7ed7f9368741a797f4cf11488437e821863a057c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-04 12:27:14 +00:00
Wilson Sung
9461aea1a2 Update SELinux error am: f4eada749f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24622013

Change-Id: I821697bec0b8b52adcb6215eb68ff5d2db2541c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-04 11:37:44 +00:00
Wilson Sung
f4eada749f Update SELinux error 
Bug: 290766628
Merged-In: If623bee7f1050f814a2a3531bfa5de414fa32104
Change-Id: I13d2fb464c80b0be2d6524a58b441fcd8eaaa830
 2023-09-04 07:45:14 +00:00
Xin Li
5ae96054a7 [automerger skipped] Merge Android U (ab/10368041) am: 70d0cf7ca5 -s ours am: 6e7ca6c43a -s ours am: 42bdbb4eee -s ours am: c11c70d45f -s ours 
am skip reason: Merged-In I899bc4150d6d32b0ede035c96487da50849b6256 with SHA-1 3ab8be18a5 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24181570

Change-Id: I84c3cf520f6b2faef5115bbe5b7e8a80e8c9863b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-29 20:38:10 +00:00
Xin Li
c11c70d45f [automerger skipped] Merge Android U (ab/10368041) am: 70d0cf7ca5 -s ours am: 6e7ca6c43a -s ours am: 42bdbb4eee -s ours 
am skip reason: Merged-In I899bc4150d6d32b0ede035c96487da50849b6256 with SHA-1 3ab8be18a5 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24181570

Change-Id: I6e0239c3d00792042c1a75214ecbfa32f95d8ddd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-29 01:11:05 +00:00
Xin Li
42bdbb4eee [automerger skipped] Merge Android U (ab/10368041) am: 70d0cf7ca5 -s ours am: 6e7ca6c43a -s ours 
am skip reason: Merged-In I899bc4150d6d32b0ede035c96487da50849b6256 with SHA-1 3ab8be18a5 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24181570

Change-Id: I3ad2be39f493dabf7dc18615feeedbb87b8575c4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-29 00:35:21 +00:00
Xin Li
6e7ca6c43a [automerger skipped] Merge Android U (ab/10368041) am: 70d0cf7ca5 -s ours 
am skip reason: Merged-In I899bc4150d6d32b0ede035c96487da50849b6256 with SHA-1 3ab8be18a5 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24181570

Change-Id: I8c8b0810b4f857d2f21fec85cf184ab95de80427
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-28 23:59:22 +00:00
Renato Grottesi
1f1f647570 Cleanup unused ArmNN settings. 
Test: pre-submit
Bug: 294463729
Change-Id: If623bee7f1050f814a2a3531bfa5de414fa32104
 2023-08-18 04:31:43 +00:00
Xin Li
70d0cf7ca5 Merge Android U (ab/10368041) 
Bug: 291102124
Merged-In: I899bc4150d6d32b0ede035c96487da50849b6256
Change-Id: I2d7cb958d68b1b20b31921f04c77a5ff91aca8eb
 2023-08-15 00:04:03 -07:00
Inseob Kim
f7da749bf7 [automerger skipped] Move coredomain policies to system_ext/product am: 656f7b5aa1 am: c83b44626a -s ours am: a3707836b2 -s ours am: 5ddd880bb1 -s ours am: 25680a4b79 -s ours 
am skip reason: Merged-In If768b5cb9f3b4024893117d8e3bf49adb7c5b070 with SHA-1 da30985fa5 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2671075

Change-Id: I981896df569212bbb2fb0f1695c2caa73425f8f1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-11 06:47:06 +00:00
Inseob Kim
25680a4b79 [automerger skipped] Move coredomain policies to system_ext/product am: 656f7b5aa1 am: c83b44626a -s ours am: a3707836b2 -s ours am: 5ddd880bb1 -s ours 
am skip reason: Merged-In If768b5cb9f3b4024893117d8e3bf49adb7c5b070 with SHA-1 da30985fa5 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2671075

Change-Id: I78a2f50e6c14ceae77bfa29e179f8ab0e653da6b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-11 06:01:49 +00:00
Inseob Kim
5ddd880bb1 [automerger skipped] Move coredomain policies to system_ext/product am: 656f7b5aa1 am: c83b44626a -s ours am: a3707836b2 -s ours 
am skip reason: Merged-In If768b5cb9f3b4024893117d8e3bf49adb7c5b070 with SHA-1 da30985fa5 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2671075

Change-Id: I5386db73205854348d31612667b69c4b43f66270
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-11 05:20:02 +00:00
Inseob Kim
a3707836b2 [automerger skipped] Move coredomain policies to system_ext/product am: 656f7b5aa1 am: c83b44626a -s ours 
am skip reason: Merged-In If768b5cb9f3b4024893117d8e3bf49adb7c5b070 with SHA-1 da30985fa5 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2671075

Change-Id: Iaf6051e44cd3378c415db967aeed879a0a51a734
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-11 04:35:44 +00:00
Inseob Kim
c83b44626a Move coredomain policies to system_ext/product am: 656f7b5aa1 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2671075

Change-Id: I707df3267d51354e846376617b59943af6c04e30
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-11 03:49:14 +00:00
Inseob Kim
583ea25a56 [automerger skipped] Move coredomain policies to system_ext/product am: da30985fa5 am: 0827b82595 am: 0a40b3bb98 -s ours 
am skip reason: Merged-In If768b5cb9f3b4024893117d8e3bf49adb7c5b070 with SHA-1 62014f1726 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24354374

Change-Id: I0a3c44e27580bb82e74fcd8e7f8eac19d68b0c57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-09 08:17:52 +00:00
Inseob Kim
0a40b3bb98 Move coredomain policies to system_ext/product am: da30985fa5 am: 0827b82595 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24354374

Change-Id: I21a6ae897a80a8954639e15ebb16218a0e324350
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-09 07:35:43 +00:00
Inseob Kim
0827b82595 Move coredomain policies to system_ext/product am: da30985fa5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24354374

Change-Id: I527239025a4b81d9d989dcba6ba2c63d6840a683
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-09 06:50:56 +00:00
Inseob Kim
656f7b5aa1 Move coredomain policies to system_ext/product 
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: If768b5cb9f3b4024893117d8e3bf49adb7c5b070
Merged-In: If768b5cb9f3b4024893117d8e3bf49adb7c5b070
(cherry picked from commit da30985fa5)
 2023-08-09 15:06:04 +09:00
Inseob Kim
da30985fa5 Move coredomain policies to system_ext/product 
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: If768b5cb9f3b4024893117d8e3bf49adb7c5b070
Merged-In: If768b5cb9f3b4024893117d8e3bf49adb7c5b070
 2023-08-08 14:37:48 +00:00
Inseob Kim
62014f1726 Move coredomain policies to system_ext/product 
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: If768b5cb9f3b4024893117d8e3bf49adb7c5b070
 2023-08-08 21:33:28 +09:00
Roy Luo
36313e7bc9 Support monitoring USB sysfs attributes in USB HAL 
Grant access to USB sysfs attributes.

Bug: 285199434
Test: no audit log in logcat after command execution
Change-Id: Ida489f0f8788100795613de900fd06317087d9cc
 2023-08-04 17:25:06 +00:00
Ken Yang
e5bfccd0fd SELinux: fix sysfs_wlc avc denials 
Bug: 291541479
Change-Id: I94bed765b89ee538f77398ce432315c907ac1a9a
Signed-off-by: Ken Yang <yangken@google.com>
 2023-07-28 03:47:38 +00:00
Ken Yang
7cd663c2b3 SELinux: fix the wakeup avc denials am: 3054cb6eec am: f0c6f18d7d am: 89e7477c43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24192194

Change-Id: I92795e0179493e849c9cdd5eae502574b117404e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 04:23:37 +00:00
Ken Yang
89e7477c43 SELinux: fix the wakeup avc denials am: 3054cb6eec am: f0c6f18d7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24192194

Change-Id: I7888b49da09ad91b2d6b31d2c335841edd5a6514
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 03:13:07 +00:00
Ken Yang
f0c6f18d7d SELinux: fix the wakeup avc denials am: 3054cb6eec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24192194

Change-Id: Ia49778517e9c64e4b7539fa81ec4170cef01961c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-26 02:30:35 +00:00
Ken Yang
3054cb6eec SELinux: fix the wakeup avc denials 
Fix the wakeup avc denials in a more common place

Bug: 292076108
Change-Id: I52627f19cb0fec3dd0851d21d0608048ebc7d45d
Signed-off-by: Ken Yang <yangken@google.com>
 2023-07-25 13:12:32 +00:00
Android Build Coastguard Worker
b9dec4c10c Snap for 10527654 from 34bda7b2b8 to udc-qpr1-release 
Change-Id: I94467417311869427465f2c8f0eade8f41d73113
 2023-07-19 23:02:21 +00:00
Utku Utkan
27ce9336a3 Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" am: 34bda7b2b8 am: 2fb35adebd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24124266

Change-Id: I5b7b0b5af1b0eac9513897494da5201f4fea6332
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 19:58:34 +00:00
Utku Utkan
2fb35adebd Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" am: 34bda7b2b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24124266

Change-Id: I0675ba6da1fff3561ec1ab23711526657ccc3c93
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 18:49:47 +00:00
Utku Utkan
34bda7b2b8 Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Reason for revert: Relanding the original topic after copying the certificates under `device/google` for `without-vendor` branches

Reverted changes: /q/submissionid:24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Bug: 287069860
Test: m && flashall
Change-Id: I5326b61822d367beaff0ac97a34708d306c60007
 2023-07-18 20:37:28 -07:00
Inseob Kim
1dae17837d Revert "Introduce CameraServices seinfo tag for PixelCameraServices" am: c420cef154 am: 3539653f98 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24122569

Change-Id: I15231b5d87ef4c47bf2413c28b48974fda7f10c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 03:33:47 +00:00
Inseob Kim
3539653f98 Revert "Introduce CameraServices seinfo tag for PixelCameraServices" am: c420cef154 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24122569

Change-Id: I192d7d1ba78d7381d3dd122cacbdd7a37d16d67d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 02:50:45 +00:00
Inseob Kim
c420cef154 Revert "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24056607-pixel-camera-services-extensions-sepolicy

Reason for revert: build breakage on git_main-without-vendor

Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy

Change-Id: I9869874507230f59ac3b8cdc2538e4f223216b45
 2023-07-19 01:15:39 +00:00
Utku Utkan
c1f776c272 Introduce CameraServices seinfo tag for PixelCameraServices am: d45ff39442 am: 47f7d7ef72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24030396

Change-Id: Ie157ffc9d3d457df512c8c84eff1bd09634e627a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 22:35:37 +00:00
Utku Utkan
47f7d7ef72 Introduce CameraServices seinfo tag for PixelCameraServices am: d45ff39442 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24030396

Change-Id: I1ecfa136567806f140067eaed98766c6da66d2ee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 21:49:07 +00:00
Dinesh Yadav
b29cf7645a [Cleanup]: Move gxp sepolicies to gs-common for P22 
These policies are moved to gs-common as part of ag/24002524

Bug: 288368306
Change-Id: If7466983009021c642db998e1c30071ee548846e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-07-14 04:00:23 +00:00
Utku Utkan
d45ff39442 Introduce CameraServices seinfo tag for PixelCameraServices 
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I41b435ae0a34fe9c797b9316887c4b56091a26a5
 2023-07-13 09:11:06 -07:00
David Anderson
91768e10c9 Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 am: a7e9f0a873 am: 96009e517c am: d06d2415a5 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: I74bd7c4a44e03d77acbc8207a6c848b990f1afc8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 01:31:45 +00:00
David Anderson
d06d2415a5 Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 am: a7e9f0a873 am: 96009e517c 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: I1ccfdb2e8605b5cec757b8ad8d7be6fb414cb9c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 00:52:30 +00:00
David Anderson
96009e517c Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 am: a7e9f0a873 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: Ie086b1fb169292469ec153039beee50ae782276d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 00:07:32 +00:00
David Anderson
a7e9f0a873 Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: I29b1070280c3e88e976dab3c02b110786ca8f11b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-11 23:22:17 +00:00
David Anderson
a03ec9af21 Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: Id20a32d6a80e058caebf2047e59a1b5a3e519f43
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-11 22:41:44 +00:00
David Anderson
439827c49d Allow fastbootd to flash dtbo. am: e96a14a9d2 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: Ifc30a96202cbeb38896f3545502b582168dcf53e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-11 21:57:26 +00:00
David Anderson
e96a14a9d2 Allow fastbootd to flash dtbo. 
This line is copied from gs101-sepolicy, and fixes the following denial:

audit: type=1400 audit(1689093038.396:14): avc:  denied  { write } for  pid=409 comm="fastbootd" name="sda24" dev="tmpfs" ino=493 scontext=u:r:fastbootd:s0 tcontext=u:object_r:custom_ab_block_device:s0 tclass=blk_file permissive=0

Bug: N/A
Test: fastboot flashall in fastbootd
Change-Id: I765aedeb204cc862434a56a97f242640465f84b8
 2023-07-11 10:27:47 -07:00
Android Build Coastguard Worker
1edac295fa Snap for 10459084 from d02a8eef29 to udc-qpr1-release 
Change-Id: I8b25e5b69ccaae5bc9fbe6225ff9d59bfbfe6a2e
 2023-07-08 01:06:47 +00:00
Samuel Huang
77de7a48b1 Revert "Revert "Create telephony.ril.silent_reset system_ext pro..." am: d02a8eef29 am: e4b6e55e35 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23841769

Change-Id: I07665711913e1cddd8d8e2968bfa340f8d77f232
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-07 03:10:44 +00:00
Samuel Huang
e4b6e55e35 Revert "Revert "Create telephony.ril.silent_reset system_ext pro..." am: d02a8eef29 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23841769

Change-Id: I09f53d8147f813aaaeea55b57d1cfb97b0dd0001
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-07 02:32:58 +00:00
Samuel Huang
d02a8eef29 Revert "Revert "Create telephony.ril.silent_reset system_ext pro..." 
Revert submission 23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Reason for revert: The root cause is missing property definition in gs101-sepolicy. This CL can be merged safely. Verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L48900000961646046

Reverted changes: /q/submissionid:23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Bug: 286476107
Change-Id: Ia80e4400ff555a637c42193cab3e3acf72bc36a2
 2023-07-07 01:45:23 +00:00
Android Build Coastguard Worker
84c2320c5c Snap for 10439448 from 41ed8e83ea to udc-qpr1-release 
Change-Id: I2974d96bc790040bee03893138a30bbe4a83d389
 2023-07-05 23:02:24 +00:00
Sebastian Pickl
91585993ad Revert "Allow bthal to access vendor bluetooth folder" am: 41ed8e83ea am: d3ef7a804c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23874549

Change-Id: I67ec25d1297413c4504f6830f766d086585667e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 12:43:27 +00:00
Sebastian Pickl
d3ef7a804c Revert "Allow bthal to access vendor bluetooth folder" am: 41ed8e83ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23874549

Change-Id: Ib4ecdceb5d125c05bce9a6c9edc4b24cbc53a8c0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 12:02:20 +00:00
Sebastian Pickl
41ed8e83ea Revert "Allow bthal to access vendor bluetooth folder" 
Revert submission 23844270-P22-vendor-log-udc-qpr

Reason for revert: causes selinux tests to fail b/289989584

go/abtd: https://android-build.googleplex.com/builds/abtd/run/L37600000961782595

Bug:289989584

Reverted changes: /q/submissionid:23844270-P22-vendor-log-udc-qpr

Change-Id: I4e9ccf17050702a6405c549340e7fe97eba0eb65
 2023-07-05 10:11:12 +00:00
Patty Huang
8bece71dbe Allow bthal to access vendor bluetooth folder am: 1a52c8b952 am: 3e1348f4fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23854004

Change-Id: I2349fab8fc749e60ce6c2425ea4af9a4f9cbca6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 07:49:36 +00:00
Patty Huang
3e1348f4fc Allow bthal to access vendor bluetooth folder am: 1a52c8b952 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23854004

Change-Id: I0d9ef1e480423715137fcbf7b9651753a9c8fa24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 07:07:56 +00:00
Patty Huang
1a52c8b952 Allow bthal to access vendor bluetooth folder 
Bug:289055382
Test: enable vendor debug log and check the vendor snoop log contain the
vendor log

Change-Id: I89164330998d7fbea45dab65931c2a3db22a4c92
 2023-06-30 11:55:35 +08:00
DesmondH
3219a0a19f Remove obsolete entries 
Fix: 274727778
Change-Id: I1334cd68043d6ef8c36a42fb47d888f9b061bfb4
 2023-06-28 05:28:11 +00:00
Android Build Coastguard Worker
3f43c40d88 Snap for 10393214 from 4d0eeef36f to udc-qpr1-release 
Change-Id: I87a838ea40924b83d6f6f64cae31f45a00e8df8f
 2023-06-27 23:02:15 +00:00
Sebastian Pickl
706b9b4328 Revert "Create telephony.ril.silent_reset system_ext property fo..." am: 4d0eeef36f am: b617ab420a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23817869

Change-Id: I3c55e93124e9fb9b86ee4a9eeebf524d3b6e309a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 12:03:39 +00:00
Sebastian Pickl
b617ab420a Revert "Create telephony.ril.silent_reset system_ext property fo..." am: 4d0eeef36f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23817869

Change-Id: I032ae4c04d68265389f8575378bc9364af6f897b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 11:16:33 +00:00
Sebastian Pickl
4d0eeef36f Revert "Create telephony.ril.silent_reset system_ext property fo..." 
Revert submission 23736941-tpsr-ril-property

Reason for revert: culprit for b/289014054 verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L54800000961620143

Bug: 289014054

Reverted changes: /q/submissionid:23736941-tpsr-ril-property

Change-Id: I4fa5b2803392e0db03bb622392f3d4afab6a45ea
 2023-06-27 10:05:45 +00:00
Xin Li
d16b5fbdf9 [automerger skipped] Merge Android 13 QPR3 am: aaef0b7773 -s ours am: 7e4592c70a -s ours am: dc4a87253c -s ours am: c9d5097e56 -s ours am: 645f996b23 -s ours am: 041513071c -s ours 
am skip reason: Merged-In Idc925c7a1f1111840a64664aa50c39442c3a0f8f with SHA-1 307e2c2fc8 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2635310

Change-Id: I1ac1cb0f39b271cea2fbd871da4806295fab199e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 08:05:58 +00:00
Xin Li
041513071c [automerger skipped] Merge Android 13 QPR3 am: aaef0b7773 -s ours am: 7e4592c70a -s ours am: dc4a87253c -s ours am: c9d5097e56 -s ours am: 645f996b23 -s ours 
am skip reason: Merged-In Idc925c7a1f1111840a64664aa50c39442c3a0f8f with SHA-1 307e2c2fc8 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2635310

Change-Id: I79e95a7ffa397de68457910bd23b1117806e018c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 07:25:45 +00:00
Samuel Huang
4ad090fbed Create telephony.ril.silent_reset system_ext property for RILD restart am: 513fa361c8 am: 5e8765956e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23748040

Change-Id: I07a7f558bb96efb5fa164db6a2041883853cb948
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 03:55:53 +00:00
Samuel Huang
5e8765956e Create telephony.ril.silent_reset system_ext property for RILD restart am: 513fa361c8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23748040

Change-Id: I543184268827663ee5bbd96299a3e5d109f6807d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 03:07:56 +00:00
Xin Li
645f996b23 [automerger skipped] Merge Android 13 QPR3 am: aaef0b7773 -s ours am: 7e4592c70a -s ours am: dc4a87253c -s ours am: c9d5097e56 -s ours 
am skip reason: Merged-In Idc925c7a1f1111840a64664aa50c39442c3a0f8f with SHA-1 307e2c2fc8 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2635310

Change-Id: I702a5374d5ddff6d17ae5f49e79654ab7d85ab81
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 01:14:07 +00:00
Xin Li
c9d5097e56 [automerger skipped] Merge Android 13 QPR3 am: aaef0b7773 -s ours am: 7e4592c70a -s ours am: dc4a87253c -s ours 
am skip reason: Merged-In Idc925c7a1f1111840a64664aa50c39442c3a0f8f with SHA-1 307e2c2fc8 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2635310

Change-Id: I903de348dca44cf893578b33b13743269685a480
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 00:32:37 +00:00
Xin Li
dc4a87253c [automerger skipped] Merge Android 13 QPR3 am: aaef0b7773 -s ours am: 7e4592c70a -s ours 
am skip reason: Merged-In Idc925c7a1f1111840a64664aa50c39442c3a0f8f with SHA-1 307e2c2fc8 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2635310

Change-Id: I07063c3d9cf1418132ec611701713baa7b783f59
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-26 23:10:28 +00:00
Xin Li
7e4592c70a [automerger skipped] Merge Android 13 QPR3 am: aaef0b7773 -s ours 
am skip reason: Merged-In Idc925c7a1f1111840a64664aa50c39442c3a0f8f with SHA-1 307e2c2fc8 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2635310

Change-Id: I27e4864161d3db815ad9cedad4da2af6ee082826
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-26 22:57:43 +00:00
Xin Li
aaef0b7773 Merge Android 13 QPR3 
Bug: 275386652
Merged-In: Idc925c7a1f1111840a64664aa50c39442c3a0f8f
Change-Id: I2f0a022715577d395a6d9d2c8ec6b9a7f37fe509
 2023-06-21 15:14:53 -07:00
Samuel Huang
513fa361c8 Create telephony.ril.silent_reset system_ext property for RILD restart 
RILD listens for changes to this property. If the value changes to 1, RILD will restart itself and set this property back to 0.

The TelephonyGoogle app will set this property to 1 when it receives a request from the SCONE app. Since TelephonyGoogle runs in the com.android.phone process, we also need to give the radio domain permission to set the telephony.ril.silent_reset property.

Bug: 286476107
Test: manual
Change-Id: I689e75f4ebf3f44915bd7f795755f297935e7946
 2023-06-21 06:34:45 +00:00
DesmondH
a66e949591 Remove fixed or obsolete entries 
Bug: 227121550
Bug: 237491813
Change-Id: I6e3ca53d92ae0a1db1565feb7e70d72b57f697e1
 2023-06-15 04:14:11 +00:00
changyan
c3c3f7fd0c Fix avc denied for cat_engine_service_app 
Test: SELinuxUncheckedDenialBootTest
Bug: 282626814
Change-Id: I742e2b20bff09812d2a3ae07903b29e8eae45915
 2023-06-15 03:31:36 +00:00
changyan
61abd02cd3 Updating sepolicy for dump_modem to read /dev/logbuffer_cpif. This is 
required as part of bugreport.

Test: Pts SELinuxTest#scanBugreport
Bug: 277300226
Fix: 282626702
Change-Id: I129116ab78ec89da1529e33be1cfd403715889af
 2023-06-14 07:58:46 +00:00
Jenny Ho
8b8342d351 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 6067855d5c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Id4ace18bf58015a16a9d2853e9a6e4454b9bf133
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 10:36:57 +00:00
Donnie Pollitz
ea402405b9 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: b30363a096 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I42cae3d9674713d499c3ab62932f6385a0901df3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 07:13:16 +00:00
sashwinbalaji
df1869708b thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 29900c796a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I43475c66886b75f839a66b4c4bdbec3fc6ef9bdf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 04:46:45 +00:00
Jin Jeong
2ef7f3800c Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: c281730f15 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: Ifed88b292601d6e7bf3d7457d2f1e1ca1b345b9c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 04:43:38 +00:00
Jin Jeong
94e0acb7e7 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: a5149fb731 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I2ed7e1ef04acf8cbf3b5355ad2f662ff22dd40e8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 04:43:32 +00:00
Anthony Zhang
c68578d4e0 [automerger skipped] [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: d2a2b8c339 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: If408ce422d46065337412bc6d79244107f94f459
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 04:37:06 +00:00
Luis Delgado de Mendoza Garcia
230b6b1e95 [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 7ac088bb18 -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 3992c42501 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: Icc50942ccf66eb0c242c977c020aca137f53f75b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-09 04:36:56 +00:00
DesmondH
1714d4f6f3 Remove obsolete entries 
Bug: 227121550
Bug: 275645892
Bug: 276385494
Bug: 278639040
Fix: 282096141
Fix: 229209076
Fix: 205904328
Fix: 208721505
Fix: 205656950
Change-Id: I9b8a178ff7ef17f050183159d8fae286a6666056
 2023-06-05 02:31:18 +00:00
Android Build Coastguard Worker
1c85bdd4f8 Snap for 10233403 from d1c4337008 to udc-qpr1-release 
Change-Id: Ib5a26e6ab4b648e43aeb047de53c3177b04b8f5b
 2023-06-01 02:36:38 +00:00
Android Build Coastguard Worker
e215ee0263 Snap for 10233678 from ee160b5880 to udc-release 
Change-Id: I063204532a103bf4a34669332eac8218dc97d0d7
 2023-05-31 23:02:51 +00:00
Jenny Ho
a2ab714514 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34ee73b7f2 am: d1c4337008 am: d835c2acb6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I12df7c8897b35c3a6bdeb0cbe438c495c4b132a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:17:02 +00:00
Jenny Ho
9a0e90a655 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 3ab8be18a5 am: abb6cc1a80 am: a3ee75181b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Ifc2d4b39dc69e435da6cc8e867e35a00d7cfbc95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:13:50 +00:00
Jenny Ho
569870cbb7 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34ee73b7f2 am: eef3026fd5 am: 57349ee2c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Ia1a17b150d01c5ad288e7959e6933c24383f7aad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:13:37 +00:00
Jenny Ho
d835c2acb6 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34ee73b7f2 am: d1c4337008 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: If3011680a0b76f01d2e9226969d822425ede5d23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 03:23:27 +00:00
Jenny Ho
a3ee75181b Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 3ab8be18a5 am: abb6cc1a80 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I81f08eaad0c6e5df788bc63f3626ec3e58f72d39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 03:20:37 +00:00
Jenny Ho
57349ee2c0 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34ee73b7f2 am: eef3026fd5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Ibd7d0565d65ebb298423694e96c65027d2cf77c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 03:20:24 +00:00
Jenny Ho
abb6cc1a80 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 3ab8be18a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I96b77bcbb6ab773d41b861f4770e07f41b6b834a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 02:36:08 +00:00
Jenny Ho
d1c4337008 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34ee73b7f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I016c6ca4cc81bffaf267870159f47e7c1a6674f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 02:35:57 +00:00
Jenny Ho
eef3026fd5 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34ee73b7f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Ib71b8ae6c48db75778ec84a2d5a5b2efec88244c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 02:33:59 +00:00
Jenny Ho
09c478e849 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34210357f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I7a3f5d3c2a22fdb162709c7cef370fc8882b9aba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 02:33:53 +00:00
Jenny Ho
34ee73b7f2 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Ie6144135cf653d281c7bef84fb4469daefbad095
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 01:54:32 +00:00
Jenny Ho
34210357f5 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I66af5d2c6e5ef99b722812500edb9ab1596aa3a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 01:54:30 +00:00
Jenny Ho
6067855d5c Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Idbdcfbf09a148fff91d6a09f07728d6f6545037a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 01:54:16 +00:00
Jenny Ho
3ab8be18a5 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I899bc4150d6d32b0ede035c96487da50849b6256
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 01:50:10 +00:00
Jenny Ho
ee160b5880 Add permissions for maxfg_base/maxfg_secondary 
Bug: 284878175
Change-Id: I3fe3030ecd36773405f0e70b767d4a28062d91ad
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-05-30 12:09:30 +08:00
Android Build Coastguard Worker
af49915ef8 Snap for 10213992 from 54bb70bae8 to udc-qpr1-release 
Change-Id: I0e8d079f1a7cfbe40bd1dec8c7e69525dc0ea314
 2023-05-27 05:07:18 +00:00
Android Build Coastguard Worker
bc0330b4a0 Snap for 10214038 from 955ae6825f to udc-release 
Change-Id: I42fe923dde4326e614e504421f23f911cce5a002
 2023-05-27 01:09:09 +00:00
Donnie Pollitz
d171dfee07 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: a2cb6ab6eb am: 54bb70bae8 am: 16918db007 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I9150fca2a50e91f7f8643915b134c4e3b43d2194
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 10:37:58 +00:00
Donnie Pollitz
ea870b5abf Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: 36ea330be0 am: d662abd90e am: 15843f30f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I13c87fceedaf0395b9991336481cf3c69d0ab2dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 10:35:38 +00:00
Donnie Pollitz
7b8b43067c Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: a2cb6ab6eb am: 62bfe3afc4 am: 5c37b6e55d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I8d000774bd5163a0f76e6ae433f11b5fb9f0384e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 10:35:10 +00:00
Donnie Pollitz
16918db007 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: a2cb6ab6eb am: 54bb70bae8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I3b776b3a1fac9efd629722729fe424ab09d89fb9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:50:11 +00:00
Donnie Pollitz
15843f30f0 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: 36ea330be0 am: d662abd90e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ia712aa77fea866bcf988aa5d106bcb25b726d8c0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:47:37 +00:00
Donnie Pollitz
5c37b6e55d Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: a2cb6ab6eb am: 62bfe3afc4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I403e8fd93c3609ccfab021704dae6113c4a23333
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:47:16 +00:00
Donnie Pollitz
d662abd90e Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: 36ea330be0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I44a0090b6a0be88fd606596fae0a236ef9bcdd40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:01:41 +00:00
Donnie Pollitz
54bb70bae8 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: a2cb6ab6eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I263b4d56605ba014b273a3089b9bcc853189e788
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:01:35 +00:00
Donnie Pollitz
62bfe3afc4 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: a2cb6ab6eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: I891e9032a5bacf115410ad81ccd07580645da9d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 08:59:32 +00:00
Donnie Pollitz
cc3c03dae7 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: 09318c0f8b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ibe080c2af64fb0aa76554222b030c4428cc71e79
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 08:59:27 +00:00
Donnie Pollitz
a2cb6ab6eb Allow vendor_init to fix permissions of TEE data file am: 955ae6825f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ibf91aa97b122e3a5f39053c6ed01e62b3783403c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 07:53:44 +00:00
Donnie Pollitz
09318c0f8b Allow vendor_init to fix permissions of TEE data file am: 955ae6825f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ib79c56820fe78ccfe1d34bce1a7d400614c9d385
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 07:53:40 +00:00
Donnie Pollitz
b30363a096 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ib98787ffcbcb3b3d036b00fc0dc20ec2f4c355cb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 07:53:29 +00:00
Donnie Pollitz
36ea330be0 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ic51e258b34e4525f669a67d5eecd18b781bf6010
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 07:49:20 +00:00
Donnie Pollitz
955ae6825f Allow vendor_init to fix permissions of TEE data file 
Background:
* vendor_init needs to be able to possibly fix ownership of
  tee_data_file

Bug: 280325952
Test: Changed permissions and confirmed user transitions
Change-Id: I27681589c9d0b0aa88463e6476fb75119ea89e8a
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-05-26 07:17:39 +00:00
Android Build Coastguard Worker
96a53ff12d Snap for 10204122 from a16d3cc686 to udc-qpr1-release 
Change-Id: I55d2b35b993502f5e1986beb87b6d34b60be984b
 2023-05-26 01:08:03 +00:00
Android Build Coastguard Worker
2762d0dbd4 Snap for 10205056 from 1113c66dea to udc-release 
Change-Id: I516d5908f39e0923d8a9de14adcb7fa2e972588c
 2023-05-25 23:02:28 +00:00
sashwinbalaji
f45eb3d23c thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 6bc46c8cd5 am: a16d3cc686 am: 59ef3b2b30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I43efe3c77f63074b59b2e3479e967312f833be1b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 08:39:19 +00:00
sashwinbalaji
962734a659 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 29df1ad288 am: 711cf086a9 am: 261d8af5a3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: Icdec3fcfa60b470c9df347446673b6539f496649
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 08:38:43 +00:00
sashwinbalaji
dd8c077882 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 6bc46c8cd5 am: 083335d39b am: e6879fd30b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I29b1fb86294e1a808ce2344b62c04e1e48e3e20b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 08:38:06 +00:00
sashwinbalaji
59ef3b2b30 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 6bc46c8cd5 am: a16d3cc686 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I755a5459e88748df5ff52fd4d7d834a75b4f94cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:55:38 +00:00
sashwinbalaji
261d8af5a3 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 29df1ad288 am: 711cf086a9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: Ia25486f90a811d3b3eebe7499461def5ff0c618c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:50:16 +00:00
sashwinbalaji
e6879fd30b thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 6bc46c8cd5 am: 083335d39b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: If496db59ff43736842f208dc94f21b724e421a61
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:49:44 +00:00
sashwinbalaji
711cf086a9 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 29df1ad288 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: Id496e32bc9f0255c68e86605ba237d23cab6bbce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:07:49 +00:00
sashwinbalaji
a16d3cc686 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 6bc46c8cd5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I5d5f795478770637739603b6638dc2b89f3df3d2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:07:35 +00:00
sashwinbalaji
650ab4f009 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 54050db789 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: If8acc782a6ad78a791aa04a832ec2e82a04a0a19
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:03:19 +00:00
sashwinbalaji
083335d39b thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 6bc46c8cd5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I5d426b52828b29550d126854f5a7b2d39cde6661
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:03:07 +00:00
sashwinbalaji
54050db789 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I234eee37d2388103d66b3c142e456fd3b474e1e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 06:22:51 +00:00
sashwinbalaji
6bc46c8cd5 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I2037d2de006c26cba1b2114f776678aca7c4a808
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 06:22:41 +00:00
sashwinbalaji
29900c796a thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: Ic07bf265358d8fce51ef5a0b4cc139bc7d26bd0e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 06:22:31 +00:00
sashwinbalaji
29df1ad288 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I6a691341b37808102fd540fce39373498e18b379
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 06:18:24 +00:00
sashwinbalaji
1113c66dea thermal: thermal_metrics: Update selinux to reset stats 
Bug: 193833982
Test: Local build and verify statsD logs
adb shell cmd stats print-logs && adb logcat -b all | grep -i 105045
Change-Id: I0dc1c557797d7fe97da7f0fcb2d600485526c979
 2023-05-25 05:28:45 +00:00
Android Build Coastguard Worker
0128580e96 Snap for 10196038 from 95cfaf3d0e to udc-qpr1-release 
Change-Id: Ibdf0236bc5e748d2a1ba65c1f349129969aa4828
 2023-05-25 02:41:45 +00:00
Android Build Coastguard Worker
00b21ecf0e Snap for 10196304 from 10ef6d8619 to udc-release 
Change-Id: Ic56e53ac8597d1117e7cd1885f2a22723d674d87
 2023-05-24 23:02:21 +00:00
Jin Jeong
9f18a24c2b Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: 5627fe6f60 am: 95cfaf3d0e am: b3da220bf7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I6238e5e0e17400807afa8706fd3276aeada62f0b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:57:56 +00:00
Jin Jeong
7583ba04a5 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 42760593ae am: 42ab624385 am: 3c247ca101 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I7febffc99203f2a1a6fa9368621b2714832b3079
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:57:50 +00:00
Jin Jeong
ab8b9314b9 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: aa606065a3 am: 15d383b430 am: a9d78f727e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I6be17d82c6ad0a46455cf15c096c0e586baa3c57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:56:55 +00:00
Jin Jeong
ffca7e6426 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 35e908fd66 am: a82c726a4e am: 3876aede57 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I7ac97ab71e1154b2556e0f61a8de1a7b1114379f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:56:49 +00:00
Jin Jeong
75a1fc7f70 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: 5627fe6f60 am: 9b291f9755 am: 81a4997bb3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: Ied482db1c50fee789518c43d6e1c30f6a7803117
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:55:47 +00:00
Jin Jeong
4f2e7e9516 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 42760593ae am: 3588c019b2 am: 831c2bfd84 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I322d5836b5a0913b0189875d2416b570ca97f149
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:55:41 +00:00
Jin Jeong
b3da220bf7 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: 5627fe6f60 am: 95cfaf3d0e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I1e92d3fb4753d9489e197919523ca709576a1946
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:13:57 +00:00
Jin Jeong
3c247ca101 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 42760593ae am: 42ab624385 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: If96362eea1639a315d5d73d902407361d74a21cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:13:51 +00:00
Jin Jeong
a9d78f727e Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: aa606065a3 am: 15d383b430 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I6061874124ccc7a9673dafe17e12fd0e4e65a2b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:09:37 +00:00
Jin Jeong
3876aede57 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 35e908fd66 am: a82c726a4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I9406e9e0bd87550b2aefa09d8161cbcb80932fca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:09:32 +00:00
Jin Jeong
81a4997bb3 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: 5627fe6f60 am: 9b291f9755 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I9792a825cff5e7cd5cd4db2a3f4f1a51fa8f57f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:08:39 +00:00
Jin Jeong
831c2bfd84 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 42760593ae am: 3588c019b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I2dc8bca4ce52409127dbe6de846e653359cc6e4b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:08:33 +00:00
Android Build Coastguard Worker
50cd86ef20 Snap for 10186302 from b4e262f4cb to udc-qpr1-release 
Change-Id: I6c6b6ff2ed788dcaa908f19a68ba6fb24ec4e4de
 2023-05-24 03:02:11 +00:00
Jin Jeong
15d383b430 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: aa606065a3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: Iccab57deadb4965a765bebb85368345bab672c8c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:30:58 +00:00
Jin Jeong
a82c726a4e Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 35e908fd66 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I92d2d75c4d0f66999b9bd0ac2f688c195b53af11
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:30:52 +00:00
Jin Jeong
95cfaf3d0e Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: 5627fe6f60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: Ice7c118408e3c9b7bc6c1657710172ecce1bc41d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:30:02 +00:00
Jin Jeong
42ab624385 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 42760593ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I9a9f251e6df7076c8b9708bf01743aef579f381c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:29:56 +00:00
Jin Jeong
858a6f7cb8 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: bc46900137 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I008340539cac47efb8d3d377962b47e9f9bbc926
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:27:28 +00:00
Jin Jeong
234757c994 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 41cebba8d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I24205e515e52807cec6a518fc162a78e602e3a9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:27:23 +00:00
Jin Jeong
9b291f9755 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: 5627fe6f60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I3ba572b0238412fc510d6f1ed82723904e1392a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:26:14 +00:00
Jin Jeong
3588c019b2 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 42760593ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: Ic17a94ed766998b8eaa711ae12b75e3e597d913b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:26:08 +00:00
Jin Jeong
5627fe6f60 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I66ec119e485273f9d1562bb272ab7c25541e98b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:47:08 +00:00
Jin Jeong
bc46900137 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I7634e34b69eaa2647987c0cb1d298e665415fc73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:47:01 +00:00
Jin Jeong
42760593ae Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: Ib285406b29c598ab5cec6db6ab0d2f9d57343a0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:47:01 +00:00
Jin Jeong
41cebba8d0 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: If73919df7b7bcfa0d5f55d7d9b6b37be76fe08cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:46:55 +00:00
Jin Jeong
c281730f15 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I7a14e58cb15c1c03a226ef96f53d623748d413d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:46:51 +00:00
Jin Jeong
a5149fb731 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: Id1522641db4c5eb9cafe08f1445bd1e810c336e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:46:44 +00:00
Jin Jeong
aa606065a3 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: Ifa25563c9f0d157ce52f2d2d320c6cc166521c2a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:42:42 +00:00
Jin Jeong
35e908fd66 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I7d6c19280280e63b194da9bdef8b8a80d057f364
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:42:36 +00:00
Jin Jeong
10ef6d8619 Revert "Fix SELinux error for com.google.android.euicc" 
Revert submission 22899490-euicc_selinux_fix

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Bug: 279988311
Reverted changes: /q/submissionid:22899490-euicc_selinux_fix

Change-Id: I50ff4f8e48389d034c3f6c716dad1a81e9b73e64
 2023-05-24 01:07:09 +00:00
Jin Jeong
980c71bea4 Revert "Fix LPA crash due to selinux denial" 
Revert submission 22955599-euicc_selinux_fix2

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Bug: 279988311
Reverted changes: /q/submissionid:22955599-euicc_selinux_fix2

Change-Id: I2799c61ab5464e5551168f471740afe76edd1113
 2023-05-24 01:07:09 +00:00
Android Build Coastguard Worker
46830e7b60 Snap for 10180570 from 7f19e81d61 to udc-release 
Change-Id: Ia152184fba54917fb5838e05d3aab8627b40139a
 2023-05-22 23:01:56 +00:00
Anthony Zhang
5b9cf82529 [automerger skipped] [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: f8bcbec08a am: b4e262f4cb am: 346d7536d6 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Ib54e0c509eac13e5f082793d4d7cb0c6057f9967
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 21:11:35 +00:00
Anthony Zhang
1e47583fa7 [automerger skipped] [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: f8bcbec08a am: 28bc5a68e0 am: 31f68ad819 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Icb13e36f187e4a9d07b472a1d6ca36b8efda1725
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 21:10:11 +00:00
Anthony Zhang
5b0b9ec322 [automerger skipped] [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: 143c8076c2 am: 301d7d4311 am: e8a364795f -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: I928a5a2c13fc5744aa009e6da5889707cc164e51
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 21:09:51 +00:00
Anthony Zhang
346d7536d6 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: f8bcbec08a am: b4e262f4cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Ie00f8bea2a41ea50be52a416bf5f9998624a18c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 20:48:23 +00:00
Anthony Zhang
31f68ad819 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: f8bcbec08a am: 28bc5a68e0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: I64ecd4691d7084859c065f3cf00baed58d5f95c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 20:24:57 +00:00
Anthony Zhang
e8a364795f [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: 143c8076c2 am: 301d7d4311 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Ie4079d28cdf98a10123f6f37228c1d92fe007693
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 20:24:35 +00:00
Anthony Zhang
b4e262f4cb [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: f8bcbec08a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: I913c5ef46e1c66ce2a6d6b58f7a3e5c47047222c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 20:02:52 +00:00
Anthony Zhang
28bc5a68e0 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: f8bcbec08a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: I34fa2f7c8b5ffe3d1d08b8fd84681d22b25ec413
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 20:00:34 +00:00
Anthony Zhang
09fc6def67 [automerger skipped] [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: 9f3337ab88 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: I46577429c4c443cbd75064349da2630eb7edb13a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 20:00:33 +00:00
Anthony Zhang
301d7d4311 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 am: 143c8076c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: I2e89660afd10ac65cb3e48f2ddb1a10a89218c6c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:47:50 +00:00
Anthony Zhang
9f3337ab88 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Iae7abaa7b2785b2867c3cd3800ab9b21e4a505d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:23:48 +00:00
Anthony Zhang
f8bcbec08a [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Iefb182caafd96e46b9743e39066cb00c5d6bd933
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:23:36 +00:00
Anthony Zhang
d2a2b8c339 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Ib993337449bc5f71617649520f76ce745c487fad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:23:16 +00:00
Anthony Zhang
143c8076c2 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Iaa3d014c486c6179609a481811103665c141f3b0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:19:13 +00:00
Anthony Zhang
7f19e81d61 [DO NOT MERGE] Allow fingerprint to access persist property 
Bug: 258901849
Test: Local test on enrollment/delete, version update

Change-Id: I96acb79b3e600e0a4dd7b7a1cf494b20a876ca63
 2023-05-22 18:36:54 +00:00
Luis Delgado de Mendoza Garcia
7ac088bb18 Add chre channel sepolicy entries am: 3992c42501 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I63b06a5c1132fe0c40cd47044333516f57a0de0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 04:31:42 +00:00
Samuel Gosselin
87796503d5 [automerger skipped] genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 918335e2a9 -s ours am: ad4952fba4 -s ours am: 940588c2bf -s ours 
am skip reason: Merged-In I8c2633b33cef8ca2b55029190fe42bd66b17390f with SHA-1 64111ee561 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286925

Change-Id: Ieb57e4d1a48da1634e01ab614c6c40768dda0d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 04:03:04 +00:00
Samuel Gosselin
9ce637b734 [automerger skipped] genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 918335e2a9 am: 09ba7e1b23 -s ours am: 739a81d071 -s ours 
am skip reason: Merged-In I8c2633b33cef8ca2b55029190fe42bd66b17390f with SHA-1 64111ee561 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286925

Change-Id: I189ba45cf9394f6bdf6b195f7b7153df67c8825b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 03:48:24 +00:00
Samuel Gosselin
940588c2bf [automerger skipped] genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 918335e2a9 -s ours am: ad4952fba4 -s ours 
am skip reason: Merged-In I8c2633b33cef8ca2b55029190fe42bd66b17390f with SHA-1 64111ee561 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286925

Change-Id: I526b5bc3f30f088c01c5f18c8c0553b1d13cc1de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 03:45:36 +00:00
Android Build Coastguard Worker
6b1d252a01 Snap for 10157673 from ad4952fba4 to udc-qpr1-release 
Change-Id: Iefb68cccdd488a2f399193174bd3a231f37c5e5a
 2023-05-18 03:02:12 +00:00
Samuel Gosselin
739a81d071 [automerger skipped] genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 918335e2a9 am: 09ba7e1b23 -s ours 
am skip reason: Merged-In I8c2633b33cef8ca2b55029190fe42bd66b17390f with SHA-1 64111ee561 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286925

Change-Id: Ic89ca99536273e52ebe1a9d8feec9d40814e21e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 01:54:16 +00:00
Samuel Gosselin
ad4952fba4 [automerger skipped] genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 918335e2a9 -s ours 
am skip reason: Merged-In I8c2633b33cef8ca2b55029190fe42bd66b17390f with SHA-1 64111ee561 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286925

Change-Id: Ic374c831187d283aff1956eb0dbcbc2e6ff401b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 01:25:02 +00:00
Samuel Gosselin
09ba7e1b23 genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 918335e2a9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286925

Change-Id: I71816d985ff994f9672048aec26ffce5d9ae618a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 01:02:32 +00:00
Android Build Coastguard Worker
f6bec7ea36 Snap for 10154358 from 3992c42501 to udc-release 
Change-Id: I3d4e74bda302b9291669d5e8131fea004b8d5fcd
 2023-05-17 23:02:55 +00:00
Samuel Gosselin
1bcf0d102c [automerger skipped] genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 64111ee561 am: 6bdcc46ff1 -s ours 
am skip reason: Merged-In I8c2633b33cef8ca2b55029190fe42bd66b17390f with SHA-1 83712c5243 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23215971

Change-Id: I8afdb2a3a0916199c9b8273ebbb5f104786c1656
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 19:56:26 +00:00
Samuel Gosselin
6bdcc46ff1 genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. am: 64111ee561 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23215971

Change-Id: I3a99360232d54e2ef5d7ab4701d8db3fef3f0fd6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 19:06:08 +00:00
Samuel Gosselin
918335e2a9 genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. 
This adds the appropriate raw i2c numberings to the sepolicy
for the 6.1 kernel driver which does not use the i2c vendor
hook to rename these numberings. This is required for the
thermal hal to work.

Test:
Boot to Android Home on WHI PRO with 6.1 kernel, no
Thermal HAL crashes.

Bug: 276464780
Signed-off-by: Samuel Gosselin <sgosselin@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:83712c5243166cafa3a057d5347515e04947cde8)
Merged-In: I8c2633b33cef8ca2b55029190fe42bd66b17390f
Change-Id: I8c2633b33cef8ca2b55029190fe42bd66b17390f
(cherry picked from commit 64111ee561)
 2023-05-17 18:09:48 +00:00
Samuel Gosselin
64111ee561 genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. 
This adds the appropriate raw i2c numberings to the sepolicy
for the 6.1 kernel driver which does not use the i2c vendor
hook to rename these numberings. This is required for the
thermal hal to work.

Test:
Boot to Android Home on WHI PRO with 6.1 kernel, no
Thermal HAL crashes.

Bug: 276464780
Signed-off-by: Samuel Gosselin <sgosselin@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:83712c5243166cafa3a057d5347515e04947cde8)
Merged-In: I8c2633b33cef8ca2b55029190fe42bd66b17390f
Change-Id: I8c2633b33cef8ca2b55029190fe42bd66b17390f
 2023-05-17 18:08:56 +00:00
Luis Delgado de Mendoza Garcia
98d25a4f3e [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 0a15da974d -s ours am: 60eb785f97 -s ours am: e5b914e885 -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 c2d912818c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: If032fb8761aac1a711be5a45976e01cfe6f45e36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 02:52:52 +00:00
Luis Delgado de Mendoza Garcia
681047da41 [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 7a14a3a96f -s ours am: d5de1f21ec -s ours am: 119fab5fa0 -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 3992c42501 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I80d1fd23d9f5124ee5f6b89bbf305a37b0f18a1e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 02:52:01 +00:00
Luis Delgado de Mendoza Garcia
94c4a8b0d3 [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 0a15da974d am: 8f6514031c -s ours am: abc6cfe314 -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 c2d912818c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I3cf17b880b08c17bda8fc1b9f7e7b2fa17b78c12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 02:49:44 +00:00
Luis Delgado de Mendoza Garcia
e5b914e885 [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 0a15da974d -s ours am: 60eb785f97 -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 c2d912818c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I4b690808da6c630c4251c69fea322e71bb4c3a8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 01:46:41 +00:00
Luis Delgado de Mendoza Garcia
119fab5fa0 [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 7a14a3a96f -s ours am: d5de1f21ec -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 3992c42501 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I48a44cace12ac01881356c7678e80b68a0a2d6c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 01:45:55 +00:00
Luis Delgado de Mendoza Garcia
abc6cfe314 [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 0a15da974d am: 8f6514031c -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 c2d912818c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I6f3f276d16bbe8b1be90c4b77c57de360e4c75f5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 01:44:18 +00:00
Luis Delgado de Mendoza Garcia
d5de1f21ec [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 7a14a3a96f -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 3992c42501 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I3aa3319a15df9a86fabe79ee209ac402fdf833ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 00:21:35 +00:00
Luis Delgado de Mendoza Garcia
60eb785f97 [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: 0a15da974d -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 c2d912818c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I08deeb46e00b459934b25e3636ee2fb8d53af044
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 00:18:41 +00:00
Luis Delgado de Mendoza Garcia
3d0495bbdf [automerger skipped] Add chre channel sepolicy entries am: 3992c42501 am: a930143210 -s ours 
am skip reason: Merged-In I3151d25c4a1cd7a858b84e0c8989dc160d368ca5 with SHA-1 c2d912818c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: Iedc4e8ccdcafc36ab677a4b466d1fe76ebaed14e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 00:17:19 +00:00
Luis Delgado de Mendoza Garcia
8f6514031c Add chre channel sepolicy entries am: 3992c42501 am: 0a15da974d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: Icfda18794f722598aae37a5930475fdb5d93d439
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 00:17:19 +00:00
Luis Delgado de Mendoza Garcia
7a14a3a96f Add chre channel sepolicy entries am: 3992c42501 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I71ae96a9e7ff8861fd8b1835948d3e9c04a1d8c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-16 23:36:06 +00:00
Luis Delgado de Mendoza Garcia
a930143210 Add chre channel sepolicy entries am: 3992c42501 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I173a44c0aaf9e92ce9b4180235cd81acb0f6d387
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-16 23:36:00 +00:00
Luis Delgado de Mendoza Garcia
0a15da974d Add chre channel sepolicy entries am: 3992c42501 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: Iada40c9422558bd1b3575e07378cb4a12e8c9ef0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-16 23:35:56 +00:00
Luis Delgado de Mendoza Garcia
3992c42501 Add chre channel sepolicy entries 
Bug: 281814892
Fix: 281814892
Test: in-device verification.
Change-Id: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
Merged-In: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
 2023-05-16 22:49:12 +00:00
Android Build Coastguard Worker
b6bf25aa5c Snap for 10137062 from 23ca430833 to udc-qpr1-release 
Change-Id: I18e357d5f73b81942acc332a85b820eb76bfb2be
 2023-05-16 03:02:14 +00:00
Android Build Coastguard Worker
169c3fe820 Snap for 10136934 from d19337894a to udc-release 
Change-Id: I67c487ac4e17943446f54578ef71cad1b2b5049d
 2023-05-15 23:02:48 +00:00
Wilson Sung
d3a77705fb Update SELinux error am: d19337894a am: 468ba9b0d6 am: 23ca430833 am: 6a636222e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I53ffa1531957caff410a48513e40d976c0d45f03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 09:54:41 +00:00
Wilson Sung
cc6a40e61d Update SELinux error am: d19337894a am: f19eec56a0 am: ec383cedda am: 25d799df0b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: Ieea29877a1d248354b65b2e698d3ad7969ac4eeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 09:54:33 +00:00
Wilson Sung
664a45fe42 Update SELinux error am: d19337894a am: 468ba9b0d6 am: f8a3b12009 am: 78f3891669 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: Ifca4ddd47f8d312110cb310434611271e5227b99
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 09:54:23 +00:00
Wilson Sung
6a636222e8 Update SELinux error am: d19337894a am: 468ba9b0d6 am: 23ca430833 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I1f9810499f4a24861d228b98428b826019375e50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 09:12:50 +00:00
Wilson Sung
25d799df0b Update SELinux error am: d19337894a am: f19eec56a0 am: ec383cedda 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I9912393afdcec51bcbbe3238595e2d59473f126d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 09:05:50 +00:00
Wilson Sung
78f3891669 Update SELinux error am: d19337894a am: 468ba9b0d6 am: f8a3b12009 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: Ibf29af0477d0635c240eed612aa17030d7e32f50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 09:05:43 +00:00
Wilson Sung
ec383cedda Update SELinux error am: d19337894a am: f19eec56a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I37000425db8dd9c27bcd86f3a6aafa31053ddd17
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 08:31:25 +00:00
Wilson Sung
23ca430833 Update SELinux error am: d19337894a am: 468ba9b0d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I87a6a1344b2525b112129a773642009d06cf151f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 08:30:53 +00:00
Wilson Sung
f5f2041d5f Update SELinux error am: d19337894a am: c5784b51a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I1f4df2562e50ef294972f7e68e23d75967dd71e8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 08:26:50 +00:00
Wilson Sung
f8a3b12009 Update SELinux error am: d19337894a am: 468ba9b0d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I92285833abbc34b4e8b0702f33b68018e9e4fff6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 08:26:50 +00:00
Wilson Sung
468ba9b0d6 Update SELinux error am: d19337894a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: I2152c8c6960ce3b86323663b66eb9c2b7fda723a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 07:49:19 +00:00
Wilson Sung
c5784b51a2 Update SELinux error am: d19337894a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: Ibd1ead0534140e089e2b7ec4e04c0c266db76b91
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 07:49:17 +00:00
Wilson Sung
f19eec56a0 Update SELinux error am: d19337894a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163633

Change-Id: Idf9dd1e06cdec3e1ffb5d7ae425fba99d54e071b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 07:45:07 +00:00
Adam Shih
741322d56a Introduce new sepoilcy owner am: 5cd759d295 am: 307e2c2fc8 am: 5e82524935 am: 2d2286d7c2 am: e1025bc8e3 am: a59e3baa08 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2586605

Change-Id: I84f78c7ea44b8b2ab36a5a4ce739d80997121a86
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 06:27:59 +00:00
Adam Shih
a59e3baa08 Introduce new sepoilcy owner am: 5cd759d295 am: 307e2c2fc8 am: 5e82524935 am: 2d2286d7c2 am: e1025bc8e3 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2586605

Change-Id: I1a71627483b7f41a9307029bd64d5b3911bf32e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 05:41:00 +00:00
Adam Shih
e1025bc8e3 Introduce new sepoilcy owner am: 5cd759d295 am: 307e2c2fc8 am: 5e82524935 am: 2d2286d7c2 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2586605

Change-Id: Ib77def42f7b7ff2582cc04795a5b8356fd35d024
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 05:04:33 +00:00
Adam Shih
2d2286d7c2 Introduce new sepoilcy owner am: 5cd759d295 am: 307e2c2fc8 am: 5e82524935 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2586605

Change-Id: I2b7511a7aefba2354513e21ff49169637367451e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 04:22:40 +00:00
Adam Shih
5e82524935 Introduce new sepoilcy owner am: 5cd759d295 am: 307e2c2fc8 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2586605

Change-Id: I8509e07c52ca5a75b4a9c10ffc3398a7c608c441
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 03:37:37 +00:00
Adam Shih
307e2c2fc8 Introduce new sepoilcy owner am: 5cd759d295 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2586605

Change-Id: Idc925c7a1f1111840a64664aa50c39442c3a0f8f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 02:59:55 +00:00
Wilson Sung
d19337894a Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 282096141
Change-Id: I0725e78a76436a0904205f83655755bf7c76c05f
 2023-05-12 12:09:08 +08:00
Android Build Coastguard Worker
7af75c401a Snap for 10120310 from 5d36e67f21 to udc-qpr1-release 
Change-Id: I013919900d9e60b14ccfac2c3dc4c9752debf62c
 2023-05-12 03:02:23 +00:00
Adam Shih
5cd759d295 Introduce new sepoilcy owner 
Bug: 281631102
Test: N/A
Change-Id: I9bb7c6299f970a410481dd541523bec6df68cf23
 2023-05-12 02:11:38 +00:00
Android Build Coastguard Worker
c734a25fe1 Snap for 10113759 from 2a02fe5fc5 to udc-release 
Change-Id: I5813d93faae1052c6f6d73f96dd327ba4dd92c7d
 2023-05-11 23:03:04 +00:00
Adam Shih
9e4f7386c6 add missing permission for gs201 power dump am: 2a02fe5fc5 am: b6d409b1bd am: 5d36e67f21 am: 98faa3c097 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I28661ae034e2cc215ed642370eb01664622af8ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 10:10:13 +00:00
Adam Shih
0c24adb6ac add missing permission for gs201 power dump am: 2a02fe5fc5 am: b39ed5f5ab am: e6521d1eeb am: 3f736f44f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I3689fa7e1debbaa7b2d9536a68ec77c118ee7b89
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 09:54:35 +00:00
Adam Shih
3e65d9e0c7 add missing permission for gs201 power dump am: 2a02fe5fc5 am: b6d409b1bd am: 1baad470b5 am: 0618a4fe63 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I8bad5d5d64761d91c22519effa643d47acf1c07f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 09:36:26 +00:00
JohnnLee
dc0f13eb03 Remove obsolete entries 
Test: adb bugreport
Bug: 241714943
Bug: 241714944
Bug: 268147092
Bug: 237492091
Bug: 214122471
Bug: 239484612
Bug: 270079857
Bug: 239364360
Bug: 238705599
Bug: 238571150
Change-Id: I1cc1aa8d7a48a9fe8b5c84817d827c8915a701c7
 2023-05-11 08:27:41 +00:00
Adam Shih
98faa3c097 add missing permission for gs201 power dump am: 2a02fe5fc5 am: b6d409b1bd am: 5d36e67f21 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I68abeaf2b5f11b98594d17f66b9cfead77d8c02d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 07:06:14 +00:00
Adam Shih
3f736f44f6 add missing permission for gs201 power dump am: 2a02fe5fc5 am: b39ed5f5ab am: e6521d1eeb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I195e9c6304cba48e8da9a3d52b5c43b7cb59a898
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 07:04:36 +00:00
Adam Shih
0618a4fe63 add missing permission for gs201 power dump am: 2a02fe5fc5 am: b6d409b1bd am: 1baad470b5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: Idc57ccbabdc801f237ec3027cb6791b04d8ddce8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 07:00:29 +00:00
Adam Shih
e6521d1eeb add missing permission for gs201 power dump am: 2a02fe5fc5 am: b39ed5f5ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I0cd46891bdd61f271854e4b9533eea425c3f577b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 06:23:48 +00:00
Adam Shih
5d36e67f21 add missing permission for gs201 power dump am: 2a02fe5fc5 am: b6d409b1bd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: Ic83dbc5d4928f69293aeb55d04503d52d8bc2a66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 06:23:01 +00:00
Adam Shih
1baad470b5 add missing permission for gs201 power dump am: 2a02fe5fc5 am: b6d409b1bd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I6afaf7ab7241db613674a0fdf2f93cc937d1f2b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 06:18:30 +00:00
Adam Shih
ae82c7c7b7 add missing permission for gs201 power dump am: 2a02fe5fc5 am: 07197068f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I2703ebc5b3b1186c113ed7b4caad8f53193c8464
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 06:15:15 +00:00
Adam Shih
b39ed5f5ab add missing permission for gs201 power dump am: 2a02fe5fc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I9fa0c89636bf3b961733ba91e5079d900ee031b0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 05:38:59 +00:00
Adam Shih
b6d409b1bd add missing permission for gs201 power dump am: 2a02fe5fc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I50c8f3cf3bdfcd595266c9abbc38806e6eb53dc7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 05:37:52 +00:00
Adam Shih
07197068f4 add missing permission for gs201 power dump am: 2a02fe5fc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I5c7d300e78edec76508780697647d56e6464e104
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 05:37:52 +00:00
Android Build Coastguard Worker
c77922ff67 Snap for 10109327 from c2d912818c to udc-qpr1-release 
Change-Id: I0a0f29573a5007c200f4556944bbf2df24c2ec8c
 2023-05-11 03:02:16 +00:00
Samuel Gosselin
83712c5243 genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. 
This adds the appropriate raw i2c numberings to the sepolicy
for the 6.1 kernel driver which does not use the i2c vendor
hook to rename these numberings. This is required for the
thermal hal to work.

Test:
Boot to Android Home on WHI PRO with 6.1 kernel, no
Thermal HAL crashes.

Change-Id: I8c2633b33cef8ca2b55029190fe42bd66b17390f
Signed-off-by: Samuel Gosselin <sgosselin@google.com>
 2023-05-10 22:13:33 +00:00
Luis Delgado de Mendoza Garcia
ee0d1321c2 Add chre channel sepolicy entries am: c2d912818c am: 2546380d01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22935822

Change-Id: Icc8dbebe9276e459697d5a769198366130690f6c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 19:36:41 +00:00
Luis Delgado de Mendoza Garcia
2546380d01 Add chre channel sepolicy entries am: c2d912818c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22935822

Change-Id: Ib210c04fc5648849532148d6e6f4a876071d62ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 18:57:18 +00:00
Luis Delgado de Mendoza Garcia
c2d912818c Add chre channel sepolicy entries 
Bug: 241960170
Test: in-device verification.
Change-Id: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
 2023-05-10 17:20:09 +00:00
Adam Shih
2a02fe5fc5 add missing permission for gs201 power dump 
Bug: 281602658
Test: adb bugreport
Change-Id: Ibf765c9da65d2c9f6a3825c91cb22771f583457a
 2023-05-10 10:56:55 +08:00
Zixuan Lan
63f1e4bb95 remove fixed selinux bug from bug map. am: 96789e18c7 am: 8db0b6abef am: c8b757bd6c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23039510

Change-Id: If13db467d64ebc3734d97132e7018be0fd3e6cf4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 02:41:11 +00:00
Zixuan Lan
2a076829d1 remove fixed selinux bug from bug map. am: 96789e18c7 am: 5c070074e3 am: b46121afcb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23039510

Change-Id: I676cab31f39bd28222ba6465b0766ce15c9fa0c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 02:39:35 +00:00
Zixuan Lan
c8b757bd6c remove fixed selinux bug from bug map. am: 96789e18c7 am: 8db0b6abef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23039510

Change-Id: Iffed0085932ae5110ccba084bbab954a4538617a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 01:55:28 +00:00
Zixuan Lan
b46121afcb remove fixed selinux bug from bug map. am: 96789e18c7 am: 5c070074e3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23039510

Change-Id: I2f10a5638d9e6b4cef95006ca1e020bd86f7f9ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 01:54:09 +00:00
Zixuan Lan
8db0b6abef remove fixed selinux bug from bug map. am: 96789e18c7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23039510

Change-Id: I3cf8a3322547c7c2ba63e45ceee41dd2dab531b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 01:13:44 +00:00
Zixuan Lan
5c070074e3 remove fixed selinux bug from bug map. am: 96789e18c7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23039510

Change-Id: I9dd1bdada302b06a3040240efbbb357f7cbce315
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 01:08:27 +00:00
Zixuan Lan
96789e18c7 remove fixed selinux bug from bug map. 
TPU permission was fixed to avoid error in hal_camera_defaul.The corresponding bug for tracking should be removed from the bug map. Please see bug for more details.
Bug: 275001783
Test: logcat grep for selinux error

Change-Id: I7a1bf9fd994187f969b68b9fc3504a5411b0807f
 2023-05-04 22:36:33 +00:00
Android Build Coastguard Worker
22c80e1265 Snap for 10054401 from 33f9e124e4 to udc-qpr1-release 
Change-Id: I3126a9011d19f436fbbf6024e653695e6e45e377
 2023-05-03 01:07:04 +00:00
Android Build Coastguard Worker
ade98a502a Snap for 10052121 from 2d7181e3fc to udc-release 
Change-Id: I6af22110cc32631563ae52da9c39833023b29f24
 2023-05-02 23:02:59 +00:00
Android Build Coastguard Worker
da3889c8a8 Merge cherrypicks of ['googleplex-android-review.googlesource.com/22949545'] into udc-release. 
Change-Id: I6a1fde087f63e697c5332cad641eb0d756689f58
 2023-05-02 18:26:14 +00:00
Jinyoung Jeong
69b541901e Fix LPA crash due to selinux denial 
Bug: 280336861
Test: No crash found during LPA basic tests: download eSIM,
enable/disalbe eSIM.
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2d7181e3fc1f5c9147eeeac3a0322f2dc2d69ff8)
Merged-In: Ie4fd8fccce5ec98cf0b2afff9a41f27206e52626
Change-Id: Ie4fd8fccce5ec98cf0b2afff9a41f27206e52626
 2023-05-02 18:26:02 +00:00
Jinyoung Jeong
d4c17c962d Fix LPA crash due to selinux denial am: 2d7181e3fc am: b662770e6e am: 33f9e124e4 am: 15212c5e6a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I146d92bb6f9e3881e11cd99429aa5f07f3f7d640
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 16:10:21 +00:00
Hongbo Zeng
b706a1c7ee Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 2fa90460e1 am: 119748f522 am: 623e9d85eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I9dbef57508ac83a58895e615c20b646c8668b19d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 16:10:08 +00:00
Jinyoung Jeong
d1cf9c9700 Fix LPA crash due to selinux denial am: 2d7181e3fc am: b662770e6e am: df53b1478e am: 3a7550d8e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I249f851e9ea232011050e093d738030a76b4d1a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 16:07:44 +00:00
Jinyoung Jeong
fa1450d506 Fix LPA crash due to selinux denial am: 2d7181e3fc am: cc89605283 am: 30851e681f am: 6b51e8ee27 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: Ie7f7482881e92a974b2fa141dc06beb3b34937f1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 16:05:08 +00:00
Hongbo Zeng
948eca7ba6 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 3d706a6ba4 am: 2d245e4418 am: 807aaa8fb7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I2433598e967dcaa1c6c426031f1ed30ddc23f7f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 16:04:57 +00:00
Hongbo Zeng
eaee71104d Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 2fa90460e1 am: b3af9ae200 am: 92b0031c65 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: If841298797804911fc7c81a560a0180294ae97b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 16:04:49 +00:00
Jinyoung Jeong
222a252088 Fix LPA crash due to selinux denial am: 2d7181e3fc am: 8bf7b7ad4c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I5c21821d1d0bd4ca2b76764ce6b11577cb9d3eeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:36:49 +00:00
Jinyoung Jeong
15212c5e6a Fix LPA crash due to selinux denial am: 2d7181e3fc am: b662770e6e am: 33f9e124e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I39dad0f990aa243198159ce8db2e73b4eb3f709d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:29:59 +00:00
Hongbo Zeng
623e9d85eb Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 2fa90460e1 am: 119748f522 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I8a25ae78656f8ad0602159fdba65db36b3943fb8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:29:49 +00:00
Jinyoung Jeong
3a7550d8e8 Fix LPA crash due to selinux denial am: 2d7181e3fc am: b662770e6e am: df53b1478e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I573b69253505f3a1c076c962c0d6b43b3ef41a10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:26:05 +00:00
Jinyoung Jeong
6b51e8ee27 Fix LPA crash due to selinux denial am: 2d7181e3fc am: cc89605283 am: 30851e681f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: Ib04e316f2e18f5914041c4d69b5b36081e134263
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:18:11 +00:00
Hongbo Zeng
807aaa8fb7 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 3d706a6ba4 am: 2d245e4418 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: If1e5c7f14c467d1f0d8f1487bc828f9b663e2f20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:17:57 +00:00
Hongbo Zeng
92b0031c65 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 2fa90460e1 am: b3af9ae200 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: Iaac385e2a943e990c72b5ff68e4c1108624ba766
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:17:50 +00:00
Jinyoung Jeong
df53b1478e Fix LPA crash due to selinux denial am: 2d7181e3fc am: b662770e6e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I4e44837e17465e7cfa5ee2a8c4e8d92f8196c583
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:16:03 +00:00
Jinyoung Jeong
30851e681f Fix LPA crash due to selinux denial am: 2d7181e3fc am: cc89605283 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: Ie95dcb0f635c164956ea0b33e250efb5cf822210
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:00:38 +00:00
Hongbo Zeng
2d245e4418 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 3d706a6ba4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: Ic9d883adb00706ded4872c78dc7658bf5e370574
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:58:46 +00:00
Jinyoung Jeong
8bf7b7ad4c Fix LPA crash due to selinux denial am: 2d7181e3fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I0b797f8b9f4e2765ab5723acf4c7b3d6b907c9c0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:58:10 +00:00
Jinyoung Jeong
33f9e124e4 Fix LPA crash due to selinux denial am: 2d7181e3fc am: b662770e6e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I0b882be3452b2b6d928a3e38f63819f56363823d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:57:59 +00:00
Hongbo Zeng
119748f522 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 2fa90460e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I74e199f64c3dd9e1f57914db338b49e588086ae6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:57:36 +00:00
Jinyoung Jeong
b662770e6e Fix LPA crash due to selinux denial am: 2d7181e3fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I483b75a2278f74e6377757665170cb46c52866b1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:57:35 +00:00
Hongbo Zeng
b3af9ae200 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 2fa90460e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I9fd1cb9f8ae5833eea1ef0c311e30d2dea2bb904
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:54:41 +00:00
Jinyoung Jeong
cc89605283 Fix LPA crash due to selinux denial am: 2d7181e3fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22949545

Change-Id: I161d19ec1cc786e85a6bf1ccfe5f0bed76ac98bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:53:21 +00:00
Hongbo Zeng
cf7301b214 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 am: 368fe6a9b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I400acfbe608174ebf23d3b34971fad6f0531501a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:35:14 +00:00
Jinyoung Jeong
2d7181e3fc Fix LPA crash due to selinux denial 
Bug: 280336861
Test: No crash found during LPA basic tests: download eSIM,
enable/disalbe eSIM.

Change-Id: Ie4fd8fccce5ec98cf0b2afff9a41f27206e52626
 2023-05-02 14:10:00 +00:00
martinwu
16e0a91e34 [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a -s ours am: d5f7c7d958 -s ours am: 9d5825c166 -s ours am: 13220d0e14 -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: I05c1a61f3c9c5e06f749e434630560195fd76be9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 13:44:31 +00:00
Hongbo Zeng
3d706a6ba4 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I1131ba266eb951d636cc5fc96bb8e370f87dc414
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 13:00:38 +00:00
Hongbo Zeng
368fe6a9b2 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: Id7fcb81f9a7dc1d5800bcd751ce62d725063f5fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 12:44:12 +00:00
martinwu
a13709bb43 [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a -s ours am: d5f7c7d958 -s ours am: 18dcc41f77 -s ours am: 0ddeca113c -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: Ia83a250dfb86e9fffecfdcddbd81f6b2d4dcb2b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 12:40:04 +00:00
martinwu
2d0daad57e [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a am: 25b8c58d06 -s ours am: b25fc7b7db -s ours am: fe922ad7ef -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: Id399b6c533600a8011fbff67bf94a93aedb921ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 12:38:20 +00:00
Hongbo Zeng
2fa90460e1 Fix denials for radio service to access files under /data/venodr/radio am: 306bf73c79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22899484

Change-Id: I90966fc0a068091900b8229762c7c03427b39890
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 12:34:24 +00:00
martinwu
13220d0e14 [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a -s ours am: d5f7c7d958 -s ours am: 9d5825c166 -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: I4ec85840e3390bda24e5a2da9c4bad7b28340b39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:35:17 +00:00
martinwu
0ddeca113c [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a -s ours am: d5f7c7d958 -s ours am: 18dcc41f77 -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: Ieffccd1636e2f49a4511877dc387801ef7465491
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:32:29 +00:00
martinwu
fe922ad7ef [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a am: 25b8c58d06 -s ours am: b25fc7b7db -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: I651e30ef5e2f5c3d92d5c2c66f1efbabc31331a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:30:04 +00:00
martinwu
9d5825c166 [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a -s ours am: d5f7c7d958 -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: Ice7d37298740cb61caa1c485f623281e84f15be1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 09:23:00 +00:00
martinwu
b25fc7b7db [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a am: 25b8c58d06 -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: I6de1d5de68fa4f36001d965d9497109b4843deae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 08:31:56 +00:00
martinwu
27fa8e2093 [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a am: 61688ce596 -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: I95aa1e4feaafba5eee22d40714d94dace3fb41f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 08:17:20 +00:00
Hongbo Zeng
306bf73c79 Fix denials for radio service to access files under /data/venodr/radio 
Bug: 270561266
Test: get PASS result with go/ril-config-service-test and the original
      denial logs in http://b/270561266#comment8 are gone

Change-Id: I17155852bb2408b4389a86d32228292885e14c46
 2023-05-02 08:05:31 +00:00
martinwu
18dcc41f77 [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a -s ours am: d5f7c7d958 -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: Ib25d58e12409bbd4642610d4924d93ccae5b289d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 07:59:10 +00:00
martinwu
25b8c58d06 [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: Ic6b7025f009b00532c5669400090c0c5136707b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 06:59:24 +00:00
martinwu
61688ce596 [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: I613db64df9dd7dcbb9e1f8348bd9aad8c642d323
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 06:58:27 +00:00
martinwu
d5f7c7d958 [automerger skipped] [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: 5f9732a97a -s ours 
am skip reason: Merged-In Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1 with SHA-1 ee611cfb51 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22938357

Change-Id: Ia2c8274ad5f9aacc3f9cf7e309476e1713319d00
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 06:57:13 +00:00
martinwu
5f9732a97a [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
Merged-In: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
 2023-05-02 03:16:02 +00:00
Android Build Coastguard Worker
0bdddbd4cc Snap for 10040800 from 0e225eae79 to udc-qpr1-release 
Change-Id: I21ed49a850537ba0b048839bfe7c1dc558dd977d
 2023-04-30 23:02:26 +00:00
Android Build Coastguard Worker
2041727cfa Snap for 10040535 from f265749f1d to udc-release 
Change-Id: I7d1ba36d4b944552a5600489f4d93600d267a8f4
 2023-04-30 21:02:50 +00:00
Jinyoung Jeong
617ee784eb Fix SELinux error for com.google.android.euicc am: f265749f1d am: 225f248217 am: 0e225eae79 am: 7446a435f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: Id6af8e55eeba6633f0115b67ec6e2fbcafa4d9c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 05:02:31 +00:00
Jinyoung Jeong
e6a631140d Fix SELinux error for com.google.android.euicc am: f265749f1d am: 225f248217 am: 21b719cf5a am: b22fe28d55 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: I52cf4a9161c517539641e8681864eddb65172018
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 05:02:12 +00:00
Jinyoung Jeong
97f8f5bdcc Fix SELinux error for com.google.android.euicc am: f265749f1d am: 13cb55bee1 am: 8c7a63a654 am: 9166b7cae8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: I3538bd81dbe66e53e78fc727c78bce55475583a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 05:01:51 +00:00
Jinyoung Jeong
7446a435f5 Fix SELinux error for com.google.android.euicc am: f265749f1d am: 225f248217 am: 0e225eae79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: I5f9e34d2023b62e72fa4bea38ed05ff47ee1ffe6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 04:45:08 +00:00
Jinyoung Jeong
b22fe28d55 Fix SELinux error for com.google.android.euicc am: f265749f1d am: 225f248217 am: 21b719cf5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: Ife990b016a7eb48ebc9230578942aeeb63899a62
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 04:17:05 +00:00
Jinyoung Jeong
9166b7cae8 Fix SELinux error for com.google.android.euicc am: f265749f1d am: 13cb55bee1 am: 8c7a63a654 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: I79f175b16972ac52708ad6b81604151a6e9c60d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 04:16:48 +00:00
Jinyoung Jeong
0e225eae79 Fix SELinux error for com.google.android.euicc am: f265749f1d am: 225f248217 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: I1cf4cbd10f42579aca80065c475463b56dddbcf5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 04:05:29 +00:00
Jinyoung Jeong
8135d56a33 Fix SELinux error for com.google.android.euicc am: f265749f1d am: 51c6b27dd9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: Ia5953787dbd61b560a5aadf4578b186c5842c175
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 04:01:26 +00:00
Jinyoung Jeong
21b719cf5a Fix SELinux error for com.google.android.euicc am: f265749f1d am: 225f248217 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: Ia0e36a8c155cb05f00c39b30f401442456f5afea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 04:01:24 +00:00
Jinyoung Jeong
8c7a63a654 Fix SELinux error for com.google.android.euicc am: f265749f1d am: 13cb55bee1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: I73344fc365824886ea32934869591985ea2ffe47
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 03:44:54 +00:00
Jinyoung Jeong
225f248217 Fix SELinux error for com.google.android.euicc am: f265749f1d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: Iafdb146e4a11cb17c47509a567fe338df242b76a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 03:23:24 +00:00
Jinyoung Jeong
51c6b27dd9 Fix SELinux error for com.google.android.euicc am: f265749f1d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: Ib5e025dfaf83647ea62f5cdab53758668129ec3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 03:23:21 +00:00
Jinyoung Jeong
13cb55bee1 Fix SELinux error for com.google.android.euicc am: f265749f1d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22874711

Change-Id: I3d72968e6cf50c8db5a61269f52c2e7ed57888c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-30 03:19:13 +00:00
Jinyoung Jeong
f265749f1d Fix SELinux error for com.google.android.euicc 
Bug: 279548423
Test: http://fusion2/b7c803be-2dca-4195-b91f-6c4939746b5b
Change-Id: Idd231c2412e8f597dea1bfa11f9d1a0fa1e17034
 2023-04-30 02:51:45 +00:00
Android Build Coastguard Worker
01a96b9f64 Snap for 10037196 from ee611cfb51 to udc-qpr1-release 
Change-Id: I302eeac226d0226ecb15baea39590530b211473e
 2023-04-29 03:02:18 +00:00
martinwu
199fa9451d [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: ee611cfb51 am: d78620c18d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891266

Change-Id: Ibbb5b7d7523a6b2deeaab0d30b4e09e860b30e7e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 08:09:07 +00:00
martinwu
d78620c18d [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: ee611cfb51 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891266

Change-Id: I421c48072554bed4f2ec6e4bf57cfac4699fc23f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 07:16:38 +00:00
Android Build Coastguard Worker
85944c5aa0 Snap for 10017868 from 67082a4a05 to udc-qpr1-release 
Change-Id: Id7c2cef32253beb18d603b30fcd5209552d29d03
 2023-04-28 01:06:57 +00:00
Android Build Coastguard Worker
0dfdc9aaef Snap for 10025836 from a43d300aff to udc-release 
Change-Id: Id3e1dac7df33d50c25803226566cb308f14e2ed4
 2023-04-27 23:03:05 +00:00
martinwu
ee611cfb51 [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
 2023-04-27 13:43:26 +00:00
Bruno BELANYI
752c8f528b [automerger skipped] Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff am: 0676395ee0 -s ours am: b78a6effc8 -s ours 
am skip reason: Merged-In Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5 with SHA-1 a43d300aff is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: If8e14a00390818059beec5f77c4257784c0ebda8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 10:02:42 +00:00
Bruno BELANYI
48bfce6770 [automerger skipped] Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 am: 93ef539d30 -s ours am: 8d02cffc9e -s ours 
am skip reason: Merged-In Ief9f33ea3aca3f6b0756c92feb1753462e86b894 with SHA-1 01a2e70a17 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: Ie70ee3fb439d83a27bf8a5977b5f5f10640fa89a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 10:02:37 +00:00
Bruno BELANYI
dfa38d507f [automerger skipped] Add ArmNN config sysprops SELinux rules am: ee3fe73de0 am: bd3d06a0af -s ours am: 6c9cc0c01f -s ours 
am skip reason: Merged-In I90af8201d5fae44f73d709491f272a113b44ca67 with SHA-1 ee3fe73de0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: Id88e8939af83d66dfc15c1fc1308bd1bfdfd1e4f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 10:02:33 +00:00
Bruno BELANYI
8cc305d6a6 [automerger skipped] Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff am: 1f70adac2c am: 515cf2c110 -s ours 
am skip reason: Merged-In Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5 with SHA-1 a43d300aff is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: I33b32f5edf99cecd5c55818e15ca7580aed21640
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 10:01:50 +00:00
Bruno BELANYI
c4944d1ca1 [automerger skipped] Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 am: e213052ee3 am: 86f78f09ff -s ours 
am skip reason: Merged-In Ief9f33ea3aca3f6b0756c92feb1753462e86b894 with SHA-1 01a2e70a17 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: I16444a3229e8ffe1b4376ab863ff468e288455a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 10:01:47 +00:00
Bruno BELANYI
74e3d06b7a [automerger skipped] Add ArmNN config sysprops SELinux rules am: ee3fe73de0 am: 86f6851961 am: bf0f2e0947 -s ours 
am skip reason: Merged-In I90af8201d5fae44f73d709491f272a113b44ca67 with SHA-1 ee3fe73de0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: Ide5f22eaaf4fdbd6a13878f92730f21043003c57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 10:01:06 +00:00
Bruno BELANYI
b78a6effc8 [automerger skipped] Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff am: 0676395ee0 -s ours 
am skip reason: Merged-In Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5 with SHA-1 a43d300aff is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: I3d314fdaeb1f325906ed8482f141a44c8997ae29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:23:34 +00:00
Bruno BELANYI
8d02cffc9e [automerger skipped] Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 am: 93ef539d30 -s ours 
am skip reason: Merged-In Ief9f33ea3aca3f6b0756c92feb1753462e86b894 with SHA-1 01a2e70a17 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: Icebe169540f5cad22cf030e79de328534fb462bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:23:29 +00:00
Bruno BELANYI
6c9cc0c01f [automerger skipped] Add ArmNN config sysprops SELinux rules am: ee3fe73de0 am: bd3d06a0af -s ours 
am skip reason: Merged-In I90af8201d5fae44f73d709491f272a113b44ca67 with SHA-1 ee3fe73de0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: I40e970d1a8b882e0b4eda16255343c8f020e03e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:23:27 +00:00
Bruno BELANYI
515cf2c110 Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff am: 1f70adac2c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: Ie5bf5d771e114b487e3abf2f3cd4e69fc680f156
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:20:28 +00:00
Bruno BELANYI
86f78f09ff Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 am: e213052ee3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: Ibcc4b4dec18db3a1d739aa97317d4c983912afb3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:20:24 +00:00
Bruno BELANYI
bf0f2e0947 Add ArmNN config sysprops SELinux rules am: ee3fe73de0 am: 86f6851961 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: Iad2b1e74a444dc9625318a1359fbd9fe17db39ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:20:20 +00:00
Bruno BELANYI
99d92fb669 [automerger skipped] Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff am: 6745934d1c -s ours 
am skip reason: Merged-In Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5 with SHA-1 bb69b32fc5 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: I1433caeb6f1b132490a73421f4004e5dbabc44ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:19:07 +00:00
Bruno BELANYI
e4c7790cdf [automerger skipped] Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 am: a76bb4240d -s ours 
am skip reason: Merged-In Ief9f33ea3aca3f6b0756c92feb1753462e86b894 with SHA-1 4f1ca4a7ad is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: Ic104dbe1751ad6518b2d73bb50c1fb748dca79da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:19:00 +00:00
Bruno BELANYI
2c680573b1 [automerger skipped] Add ArmNN config sysprops SELinux rules am: ee3fe73de0 am: e94e4513ea -s ours 
am skip reason: Merged-In I90af8201d5fae44f73d709491f272a113b44ca67 with SHA-1 9d61da55a1 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: I018f44498cf901114659d86f241a3f48975ac29c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:18:58 +00:00
Bruno BELANYI
6745934d1c Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: I66bb78102a66eee8490c1dfc095c69c4b6fc09dd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:45:15 +00:00
Bruno BELANYI
a76bb4240d Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: Ia8f409ba3c1c92e8ee8ad206b6284d3d139d9f95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:45:09 +00:00
Bruno BELANYI
1f70adac2c Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: Ifb381f79a52d93792e6f7197b96318fe497b954d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:45:05 +00:00
Bruno BELANYI
e213052ee3 Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: I7d2962067bb15252010771386faa91f654cf4948
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:45:00 +00:00
Bruno BELANYI
e94e4513ea Add ArmNN config sysprops SELinux rules am: ee3fe73de0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: Ie1552d16a42fc3f8ab5557372638708937facb01
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:45:00 +00:00
Bruno BELANYI
86f6851961 Add ArmNN config sysprops SELinux rules am: ee3fe73de0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: I257d7dccaf726da56b5f8125f9cd9bcf9b90003b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:44:55 +00:00
Bruno BELANYI
0676395ee0 Remove 'hal_neuralnetworks_armnn' '/data' access exception am: a43d300aff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786254

Change-Id: Ibe2bf72c2ab156f6c3e08a2dacdb29df51edfdbf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:40:48 +00:00
Bruno BELANYI
93ef539d30 Remove 'hal_neuralnetworks_armnn' sysprop exceptions am: 01a2e70a17 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786660

Change-Id: I7d58cb0fab0fa4fdba7362b5733248a8cf3dad09
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:40:42 +00:00
Bruno BELANYI
bd3d06a0af Add ArmNN config sysprops SELinux rules am: ee3fe73de0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22786979

Change-Id: I9f5909ed237c73266372bb22dc2378dc14f62a79
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:40:38 +00:00
Martin Wu
36bd91a7a3 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 am: ce4a8fe577 am: 13f5aae4c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: I2f53a24417e786de56ac84c3ef6548ce30672aa4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:36:28 +00:00
Martin Wu
c68777af43 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 am: ce2150e7b2 am: d7a89cf3e3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: I5b27f3bca5f7e781c4a9656000d80aeb23507fed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:35:58 +00:00
Bruno BELANYI
a43d300aff Remove 'hal_neuralnetworks_armnn' '/data' access exception 
The mali driver has been configured not to look there anymore.

Bug: 205779871
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:bb69b32fc5b6f468561017f6bd5628626a571696)
Merged-In: Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5
Change-Id: Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5
 2023-04-27 08:06:38 +00:00
Bruno BELANYI
01a2e70a17 Remove 'hal_neuralnetworks_armnn' sysprop exceptions 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:4f1ca4a7ad3895f5a5adc25fc2cf3a532eac79f6)
Merged-In: Ief9f33ea3aca3f6b0756c92feb1753462e86b894
Change-Id: Ief9f33ea3aca3f6b0756c92feb1753462e86b894
 2023-04-27 08:06:38 +00:00
Bruno BELANYI
ee3fe73de0 Add ArmNN config sysprops SELinux rules 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:9d61da55a193a12b7552e67e67d968c46d4dec86)
Merged-In: I90af8201d5fae44f73d709491f272a113b44ca67
Change-Id: I90af8201d5fae44f73d709491f272a113b44ca67
 2023-04-27 08:06:38 +00:00
Martin Wu
13f5aae4c9 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 am: ce4a8fe577 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: I16c9bca5782bcbdb221a2c6fe374a7795ce29c2e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:58:41 +00:00
Martin Wu
93143a8b2f Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 am: 89476a3d15 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: Idd1a577d78a7beab4a8b5830d2dd50de254e4591
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:53:57 +00:00
Martin Wu
d7a89cf3e3 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 am: ce2150e7b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: I6542b0601e929ce584c14f603b01706a1c061575
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:53:57 +00:00
Martin Wu
ce2150e7b2 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: Ibd8ed1afbd64eb0f6d582a2b79cb218b61227f57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:16:02 +00:00
Martin Wu
89476a3d15 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: I3109f9c24e5f0a042c396b8deef9a985695f5e42
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:15:46 +00:00
Martin Wu
ce4a8fe577 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." am: c6d08c1781 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22891378

Change-Id: I8164db9870fc8cbe41b97c7083c3f69b825e99ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:11:47 +00:00
martinwu
8f622ae2ee Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 am: f269ec2d3c am: ffa10212b6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: Icc9f6378b6db3dbe0572cad0decbf92efb56d7fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 03:40:51 +00:00
martinwu
244b41423e Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 am: 364729d86f am: 1d4eedbb94 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: Ib2422d86ecc8e2535f7cd40797b4be24f190e07c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 03:40:29 +00:00
martinwu
ffa10212b6 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 am: f269ec2d3c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: Ib8eff48305a7094ef7387885bbffcc784ce21ba5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 03:03:48 +00:00
martinwu
1d4eedbb94 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 am: 364729d86f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: Ia4071eac19050d651f912a40eb8ce5fdce36cd03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:58:05 +00:00
martinwu
69cfcbc635 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 am: 67495c9b14 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: I8955e62665e7bcd64f07b9350b6a98afcf9b8418
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:57:54 +00:00
Martin Wu
c6d08c1781 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." 
Revert submission 22814097-Fix-tcpdump-sepolicy

Reason for revert: build break

Reverted changes: /q/submissionid:22814097-Fix-tcpdump-sepolicy

Change-Id: I5b1c00cc6a1ae186eb51acc2c99171578c43bace
 2023-04-27 02:20:48 +00:00
martinwu
f269ec2d3c Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: I482ed6a5804bb67140e6b7ad55ed7cfc5591b18a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:18:17 +00:00
martinwu
67495c9b14 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: Ie81e23d283b5e728296390ba7ced6508e15afc40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:17:57 +00:00
martinwu
364729d86f Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common am: b7e90ec616 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22817736

Change-Id: Ib6386af3b162751d71d3af08269eeb2f43c35fe4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:17:46 +00:00
martinwu
b7e90ec616 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I0eb9352e349ae8f06e469e953f137b00204f1c3b
 2023-04-27 01:38:24 +00:00
Android Build Coastguard Worker
30dae42932 Snap for 10017950 from 2b913d29a9 to udc-release 
Change-Id: Ife3262c8a116e30ad5cc59872a2e758c7b791e89
 2023-04-26 23:03:06 +00:00
Wilson Sung
2d40a3dbd1 Update error on ROM 9784808 am: 2b913d29a9 am: f5c3a99197 am: a247b136b6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: I3bcb5b72e8b2ba1ac1594dc95fe951af1dd4f271
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 09:02:54 +00:00
Wilson Sung
64f8546c97 Update error on ROM 9784808 am: 2b913d29a9 am: 67082a4a05 am: 9ee7c5b95a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: Ief787c893a34bf516c6e7d5ad2cf324ba8dbf0f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 09:01:01 +00:00
Wilson Sung
a247b136b6 Update error on ROM 9784808 am: 2b913d29a9 am: f5c3a99197 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: If4a2f3c68104cdf0538734b689541f4ef5106059
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 08:25:13 +00:00
Wilson Sung
9ee7c5b95a Update error on ROM 9784808 am: 2b913d29a9 am: 67082a4a05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: Ica90a6404e513ccdb25b09727f1804258f5b2cd4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 08:19:50 +00:00
Wilson Sung
b78ea852cb Update error on ROM 9784808 am: 2b913d29a9 am: 2daec05481 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: I7ecb3c0e20f7f437de983652ffc3034804deb652
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 08:19:46 +00:00
Wilson Sung
2daec05481 Update error on ROM 9784808 am: 2b913d29a9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: I53f57effc548b312b1447a513d39c0cedc40510b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 07:43:23 +00:00
Wilson Sung
67082a4a05 Update error on ROM 9784808 am: 2b913d29a9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: I9c166ebbe791eb5948fd8676fd8e463d3891ba33
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 07:42:38 +00:00
Wilson Sung
f5c3a99197 Update error on ROM 9784808 am: 2b913d29a9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791801

Change-Id: I24e473bc7a18028dada6465d2e6333fce7433a6f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 07:37:59 +00:00
Wilson Sung
2b913d29a9 Update error on ROM 9784808 
Bug: 274727778
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I56784948658365e8c9ecdf63d163109d8f29e5c3
 2023-04-26 07:00:21 +00:00
Joseph Jang
b318c16604 Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 am: eaee6f1757 am: 6f322ec5e3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: I5245cdac8b2fd2574cfc157e5dda139ae9d52452
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:32:08 +00:00
Joseph Jang
280d6abe33 Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 am: 457cf699d8 am: cc7c5c6395 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: I6cc1acb5a45b44e577081a2cd6f4556ee9046e8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:31:47 +00:00
Joseph Jang
6f322ec5e3 Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 am: eaee6f1757 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: Ibb543ab386fc9ad28096d1d9f01be71aa78e5650
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 04:54:27 +00:00
Joseph Jang
109357f53e Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 am: 1a82f277a8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: I73fce1e46771b04745fd86ece9f8252bbac145d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 04:49:49 +00:00
Joseph Jang
cc7c5c6395 Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 am: 457cf699d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: Id9637e504519b1c750e63a2ec64aabee8910567d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 04:49:48 +00:00
Joseph Jang
457cf699d8 Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: I7202f910327717069a0d925c1268bb66aacee2e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 04:11:57 +00:00
Joseph Jang
1a82f277a8 Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: If26d8b1d603af03114155180884efaaba2de27f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 04:11:52 +00:00
Joseph Jang
eaee6f1757 Move recovery.te to device/google/gs-common/dauntless/sepolicy am: 2a5c26c9b4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22791802

Change-Id: I9af98e544063fdcd2e77ad2a0a48de99489ff310
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 04:07:33 +00:00
Joseph Jang
2a5c26c9b4 Move recovery.te to device/google/gs-common/dauntless/sepolicy 
Bug: 279381809
Change-Id: I80fbd9ef0c7e988de21d07ada57fc6a038b9b585
 2023-04-24 08:05:10 +00:00
Xin Li
df58c50f4e [automerger skipped] Merge Android 13 QPR3 tm-qpr-dev-plus-aosp-without-vendor@9936994 am: 3ea4094def -s ours am: 31724cdda3 -s ours am: e97e77fc5d -s ours am: d07f0c1243 -s ours 
am skip reason: Merged-In I0ecc64407118107860db434f0eb22cab0f55a2ba with SHA-1 b38886146a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22723205

Change-Id: I5bf6d4b969f7ed25500dcace18173513dd46162f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 23:52:29 +00:00
Xin Li
d07f0c1243 [automerger skipped] Merge Android 13 QPR3 tm-qpr-dev-plus-aosp-without-vendor@9936994 am: 3ea4094def -s ours am: 31724cdda3 -s ours am: e97e77fc5d -s ours 
am skip reason: Merged-In I0ecc64407118107860db434f0eb22cab0f55a2ba with SHA-1 b38886146a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22723205

Change-Id: I41e7a30281f6bba495bea79e821d1c857759799f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 23:11:50 +00:00
Xin Li
e97e77fc5d [automerger skipped] Merge Android 13 QPR3 tm-qpr-dev-plus-aosp-without-vendor@9936994 am: 3ea4094def -s ours am: 31724cdda3 -s ours 
am skip reason: Merged-In I0ecc64407118107860db434f0eb22cab0f55a2ba with SHA-1 b38886146a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22723205

Change-Id: I116084046971ddbe9391a67ea014620df2e8578e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 22:34:05 +00:00
Xin Li
31724cdda3 [automerger skipped] Merge Android 13 QPR3 tm-qpr-dev-plus-aosp-without-vendor@9936994 am: 3ea4094def -s ours 
am skip reason: Merged-In I0ecc64407118107860db434f0eb22cab0f55a2ba with SHA-1 b38886146a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22723205

Change-Id: I6218c957148b75ac9f341107dc809176d232a90a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 18:15:13 +00:00
Android Build Coastguard Worker
a478ec1911 Snap for 9981223 from 0f6b14dc95 to udc-release 
Change-Id: Ic5b50a814bd5fe7c6e988316f8796e7f317888d3
 2023-04-20 23:03:13 +00:00
Bruno BELANYI
bb69b32fc5 Remove 'hal_neuralnetworks_armnn' '/data' access exception 
The mali driver has been configured not to look there anymore.

Bug: b/205779871
Test: manual - reboot device and check the absence of AVC denials
Change-Id: Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5
 2023-04-20 09:14:27 +00:00
Bruno BELANYI
4f1ca4a7ad Remove 'hal_neuralnetworks_armnn' sysprop exceptions 
Bug: b/205202540
Test: manual - reboot device and check the absence of AVC denials
Change-Id: Ief9f33ea3aca3f6b0756c92feb1753462e86b894
 2023-04-20 08:14:00 +00:00
Bruno BELANYI
9d61da55a1 Add ArmNN config sysprops SELinux rules 
Bug: b/205202540
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I90af8201d5fae44f73d709491f272a113b44ca67
 2023-04-20 08:14:00 +00:00
Automerger Merge Worker
6a80261045 Merge "rild: allow rild to ptrace am: 0f6b14dc95 am: 5bdbb594be" 2023-04-20 07:39:20 +00:00
jimsun
66c391efa8 rild: allow rild to ptrace am: 0f6b14dc95 am: 5bdbb594be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21876774

Change-Id: Iecc9dd879234cacb2d340e6534a07ebf9994bf2e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 07:39:03 +00:00
jimsun
7aa6e4812e rild: allow rild to ptrace am: 0f6b14dc95 am: c477b46828 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21876774

Change-Id: Ib212d5935c8076fe7f03224c85e4c3621de53b11
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 07:38:55 +00:00
jimsun
c477b46828 rild: allow rild to ptrace am: 0f6b14dc95 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21876774

Change-Id: I47c2a25b8105a26be3579b00a089529f11750f00
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 07:01:15 +00:00
jimsun
5bdbb594be rild: allow rild to ptrace am: 0f6b14dc95 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21876774

Change-Id: I4ec24257f452e475272a9535e1dd21cecf94595a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 07:01:14 +00:00
Android Build Coastguard Worker
f2f54df446 Snap for 9966400 from 4cc8eec22d to udc-release 
Change-Id: I51990a9029ea75df40b5608619d56893f4e00f62
 2023-04-19 01:07:12 +00:00
Xin Li
3ea4094def Merge Android 13 QPR3 tm-qpr-dev-plus-aosp-without-vendor@9936994 
Bug: 275386652
Merged-In: I0ecc64407118107860db434f0eb22cab0f55a2ba
Change-Id: I639a8e3b3933efe9b7fc0fff92aef8bead4bd8a1
 2023-04-18 16:32:09 -07:00
jimsun
0f6b14dc95 rild: allow rild to ptrace 
06-20 18:47:41.940000  8708  8708 I auditd  : type=1400 audit(0.0:7): avc: denied { ptrace } for comm="libmemunreachab" scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0
06-20 18:47:41.940000  8708  8708 W libmemunreachab: type=1400 audit(0.0:7): avc: denied { ptrace } for scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0

Bug: 263757077
Test: manual
Change-Id: I4720650488eca100372d148313e04d6d8950ead5
 2023-04-18 07:48:20 +00:00
Wilson Sung
cc307ef1b9 Update error on ROM 9954737 am: 4cc8eec22d am: 2edb9d804a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22696721

Change-Id: I0ffec124348a2094806b4205e3147ecbd1b88750
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 05:48:06 +00:00
Wilson Sung
4fe1b3fea4 Update error on ROM 9954737 am: 4cc8eec22d am: b70e63a6de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22696721

Change-Id: Iedce528a9e19fd3ee5f04b355619916bfbc612d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 05:46:35 +00:00
Wilson Sung
b70e63a6de Update error on ROM 9954737 am: 4cc8eec22d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22696721

Change-Id: I21e6891828e09955d72558eb942578a13861cd8b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 05:06:12 +00:00
Wilson Sung
2edb9d804a Update error on ROM 9954737 am: 4cc8eec22d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22696721

Change-Id: I5e9980ccb32216b6ee8f504f657bcb4f15ccd7f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 05:06:01 +00:00
Wilson Sung
4cc8eec22d Update error on ROM 9954737 
Bug: 278639040
Bug: 278639040
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I0d71ec80ea0136f90336d8f80cb75b38b61ebced
 2023-04-18 11:27:57 +08:00
Android Build Coastguard Worker
812c74d5fa Snap for 9957928 from c1ee9afdef to udc-release 
Change-Id: I089fe5256cf159734eff891f2ca1a0cd3817977d
 2023-04-18 01:07:27 +00:00
Bruno BELANYI
d0d4e2338f Use restricted vendor property for ARM runtime options am: c1ee9afdef am: be0ea597f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22381562

Change-Id: If5465a44d746b4acea2136e78c3bfcef22781e86
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:57:00 +00:00
Bruno BELANYI
c3ca4867a3 Use restricted vendor property for ARM runtime options am: c1ee9afdef am: 36acecbde7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22381562

Change-Id: I3e55005cbbfc690ac134f2d9bdc8976118e7005f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:55:44 +00:00
Bruno BELANYI
be0ea597f0 Use restricted vendor property for ARM runtime options am: c1ee9afdef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22381562

Change-Id: If2ae2398fae5c8b39e51c2f2f47fb11a95b5b033
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:29:24 +00:00
Bruno BELANYI
36acecbde7 Use restricted vendor property for ARM runtime options am: c1ee9afdef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22381562

Change-Id: I46c362e310af43993bf1b8ae25548933bc5eed80
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:28:51 +00:00
Bruno BELANYI
c1ee9afdef Use restricted vendor property for ARM runtime options 
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I4cd468302da02603cccd9b4b98cb95745129daf5
 2023-04-17 10:59:19 +00:00
Automerger Merge Worker
d433ceedbe Merge "gs201: add sepolicy for ufs_firmware_update process am: 5adecc7433 am: 640fe3d54b" 2023-04-17 10:55:18 +00:00
Leo Liou
eb902aeacf gs201: add sepolicy for ufs_firmware_update process am: 5adecc7433 am: 71068ddd6d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22132666

Change-Id: Ie567ee751958ba760d1bcb28a1271e07604a940e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 10:55:02 +00:00
Leo Liou
f01258567a gs201: add sepolicy for ufs_firmware_update process am: 5adecc7433 am: 640fe3d54b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22132666

Change-Id: I739e82c8f7ba264a2508c53f5873b3698838c9e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 10:55:01 +00:00
Leo Liou
640fe3d54b gs201: add sepolicy for ufs_firmware_update process am: 5adecc7433 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22132666

Change-Id: I5525cba7db182410722e9deb22e490bbec6ed23b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 10:26:03 +00:00
Leo Liou
71068ddd6d gs201: add sepolicy for ufs_firmware_update process am: 5adecc7433 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22132666

Change-Id: I85257a9819bffd0b5a92d3ec1296fc161595a38f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 10:26:02 +00:00
Leo Liou
5adecc7433 gs201: add sepolicy for ufs_firmware_update process 
Allow the script to access the specified partition and sysfs.

Bug: 273305212
Test: full build and test ffu flow
Change-Id: Iefeacea2d4c07e7a5b39713c9575e86bd25ce008
Signed-off-by: Leo Liou <leoliou@google.com>
 2023-04-17 09:58:11 +00:00
Automerger Merge Worker
c56270f9d5 Merge "gs201: Allow GRIL Service to access radio_vendor_data_file am: 1af348b01f am: 3ec6b3f87c" 2023-04-17 06:43:12 +00:00
kadirpili
6af5322499 gs201: Allow GRIL Service to access radio_vendor_data_file am: 1af348b01f am: 3ec6b3f87c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22213304

Change-Id: I30adc7e3dffe3e5d66029e5f61cba35d7a69026f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 06:43:08 +00:00
kadirpili
ee636f7f9b gs201: Allow GRIL Service to access radio_vendor_data_file am: 1af348b01f am: 52bceb2b75 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22213304

Change-Id: Ie97cf4b502684f82ffce4b023f0bd1a96add98a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 06:43:02 +00:00
kadirpili
52bceb2b75 gs201: Allow GRIL Service to access radio_vendor_data_file am: 1af348b01f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22213304

Change-Id: Id769672ecd92451c14f8daad175efeecd5cbd3fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 06:15:50 +00:00
kadirpili
3ec6b3f87c gs201: Allow GRIL Service to access radio_vendor_data_file am: 1af348b01f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22213304

Change-Id: Ibd5ad2e0a5875b642e7788823a83977d487c2aae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 06:15:48 +00:00
kadirpili
1af348b01f gs201: Allow GRIL Service to access radio_vendor_data_file 
Bug: 274737512
Change-Id: I1c0b045f8a25c5d58be02c2036d2fcaad7d9a8e7
 2023-04-14 06:57:50 +00:00
Xin Li
e3607f709f [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours am: ba5a2d3863 -s ours am: 551330137f -s ours am: c28af0a680 -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: Ieed9c2e6267f8a95374a2d1c6d074e4f54625438
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 03:34:33 +00:00
Xin Li
b41e126164 [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours am: ba5a2d3863 -s ours am: 551330137f -s ours am: 2540d05123 -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: I175f90fe461f77dc192fee9e87b41665c9f2b0b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 02:55:04 +00:00
Android Build Coastguard Worker
e481690bf4 Snap for 9930594 from 551330137f to udc-release 
Change-Id: I43231cbd93f10dd76f6d6d9c30ced17669127200
 2023-04-13 01:16:08 +00:00
Xin Li
0d3a4054cf [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours am: ba5a2d3863 -s ours am: 551330137f -s ours am: c28af0a680 -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: I1ae6566fa3c11cbfbad857bcc460e0dcb30704e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 21:36:55 +00:00
Xin Li
2540d05123 [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours am: ba5a2d3863 -s ours am: 551330137f -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: I3e21b3af19e14ed50e8d714ffe6ddff1c1f0543e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 21:13:21 +00:00
Xin Li
c28af0a680 [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours am: ba5a2d3863 -s ours am: 551330137f -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: If238593b7e3a51bc35d829c8847b32d477b421e7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 21:08:47 +00:00
Xin Li
551330137f [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours am: ba5a2d3863 -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: Iefd6904aee50936e373590b4d54f492986aaf4dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 20:57:09 +00:00
Xin Li
ba5a2d3863 [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: I12f4ac63bb185203b115ae3f77ade5588bd50b10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 20:23:00 +00:00
Xin Li
4c44de9655 Merge TQ2A.230405.003 am: 8cff198ae3 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: Ibeb863ad3557474eed5f5c8a529f12ed3c8c7768
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 19:00:58 +00:00
Minchan Kim
c322d9fa8f remove dump_gs201 sepolicy am: dc35b4158b am: 995f5bee72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529799

Change-Id: I1349661ebde38934f4d274a460e1ca63a033497d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 10:18:26 +00:00
Minchan Kim
ad34df4da4 move vendor_cma_debugfs into gs-common am: b7393fd8d8 am: 1dbb72a1b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529798

Change-Id: I268fec04d07ef96c40235793d73d861fc8d9a1c6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 10:18:15 +00:00
Minchan Kim
995f5bee72 remove dump_gs201 sepolicy am: dc35b4158b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529799

Change-Id: I1f86e778ac640c3deddd3520c2573794e243e887
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 09:49:14 +00:00
Minchan Kim
1dbb72a1b2 move vendor_cma_debugfs into gs-common am: b7393fd8d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529798

Change-Id: Ibc6f0f1cc047271a2db924669239b33c34860c91
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 09:49:08 +00:00
Minchan Kim
6460734ac9 remove dump_gs201 sepolicy am: dc35b4158b am: 84a917c01c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529799

Change-Id: I51a7f4f8b3c75a8952cfd6dc67a071c7e8ec82cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 07:17:45 +00:00
Minchan Kim
40c2aaf913 move vendor_cma_debugfs into gs-common am: b7393fd8d8 am: d55660c311 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529798

Change-Id: Ibcbfd3a4e97f83c90e05e8eeb2b4628947c8772c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 07:17:37 +00:00
Minchan Kim
84a917c01c remove dump_gs201 sepolicy am: dc35b4158b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529799

Change-Id: Ibe6ea359df9c31166b616ebc0b488e27ecc74184
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 06:58:24 +00:00
Minchan Kim
d55660c311 move vendor_cma_debugfs into gs-common am: b7393fd8d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22529798

Change-Id: I0a82d9378491a6fa0c785c96375b92d2dec3acd0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 06:58:18 +00:00
Minchan Kim
dc35b4158b remove dump_gs201 sepolicy 
Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I39c01692d959a63c091f98969a69ab35b2debe1a
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 06:09:00 +00:00
Minchan Kim
b7393fd8d8 move vendor_cma_debugfs into gs-common 
The CMA dump is common feature for pixel devices so move
it to gs-common.

Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I3997e27e3037f013338de5bc36687c63338769aa
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 06:09:00 +00:00
Android Build Coastguard Worker
192188b6af Snap for 9921839 from 3430e752af to udc-release 
Change-Id: I7ef59067521f575ed65c134d11490533950a1de8
 2023-04-12 01:07:33 +00:00
Tommy Kardach
e501cceb8c Update sepolicy for Camera HAL am: 3430e752af am: 3bbb950763 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22195719

Change-Id: I1a719111143b20700109f6ab539dac45074319fd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 21:17:22 +00:00
Tommy Kardach
ec32e0e2e0 Update sepolicy for Camera HAL am: 3430e752af am: 9905ae28fb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22195719

Change-Id: I664999ebf37fbf991a86599702cd4b52133016fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 21:17:04 +00:00
Tommy Kardach
3bbb950763 Update sepolicy for Camera HAL am: 3430e752af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22195719

Change-Id: Id716b3b93066f70536e0f89e25b89bc2566141a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 20:28:17 +00:00
Tommy Kardach
9905ae28fb Update sepolicy for Camera HAL am: 3430e752af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22195719

Change-Id: I8131586dd90dc3220f03fe8cf7231e8abb5ad6e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 20:28:06 +00:00
Tommy Kardach
3430e752af Update sepolicy for Camera HAL 
Edit SE policay for WHI_PRO to allow
camera HAL to acquire wake locks

Bug: 249567788
Test: Flash and manual testing
Change-Id: I450b0b53000c5b9649e354350ec80af3528120fb
 2023-04-11 19:45:33 +00:00
Xin Li
8cff198ae3 Merge TQ2A.230405.003 
Bug: 271343657
Merged-In: I971732c6a40700a85df61170dcf1c3660307b96c
Change-Id: I33994bb345a46d8ac3f3a751fdff402f4ce5c68f
 2023-04-10 23:55:29 -07:00
Adam Shih
95cdfd3da0 Remove obsolete entries am: 5a0bb72bf0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22565696

Change-Id: Icbe7ec85a888e60af1e8a7d8c038bf01a0c7aa49
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 05:21:21 +00:00
Adam Shih
5a0bb72bf0 Remove obsolete entries 
Bug: 268147113
Bug: 237491813
Bug: 239484651
Bug: 268566483
Test: adb bugreport
Change-Id: Iceafe7e413a3ffe5d342a222f76093c7110639e6
 2023-04-11 11:29:41 +08:00
Android Build Coastguard Worker
88ab851ff7 Snap for 9914775 from 9519323a98 to udc-release 
Change-Id: I95eb59e365501a4ac0fc73a56a85dee48cd9feec
 2023-04-11 01:07:34 +00:00
Automerger Merge Worker
5f305e8452 Merge "use dumpsate from gs-common am: 9519323a98 am: 15ec2c4d63" 2023-04-10 02:14:43 +00:00
Adam Shih
bbc7bc114b use dumpsate from gs-common am: 9519323a98 am: 00147ddada 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524762

Change-Id: I35250abf480d470ba54aca90ba5876b709cd3e3e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 02:14:18 +00:00
Adam Shih
4f2fd2036b use dumpsate from gs-common am: 9519323a98 am: 15ec2c4d63 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524762

Change-Id: I523bd4fe62ad9afd70221815d92c6b57c7c39ccc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 02:14:16 +00:00
Automerger Merge Worker
55e8bfefdb Merge "Update error on ROM 9890523 am: 4d92dd61f2 am: c2bace2e28" 2023-04-10 02:14:09 +00:00
Wilson Sung
df01229b30 Update error on ROM 9890523 am: 4d92dd61f2 am: c2bace2e28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524766

Change-Id: Id4e909e00fba1e2cbdd14cb7e4b8265a4d528885
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 02:14:06 +00:00
Wilson Sung
e8eed0c814 Update error on ROM 9890523 am: 4d92dd61f2 am: 842cc3f0ac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524766

Change-Id: Icd7d91d34c2987bfb204df56c065c3cfa19d1dad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 02:13:59 +00:00
Adam Shih
15ec2c4d63 use dumpsate from gs-common am: 9519323a98 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524762

Change-Id: I236bbd1daad4c2fdd804fb65c5791074f157a983
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 01:46:27 +00:00
Adam Shih
00147ddada use dumpsate from gs-common am: 9519323a98 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524762

Change-Id: Ife90f52149915ad7bffc5e542c7507f774e279b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 01:46:23 +00:00
Wilson Sung
842cc3f0ac Update error on ROM 9890523 am: 4d92dd61f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524766

Change-Id: I05877b25da3e5baa4dffc4cc3e0cd69808b7cb70
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 01:46:15 +00:00
Wilson Sung
c2bace2e28 Update error on ROM 9890523 am: 4d92dd61f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22524766

Change-Id: I8622af2b6d6bdee27a378a2e92efeaeb0125aa75
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 01:46:02 +00:00
Adam Shih
9519323a98 use dumpsate from gs-common 
Bug: 273380985
Test: adb bugreport
Change-Id: Ibd54c0049480810e2aa14074e0ec9c4d611d51ff
 2023-04-10 01:11:14 +00:00
Wilson Sung
4d92dd61f2 Update error on ROM 9890523 
Bug: 277155245
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Iffbc691cff0e3a8d19ca3acef918cb4c1243feae
 2023-04-07 07:07:40 +00:00
Android Build Coastguard Worker
b1c5b8614b Snap for 9899401 from 187dcc4e08 to udc-release 
Change-Id: I689e33926c87d68f53ca18a2ee4399117b7c7fbf
 2023-04-07 01:07:53 +00:00
Victor Liu
a27d58d3de uwb: add permission for ccc ranging am: 187dcc4e08 am: 88e12f2f08 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21965706

Change-Id: I198a37b959233e42e1d49499f6893ffc86dbb533
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 22:10:20 +00:00
Victor Liu
34c2aef8ae uwb: add permission for ccc ranging am: 187dcc4e08 am: 1b1128bd55 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21965706

Change-Id: I8b5ae028d2a9fe7abc7c700e3a7d484491645f2a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 22:09:06 +00:00
Victor Liu
1b1128bd55 uwb: add permission for ccc ranging am: 187dcc4e08 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21965706

Change-Id: I56e876d5f45045d887be9d8812f72f8ad8dd50b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 21:29:19 +00:00
Victor Liu
88e12f2f08 uwb: add permission for ccc ranging am: 187dcc4e08 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21965706

Change-Id: I44c6a7083e8c950c2bc2a7c95dd6a737dd5964ec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 21:29:09 +00:00
Victor Liu
187dcc4e08 uwb: add permission for ccc ranging 
Bug: 255649425
Change-Id: I83ce369e52f382d76723b2b045e09607483a0a6a
 2023-04-06 20:57:42 +00:00
Automerger Merge Worker
38d3e8417a Merge "Support sending vendor command to GL852G via libusbhost am: 1f54dc7256 am: dabd899063" 2023-04-06 02:51:35 +00:00
Roy Luo
4c46852517 Support sending vendor command to GL852G via libusbhost am: 1f54dc7256 am: dabd899063 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22129755

Change-Id: If00abdd11648983d5b41450a3f0d883f9541a7cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 02:51:28 +00:00
Roy Luo
e48dafb3f0 Support sending vendor command to GL852G via libusbhost am: 1f54dc7256 am: 4b7fa3fe06 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22129755

Change-Id: I96e444f1592fdd6dc6c52505dda1db15dc7e8ade
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 02:51:26 +00:00
Roy Luo
4b7fa3fe06 Support sending vendor command to GL852G via libusbhost am: 1f54dc7256 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22129755

Change-Id: Ib56fd37ddbe745c4753c038e30558aa217e6cdd2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 02:23:12 +00:00
Roy Luo
dabd899063 Support sending vendor command to GL852G via libusbhost am: 1f54dc7256 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22129755

Change-Id: Icc5b3e6ede7b2dc3de136b35a82dc6edca8e55e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 02:23:09 +00:00
Roy Luo
1f54dc7256 Support sending vendor command to GL852G via libusbhost 
libusbhost need access to USB device fs.

Bug: 261923350
Test: no audit log in logcat after command execution
Change-Id: I4b0c8cc750eff12d2494504f9f215d5b1bab35fd
 2023-04-06 01:54:13 +00:00
feiyuchen
903e3fd823 Allow camera HAL to access edgetpu_app_service in gs201 am: 0161b6fbfa am: e9ef3e9409 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22462510

Change-Id: I08e9a41df93ddb0619e2ff5846acc7cc6b34f725
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 00:11:02 +00:00
feiyuchen
bb973ca03a Allow camera HAL to access edgetpu_app_service in gs201 am: 0161b6fbfa am: 75b17801c5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22462510

Change-Id: I7db08fb5acb688d60b24b155af5b4bb824493caf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 00:07:15 +00:00
feiyuchen
e9ef3e9409 Allow camera HAL to access edgetpu_app_service in gs201 am: 0161b6fbfa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22462510

Change-Id: I0a4d400fd800e3d19eaf34f4cec607ece4897e7a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 23:34:24 +00:00
feiyuchen
75b17801c5 Allow camera HAL to access edgetpu_app_service in gs201 am: 0161b6fbfa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22462510

Change-Id: I9f030286a6e9633bd35dfa39920d8c594492eda7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-05 23:25:45 +00:00
feiyuchen
0161b6fbfa Allow camera HAL to access edgetpu_app_service in gs201 
We are seeing SELinux error b/276911450. It turns out that I only added the SE policy for 2023 device ag/22248613, but I forgot to add it for gs101 and gs201. So I created this CL.

See more background in ag/22248613.

Test: For gs201, I tested on my Pixel7 and I saw no more error. For gs101, I just did mm.
Bug: 275016466
Bug: 276911450
Change-Id: I223770eb0bc7e09a5dfb4f4188b7fc605c3d1a61
 2023-04-04 21:32:06 +00:00
Android Build Coastguard Worker
f312fd9734 Snap for 9867821 from 33b2f0043c to udc-release 
Change-Id: I8323ce06a3d577429ad8cd9974367c27fff23659
 2023-04-01 05:09:27 +00:00
Wilson Sung
55603f54c1 Update SELinux error am: 33b2f0043c am: 6aa3aeaf9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22357289

Change-Id: I08203bcd0d8cc3eca5904c14fd1592294a223bd0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 06:02:16 +00:00
Wilson Sung
2af1755962 Update SELinux error am: 33b2f0043c am: cc4e8cdabe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22357289

Change-Id: Ib827e4e2c8aa3473c22ec0029ac0208a092f46b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 06:00:54 +00:00
Wilson Sung
cc4e8cdabe Update SELinux error am: 33b2f0043c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22357289

Change-Id: Ib4fd85fa779ca4a177fcbb3efbea548271b24bbc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 05:23:15 +00:00
Wilson Sung
6aa3aeaf9e Update SELinux error am: 33b2f0043c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22357289

Change-Id: I88e660fe6faa40577415334787a3115752896a60
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-31 05:19:20 +00:00
Wilson Sung
33b2f0043c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 276386138
Bug: 276385494
Change-Id: Idcd05416ca84e0b47629637f8d3287a40d80a6ab
 2023-03-31 10:55:21 +08:00
Android Build Coastguard Worker
2b73891134 Snap for 9853495 from 933e6a172b to udc-release 
Change-Id: I1a967e87e9b797bc32e131cf15ba47d17e869e60
 2023-03-31 01:07:51 +00:00
Adam Shih
9ee2795e43 Move power dump out of hal_dumpstate_default am: 933e6a172b am: f690cc6219 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22326747

Change-Id: Id3408f9c895fd3a560dd8be9fe07516d9bc08879
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 20:04:31 +00:00
Adam Shih
f690cc6219 Move power dump out of hal_dumpstate_default am: 933e6a172b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22326747

Change-Id: I3f14e221b24d8f526d99846a5fe9d13aac87ed31
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 19:07:32 +00:00
Adam Shih
80f7e61e32 Move power dump out of hal_dumpstate_default am: 933e6a172b am: 1b78d6458a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22326747

Change-Id: Ia1d96ab4719d21e1d995c22a3b96568f6a295483
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 18:57:30 +00:00
Adam Shih
1b78d6458a Move power dump out of hal_dumpstate_default am: 933e6a172b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22326747

Change-Id: Ia72529a82541d2824e4690d31f926a1d41e24183
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 18:25:50 +00:00
Android Build Coastguard Worker
9792825822 Snap for 9849129 from bb30528185 to udc-release 
Change-Id: I9cb97fd2ba2c43ece3c168f96e7f60bf6896c611
 2023-03-30 03:02:36 +00:00
Adam Shih
933e6a172b Move power dump out of hal_dumpstate_default 
Bug: 273380509
Test: adb bugreport
Change-Id: I0963af3f8f90b4f05724df31017b0d21d10c59ca
 2023-03-30 02:20:37 +00:00
Wilson Sung
2a9a483233 Update SELinux error am: bb30528185 am: dc9266924b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22323069

Change-Id: I58e46ed7f54b1d421763c522f4560914572db8aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 07:32:15 +00:00
Wilson Sung
c009acebd2 Update SELinux error am: bb30528185 am: fda66eadf9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22323069

Change-Id: Iac985f8bb56ce7e404e81b3731bf18467f488c52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 07:31:53 +00:00
Wilson Sung
dc9266924b Update SELinux error am: bb30528185 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22323069

Change-Id: I57af757a9c07d08ef7cba9a27caa38f6179d80d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 07:07:56 +00:00
Wilson Sung
fda66eadf9 Update SELinux error am: bb30528185 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22323069

Change-Id: I09e03d3f246c3662b7b7c573522259705071681b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 07:06:42 +00:00
Wilson Sung
af70e8ee32 Merge "Update SELinux error" to master 
Test: SELinuxUncheckedDenialBootTest
Bug: 275645892
Change-Id: Ib6aa5d2fe4a401cadc02a60b06725156f37aaccf
 2023-03-29 12:25:55 +08:00
Wilson Sung
bb30528185 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 275645892
Change-Id: Ib6aa5d2fe4a401cadc02a60b06725156f37aaccf
 2023-03-29 10:49:39 +08:00
Adam Shih
2012a3945b create a dump for gs201 am: a334895789 am: d684dbf72d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22308282

Change-Id: I25e58235c2787e00d70ec88499d5a0675f447e50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 01:13:18 +00:00
Adam Shih
0090a4eb03 create a dump for gs201 am: a334895789 am: 5d152e53f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22308282

Change-Id: I47bbf9deb937b5dbad6f455338e192495dbe6ae3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 01:12:27 +00:00
Adam Shih
d684dbf72d create a dump for gs201 am: a334895789 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22308282

Change-Id: Ic07a72d7db7adc85f7dccfa4ce55c43e246fc09d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:47:22 +00:00
Adam Shih
5d152e53f0 create a dump for gs201 am: a334895789 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22308282

Change-Id: I6a9720fcf9532dc164c9b138c55030a12c08793a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:43:49 +00:00
Adam Shih
a334895789 create a dump for gs201 
Bug: 273380509
Test: adb bugreport
Change-Id: Ic47e0d43d9a5aef4381880eabbba74633ee260a1
 2023-03-28 12:52:52 +08:00
Android Build Coastguard Worker
4ba65ca4a3 Snap for 9830776 from 86faa5607c to udc-release 
Change-Id: I62de9afa7b11d6f3fc861c3e516ed1c4d78fd770
 2023-03-28 01:07:29 +00:00
Adam Shih
ebe5c46a6c [automerger skipped] use radio dump in gs-common am: 86faa5607c am: b1d0b4878e -s ours 
am skip reason: Merged-In I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4 with SHA-1 86faa5607c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22248646

Change-Id: I08f83ad1da2947782894f059ed8226f42bbbcf42
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:53:13 +00:00
Adam Shih
67da5ed0e7 [automerger skipped] use radio dump in gs-common am: 86faa5607c am: 0f15253ceb -s ours 
am skip reason: Merged-In I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4 with SHA-1 0350bd250b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22248646

Change-Id: If2a23d3f61b342f2ea60c3a5d7d45fd8567228b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:52:45 +00:00
Adam Shih
0f15253ceb use radio dump in gs-common am: 86faa5607c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22248646

Change-Id: I501ba2e2e98842372bf5b7bb7dde77bc77419729
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:28:25 +00:00
Adam Shih
b1d0b4878e use radio dump in gs-common am: 86faa5607c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22248646

Change-Id: Iaefd21e2a738481e474f14b8e5110a99ab866bfa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:28:16 +00:00
Adam Shih
86faa5607c use radio dump in gs-common 
Bug: 273380509
Test: adb bugreport
Change-Id: I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4
Merged-In: I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4
 2023-03-27 03:19:49 +00:00
Adam Shih
0350bd250b use radio dump in gs-common 
Bug: 273380509
Test: adb bugreport
Change-Id: I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4
 2023-03-27 02:55:56 +00:00
Android Build Coastguard Worker
5d645606c0 Snap for 9815702 from dcc7112f6f to udc-release 
Change-Id: I0874c38ef38b00b09f17c2db13fc08c27c4fc476
 2023-03-25 03:03:06 +00:00
Wilson Sung
6967fc0e85 Update SELinux error am: dcc7112f6f am: b6c0387763 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22244005

Change-Id: I9ec89805e6a0f27a0eba3eb0908858f1c548e25d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:06:11 +00:00
Wilson Sung
4d5e775dca Update SELinux error am: dcc7112f6f am: da3cb0debc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22244005

Change-Id: Ifaba927f97a26c3c1d13d1d5846493e5f8f50c04
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:05:52 +00:00
Wilson Sung
da3cb0debc Update SELinux error am: dcc7112f6f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22244005

Change-Id: Icd2f241bd9aad1862a6a1aee0008194cf8876cb6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 05:39:16 +00:00
Wilson Sung
b6c0387763 Update SELinux error am: dcc7112f6f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22244005

Change-Id: I77fdbc1a802f24db742e417028cb5fec38073248
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 05:39:05 +00:00
Wilson Sung
dcc7112f6f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 275001783
Change-Id: I6514b7efbd02a5ddcb65ab329f0f01cc2d61e50a
 2023-03-24 11:11:48 +08:00
Automerger Merge Worker
fc25a3a6dc Merge "Allow fingerprint hal to read sysfs_leds am: ba0b76de16 am: 23e3bb495b" 2023-03-24 03:09:27 +00:00
Kris Chen
c7756f2d74 Allow fingerprint hal to read sysfs_leds am: ba0b76de16 am: 23e3bb495b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22175407

Change-Id: I05a311a8f35d5d4361f3a9d2105f7d0b18fde93b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 03:09:06 +00:00
Kris Chen
717c835aef Allow fingerprint hal to read sysfs_leds am: ba0b76de16 am: a5720137e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22175407

Change-Id: Ib085c19af0c417c6b0c7b79e263be5e27f26b624
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 03:09:03 +00:00
Kris Chen
a5720137e4 Allow fingerprint hal to read sysfs_leds am: ba0b76de16 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22175407

Change-Id: Iea5c36950b8b9584fb0a1b0e7c1e5f59828474c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 02:41:39 +00:00
Kris Chen
23e3bb495b Allow fingerprint hal to read sysfs_leds am: ba0b76de16 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22175407

Change-Id: I70086ed3ce7102c42f54f5a4c22e0064ae1ac891
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 02:41:26 +00:00
Kris Chen
ba0b76de16 Allow fingerprint hal to read sysfs_leds 
Fix the following avc denials:
avc: denied { search } for name="backlight" dev="sysfs" ino=79316
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=dir permissive=1

avc: denied { read } for name="state" dev="sysfs" ino=79365
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=file permissive=1

Bug: 271072126
Test: Authenticate fingerprint.
Change-Id: I9f346cb72ef660712b2bfb610df959667958c36a
 2023-03-24 02:06:34 +00:00
Android Build Coastguard Worker
0a54404aed Snap for 9803320 from 1cdfdb4262 to udc-release 
Change-Id: Ieb88df9f5c78434e2da34253caff470230ee89ef
 2023-03-24 01:07:38 +00:00
Adam Shih
54dc0fc467 use gs-common gps dump am: 1cdfdb4262 am: b48c15ff36 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22191063

Change-Id: I68e2a5af91c631e505a6c25080785d4fc0cf42e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 03:36:47 +00:00
Adam Shih
00ed6cdea5 use gs-common gps dump am: 1cdfdb4262 am: aa35944b12 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22191063

Change-Id: I52ee4e155cc5f45b8d42b50de6c45f288a9dc1ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 03:35:55 +00:00
Adam Shih
aa35944b12 use gs-common gps dump am: 1cdfdb4262 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22191063

Change-Id: I9395a66fb14873a919f00bb0a04f01756b774a8a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 02:56:31 +00:00
Adam Shih
b48c15ff36 use gs-common gps dump am: 1cdfdb4262 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22191063

Change-Id: I4e295cfc2630dcd368cc4be3e1211036f32c907d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 02:56:26 +00:00
Adam Shih
1cdfdb4262 use gs-common gps dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I7d5fa2f086aeab1b94fe33b3f419d5fb58bfbda5
 2023-03-22 12:26:10 +08:00
Android Build Coastguard Worker
7feafab6b7 Snap for 9786938 from 28503a8706 to udc-release 
Change-Id: Ief28677f11cb286fb07aed26fc074e2751da9f92
 2023-03-22 01:07:28 +00:00
Jörg Wagner
19ca52ea29 [automerger skipped] Update Mali DDK to r40 : Additional SELinux settings am: 28503a8706 am: 8f5f03eeb5 -s ours 
am skip reason: Merged-In I75457d2d4f6e37bdd85329bac7fd81327cfff628 with SHA-1 4183daf7f1 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22168613

Change-Id: I141a4e61d3ba42ea184cb2507e590bfa7a21db22
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 16:10:59 +00:00
Jörg Wagner
c7f22ca114 [automerger skipped] Update Mali DDK to r40 : Additional SELinux settings am: 28503a8706 am: d1718d8d04 -s ours 
am skip reason: Merged-In I75457d2d4f6e37bdd85329bac7fd81327cfff628 with SHA-1 4183daf7f1 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22168613

Change-Id: Ic96cb8d97ba5e7c4da5f163b60c88c17f2d63ae6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 16:08:45 +00:00
Jörg Wagner
8f5f03eeb5 Update Mali DDK to r40 : Additional SELinux settings am: 28503a8706 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22168613

Change-Id: I61e2dca3144b674837260726d2a40f7518908a44
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 15:15:22 +00:00
Jörg Wagner
d1718d8d04 Update Mali DDK to r40 : Additional SELinux settings am: 28503a8706 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22168613

Change-Id: I06c48978bfc9e9090c20b2277665d9ef717976e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 15:14:19 +00:00
Jörg Wagner
28503a8706 Update Mali DDK to r40 : Additional SELinux settings 
Expose DDK's dynamic configuration options through the Android Sysprop
interface, following recommendations from Arm's Android Integration
Manual.

Bug: 261718474

(cherry picked from commit 4183daf7f1)
Merged-In: I75457d2d4f6e37bdd85329bac7fd81327cfff628
Change-Id: Ic40d6576537fc6699e3315040236e79aba16af18
 2023-03-21 10:32:25 +00:00
Adam Shih
2562feaa75 use gxp dump in gs-common am: 831323cd81 am: 163e5b3007 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22162945

Change-Id: I0e4e7dd65ff004642b265787d59cfb7d854a7420
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 06:33:24 +00:00
Adam Shih
1e56e72571 use gxp dump in gs-common am: 831323cd81 am: e71e5e62a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22162945

Change-Id: I5d54ae54ab175a310214884a1b18e95b8952da82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 06:32:32 +00:00
Adam Shih
e71e5e62a2 use gxp dump in gs-common am: 831323cd81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22162945

Change-Id: Idc6b90daf364952e2310b5cb0fa22b8a74e6d912
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 05:56:50 +00:00
Adam Shih
163e5b3007 use gxp dump in gs-common am: 831323cd81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22162945

Change-Id: I9e1c29af9a46078b0c3dfead685bd6e5563f88c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 05:56:50 +00:00
Adam Shih
831323cd81 use gxp dump in gs-common 
Bug: 273380509
Test: adb bugreport;unzip *zip;tar -xvf dumpstate_board.bin
And found gxp content

Change-Id: I5a1e77f756a0ec045a578c4ca9bced689d8d9d9c
 2023-03-21 11:19:21 +08:00
Android Build Coastguard Worker
17216931e8 Snap for 9781601 from 0f80193c30 to udc-release 
Change-Id: Id7cda66bba42b14807c6cf807937de696ae69bea
 2023-03-21 03:02:43 +00:00
Adam Shih
0791faa817 use gs-common camera dump am: 0f80193c30 am: 2cd0183e7e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22137346

Change-Id: Ic95a6c7372443723ac65b6e67df7ba05d5ac7975
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 02:20:24 +00:00
Adam Shih
8c1df0fc78 use gs-common camera dump am: 0f80193c30 am: 4de779d45a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22137346

Change-Id: I966c91b4fa308b3dee797014f7213def46643eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 02:14:51 +00:00
Adam Shih
4de779d45a use gs-common camera dump am: 0f80193c30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22137346

Change-Id: Ief2f031cb226d591612d3f8146c24df7607b84d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 01:35:54 +00:00
Adam Shih
2cd0183e7e use gs-common camera dump am: 0f80193c30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22137346

Change-Id: Ib7046a50e676cf4b2aa0e15e9460697cb044226d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 01:35:29 +00:00
Adam Shih
0f80193c30 use gs-common camera dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I925fbbba81a92689c4590df4a8d7529cc8b57bf8
 2023-03-20 11:14:44 +08:00
Android Build Coastguard Worker
faa5767549 Snap for 9769041 from 0e62b47df9 to udc-release 
Change-Id: I8f7bef2405b5cc1320521b09877824db82b92b21
 2023-03-18 03:02:51 +00:00
Mahesh Kallelil
19f4816274 Update selinux-policy for ModemService. am: 0e62b47df9 am: cf1afa5dfc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22113896

Change-Id: I0214b64f864c2dc8cce699b41536bf18a9ee9a69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:48:44 +00:00
Mahesh Kallelil
b7e0f8bc3e Update selinux-policy for ModemService. am: 0e62b47df9 am: 2b85d35a96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22113896

Change-Id: I2a724808310b0ac341749dc1ae4994746d8fc0de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:47:49 +00:00
Mahesh Kallelil
2b85d35a96 Update selinux-policy for ModemService. am: 0e62b47df9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22113896

Change-Id: I0fc4b26791747306d5cef4a54dd31cf1ac6e7812
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:11:39 +00:00
Mahesh Kallelil
cf1afa5dfc Update selinux-policy for ModemService. am: 0e62b47df9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22113896

Change-Id: I98310e3d9f8f66aa856dcecacf96a4d648f6a72c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:11:34 +00:00
Mahesh Kallelil
0e62b47df9 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I0915969bfa6354e1884088476fc59cd8027bd2f1
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:33:46 +00:00
Android Build Coastguard Worker
b982e79459 Snap for 9754537 from f5a068e2bf to udc-release 
Change-Id: I9b828e1f6e6dd6223184ea37ad2df5d2391b4664
 2023-03-16 03:02:31 +00:00
Adam Shih
ce9cc4d0e0 use gs-common soc dump am: f5a068e2bf am: 9c3074e3f9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21990027

Change-Id: I4a9b0e3b129eda6485149b3b87db1216d879acc7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:28:17 +00:00
Enzo Liao
b7baddf4af SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a am: 7640930323 am: 3ff7d6817f am: 4d74dacac3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: I2d7fcf2cc77be1aa3b6a91a3659b94f6abf83f0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:27:32 +00:00
Adam Shih
3fd2d86d64 use gs-common soc dump am: f5a068e2bf am: 064e367b82 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21990027

Change-Id: Ibfc6d67cb00082fd5fff97e71f81da6cb47bd341
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:26:44 +00:00
Enzo Liao
caa886e965 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a am: 7640930323 am: 3ff7d6817f am: 22efd926d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: Ic09c14391a6e65ebb0dfd2dbc2e91fc120d8e8e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:26:23 +00:00
Adam Shih
064e367b82 use gs-common soc dump am: f5a068e2bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21990027

Change-Id: I856ec1381e2f592d127bfde63a2ba44940e4002c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:11:48 +00:00
Adam Shih
9c3074e3f9 use gs-common soc dump am: f5a068e2bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21990027

Change-Id: Id94cd2aa1d69de40ddb160f0160b81e756d1ace0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:11:47 +00:00
Adam Shih
f5a068e2bf use gs-common soc dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I81cd197c1a7c9f19ad9a3c30b65b4499de04b184
 2023-03-15 05:59:09 +00:00
Enzo Liao
4d74dacac3 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a am: 7640930323 am: 3ff7d6817f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: I6133687f15f9f6dbfb231c545b22bb4dc1073978
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 05:53:10 +00:00
Enzo Liao
22efd926d7 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a am: 7640930323 am: 3ff7d6817f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: I9cd987c8cf51b94ff0fb3270c6edf4ca8c8f045c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 05:53:07 +00:00
Enzo Liao
3ff7d6817f SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a am: 7640930323 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: I3e0cea14177bac92af9113a6aeeb9bd0970e7068
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 05:14:55 +00:00
Enzo Liao
7640930323 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: I763de4896af0f56204d91b874d6aae2519c5e9db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 04:38:42 +00:00
Automerger Merge Worker
6cf423818e Merge "[automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours am: 67621bec34 -s ours am: 79f362de88 -s ours am: 48ab6c0f3a -s ours" 2023-03-15 02:14:44 +00:00
Xin Li
b6b2cd38c6 [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours am: 67621bec34 -s ours am: 79f362de88 -s ours am: 48ab6c0f3a -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: Ie7d68684afc9e1b1734fe03b768e34fc7c8794f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 02:03:52 +00:00
Xin Li
87505758f7 [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours am: 67621bec34 -s ours am: 79f362de88 -s ours am: ed5b439993 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: I94a274625cac44652c8368348288596aa73964ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 02:03:34 +00:00
Xin Li
48ab6c0f3a [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours am: 67621bec34 -s ours am: 79f362de88 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: I5359f87c035df4e514334195d4fc4aba12dcea42
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:10:36 +00:00
Xin Li
ed5b439993 [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours am: 67621bec34 -s ours am: 79f362de88 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: Icf32d5bf125abcfab85d114716d6ac56c25bacb1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:07:09 +00:00
Xin Li
79f362de88 [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours am: 67621bec34 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: I707d83fad07144e33b6feded76fd061d19fd085e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 00:06:07 +00:00
Xin Li
67621bec34 [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: Ibbdaf2aa02395da19b5c77095364785415d4d505
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 23:06:01 +00:00
Xin Li
f61bda9e67 [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: Id256ea88817ccd942579aa2202abce48ae50a0a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 22:32:04 +00:00
Xin Li
665b8598f2 Merge Android 13 QPR2 
Bug: 273316506
Merged-In: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
Change-Id: I667f2c59630e12e2500b3c766a53d1b38f0259bd
 2023-03-13 23:09:33 -07:00
Android Build Coastguard Worker
6c11c1291d Snap for 9735252 from 915841aada to udc-release 
Change-Id: If4cfb9b4a5105cf2b4810fed0857ac68da441572
 2023-03-14 01:28:34 +00:00
Jasmine Cha
22ee3522ca audio: move set_prop to gs-common am: 915841aada am: 64be6bd4ed 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21980950

Change-Id: I6edcc168d990301e60cfdee4faf3a01ff0d1e70b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 06:12:51 +00:00
Jasmine Cha
b73353bb75 audio: move set_prop to gs-common am: 915841aada am: 2b19899dc2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21980950

Change-Id: I11888a77aee35122a5de5f21e85f28c4b1a842ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 06:11:53 +00:00
Jasmine Cha
64be6bd4ed audio: move set_prop to gs-common am: 915841aada 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21980950

Change-Id: Ia551f15dc508ca08089216ac42be2eb169eb43bf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 05:38:15 +00:00
Jasmine Cha
2b19899dc2 audio: move set_prop to gs-common am: 915841aada 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21980950

Change-Id: Id039e72e5b1b7b1dd7058835f2b1b863530a06ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 05:38:10 +00:00
Adam Shih
691cd47580 move modem operation to dump_modemlog am: fc86ce114c am: 8a7cd8578a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21937426

Change-Id: I0560377432293eb17019d44a8ff9e9e0bdc2d886
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 03:15:26 +00:00
Adam Shih
f353d00366 move modem operation to dump_modemlog am: fc86ce114c am: d2397db6dd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21937426

Change-Id: I2500e09b068327570f7ec2cfedad286aecfbc17f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 03:13:59 +00:00
Jasmine Cha
915841aada audio: move set_prop to gs-common 
Bug: 259161622
Test: build pass

Change-Id: If9c6d5641a05768446a7b618e447a1d11ad5daab
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-13 10:55:25 +08:00
Adam Shih
d2397db6dd move modem operation to dump_modemlog am: fc86ce114c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21937426

Change-Id: I885606a77cec480cb78f197b679a727c85c6072f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 02:41:51 +00:00
Adam Shih
8a7cd8578a move modem operation to dump_modemlog am: fc86ce114c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21937426

Change-Id: I3d00e18f7d5abc49af6c410cdfdc696435222cce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 02:41:35 +00:00
Android Build Coastguard Worker
2d76573528 Snap for 9728260 from c50fcf4794 to udc-release 
Change-Id: I8366515018e3f382abba7d5ddbda948cbfdabd1b
 2023-03-11 04:03:13 +00:00
Enzo Liao
b38886146a SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. 
It needs to access a file pushed by hosts of test suites (details: http://go/pd-client-for-lab#heading=h.wtp07hbqvwgx)

Bug: 234359369
Design: http://go/pd-client-for-lab
Test: manual (http://b/271555983#comment3)
Change-Id: I0ecc64407118107860db434f0eb22cab0f55a2ba
 2023-03-10 15:25:51 +08:00
Adam Shih
fc86ce114c move modem operation to dump_modemlog 
Bug: 240530709
Test: adb bugreport
Change-Id: I1b5c7defc0b6cb04899d03f1f71f0ac1fe21ed80
 2023-03-10 12:14:54 +08:00
Jasmine Cha
e16fda1c59 audio: move sepolicy about audio to gs-common am: c50fcf4794 am: 59a5090888 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21873545

Change-Id: I15855a31343d1f95b5cae3dac396d5c08ac10a9e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:39:27 +00:00
Jasmine Cha
7364a6fb72 audio: move sepolicy about audio to gs-common am: c50fcf4794 am: 654769b457 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21873545

Change-Id: I72e83e045b1e5a992ac637e754020f3efc7cbb74
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:22:30 +00:00
Jasmine Cha
654769b457 audio: move sepolicy about audio to gs-common am: c50fcf4794 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21873545

Change-Id: I85c2c98c913e7d3dfa6b4156c4384f10b7d4fd61
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:19:46 +00:00
Krzysztof Kosiński
5bda194901 Clean up Google Camera App tracking_denials. am: 3758cdb733 am: 0fc09907f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21938179

Change-Id: I600c667c2a447f55d0b87358ca31a16c8aac42e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:19:19 +00:00
Jasmine Cha
59a5090888 audio: move sepolicy about audio to gs-common am: c50fcf4794 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21873545

Change-Id: I4c3b3716f77132793e77d29a5847b0636235d98f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:18:13 +00:00
Krzysztof Kosiński
0a472be148 Clean up Google Camera App tracking_denials. am: 3758cdb733 am: aabbf32bdd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21938179

Change-Id: I267b5fee06f77d08648e759babcb64b3b45c1819
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:17:35 +00:00
Android Build Coastguard Worker
321e871f03 Snap for 9719949 from 3c494301c8 to udc-release 
Change-Id: If8ceadb0fdbc386f30ca13dff1812766e78b7081
 2023-03-10 02:07:19 +00:00
Jasmine Cha
c50fcf4794 audio: move sepolicy about audio to gs-common 
Bug: 259161622
Test: build pass and check with audio ext hidl/aidl

Change-Id: Id9fa7130db9b94a25381d10984ad245658847345
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-10 02:05:58 +00:00
Krzysztof Kosiński
aabbf32bdd Clean up Google Camera App tracking_denials. am: 3758cdb733 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21938179

Change-Id: I03ee0a69960088e14e2f95598a954ecbb4c9f9a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 01:38:41 +00:00
Krzysztof Kosiński
0fc09907f2 Clean up Google Camera App tracking_denials. am: 3758cdb733 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21938179

Change-Id: I47f1ec196ea09e4c0eb5b04a0c6c77885c99a8fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 01:35:56 +00:00
Krzysztof Kosiński
3758cdb733 Clean up Google Camera App tracking_denials. 
EdgeTPU access is already allowed. Vendor property access should
be denied and is not an error (most likely from library code
that tries to access nonexistent Mediatek-specific properties).

Fix: 209889068
Test: presubmit, run GCA
Change-Id: Id200da6627ceae1ca6315ea9b4473f61fdc285d0
 2023-03-10 01:00:44 +00:00
Adam Shih
d5a143a840 Move display dump to gs-common am: 3c494301c8 am: 71ad15df7c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21811839

Change-Id: Ic25597d1f1b13a273e28eb69ce08aa38adf392ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 06:01:47 +00:00
Adam Shih
342ef2858d Move display dump to gs-common am: 3c494301c8 am: bb4f367959 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21811839

Change-Id: Icc4e17a7c6e49bd1e2bb54a595f7288f8fcd5f77
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 06:00:38 +00:00
Adam Shih
71ad15df7c Move display dump to gs-common am: 3c494301c8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21811839

Change-Id: Ife52ecf2a430e17af412dbcaa8651a15b668c684
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 05:29:55 +00:00
Adam Shih
bb4f367959 Move display dump to gs-common am: 3c494301c8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21811839

Change-Id: I4fcb7d78a11ebc9dabdf8a6f3363608c6b834ab0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 05:29:17 +00:00
Adam Shih
3c494301c8 Move display dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I8d2d0413987629bd3774034a5f99f5b7feb4b3ba
 2023-03-07 12:35:16 +08:00
Android Build Coastguard Worker
aa0ebd03d5 Snap for 9675941 from 6312c2c014 to udc-release 
Change-Id: I884473a59993bac989df12f6a61b42dddffa4992
 2023-03-02 04:07:26 +00:00
Salmax Chang
373af14b53 modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 am: 064f8eb40b am: 6312c2c014 am: 5ce31c8627 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: Ibbfb1eeb8af07d71ae98127d79a11ad9facdf87b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 09:16:34 +00:00
Salmax Chang
9db3660136 modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 am: 064f8eb40b am: 6312c2c014 am: e56da7d8ba 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: I6d7ab553888c13102fc0d265494b68e7d9bc60a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 09:15:42 +00:00
Salmax Chang
5ce31c8627 modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 am: 064f8eb40b am: 6312c2c014 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: I075081b297ac1b84f296ddb008e15222ccdadfde
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 08:25:34 +00:00
Salmax Chang
e56da7d8ba modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 am: 064f8eb40b am: 6312c2c014 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: I8d4a010caee97679d0e20c27d3ec02b08547987a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 08:24:28 +00:00
Salmax Chang
6312c2c014 modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 am: 064f8eb40b 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: Ib71ce8f0289ccc3619d6b323e85f992fe96d6106
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 07:44:16 +00:00
Salmax Chang
064f8eb40b modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: I617cb3a7d2becaaa2f0cf019fbdb9c88a92548d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 06:49:44 +00:00
Salmax Chang
037e986412 modem_svc_sit: grant modem property access am: 12a731b61e 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: I6432be5a512e7302841b3a705bebfbf260a8e1d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 06:12:30 +00:00
Salmax Chang
12a731b61e modem_svc_sit: grant modem property access 
Bug: 247669574
Change-Id: I02f58f04ee0daca9cabb055ed2fb7fe2653831af
 2023-03-01 01:17:49 +08:00
Jörg Wagner
4183daf7f1 Update Mali DDK to r40 : Additional SELinux settings 
Expose DDK's dynamic configuration options through the Android Sysprop
interface, following recommendations from Arm's Android Integration
Manual.

b/261718474

Change-Id: I75457d2d4f6e37bdd85329bac7fd81327cfff628
 2023-02-23 13:17:58 +00:00
leochuang
62eebf952f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 270079857
Change-Id: I1755253d915e7d9ff1fe624ecf8e6439f7a1bcd6
 2023-02-21 08:49:55 +08:00
Android Build Coastguard Worker
cfa6bbf2c7 Snap for 9627971 from e4fad2e355 to udc-release 
Change-Id: I60baf32cbd4a6a4f6b86f9e3f770889482379b5c
 2023-02-19 02:02:40 +00:00
Ken Tsou
0f1327382e hal_health_default: allow to access persist.vendor.shutdown.* am: 55d345c5e8 am: 877a01aa5e am: e4fad2e355 am: 5e243993de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21455545

Change-Id: Ib7d7c52c56a7d2b58fbf274f6c8751ebc267c756
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 18:47:49 +00:00
Ken Tsou
5e243993de hal_health_default: allow to access persist.vendor.shutdown.* am: 55d345c5e8 am: 877a01aa5e am: e4fad2e355 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21455545

Change-Id: I29151bbf3464842ff1da05dead73d102e57a8537
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 17:25:26 +00:00
Ken Tsou
91fbeb5191 hal_health_default: allow to access persist.vendor.shutdown.* am: 55d345c5e8 am: 877a01aa5e am: e4fad2e355 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21455545

Change-Id: Ibed453ad788535774c2bb1f68cf3c442c7a88359
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 17:23:18 +00:00
Ken Tsou
e4fad2e355 hal_health_default: allow to access persist.vendor.shutdown.* am: 55d345c5e8 am: 877a01aa5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21455545

Change-Id: I7819419ef876b10affac4978f924988e8a57f024
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 15:53:32 +00:00
Ken Tsou
877a01aa5e hal_health_default: allow to access persist.vendor.shutdown.* am: 55d345c5e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21455545

Change-Id: Ia7992178f55c2863f99474ad8e0349c3aacd1aeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 14:52:58 +00:00
Android Build Coastguard Worker
963cf0b3d5 Snap for 9617930 from 8c4ca7b5a4 to udc-release 
Change-Id: I800859efe169b4efeb5d3ab795e0021af7652732
 2023-02-17 02:07:30 +00:00
Ken Tsou
55d345c5e8 hal_health_default: allow to access persist.vendor.shutdown.* 
msg='avc: denied { set } for property=persist.vendor.shutdown.voltage_avg pid=908 uid=1000 gid=1000 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 266181615
Change-Id: Ia87610f0363bbfbe4fe446244b44818c273841f4
Signed-off-by: Ken Tsou <kentsou@google.com>
 2023-02-16 10:37:44 +08:00
Android Build Coastguard Worker
94300d9c17 Snap for 9613524 from d1daf18a6a to udc-release 
Change-Id: Icc2ebf48e701797adf96d010bf98df6bf64b0e4d
 2023-02-16 02:03:02 +00:00
Adam Shih
8c4ca7b5a4 remove same_process_hal access from gxp firmware 
Bug: 246218258
Test: boot with no relevant SELinux errors
Change-Id: I52c82ff4c70cb16057cf719059f63c3f9c381c46
 2023-02-16 00:02:13 +00:00
Jeffrey Kardatzke
d1daf18a6a tracking_denials: Remove b/237492145 
Bug: 237492145
Test: TreeHugger
Change-Id: I2874665d4166e951de6b9f6ab15be62a35777ad2
 2023-02-15 19:21:56 +00:00
Android Build Coastguard Worker
8c73593429 Snap for 9607154 from 45583701ab to udc-release 
Change-Id: Idae71b308eab165d4147eb64d3d05209d6a4fa62
 2023-02-15 02:03:11 +00:00
Thiébaud Weksteen
1a72a34a91 Remove bug_map entry for incident 
hal_input_processor_default was fixed in b/219172252

Bug: 239632439
Test: presubmit
Change-Id: Idaa9bff7130d54bf24260e26b43605a60dcb7525
 2023-02-15 00:50:55 +00:00
Treehugger Robot
45583701ab Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 am: d67d52eb4f am: 68c7241129 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: Ic65e69e5095b5fadf7ebae056785b81d72144139
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 20:44:30 +00:00
Treehugger Robot
68c7241129 Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 am: d67d52eb4f 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: Ibf36bb7559b4a2a91dd6ce063db28828b80b90a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 19:41:21 +00:00
Treehugger Robot
d67d52eb4f Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: If7561935299aa965f69919dbac04fcf807bf7c7a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 18:56:36 +00:00
Android Build Coastguard Worker
32c0521342 Merge cherrypicks of ['googleplex-android-review.googlesource.com/20729301'] into tm-qpr2-release. 
Change-Id: I57684821f09bb3d5f85a140cc222b13271f7f625
 2023-02-14 18:20:15 +00:00
Ray Chi
3a7647d59c [DO NOT MERGE] usb: Add sepolicy for extcon access 
USB gadget hal will access extcon folder so that this patch
will add new rule to allow USB gadget hal to access extcon.

Bug: 263435622
Test: build pass
Change-Id: I971732c6a40700a85df61170dcf1c3660307b96c
(cherry picked from commit 03fb0f6ceb)
Merged-In: I971732c6a40700a85df61170dcf1c3660307b96c
 2023-02-14 18:13:41 +00:00
Treehugger Robot
643a4aa018 Merge "Map AIDL Gatekeeper to same policy as HIDL version" 2023-02-14 17:48:17 +00:00
Adam Shih
6defd8cbc8 Move memory dump to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I304899f1c9eb1a77ef7559194ab4cfed9daf30ef
 2023-02-14 07:22:05 +00:00
Adam Shih
333b450ee7 move tablet settings to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I2bac842aaab1737b2fcecd232e82d49f00439607
 2023-02-14 04:28:30 +00:00
Android Build Coastguard Worker
3bb61ab5a2 Snap for 9591832 from 4c372ff5cd to udc-release 
Change-Id: I847c9d07daa521f32483384dedc25db1b1a4b357
 2023-02-11 06:07:57 +00:00
sukiliu
4c372ff5cd Update SELinux error 
Test: scanBugreport
Bug: 268147113
Bug: 268566483
Bug: 268147092
Change-Id: Ia0755baf0d2b9cd02e9d69da29cf87120ae13bbe
 2023-02-10 10:20:48 +08:00
Subrahmanyaman
b05ec9c753 Map AIDL Gatekeeper to same policy as HIDL version 
Bug: 268342724
Test: VtsHalGatekeeperTargetTest
Change-Id: Ic2849f8f00aea80e707a85334364f8ecfe7a64e3
 2023-02-08 18:36:45 +00:00
Android Build Coastguard Worker
6ee04bc32e Snap for 9566037 from 1d9a7c5877 to udc-release 
Change-Id: I157f6b1e52f72050ac661995b18eda18806965b0
 2023-02-06 03:41:07 +00:00
Ken Yang
1d9a7c5877 WLC: Add required sysfs_wlc sepolicies 
The sysfs_wlc is still required for certain services like
hal_health_default. Add these sepolicies to pass the tests.

Bug: 267171670
Change-Id: Id2687a4ac72e04e537704d036155167b68aeca7c
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-05 02:30:34 +00:00
Android Build Coastguard Worker
7748904566 Snap for 9564855 from dadd1df282 to udc-release 
Change-Id: I2541a1873e96ec722141e3c3bbc8d453d242f4c9
 2023-02-05 02:02:29 +00:00
Ray Chi
dadd1df282 [automerger skipped] [DO NOT MERGE] usb: Add sepolicy for extcon access am: 03fb0f6ceb am: 2265901763 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20729301

Change-Id: I89550dd2f3dd57683a3066f2107a68d895cb3769
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-04 05:06:52 +00:00
Ray Chi
2265901763 [DO NOT MERGE] usb: Add sepolicy for extcon access am: 03fb0f6ceb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20729301

Change-Id: Icf1e3a628c4a7e040efd639e16b4a631ea7349ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-04 04:37:05 +00:00
Android Build Coastguard Worker
e82d9c2488 Snap for 9562441 from 27eea9a08a to udc-release 
Change-Id: Ic57fabcc56efffd5493ed303171b55dafe3f2d00
 2023-02-04 04:03:19 +00:00
Nicolas Geoffray
27eea9a08a Allow ssr_detector_app directory creation in system_app_data_file. am: 029a072be5 am: ad2ebe9f69 am: cee4578a87 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2421223

Change-Id: Ib99ec0b32daaada2384ffa4592c061b32df7501a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 15:38:23 +00:00
Nicolas Geoffray
cee4578a87 Allow ssr_detector_app directory creation in system_app_data_file. am: 029a072be5 am: ad2ebe9f69 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2421223

Change-Id: I50020f8d16d0ea26b0e1ca253f91ee889db68989
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 15:06:32 +00:00
Ray Chi
03fb0f6ceb [DO NOT MERGE] usb: Add sepolicy for extcon access 
USB gadget hal will access extcon folder so that this patch
will add new rule to allow USB gadget hal to access extcon.

Bug: 263435622
Test: build pass
Change-Id: I971732c6a40700a85df61170dcf1c3660307b96c
 2023-02-03 14:47:40 +00:00
Nicolas Geoffray
ad2ebe9f69 Allow ssr_detector_app directory creation in system_app_data_file. am: 029a072be5 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2421223

Change-Id: I8631d5a2cc63244c5a8ba68f177ee321d89abc91
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 14:39:40 +00:00
Taylor Nelms
2243ee16ef [automerger skipped] Modify permissions to allow dumpstate process to access decon_counters node am: 6e04b082f7 am: 2ecc683965 -s ours 
am skip reason: Merged-In I656ebdcd0f92f2cc3e16de19075e94ada339a39b with SHA-1 ca38b9685b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21040691

Change-Id: Id04337416d4b4558d565f26fea0fbf2b0465c9d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 14:17:03 +00:00
Taylor Nelms
2ecc683965 Modify permissions to allow dumpstate process to access decon_counters node am: 6e04b082f7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21040691

Change-Id: Ia856c130f890537cb834687903d1f7bcb1081166
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 13:47:32 +00:00
Taylor Nelms
6e04b082f7 Modify permissions to allow dumpstate process to access decon_counters node 
Bug: 240346564
Test: Build for Cheetah device with "user" build,
check bugreport for decon_counters content
Merged-In: I656ebdcd0f92f2cc3e16de19075e94ada339a39b
Change-Id: I6aea0bc545805f9f066272e08f5c37f71baf304e
Signed-off-by: Taylor Nelms <tknelms@google.com>
 2023-02-03 13:18:02 +00:00
Nicolas Geoffray
029a072be5 Allow ssr_detector_app directory creation in system_app_data_file. 
Bug: 260557058
Test: m
Change-Id: Ia8917316fc653465070a875a806b9707d8112230
 2023-02-03 13:08:30 +00:00
Sajid Dalvi
e80669242c logbuffer: Add pcie driver support am: eb745cabd1 am: cf7bb88b7a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21077111

Change-Id: I81cac496ef80ab9f41f6648e8a43fa277ec72d46
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 06:11:57 +00:00
Sajid Dalvi
cf7bb88b7a logbuffer: Add pcie driver support am: eb745cabd1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21077111

Change-Id: I36a37418005f271ac2325ccf5b395086befdea5a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 05:41:29 +00:00
Kadyr Narmamatov
b876b5398f modem_svc_sit: Grant permission to read vendor_fw_file am: 80f1fbbf9d am: 8105be362a am: 84eb6c3751 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2411196

Change-Id: Iba090442873014e03a140973d636ba6bee49348a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 22:44:52 +00:00
Kadyr Narmamatov
84eb6c3751 modem_svc_sit: Grant permission to read vendor_fw_file am: 80f1fbbf9d am: 8105be362a 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2411196

Change-Id: I0b847346f367a91c58b86754e7cfa87fe43df931
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:51:59 +00:00
Sajid Dalvi
eb745cabd1 logbuffer: Add pcie driver support 
Add logbuffer support to pcie driver to reduce dmesg spam.

Bug: 267495494
Change-Id: Id62006860e161730880aba61ea9974e006884e3e
Signed-off-by: Sajid Dalvi <sdalvi@google.com>
 2023-02-02 21:31:31 +00:00
Kadyr Narmamatov
8105be362a modem_svc_sit: Grant permission to read vendor_fw_file am: 80f1fbbf9d 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2411196

Change-Id: Ifa4ca4b105479895166c1fd73b353ec66af007f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-02 21:12:35 +00:00
Kadyr Narmamatov
80f1fbbf9d modem_svc_sit: Grant permission to read vendor_fw_file 
Bug: 267259670

Change-Id: I45d43e6bb17c3849cd6a19579ea1b2fdb1aa032a
Signed-off-by: kadirpili <kadirpili@google.com>
 2023-02-02 06:08:45 +00:00
Android Build Coastguard Worker
47cd0005cf Snap for 9552483 from c2d9e133cf to udc-release 
Change-Id: Ie917f11179e58720d41c3b0ecfb360cd95681dbb
 2023-02-02 02:14:29 +00:00
George Lee
c2d9e133cf [automerger skipped] battery_mitigation: fix brownout reporting selinux [DO NOT MERGE] am: 75521ed6d8 am: a6b0a5d9f4 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21048116

Change-Id: I667a6f2eabc7b3b3079559734c8ef6bbbaa2fa74
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-01 17:40:17 +00:00
George Lee
a6b0a5d9f4 battery_mitigation: fix brownout reporting selinux [DO NOT MERGE] am: 75521ed6d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21048116

Change-Id: I58b1d1d34b46e7efec29d74387d0f801858c5636
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-01 17:02:02 +00:00
George Lee
75521ed6d8 battery_mitigation: fix brownout reporting selinux [DO NOT MERGE] 
Ensure ro.boot.bootreason equals sys.boot.reason before filing bugreport
for Brownout.

Bug: 263274350
Test: Local testing to confirm
Change-Id: I7c0cab8811775d52bfb95f23ad19baa87f2ae64e
Signed-off-by: George Lee <geolee@google.com>
(cherry picked from commit 4b3a85cac0206e70dddf7663aa771195c0026eea)
 2023-02-01 16:08:42 +00:00
Doug Zobel
573d855435 [automerger skipped] Add sepolicy for PCIe link statistics am: 959825045e am: 3f3b99e045 -s ours 
am skip reason: Merged-In I173ba399a60f29aa8a5edf1e86f97f214b4879c8 with SHA-1 68bf64905b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21077117

Change-Id: I741516eeaf87f76c1f50f6c4acca7104e3933071
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-01 14:44:44 +00:00
Doug Zobel
3f3b99e045 Add sepolicy for PCIe link statistics am: 959825045e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21077117

Change-Id: I8fe31a21df1db5e544818ae2d0e097ad45414af6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-01 14:04:22 +00:00
Doug Zobel
959825045e Add sepolicy for PCIe link statistics 
PCIe link statistics collected by dumpstate and pixelstats.

Test: adb bugreport && unzip bugreport*.zip && grep link_stats dumpstate_board.txt;
      adb logcat "pixelstats-vendor:D *:S"
Bug: 264287533
Change-Id: I173ba399a60f29aa8a5edf1e86f97f214b4879c8
Merged-In: I173ba399a60f29aa8a5edf1e86f97f214b4879c8
Signed-off-by: Doug Zobel <zobel@google.com>
 2023-01-31 12:00:01 -06:00
Long Ling
59de0efcca Set context for sysfs file refresh_rate 
Bug: 263821118
Change-Id: Icdba0553fd5228822ce271ef16b877d4bef9f73e
 2023-01-26 18:43:50 -08:00
Android Build Coastguard Worker
ee1b640e0f Snap for 9523845 from 68bf64905b to udc-release 
Change-Id: Ic4f52b41c7154fb7ace3a4f0ca57b341d466dd4b
 2023-01-25 02:27:39 +00:00
Doug Zobel
68bf64905b Add sepolicy for PCIe link statistics 
PCIe link statistics collected by dumpstate and pixelstats.

Test: adb bugreport && unzip bugreport*.zip && grep link_stats dumpstate_board.txt;
      adb logcat "pixelstats-vendor:D *:S"
Bug: 264287533
Change-Id: I173ba399a60f29aa8a5edf1e86f97f214b4879c8
Signed-off-by: Doug Zobel <zobel@google.com>
 2023-01-24 02:05:32 +00:00
Android Build Coastguard Worker
bd32cb9c0d Snap for 9491836 from 0257c7bd03 to udc-release 
Change-Id: I6aa1cfacc6bfa3b0f1979b6c582402408b32e69d
 2023-01-15 02:02:12 +00:00
Android Build Coastguard Worker
4e62c235cd Snap for 9489393 from b3bbcd4554 to udc-release 
Change-Id: I64f686dfc8f2270fdf50a4d129148ba86feb826a
 2023-01-14 04:03:12 +00:00
Xin Li
0257c7bd03 [automerger skipped] Merge tm-qpr-dev-plus-aosp-without-vendor@9467136 am: 6776e1bb97 -s ours am: 3ec273fe0d -s ours 
am skip reason: Merged-In I64ff95ba8db62a8f831d012b4cdf4e6ec973f086 with SHA-1 f5a88c35a4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20956645

Change-Id: I3e3ca818880c95366e92036f1b95902b27c8992c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-13 21:35:24 +00:00
Ken Yang
b3bbcd4554 WLC: Cleanup the sysfs_wlc policies 
The sepolicy must be self-contained without including wirelss_charger to
avoid build break in AOSP

Bug: 263830018
Change-Id: Ib3e36c9bb4b3048ce97592c3f68260035a32239d
Signed-off-by: Ken Yang <yangken@google.com>
 2023-01-13 14:41:12 +00:00
Xin Li
3ec273fe0d [automerger skipped] Merge tm-qpr-dev-plus-aosp-without-vendor@9467136 am: 6776e1bb97 -s ours 
am skip reason: Merged-In I64ff95ba8db62a8f831d012b4cdf4e6ec973f086 with SHA-1 f5a88c35a4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20956645

Change-Id: Icabbf6f54bf9c9c0977b0739cc1b32b174cc9629
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-13 08:08:00 +00:00
Xin Li
6776e1bb97 Merge tm-qpr-dev-plus-aosp-without-vendor@9467136 
Bug: 264720040
Merged-In: I64ff95ba8db62a8f831d012b4cdf4e6ec973f086
Change-Id: Ieb75ac322b6b1246ac2090be0480b8fca19789b2
 2023-01-11 22:46:18 -08:00
Android Build Coastguard Worker
bce9de8f39 Snap for 9480469 from 2925d6e2d2 to udc-release 
Change-Id: Ia4053668442d073f7ba01911d05c63f1186e9691
 2023-01-12 02:03:39 +00:00
Treehugger Robot
2925d6e2d2 [automerger skipped] Merge "Allow Trusty storageproxy property" am: e1a152fc98 -s ours am: 910018de64 -s ours am: cf39192e37 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 37b0c417d1 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2322222

Change-Id: Id8e2a021692a38278f8127687e4bcde25965aca6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-10 20:03:55 +00:00
Stephen Crane
51da9dc8c6 [automerger skipped] Allow Trusty storageproxy property am: f70e73af58 -s ours am: bccd56c75d -s ours am: e639ffcadb -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 37b0c417d1 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2322222

Change-Id: I5848f3b5dc8f9011ce9f0d26bee4a8bb18bef14a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-10 20:03:53 +00:00
Treehugger Robot
cf39192e37 [automerger skipped] Merge "Allow Trusty storageproxy property" am: e1a152fc98 -s ours am: 910018de64 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 37b0c417d1 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2322222

Change-Id: I31a08796e67652270c596b915674b1539901b40e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-10 19:21:36 +00:00
Stephen Crane
e639ffcadb [automerger skipped] Allow Trusty storageproxy property am: f70e73af58 -s ours am: bccd56c75d -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 37b0c417d1 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2322222

Change-Id: I858aeb5dad0841901b4d62e182ca2bfdfa78fd1c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-10 19:21:34 +00:00
Treehugger Robot
910018de64 [automerger skipped] Merge "Allow Trusty storageproxy property" am: e1a152fc98 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 37b0c417d1 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2322222

Change-Id: I64496de69383a5eb374622b48570f5c751405061
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-10 18:45:43 +00:00
Stephen Crane
bccd56c75d [automerger skipped] Allow Trusty storageproxy property am: f70e73af58 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 37b0c417d1 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2322222

Change-Id: I01c24fc940fc419732131690efcd060ee5565e08
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-10 18:45:41 +00:00
Treehugger Robot
e1a152fc98 Merge "Allow Trusty storageproxy property" 2023-01-10 18:15:28 +00:00
Android Build Coastguard Worker
34a9ef92d9 Snap for 9470759 from 816f74fe5e to udc-release 
Change-Id: I53bb367964b368565ce5de002498a8982577fc48
 2023-01-10 02:03:01 +00:00
Super Liu
816f74fe5e [automerger skipped] [DO NOT MERGE] Add sepolicy for procfs_touch_gti type am: 946b7e5e36 am: b705c1a215 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20811209

Change-Id: Ia8bb3c7cb4d0b4d0ff62013e76476fae71d357a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-09 02:05:33 +00:00
Super Liu
b705c1a215 [DO NOT MERGE] Add sepolicy for procfs_touch_gti type am: 946b7e5e36 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20811209

Change-Id: Ifdfe12568635a069098a085f247ff8502aa76189
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-09 01:34:28 +00:00
Android Build Coastguard Worker
c3f05d4d96 Snap for 9464008 from 9d258745c9 to udc-release 
Change-Id: Id39002fc64e7f1a5899c786cc452d9e59bfdc8a6
 2023-01-07 04:02:48 +00:00
Adam Shih
9d258745c9 [automerger skipped] update error on ROM am: 41e9042885 am: efc2edd3ce am: fe7901612d -s ours 
am skip reason: Merged-In Iadd90d55aca37fead3e5528d39df7866c9807205 with SHA-1 46ae2b1462 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2375476

Change-Id: I8721e5da2ec3c3147b6fcb2a376ee3cb6a0a773c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-06 06:02:09 +00:00
Adam Shih
fe7901612d update error on ROM am: 41e9042885 am: efc2edd3ce 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2375476

Change-Id: Id9d12d795091bf84b5a8d53767a7a265646f1a5d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-06 05:22:28 +00:00
Adam Shih
efc2edd3ce update error on ROM am: 41e9042885 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2375476

Change-Id: Ia39df8949eeb41c458baab106e4f98851ce7b496
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-01-06 04:50:57 +00:00
Adam Shih
41e9042885 update error on ROM 
Bug: 242203678
Test: pass boot test
Change-Id: I4b9aefdea9b54b4fb1743af6c7e7169c210c7ad0
Merged-In: Iadd90d55aca37fead3e5528d39df7866c9807205
 2023-01-06 02:42:49 +00:00
Android Build Coastguard Worker
ca94996d6b Snap for 9459940 from 1b4f3771ee to udc-release 
Change-Id: I726d002a5dd35f4b1e1df1ac448531d96c860059
 2023-01-06 02:02:38 +00:00
David Drysdale
1b4f3771ee Map Rust KeyMint to same SELinux policy as C++ 
Allow the Rust and C++ implementations of the KeyMint HAL service to be
toggled easily, by mapping them to the same SELinux policy.

Bug: 197891150
Bug: 225036046
Test: VtsAidlKeyMintTargetTest with local changes, TreeHugger
Change-Id: I37f8016240097381410903f0f326dc16fc24db1e
 2023-01-05 06:22:31 +00:00
Super Liu
946b7e5e36 [DO NOT MERGE] Add sepolicy for procfs_touch_gti type 
Bug: 262796907
Test: TreeHugger build pass.
Change-Id: I2b89aa6e0e9b8fbe42121f34e4c70639bdc225d2
 2022-12-26 02:23:59 +00:00
Android Build Coastguard Worker
3c3b7bdc81 Snap for 9428991 from 46ae2b1462 to udc-release 
Change-Id: I396b144828ecb3d44046b51bf8ce4c97a7078552
 2022-12-22 02:02:36 +00:00
Ken Yang
46ae2b1462 WLC: Remove sysfs_wlc sepolicy 
Bug: 237600973
Change-Id: Iadd90d55aca37fead3e5528d39df7866c9807205
Signed-off-by: Ken Yang <yangken@google.com>
 2022-12-21 08:35:55 +00:00
Stephen Crane
c7f4253db4 [automerger skipped] Allow Trusty storageproxy property am: 37b0c417d1 -s ours am: c430f27151 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 5cd114d3a0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20600484

Change-Id: Ib22616c9b04547baf6cfc96debf5aaad31b9133a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-21 04:49:18 +00:00
Stephen Crane
c430f27151 [automerger skipped] Allow Trusty storageproxy property am: 37b0c417d1 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 5cd114d3a0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20600484

Change-Id: I516c0e02b2870767fed94431145b6be655cb20fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-21 04:06:01 +00:00
Stephen Crane
f70e73af58 Allow Trusty storageproxy property 
Allows the Trusty storageproxyd to set ro.vendor.trusty.storage.fs_ready
when the data filesystems are ready for use, and allows vendor init to
query and wait on this property.

Test: build, flash, test app loading
Bug: 258018785
Change-Id: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
Merged-In: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
 2022-12-21 03:43:20 +00:00
Stephen Crane
37b0c417d1 Allow Trusty storageproxy property 
Allows the Trusty storageproxyd to set ro.vendor.trusty.storage.fs_ready
when the data filesystems are ready for use, and allows vendor init to
query and wait on this property.

Test: build, flash, test app loading
Bug: 258018785
Change-Id: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
Merged-In: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
 2022-12-21 03:42:07 +00:00
Android Build Coastguard Worker
057a1b8ead Snap for 9425524 from 982bb81ed7 to udc-release 
Change-Id: I4d330b2bd7198d005e90c6cd97dd0405831902e4
 2022-12-21 03:12:34 +00:00
Taylor Nelms
ca38b9685b Modify permissions to allow dumpstate process to access 
decon_counters node

Bug: 240346564
Test: Build for Cheetah device with "user" build, check bugreport for decon_counters content
Change-Id: I656ebdcd0f92f2cc3e16de19075e94ada339a39b
Signed-off-by: Taylor Nelms <tknelms@google.com>
 2022-12-21 01:41:36 +00:00
Devin Moore
982bb81ed7 Allow pixelstats hal to talk to the new AIDL sensorservice am: 691897a0bf am: bfa91d7e21 am: 35a55fd27f 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2363266

Change-Id: Ife3bc9a769d1e09bf11d21b2877b9ebcfca5d236
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-20 21:46:42 +00:00
Devin Moore
35a55fd27f Allow pixelstats hal to talk to the new AIDL sensorservice am: 691897a0bf am: bfa91d7e21 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2363266

Change-Id: Ifd7d2166a166e40e9685ba4e2d04ffb66f9478a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-20 20:57:22 +00:00
Devin Moore
bfa91d7e21 Allow pixelstats hal to talk to the new AIDL sensorservice am: 691897a0bf 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2363266

Change-Id: I6162c76ddc3ee581a782d176507d6b93cb8ce07c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-20 20:20:51 +00:00
Devin Moore
691897a0bf Allow pixelstats hal to talk to the new AIDL sensorservice 
This is being used in libsensorndkbridge now, so permissions are
required.

Test: m
Bug: 205764765
Change-Id: Ife9688c62398bef83ae5636e915568658098e12d
 2022-12-19 23:05:38 +00:00
Android Build Coastguard Worker
fd5d1fb0fc Snap for 9414774 from 5f6baf4bbd to udc-release 
Change-Id: I33bdfc098b4b4e01bf3835c45a9663ef842e4180
 2022-12-17 04:03:12 +00:00
Android Build Coastguard Worker
bfcae7eb32 Snap for 9414670 from f5a88c35a4 to tm-qpr2-release 
Change-Id: I78749312c952346ab00f38c0145e5cab9e014c02
 2022-12-17 02:02:55 +00:00
Jenny Ho
5f6baf4bbd Add sepolicy rule to allow dump battery maxfg history am: f5a88c35a4 am: 0e90b55ed9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20729299

Change-Id: Id1efeae084e9ddb3eaf9b4de678bc39193dfc863
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-16 08:04:34 +00:00
Jenny Ho
0e90b55ed9 Add sepolicy rule to allow dump battery maxfg history am: f5a88c35a4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20729299

Change-Id: I983b69e606a1e257380abcfaefacfcbd4aea651d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-16 07:26:40 +00:00
Android Build Coastguard Worker
14b3bb5ee0 Snap for 9410508 from 5712ba4dec to udc-release 
Change-Id: Id343c5d66115f91f9892824440f807a4adb842b4
 2022-12-16 02:02:41 +00:00
George Lee
5712ba4dec Add BrownoutDetected Events - gs201 sepolicy 
Brownout Detection is detected during the boot sequence.  If the
previous shutdown resulted in a reboot reason that has *ocp* or *uvlo*
in it, the shutdown was due to brownout.  Mitigation Logger should have
logged the device state during the brownout.  This event metric is to
surface the logged data.

Bug: 250009365
Test: Confirm triggering of events
Ignore-AOSP-First: to detect brownout.
Change-Id: Idfc02a8bde6088a5c504ee72014537555af78b04
Signed-off-by: George Lee <geolee@google.com>
 2022-12-15 05:29:29 +00:00
Jenny Ho
f5a88c35a4 Add sepolicy rule to allow dump battery maxfg history 
android.hardwar: type=1400 audit(0.0:7): avc: denied { getattr } for path="/dev/maxfg_history" dev="tmpfs" ino=580 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 bug=b/240632721

Bug: 254164096
Change-Id: I64ff95ba8db62a8f831d012b4cdf4e6ec973f086
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2022-12-15 03:03:01 +00:00
Android Build Coastguard Worker
6f3b30e599 Snap for 9397200 from ed15ad3ae1 to udc-release 
Change-Id: Ifa9234f2518c761e5fc4bc2067ab8903c1f6c414
 2022-12-13 04:02:46 +00:00
Android Build Coastguard Worker
683adbb75b Snap for 9397138 from 810a7c5988 to tm-qpr2-release 
Change-Id: I44abf5e6db8ba1b7072f43dc7484df4001f3220d
 2022-12-13 03:46:28 +00:00
Jack Wu
ed15ad3ae1 [automerger skipped] ignore shell access on wlc am: 812312fb1c am: e5974267f8 am: 810a7c5988 -s ours am: dd9d20b242 -s ours 
am skip reason: Merged-In I5f1d321df2daa2ec785e2ad1ac2e02478568b688 with SHA-1 72a65a0100 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20677740

Change-Id: I38f329ab33ca8cd7e2c379c02fdaeb948b3e539b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 14:13:54 +00:00
Jack Wu
ee8c12171b [automerger skipped] ignore shell access on wlc am: 72a65a0100 am: 800574a31d am: 343ef77907 -s ours 
am skip reason: Merged-In I5f1d321df2daa2ec785e2ad1ac2e02478568b688 with SHA-1 812312fb1c is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2276118

Change-Id: Idee296b4e019f66e70eb39e61e8d4b18a7b77e39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 14:09:37 +00:00
Automerger Merge Worker
233f1b729a Merge "[automerger skipped] Merge Android 13 QPR1 am: a895073188 -s ours" into stage-aosp-master am: 40d65d57a9 -s ours am: 159684c0d9 -s ours 
am skip reason: Merged-In Idb145723d053eb93dbae2b71f7204347253c8a50 with SHA-1 123262b869 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2337016

Change-Id: I1b0c8cfe75fa054d175bc48be6174456784ad955
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 13:47:39 +00:00
Xin Li
95b9c59f53 [automerger skipped] Merge Android 13 QPR1 am: a895073188 -s ours am: b6b7e42179 -s ours am: 4c5a9c7e12 -s ours 
am skip reason: Merged-In Idb145723d053eb93dbae2b71f7204347253c8a50 with SHA-1 123262b869 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2337016

Change-Id: I21635b3fc3427b5a3ec8dc910bdf3f361c7d37af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 11:56:46 +00:00
Jack Wu
dd9d20b242 [automerger skipped] ignore shell access on wlc am: 812312fb1c am: e5974267f8 am: 810a7c5988 -s ours 
am skip reason: Merged-In I5f1d321df2daa2ec785e2ad1ac2e02478568b688 with SHA-1 72a65a0100 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20677740

Change-Id: I74f7c32fc56171592567e8f84457fa894ebc9d06
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 08:32:05 +00:00
Jack Wu
810a7c5988 ignore shell access on wlc am: 812312fb1c am: e5974267f8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20677740

Change-Id: Ic9e3f1e1c7d029268a6430eda9bfdd8873c30ede
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 07:55:16 +00:00
Jack Wu
f599b9031c [automerger skipped] ignore shell access on wlc am: 812312fb1c am: 694a4c3be3 -s ours 
am skip reason: Merged-In I5f1d321df2daa2ec785e2ad1ac2e02478568b688 with SHA-1 7e6dc0eabb is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20677740

Change-Id: Ieecebaecf460389b3812144cc7a99eb945cf4728
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 07:54:32 +00:00
Jack Wu
e5974267f8 ignore shell access on wlc am: 812312fb1c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20677740

Change-Id: I12bf3f89227c1d3cab0ea2ac5863bfbcaf7eb6f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 06:50:08 +00:00
Jack Wu
694a4c3be3 ignore shell access on wlc am: 812312fb1c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20677740

Change-Id: I83dd928807971834412ce2cf8d49e86760d503e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 06:49:47 +00:00
Jack Wu
343ef77907 ignore shell access on wlc am: 72a65a0100 am: 800574a31d 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2276118

Change-Id: I7fb4d5ca9bb191b2568c60890983671e3a421788
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 03:43:55 +00:00
Jack Wu
800574a31d ignore shell access on wlc am: 72a65a0100 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2276118

Change-Id: I7d3f7611f7bd26cde474bfae8ab8ed7fcae5d95b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-12 03:14:19 +00:00
Jack Wu
72a65a0100 ignore shell access on wlc 
Bug: 238260741
Test: boot
Change-Id: I5f1d321df2daa2ec785e2ad1ac2e02478568b688
Merged-In: I5f1d321df2daa2ec785e2ad1ac2e02478568b688
Signed-off-by: Jack Wu <wjack@google.com>
 2022-12-12 09:28:24 +08:00
Automerger Merge Worker
159684c0d9 Merge "[automerger skipped] Merge Android 13 QPR1 am: a895073188 -s ours" into stage-aosp-master am: 40d65d57a9 -s ours 
am skip reason: Merged-In Idb145723d053eb93dbae2b71f7204347253c8a50 with SHA-1 123262b869 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2337016

Change-Id: I1e2d84021562ea9e6cb27189f7a1be3247d1577e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-10 01:57:13 +00:00
Xin Li
4c5a9c7e12 [automerger skipped] Merge Android 13 QPR1 am: a895073188 -s ours am: b6b7e42179 -s ours 
am skip reason: Merged-In Idb145723d053eb93dbae2b71f7204347253c8a50 with SHA-1 123262b869 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2337016

Change-Id: I14be64d8b1129673d2dd45f93fe218481e4b85de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-10 00:24:33 +00:00
Automerger Merge Worker
40d65d57a9 Merge "[automerger skipped] Merge Android 13 QPR1 am: a895073188 -s ours" into stage-aosp-master 2022-12-09 23:29:33 +00:00
Xin Li
f2706b36cc [automerger skipped] Merge Android 13 QPR1 am: a895073188 -s ours 
am skip reason: Merged-In Idb145723d053eb93dbae2b71f7204347253c8a50 with SHA-1 123262b869 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2337016

Change-Id: Ib55c87abcfe45f8ea877a34002002cb0d12b43b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-09 23:19:11 +00:00
Xin Li
b6b7e42179 [automerger skipped] Merge Android 13 QPR1 am: a895073188 -s ours 
am skip reason: Merged-In Idb145723d053eb93dbae2b71f7204347253c8a50 with SHA-1 123262b869 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2337016

Change-Id: Ifd93ba6d6aaf3efca62c484c0582bd9399b1eea3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-09 23:14:27 +00:00
Xin Li
a895073188 Merge Android 13 QPR1 
Bug: 261731544
Merged-In: Idb145723d053eb93dbae2b71f7204347253c8a50
Change-Id: I81e178b27ef30d184e5e12844c64e5b897d97168
 2022-12-09 10:24:38 -08:00
Android Build Coastguard Worker
a57ccaddc8 Snap for 9386067 from 1882c634c7 to udc-release 
Change-Id: I02c48827551345f9f77226c2586a1b072428e475
 2022-12-09 03:32:23 +00:00
Android Build Coastguard Worker
88b834523d Snap for 9385690 from 5df8045c3b to tm-qpr2-release 
Change-Id: I2f7ad0a9350d7befc417667ea7114be279536869
 2022-12-09 00:03:20 +00:00
Nicolas Geoffray
1882c634c7 Also put .ShannonImsService in the vendor_ims_app domain. am: 123262b869 am: 99159a832b am: da3eb0b7c5 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2335385

Change-Id: Ie04d950cca93bd3d36af091f7c07f22474ec8dd7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 20:45:10 +00:00
Nicolas Geoffray
da3eb0b7c5 Also put .ShannonImsService in the vendor_ims_app domain. am: 123262b869 am: 99159a832b 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2335385

Change-Id: I76302558055df38134731cddc25a9ee84074dafd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 20:17:12 +00:00
Nicolas Geoffray
99159a832b Also put .ShannonImsService in the vendor_ims_app domain. am: 123262b869 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2335385

Change-Id: I0967cfff61ba4576130772ddf66c297ea6edf508
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 19:32:29 +00:00
Nicolas Geoffray
123262b869 Also put .ShannonImsService in the vendor_ims_app domain. 
For consistency when running com.shannon.imsservice code.

Test: m
Bug: 260557058
Change-Id: Idb145723d053eb93dbae2b71f7204347253c8a50
 2022-12-08 14:49:22 +00:00
Jack Wu
812312fb1c ignore shell access on wlc 
Bug: 261804136
Test: boot
Change-Id: I5f1d321df2daa2ec785e2ad1ac2e02478568b688
Merged-In: I5f1d321df2daa2ec785e2ad1ac2e02478568b688
Signed-off-by: Jack Wu <wjack@google.com>
 2022-12-08 17:58:26 +08:00
chiayupei
ededd3526e hal_sensors_default: Add sepolicy for MagCC. am: 5df8045c3b am: c1191eef16 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20458112

Change-Id: I2f21af63ef2a126b3d78a95b1411547065e5b8e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 08:55:39 +00:00
chiayupei
c1191eef16 hal_sensors_default: Add sepolicy for MagCC. am: 5df8045c3b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20458112

Change-Id: I4f87b4c1977fe7aace7d1da49a7d8ed46512b809
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 08:31:55 +00:00
chiayupei
5df8045c3b hal_sensors_default: Add sepolicy for MagCC. 
avc: denied { search } for name="battery" dev="sysfs" ino=78703 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
avc: denied { read } for name="status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
avc: denied { open } for path="/sys/devices/platform/google,battery/power_supply/battery/status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
avc: denied { getattr } for path="/sys/devices/platform/google,battery/power_supply/battery/status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
avc: denied { read } for name="status" dev="sysfs" ino=78714 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
avc: denied { search } for name="i2c-p9222" dev="sysfs" ino=69679 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
Bug: 254155730
Test: Manually test no avc denied for MagCC

Change-Id: Ie5261b39187ffcdf645ae64727c54643bdbc1c47
Signed-off-by: chiayupei <chiayupei@google.com>
 2022-12-08 07:56:50 +00:00
Android Build Coastguard Worker
0ba02138ae Snap for 9370741 from a5cfc371a1 to udc-release 
Change-Id: Ic610fef5610bb6a9341ea7f0d758bf1ada403a2b
 2022-12-06 02:02:41 +00:00
Android Build Coastguard Worker
f5a1f66b9f Snap for 9371302 from 271a845885 to tm-qpr2-release 
Change-Id: I61dfe152be4f25a2cdee0e308a6f8b2bda3cdf7b
 2022-12-06 00:03:08 +00:00
Nicolas Geoffray
a5cfc371a1 Allow ssr_detector_app to create files of type system_app_data_file. am: 48acf9683f am: a350889233 am: 0bd5e91ed1 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2328073

Change-Id: I5ed9424cfdd3669ff1489141e648a771c984e5b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 16:58:02 +00:00
Nicolas Geoffray
0bd5e91ed1 Allow ssr_detector_app to create files of type system_app_data_file. am: 48acf9683f am: a350889233 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2328073

Change-Id: I3e904889634887ad719519b70fe5f48953f09534
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 16:19:12 +00:00
Nicolas Geoffray
a350889233 Allow ssr_detector_app to create files of type system_app_data_file. am: 48acf9683f 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2328073

Change-Id: I1d28a6bc1bab970eef702a8c8a0f9b3d8bfe2123
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 15:48:47 +00:00
Nicolas Geoffray
48acf9683f Allow ssr_detector_app to create files of type system_app_data_file. 
Bug: 260557058
Test: m
Change-Id: I0ff85b542a84ed7d5e5ffd1010ca1a9f7f86c8f1
 2022-12-05 13:58:36 +00:00
Wasb Liu
e249f90504 hal_health_default: updated sepolicy am: daeff5e18c am: 88e9fb512d am: 271a845885 am: d90c1c4c22 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20610808

Change-Id: Ibaebb883793aea87c8601788966a81d60954b4a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 06:08:54 +00:00
Wasb Liu
d90c1c4c22 hal_health_default: updated sepolicy am: daeff5e18c am: 88e9fb512d am: 271a845885 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20610808

Change-Id: Ifca6b7ec1ade7be5d28d619c18af27d537699eda
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 05:34:08 +00:00
Wasb Liu
271a845885 hal_health_default: updated sepolicy am: daeff5e18c am: 88e9fb512d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20610808

Change-Id: I4f4cc732f46d00a7c18dc1fb691436aa826e441a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 04:56:13 +00:00
Wasb Liu
7be52a8882 hal_health_default: updated sepolicy am: daeff5e18c am: 9683d75e8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20610808

Change-Id: I55805563a70ebb51959289d060e5c1211084c852
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 04:55:23 +00:00
Wasb Liu
88e9fb512d hal_health_default: updated sepolicy am: daeff5e18c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20610808

Change-Id: Idb7b4ffa9a74638247fc9bbaa4f697c9945e4c2e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 03:51:20 +00:00
Wasb Liu
9683d75e8a hal_health_default: updated sepolicy am: daeff5e18c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20610808

Change-Id: Id1eae33d36b60e3d4eadd84938cb0abf0228542a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 03:50:56 +00:00
Android Build Coastguard Worker
7e6aaea7ce Snap for 9365099 from 48f55e7049 to udc-release 
Change-Id: I2dfed9b97abe682c65bdd3e22ffefccc6b2382a4
 2022-12-03 04:02:56 +00:00
Android Build Coastguard Worker
f3c943685a Snap for 9364794 from 0237351f52 to tm-qpr2-release 
Change-Id: I8f8ce64b50abcb979c2cb84392519bca060edc7f
 2022-12-03 02:03:18 +00:00
George Lee
48f55e7049 [automerger skipped] Battery Mitigation: Use Brownout Reason - sepolicy am: 0237351f52 am: cd346126ec -s ours 
am skip reason: Merged-In Ia03da290f5cb90ebbc7616d46e90064e346a402c with SHA-1 5744eb89fc is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20614653

Change-Id: If96c552e07d509dd77b7cdebeb8f253d4a9b50bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-02 07:38:50 +00:00
George Lee
cd346126ec Battery Mitigation: Use Brownout Reason - sepolicy am: 0237351f52 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20614653

Change-Id: I0bd44a43a191724cb3a882e87ae988545e207154
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-02 07:05:12 +00:00
George Lee
0237351f52 Battery Mitigation: Use Brownout Reason - sepolicy 
Brownout Reason replaces startup_bugreport_requested.  Battery
Mitigation needs to be updated.

Bug: 237287659
Test: Ensure lastmeal.txt is properly generated.
Merged-In: Ia03da290f5cb90ebbc7616d46e90064e346a402c
Change-Id: Ic123d704e37aa6d1dcd7377c291b537069ede829
Signed-off-by: George Lee <geolee@google.com>
 2022-12-02 05:13:57 +00:00
Android Build Coastguard Worker
8c6f71c8d0 Snap for 9358895 from 5744eb89fc to udc-release 
Change-Id: I4c3c17115670eea11ff4c1e232926649f821f36b
 2022-12-02 02:02:35 +00:00
Wasb Liu
daeff5e18c hal_health_default: updated sepolicy 
allow android.hardware.health service to access persist_battery_file

11-14 13:53:39.242   872   872 W android.hardwar: type=1400 audit(0.0:17): avc: denied { search } for name="battery" dev="sda1" ino=84 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=dir permissive=0

Bug: 258535661
Bug: 260878511
Test: check for no avc denied on persist_battery_file
Change-Id: I7564b03339e17f9eea4aa5a8feda31bcfdd6100c
Signed-off-by: Wasb Liu <wasbliu@google.com>
Signed-off-by: Ken Tsou <kentsou@google.com>
(cherry picked from commit 24cfe388c5)
 2022-12-02 02:01:24 +00:00
Android Build Coastguard Worker
ef183ee898 Snap for 9358956 from 30e01ffb8c to tm-qpr2-release 
Change-Id: I37ad3f8227c7836253c1734b3b848ae2832658f3
 2022-12-02 00:03:25 +00:00
Ziyi Cui
5744eb89fc [automerger skipped] [ DO NOT MERGE ] gs201-sepolicy: pixelstats: enable pixelstats access to perf-metrics am: 30e01ffb8c am: 71d22f91d6 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20133843

Change-Id: Ia03da290f5cb90ebbc7616d46e90064e346a402c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 07:29:45 +00:00
Ziyi Cui
f56323c7fe gs201-sepolicy:dumpstate: allow dumpstate access sysfs_vendor_metrics am: 521334a366 am: 1f90d9e929 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20475259

Change-Id: I6bb61b2a15b90adca5a54295889d91a81b770511
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 07:28:34 +00:00
Ziyi Cui
b82fe2bd4b [automerger skipped] [ DO NOT MERGE ] gs201-sepolicy: pixelstats: enable pixelstats access to temp-residency-metrics am: 2d4a9c02fc am: 8d2a5bdcf7 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20431038

Change-Id: Ic9c3a08c4b06f212c7461d67b77c2617d8e15b87
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 07:28:31 +00:00
Ziyi Cui
71d22f91d6 [ DO NOT MERGE ] gs201-sepolicy: pixelstats: enable pixelstats access to perf-metrics am: 30e01ffb8c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20133843

Change-Id: I4a4b1d228816a46749ce0d125d86c29c272e4a57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 07:03:11 +00:00
Ziyi Cui
1f90d9e929 gs201-sepolicy:dumpstate: allow dumpstate access sysfs_vendor_metrics am: 521334a366 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20475259

Change-Id: Ibf21ea0b6647865f38d04930ff1ccf6dc5377b29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 06:59:41 +00:00
Ziyi Cui
8d2a5bdcf7 [ DO NOT MERGE ] gs201-sepolicy: pixelstats: enable pixelstats access to temp-residency-metrics am: 2d4a9c02fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20431038

Change-Id: I68342b66f1c1588f0b924531a9a23f8cce47c922
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 06:59:37 +00:00
Ziyi Cui
30e01ffb8c [ DO NOT MERGE ] gs201-sepolicy: pixelstats: enable pixelstats access to perf-metrics 
enable pixelstats access to sysfs path, define sysfs_perfmetrics

Bug: 227809911
Bug: 232541623
Test: Verified the existence of atom and correctness of resume latency, irq stats
Signed-off-by: Ziyi Cui <ziyic@google.com>
Change-Id: If1b95148b59a6816c6795921018dfae68d80550b
 2022-12-01 06:31:22 +00:00
Ziyi Cui
521334a366 gs201-sepolicy:dumpstate: allow dumpstate access sysfs_vendor_metrics 
Test: "adb bugreport" includes metrics capture.

Bug: 246799997
Signed-off-by: Ziyi Cui <ziyic@google.com>
Change-Id: I1c2f4aaf1cd875a37497ca8beacb555d39eeb51e
 2022-12-01 06:27:22 +00:00
Ziyi Cui
2d4a9c02fc [ DO NOT MERGE ] gs201-sepolicy: pixelstats: enable pixelstats access to temp-residency-metrics 
enable pixelstats access to sysfs path
Bug: 246799997
Test: Verified the existence of atom and correctness of atom stats
Signed-off-by: Ziyi Cui <ziyic@google.com>
Change-Id: I4a731d40a586e01c484cf95c57fb16a03f5e6ceb
 2022-12-01 06:27:22 +00:00
Android Build Coastguard Worker
3010b68d8c Snap for 9354100 from ee7f6c6720 to udc-release 
Change-Id: I5528660aa667f17ff6da964be0cc5295fc0b3a37
 2022-12-01 02:02:34 +00:00
Android Build Coastguard Worker
73adfe41cf Snap for 9354090 from 24cfe388c5 to tm-qpr2-release 
Change-Id: Id47d8082dcc6e0f6464bb0138d8887328bbbea8f
 2022-12-01 00:03:22 +00:00
Wasb Liu
ee7f6c6720 hal_health_default: updated sepolicy am: 24cfe388c5 am: c7f12f5aa9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20476525

Change-Id: I827033e75db2418f38caf198234f50d0278100ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-30 10:31:38 +00:00
Wasb Liu
c7f12f5aa9 hal_health_default: updated sepolicy am: 24cfe388c5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20476525

Change-Id: I31449984e30724ba883a04c16b179641f6d92cbc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-30 09:59:32 +00:00
Wasb Liu
24cfe388c5 hal_health_default: updated sepolicy 
allow android.hardware.health service to access persist_battery_file

11-14 13:53:39.242   872   872 W android.hardwar: type=1400 audit(0.0:17): avc: denied { search } for name="battery" dev="sda1" ino=84 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=dir permissive=0

Bug: 258535661
Test: check for no avc denied on persist_battery_file
Change-Id: I7564b03339e17f9eea4aa5a8feda31bcfdd6100c
Signed-off-by: Wasb Liu <wasbliu@google.com>
 2022-11-30 09:44:34 +00:00
Android Build Coastguard Worker
e315461c27 Snap for 9348489 from 2295e34d68 to udc-release 
Change-Id: I5dc3ac85f6d5ae53d33779fa9e4ed3c01c7a33c3
 2022-11-30 02:02:33 +00:00
Stephen Crane
5cfe9e57ec [automerger skipped] Allow Trusty storageproxy property am: 5cd114d3a0 am: 9fb7618e6b -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 c03e9b58db is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20545996

Change-Id: I8cb00ac916563913fb61b4a3160ac0d9746a272d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-30 01:43:15 +00:00
Stephen Crane
9fb7618e6b Allow Trusty storageproxy property am: 5cd114d3a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20545996

Change-Id: I76672b0e56c352e1991811bcaddac660fe05d0b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-30 01:15:18 +00:00
Vaibhav Devmurari
2295e34d68 Add SePolicy for system_server accessing sysfs for USB devices 
Add SePolicy to allow Android input manager accessing sysfs nodes
for external USB devices

To support input device lights manager feature in frameworks, provide
sysfs node access to system server process.
DD: go/pk_backlight_control (For keyboard backlight control for external
keyboards)

Similar changes: ag/20092266

Kernel provides a standardized LED interface to expose LED controls
over sysfs: https://docs.kernel.org/leds/leds-class.html
The feature will be provided for devices with kernel sysfs class led
support and vendor kernel driver for input controllers that do have
lights. The kernel sysfs class led support is a kernel config option
(LEDS_CLASS), and an input device driver will create the sysfs class
node interface.
By giving system_server the access to these sysfs nodes, the feature
will work on devices with the kernel option and kernel input/hid driver
support. We do use CTS tests to enforce the kernel options and the
input device drivers.

What's already supported?
- We already support access to UHID sysfs node which used for all
bluetooth based external peripherals

What's included in this CL?
- Adding support to access sysfs nodes for USB based external devices

Test: manual
Bug: 245506418
Change-Id: I51c642ffe7293f793b7b6a131e8d2a37aea4a547
 2022-11-29 11:46:44 +00:00
Nicolas Geoffray
2f94cdf9f1 Merge "Allow ssr_detector_app writes to system_app_data_file." am: 073de4fba6 am: 0590da44cf am: b84e18b8ae 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2319817

Change-Id: Ibca1f8b4e6d1e74896cdbcea324225d67dcc60b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 10:46:56 +00:00
Nicolas Geoffray
b84e18b8ae Merge "Allow ssr_detector_app writes to system_app_data_file." am: 073de4fba6 am: 0590da44cf 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2319817

Change-Id: I5c11172d6fb7b167500633ebba07c48281cd5296
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 10:11:54 +00:00
Nicolas Geoffray
0590da44cf Merge "Allow ssr_detector_app writes to system_app_data_file." am: 073de4fba6 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2319817

Change-Id: I0e29c8a6435b71ff567d03572606cbcba3f76c1b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 09:43:15 +00:00
Nicolas Geoffray
073de4fba6 Merge "Allow ssr_detector_app writes to system_app_data_file." 2022-11-29 09:00:12 +00:00
Adam Shih
304509819e move touch dump to gs-common 
Bug: 256521567
Test: adb bugreport
Change-Id: I198c227508606baf434de456f80477ce6bebcede
 2022-11-29 04:47:15 +00:00
Ziyi Cui
8586ba78c2 gs201-sepolicy:move perf_metrics genf_contexts from gs201 to gs-common 
Bug: 227809911
Bug: 232541623
Test: test adb bugreport
Change-Id: I83fc6c8b1adffe9a58e1a3389036461db49efe77
Signed-off-by: Ziyi Cui <ziyic@google.com>
 2022-11-29 01:02:45 +00:00
Sandeep Dhavale
6d7bc9aed7 Add fastboot sepolicy changes to allow wiping of device am: 89f5fff668 am: 6f2812426a am: 537b43c395 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2316638

Change-Id: I4254bd608d9a942bf0e3643ca802ec4565dccc22
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 00:08:44 +00:00
Sandeep Dhavale
537b43c395 Add fastboot sepolicy changes to allow wiping of device am: 89f5fff668 am: 6f2812426a 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2316638

Change-Id: I129d2a7ab2effbcb93b15a21b539da1e11b8861f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-28 23:36:23 +00:00
Sandeep Dhavale
6f2812426a Add fastboot sepolicy changes to allow wiping of device am: 89f5fff668 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2316638

Change-Id: Ib362d72f41b9955e46350e45250c077c703a0734
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-28 23:09:09 +00:00
Stephen Crane
5cd114d3a0 Allow Trusty storageproxy property 
Allows the Trusty storageproxyd to set ro.vendor.trusty.storage.fs_ready
when the data filesystems are ready for use, and allows vendor init to
query and wait on this property.

Test: build, flash, test app loading
Bug: 258018785
Change-Id: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
Merged-In: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
 2022-11-28 19:48:56 +00:00
Sandeep Dhavale
89f5fff668 Add fastboot sepolicy changes to allow wiping of device 
With new AIDL fastboot service, wiping permissions need to be added
for hal_fastboot_default.

Bug: 260140380
Test: fastboot -w

Change-Id: I08e98461d0697d7539e14435acdacc3cc64eab3d
Signed-off-by: Sandeep Dhavale <dhavale@google.com>
 2022-11-28 17:53:51 +00:00
Nicolas Geoffray
4293206c86 Allow ssr_detector_app writes to system_app_data_file. 
Bug: 260557058
Test: m
Change-Id: Ibd028690a9d8661be8769d1b8f0c4e3a1f0fe985
 2022-11-28 17:27:46 +00:00
Android Build Coastguard Worker
de360d99d0 Snap for 9330281 from 5b3d90132a to udc-release 
Change-Id: I51389fabdf746e36ba74460c338f7ccc94bbf076
 2022-11-25 02:02:25 +00:00
Cheng Chang
5b3d90132a gps: nstandby path depend on platform 
Bug: 259353063
Test: no avc denied about nstandby
Change-Id: Ibf72cfd37837d2a9024b82118cd045a2724c9179
 2022-11-24 06:54:13 +00:00
Android Build Coastguard Worker
f90fb44203 Snap for 9325779 from 65d7ed0931 to udc-release 
Change-Id: I14d47b335fb4c428e8a080551f75a166e27f63cf
 2022-11-24 02:02:43 +00:00
Ziyi Cui
2e98f5f763 gs201-sepolicy: pixelstats:remove type definition to perf-metrics 
move type definition to gs-common

Bug: 227809911
Bug: 232541623
Test: Tested perf-metrics
Change-Id: I8120f682b12137dfea164912efa0fa0417cb5dd3
Signed-off-by: Ziyi Cui <ziyic@google.com>
 2022-11-24 00:10:39 +00:00
Android Build Coastguard Worker
6d747832d4 Snap for 9325773 from a2e6c51431 to tm-qpr2-release 
Change-Id: Id78c1384afcaba07108b288832af644549ae5ed7
 2022-11-24 00:04:01 +00:00
Steve Pfetsch
65d7ed0931 [automerger skipped] gs201-sepolicy: provide permission for TouchInspector app [DO NOT MERGE] am: a2e6c51431 am: f85b2edd47 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20521667

Change-Id: Ib705d4a3620b640d3a8478dd34e272087a5eba99
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-23 21:34:37 +00:00
Steve Pfetsch
f85b2edd47 gs201-sepolicy: provide permission for TouchInspector app [DO NOT MERGE] am: a2e6c51431 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20521667

Change-Id: I60d8fcd79b4620a20b6c06d27a7286cd585676ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-23 20:59:08 +00:00
Stephen Crane
c03e9b58db Allow Trusty storageproxy property 
Allows the Trusty storageproxyd to set ro.vendor.trusty.storage.fs_ready
when the data filesystems are ready for use, and allows vendor init to
query and wait on this property.

Test: build, flash, test app loading
Bug: 258018785
Change-Id: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
 2022-11-23 18:45:55 +00:00
Adam Shih
2dc65d6b5c use gs-common thermal dump 
Bug: 257880034
Test: adb bugreport
Change-Id: Ib5940bce520ca04ee6cb31f5268f0f86dedadf6e
 2022-11-23 14:38:22 +08:00
Steve Pfetsch
a2e6c51431 gs201-sepolicy: provide permission for TouchInspector app [DO NOT MERGE] 
Resolve these access violations:
avc: denied { write } for name="driver_test" dev="proc" ino=4026535572
scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:proc_touch:s0
tclass=file permissive=1 app=com.google.touch.touchinspector
avc: denied { open } for path="/proc/fts/driver_test" dev="proc"
ino=4026535572 scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:proc_touch:s0 tclass=file permissive=1
app=com.google.touch.touchinspector
avc: denied { getattr } for path="/proc/fts/driver_test" dev="proc"
ino=4026535572 scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:proc_touch:s0 tclass=file permissive=1
app=com.google.touch.touchinspector
avc: denied { read } for name="driver_test" dev="proc" ino=4026535572
scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:proc_touch:s0
tclass=file permissive=1 app=com.google.touch.touchinspector

avc: denied { open } for path="/proc/fts_ext/driver_test" dev="proc"
ino=4026535574 scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:proc_touch:s0 tclass=file permissive=1
app=com.google.touch.touchinspector
avc: denied { getattr } for path="/proc/fts_ext/driver_test" dev="proc"
ino=4026535574 scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:proc_touch:s0 tclass=file permissive=1
app=com.google.touch.touchinspector

Bug: 182118395
Signed-off-by: Steve Pfetsch <spfetsch@google.com>
Change-Id: Ia3bd2323b77134b8e47d858f36756780dec98c19
 2022-11-22 23:48:19 +00:00
Android Build Coastguard Worker
ea0b213667 Snap for 9316940 from 80f2221562 to udc-release 
Change-Id: I9f531d664d853cc2fa19e4fbe6f8f5758a4f38b8
 2022-11-22 02:07:45 +00:00
Android Build Coastguard Worker
600f28c3f3 [coastguard skipped] Merge sparse cherrypicks from sparse-9293603-L15900000957431128 into tm-qpr2-release. 
Change-Id: I3df1268e623a75d523d461655228eb6c170a7355
 2022-11-18 19:06:30 +00:00
Android Build Coastguard Worker
e4b0d83bbf Merge cherrypicks of [20468124] into sparse-9293603-L15900000957431128. 
Change-Id: I47486945d527102e8df6e6ffdf45bfd0620b61bb
 2022-11-18 19:01:40 +00:00
George Lee
71560f7402 gs201-sepolicy: Add BrownoutDetection app [DO NOT MERGE] 
This app files bugreport for user-debug build with reboot reason = ocp
or uvlo.  Removed the dependency on BetterBug.

Bug: 237287659
Test: Ensure bugreport is generated under user-debug build with reboot
reason = ocp or uvlo.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ib8fceb62e66e9d561a6597687ea3cbe5ac9a832d
(cherry picked from commit d59612c409)
Merged-In: Ib8fceb62e66e9d561a6597687ea3cbe5ac9a832d
 2022-11-18 19:01:31 +00:00
Adam Shih
80f2221562 move focaltech sepolicy to gs-common 
Bug: 256521567
Test: adb bugreport
Change-Id: If58b8df0b89dc4d20240af46502a94eebe81f66f
 2022-11-18 13:27:11 +08:00
Android Build Coastguard Worker
a6f07b1e9d Snap for 9305821 from 4952bdc68c to udc-release 
Change-Id: Icd4200e34e13b08f3e2322ed040afb5b76e1fd8f
 2022-11-18 02:02:41 +00:00
Adam Shih
4952bdc68c move syna settings to gs-common 
Bug: 256521567
Test: adb bugreport
Change-Id: Idbec89a1a2c8bac63850ad4915a40500d067d49e
 2022-11-17 10:33:25 +08:00
Android Build Coastguard Worker
e3f2ef42c2 Snap for 9301516 from 49fc98da5c to udc-release 
Change-Id: I799dc0c23a5faac72faeeaa782fb27660bfc8f73
 2022-11-17 02:07:18 +00:00
Android Build Coastguard Worker
2110e8f7dc Snap for 9301146 from d59612c409 to tm-qpr2-release 
Change-Id: I4ecf9d49686fb11f23d96ceaa9ab78c824ed376a
 2022-11-17 00:07:02 +00:00
George Lee
49fc98da5c [automerger skipped] gs201-sepolicy: Add BrownoutDetection app [DO NOT MERGE] am: d59612c409 am: 0aa587a6e8 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20468124

Change-Id: I6c0a57179d13d57b8503b049204f3b3414e8efa5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-16 19:53:13 +00:00
George Lee
0aa587a6e8 gs201-sepolicy: Add BrownoutDetection app [DO NOT MERGE] am: d59612c409 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20468124

Change-Id: I453ce49a6e5794baba7a84b0ecc691ec8884b07f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-16 18:34:54 +00:00
George Lee
d59612c409 gs201-sepolicy: Add BrownoutDetection app [DO NOT MERGE] 
This app files bugreport for user-debug build with reboot reason = ocp
or uvlo.  Removed the dependency on BetterBug.

Bug: 237287659
Test: Ensure bugreport is generated under user-debug build with reboot
reason = ocp or uvlo.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ib8fceb62e66e9d561a6597687ea3cbe5ac9a832d
 2022-11-16 18:20:57 +00:00
Adam Shih
60b73a5b28 remove raven touch path 
Bug: 256521567
Test: device does not have the file
Change-Id: I1c0335536f7039724f7e6594fd3959610b56335e
 2022-11-16 07:42:22 +00:00
Android Build Coastguard Worker
f64880111f Snap for 9291639 from 07433db0bb to udc-release 
Change-Id: Ic5b09282db0bafb8c2000e7471863f919bc521c1
 2022-11-15 02:07:28 +00:00
Android Build Coastguard Worker
f15ca4355e Snap for 9290907 from 4baa8bea9c to tm-qpr2-release 
Change-Id: Ia21ce6e83871b55b7b76dd41a5f16ce026be054d
 2022-11-15 00:07:08 +00:00
Minchan Kim
07433db0bb dumpstate: allow dumpstate access pixel specific trace events am: 4baa8bea9c am: b16dcce743 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20414645

Change-Id: I78e48709d51616f071517138d97230b9a02e2351
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-14 19:52:49 +00:00
Minchan Kim
b16dcce743 dumpstate: allow dumpstate access pixel specific trace events am: 4baa8bea9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20414645

Change-Id: Iee880e55f465d0a5e885778c3b5b055e43e98ba5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-14 19:20:40 +00:00
Minchan Kim
4baa8bea9c dumpstate: allow dumpstate access pixel specific trace events 
At bugreport, it's useful to debug problems with having trace events.
Allow dumpstate access pixel trace event directory and files.

Test: "adb bugreport" includes trace event capture.
Bug: 238728493
Change-Id: Ia3fe7c149bfa0d0d192070ff28513384898af917
Signed-off-by: Minchan Kim <minchan@google.com>
 2022-11-14 19:00:39 +00:00
Android Build Coastguard Worker
c9dd3aadb1 Snap for 9284182 from e43c8b3913 to udc-release 
Change-Id: I6911cd65b05c177f6ffa9dfe2895012dc80564b7
 2022-11-12 04:02:44 +00:00
Ziyi Cui
e43c8b3913 gs201-sepolicy: pixelstats: enable pixelstats access to perf-metrics 
enable pixelstats access to sysfs path, define sysfs_perfmetrics

Bug: 227809911
Bug: 232541623
Test: Tested perf-metrics
Signed-off-by: Ziyi Cui <ziyic@google.com>
Change-Id: If1b95148b59a6816c6795921018dfae68d80550b
 2022-11-11 18:00:55 +00:00
Android Build Coastguard Worker
e61e41ff3d Snap for 9280350 from 5d03dcc5cf to udc-release 
Change-Id: I7277f614ee85218c9ef1936f099d2d23adce2fc9
 2022-11-11 02:07:38 +00:00
Sandeep Dhavale
5d03dcc5cf Add sepolicy rules for fastboot AIDL service am: 25ea0f418a am: e1f3eb7802 am: 5eca847f64 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2293977

Change-Id: I322f88288feab1a217b60f2954c08b12176c66ca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-10 20:41:59 +00:00
Sandeep Dhavale
5eca847f64 Add sepolicy rules for fastboot AIDL service am: 25ea0f418a am: e1f3eb7802 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2293977

Change-Id: I0277ceac1dffc7fda32db324b68d14de6074b0ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-10 19:24:35 +00:00
Sandeep Dhavale
e1f3eb7802 Add sepolicy rules for fastboot AIDL service am: 25ea0f418a 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2293977

Change-Id: I6b2c167429aa887acb2785b3bcbc7ef93852354d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-10 18:55:35 +00:00
Adam Shih
92e5ed6d55 move sensors dump to gs-common 
Bug: 250475720
Test: adb bugreport
Change-Id: I09553d0facd7fdca13a8a3e4bdcb70be8265db25
 2022-11-10 05:20:48 +00:00
Adam Shih
e8712e4c93 remove edgetpu folder 
Bug: 258114806
Test: build pass with the setting still active
Change-Id: I9cdf2bbe318647e1f02f152661e57f8430a9a1cb
 2022-11-10 03:19:25 +00:00
Android Build Coastguard Worker
c5d21b3529 Snap for 9274386 from 765aa8ec3a to udc-release 
Change-Id: I024f3786db0f02947361d5cf2e82ed2268a31eb9
 2022-11-10 02:02:50 +00:00
Rick Chen
e43ab3c52a Allow CHRE to use EPOLLWAKEUP 
avc: denied { block_suspend } for comm="UsfTransport" capability=36 scontext=u:r:chre:s0 tcontext=u:r:chre:s0 tclass=capability2 permissive=0

Bug: 238666865
Test: Check no chre avc denied.
Change-Id: Ie936055550c6221beae394c264d664c1e76f946b
Signed-off-by: Rick Chen <rickctchen@google.com>
 2022-11-10 01:16:43 +00:00
Android Build Coastguard Worker
0d427ac3b1 Snap for 9274385 from 8140a50845 to tm-qpr2-release 
Change-Id: Iec078bca1f8102417f083146ed44d23db050c5de
 2022-11-10 00:03:22 +00:00
Rick Chen
765aa8ec3a [automerger skipped] Allow CHRE to use EPOLLWAKEUP [DO NOT MERGE] am: 8140a50845 am: be24daebb8 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20412548

Change-Id: I77d96dfca2940796bee44f8b07c66621afbf2e02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-09 16:39:34 +00:00
Rick Chen
be24daebb8 Allow CHRE to use EPOLLWAKEUP [DO NOT MERGE] am: 8140a50845 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20412548

Change-Id: I58f30ccee5a329ca8e523ab141a8c26b53eefed8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-09 16:09:12 +00:00
Rick Chen
8140a50845 Allow CHRE to use EPOLLWAKEUP [DO NOT MERGE] 
avc: denied { block_suspend } for comm="UsfTransport" capability=36 scontext=u:r:chre:s0 tcontext=u:r:chre:s0 tclass=capability2 permissive=0

Bug: 238666865
Test: Check no chre avc denied.
Change-Id: Ie936055550c6221beae394c264d664c1e76f946b
Signed-off-by: Rick Chen <rickctchen@google.com>
 2022-11-09 15:06:39 +00:00
Android Build Coastguard Worker
1ae32ea358 Snap for 9269479 from d21c509931 to udc-release 
Change-Id: I0b1b65d53463936c5e3a44c48499f249be01e37f
 2022-11-09 02:02:53 +00:00
Sandeep Dhavale
25ea0f418a Add sepolicy rules for fastboot AIDL service 
Bug: 205760652
Test: Build & Flash

Change-Id: I02fe5ca6c0276fd08cf5127b7d8b7313374f0cfe
Signed-off-by: Sandeep Dhavale <dhavale@google.com>
 2022-11-09 00:36:48 +00:00
Android Build Coastguard Worker
66c428c052 Snap for 9268991 from 8427e1db8d to tm-qpr2-release 
Change-Id: I1bfd71266bb5ea93d4d224d6e36cbf7e647404be
 2022-11-09 00:03:20 +00:00
George Lee
d21c509931 [automerger skipped] betterbug: Fixed sepolicy related to File [DO NOT MERGE] am: 8427e1db8d am: 62ad032605 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20408115

Change-Id: I74f102d1a28ca56849c8fc4ccf36fdea757be4d4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-08 16:27:33 +00:00
George Lee
62ad032605 betterbug: Fixed sepolicy related to File [DO NOT MERGE] am: 8427e1db8d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20408115

Change-Id: I9f393278644f6f8075514c9ed0183e49dc23a30c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-08 15:37:55 +00:00
George Lee
8427e1db8d betterbug: Fixed sepolicy related to File [DO NOT MERGE] 
Added File Attachment sepolicy for betterbug

Bug: 237287659
Test: Attach files from local directory and confirm it can be attached.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ie2ee163794a4b955915a1b62b12d5aa625931034
 2022-11-08 15:11:18 +00:00
Roger Fang
c7ff18f562 [automerger skipped] [DO NOT MERGE] sepolicy: add permission for CCA rate of pixelstats-vend am: 35112bba62 am: 2cbcb987d0 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20349111

Change-Id: Iedd8728ec712d40f90abad7bbdd6283cd03fbec4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-08 11:03:14 +00:00
Roger Fang
2cbcb987d0 [DO NOT MERGE] sepolicy: add permission for CCA rate of pixelstats-vend am: 35112bba62 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20349111

Change-Id: Iec3b93d49714f78853a9b389a508e17673c2e764
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-08 10:17:32 +00:00
Roger Fang
35112bba62 [DO NOT MERGE] sepolicy: add permission for CCA rate of pixelstats-vend 
pixelstats-vend: type=1400 audit(0.0:7): avc: denied { read } for name="cca_rate_read_once" dev="sysfs" ino=100809 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 249225148
Test: Manually test passed

Change-Id: I802b79417cd9ce23386bb62eccb151610bfb8ac1
Signed-off-by: Roger Fang <rogerfang@google.com>
 2022-11-08 09:53:37 +00:00
Android Build Coastguard Worker
e53c9d99fa Snap for 9264775 from e601e2bc0f to udc-release 
Change-Id: Iddd90c2888ac364c906910e0ed8d153c0772361c
 2022-11-08 02:02:38 +00:00
Android Build Coastguard Worker
315e064377 Snap for 9264471 from 40be3818e1 to tm-qpr2-release 
Change-Id: If7219f91ab6bd5968bb61908b9c70e6bad1586cd
 2022-11-08 00:12:00 +00:00
George Lee
e601e2bc0f [automerger skipped] betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] am: 40be3818e1 am: 0cdf1cfe9b -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20395514

Change-Id: I2d586a8c819bca4b0ad2841b08539ab0f1485bc0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-07 05:23:13 +00:00
George Lee
0cdf1cfe9b betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] am: 40be3818e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20395514

Change-Id: Idff494bb1f32381d8a1db0dd137d5abe06f2a77e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-07 04:50:02 +00:00
Android Build Coastguard Worker
e5af3efc4d Merge cherrypicks of [20395514] into tm-qpr2-release. 
Change-Id: I14e2e328f9521e79502205acb74777ad4668aacc
 2022-11-07 03:33:34 +00:00
George Lee
a85164a440 betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] 
Added mediaserver sepolicy for betterbug

Bug: 237287659
Test: Run same video capture on Betterbug to confirm video can be
captured.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
(cherry picked from commit 40be3818e1)
Merged-In: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
 2022-11-07 03:33:32 +00:00
Android Build Coastguard Worker
29e1cd1b85 [coastguard skipped] Merge sparse cherrypicks from sparse-9258676-L67400000957223967 into tm-qpr2-release. 
Change-Id: Id392951cf8ff3b3bf2d43922494c6241cf2341c1
 2022-11-07 03:20:00 +00:00
Android Build Coastguard Worker
00acd4815a Merge cherrypicks of [20395514] into sparse-9258676-L67400000957223967. 
Change-Id: I5e69a83ba3bb9de15a4abb08d1b1aaf738edd691
 2022-11-07 03:15:41 +00:00
George Lee
293b13687f betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] 
Added mediaserver sepolicy for betterbug

Bug: 237287659
Test: Run same video capture on Betterbug to confirm video can be
captured.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
(cherry picked from commit 40be3818e1)
Merged-In: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
 2022-11-07 03:15:39 +00:00
George Lee
40be3818e1 betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] 
Added mediaserver sepolicy for betterbug

Bug: 237287659
Test: Run same video capture on Betterbug to confirm video can be
captured.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
 2022-11-05 18:45:08 +00:00
Android Build Coastguard Worker
e2b04e5310 Snap for 9258794 from 3073884607 to udc-release 
Change-Id: I437ba5e7945d1d2874017cc1acba011c65f68029
 2022-11-05 03:07:27 +00:00
Android Build Coastguard Worker
d09561718e Snap for 9257771 from f9552297fa to tm-qpr2-release 
Change-Id: If6565d08d8c3062edb53d2d60b25637f223e7cdc
 2022-11-05 01:03:03 +00:00
Star Chang
3073884607 Add sepolicy for TWT to dumpstate am: f9552297fa am: f7f9aa1304 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20118653

Change-Id: I7227638b2e344130f8543c7f693efeddee12e086
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-04 02:57:02 +00:00
Star Chang
f7f9aa1304 Add sepolicy for TWT to dumpstate am: f9552297fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20118653

Change-Id: I7bb658e06b8e95be2933ac4ae45bd2e0208a851e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-04 02:10:03 +00:00
Star Chang
f9552297fa Add sepolicy for TWT to dumpstate 
Bug: 253348062
Test: dump bugreport ok
Signed-off-by: Star Chang <starchang@google.com>
Change-Id: I0958fef496302df3f5e6e188f15117de78988a62
 2022-11-04 01:31:19 +00:00
Android Build Coastguard Worker
1cd22e0e01 Snap for 9250775 from d155bce16c to udc-release 
Change-Id: I025949c885e877a0e49fdb7faa935f3d16d6a8f5
 2022-11-03 03:29:41 +00:00
Android Build Coastguard Worker
b8ba2e1070 Snap for 9248884 from 9877742035 to tm-qpr2-release 
Change-Id: Iaad7c79b1c875dd22902e8453d51079999477f93
 2022-11-02 23:03:10 +00:00
Puma Hsu
d155bce16c Add xhci-hcd-exynos.6 wakeup path for suspend_control am: 9877742035 am: ea1be0c069 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20288288

Change-Id: I68e8119ea0a950aa83dded293bff318b37062547
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 15:42:08 +00:00
Puma Hsu
ea1be0c069 Add xhci-hcd-exynos.6 wakeup path for suspend_control am: 9877742035 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20288288

Change-Id: I2083d21b860b0c6179427cd9972eafe47f292db1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 15:09:41 +00:00
Puma Hsu
9877742035 Add xhci-hcd-exynos.6 wakeup path for suspend_control 
Bug: 255270480
Test: verified with forrest test build
Change-Id: I5e2eed4d5e20361d86f6d6be8c92ca337e4ee004
Signed-off-by: Puma Hsu <pumahsu@google.com>
 2022-11-02 07:39:53 +00:00
Amith Dsouza
74f21ee10e Fix untracked SELinux denials on boot am: be2e1b2ede am: 5653e43b44 am: 7fa80e3581 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: I2ce5838152cf7eb66a1f37e7c7dab5a4d7e81c50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 07:14:30 +00:00
Amith Dsouza
7fa80e3581 Fix untracked SELinux denials on boot am: be2e1b2ede am: 5653e43b44 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: I6300bd318ffdfad334caa60b5e0ea286d0d503c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 04:49:26 +00:00
Amith Dsouza
5653e43b44 Fix untracked SELinux denials on boot am: be2e1b2ede 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: Ic521a8ea94ec22b17bf4a327c8244d0d04c269e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 04:07:20 +00:00
George Lee
f03c6fb1d8 betterbug: Update selinux policy for betterbug 
Update startup_bugreport_requested property to vendor_public for
betterbug to access.

Bug: 237287659
Test: Load Betterbug for accessing startup bugreport reason property
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Idc07e3f4ce425c0167654743fbe1ad8b7ece5e15
(cherry picked from commit d1e0b924ae)
 2022-11-02 02:47:37 +00:00
Amith Dsouza
be2e1b2ede Fix untracked SELinux denials on boot 
Error:
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:platform_app:s0:c512,c768 pid=2641 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 254453654
Test: Flash device, rebuild driver blobs, check logs after boot

Change-Id: I43d524f781c1dda1d3d5291f661bc549fdbb99d6
 2022-11-02 00:55:45 +00:00
Gabriel Biren
6202c44816 Update gs201 sepolicy to allow the wifi_ext AIDL service. 
Changes should be similar to aosp/2262723.

Bug: 205044134
Test: m + Pre-submit tests
Change-Id: Ia1c784953225cb48b5320d8f1f5346a3cace005b
 2022-11-01 23:19:51 +00:00
Android Build Coastguard Worker
77ed34ebf8 Snap for 9243084 from 0810814b49 to tm-qpr2-release 
Change-Id: I6e0ceb725582f6093bfe4e8ff45bb689d31f5bce
 2022-11-01 23:03:06 +00:00
pointerkung
9b2ff35965 Add required sepolicy rule for Camera am: 0810814b49 am: 4d803ef7d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20137924

Change-Id: I2f733ea78ece93ae7d0aa5c62e0d7c49e80db5b6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 21:24:40 +00:00
Jenny Ho
4797944212 Add permission for logbuffer_bd am: 441a3ad3ef am: fbec30a349 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20089144

Change-Id: I2f14b602e52674565fcb1a80f64da1ef2c100285
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 21:24:29 +00:00
George Lee
69d0a6e78f [conflict] betterbug: Update selinux policy for betterbug am: d1e0b924ae am: 0511a5b342 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20276308

Bug: 256639156
Change-Id: Id42a5dc034bfe4ce5ad3606ba30423ba9775b125
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 17:00:22 +00:00
pointerkung
4d803ef7d6 Add required sepolicy rule for Camera am: 0810814b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20137924

Change-Id: I520c8b5c9321a87009f430bc673eb84fb9e3a9bf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 12:18:53 +00:00
pointerkung
0810814b49 Add required sepolicy rule for Camera 
Grant access for TNR max_freq to let libperfmgr can control it via powerhint.

Bug: 243729855
Test: Build pass, GCA, Control TNR max_freq via powerhint
Change-Id: I8f8faa360d9908afe3fe0de3c322a2be356b86c8
 2022-11-01 11:33:43 +00:00
Jenny Ho
fbec30a349 Add permission for logbuffer_bd am: 441a3ad3ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20089144

Change-Id: I627644e45a2c28d6af8dd6e9493de8577bbcaee8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 06:08:54 +00:00
Jenny Ho
441a3ad3ef Add permission for logbuffer_bd 
Bug: 242679204
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ie5c9829ee1a4980689c933273a273f1f4ac612b6
 2022-11-01 05:34:18 +00:00
Android Build Coastguard Worker
5553e9d7e9 Snap for 9239178 from 13fbaff253 to udc-release 
Change-Id: Ia3e5c3065ad4c28c7f99a8cb2878f77ed1837ca1
 2022-11-01 01:02:58 +00:00
Android Build Coastguard Worker
364e6ee083 Snap for 9238644 from d1e0b924ae to tm-qpr2-release 
Change-Id: I18181e54a18722277775e9f63f5a9b1ebcb7a74d
 2022-10-31 23:07:02 +00:00
George Lee
0511a5b342 betterbug: Update selinux policy for betterbug am: d1e0b924ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20276308

Change-Id: I2445a6fda2fdca67b38040ea5dac95d30136b070
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-31 17:08:15 +00:00
George Lee
d1e0b924ae betterbug: Update selinux policy for betterbug 
Update startup_bugreport_requested property to vendor_public for
betterbug to access.

Bug: 237287659
Test: Load Betterbug for accessing startup bugreport reason property
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Idc07e3f4ce425c0167654743fbe1ad8b7ece5e15
 2022-10-31 16:30:39 +00:00
George Lee
13fbaff253 bcl: Add Mitigation Logger - Del gs201-sepolicy 
Mitigation Logger logs battery related information for 1 second when it
is triggered by under voltage or over current interrupts.  Information
collected is to help debug system brownout.

Bug: 228383769
Test: Boot and Test
Change-Id: Ia13f6b16dd35803873f20514c21a95ed8dd20a55
Signed-off-by: George Lee <geolee@google.com>
 2022-10-31 14:17:55 +00:00
Android Build Coastguard Worker
86f2aaa84f Snap for 9234388 from 7e6dc0eabb to udc-release 
Change-Id: I874c58912df7988448a0feb16e1b352c0e49ad4b
 2022-10-29 23:02:28 +00:00
Jack Wu
7e6dc0eabb ignore shell access on wlc 
Bug: 238260741
Test: boot
Change-Id: I5f1d321df2daa2ec785e2ad1ac2e02478568b688
Signed-off-by: Jack Wu <wjack@google.com>
 2022-10-29 05:44:27 +00:00
Android Build Coastguard Worker
c171549c00 Snap for 9231933 from b26281d43b to udc-release 
Change-Id: I15893138135c2773b2638216326789f34ad760e9
 2022-10-29 03:03:04 +00:00
Android Build Coastguard Worker
7f99fff69f Snap for 9232464 from ba0eb551e9 to tm-qpr2-release 
Change-Id: Icd0ea86bd1742a4b0440e00d84cedbeacea7c86c
 2022-10-29 01:03:07 +00:00
eddielan
b26281d43b fingerprint: Allow fingerprint to access thermal hal am: ba0eb551e9 am: 234029f1cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19694493

Change-Id: Iac775cc47444b835800065fe01877ba14f59d602
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-28 17:22:48 +00:00
eddielan
234029f1cf fingerprint: Allow fingerprint to access thermal hal am: ba0eb551e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19694493

Change-Id: I4f916181746334cc68e8ed0778e95e56e427294d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-28 16:46:11 +00:00
eddielan
ba0eb551e9 fingerprint: Allow fingerprint to access thermal hal 
SELinux : avc:  denied  { find } for interface=android.hardware.thermal::IThermal
sid=u:r:hal_fingerprint_default:s0 pid=1064
scontext=u:r:hal_fingerprint_default:s0
tcontext=u:object_r:hal_thermal_hwservice:s0
tclass=hwservice_manager permissive=0

Bug: 243115023
Test: make selinux_policy -j128
Test: Check avc log on device
Change-Id: Ida1b18536468df11be5bf44fb6fb79b03a35f4b9
 2022-10-28 15:14:35 +00:00
Adam Shih
7c683d8496 move brcm gps solution to gs-common 
Bug: 254758553
Test: google map can locate on pixel
Change-Id: I2c97ac6c327a0c32dbc9223597758bbceb72d2a3
 2022-10-28 05:33:37 +00:00
Android Build Coastguard Worker
5df89d0066 Snap for 9212694 from c21e91d211 to udc-release 
Change-Id: If405ef3b209b7060ea47798e473439688328ce4e
 2022-10-25 01:02:54 +00:00
Android Build Coastguard Worker
bd410762c6 Snap for 9211918 from 939d05cbf8 to tm-qpr2-release 
Change-Id: Id8bf34bd3694009d4bee8178f497e774746cf878
 2022-10-24 23:06:58 +00:00
Lucas Wei
c21e91d211 [automerger skipped] SEPolicy: Don't audit search regmap by kernel am: 939d05cbf8 am: 5db7e8bdef -s ours 
am skip reason: Merged-In I8886b5c3790036a9fe2d1ed8f524a0555b900dbb with SHA-1 3805fb1895 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20108831

Change-Id: I2d3b61f11b6865dbc49ebf653bd9b6f1899c800d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-24 10:24:05 +00:00
Lucas Wei
5db7e8bdef SEPolicy: Don't audit search regmap by kernel am: 939d05cbf8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20108831

Change-Id: I890491b2994a2b703f8e85346191d9f4baf08eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-24 09:53:52 +00:00
Lucas Wei
939d05cbf8 SEPolicy: Don't audit search regmap by kernel 
Bug: 247948906
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: I8886b5c3790036a9fe2d1ed8f524a0555b900dbb
Merged-In: I8886b5c3790036a9fe2d1ed8f524a0555b900dbb
 2022-10-24 09:07:14 +00:00
Lucas Wei
3805fb1895 SEPolicy: Don't audit search regmap by kernel 
Bug: 247948906
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: I8886b5c3790036a9fe2d1ed8f524a0555b900dbb
 2022-10-23 23:12:56 +08:00
Android Build Coastguard Worker
b5e82fa7eb Snap for 9206486 from 91b093f51e to udc-release 
Change-Id: I06eec4af9df374f3d7e26065c3ed7543c9fbe7f4
 2022-10-22 03:03:01 +00:00
Android Build Coastguard Worker
db2e15ed8b Snap for 9201053 from 92bb9d7445 to udc-release 
Change-Id: I2bc828c379414302c7a6c6e788b44672b7472242
 2022-10-21 01:03:04 +00:00
Android Build Coastguard Worker
e97d5ea281 Snap for 9200392 from 19419cbdb3 to tm-qpr2-release 
Change-Id: I11eb7881fb251a81e9b54a48258ee10b1510e90a
 2022-10-20 23:03:16 +00:00
Adam Shih
91b093f51e move aoc settings to gs-common 
Bug: 248426917
Test: boot with aoc launched
Change-Id: Icf7e819e7e0a25695a2fb7b05d08273918e19823
 2022-10-20 11:24:07 +08:00
Martin Liu
92bb9d7445 allow vendor_init to acces watermark_scale_factor am: 19419cbdb3 am: 0a8aa66a1d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20189607

Change-Id: Ia89bb182634992a68b08a67db5b00b5e6511ce85
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-19 21:48:19 +00:00
Martin Liu
0a8aa66a1d allow vendor_init to acces watermark_scale_factor am: 19419cbdb3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20189607

Change-Id: Ie052c7b8c7a34ea7bd652fa56a1563506592f814
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-19 21:15:14 +00:00
Martin Liu
19419cbdb3 allow vendor_init to acces watermark_scale_factor 
Bug: 251881967
Test: boot
Signed-off-by: Martin Liu <liumartin@google.com>
Change-Id: I0840cf19f9c3120aaacc49de751fdd0a55aebf5f
 2022-10-19 20:33:22 +00:00
Android Build Coastguard Worker
ae05b94c6a Snap for 9178695 from b84bba204b to udc-release 
Change-Id: I23994e2652827c91e152b6d44844d0152a91d684
 2022-10-15 03:03:33 +00:00
Android Build Coastguard Worker
15023a4630 Snap for 9178587 from 5c48a90285 to tm-qpr2-release 
Change-Id: I70b20b159a51269b65983265c961343d70600cbd
 2022-10-15 01:03:25 +00:00
Krzysztof Kosiński
b84bba204b Use generic wildcard for vendor libprotobuf. am: 36df3f715f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20190509

Change-Id: I2921fea6a332de2feca478b2365fe6dc29a9658a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 17:25:19 +00:00
George Lee
cefb0cf2ca pixelstats: add bcl directory permission am: 5c48a90285 am: 31783a9f98 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20192928

Change-Id: Iafc2a2d89110b9a101286a2f27d9ddea0ee825c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 17:24:45 +00:00
Krzysztof Kosiński
36df3f715f Use generic wildcard for vendor libprotobuf. 
The suffix changes on each upgrade and the newest release uses
a two-part version number instead of a three-part one. Use a regex
that will match any suffix.

Bug: 203713560
Test: presubmit, log check
Change-Id: I7a3357d11c162a9bc24196bb232f58be9ba062ec
 2022-10-14 17:18:38 +00:00
George Lee
31783a9f98 pixelstats: add bcl directory permission am: 5c48a90285 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20192928

Change-Id: Ibf3a806221d01fc7ccfd0dcf16ca933b40e4e78f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 16:51:47 +00:00
George Lee
5c48a90285 pixelstats: add bcl directory permission 
Bug: 253522156
Test: Local test
$>cmd stats print-logs
$>logcat | grep <atom id>

Signed-off-by: George Lee <geolee@google.com>
Change-Id: I934f6efb043893666dac88257619556e30d82751
 2022-10-14 15:57:59 +00:00
George Lee
23d095da01 betterbug: Add selinux policy for betterbug am: 39ffb227b3 am: 87e5ce6250 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20188753

Change-Id: I8b049af986af7c8ab44791a8e9c515a489ebd87e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 06:28:01 +00:00
George Lee
87e5ce6250 betterbug: Add selinux policy for betterbug am: 39ffb227b3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20188753

Change-Id: Ifda87221614295b1bd9aafafa78c212cdd49a358
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 05:55:15 +00:00
Android Build Coastguard Worker
c6288a11e0 Snap for 9175178 from e2ad2a0fd9 to udc-release 
Change-Id: I4e75f939bb73747dddf20dea2712ce6e15d0b59f
 2022-10-14 05:08:05 +00:00
Adam Shih
e2ad2a0fd9 remove redundant permission that has moved to gs-common 
Bug: 248426917
Test: adb bugreport
Change-Id: I8df8d6197aea78caf6f9903e7fd7953eab567e8c
 2022-10-14 00:38:24 +00:00
George Lee
6c2da109f8 bcl: Remove unused brownout boot reason sepolicy am: 083ba62902 am: 7bdbe0b215 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20191486

Change-Id: I17b3998db65accc57097dac0dfde7cf139013b7c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 23:56:30 +00:00
George Lee
39ffb227b3 betterbug: Add selinux policy for betterbug 
Enable Betterbug to read reboot reason such that Betterbug can file
bugreport when *uvlo* or *ocp* is found within reboot reason.

Bug: 237287659
Test: Load Betterbug for accessing boot reason property
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Id699be34d2e060ee7827737982403fd58f133c4a
 2022-10-13 23:44:06 +00:00
George Lee
7bdbe0b215 bcl: Remove unused brownout boot reason sepolicy am: 083ba62902 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20191486

Change-Id: I7028903ecaac63a7579b0dcc1415076e0d0412df
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 23:25:35 +00:00
Android Build Coastguard Worker
f843c3f356 Snap for 9173498 from b72e47e1b0 to tm-qpr2-release 
Change-Id: I0a6660e4e46c623f7073470a6608205aad608088
 2022-10-13 23:03:30 +00:00
George Lee
083ba62902 bcl: Remove unused brownout boot reason sepolicy 
vendor_brownout_boot_reason was added under previous change.  It should
be added as part of follow on change to enable metric collection.

Bug: 246817058
Test: Confirm brownout_boot_reason non existent
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I1fed12e851750314f53a0d6517a9eff92c44e247
 2022-10-13 12:52:20 -07:00
George Lee
9d07c520b5 bcl: Add brownout boot reason sepolicy am: b72e47e1b0 am: 2c91c54d7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20152240

Change-Id: Ia0758fbbbbaea7eed44f7a9dc5e3f33f7bf8c90c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 19:49:08 +00:00
George Lee
2c91c54d7b bcl: Add brownout boot reason sepolicy am: b72e47e1b0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20152240

Change-Id: Ieefdd8f7a446e51854835ae3bcfd0607f86ae49f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 18:31:54 +00:00
George Lee
b72e47e1b0 bcl: Add brownout boot reason sepolicy 
Lastmeal.txt may be generated from after device rebooted from IRQ
triggering.  By applying limit on the time when it generates,
lastmeal.txt will not be generated after device rebooted.

Bug: 246817058
Test: Confirm lastmeal.txt generation
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I02515fc452dbfa5c8a40041cbb8731664dace62e
 2022-10-12 19:59:58 -07:00
Android Build Coastguard Worker
433e8fc4cf Snap for 9159364 from 52ff289b2c to udc-release 
Change-Id: Iee0cb602c5c88362dc2932d820efcb914c679e6d
 2022-10-11 01:02:51 +00:00
Android Build Coastguard Worker
7b008d7600 Snap for 9158784 from 2260099ad3 to tm-qpr2-release 
Change-Id: I502857d5aaad0c4e16310ec005ce0a7aebaf0062
 2022-10-10 23:06:58 +00:00
George Lee
52ff289b2c bcl: Add mitigation ready device sepolicy am: 2260099ad3 am: ae51ebfd98 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20123277

Change-Id: I6b937ab9105b79c2ed1f5d1a10c04ca878d57865
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-10 20:48:21 +00:00
George Lee
ae51ebfd98 bcl: Add mitigation ready device sepolicy am: 2260099ad3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20123277

Change-Id: I5b1cd5209a52bacd524e2489bef2af866a258f4f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-10 20:15:58 +00:00
George Lee
2260099ad3 bcl: Add mitigation ready device sepolicy 
Instead of relying on vendor.thermal.link_ready property to gate write
to BCL's SYSFS node, adding mitigation ready SYSFS so that writes to
BCL's SYSFS node would not cause NULL pointer dereference.

Bug: 249130916
Test: Confirm property vendor.brownout.mitigation.ready is set
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I1b21a1c745e7e17f78e9d4c001032dd2c46673cf
 2022-10-10 19:49:34 +00:00
Android Build Coastguard Worker
b4fa554eb7 Snap for 9153524 from b47db82964 to udc-release 
Change-Id: Ie762441d56b3db66af209ba43041b64d419c9d90
 2022-10-08 03:03:12 +00:00
Adam Shih
b47db82964 move modem dump to gs-common 
Bug: 250475732
Test: adb bugreport
Change-Id: I8f7f1538b5e236a2c6e0ff5a1d9224c539ef9836
 2022-10-07 09:31:29 +08:00
Android Build Coastguard Worker
31c1a6fc01 Snap for 9142107 from 455201b20d to udc-release 
Change-Id: Id2f9c710bdf9813c4e98b044aeab5cde342447c8
 2022-10-06 01:02:46 +00:00
Adam Shih
455201b20d move soc dump to gs-common 
Bug: 248428203
Test: adb bugreport
Change-Id: I225029624d4bd254dee3997b80ff322bacd07b23
 2022-10-05 02:14:13 +00:00
Android Build Coastguard Worker
37f2d9db63 Snap for 9138051 from d03b6f3be2 to udc-release 
Change-Id: I0691c950e1e49941e627aa4d81dbbfe9abc24e81
 2022-10-05 01:03:06 +00:00
Adam Shih
d03b6f3be2 move ramdump relate dumpstate to gs-common 
Bug: 248428203
Test: adb bugreport
Change-Id: I40d9aff0e8069acc5d5ecbd0a596a850315e0b22
 2022-10-04 04:59:49 +00:00
Android Build Coastguard Worker
3974ce2694 Snap for 9133013 from bdf3d6abcc to tm-qpr2-release 
Change-Id: I26b4cd4c1ececa5cee237123386a0c2b49a088d2
 2022-10-03 23:06:42 +00:00
Adam Shih
8902c457d7 move trusty device to gs-common 
Bug: 244504232
Test: adb bugreport
Change-Id: If0df8122e5655b659ac001d42b9a6cf28a59a627
 2022-10-03 09:21:03 +08:00
Android Build Coastguard Worker
ed634386ff Snap for 9127594 from c87f573dec to udc-release 
Change-Id: I0364d6d4824b46ed1466bf56eee9c6db2a80ee7d
 2022-10-01 03:03:08 +00:00
Vova Sharaienko
c87f573dec [automerger skipped] hal_health_default: updated sepolicy am: bdf3d6abcc am: ac2e9dd662 -s ours 
am skip reason: Merged-In I71013c0b17ee5e526387efa0afb823f97775e572 with SHA-1 87bc6d189d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20041334

Change-Id: I2eedec23df2f9e52ba9c470104d705bdfe4ac3cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 17:50:02 +00:00
Vova Sharaienko
ac2e9dd662 hal_health_default: updated sepolicy am: bdf3d6abcc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20041334

Change-Id: I83ea07dbbc51fe7729172ff7e688795df312c25d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 17:17:27 +00:00
Vova Sharaienko
bdf3d6abcc hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 237639591
Bug: 249827340
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I71013c0b17ee5e526387efa0afb823f97775e572
(cherry picked from commit 87bc6d189d)
Merged-In: I71013c0b17ee5e526387efa0afb823f97775e572
 2022-09-30 16:43:46 +00:00
Kyle Tso
a71da6c26c [automerger skipped] Set sepolicy for shell script of disabling contaminant detection am: c18eea71d7 am: e9137ca867 -s ours 
am skip reason: Merged-In Idbfa55d4c7091ce2861600ff3881fcc7217ec662 with SHA-1 9bb5e3e05b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20064568

Change-Id: I70ccac11eb822437f879cbbe852b5a4e67632bbf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 09:50:46 +00:00
Kyle Tso
e9137ca867 Set sepolicy for shell script of disabling contaminant detection am: c18eea71d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20064568

Change-Id: I910ec6dd06d432adb2de2f28cb49a663416b9b4b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 09:04:31 +00:00
Android Build Coastguard Worker
1d3e78a77d Snap for 9121979 from 9bb5e3e05b to udc-release 
Change-Id: Ieee1872b01f3781a628bf872423cd490bbf78615
 2022-09-30 01:03:07 +00:00
Kyle Tso
c18eea71d7 Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 244658328
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
Merged-In: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
 2022-09-29 13:33:28 +00:00
Kyle Tso
9bb5e3e05b Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 244658328
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
 2022-09-29 03:10:51 +00:00
Adam Shih
df53edb110 move UFS dump to gs-common 
Bug: 248143736
Test: adb bugreport
Change-Id: I06374e41f2e4c4695780d7f1f2ff12d27f77351f
 2022-09-28 13:27:03 +08:00
Android Build Coastguard Worker
5d1d177c72 Snap for 9112360 from 6580ccce50 to udc-release 
Change-Id: I58bac788f1d555bc09d009232d7155ab97226ff2
 2022-09-28 02:13:11 +00:00
Adam Shih
6580ccce50 dump f2fs in gs-common 
Bug: 248143736
Test: adb bugreport
Change-Id: Id3b62464fb80cb6178e5b8fc4a53c8c3dfe1b27e
 2022-09-27 03:06:43 +00:00
Android Build Coastguard Worker
e5d21ffb90 Snap for 9101640 from d4440cb19e to udc-release 
Change-Id: Id7148d453acb640a5029a78826974e436717c958
 2022-09-24 03:03:13 +00:00
Sayanna Chandula
d4440cb19e thermal: enable pixelstats access to thermal metrics am: cbb62de10c am: 560dbcff4b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19706085

Change-Id: I444fb2e8e93683ac9db6bba1a85f95dbab8bd4b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-23 20:48:29 +00:00
Sayanna Chandula
560dbcff4b thermal: enable pixelstats access to thermal metrics am: cbb62de10c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19706085

Change-Id: I9c3b9a0a241dd0584bbcf8eb8ad1176526052d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-23 20:17:52 +00:00
Sayanna Chandula
cbb62de10c thermal: enable pixelstats access to thermal metrics 
Allow pixelstats daemon to access thermal metric nodes

Bug: 228247740
Test: Build and boot on device. Check thermal stats
Change-Id: Iada717b92782bc9c085928462b2e06d2db136cab
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2022-09-23 19:48:41 +00:00
timmyli
7054110441 Allow camera_hal to access always on compute device 
As a part of RLSRefactor efforst, we need to access libusf
from within camera_hal.

Bug: 248089742
Test: Compiles, Manual test that we can access aoc device
Change-Id: Ie79a2ee544067de69f402e2dd5ce6e55c200be13
 2022-09-23 04:17:18 +00:00
Android Build Coastguard Worker
7c5d85f758 Snap for 9094779 from 047656d92e to udc-release 
Change-Id: I4e68d69861719843163d516977e9a56890a62b1e
 2022-09-23 01:03:03 +00:00
jintinglin
047656d92e Allows modem_svc to read the logging related properties am: 5acc68de3b am: b49b1ca9a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19981021

Change-Id: I90f08ab30819ba7b7a0085a0657c70b4351a616a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-22 16:12:41 +00:00
jintinglin
b49b1ca9a7 Allows modem_svc to read the logging related properties am: 5acc68de3b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19981021

Change-Id: I53be3006909eeb6fa4938ceecca1299c1905412c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-22 15:35:43 +00:00
jintinglin
5acc68de3b Allows modem_svc to read the logging related properties 
avc: denied { read } for comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=347 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 243039758
Change-Id: Ib3031552faf03771f86e72e7dbd81c3610c518cc
 2022-09-22 08:15:23 +00:00
Android Build Coastguard Worker
d46e4acdf1 Snap for 9085393 from 9841567e5f to udc-release 
Change-Id: I64cb9fcda8dd0105e51ba75c0291bdcb8cb10312
 2022-09-21 01:03:06 +00:00
Jinhee.k
9841567e5f sepolicy: allowed permissions required for network access am: 37c32d672f am: 324f9b569d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19968207

Change-Id: Ic2a4516c0e3e572c59dc80afdef13fdb3b311122
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-20 01:32:07 +00:00
Android Build Coastguard Worker
fc9f9019ad Snap for 9080899 from 87bc6d189d to udc-release 
Change-Id: I61996e4a78b249bd7e2992efb6f98b64b0734c6a
 2022-09-20 01:02:58 +00:00
Jinhee.k
324f9b569d sepolicy: allowed permissions required for network access am: 37c32d672f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19968207

Change-Id: Idf4da54e99fa914f9297da048dec7816b0efd44d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-20 01:00:41 +00:00
Jinhee.k
37c32d672f sepolicy: allowed permissions required for network access 
: add permission to allow create, connect udp socket
Apply to add network access permissions

Bug: 242231557
Test: Verified no IMS exception and avc denied
Change-Id: I4a4bd1efb22b5538b1679aad8f543d00203e0b48
Signed-off-by: Jinhee.k <jinhee.k@samsung.com>
 2022-09-19 01:41:34 +00:00
Android Build Coastguard Worker
2a9c3dad21 Snap for 9075788 from 7c6154bdce to udc-release 
Change-Id: Ifc3eeb4c4656328865a7d92df7ae16a80a9a4bdb
 2022-09-17 03:03:00 +00:00
Vova Sharaienko
87bc6d189d hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 237639591
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I71013c0b17ee5e526387efa0afb823f97775e572
 2022-09-16 18:58:26 +00:00
Ted Lin
7c6154bdce Remove the tracking denials code. 
Bug: 213817227
Test: Check the bugreport
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: I94a64f6ea05757b9c74657647ef7f0d14fa34c55
 2022-09-16 14:00:24 +08:00
Android Build Coastguard Worker
148f9284b5 Snap for 9070718 from 540b00f63e to udc-release 
Change-Id: I093a3cf8ce46c1ba58c3fb1ad81059e0d4db46ca
 2022-09-16 01:03:04 +00:00
Sherry Luo
540b00f63e Add network permissions for debug camera am: 9dd930e4c2 am: fabbfe62fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19914967

Change-Id: Ie566fd9c20a44368b054b09518f3b613d37eb054
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 19:53:10 +00:00
Sherry Luo
fabbfe62fa Add network permissions for debug camera am: 9dd930e4c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19914967

Change-Id: I73f2cf441f2e52e5246074693d65a3cb6a5da3bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 18:48:22 +00:00
Sherry Luo
9dd930e4c2 Add network permissions for debug camera 
Noticed that Estrella upload failing w/
   java.lang.SecurityException: Permission denied (missing INTERNET
   permission?)

Followed investigation in b/230434151. Verified that upload working once
this change is flashed.

Test: Flash build w/ local change
Test: Take a picture and upload using Estrella
Test: Verify that the upload succeeded

BUG=245995782

Change-Id: I505af355f25e9063927c946ee8af21de25758ef1
 2022-09-15 18:16:58 +00:00
Estefany Torres
3bc8385800 Add rules for letting logger app send the command to ril am: 6cb9f4e623 am: 9b1caac1d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19913309

Change-Id: I190fbc128bd77c34af604ae1fd3a89f303a4b84b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 15:03:57 +00:00
Estefany Torres
9b1caac1d7 Add rules for letting logger app send the command to ril am: 6cb9f4e623 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19913309

Change-Id: Id2362cefd0aac3af1709d008bc1a102baeb16975
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 14:35:08 +00:00
Estefany Torres
6cb9f4e623 Add rules for letting logger app send the command to ril 
08-31 23:40:57.354   458   458 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c252,c256,c512,c768 pid=2901 scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
09-01 00:08:19.600  2881  2881 W oid.pixellogger: type=1400 audit(0.0:10): avc: denied { call } for scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.android.pixellogger

Bug: 241412942
Test: tested on C10 with pixel logger change
Change-Id: I845eefc609be2b7fbc22c9b37d1eb2b3195e014f
 2022-09-15 14:09:05 +00:00
Android Build Coastguard Worker
de2164b1bb Snap for 9066247 from 5ea1982643 to udc-release 
Change-Id: Ia33b47863f80998a18d1e815aed42b4342e9cfe3
 2022-09-15 02:34:37 +00:00
Chungjui Fan
5ea1982643 Add sepolicy of dumping LED file in dumpstate am: aa55cb6f2e am: 9a70ccc6d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19893210

Change-Id: I5d13a2d75fd6bdc939a101b0178922a36d87f38a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-14 04:03:34 +00:00
Chungjui Fan
9a70ccc6d6 Add sepolicy of dumping LED file in dumpstate am: aa55cb6f2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19893210

Change-Id: Idb5424850f53d62e971faa9a208eaaf9e8731942
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-14 03:34:32 +00:00
Chungjui Fan
aa55cb6f2e Add sepolicy of dumping LED file in dumpstate 
Bug: 242300919
Change-Id: I14b0af18244c4a71fd7908fdb35e2e86354e02e0
 2022-09-14 02:59:20 +00:00
Android Build Coastguard Worker
a8d3420c98 Snap for 9054709 from 9c9ae24f64 to udc-release 
Change-Id: I181a9766fe92db2445e95c8db23026d261c91546
 2022-09-13 01:02:55 +00:00
Adam Shih
9c9ae24f64 remove global access to firmware mali 
Bug: 220801802
Test: device can resume
Change-Id: Idf0fd84c2efa37c94e30c3f682a09e6546f50235
 2022-09-12 12:58:29 +08:00
Android Build Coastguard Worker
fa49115851 Snap for 9048965 from b93bd33e4a to udc-release 
Change-Id: I8c40c10c36c8bce10383c94aaeba7cf2297db063
 2022-09-10 03:02:59 +00:00
Android Build Coastguard Worker
84441f6c7b Snap for 9044085 from fb1bc9baee to udc-release 
Change-Id: I58567653d50fb8243b637a97898762c572ec0235
 2022-09-09 01:03:05 +00:00
Jeffrey Carlyle
b93bd33e4a dck: allow st54spi devivce to be accessed by recovery and fastbootd am: a658683689 am: 686c24a38f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19754910

Change-Id: I3596188e79329c44a1ba1dd920b649b7f090915c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 23:06:50 +00:00
Jeffrey Carlyle
686c24a38f dck: allow st54spi devivce to be accessed by recovery and fastbootd am: a658683689 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19754910

Change-Id: Ic69198e22d963c26f9994689d0818bcf6e45d80f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 22:35:51 +00:00
Jeffrey Carlyle
a658683689 dck: allow st54spi devivce to be accessed by recovery and fastbootd 
This is needed so that Digital Car Keys can be cleared from the ST54
during a user data wipe.

Bug: 203234558
Test: data wipe in Android recovery mode on raven
Test: data wipe in Android recovery mode on c10
Test: data wipe in user mode fastbootd mode on raven
Test: data wipe in user mode fastbootd mode on c10
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
Change-Id: Icaa3d62aa6b3b88b8db6c1c11807907a06e51019
 2022-09-08 21:58:52 +00:00
JJ Lee
fb1bc9baee sepolicy: add nodes for aoc memory votes stats am: 4b3ae5b9bf am: 749dbdb873 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19712556

Change-Id: I16ae2d0b127aadedfbfc7cda814487523e737e83
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 05:32:24 +00:00
JJ Lee
749dbdb873 sepolicy: add nodes for aoc memory votes stats am: 4b3ae5b9bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19712556

Change-Id: I3592111f07154b84c74de89c980679437bf71073
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 05:02:44 +00:00
JJ Lee
4b3ae5b9bf sepolicy: add nodes for aoc memory votes stats 
Bug: 223674292
Test: build pass, not blocking bugreport
Change-Id: Iae1c5dc42b3e6213d4399025cb91dc57822fd2cc
Signed-off-by: JJ Lee <leejj@google.com>
 2022-09-08 04:45:32 +00:00
Jack Wu
81ed5058d8 remove selinux avc error am: c252f3ffa8 am: 980e37d3df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19880471

Change-Id: Ie2e2563755ca25085cca72438b92743e43c53dc1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 03:16:34 +00:00
Jack Wu
980e37d3df remove selinux avc error am: c252f3ffa8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19880471

Change-Id: Ib213543c3f2a3c155a1b296eea0d223dcefa4374
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 02:16:19 +00:00
Android Build Coastguard Worker
803ba8bb2b Snap for 9039357 from 8064010f8a to udc-release 
Change-Id: I9cb53c73bd740d54eb41507ba88f081c5ba45100
 2022-09-08 01:47:08 +00:00
Jack Wu
c252f3ffa8 remove selinux avc error 
Bug: 238398889
Test: no avc denied in TreeHugger verified
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Icf2a89462574e2f0eea29d0601e77728d67e6e0d
 2022-09-07 11:57:09 +08:00
Adam Shih
8064010f8a use gs-common insert module script 
Bug: 243763292
Test: boot to home
Change-Id: I6f0c1a020ea2962f03df6794a6011a31d2244b1a
 2022-09-06 12:41:01 +08:00
Android Build Coastguard Worker
6f075fbdb3 Snap for 9019165 from 39570f2d03 to udc-release 
Change-Id: I21cd87ce23f6d4a1f94ad31f483c5ce20eb2cd5e
 2022-09-02 01:12:52 +00:00
chungkai
39570f2d03 sepolicy: ignore avc denial 
dont audit since it's debugfs

Bug: 228181404
Test: boot without avc denial
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I8c9922d71cef6eaef7d95ad2abdbeac912490ca7
 2022-09-01 02:38:26 +00:00
Adam Shih
21b6c72d26 Move dauntless settings to gs-common 
Bug: 242479757
Test: build pass on all Gchip devices
Change-Id: Ifb33ea566117392dbdf57c212db2741732abcfdb
 2022-08-30 13:30:00 +08:00
Android Build Coastguard Worker
6cfa883fe6 Snap for 8995964 from e95cf1f141 to udc-release 
Change-Id: I3d406c763d52cc4ff36f56fb61aceb4f043957ac
 2022-08-26 01:07:39 +00:00
Robb Glasser
e95cf1f141 Give permissions to save usf stats and dump them in bugreports. am: feba667c23 am: 272b649cee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19672405

Change-Id: I00c4c33c0ac37eb5f6b7a488066a2d49ad6cc59a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-25 04:06:33 +00:00
Robb Glasser
272b649cee Give permissions to save usf stats and dump them in bugreports. am: feba667c23 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19672405

Change-Id: I3f77d4619266c84e36586697cb79c96334abb010
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-25 03:38:28 +00:00
Robb Glasser
feba667c23 Give permissions to save usf stats and dump them in bugreports. 
Creating a mechanism to save some USF stat history to device and pipe it
to bugreports. Granting permissions so that this can work.

Bug: 242320914
Test: Stats save and are visible in a bugreport.
Change-Id: Ie08fce80e79bd564ea58dab66ce8f0d9892d7020
 2022-08-25 02:47:58 +00:00
Android Build Coastguard Worker
b862bc2d99 Snap for 8989391 from f43976db9f to udc-release 
Change-Id: I3021181b479e0ac801ce4d265a7e7df90b12e9e5
 2022-08-25 01:03:04 +00:00
Adam Shih
f43976db9f modularize gsc dump 
Bug: 242479757
Test: do bugreport that has the same content as before
Change-Id: I1ca725b77f98012ebe63cf640cca18b44a5c7d57
 2022-08-24 07:13:52 +00:00
Jinting Lin
e0f6c7b035 Fix avc denied for vendor telephony debug app am: b69195ebe9 am: fbbcaeb8d2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19600258

Change-Id: Idc9f2576bda76f0699548703c83b4f84bf6376f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-24 04:30:34 +00:00
Jinting Lin
fbbcaeb8d2 Fix avc denied for vendor telephony debug app am: b69195ebe9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19600258

Change-Id: I26041b2e32da5bdf97c24deb1a70e1e1e594060d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-24 03:50:30 +00:00
Jinting Lin
b69195ebe9 Fix avc denied for vendor telephony debug app 
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 pid=8533 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { search } for name="com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=150 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=344 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0
avc: denied { write } for name="property_service" dev="tmpfs" ino=379 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Test: manual test

Bug: 241976048
Change-Id: I5aa49a8e243d212180c7da6f65da9021164fca44
 2022-08-24 01:54:34 +00:00
Android Build Coastguard Worker
b339b4d1e4 Snap for 8983470 from c3b34d2481 to udc-release 
Change-Id: I62b40e42f6bbb3d89a45b002ef049687e73fa96c
 2022-08-24 01:03:17 +00:00
Roger Fang
ef685e8439 sepolicy: add permission for AMS rate of pixelstats-vend am: 74eb33d057 am: f210a000be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19674281

Change-Id: Ice4bb2b9a9b12888fce9562e03b7745f44ba199c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 22:15:08 +00:00
Roger Fang
f210a000be sepolicy: add permission for AMS rate of pixelstats-vend am: 74eb33d057 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19674281

Change-Id: Id9f6161c35be164ac61c5cb866a80eb3c883a77d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 21:12:53 +00:00
Roger Fang
74eb33d057 sepolicy: add permission for AMS rate of pixelstats-vend 
pixelstats-vend: type=1400 audit(0.0:618): avc: denied { read } for name="ams_rate_read_once" dev="sysfs" ino=100493 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:619): avc: denied { open } for path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs" ino=100493 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:620): avc: denied { getattr } for path="/sys/devices/platform/audiometrics/ams_rate_read_once"

Bug: 239508478
Test: Manually test passed

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: I3e171b35ebdcf11b0da559361f382f1cf01b0f2f
 2022-08-23 19:56:37 +00:00
Weizhung Ding
c3b34d2481 Add coredomain for hbmsvmanager am: 4e46081859 am: 4b26119d0e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19415495

Change-Id: Ic6e47c45ce9adb8ed2047c92ea1e6b654ae92777
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 02:17:35 +00:00
Weizhung Ding
4b26119d0e Add coredomain for hbmsvmanager am: 4e46081859 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19415495

Change-Id: Ie8966a5b2d077fc8901472721b8ad1deb7c6c0a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 01:57:42 +00:00
Weizhung Ding
4e46081859 Add coredomain for hbmsvmanager 
Sync the coredomain from gs101

Bug: 239902607
Test: without denied log
Change-Id: I220ce6b2f67877637189fcfcc0f6b328c8be6eae
 2022-08-23 01:39:53 +00:00
Android Build Coastguard Worker
fa18cf4d56 Snap for 8978248 from 8deeec1a30 to udc-release 
Change-Id: Ia71da8fea1a3b40d25cf3681f59c2209d2d0cf79
 2022-08-23 01:03:09 +00:00
Thiébaud Weksteen
8deeec1a30 Revert "Update SELinux error" 
This reverts commit 03f0070359.
Remove duplicate entry for dumpstate. These are ignored by auditd.

Bug: 241172220
Bug: 241172186
Test: TH
Change-Id: Ia72eecbb6055876aa7903e13cd4dc72952d3125e
 2022-08-22 04:32:32 +00:00
Android Build Coastguard Worker
c9adeba462 Snap for 8937744 from 4dc616e59b to udc-release 
Change-Id: Ia4ea4f08804998cd65356bad5d6769120536c7d4
 2022-08-12 01:07:30 +00:00
Wei Wang
4dc616e59b Label GPU dvfs period setting am: b5fcd3b4db am: 4a56314a9c am: e9d5556ad2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: If1288c14a1b7741da5e6bc82cbadcd20545ec7ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-11 00:33:52 +00:00
Wei Wang
099b5bfb9e Label GPU dvfs period setting am: b5fcd3b4db am: d28c59ec92 am: 33c574db0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: If02b21c9a081674c9e57fa59db19da618bb8cc6c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-11 00:33:24 +00:00
Wei Wang
e9d5556ad2 Label GPU dvfs period setting am: b5fcd3b4db am: 4a56314a9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I0378c43bb45f5a92b12ea16259fc59b91333619d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:34:12 +00:00
Wei Wang
33c574db0c Label GPU dvfs period setting am: b5fcd3b4db am: d28c59ec92 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I579136ad0c09962de6c067b832dfc729af1ff3a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:33:50 +00:00
Wei Wang
d28c59ec92 Label GPU dvfs period setting am: b5fcd3b4db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I616aa04aa91a262e00dd0d611d486edccf463a29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:03:28 +00:00
Wei Wang
4a56314a9c Label GPU dvfs period setting am: b5fcd3b4db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: Ia58bb1e41f2c4e1f8330672545d91779f96daa8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:02:35 +00:00
Android Build Coastguard Worker
3d7ec8e6f6 Snap for 8925421 from f3ef39bd77 to udc-release 
Change-Id: I34d149d261c42d769a8c11a624f9e29d51f4ac98
 2022-08-10 01:03:21 +00:00
Wei Wang
b5fcd3b4db Label GPU dvfs period setting 
Bug: 239887528
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I35766555f13f586e37d03843dae153d02f189976
 2022-08-09 23:52:57 +00:00
Konstantin Vyshetsky
f3ef39bd77 convert_to_ext4.sh: suppress test error am: 27f55d7da7 am: 537e037e9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19563471

Change-Id: I84eba7c433b8bf7a83440957ac2787bb71610688
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 05:59:44 +00:00
Konstantin Vyshetsky
537e037e9a convert_to_ext4.sh: suppress test error am: 27f55d7da7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19563471

Change-Id: Id4814a8d1e5f06f1ccba3d8ba1f5de3fb798174f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 05:41:27 +00:00
Konstantin Vyshetsky
27f55d7da7 convert_to_ext4.sh: suppress test error 
Add exclusion to fix issue with SELinuxUncheckedDenialBootTest

Bug: 241072524
Signed-off-by: Konstantin Vyshetsky <vkon@google.com>
Change-Id: Id9088f728c34d3c764e1aef66a5e1a126f6243e9
 2022-08-09 05:27:21 +00:00
TeYuan Wang
76e1ea4464 sepolicy: fix odpm avc denials am: 5ef0888e04 am: f5764ecee6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19446216

Change-Id: I00dca8c120b0c6d5736f503eeba69257b6520d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 03:38:02 +00:00
Adam Shih
1adc560fdd [automerger skipped] Update error on ROM 8892407 am: 2e4daadb2e am: ccc53e1ad7 -s ours 
am skip reason: Merged-In I38e6cc9da23c72aed05e79346a3a6c8188fc8556 with SHA-1 17659673a4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19533960

Change-Id: Ib22a59e81b8e6b4830e5e12aca9e584176f03098
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 03:28:58 +00:00
TeYuan Wang
f5764ecee6 sepolicy: fix odpm avc denials am: 5ef0888e04 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19446216

Change-Id: I1cccc3f4c7aa8b4fc0127ead61ed54b4ce060280
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 03:18:47 +00:00
Adam Shih
ccc53e1ad7 Update error on ROM 8892407 am: 2e4daadb2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19533960

Change-Id: I73d93eb1dcd00fe439dd0522f0a85489cb1ba704
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 03:10:19 +00:00
TeYuan Wang
5ef0888e04 sepolicy: fix odpm avc denials 
Fix permissions for ODPM by adding additional bus path

Bug: 240380970
Test: Build
Change-Id: I7bf02ce016f2cdbf4b45f1a797896a00fb8aa454
 2022-08-09 03:08:54 +00:00
Android Build Coastguard Worker
4b72c0827b Snap for 8920978 from 17659673a4 to udc-release 
Change-Id: I1382de7cc7e41adbaddd2341c7d790ff8158f02f
 2022-08-09 01:07:39 +00:00
Adam Shih
2e4daadb2e Update error on ROM 8892407 
Bug: 241714943
Bug: 241714944
Bug: 240297563
Test: SELinuxUncheckedDenialBootTest
Change-Id: I0aab196ab21ec411540b7a033578a1670e83187a
Merged-In: I38e6cc9da23c72aed05e79346a3a6c8188fc8556
 2022-08-08 07:08:17 +00:00
Adam Shih
17659673a4 Update error on ROM 8892407 
Bug: 241714943
Bug: 241714944
Test: SELinuxUncheckedDenialBootTest
Change-Id: I38e6cc9da23c72aed05e79346a3a6c8188fc8556
 2022-08-08 02:17:22 +00:00
Android Build Coastguard Worker
0fa303a8ac Snap for 8904202 from d64d7fa852 to udc-release 
Change-Id: I7ff6609b1b137cae278a92275ec89cfb9818367d
 2022-08-04 01:07:40 +00:00
Denny cy Lee
d64d7fa852 HwInfo: Move hardware info sepolicy to pixel common 
Bug: 215271971
Test: no sepolicy for hardware info
Change-Id: Ic887e59878352fa5784a172af0453f3bb881e1f2
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2022-08-03 02:57:28 +00:00
Adam Shih
03f0070359 Update SELinux error 
Test: checkSensors
Bug: 241172220
Test: checkLockScreen
Bug: 241172220
Test: scanBugreport
Bug: 241172220
Test: testAtomicWrite
Bug: 241172220
Test: testConfigMaxSectorsKB
Bug: 241172186
Test: testConfigReadAhead
Bug: 241172220
Test: testInvalidWrite
Bug: 241172220
Test: testLoopMaxPartDefined
Bug: 241172220
Test: testPinFile
Bug: 241172220
Test: testSysfsHealth
Bug: 241172220
Change-Id: I1e8e927e6850bf03f7d62774e979c0e26551b9a6
 2022-08-03 02:39:18 +00:00
Bruce Po
09ff043b4e Allow aocd to access acd-offload nodes am: d4e0af0105 am: 3e06a3d9e7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19472441

Change-Id: I7c62317d6634d1c01c32160c3d4939e6f6f4768d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-03 01:17:40 +00:00
Android Build Coastguard Worker
bb7c853dc6 Snap for 8898690 from 613f6bf6af to udc-release 
Change-Id: I16888cfd01f8d8e731174f1d6044240acfaa13bf
 2022-08-03 01:03:00 +00:00
Bruce Po
3e06a3d9e7 Allow aocd to access acd-offload nodes am: d4e0af0105 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19472441

Change-Id: Ibe3b6ff746eb1a7775182b75d6d49c7a289482b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-03 00:49:29 +00:00
Bruce Po
d4e0af0105 Allow aocd to access acd-offload nodes 
For 3-ch hotword feature, aocd daemon will access two new file nodes
(b/235648212), which will be used for transmitting audio to/from AOC.

BUG: 240744178
Change-Id: I67b6d6b539f1e436eacfd80d0e1299e1d63b4a1d
 2022-08-03 00:12:15 +00:00
Adam Shih
613f6bf6af Update error on ROM 8846993 
Bug: 241050831
Test: SELinuxUncheckedDenialBootTest
Change-Id: I6517ffc33ccea453b796fd1ebaee687516de8b5c
 2022-08-02 14:14:19 +08:00
Konstantin Vyshetsky
9f34b9fb4f convert_to_ext4.sh: modify sepolicy am: c44f96b66a am: 7f2edf52ce am: 6d48c8c71b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19492175

Change-Id: I2c3301190e7c2b2e0fe2eee3e5e4e5e5f0dfabf6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-02 03:54:48 +00:00
Konstantin Vyshetsky
2e387e70cd convert_to_ext4.sh: modify sepolicy am: c44f96b66a am: 906b9d1aab am: 9db8c9aa5f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19492175

Change-Id: I2edf25750c595a71c7aa865471eae865d582d2c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-02 03:54:26 +00:00
Konstantin Vyshetsky
6d48c8c71b convert_to_ext4.sh: modify sepolicy am: c44f96b66a am: 7f2edf52ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19492175

Change-Id: Iaa929e781bdc0b028725ae849a9950576587e2e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-02 03:35:33 +00:00
Konstantin Vyshetsky
9db8c9aa5f convert_to_ext4.sh: modify sepolicy am: c44f96b66a am: 906b9d1aab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19492175

Change-Id: Idd9f41af48cfcbf2e581a8fd7182d0aff0aa3979
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-02 03:34:48 +00:00
Konstantin Vyshetsky
7f2edf52ce convert_to_ext4.sh: modify sepolicy am: c44f96b66a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19492175

Change-Id: I51a6b4a8d407ee7e2fbc84b7472e72d5337eb911
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-02 03:19:38 +00:00
Konstantin Vyshetsky
906b9d1aab convert_to_ext4.sh: modify sepolicy am: c44f96b66a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19492175

Change-Id: I8c2bb52cd2c273dc224432f9e84008b0d79cdadc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-02 03:19:20 +00:00
Konstantin Vyshetsky
c44f96b66a convert_to_ext4.sh: modify sepolicy 
Combine individual rules under persist into vendor_persist_type.

Bug: 239632964
Signed-off-by: Konstantin Vyshetsky <vkon@google.com>
Change-Id: I4f90a3b30f9d0dd8b8386ef57728fa098a630081
 2022-08-01 18:51:42 -07:00
Android Build Coastguard Worker
78172fd1a7 Snap for 8893061 from 261b20f82d to udc-release 
Change-Id: I5bb10e47ff2364cb6de0b5e0e7110e950ef8d5ca
 2022-08-02 01:03:00 +00:00
Android Build Coastguard Worker
d7794a2651 Snap for 8891587 from 13939722ea to udc-release 
Change-Id: I2aa1c30d2c29dfbe5939849b70575ee902b2eeb9
 2022-08-01 21:22:44 +00:00
Konstantin Vyshetsky
261b20f82d convert_to_ext4.sh: add sepolicy am: 07af2808d5 am: a16b2ac404 am: 79cda1d834 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19391424

Change-Id: Ief2a034485ae965492a9e19035ee8d1ab62e7611
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 18:57:42 +00:00
Konstantin Vyshetsky
59d1913296 convert_to_ext4.sh: add sepolicy am: 07af2808d5 am: a8e3ff791c am: d01c7c938b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19391424

Change-Id: I6c033c710a67e93fa0271a2800dc24efa3ee847d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 18:57:22 +00:00
Lei Ju
b969be2277 Allow chre to use WakeLock on whitechapel pro. 
Test: Manual test to confirm wakelock is acquired.
Bug: 202447392
Change-Id: Iecd3aca411b43abed4c318e9e584b6713ca119a8
 2022-08-01 18:49:55 +00:00
Konstantin Vyshetsky
79cda1d834 convert_to_ext4.sh: add sepolicy am: 07af2808d5 am: a16b2ac404 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19391424

Change-Id: I65721d846426ae91db09b22eaccaf3e6ad1c7686
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 18:40:52 +00:00
Konstantin Vyshetsky
d01c7c938b convert_to_ext4.sh: add sepolicy am: 07af2808d5 am: a8e3ff791c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19391424

Change-Id: I05cf9212bb0c85ddf082e90146fe1a2cb9ef322b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 18:32:08 +00:00
Konstantin Vyshetsky
a16b2ac404 convert_to_ext4.sh: add sepolicy am: 07af2808d5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19391424

Change-Id: I19364ae4fa02a74996d14eeadf3f6ee89311bfc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 18:17:39 +00:00
Konstantin Vyshetsky
a8e3ff791c convert_to_ext4.sh: add sepolicy am: 07af2808d5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19391424

Change-Id: Id303addc42a444642f827605404dca79044efd37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 18:17:27 +00:00
Konstantin Vyshetsky
07af2808d5 convert_to_ext4.sh: add sepolicy 
Add entries for convert_to_ext4.sh executable.

Bug: 239632964
Signed-off-by: Konstantin Vyshetsky <vkon@google.com>
Change-Id: I0d89aa88dab0ae5a4cf3d7b2e4423d1761868bea
 2022-08-01 18:00:49 +00:00
lucaslin
13939722ea [automerger skipped] Add sepolicy for dumpstate to zip tcpdump into bugreport am: 81616f3ad0 am: e798862ff6 -s ours am: bff13cbb06 -s ours 
am skip reason: Merged-In I01b9b25a6236bcfa1ce2b89afb3ed1bc2ef49cae with SHA-1 81616f3ad0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19466304

Change-Id: I32e678b07fadce487cec25b29ece2f5f959b7e4d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 13:31:02 +00:00
lucaslin
8229c6e9cf [automerger skipped] Add sepolicy for dumpstate to zip tcpdump into bugreport am: 81616f3ad0 am: 2bfca77c08 am: b4a1e44f64 -s ours 
am skip reason: Merged-In I01b9b25a6236bcfa1ce2b89afb3ed1bc2ef49cae with SHA-1 ee1b7d6bb4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19466304

Change-Id: Ib8268f99dd8c98926fec76529889d71b41c2cba0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 13:30:54 +00:00
lucaslin
bff13cbb06 [automerger skipped] Add sepolicy for dumpstate to zip tcpdump into bugreport am: 81616f3ad0 am: e798862ff6 -s ours 
am skip reason: Merged-In I01b9b25a6236bcfa1ce2b89afb3ed1bc2ef49cae with SHA-1 81616f3ad0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19466304

Change-Id: Idbb6775c21f72db8e2a93a87d3d379f5878ade99
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 13:11:31 +00:00
lucaslin
b4a1e44f64 Add sepolicy for dumpstate to zip tcpdump into bugreport am: 81616f3ad0 am: 2bfca77c08 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19466304

Change-Id: I7ca58e12747568d1fb7e31c0321c899955785c4c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 13:11:26 +00:00
lucaslin
e798862ff6 Add sepolicy for dumpstate to zip tcpdump into bugreport am: 81616f3ad0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19466304

Change-Id: I97d34e9e6d64f470e79d33bd0d277d9f3694d03a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 12:46:32 +00:00
lucaslin
2bfca77c08 Add sepolicy for dumpstate to zip tcpdump into bugreport am: 81616f3ad0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19466304

Change-Id: I8b70cb968c26cc1b5705c308e29a0c4e0bf53e0a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-01 12:46:23 +00:00
lucaslin
81616f3ad0 Add sepolicy for dumpstate to zip tcpdump into bugreport 
Bug: 239634976
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I01b9b25a6236bcfa1ce2b89afb3ed1bc2ef49cae
Merged-In: I01b9b25a6236bcfa1ce2b89afb3ed1bc2ef49cae
(cherry picked from commit ee1b7d6bb4)
 2022-08-01 03:00:17 +00:00
lucaslin
ee1b7d6bb4 Add sepolicy for dumpstate to zip tcpdump into bugreport 
Bug: 239634976
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I01b9b25a6236bcfa1ce2b89afb3ed1bc2ef49cae
 2022-08-01 02:14:47 +00:00
Adam Shih
89781162e9 Update SELinux error 
Test: testAtomicWrite
Bug: 240653918
Test: testCheckSQLiteJournalMode
Bug: 240653918
Test: testConfigMaxSectorsKB
Bug: 240653918
Test: testConfigReadAhead
Bug: 240653918
Test: testDirectWrite
Bug: 240653918
Test: testDirectWriteDirectReadInEncryptedDir
Bug: 240653918
Test: testDirectWriteDirectReadInNonEncryptedDir
Bug: 240653918
Test: testDirectWriteDirectReadInPerBootEncryptedDir
Bug: 240653918
Test: testDirectWriteNormalReadInEncryptedDir
Bug: 240653918
Test: testDirectWriteNormalReadInNonEncryptedDir
Bug: 240653918
Test: testDirectWriteNormalReadInPerBootEncryptedDir
Bug: 240653918
Test: testInvalidWrite
Bug: 240653918
Test: testLargeReadRequestSize
Bug: 240653918
Test: testLoopMaxPartDefined
Bug: 240653918
Test: testMetadataEncryptionEnabled
Bug: 240653918
Test: testNormalWrite
Bug: 240653918
Test: testNormalWriteDirectReadInEncryptedDir
Bug: 240653918
Test: testNormalWriteDirectReadInNonEncryptedDir
Bug: 240653918
Test: testNormalWriteDirectReadInPerBootEncryptedDir
Bug: 240653918
Test: testNormalWriteNormalReadInPerBootEncryptedDir
Bug: 240653918
Test: testPinFile
Bug: 240653918
Test: testPtssBashToolFindBdevOfData
Bug: 240653918
Test: testPtssBashToolFindRawBdevOfData
Bug: 240653918
Test: testPtssBashToolGetDevNameOnlyOfData
Bug: 240653918
Test: testPtssBashToolGetFsOfData
Bug: 240653918
Test: testPtssBashToolGetMaxSectorsOfData
Bug: 240653918
Test: testPtssBashToolGetReadAheadOfData
Bug: 240653918
Test: testPtssBashToolStorageModel
Bug: 240653918
Test: testPtssBashToolUsagePercentOfData
Bug: 240653918
Test: testPxlIOCreateLargeFile
Bug: 240653918
Test: testSmallFileInEncryptedDir
Bug: 240653918
Test: testSmallFileInPerBootEncryptedDir
Bug: 240653918
Test: testStorageTestUtilGetReqStatPath
Bug: 240653918
Change-Id: I40c87c191644238e81516555f73aeebcd1abf0f6
 2022-07-29 15:38:05 +08:00
Android Build Coastguard Worker
9db6ece986 Snap for 8883296 from ff3499a50f to udc-release 
Change-Id: I2853f922e0941a53aeb9fc18e934eba77c330bb4
 2022-07-29 03:42:42 +00:00
Steven Moreland
ff3499a50f Remove vendor_service. am: f10b9bf2cd am: 82c366063e am: be28c1d05c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19441143

Change-Id: Idb6efa438ad666c8f6b74b5d56d27587266ea954
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-28 02:26:03 +00:00
Steven Moreland
be28c1d05c Remove vendor_service. am: f10b9bf2cd am: 82c366063e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19441143

Change-Id: I40c6999858b58274485e150fb2c108a099331b2f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-28 01:58:01 +00:00
Steven Moreland
82c366063e Remove vendor_service. am: f10b9bf2cd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19441143

Change-Id: Ib8a9d7fec295cdc8a9581f042bc082d83612d33a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-28 01:07:53 +00:00
Android Build Coastguard Worker
86e70556ba Snap for 8873354 from d889102a8f to udc-release 
Change-Id: Ibe525d5424b8ce235d7ad45211cf935c05e4504b
 2022-07-27 01:07:39 +00:00
Steven Moreland
f10b9bf2cd Remove vendor_service. 
We want to avoid associating types with where they can be used.

Bug: 237115222
Test: build
Change-Id: I6795d960aa2a3b3832be8e0f6a11cb0fc3337982
 2022-07-26 23:53:54 +00:00
Wiwit Rifa'i
d889102a8f Add SE policies for HWC logs 
Bug: 230361290
Test: adb bugreport
Test: adb shell vndservice call Exynos.HWCService 11 i32 0 i32 308 i32 1
Change-Id: I12e6c1b4527829699211dae379f1e44da069b974
 2022-07-26 08:25:42 +00:00
Android Build Coastguard Worker
c88fc05922 Snap for 8868266 from 90d4c2039d to udc-release 
Change-Id: I04869d81ed3d36c9c1404dd545e0720023529e4b
 2022-07-26 01:02:54 +00:00
Adam Shih
00865670a4 [automerger skipped] sync bug_map with downstream am: b34d1c1ed0 am: fcb18faeb1 am: 5208624c3e -s ours 
am skip reason: Merged-In If07a3611f40324d985a387c6dd7f2570c90c7c11 with SHA-1 2c3812aac3 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19349280

Change-Id: I2755d7598a37cd1b450fe4acb47e8aebd106dca7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-25 22:34:28 +00:00
Adam Shih
90d4c2039d [automerger skipped] sync bug_map with downstream am: b34d1c1ed0 am: 813e69784d am: 05991af46f -s ours 
am skip reason: Merged-In If07a3611f40324d985a387c6dd7f2570c90c7c11 with SHA-1 2c3812aac3 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19349280

Change-Id: I05b16e3d8de22810861d04af77950522f5aafa1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-25 22:33:23 +00:00
Adam Shih
5208624c3e sync bug_map with downstream am: b34d1c1ed0 am: fcb18faeb1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19349280

Change-Id: I8e49824f8c4c68d3af28cee59da2b2aece8fa0b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-25 21:56:10 +00:00
Adam Shih
05991af46f sync bug_map with downstream am: b34d1c1ed0 am: 813e69784d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19349280

Change-Id: I93d1b34ef647501e7c99eed163a79f9b190f0b75
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-25 21:55:38 +00:00
Adam Shih
fcb18faeb1 sync bug_map with downstream am: b34d1c1ed0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19349280

Change-Id: Id6d9092dd4f1e1b59b911a4bba12aca4f238248e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-25 21:32:08 +00:00
Adam Shih
813e69784d sync bug_map with downstream am: b34d1c1ed0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19349280

Change-Id: I11105def02ffc78d663ebfdf9548cf111429120b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-25 21:31:56 +00:00
Adam Shih
b34d1c1ed0 sync bug_map with downstream 
Bug: 239403666
Test: boot
Change-Id: I7e95cc5169ce56f1bba031b4d8a83ab1d5c80b26
Merged-In: If07a3611f40324d985a387c6dd7f2570c90c7c11
 2022-07-25 21:05:38 +00:00
Android Build Coastguard Worker
bfccac5ed5 Snap for 8863164 from 13f3fdc8ff to udc-release 
Change-Id: I0bac6ec0276faedcab7c2c90b34765a9cfbaa918
 2022-07-23 05:08:15 +00:00
Stephane Lee
aacf5c43fc Bug fixed in ag/19153533 
Bug: 238260742
Test: N/A
Change-Id: I4f7494eb37b04f994e14b7ff418bc9e2819e25cb
 2022-07-22 16:59:10 -07:00
Tri Vo
13f3fdc8ff storageproxyd: Remove setuid/setgid SELinux permissions 
Bug: 205904330
Test: fingerprint enrollment/authentication
Change-Id: Ied64163f1142c1dd05274867c2863592e49042f3
 2022-07-22 17:30:42 +00:00
sukiliu
eabd743991 Remove regmap from list 
Bug: 227286343
Test: PtsSELinuxTestCases
Change-Id: I0df048e6944623d992f66688550e534c038714d9
 2022-07-22 04:19:13 +00:00
Edmond Chung
45ae1ce63f Allow vendor_init to set camera properties am: c09b0f9873 am: ed1f75b8aa am: 087f96ccf0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19381316

Change-Id: I9bf633cebf8fc4dbd5fe1459d46f682399d2b20f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-22 02:35:32 +00:00
Edmond Chung
b9337d2ab3 Allow vendor_init to set camera properties am: c09b0f9873 am: 135261452d am: 12154623dc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19381316

Change-Id: I6c2f9ec9433c1d2be00baebf59172f5cd6a48132
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-22 02:35:13 +00:00
Edmond Chung
087f96ccf0 Allow vendor_init to set camera properties am: c09b0f9873 am: ed1f75b8aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19381316

Change-Id: Ic462b751b4d3e3d2d18da39e76d5bf7dd1696a3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-22 02:18:35 +00:00
Edmond Chung
12154623dc Allow vendor_init to set camera properties am: c09b0f9873 am: 135261452d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19381316

Change-Id: If7fccd0c50043a74ea95f49426930b87779ef0f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-22 02:08:54 +00:00
Edmond Chung
ed1f75b8aa Allow vendor_init to set camera properties am: c09b0f9873 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19381316

Change-Id: I6dd674a0a9dfde23a38137d67a4db4437395600a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-22 01:46:05 +00:00
Edmond Chung
135261452d Allow vendor_init to set camera properties am: c09b0f9873 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19381316

Change-Id: I895cb20aa12d6611d09338c2e0dab1748a74aa68
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-22 01:45:56 +00:00
Edmond Chung
c09b0f9873 Allow vendor_init to set camera properties 
Bug: 239368308
Test: Camera CTS
Change-Id: Ia34804235729d5230123431a4b315bb2967c4cc8
 2022-07-22 01:44:15 +00:00
Jack Wu
49b9a9a859 Update SELinux error am: c50018a543 am: fb3b2b7988 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19379646

Change-Id: I2319322791af38d9d4e44591a18f56d1a8f6dd3b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-21 18:42:52 +00:00
Jack Wu
fb3b2b7988 Update SELinux error am: c50018a543 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19379646

Change-Id: I384a3a37914704e167ce7e4363fb319d44111b61
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-21 18:24:16 +00:00
Jack Wu
c50018a543 Update SELinux error 
Bug: 238398889
Test: no avc denied in TreeHugger verified
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Ia18714461cb9f30fe110917489adddee98de194f
 2022-07-21 21:44:03 +08:00
Android Build Coastguard Worker
021c43000e Snap for 8853148 from ebd7170495 to udc-release 
Change-Id: If36baf3eec69afe6d335ed666f9240bff557cb71
 2022-07-21 01:02:55 +00:00
Adam Shih
ebd7170495 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 239632439
Change-Id: I42608d6fc5b3128915f7801e9000548a12ce7efa
 2022-07-20 09:12:17 +08:00
Android Build Coastguard Worker
e29c555d0c Snap for 8847581 from fdccd0cf8f to udc-release 
Change-Id: Ibe651b9a73ce50e7b8845efb21d46248c3dd5fa4
 2022-07-20 01:02:43 +00:00
matthuang
fdccd0cf8f Add security context for com.google.usf.non_wake_up/wakeup. am: 1c7154c453 am: 645ab36c29 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19320259

Change-Id: Ie4bcb4c86598a7dbbef05f22daa64b84fb54a5f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-19 07:37:23 +00:00
matthuang
645ab36c29 Add security context for com.google.usf.non_wake_up/wakeup. am: 1c7154c453 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19320259

Change-Id: I1347e599954db1455332c5e1304705a65e790770
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-19 07:09:06 +00:00
matthuang
1c7154c453 Add security context for com.google.usf.non_wake_up/wakeup. 
Bug: 195077076
Test: Confirm there is no avc denied log.
Change-Id: I86c787d59203464fc3b8b2b94b4883cbd07196b0
 2022-07-19 06:53:48 +00:00
Adam Shih
2c3812aac3 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 239484651
Bug: 239484612
Change-Id: If07a3611f40324d985a387c6dd7f2570c90c7c11
 2022-07-19 09:07:27 +08:00
Android Build Coastguard Worker
500e7d23bc Snap for 8843601 from 209af1944d to udc-release 
Change-Id: I924775dbb86d05499aa16a35c01729c7bd703512
 2022-07-19 01:03:02 +00:00
Robin Peng
209af1944d init-insmod-sh: fix avc error am: dfc95d0774 am: 8368a0a967 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19320251

Change-Id: Ic192f137eaf63c16cb942cd13490a62bfde27c9c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-18 10:58:50 +00:00
Robin Peng
8368a0a967 init-insmod-sh: fix avc error am: dfc95d0774 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19320251

Change-Id: I4253cddfc840c0a72ebd9943a21fac8be2b2981d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-18 10:31:40 +00:00
Robin Peng
dfc95d0774 init-insmod-sh: fix avc error 
avc: denied { set } for property=vendor.all.modules.ready pid=1238 uid=0 gid=0 scontext=u:r:init-insmod-sh:s0 tcontext=u:object_r:vendor_ready_prop:s0 tclass=property_service permissive=0

Bug: 238853979
Signed-off-by: Robin Peng <robinpeng@google.com>
Change-Id: Ic8d7af3c1d73f3079e126b66b38d728fe4d70ea4
 2022-07-18 04:54:57 +00:00
Adam Shih
52ec99ce41 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 239364360
Change-Id: I6ea0b1a4fabd7ac29470afa48a0d84beccf0af28
 2022-07-18 10:55:53 +08:00
Android Build Coastguard Worker
4f4478b8c6 Snap for 8840107 from 5eda61d1e0 to udc-release 
Change-Id: I71c0e0d052f3422176b86a5e0cbc1abb5fe26747
 2022-07-17 23:11:55 +00:00
Android Build Coastguard Worker
d163490c6f Snap for 8832556 from 13cdb1a7ad to udc-release 
Change-Id: I8ae65eca158d71c7db8cbcafa326d38445d12bd9
 2022-07-15 01:03:47 +00:00
Adam Shih
5eda61d1e0 Update SELinux error 
Bug: 234547283
Change-Id: I81b2885e2b7c7f77f76bc6048c901dfc4226a4fb
 2022-07-15 00:30:06 +00:00
Robb Glasser
13cdb1a7ad Remove HAL sensors dontaudits. am: 46c4571485 am: 76ff3ba367 am: 0e855aa924 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19281889

Change-Id: If5b2e6ca7aae3b9a97cf154126116acc26399b54
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-14 02:53:55 +00:00
Robb Glasser
6652430fc4 Remove HAL sensors dontaudits. am: 46c4571485 am: b93c3b981b am: 5325bbdf2f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19281889

Change-Id: Ifed619dba499bd940ff2c7019b7c3d6ef6e5998e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-14 02:53:05 +00:00
Robb Glasser
0e855aa924 Remove HAL sensors dontaudits. am: 46c4571485 am: 76ff3ba367 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19281889

Change-Id: I0bbc8360988917f283cdd4013142f68258077bdc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-14 02:34:39 +00:00
Robb Glasser
5325bbdf2f Remove HAL sensors dontaudits. am: 46c4571485 am: b93c3b981b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19281889

Change-Id: Ib0f872ffa8e66cee2fe4b12adb02463b450d42fd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-14 02:33:37 +00:00
Robb Glasser
76ff3ba367 Remove HAL sensors dontaudits. am: 46c4571485 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19281889

Change-Id: I003515c35a34416c0c49fe1267ba9ed54c9e2f8c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-14 02:07:43 +00:00
Robb Glasser
b93c3b981b Remove HAL sensors dontaudits. am: 46c4571485 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19281889

Change-Id: Ib1b79c1528832a2705dcee251e2b239cef63455e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-14 02:07:41 +00:00
Robb Glasser
46c4571485 Remove HAL sensors dontaudits. 
Sensors HAL sepolicy is written, but the dontaudit parts were not
cleaned up at the time. Removing these as they are no longer needed.

Bug: 227695036
Test: No denials as expected.
Change-Id: Idc0ed7f380cb07bfc7695ef3019f335fd8fad0a2
 2022-07-13 11:06:04 -07:00
Android Build Coastguard Worker
579c7f764e Snap for 8822479 from 9899069adb to udc-release 
Change-Id: Idd6059d7e290aed652076374f5b01bf52517c025
 2022-07-13 01:04:46 +00:00
Adam Shih
9899069adb Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238705599
Change-Id: Ia78ce7f5b2adc41f7d64b99279681acce647e8bb
 2022-07-12 12:49:17 +08:00
Android Build Coastguard Worker
01b1eb831e Snap for 8818501 from 1e606d96f1 to udc-release 
Change-Id: Ib5f3d197a40d182ba81389c24173c2668433ca33
 2022-07-12 01:03:29 +00:00
Adam Shih
1e606d96f1 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238571150
Change-Id: Idb8c4f3e99d23e73fe2e63beec1142d1207c0a05
 2022-07-11 10:24:25 +08:00
Android Build Coastguard Worker
7638261726 Snap for 8814812 from 6ddb00d0c5 to udc-release 
Change-Id: I5b092dba75fb402b7d6d5a5f10c93bb57ececfaf
 2022-07-10 05:07:19 +00:00
Kyle Tso
6ddb00d0c5 Add logbuffer file_contexts am: c2ed52536e am: 6218ff00ec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19065329

Change-Id: Iaa6476fe43b2975bfe3c38f045f93b7a57ba61e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-09 07:57:47 +00:00
Kyle Tso
6218ff00ec Add logbuffer file_contexts am: c2ed52536e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19065329

Change-Id: Ibd266344d154338c48672da6d949edd10cc7da40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-09 07:40:25 +00:00
Kyle Tso
c2ed52536e Add logbuffer file_contexts 
Bug: 237082721
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: Ieaf04f7381db1febe5a3899a727b6a49726bf10b
 2022-07-09 07:22:55 +00:00
Android Build Coastguard Worker
6cc5f06a78 Snap for 8813775 from 3adb31f004 to udc-release 
Change-Id: I613f03dddd06a1c731d09a8b0d630744a85c96f8
 2022-07-09 05:13:07 +00:00
Android Build Coastguard Worker
b55a3297dc Snap for 8807532 from b37cb131ce to udc-release 
Change-Id: I598146d8b1759e3b076e75dab3d3c02af2b1f441
 2022-07-08 01:05:18 +00:00
Daniel Angell
3adb31f004 Remove dontaudit rules related to storageproxyd's /data access. 
Removing dontaudits for both tracking_denials/tee.te and
whitechapel_pro/tee.te results in no new audit log messages related to
storageproxyd, so they can both be removed.

Bug: 215649571
Test: adb logcat | grep -iE 'storageproxyd'

Change-Id: I8dc735bcaf0725c8d4eab4587f7a7fce21f4e25c
 2022-07-07 18:37:23 +00:00
Star Chang
b37cb131ce wifi_sniffer: Add policy to allow wifi sniffer to access wifi firmware am: c466a68305 am: 932cf00952 am: 83eec39629 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19132092

Change-Id: Ie344b22cbf59832fe4bd73f13a78308f32f13a4f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-07 07:46:32 +00:00
Star Chang
9e803338be wifi_sniffer: Add policy to allow wifi sniffer to access wifi firmware am: c466a68305 am: 407c14d952 am: 30af05ede4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19132092

Change-Id: Ie4a340374c5e59bdba96528b6d717c2ce0c72281
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-07 07:45:57 +00:00
Star Chang
83eec39629 wifi_sniffer: Add policy to allow wifi sniffer to access wifi firmware am: c466a68305 am: 932cf00952 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19132092

Change-Id: I12a467b4ef37fa13ff82e1adc66d504430247e74
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-07 07:15:02 +00:00
Star Chang
30af05ede4 wifi_sniffer: Add policy to allow wifi sniffer to access wifi firmware am: c466a68305 am: 407c14d952 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19132092

Change-Id: If4468131df2226ac09aa0a20892147bd872e4a4d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-07 07:14:42 +00:00
Star Chang
932cf00952 wifi_sniffer: Add policy to allow wifi sniffer to access wifi firmware am: c466a68305 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19132092

Change-Id: If9f48a717ec9ae82dda176dfcd1a5b26651028ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-07 06:51:32 +00:00
Star Chang
407c14d952 wifi_sniffer: Add policy to allow wifi sniffer to access wifi firmware am: c466a68305 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19132092

Change-Id: Ia20b4d2e67577ccb0fa1f3ef7176f62161ad5ddc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-07 06:51:31 +00:00
Star Chang
c466a68305 wifi_sniffer: Add policy to allow wifi sniffer to access wifi firmware 
related files.

Add policy to allow wifi_sniffer daemon to access wifi firmware related
files.

To fix the denial message:
[85544.205505] type=1400 audit(1656381950.486:90): avc: denied { search
} for comm="wifi_sniffer" name="wifi" dev="sysfs" ino=97256
scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=dir permissive=1
[85544.206027] type=1400 audit(1656381950.486:91): avc: denied { write }
for comm="wifi_sniffer" name="firmware_path" dev="sysfs" ino=97268
scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=file permissive=1
[85544.206206] type=1400 audit(1656381950.486:92): avc: denied { open }
for comm="wifi_sniffer" path="/sys/wifi/firmware_path" dev="sysfs"
ino=97268 scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=file permissive=1
[85544.206349] type=1400 audit(1656381950.486:93): avc: denied { getattr
} for comm="wifi_sniffer" path="/sys/wifi/firmware_path" dev="sysfs"
ino=97268 scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0
tclass=file permissive=1

Bug: 237465412
Test: wifi_sniffer is workable
Change-Id: I5500be87d2b670e29c08d026872a6b304109f7a3
 2022-07-07 06:15:48 +00:00
Jenny Ho
eeced97ca9 fix avc error for fg_model/registers 
remove tracking with fix http://ag/19145061

Bug: 226271913
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Idaa9e75a013dc7c78234bff041819c3c131f3793
 2022-07-07 06:14:42 +00:00
Adam Shih
e87fbe539d Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238260726
Bug: 238260742
Bug: 238260741
Change-Id: Ia3796d62a044b6c0e55c280918251f48143cfd0f
 2022-07-07 10:23:05 +08:00
Android Build Coastguard Worker
64fbd6e8fc Snap for 8803621 from 2bd613cfe6 to udc-release 
Change-Id: I73adf06ab842e87cb6ace9ba45f60081b3830dbd
 2022-07-07 01:03:59 +00:00
Adam Shih
2bd613cfe6 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 227121550
Change-Id: I3e5c653a63b099aa44a880c4d1b2a327415f4d97
 2022-07-06 01:24:15 +00:00
Denny cy Lee
7bb9a6aaf4 HwInfo: remove -sepolicy/tracking_denials/hardware_info_app.te 
Bug: 208909060
Test: not avc log for hardware_info_app
Change-Id: I52dd55bcea0dd70f60d9156937861ef2036dc46d
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2022-07-06 01:24:08 +00:00
Adam Shih
16e427a5a0 [automerger skipped] Update error on ROM 8765438 am: 74ff6db973 am: 2fc31f23a8 -s ours am: 16d8257567 -s ours 
am skip reason: Merged-In I4b067085dc0c9f79b715505a5831cab63fda6381 with SHA-1 74ff6db973 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19174387

Change-Id: I34420aab930503c068baa3ee460e2d416e141650
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-06 01:13:05 +00:00
Adam Shih
7c6f0dd4bc [automerger skipped] Update error on ROM 8765438 am: 74ff6db973 am: dd8eab3bf9 am: 2a92d64cdb -s ours 
am skip reason: Merged-In I4b067085dc0c9f79b715505a5831cab63fda6381 with SHA-1 c0ec14b9b1 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19174387

Change-Id: Id085736a3b35da29a111ca4ae71460aa1d6bc3c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-06 01:12:57 +00:00
Android Build Coastguard Worker
bdbaca53ee Snap for 8799945 from c0ec14b9b1 to udc-release 
Change-Id: I22e4c714c206573f52c8faa91570dd89e41372be
 2022-07-06 01:03:17 +00:00
Adam Shih
16d8257567 [automerger skipped] Update error on ROM 8765438 am: 74ff6db973 am: 2fc31f23a8 -s ours 
am skip reason: Merged-In I4b067085dc0c9f79b715505a5831cab63fda6381 with SHA-1 74ff6db973 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19174387

Change-Id: Ice227542ecee1a6359825027cd6ce5c90c3e6e90
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-06 00:53:37 +00:00
Adam Shih
2a92d64cdb Update error on ROM 8765438 am: 74ff6db973 am: dd8eab3bf9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19174387

Change-Id: Id0e75a481c2c3f1d482d10af4d8bbbf37ff79f21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-06 00:53:23 +00:00
Adam Shih
2fc31f23a8 Update error on ROM 8765438 am: 74ff6db973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19174387

Change-Id: I3ecdc79d72c83e9ec7496303f054da857a3b0cad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-06 00:37:16 +00:00
Adam Shih
dd8eab3bf9 Update error on ROM 8765438 am: 74ff6db973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19174387

Change-Id: I4cacf54cd9bb9127de89ad5a77c489c26b5744bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-06 00:37:14 +00:00
Adam Shih
74ff6db973 Update error on ROM 8765438 
Bug: 238037492
Bug: 237093466
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4b067085dc0c9f79b715505a5831cab63fda6381
Merged-In: I4b067085dc0c9f79b715505a5831cab63fda6381
 2022-07-05 03:11:33 +00:00
Adam Shih
c0ec14b9b1 Update error on ROM 8765438 
Bug: 238037492
Bug: 237093466
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4b067085dc0c9f79b715505a5831cab63fda6381
 2022-07-05 11:10:34 +08:00
Android Build Coastguard Worker
3458d07b9e Snap for 8793470 from 3439f51f28 to udc-release 
Change-Id: I0f2996e2a8d4028d8e039dbcb0c0acf141facd6f
 2022-07-02 05:08:24 +00:00
Alex Hong
3439f51f28 Remove googlebattery from dontaduit list 
Bug: 237700766
Bug: 237491814
Test: PtsSELinuxTestCases
Change-Id: Ic4119e552827a490ba829a80cd10c5fc3ba1d35e
 2022-07-01 16:59:04 +08:00
matthuang
58e7856f01 Add acd-com.google.usf.non_wake_up file to AoC file context. am: a1b5481877 am: 11ecc1dd92 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18873692

Change-Id: Ibe2f4ef31da08df20c7f3524bef19279c4935aab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-01 03:12:21 +00:00
Android Build Coastguard Worker
84cb87cb12 Snap for 8788539 from 5631fe741c to udc-release 
Change-Id: I64f60dc876489d981c71185c933f4d20ff51b8a5
 2022-07-01 03:03:52 +00:00
matthuang
11ecc1dd92 Add acd-com.google.usf.non_wake_up file to AoC file context. am: a1b5481877 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18873692

Change-Id: I91928227a99bede90714c93841592e9a91aeff6d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-07-01 02:45:06 +00:00
matthuang
a1b5481877 Add acd-com.google.usf.non_wake_up file to AoC file context. 
Bug: 195077076
Test: ls -lZ dev/acd-com.google.usf.non_wake_up
Change-Id: Ib97da81a01f566c7bd600512bb01fda27f34b217
 2022-07-01 02:16:08 +00:00
SalmaxChang
5631fe741c ssr_detector_app: remove tracking denials 
Avc errors already fixed. Remove tracking denials.

Bug: 205202542
Change-Id: I08522d563de58e4bc2be2c4a1bea54bbeac6adb8
 2022-06-30 07:39:34 +00:00
sukiliu
b5edce085f Update avc error on ROM 8780665 
Bug: 237491813
Bug: 237492145
Bug: 237491814
Bug: 237492146
Bug: 237492091
Test: PtsSELinuxTestCases
Change-Id: I615453d58ea17306ceefe6195bc95974de0f259b
 2022-06-30 05:53:29 +00:00
Android Build Coastguard Worker
d1e8d4635c Snap for 8784768 from ec3f03ee7a to udc-release 
Change-Id: I8eeed5601b35c62a714084215bfcf8d0b6d69d2a
 2022-06-30 03:02:49 +00:00
SalmaxChang
ec3f03ee7a ssr_detector_app: remove tracking denials am: a7127617ba am: 69172f08c9 am: 6cb0e32470 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18992387

Change-Id: I00832bf3c76d97951cee3cfddc2bf5b548ca5071
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-29 18:30:16 +00:00
SalmaxChang
073c59da08 [automerger skipped] ssr_detector_app: remove tracking denials am: a7127617ba am: 3a3a53efaf am: 90058742f5 -s ours 
am skip reason: skipped by user salmaxchang

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18992387

Change-Id: I2b3175ecde53fb5d0cdd69c74ba8590d849e6ad2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-29 18:30:05 +00:00
SalmaxChang
6cb0e32470 ssr_detector_app: remove tracking denials am: a7127617ba am: 69172f08c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18992387

Change-Id: I6e559d5541d26742effd95d0f421ea18d1d58e20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-29 16:36:00 +00:00
SalmaxChang
90058742f5 ssr_detector_app: remove tracking denials am: a7127617ba am: 3a3a53efaf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18992387

Change-Id: I6ab19b09ec866b6667623a335440f351d73b86b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-29 16:35:36 +00:00
SalmaxChang
69172f08c9 ssr_detector_app: remove tracking denials am: a7127617ba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18992387

Change-Id: Ib3fb750345c86fc2c8f66ad27a73cec264884c3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-29 16:10:28 +00:00
SalmaxChang
3a3a53efaf ssr_detector_app: remove tracking denials am: a7127617ba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18992387

Change-Id: Ic2d4855d462d99b380160a446e201196c74e5930
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-29 16:10:25 +00:00
SalmaxChang
a7127617ba ssr_detector_app: remove tracking denials 
Avc errors already fixed. Remove tracking denials.

Bug: 207571417
Bug: 205202542
Change-Id: I97d5f732e038dbdaf7885bdb9ca63bc518a97d51
 2022-06-29 15:52:43 +00:00
sashwinbalaji
f131707b2a thermal: added property persist.vendor.disable.thermal.dfs.control 
Updated the sepolicy to access tmu register

Bug: 235156080
Test: Used local build to verify security context of tmu_reg file
Change-Id: I3d43a393d76e7245e48ebcf9592c7e230c58d9bd
 2022-06-29 07:43:15 +00:00
Android Build Coastguard Worker
f4af709de6 Snap for 8780071 from 0a11e59639 to udc-release 
Change-Id: I136bcd6457200d0fa415179b7b000575d0867f89
 2022-06-29 03:02:47 +00:00
xiaofanj
0a11e59639 [automerger skipped] modem_svc_sit: create oem test iodev am: da328e0a0f am: a0de630cd7 -s ours 
am skip reason: Merged-In Id06deedadf04c70b57e405a05533ed85764bdd1d with SHA-1 b3576ef751 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18768560

Change-Id: I0ce76b9180a3cd22452535e501b9ec54a63168a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-28 03:52:57 +00:00
xiaofanj
a0de630cd7 modem_svc_sit: create oem test iodev am: da328e0a0f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18768560

Change-Id: I36bb28394d68d266130135665f565f4be68569ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-28 03:34:47 +00:00
xiaofanj
da328e0a0f modem_svc_sit: create oem test iodev 
- Create radio_test_device for oem_test iodev.
- Grant modem_svc_sit to access radio_test_device.

Bug: 231380480

Signed-off-by: Xiaofan Jiang <xiaofanj@google.com>
Change-Id: Id06deedadf04c70b57e405a05533ed85764bdd1d
Merged-In: Id06deedadf04c70b57e405a05533ed85764bdd1d
 2022-06-28 03:16:08 +00:00
Android Build Coastguard Worker
3604dd8ef6 Snap for 8775066 from 7bf0763083 to udc-release 
Change-Id: Ib63d491e41006e69d7cee2c94f410f28b7a3e589
 2022-06-28 03:02:43 +00:00
Sam Ou
7bf0763083 sepolicy: fix odpm avc denials am: 65bdbc4862 am: 30d46d274b am: da2ba2a04c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19035052

Change-Id: Ia02fc75749b5078912d9a28470a9e295954c367e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 07:28:46 +00:00
Sam Ou
e85fc072c7 sepolicy: fix odpm avc denials am: 65bdbc4862 am: eee2b6fe84 am: c12c06c778 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19035052

Change-Id: Ie39212fd1352be7e25f1d0f428787c03698e1578
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 07:28:37 +00:00
Sam Ou
da2ba2a04c sepolicy: fix odpm avc denials am: 65bdbc4862 am: 30d46d274b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19035052

Change-Id: Ibd2aea9997607f1b444ca652a98ac84a877548b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 07:11:22 +00:00
Sam Ou
c12c06c778 sepolicy: fix odpm avc denials am: 65bdbc4862 am: eee2b6fe84 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19035052

Change-Id: Ic9b3c402e49d92a64bbe432fe2c1dc8d9e26b6fe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 07:11:02 +00:00
Sam Ou
30d46d274b sepolicy: fix odpm avc denials am: 65bdbc4862 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19035052

Change-Id: Ieb89884ee444ba9eb06e23f8ab4d20a96fa8c323
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 06:48:52 +00:00
Sam Ou
eee2b6fe84 sepolicy: fix odpm avc denials am: 65bdbc4862 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19035052

Change-Id: I4b40035d0cfe661da8f78d81fdc500f27f2ca619
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 06:48:49 +00:00
Sam Ou
65bdbc4862 sepolicy: fix odpm avc denials 
add wakeup permissions for odpm driver
since we update acc_data based on alarmtimer

Bug: 236798116
Change-Id: Ib898eeebf0e26a723f260a2a8ddb5e5f64d255ed
Signed-off-by: Sam Ou <samou@google.com>
 2022-06-27 06:29:03 +00:00
sukiliu
b018d1469e [automerger skipped] [Do not merge] Remove regmap from list am: 1f681630c4 am: 9eadb411f8 am: c9d05f0e26 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18845251

Change-Id: I3e360001cae829f62dcb11fdd5a4e81e65215b03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 04:35:27 +00:00
sukiliu
2c9df67e81 [automerger skipped] [Do not merge] Remove regmap from list am: 1f681630c4 am: 1a1716f53e am: 4e9fbe7074 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18845251

Change-Id: I70a89b0bb732d8f960e2f57b1f2f930a8bd67855
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 04:35:20 +00:00
sukiliu
c9d05f0e26 [Do not merge] Remove regmap from list am: 1f681630c4 am: 9eadb411f8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18845251

Change-Id: I933bdd49496eb4a5ca9aaf03c78ce40153bb8de4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 04:18:01 +00:00
sukiliu
4e9fbe7074 [Do not merge] Remove regmap from list am: 1f681630c4 am: 1a1716f53e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18845251

Change-Id: I9c5f9b9f083074d932233c365d31b4b8894dbc0d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 04:17:44 +00:00
sukiliu
9eadb411f8 [Do not merge] Remove regmap from list am: 1f681630c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18845251

Change-Id: I16cbf31a5f95822ad89b4622e18a015f63875f7e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 03:55:38 +00:00
sukiliu
1a1716f53e [Do not merge] Remove regmap from list am: 1f681630c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18845251

Change-Id: I2abb680107e22c5bae8576906d011ca44599748a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-27 03:55:35 +00:00
sukiliu
1f681630c4 [Do not merge] Remove regmap from list 
Bug: 227286343
Test: PtsSELinuxTestCases
Change-Id: If32c472dcd6c0e0b83008a660ca6bbe6d79f44e3
 2022-06-27 03:33:16 +00:00
jimmyshiu
ffec0c64b4 Remove dontaudit since read early_wakeup completed 
The display file node, early_wakeup, just for trigger the worker for
display and it doesn't have meaningful read function. But PowerHAL read
all nodes and try to dump their valuesi while triggering bugreport. As
the read operation has been completed, so we can remove the clause.

07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:8): avc: denied { dac_read_search } for capability=2 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:9): avc: denied { dac_override } for capability=1 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0

Bug: 192617242
Bug: 208909174
Bug: 221384860
Test: adb shell dumpsys android.hardware.power.IPower/default
Change-Id: Ice57c5cda51db150ec313337bb2385503f43529f
 2022-06-27 02:11:57 +00:00
Android Build Coastguard Worker
f442f99c5a Snap for 8769194 from d893b6e7f8 to udc-release 
Change-Id: I24a2b7ff3abc6b0d7361d3da22ae4ee807a0076e
 2022-06-25 05:07:50 +00:00
Peter Csaszar
d893b6e7f8 Remove ssr_detector_app dontaudits 
Bug: 207571417
Test: pts-tradefed run pts -m PtsSELinuxTest
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I2e92edf4d22a142a3817b5f399edd65ebbe4b32f
 2022-06-24 04:38:18 +00:00
Android Build Coastguard Worker
e8a409ca7e Snap for 8762351 from 0cdeaa262d to udc-release 
Change-Id: Ia0bcf90cb0c8e3d51ca6acb833e12e46c2b56974
 2022-06-24 03:02:45 +00:00
Carter Hsu
0cdeaa262d audio: allow Audio HAL to write the audio vendor property am: a48fe668fe am: 5e15c15486 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18740329

Change-Id: I328e5b79750f7d282bcb7655af0d0705c90a9dfd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-23 07:08:11 +00:00
Carter Hsu
5e15c15486 audio: allow Audio HAL to write the audio vendor property am: a48fe668fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18740329

Change-Id: I0211329e21d25f788c26138a3e992d2784ea668c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-23 06:50:41 +00:00
Carter Hsu
a48fe668fe audio: allow Audio HAL to write the audio vendor property 
Bug: 206065000
Test: use test build to check the property
Signed-off-by: Carter Hsu <carterhsu@google.com>
Change-Id: I0007459fcfd3a4718af9af00de9f54d125627dd2
 2022-06-23 06:29:22 +00:00
Android Build Coastguard Worker
bc0b2716b0 Snap for 8746893 from 35a40f176e to udc-release 
Change-Id: I15692851b07224f58ed3406a690750d42d970cc5
 2022-06-21 03:02:35 +00:00
Jinting Lin
35a40f176e Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: 6769f9e352 am: c61dbcf620 am: 92db15f711 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: Ic6621fc41a3a6ebc569e5fa5b94e9a74de772244
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 07:24:53 +00:00
Jinting Lin
2ff985aa03 Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: 6769f9e352 am: f099a07968 am: f8cbf74e11 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I48ba15da07e27c12fcd3dc9f1c06911c491b9f2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 07:24:32 +00:00
Jinting Lin
629e2b55dd Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: b924e94b8e am: 5d40c0ab34 am: d9cea4060a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: Ifd541beab0b1d646144f13855b4c3c0b2b79c660
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 07:24:08 +00:00
Jinting Lin
92db15f711 Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: 6769f9e352 am: c61dbcf620 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I50aeb5cc7f43287251807dd61bf09984050bc496
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 07:22:35 +00:00
Jinting Lin
f8cbf74e11 Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: 6769f9e352 am: f099a07968 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: Id30139dd0821546b37973089864d0d71098429f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 07:04:01 +00:00
Jinting Lin
d9cea4060a Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: b924e94b8e am: 5d40c0ab34 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I9dcfa3940b386f8442b53421c8ed4a557c773a25
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 07:03:47 +00:00
Jinting Lin
f099a07968 Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: 6769f9e352 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I153545fae767387a65fd5d7a0cce7a0c15eeb58b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:56:54 +00:00
Jinting Lin
c61dbcf620 Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: 6769f9e352 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I3bf4717214fc82e3415bfb4f55a846c3b190834f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:56:52 +00:00
Jinting Lin
5d40c0ab34 Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: b924e94b8e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: Ib995967d386d737a905142dbb69ce2f88fe29c83
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:47:04 +00:00
Jinting Lin
515e981d41 Remove obsolete sepolicy of silentlogging am: d3d4af1aac am: dad0dce95f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: Ib5d064fe80ca94ef0b1ba7b2f3712ad453066d66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:46:34 +00:00
Jinting Lin
6769f9e352 Remove obsolete sepolicy of silentlogging am: d3d4af1aac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I7fbe60eee731c910d75113b2b7b1de9f10b227ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:28:50 +00:00
Jinting Lin
dad0dce95f Remove obsolete sepolicy of silentlogging am: d3d4af1aac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I7f681c030067d327fa92352e76cf8ab84127b316
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:27:47 +00:00
Jinting Lin
b924e94b8e Remove obsolete sepolicy of silentlogging am: d3d4af1aac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I76365c02940cad7c9495ffa3b98e974ed3e51111
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:27:24 +00:00
Jinting Lin
d3d4af1aac Remove obsolete sepolicy of silentlogging 
Bug: 221384996

Test: adb bugreport
Change-Id: I35a9dae665f11196ec900346c41a3c786bfdf5fa
 2022-06-20 05:48:22 +00:00
Siarhei Vishniakou
555d8a9aca Revert "Update avc error on ROM 8732242" 
This reverts commit 6e578b6825.

Bug: 236200710
Test: verified locally
Reason for revert: sepolicy was fixed, no more need for the exception

Change-Id: Ic343b513c5426e5caca77bcd8c56f7336834b4ec
 2022-06-20 00:21:50 +00:00
Android Build Coastguard Worker
2b1dca45bb Snap for 8741820 from b16785049d to udc-release 
Change-Id: I204aa38de722b099f333a16c03ce94ab4dcd35cd
 2022-06-18 05:07:52 +00:00
Siarhei Vishniakou
b16785049d [automerger skipped] Allow InputProcessor HAL to read display resolution am: 8b103bff07 am: 7e6f33e969 -s ours am: 6b7a848391 -s ours 
am skip reason: Merged-In I23285c21a82748c63fbe20988af42884b9261b66 with SHA-1 8b103bff07 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18962799

Change-Id: I9b3a01d2da0e427197b9af99713965bd4e9b292a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 22:01:37 +00:00
Siarhei Vishniakou
4fa63d9bfb [automerger skipped] Allow InputProcessor HAL to read display resolution am: 8b103bff07 am: 1fa5ab3ecc am: 3275970329 -s ours 
am skip reason: Merged-In I23285c21a82748c63fbe20988af42884b9261b66 with SHA-1 ced9e0ebbf is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18962799

Change-Id: Ic3c4aecb3f061cf70d3093178153137b0eb0a2ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 21:59:22 +00:00
Siarhei Vishniakou
6b7a848391 [automerger skipped] Allow InputProcessor HAL to read display resolution am: 8b103bff07 am: 7e6f33e969 -s ours 
am skip reason: Merged-In I23285c21a82748c63fbe20988af42884b9261b66 with SHA-1 8b103bff07 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18962799

Change-Id: I4318f12389d9bbe099d9204c03cc2463ac9acb86
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 21:23:32 +00:00
Siarhei Vishniakou
3275970329 Allow InputProcessor HAL to read display resolution am: 8b103bff07 am: 1fa5ab3ecc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18962799

Change-Id: I330c93e6ff540efd4762ae94c4a8f7c5a6bc2f22
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 21:00:08 +00:00
Siarhei Vishniakou
1fa5ab3ecc Allow InputProcessor HAL to read display resolution am: 8b103bff07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18962799

Change-Id: I56cd9e5dcd25278448c7cd864cf3b023c343cc20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:58:50 +00:00
Siarhei Vishniakou
7e6f33e969 Allow InputProcessor HAL to read display resolution am: 8b103bff07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18962799

Change-Id: I2984c0da74ad2985be47bf4ba0fbc27397e9189b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:58:44 +00:00
Lawrence Huang
8dfb8693ff Add network permissions for google camera am: 2c5af2b633 am: a2dfbccafd am: a3f48befef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18803934

Change-Id: I65cd709e9b57ca96600e2b76d354fc8e3f845843
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:34:41 +00:00
Jack Wu
3acd9670ae sepolicy: allows pixelstat to access pca file nodes am: 2ee67a6bf3 am: b0f67d6ab5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18868952

Change-Id: I8a18598a13eefd92de22e87166c1aba4f63cff39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:34:16 +00:00
Lawrence Huang
3c87b55431 Add network permissions for google camera am: 2c5af2b633 am: 8810a2f193 am: d28cda0c75 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18803934

Change-Id: I24222b5678c2e6d935caa57b6d1306e79aea0688
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:32:16 +00:00
Siarhei Vishniakou
8b103bff07 Allow InputProcessor HAL to read display resolution 
Currently, there's no API to read the resolution from the system domain,
so the HAL has to read this from the sysprop provided by the display
code.

Allow the HAL to do so in this CL.

Bug: 236200710
Test: adb shell dmesg | grep input_processor
Change-Id: I23285c21a82748c63fbe20988af42884b9261b66
Merged-In: I23285c21a82748c63fbe20988af42884b9261b66
 2022-06-17 20:31:42 +00:00
Lawrence Huang
a3f48befef Add network permissions for google camera am: 2c5af2b633 am: a2dfbccafd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18803934

Change-Id: I8f5f3bb2313a21902956e42319229ed1d30c3f90
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:23:13 +00:00
Jack Wu
b0f67d6ab5 sepolicy: allows pixelstat to access pca file nodes am: 2ee67a6bf3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18868952

Change-Id: I7c9f976140f3b5aa3ba325a44c876703128b2e33
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:21:28 +00:00
Lawrence Huang
d28cda0c75 Add network permissions for google camera am: 2c5af2b633 am: 8810a2f193 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18803934

Change-Id: Ia2cfe7206c29707ec6bbbaea4a9e10ee5b9b2620
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 20:03:59 +00:00
Lawrence Huang
a2dfbccafd Add network permissions for google camera am: 2c5af2b633 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18803934

Change-Id: I36d7f88c4eab1981bea90ced28df3c7eb7766b27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 19:38:54 +00:00
Lawrence Huang
8810a2f193 Add network permissions for google camera am: 2c5af2b633 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18803934

Change-Id: I779fe88a1361b51118d95e2af6da595dff8cf2c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-17 19:38:42 +00:00
Lawrence Huang
2c5af2b633 Add network permissions for google camera 
Investigation here:
https://docs.google.com/document/d/1dARYZBxeJFPTEIMr-0U80Ka68BoPY6-h9VcBDZ8Uon8/edit#

Bug: 230434151
Change-Id: I9b37906ba4c7ba2cdbb23fc7a07f1e9e2aa8d1ab
Test: no more avc errors
 2022-06-17 18:59:12 +00:00
Android Build Coastguard Worker
0ba69d9cac Snap for 8736785 from 8630d76568 to udc-release 
Change-Id: Id36e10431d54f406bb25accf4240306f9be703c0
 2022-06-17 03:02:42 +00:00
Jack Wu
2ee67a6bf3 sepolicy: allows pixelstat to access pca file nodes 
Bug: 235050913
Test: no Permission denied while accessing the file node
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: I7de0a374e1c98f4e9bbf36e39cb0131b0e9ffebc
 2022-06-17 02:52:35 +00:00
Siarhei Vishniakou
ced9e0ebbf Allow InputProcessor HAL to read display resolution 
Currently, there's no API to read the resolution from the system domain,
so the HAL has to read this from the sysprop provided by the display
code.

Allow the HAL to do so in this CL.

Bug: 236200710
Test: adb shell dmesg | grep input_processor
Change-Id: I23285c21a82748c63fbe20988af42884b9261b66
 2022-06-16 15:59:46 -07:00
Automerger Merge Worker
8630d76568 Merge "allow rlsservice read vendor camera property am: f90d992b0c am: f41b4005dd" into tm-d1-dev-plus-aosp am: c4a80436a0 am: 0a1d8f2f71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: I15fb9ed470554fe67c31c3445e56fcb07af2daf6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 13:20:06 +00:00
JimiChen
72fd443a27 allow rlsservice read vendor camera property am: f90d992b0c am: 7e79f7639d am: e8a19311d5 am: 53d0a39cb5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Iefbd99850f1e0a48f9bb3a23f776be09e5f46bd0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 13:19:40 +00:00
JimiChen
a56c7687ea allow rlsservice read vendor camera property am: f90d992b0c am: f41b4005dd am: 8af2912356 am: b15579ed26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Icc60b74329abf97daadf545b75fdeb6ba9803d3b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 13:19:15 +00:00
Automerger Merge Worker
0a1d8f2f71 Merge "allow rlsservice read vendor camera property am: f90d992b0c am: f41b4005dd" into tm-d1-dev-plus-aosp am: c4a80436a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Ic0dc324fcd650b33c79c478427228092d12c37ec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 13:01:35 +00:00
JimiChen
53d0a39cb5 allow rlsservice read vendor camera property am: f90d992b0c am: 7e79f7639d am: e8a19311d5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: I90af773d12bd7f94294f5b51659ca351da00bdb8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 13:00:57 +00:00
JimiChen
b15579ed26 allow rlsservice read vendor camera property am: f90d992b0c am: f41b4005dd am: 8af2912356 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: I3ad30bbfae5474421775b7dd8b54c677b0a1f320
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 13:00:38 +00:00
Automerger Merge Worker
c4a80436a0 Merge "allow rlsservice read vendor camera property am: f90d992b0c am: f41b4005dd" into tm-d1-dev-plus-aosp 2022-06-16 12:36:58 +00:00
JimiChen
3ab0915765 allow rlsservice read vendor camera property am: f90d992b0c am: f41b4005dd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: I97e1cc94ceacca9ab0da5fce8b051017cdaec65c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:36:44 +00:00
JimiChen
e8a19311d5 allow rlsservice read vendor camera property am: f90d992b0c am: 7e79f7639d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Ifeac7cc60bcd91c0c8018626a1499b0fca6c4282
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:36:43 +00:00
JimiChen
8af2912356 allow rlsservice read vendor camera property am: f90d992b0c am: f41b4005dd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Ie0ca09bda13e5756cf59bb274c23bfa92f5d918b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:36:41 +00:00
JimiChen
e2adad62fa allow rlsservice read vendor camera property am: f90d992b0c am: 09ef70789d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: I86e9300d6801effead758e68ea3c9af1935a57a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:36:04 +00:00
JimiChen
f41b4005dd allow rlsservice read vendor camera property am: f90d992b0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Id9857d0edc1f34c53a1af86f7bcb16a17e69dc99
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:19:33 +00:00
JimiChen
09ef70789d allow rlsservice read vendor camera property am: f90d992b0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Ide381ef95ffddedf9137449dc619e4ab7c0aad20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:18:26 +00:00
JimiChen
7e79f7639d allow rlsservice read vendor camera property am: f90d992b0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Ie8ff6714c0cf09bb94c462836d5329bd0c0705f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:18:03 +00:00
JimiChen
f90d992b0c allow rlsservice read vendor camera property 
Bug: 233020488
Test: no avc denied
Change-Id: Ie7e68a6e18ba64c18e90e39cadacea5a15364eff
 2022-06-16 12:02:26 +00:00
sukiliu
3da345db1d [automerger skipped] [Do not merge]Update avc error on ROM 8732242 am: c25afee26a am: 4296484403 -s ours am: 5d57c72cc9 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18911481

Change-Id: I0a576ac7f0478303ae5a7b539c0cc3879ea57226
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 08:04:35 +00:00
sukiliu
7b6f157922 [automerger skipped] [Do not merge]Update avc error on ROM 8732242 am: c25afee26a am: 346ea66421 am: f0b62f66e4 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18911481

Change-Id: I480ea4786e158c95b95baa0ac6eaac50bfd72e84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 08:04:28 +00:00
sukiliu
5d57c72cc9 [automerger skipped] [Do not merge]Update avc error on ROM 8732242 am: c25afee26a am: 4296484403 -s ours 
am skip reason: Merged-In I9b4b487aa78a69fe981a542aef1a7dbe368a30ce with SHA-1 c25afee26a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18911481

Change-Id: I1a3b60fecd19afe83ea6bab5df552de65662535b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 07:26:58 +00:00
sukiliu
f0b62f66e4 [Do not merge]Update avc error on ROM 8732242 am: c25afee26a am: 346ea66421 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18911481

Change-Id: I2c0c351b0592bf4345f8c482bf57b5a64122b3b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 07:26:49 +00:00
sukiliu
4296484403 [Do not merge]Update avc error on ROM 8732242 am: c25afee26a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18911481

Change-Id: I7f9d305c7e08f1db8e54625da80b1205b04f3964
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 07:10:11 +00:00
sukiliu
346ea66421 [Do not merge]Update avc error on ROM 8732242 am: c25afee26a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18911481

Change-Id: Ib18c3ed1bb2fc93dd6054e47d4201921b6c0fc16
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 07:10:09 +00:00
sukiliu
c25afee26a [Do not merge]Update avc error on ROM 8732242 
Bug: 236200710
Test: PtsSELinuxTestCases
Merged-In: I9b4b487aa78a69fe981a542aef1a7dbe368a30ce
Change-Id: I9b4b487aa78a69fe981a542aef1a7dbe368a30ce
 2022-06-16 03:24:58 +00:00
sukiliu
6e578b6825 Update avc error on ROM 8732242 
Bug: 236200710
Test: PtsSELinuxTestCases
Change-Id: I9b4b487aa78a69fe981a542aef1a7dbe368a30ce
 2022-06-16 03:13:44 +00:00
Android Build Coastguard Worker
45dbf80526 Snap for 8730731 from 0838c612a7 to udc-release 
Change-Id: I732bd5c0a40488003ff02429e7fabfb88560e014
 2022-06-16 03:02:51 +00:00
Android Build Coastguard Worker
16f0bee4c4 Snap for 8722243 from 1b954eef3b to udc-release 
Change-Id: Ie6088427f94c204150aae3cf92f49aca7f991671
 2022-06-15 03:02:53 +00:00
Robb Glasser
0838c612a7 Allow sensors HAL to rw the sensors registry. am: 31981dfaea am: fdab89cb53 am: 8c03e80d2f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18801904

Change-Id: I02cc0cc87364e5dff6388f046c02253c783bf8c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 21:01:25 +00:00
Robb Glasser
731fcbfac1 Allow sensors HAL to rw the sensors registry. am: 31981dfaea am: 1e07ca2133 am: dab6ebf461 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18801904

Change-Id: I1e15d7c426ddf0d7c76749b6cd20a078fc1cba52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 21:01:02 +00:00
Robb Glasser
8c03e80d2f Allow sensors HAL to rw the sensors registry. am: 31981dfaea am: fdab89cb53 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18801904

Change-Id: Ia13fb151acf3aac1384d5d15ca99dcab98596ce2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 20:26:36 +00:00
Robb Glasser
dab6ebf461 Allow sensors HAL to rw the sensors registry. am: 31981dfaea am: 1e07ca2133 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18801904

Change-Id: Ibca080c05e9ac22bd8fff5b374c796bce6d22c93
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 20:25:54 +00:00
Robb Glasser
1e07ca2133 Allow sensors HAL to rw the sensors registry. am: 31981dfaea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18801904

Change-Id: I5a38540c36766b1474cf44f06a5147dc48966c69
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 20:00:30 +00:00
Robb Glasser
fdab89cb53 Allow sensors HAL to rw the sensors registry. am: 31981dfaea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18801904

Change-Id: Iae2c15d00f64e01312332f0cd446e2bb9692d053
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 20:00:17 +00:00
Robb Glasser
31981dfaea Allow sensors HAL to rw the sensors registry. 
The sensors HAL needs full permissions to read and write the sensors
registry for things like runtime calibration.

Bug: 227695036
Test: Denial goes away.
Change-Id: I5ccec3497219acca7c172c1cb0cf1d070996b42b
 2022-06-14 19:20:32 +00:00
Nucca Chen
1b954eef3b Remove clatd tracking_denial 
Bug: 210363983
Change-Id: Ie3a38ef9cdb4447a3684912d2a65b0167c484cc6
Test: boot with no relevant error log
 2022-06-14 17:37:46 +00:00
yixuanjiang
1808f32b3a aoc: add audio property for audio CCA module am: 73f6971475 am: 7db78e5ead 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18755666

Change-Id: I44da9004d1a182ee03b04ff2aa6ff418c0fcc25f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 07:44:05 +00:00
yixuanjiang
7db78e5ead aoc: add audio property for audio CCA module am: 73f6971475 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18755666

Change-Id: I550dcc1f53c73dd72f42ac7042598a36c780d8c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 07:25:35 +00:00
yixuanjiang
73f6971475 aoc: add audio property for audio CCA module 
Bug: 213545113
Test: local test
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: Ic58d944d30d0367a7c3afdf5f1bb1f696c8edda9
 2022-06-14 07:02:23 +00:00
Adam Shih
2005390966 remove obsolete entry 
Bug: 228181404
Test: boot with no avc error log
Change-Id: Ic8d71ef8ddb99eafb366929af695a50d4779ac0c
 2022-06-14 11:32:27 +08:00
Android Build Coastguard Worker
8f5893ee0a Snap for 8718064 from c9085d37e0 to udc-release 
Change-Id: Ie687c7e8102c78dbdf9e1b3cf1058fe260caf17b
 2022-06-14 03:02:50 +00:00
Minchan Kim
aa93c852f3 allow hal_dumpstate_default to access cma debugfs am: 4bc7128afe am: 5f60efbda2 am: 6f7f80d426 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18843535

Change-Id: Idb2e8e2bba19e861fcb431ce01ef23e4e0cc362b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 23:55:19 +00:00
Minchan Kim
7da3903226 allow hal_dumpstate_default to access cma debugfs am: 4bc7128afe am: 10398a5cbb am: 62afd7445e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18843535

Change-Id: Ibe84bcad191c6f5cea8f25894fce4e5b707a4f3f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 23:46:51 +00:00
Minchan Kim
6f7f80d426 allow hal_dumpstate_default to access cma debugfs am: 4bc7128afe am: 5f60efbda2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18843535

Change-Id: Icec5566a457c75184e872ca5749ef649cae8f58c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 23:28:52 +00:00
Minchan Kim
62afd7445e allow hal_dumpstate_default to access cma debugfs am: 4bc7128afe am: 10398a5cbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18843535

Change-Id: Ib9d5e2d45a6b38a03e156a0974afe20b78297801
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 23:28:07 +00:00
Minchan Kim
5f60efbda2 allow hal_dumpstate_default to access cma debugfs am: 4bc7128afe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18843535

Change-Id: I6537bd75541c64c27f17beef2bb2efbcc798756e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 23:04:12 +00:00
Minchan Kim
10398a5cbb allow hal_dumpstate_default to access cma debugfs am: 4bc7128afe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18843535

Change-Id: Ia0997d18fdae581c82b9a80e84e518e1311d1887
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 23:04:10 +00:00
Minchan Kim
4bc7128afe allow hal_dumpstate_default to access cma debugfs 
It's useful for CMA memory debugging.

Bug: 233535442
Test: adb bugreport contains cma information in dumpstate_board.txt
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I65170d6b84f642e038a7901427c3673b40832af9
 2022-06-13 22:35:38 +00:00
xiaofanj
b3576ef751 modem_svc_sit: create oem test iodev 
- Create radio_test_device for oem_test iodev.
- Grant modem_svc_sit to access radio_test_device.

Bug: 231380480

Signed-off-by: Xiaofan Jiang <xiaofanj@google.com>
Change-Id: Id06deedadf04c70b57e405a05533ed85764bdd1d
 2022-06-13 22:31:46 +00:00
Oleg Matcovschi
c9085d37e0 sepolicy: add sscoredump mali genfs rule am: c7bcfba2cb am: 910d7ed141 am: 97c6a21f42 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18839008

Change-Id: I7a8bb164a02d4b5216f13426e5383ba9e87c4845
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 20:44:41 +00:00
Oleg Matcovschi
e42f591b8d sepolicy: add sscoredump mali genfs rule am: c7bcfba2cb am: 06c0bb9b68 am: c622ae0997 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18839008

Change-Id: I49a2d975adf6056efbc089c1086c6ffdb29ef52a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 20:43:58 +00:00
Oleg Matcovschi
97c6a21f42 sepolicy: add sscoredump mali genfs rule am: c7bcfba2cb am: 910d7ed141 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18839008

Change-Id: I323b175ead00af642566bf4b534f3e37f31bc4a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 20:15:09 +00:00
Oleg Matcovschi
c622ae0997 sepolicy: add sscoredump mali genfs rule am: c7bcfba2cb am: 06c0bb9b68 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18839008

Change-Id: I91b61083e4fbb7ee3e2e95439ce41d8cfa4fb2f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 20:14:20 +00:00
Oleg Matcovschi
910d7ed141 sepolicy: add sscoredump mali genfs rule am: c7bcfba2cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18839008

Change-Id: Idf09c36426159f8fe5f24e4a64faa93a364b7f7f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 19:48:24 +00:00
Oleg Matcovschi
06c0bb9b68 sepolicy: add sscoredump mali genfs rule am: c7bcfba2cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18839008

Change-Id: I8d31652f4fb97125b39d87270079dbfda74dfac8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-13 19:48:21 +00:00
Oleg Matcovschi
c7bcfba2cb sepolicy: add sscoredump mali genfs rule 
Bug: 235492324
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: I8a5db9b4d0a6f63819820213e20165dbe920ab07
 2022-06-13 18:08:04 +00:00
Adam Shih
8d011823ed allow dumpstate to access sde partition 
Bug: 221384768
Test: do bugreport without relevant error log
Change-Id: I26b0246f8d99a5efce8f7d1b65fa50faafb599e2
 2022-06-13 13:11:12 +08:00
Adam Shih
dc339dc780 remove obsolete entry 
Bug: 229354991
Test: take a bug report without showing relevant logs
Change-Id: I3c75ca4e79085205f50c07b8ceea9757760a8763
 2022-06-13 11:09:23 +08:00
Android Build Coastguard Worker
52665ffd82 Snap for 8710910 from 12d27fda96 to udc-release 
Change-Id: I85c645206dd576404d74a993dbc439f1b81627eb
 2022-06-11 05:08:06 +00:00
Krzysztof Kosiński
12d27fda96 Add dontaudit statements to camera HAL policy. am: 2d44b5d5d0 am: 4e0e696557 am: de8c522976 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18806796

Change-Id: I88cdef9c4076fcc64b6a964aafd30a8d8eb8479d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 22:22:38 +00:00
Krzysztof Kosiński
80e4a09230 Add dontaudit statements to camera HAL policy. am: 2d44b5d5d0 am: c580359e1a am: 527ccb7e0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18806796

Change-Id: Id08c93cd7eda12f645c6c855f1718a39a78bbbe0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 22:22:12 +00:00
Krzysztof Kosiński
de8c522976 Add dontaudit statements to camera HAL policy. am: 2d44b5d5d0 am: 4e0e696557 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18806796

Change-Id: Id5244b02b2364064a4da128dc7ee906e9224e02a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:39:01 +00:00
Krzysztof Kosiński
527ccb7e0c Add dontaudit statements to camera HAL policy. am: 2d44b5d5d0 am: c580359e1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18806796

Change-Id: Iba99e34c7ec4342dc9ad90c2a2598fd467e5269e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:38:41 +00:00
Krzysztof Kosiński
4e0e696557 Add dontaudit statements to camera HAL policy. am: 2d44b5d5d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18806796

Change-Id: I3edd95cc19e0a2270be25ed8624bc9baa453480b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:04:44 +00:00
Krzysztof Kosiński
c580359e1a Add dontaudit statements to camera HAL policy. am: 2d44b5d5d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18806796

Change-Id: Ifc5b6f8e21d1c926b84a919ab39e5b3a1449ca5d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:04:42 +00:00
Krzysztof Kosiński
2d44b5d5d0 Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Bug: 218585004
Test: build & camera check
Change-Id: Ie0338f0d2a6fd0c589777a82c22a014e462bd5c2
(cherry picked from commit 26b2d2e33e)
 2022-06-10 20:19:12 +00:00
Myung-jong Kim
9db15d4933 sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: 0d81b693cf am: c071e1caa0 am: c7bc0c512c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I5b1d9472740a25b6ab6b5769e39be1cd87099e1e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 16:20:22 +00:00
Myung-jong Kim
70dbe3e7e8 sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: 0d81b693cf am: 01870d5731 am: b325dccb09 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I177341a564909b7b74af04fdaf58507674844045
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 16:20:02 +00:00
Myung-jong Kim
afdae26777 sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: b022c79b96 am: a057381a7d am: 29e89b93ee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: Ia672764e865fcb8de1de9c8cde66e38dd3bd255f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 16:19:50 +00:00
Myung-jong Kim
c7bc0c512c sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: 0d81b693cf am: c071e1caa0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I116cb4eb36870c61bf3957378a7a74b5c13b3376
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 16:01:01 +00:00
Myung-jong Kim
b325dccb09 sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: 0d81b693cf am: 01870d5731 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I39e9405043698829851fef9c9b308518694f1f90
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:53:17 +00:00
Myung-jong Kim
29e89b93ee sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: b022c79b96 am: a057381a7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I720fceaf684b1c3f4050896c16d9271bd706b195
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:53:05 +00:00
Ken Chen
b0e64b6d6e fix sepolicy for net devices am: d0bbe71217 am: 31a64f7fc0 am: bd1536a0ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18821530

Change-Id: Ic12ba6063304095593303f442faa4cd3c91fc4df
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:36:42 +00:00
Ken Chen
dce5aed49a fix sepolicy for net devices am: d0bbe71217 am: 879752df15 am: 819f8714d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18821530

Change-Id: I6590305eba442878f3e06c69b82f991b37a9778c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:36:34 +00:00
Myung-jong Kim
01870d5731 sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: 0d81b693cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I0bd3765e66d9949fcb30692d5294a90f7dfe16b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:27:33 +00:00
Myung-jong Kim
c071e1caa0 sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: 0d81b693cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I0f435c75dd2722d5a5c4638abb9fc77675fca868
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:27:33 +00:00
Myung-jong Kim
c2d395196b sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: 189d7237ee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I668c11a801cbe1038ecde0c3d1b9eca6d709bc2b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:20:16 +00:00
Myung-jong Kim
a057381a7d sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 am: b022c79b96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I5a38963dcaac5334603090efc5401472a0595873
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:20:00 +00:00
Ken Chen
bd1536a0ab fix sepolicy for net devices am: d0bbe71217 am: 31a64f7fc0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18821530

Change-Id: I5f58c2df5ea8597030de7b18b7c76663db86ab1b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:09:51 +00:00
Ken Chen
819f8714d7 fix sepolicy for net devices am: d0bbe71217 am: 879752df15 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18821530

Change-Id: Iee683ac94e9b315408fb60ee8570ff961eb8c73c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:09:17 +00:00
Myung-jong Kim
0d81b693cf sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I9095a0759ca94fe8a55f8bc64c7f4eb8b82f1379
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:02:25 +00:00
Myung-jong Kim
189d7237ee sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I24c5df643d88b2ea754df078313d97192d0d9d9b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:01:16 +00:00
Myung-jong Kim
b022c79b96 sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I31f893e09882abc1cf9f35873aac5348a6a07a91
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:00:49 +00:00
Ken Chen
31a64f7fc0 fix sepolicy for net devices am: d0bbe71217 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18821530

Change-Id: Ieaccf37e91e30b8c623d797e5f6e7aaa62c779f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 14:46:05 +00:00
Ken Chen
879752df15 fix sepolicy for net devices am: d0bbe71217 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18821530

Change-Id: I32004f9719a68a80d1eaa1a5435dfbd5c07364b0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 14:46:03 +00:00
Myung-jong Kim
e2b042c307 sepolicy: add net_domain macro for vendor_rcs_app 
[Problem] sepolicy denial during ShannonGbaService process
[Cause] Missing sepolicies
[Solution] Add net_domain(vendor_rcs_app) to give base set of
    permissions required for network access

Bug: 235011726
Signed-off-by: Myung-jong Kim <mj610.kim@samsung.com>
Change-Id: Iaac1d7b5a4303338ed2c763b62714e14aed7d728
 2022-06-10 14:39:59 +00:00
Ken Chen
d0bbe71217 fix sepolicy for net devices 
bug: 222232008
Test: atest NetdSELinuxTest#CheckProperMTULabels
Change-Id: I99f70eefa3259a2da556fed6ced70f32d03ff4bb
 2022-06-10 18:20:19 +08:00
Android Build Coastguard Worker
a5e155b626 Snap for 8705297 from ec7b23cf03 to udc-release 
Change-Id: I39f9e1fd2494157cbf27eb091e94989e89dee587
 2022-06-10 03:02:57 +00:00
Adam Shih
ec7b23cf03 remove obsolete entries 
Bug: 227694693
Bug: 226850644
Bug: 227121550
Bug: 229677756
Bug: 234547497
Test: adb bugreport

Change-Id: I94a7466ece0a1e79dc31d737b89845343ea7d301
 2022-06-09 05:35:40 +00:00
Android Build Coastguard Worker
e3bb6bc881 Snap for 8700596 from 96f37c8e11 to udc-release 
Change-Id: I8948643db90ca7230b901dbc3625ac97de2d139d
 2022-06-09 03:03:08 +00:00
Andy Hsu
96f37c8e11 Add policy to allow debug camera app (GCAEng and locally built GCANext) to access HAL to apply CPU/GPU boost on userdebug builds. am: 1240fdefbb am: 0068933788 am: 6c9308eee7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18669326

Change-Id: I0d17f9a3debb4fc4216cb970d6e51c4583a7bd13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 04:38:50 +00:00
Andy Hsu
f6fb096567 Add policy to allow debug camera app (GCAEng and locally built GCANext) to access HAL to apply CPU/GPU boost on userdebug builds. am: 1240fdefbb am: b1fee529bc am: c4ca54241e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18669326

Change-Id: I65de4aacb18364d63879d9102135de48f73d4d3b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 04:38:35 +00:00
Andy Hsu
6c9308eee7 Add policy to allow debug camera app (GCAEng and locally built GCANext) to access HAL to apply CPU/GPU boost on userdebug builds. am: 1240fdefbb am: 0068933788 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18669326

Change-Id: Ica1a93da62fb7b2005b460688c825cb4d8a5da3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 03:55:38 +00:00
Andy Hsu
c4ca54241e Add policy to allow debug camera app (GCAEng and locally built GCANext) to access HAL to apply CPU/GPU boost on userdebug builds. am: 1240fdefbb am: b1fee529bc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18669326

Change-Id: I79297f565e0fa97cc6b6fdca21c4acc4b6a620ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 03:55:20 +00:00
Andy Hsu
0068933788 Add policy to allow debug camera app (GCAEng and locally built GCANext) to access HAL to apply CPU/GPU boost on userdebug builds. am: 1240fdefbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18669326

Change-Id: Ie6508229607980d8cdc5b2d150e6d38a0d2a57bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 03:20:12 +00:00
Andy Hsu
b1fee529bc Add policy to allow debug camera app (GCAEng and locally built GCANext) to access HAL to apply CPU/GPU boost on userdebug builds. am: 1240fdefbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18669326

Change-Id: Ibe8f4e083e90f9e6628d7bf926e9b42020ef0c2b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 03:20:12 +00:00
Andy Hsu
1240fdefbb Add policy to allow debug camera app (GCAEng and locally built GCANext) to access HAL to apply CPU/GPU boost on userdebug builds. 
Bug: 233998391

Test: Boost applied successfully for all flavors b/233998391#comment15. GCA.
Change-Id: If339705cf4daec0f12e81c2c8efdc1eb4a063267
 2022-06-08 02:26:26 +00:00
Android Build Coastguard Worker
b7b4e66d33 Snap for 8672689 from d044d83367 to udc-release 
Change-Id: Ic2fa5b0f3ab899d8cb4d8d1eca8624c39b44f56f
 2022-06-02 03:04:43 +00:00
Adam Shih
d044d83367 update error on ROM 8666963 am: 2a7ecbdce0 am: be15a40df3 am: 5b58259397 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18683654

Change-Id: Ica6e7f2cd667d225274bb57a068a78d64c769050
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 09:49:01 +00:00
Adam Shih
b66ae2f304 update error on ROM 8666963 am: 2a7ecbdce0 am: a038a3604c am: 0c2906ad8f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18683654

Change-Id: I78170999211b22a3941ca2fb5294ee84ea36afcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 09:48:01 +00:00
Adam Shih
5b58259397 update error on ROM 8666963 am: 2a7ecbdce0 am: be15a40df3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18683654

Change-Id: I4a4d27e1eb6b5afc6d858550602e8748b458c2db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 09:32:10 +00:00
Adam Shih
0c2906ad8f update error on ROM 8666963 am: 2a7ecbdce0 am: a038a3604c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18683654

Change-Id: I686ee6f7ad2196da4541a5078a8b346f92f0f6b6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 09:31:13 +00:00
Adam Shih
be15a40df3 update error on ROM 8666963 am: 2a7ecbdce0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18683654

Change-Id: Ie9e3738e4449ca0aef17276a9d6535ce7eb3f01c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 09:09:21 +00:00
Adam Shih
a038a3604c update error on ROM 8666963 am: 2a7ecbdce0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18683654

Change-Id: I41da935bb47a11e07bf3a2503b39b59c910ac2e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 09:08:58 +00:00
Adam Shih
2a7ecbdce0 update error on ROM 8666963 
Bug: 234547497
Test: boot
Change-Id: Ic5a9d39449af035a32aaea71b06d7bd33e16cf4b
 2022-06-01 08:35:23 +00:00
Automerger Merge Worker
88fe421d57 [automerger skipped] Merge "Update nfc from hidl to aidl service am: 851a643c9e am: c0d30abe87" into tm-qpr-dev-plus-aosp am: 5a4eb1a342 -s ours 
am skip reason: Merged-In If1f57af334033f9bd7174c052767715c9916700f with SHA-1 851a643c9e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18219341

Change-Id: Ib15bece170e7be0d446028ce77f4bdeee628b4a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 07:23:49 +00:00
George Chang
c3f1945019 [automerger skipped] Update nfc from hidl to aidl service am: 851a643c9e am: df6bc834b3 am: c2680d6eab -s ours 
am skip reason: Merged-In If1f57af334033f9bd7174c052767715c9916700f with SHA-1 eb1d4ec87c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18219341

Change-Id: I13c471ffd53edb257e7f216deebc62d94fd93608
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 07:23:27 +00:00
Automerger Merge Worker
5a4eb1a342 Merge "Update nfc from hidl to aidl service am: 851a643c9e am: c0d30abe87" into tm-qpr-dev-plus-aosp 2022-06-01 07:01:48 +00:00
George Chang
f6f7ad6072 Update nfc from hidl to aidl service am: 851a643c9e am: c0d30abe87 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18219341

Change-Id: Ic6543516d860061c4fbe81ba3c5209566b8aaeb1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 07:01:34 +00:00
George Chang
c2680d6eab Update nfc from hidl to aidl service am: 851a643c9e am: df6bc834b3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18219341

Change-Id: I6f388bdda388a2799c822808539eb3fa896f2fc3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 07:01:20 +00:00
George Chang
c0d30abe87 Update nfc from hidl to aidl service am: 851a643c9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18219341

Change-Id: I40b6a95ccbf17a6be299320207a0d75a01c933a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 06:40:51 +00:00
George Chang
df6bc834b3 Update nfc from hidl to aidl service am: 851a643c9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18219341

Change-Id: I7b41a004c946dde1143226f01b8b3aed50f8bf07
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 06:40:50 +00:00
George Chang
851a643c9e Update nfc from hidl to aidl service 
Bug: 216290344
Test: atest NfcNciInstrumentationTests
Test: atest VtsAidlHalNfcTargetTest
Merged-In: If1f57af334033f9bd7174c052767715c9916700f
Change-Id: If1f57af334033f9bd7174c052767715c9916700f
 2022-06-01 06:19:26 +00:00
Android Build Coastguard Worker
9a86a03442 Snap for 8666878 from b7aba93a27 to udc-release 
Change-Id: I2a6751c7d18c561719f3e3385256175819c065b9
 2022-06-01 03:03:06 +00:00
Andy Hsu
4f98b5ec3b Add policy to allow GoogleCameraApp access HAL to apply CPU/GPU boost. am: 38ddaa255e am: df582294bd am: fabd18db44 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18611816

Change-Id: Ic3e49226f5faa74d9d63c5127d45dfa5233486de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 01:09:45 +00:00
Andy Hsu
04597681b4 Add policy to allow GoogleCameraApp access HAL to apply CPU/GPU boost. am: 38ddaa255e am: cb2ea8b415 am: 2a22a2afc9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18611816

Change-Id: Ib66beec0f6376460f1f50f7fb4a2a79efe28cc7d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 01:09:10 +00:00
Andy Hsu
fabd18db44 Add policy to allow GoogleCameraApp access HAL to apply CPU/GPU boost. am: 38ddaa255e am: df582294bd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18611816

Change-Id: I43923b02770b9abf6b204ca734bb75d0426a3d35
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:53:02 +00:00
Andy Hsu
2a22a2afc9 Add policy to allow GoogleCameraApp access HAL to apply CPU/GPU boost. am: 38ddaa255e am: cb2ea8b415 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18611816

Change-Id: I9dbe5de74714c368aa937f74a64219776a0f840d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:52:43 +00:00
Ankit Goyal
b7aba93a27 Add SE policies for memtrack HAL am: 5be857af43 am: f67dde58a8 am: 3309160d93 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18638327

Change-Id: Ia94b5a2cfe98e9643289bca26923da0822e7a57c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:25:24 +00:00
Ankit Goyal
c4a5886408 Add SE policies for memtrack HAL am: 5be857af43 am: b6ff456519 am: ab71f17d11 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18638327

Change-Id: Ib44be45f890b5c1913a05c5bf928b26830dbfd2c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:24:42 +00:00
Andy Hsu
df582294bd Add policy to allow GoogleCameraApp access HAL to apply CPU/GPU boost. am: 38ddaa255e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18611816

Change-Id: I1b1f04a116c81d21212d3a703e21d64cf921a737
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:17:35 +00:00
Andy Hsu
cb2ea8b415 Add policy to allow GoogleCameraApp access HAL to apply CPU/GPU boost. am: 38ddaa255e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18611816

Change-Id: If8b3bd00da683ee1b63302f11a3d87638ac8ce8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:17:24 +00:00
Ankit Goyal
3309160d93 Add SE policies for memtrack HAL am: 5be857af43 am: f67dde58a8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18638327

Change-Id: I220917b3bd061b73fd659a7ec819f0e6458ba718
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:01:24 +00:00
Ankit Goyal
ab71f17d11 Add SE policies for memtrack HAL am: 5be857af43 am: b6ff456519 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18638327

Change-Id: I83ea22dce95f8d6f259184d55c10c98afab5cdfd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-01 00:00:54 +00:00
Andy Hsu
38ddaa255e Add policy to allow GoogleCameraApp access HAL to apply CPU/GPU boost. 
To fix the denial message:
avc:  denied  { find } for pid=4646 uid=10134 name=android.hardware.power.IPower/default scontext=u:r:google_camera_app:s0:c134,c256,c512,c768 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=0

Reference: go/sepolicy.

On P21, we have ag/14692156 to access PowerHAL in GCA. On P22, we currently don't have the permission (b/233998391#comment10). This change fixes this issue.

Bug: 233998391
Bug: 232184722
Bug: 232022128

Test: Boost is applied successfully b/233998391#comment11. GCA.

Change-Id: Id1a938fc0af0ad9280aa49e7f6cbdf45c16f8b38
 2022-05-31 23:57:19 +00:00
Ankit Goyal
f67dde58a8 Add SE policies for memtrack HAL am: 5be857af43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18638327

Change-Id: Iad6cb2dd43fc7eb8ca22e7c26c601e0211bb2ed9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 23:39:54 +00:00
Ankit Goyal
b6ff456519 Add SE policies for memtrack HAL am: 5be857af43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18638327

Change-Id: I5b0f38beb901b5a18a72135a51f922c2354975db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 23:39:38 +00:00
Ankit Goyal
5be857af43 Add SE policies for memtrack HAL 
Bug: 220360577
Test: adb shell dumpsys meminfo
Change-Id: I4dfc0c016ccf980b4f7dabd2fb70d2466b69b5cc
 2022-05-31 23:25:27 +00:00
Taeju Park
2321f4661b Pixel-EM-DriverV2: sepolicy: allows Power HAL to am: eb4d432dd8 am: 7c607ccd6f am: 070936c46b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18635845

Change-Id: I879ff29d85d72305aa75c00146738dd2a2a41e34
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 22:08:40 +00:00
Taeju Park
561f288e51 Pixel-EM-DriverV2: sepolicy: allows Power HAL to am: eb4d432dd8 am: f292277bbd am: 57f67fa7a1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18635845

Change-Id: Idaeec47d1883e0ad3c7883ed4a5a027647f28b5a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 22:08:18 +00:00
Taeju Park
070936c46b Pixel-EM-DriverV2: sepolicy: allows Power HAL to am: eb4d432dd8 am: 7c607ccd6f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18635845

Change-Id: If09b593b7e0380904792a71744b7c3fd69044eaf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 21:29:39 +00:00
Taeju Park
57f67fa7a1 Pixel-EM-DriverV2: sepolicy: allows Power HAL to am: eb4d432dd8 am: f292277bbd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18635845

Change-Id: I72a1457b2c69c95b6d8f85bd0e7a8f8fd0b97ff9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 21:29:13 +00:00
Taeju Park
f292277bbd Pixel-EM-DriverV2: sepolicy: allows Power HAL to am: eb4d432dd8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18635845

Change-Id: I57405574dd0a776e8b5c4569b50e515fc5150f24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 21:07:59 +00:00
Taeju Park
7c607ccd6f Pixel-EM-DriverV2: sepolicy: allows Power HAL to am: eb4d432dd8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18635845

Change-Id: I1228f0079fffef386a1cd4ed4fa1251dcfa41af7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-31 21:07:55 +00:00
Taeju Park
eb4d432dd8 Pixel-EM-DriverV2: sepolicy: allows Power HAL to 
modify em_profile related sysfs nodes

Bug: 170647767
Signed-off-by: Taeju Park <taeju@google.com>
Change-Id: I160741f172a5713535852e7fb0d12126ddf0395e
 2022-05-31 20:38:29 +00:00
Android Build Coastguard Worker
1c5843eaa7 Snap for 8657279 from 9374dfcf9a to udc-release 
Change-Id: I055c051889729203e2a8948450e1e357f0155524
 2022-05-28 05:08:00 +00:00
George Lee
9374dfcf9a dumpstate: Mitigation logger readout - sepolicy am: ee92ac374a am: 565777a4d4 am: de7e3bfdaf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18605588

Change-Id: I1593e16627d58c887741e6866131cf835dc762af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 21:49:44 +00:00
George Lee
7120786778 dumpstate: Mitigation logger readout - sepolicy am: ee92ac374a am: adafddba0a am: 3064b85087 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18605588

Change-Id: I66b9eb65c7e07aaddcf9f0a5b4ef33cb996f5986
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 21:49:09 +00:00
George Lee
de7e3bfdaf dumpstate: Mitigation logger readout - sepolicy am: ee92ac374a am: 565777a4d4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18605588

Change-Id: Ia546949616522adcbe0a82db5dcad518229b1f49
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 21:43:44 +00:00
George Lee
3064b85087 dumpstate: Mitigation logger readout - sepolicy am: ee92ac374a am: adafddba0a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18605588

Change-Id: I69dd346a7a40ae92d2b68277b81f59d637e8a627
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 21:43:22 +00:00
George Lee
565777a4d4 dumpstate: Mitigation logger readout - sepolicy am: ee92ac374a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18605588

Change-Id: Ic17cca8a72d65b8379162eaf0b040089f41e66aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 21:20:27 +00:00
George Lee
adafddba0a dumpstate: Mitigation logger readout - sepolicy am: ee92ac374a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18605588

Change-Id: Ib737d3365d2bb622a020c38032555a58279d6ab2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 21:20:25 +00:00
George Lee
d6474aec89 bcl: Add Mitigation Logger - sepolicy am: bc2cf5c153 am: f283938d32 am: 635121d04c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18527859

Change-Id: I506a70c69d6f046178ae67269201f77523681314
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 18:41:57 +00:00
George Lee
6fec1f655f bcl: Add Mitigation Logger - sepolicy am: bc2cf5c153 am: e9621aaa91 am: 724884bbad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18527859

Change-Id: I1c724540e162b2093319172f88cac667b37d3643
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 18:41:39 +00:00
George Lee
ee92ac374a dumpstate: Mitigation logger readout - sepolicy 
Mitigation Logger logs battery related information for 1 second when it
is triggered by under voltage or over current interrupts.  Information
collected is to help debug system brownout.  This change is to enable
bugreport reading out the mitigation log.

Bug: 228383769
Test: Boot and Test
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ic0291e05bcf20839a66d50d159bb5ef41681c45d
 2022-05-27 11:25:02 -07:00
George Lee
635121d04c bcl: Add Mitigation Logger - sepolicy am: bc2cf5c153 am: f283938d32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18527859

Change-Id: I2d2c895c7041cf4f91b4c8be9bc9645c3c4eacf8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 18:23:02 +00:00
George Lee
724884bbad bcl: Add Mitigation Logger - sepolicy am: bc2cf5c153 am: e9621aaa91 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18527859

Change-Id: I079337663e8430172785959732afb7dd99ad9c81
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 18:22:44 +00:00
George Lee
f283938d32 bcl: Add Mitigation Logger - sepolicy am: bc2cf5c153 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18527859

Change-Id: I1910b2fe519ce9e6706f827a310a8bc5996840d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 18:06:00 +00:00
George Lee
e9621aaa91 bcl: Add Mitigation Logger - sepolicy am: bc2cf5c153 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18527859

Change-Id: If44783796889a9f6bb479577b16b5705c9b2c605
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 18:05:57 +00:00
eddielan
6fca8ffb29 [automerger skipped] sepolicy: Add SW35 HIDL factory service into sepolicy am: 36a6b23804 am: 6d8175033d -s ours am: df4f96a9ef -s ours 
am skip reason: Merged-In If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704 with SHA-1 36a6b23804 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18626554

Change-Id: I20e5defb25cfdcc6a5b5bfe00f33102995c08f64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 05:27:17 +00:00
eddielan
a75ce3ceeb [automerger skipped] sepolicy: Add SW35 HIDL factory service into sepolicy am: 36a6b23804 -s ours am: 464a71b3b6 -s ours am: 8d79ac0e8c -s ours 
am skip reason: Merged-In If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704 with SHA-1 aeb9bd0406 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18626554

Change-Id: I77e415f05d6f06328f683826483193d8fa458992
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 05:26:48 +00:00
eddielan
df4f96a9ef [automerger skipped] sepolicy: Add SW35 HIDL factory service into sepolicy am: 36a6b23804 am: 6d8175033d -s ours 
am skip reason: Merged-In If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704 with SHA-1 36a6b23804 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18626554

Change-Id: I7f3f5433a40b320ebda5188b71a6a65f1a715076
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 04:54:26 +00:00
eddielan
8d79ac0e8c [automerger skipped] sepolicy: Add SW35 HIDL factory service into sepolicy am: 36a6b23804 -s ours am: 464a71b3b6 -s ours 
am skip reason: Merged-In If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704 with SHA-1 aeb9bd0406 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18626554

Change-Id: I1be7e8e562b2e059794aed85e74365324cf7ba25
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 04:53:49 +00:00
George Lee
bc2cf5c153 bcl: Add Mitigation Logger - sepolicy 
Mitigation Logger logs battery related information for 1 second when it
is triggered by under voltage or over current interrupts.  Information
collected is to help debug system brownout.

Bug: 228383769
Test: Boot and Test
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I9ac873d03d57d9a6db8d9233f25c8fabdfc399a5
 2022-05-26 21:39:25 -07:00
eddielan
6d8175033d sepolicy: Add SW35 HIDL factory service into sepolicy am: 36a6b23804 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18626554

Change-Id: Ib754baafed214f6d794a0646661e202af9534717
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 04:33:14 +00:00
eddielan
464a71b3b6 [automerger skipped] sepolicy: Add SW35 HIDL factory service into sepolicy am: 36a6b23804 -s ours 
am skip reason: Merged-In If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704 with SHA-1 aeb9bd0406 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18626554

Change-Id: I21fac30e6097708e5fa6b7510f5bcd164cb85538
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-27 04:32:32 +00:00
Android Build Coastguard Worker
d2de01ec01 Snap for 8650624 from 39ddbb6a3b to udc-release 
Change-Id: I4f131bb7cc621a7abb914e154d04db951baa768f
 2022-05-27 03:03:18 +00:00
eddielan
36a6b23804 sepolicy: Add SW35 HIDL factory service into sepolicy 
Bug: 231549391
Test: Build Pass
Change-Id: If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704
(cherry picked from commit aeb9bd0406)
Merged-In: If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704
 2022-05-27 01:29:31 +00:00
Badhri Jagan Sridharan
39ddbb6a3b Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: b401becb46 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: Ia1d708cd4c1989425fc4a5fa74de1eaf6c04145c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-26 03:07:08 +00:00
Android Build Coastguard Worker
15b7a4e869 Snap for 8644138 from cf23b50955 to udc-release 
Change-Id: Ib3b7c0ef8f0cf8eacebd5fadf79b97076b69261f
 2022-05-26 03:03:08 +00:00
Jaegeuk Kim
5caf69b4ee Allow sysfs_devices_block to f2fs-tools am: 81d01513de am: 172d63d23c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18596425

Change-Id: I60e6c75362a7dc104e55eb9868fa8861179acb81
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-26 02:21:37 +00:00
Jaegeuk Kim
268f285807 Allow sysfs_devices_block to f2fs-tools am: 2ddc8ee333 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18596426

Change-Id: I0d50ab6bbc2fa5cd5758fa0b0561f84e51a122e7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-26 02:21:29 +00:00
Jaegeuk Kim
172d63d23c Allow sysfs_devices_block to f2fs-tools am: 81d01513de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18596425

Change-Id: Ifa7b292b61d526c63009df50c52f105002cd2e5b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-26 02:20:22 +00:00
Jaegeuk Kim
2ddc8ee333 Allow sysfs_devices_block to f2fs-tools 
The fsck.f2fs checks the sysfs entries of block devices to get disk
information. Note that, the block device entries are device-specific.

1. fsck.f2fs
avc: denied { search } for comm="fsck.f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="fsck.f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda7/partition" dev="sysfs" ino=60672 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

2. mkfs.f2fs
avc: denied { search } for comm="make_f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="make_f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda8/partition" dev="sysfs" ino=61046 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 233835698
Bug: 172377740
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I409feec84565f965baa96b06a5b08bcfc1a8db02
 2022-05-25 15:32:56 +00:00
Jaegeuk Kim
81d01513de Allow sysfs_devices_block to f2fs-tools 
The fsck.f2fs checks the sysfs entries of block devices to get disk
information. Note that, the block device entries are device-specific.

1. fsck.f2fs
avc: denied { search } for comm="fsck.f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="fsck.f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda7/partition" dev="sysfs" ino=60672 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

2. mkfs.f2fs
avc: denied { search } for comm="make_f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="make_f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda8/partition" dev="sysfs" ino=61046 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 233835698
Bug: 172377740
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I409feec84565f965baa96b06a5b08bcfc1a8db02
 2022-05-25 15:32:42 +00:00
Android Build Coastguard Worker
df154ac525 Snap for 8638406 from 82e8f58252 to udc-release 
Change-Id: I0b6cab1e13c60012705493cc5b653d896d5557b3
 2022-05-25 03:03:35 +00:00
Jaegeuk Kim
cf23b50955 Allow sysfs_devices_block to f2fs-tools 
The fsck.f2fs checks the sysfs entries of block devices to get disk
information. Note that, the block device entries are device-specific.

1. fsck.f2fs
avc: denied { search } for comm="fsck.f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="fsck.f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda7/partition" dev="sysfs" ino=60672 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

2. mkfs.f2fs
avc: denied { search } for comm="make_f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="make_f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda8/partition" dev="sysfs" ino=61046 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 172377740
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I409feec84565f965baa96b06a5b08bcfc1a8db02
 2022-05-24 14:07:04 -07:00
Automerger Merge Worker
82e8f58252 Merge "RRS: Apply the default config from persist prop am: 8b2c6f8187 am: a97b993989" into tm-qpr-dev-plus-aosp am: 5dc2e77225 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18401056

Change-Id: I3b1463a9712ff958414a94081d0c9803f562caa2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 14:31:51 +00:00
Yichi Chen
18d6166509 RRS: Apply the default config from persist prop am: 8b2c6f8187 am: 94a704eb03 am: f5281632f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18401056

Change-Id: I41bd18db2424503b9f75025494da20efbe32a227
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 14:31:38 +00:00
Automerger Merge Worker
5dc2e77225 Merge "RRS: Apply the default config from persist prop am: 8b2c6f8187 am: a97b993989" into tm-qpr-dev-plus-aosp 2022-05-24 14:11:14 +00:00
Yichi Chen
aac7419dbe RRS: Apply the default config from persist prop am: 8b2c6f8187 am: a97b993989 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18401056

Change-Id: I8ec29dd0e65826780f1918d17f3c7f7318fd8a87
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 14:11:07 +00:00
Yichi Chen
f5281632f5 RRS: Apply the default config from persist prop am: 8b2c6f8187 am: 94a704eb03 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18401056

Change-Id: I05966f5a501abce05b775a85267442ffff3b0104
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 14:11:03 +00:00
Yichi Chen
a97b993989 RRS: Apply the default config from persist prop am: 8b2c6f8187 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18401056

Change-Id: Ib8c99b725dba0f61071398c8310ed4cf3a29163b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 13:46:18 +00:00
Yichi Chen
94a704eb03 RRS: Apply the default config from persist prop am: 8b2c6f8187 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18401056

Change-Id: Ida18620e5ca13126a75f416074a15e72a3f6d2fd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 13:46:16 +00:00
Yichi Chen
8b2c6f8187 RRS: Apply the default config from persist prop 
vendor_config plays as another role to control the display config during
the boot time. To change the default configuration of the user selected
mode, we use persist config to store the value.

Bug: 232721840
Test: Boot w/ and w/o user selected configs and check the resolution
Change-Id: Ideed75f0a29368ff95916fb1fa87f21482c17613
 2022-05-24 13:06:41 +00:00
Badhri Jagan Sridharan
6122acd316 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 3cd3ddeefb am: d602aeb132 am: b4d4b11e26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: Ib5ad69830a0ef92652327eb0c5bb48675ec0e33d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 06:02:37 +00:00
Badhri Jagan Sridharan
9a743bfc34 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 08ccaeb6ab am: d046b4b1ed am: 5e9d3f0bf2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I52ba8336e3b1522074df40a015dafa1b3f27b083
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 05:59:03 +00:00
Badhri Jagan Sridharan
a5dd55d745 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 08ccaeb6ab am: e2e17adce5 am: 0d6ff6aea2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I8efbc1727220df753a6fb06dd4a9ea97cbced5c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 05:42:43 +00:00
Badhri Jagan Sridharan
b4d4b11e26 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 3cd3ddeefb am: d602aeb132 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I98adf7a233456275e709df6285c0bae7bec118bd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 04:53:51 +00:00
Badhri Jagan Sridharan
d602aeb132 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 3cd3ddeefb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I5626582f7b17fa0e54d0805fe37e013523f44a78
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 04:09:18 +00:00
Badhri Jagan Sridharan
5e9d3f0bf2 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 08ccaeb6ab am: d046b4b1ed 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: Iad505356ca07726f83193acbbb38c7d9ce4cb162
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 04:01:52 +00:00
Badhri Jagan Sridharan
0d6ff6aea2 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 08ccaeb6ab am: e2e17adce5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I83005d73376665295fe0e26911c6c05eea0b2c08
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 01:48:36 +00:00
Badhri Jagan Sridharan
d046b4b1ed Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 08ccaeb6ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I972549a0e46239f10cdf2ab99a0f777ba70257ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 01:25:20 +00:00
Badhri Jagan Sridharan
e2e17adce5 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a am: 08ccaeb6ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I47ec625754070e8c70beb9d90e4824b23c42610d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 01:24:30 +00:00
Badhri Jagan Sridharan
08ccaeb6ab Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I31d103ab14fb4cf3e2eafc14d88196a9309bcb72
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 01:01:25 +00:00
Badhri Jagan Sridharan
3cd3ddeefb Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: I1291a53be19b8e1e355aad50e0e4c84344a7443c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 00:56:03 +00:00
Badhri Jagan Sridharan
b401becb46 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: Iebf866721ef7f9529c848fa8ee201dfd0d021adb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 00:54:43 +00:00
Badhri Jagan Sridharan
91a1f49a8a Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable 
auditd  : type=1400 audit(0.0:4): avc: denied { search } for comm="HwBinder:879_1"
name="10d60000.hsi2c" dev="sysfs" ino=23606 scontext=u:r:hal_usb_gadget_impl:s0
tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0

Bug: 206635552
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Ibc4ec27ad7d1b7a26c9935aa0c4aff5f03a8d59c
 2022-05-23 23:59:44 +00:00
Android Build Coastguard Worker
4306144830 Snap for 8623956 from 9427f7fcc7 to udc-release 
Change-Id: I3c23f5a14aee58ab6a7666f9236cb5a3884b227b
 2022-05-21 05:08:06 +00:00
Dinesh Yadav
9427f7fcc7 Add SEPolicy for gxp_metrics_logger.so logging to stats service am: 6513479fe8 am: 9e2930ae12 am: a0cb296dc1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18482687

Change-Id: I7252a62faec659faf8d513b26a667e5f80aee79f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 17:51:35 +00:00
Dinesh Yadav
69671716f1 Add SEPolicy for gxp_metrics_logger.so logging to stats service am: 6513479fe8 am: 822e3afdd3 am: 7fdf368bdb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18482687

Change-Id: Ie3792b2d9b8cde8ece6273fd4da901faf0d90dad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 17:51:24 +00:00
Dinesh Yadav
a0cb296dc1 Add SEPolicy for gxp_metrics_logger.so logging to stats service am: 6513479fe8 am: 9e2930ae12 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18482687

Change-Id: I1593ff4a2e7d705e1b5e3f44c624a735f60f0231
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 17:48:08 +00:00
Dinesh Yadav
7fdf368bdb Add SEPolicy for gxp_metrics_logger.so logging to stats service am: 6513479fe8 am: 822e3afdd3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18482687

Change-Id: I55e34c0d69c29133ad0e6b9a1eda7430c009b12c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 17:47:53 +00:00
Dinesh Yadav
9e2930ae12 Add SEPolicy for gxp_metrics_logger.so logging to stats service am: 6513479fe8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18482687

Change-Id: I172bb36fa05aa7bff9baf2c864c134a6b942519e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 17:24:21 +00:00
Dinesh Yadav
822e3afdd3 Add SEPolicy for gxp_metrics_logger.so logging to stats service am: 6513479fe8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18482687

Change-Id: I300a7aeb35771c540f6f127e4e972b92dc42d4fe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 17:24:17 +00:00
Dinesh Yadav
6513479fe8 Add SEPolicy for gxp_metrics_logger.so logging to stats service 
In order to access the gxp metrics library from the google camera
app (product partition), we need to create an SELinux exception for
the related shared library (in vendor) it uses.
This CL adds the same_process_hal_file tag to allow this exception.

Bug: 177236353

Test: App can load the .so and creates a VLOG message after this change.
Before: No permission to access namespace.
After: GCA able to access the gxp_metrics_logger.so
Change-Id: I453b66b30eb51ebd22fda750d272cf35574301f6
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2022-05-20 17:05:23 +00:00
Android Build Coastguard Worker
9b5d56551f Snap for 8619398 from 21d977a985 to udc-release 
Change-Id: I54eafe6ab4db9b74b4650a85797670998098260a
 2022-05-20 03:03:31 +00:00
Jacqueline Wong
21d977a985 be able to dump coredump am: c169cd75ce am: 431dadf5fd am: 3ffe740922 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18485733

Change-Id: I2744ad50f9e9267b21d7e05927e7648258aeb8e9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 00:31:04 +00:00
Jacqueline Wong
e9af19d6bc be able to dump coredump am: c169cd75ce am: 8efadaab80 am: 6754335678 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18485733

Change-Id: Id429bbbf012d0642e982636e3e979d1394db02bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 00:30:29 +00:00
Jacqueline Wong
3ffe740922 be able to dump coredump am: c169cd75ce am: 431dadf5fd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18485733

Change-Id: I4d2e3d06f604effedf436b563bb6b9db400094b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 00:01:23 +00:00
Jacqueline Wong
6754335678 be able to dump coredump am: c169cd75ce am: 8efadaab80 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18485733

Change-Id: Iccc3b4abadaf6bcc4ef0d89ab99590e0a403523f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 00:01:13 +00:00
Jacqueline Wong
431dadf5fd be able to dump coredump am: c169cd75ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18485733

Change-Id: Ia515d657c4a626f0722cc4cfa991e06e2bfe5fd1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 23:31:57 +00:00
Jacqueline Wong
8efadaab80 be able to dump coredump am: c169cd75ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18485733

Change-Id: Iea9f96f30173d183b8ef962919b53e91674cf036
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 23:31:39 +00:00
Jacqueline Wong
4364d96ac8 be able to dump coredump 
Bug: 218358165
Test: adb root; adb remount -R; adb bugreport
Signed-off-by: Jacqueline Wong <jacqwong@google.com>
Change-Id: I42c2db7902064e1508676ad93def2e0e4f5c2b28
 2022-05-19 17:20:56 +00:00
Dinesh Yadav
497c10781a Add SEPolicy settings for android logging/tracing service for GXP am: e40cd2ac42 am: d668e27252 am: 200fc56ffd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18155927

Change-Id: Iab88719e03094552ca67c8394a0de12c01156b6c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 09:00:08 +00:00
Nishok Kumar S
17612a2bb8 Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a am: e828f4b81f am: cca61f2d4d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: Ice26a053adbb03561fcef165b160401c0e9b6ef1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:53:37 +00:00
Dinesh Yadav
0beacc6feb Add SEPolicy settings for android logging/tracing service for GXP am: e40cd2ac42 am: f66e6cedf3 am: 37f2542e8e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18155927

Change-Id: Idd6aec2f8071137056871758303e7b10fddb37e7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:53:26 +00:00
Nishok Kumar S
58da081fa7 Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a am: 0cd372af58 am: 016359a231 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: I5bbdf302e9aa8dcda084703feefe0eff80affb1f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:53:17 +00:00
Dinesh Yadav
200fc56ffd Add SEPolicy settings for android logging/tracing service for GXP am: e40cd2ac42 am: d668e27252 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18155927

Change-Id: I7eaefd90bf92bcff7aa09d86031769e9cb4ca712
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:36:33 +00:00
Nishok Kumar S
cca61f2d4d Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a am: e828f4b81f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: Id8f646f50b3e094dea7123f54c90dcadb075b36e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:36:09 +00:00
Dinesh Yadav
37f2542e8e Add SEPolicy settings for android logging/tracing service for GXP am: e40cd2ac42 am: f66e6cedf3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18155927

Change-Id: I210bf7e0480a9ffd63cd5ab9b7781a73c3ebe5b6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:35:27 +00:00
Nishok Kumar S
016359a231 Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a am: 0cd372af58 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: I2556052d5fde1cde80667b214472e77fb770bdc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:35:19 +00:00
Dinesh Yadav
f66e6cedf3 Add SEPolicy settings for android logging/tracing service for GXP am: e40cd2ac42 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18155927

Change-Id: I28abf12f78287639b1314dfbdfabe09405bbb0f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 07:58:30 +00:00
Nishok Kumar S
0cd372af58 Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: I0beaa21082bb2ed8faf68710846025470b1cbe9b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 07:58:00 +00:00
Dinesh Yadav
d668e27252 Add SEPolicy settings for android logging/tracing service for GXP am: e40cd2ac42 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18155927

Change-Id: I05d7ceee3b7e7c08098e9ea62531b60928a7d711
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 07:57:36 +00:00
Nishok Kumar S
e828f4b81f Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: Idaf0347c250257220eccdd80d923c322fba0e85c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 07:57:02 +00:00
Jacqueline Wong
c169cd75ce be able to dump coredump 
Bug: 218358165
Test: adb root; adb remount -R; adb bugreport
Signed-off-by: Jacqueline Wong <jacqwong@google.com>
Change-Id: I42c2db7902064e1508676ad93def2e0e4f5c2b28
 2022-05-19 05:37:50 +00:00
Dinesh Yadav
e40cd2ac42 Add SEPolicy settings for android logging/tracing service for GXP 
This change also adds support for SEPolicy to access perfetto which was
missing in ag/17818623.

Bug: 217289052

Change-Id: Ic5599d0be783b65102b3b0ffef27e66f1f6904da
 2022-05-19 03:31:32 +00:00
Android Build Coastguard Worker
23abaa032e Snap for 8606881 from d524cd7a8e to udc-release 
Change-Id: I017d16879a47f70a4d3833d40ce77abde558c492
 2022-05-18 03:01:39 +00:00
George Lee
d524cd7a8e dumpstate: Add BCL mitigation info to user build am: b6971e353f am: 654a7cdf85 am: 21dd5b9cec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: Ifc69384eb83074eaf2060bfb11554793c6e20141
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 02:45:33 +00:00
George Lee
2230fc3035 dumpstate: Add BCL mitigation info to user build am: b6971e353f am: a0126d5b0f am: 0d19d65aee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: Ifa0eacde398761b6034660c300177cb4b9a8471d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 02:45:09 +00:00
Nishok Kumar S
43e827c01a Add label for GCA fishfood app built with debug keys - label as 
debug_camera_app.

Test: Build GCA-Next manually and install on device. Test with selinux
on.
Bug: 230773733

Change-Id: Ifc2fd29a74bf66444501327feac391ddf812c867
 2022-05-17 02:42:05 +00:00
George Lee
21dd5b9cec dumpstate: Add BCL mitigation info to user build am: b6971e353f am: 654a7cdf85 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: I656f05b7f6b4aae4cba8a1e1ba610b9556cfed2f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 02:17:42 +00:00
George Lee
0d19d65aee dumpstate: Add BCL mitigation info to user build am: b6971e353f am: a0126d5b0f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: I40fdc1c7ffd1638b87489969e705b3f11f1233fd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 02:17:27 +00:00
George Lee
a0126d5b0f dumpstate: Add BCL mitigation info to user build am: b6971e353f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: Id0d1772cc33c495b6ad525946b40f02a768ddc86
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 01:38:06 +00:00
George Lee
654a7cdf85 dumpstate: Add BCL mitigation info to user build am: b6971e353f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: Ice2833b22caf809ce7139b90b223a6ebf4bee756
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 01:38:02 +00:00
George Lee
b6971e353f dumpstate: Add BCL mitigation info to user build 
Bug: 232793927
Test: Confirm user build bugreport has mitigation info
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I9945a0f005bee6e25580c122df4c8932607fa51a
 2022-05-17 00:42:57 +00:00
Android Build Coastguard Worker
45caf62c38 Snap for 8591930 from af5ca62844 to udc-release 
Change-Id: I79842b81cc07ce8f76060523344767c515285b34
 2022-05-14 05:08:40 +00:00
Austin Wang
af5ca62844 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 46d2740350 am: f2336f95c4 am: 1ff3f98444 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I37fc55ff48e2e9aba7ae40e0b89b13f726cdc8f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 23:59:22 +00:00
Austin Wang
b2e728b3d2 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 am: eb52e384fc am: 45e1a1111c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I58fa69eb2d4a1eacfadc8096bcbfffe4acf59158
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 23:48:07 +00:00
Automerger Merge Worker
bd74848627 Merge "Allow mediacodec to access vendor_data_file am: 95845654bf am: 65993e19e8" into tm-d1-dev-plus-aosp am: 032ce42cd3 am: 8b8d1c2c99 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I7be28383c28ce7cb8d584f4a69c58c82b1f37fa5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 23:27:01 +00:00
Austin Wang
d94b8efbaf Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 am: 84ae81f114 am: bf00994e42 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I5640a44a57f425b5e6219f38f7b2ebd6c4b3af4e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 23:03:05 +00:00
Jerry Huang
d54ff414e0 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 am: b9d25e06d8 am: a1b11f5923 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I607b7f64a01d080d0ca37b6755bad7fc5f54ead7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 22:41:14 +00:00
Jerry Huang
3aee1552e3 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 am: 29d8fcfa03 am: c9ee2df4d2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I37700ca9ad8d5b58bee1a6b7017a179379e39822
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 19:10:31 +00:00
Nishok Kumar S
a2df60c650 Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 am: ebb393aac0 am: cae3a0b2a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: I62904cdc8fa7092f10c1945e45167d06f8f327c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 16:21:45 +00:00
Nishok Kumar S
0f45121ab7 Label GCA-Eng app am: 4a6cfb5a9c am: f021ddaf55 am: 00ce8ef6c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I165b4f7d003fb3ec99f569b6c4105013793b0444
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 16:21:44 +00:00
Nishok Kumar S
18eb1d466e Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 am: b4db422486 am: dd9262e2ca 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: I780108a56e43a5e81e12739c7e5c09265156ec90
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 14:30:56 +00:00
Nishok Kumar S
e6b4f216de Label GCA-Eng app am: 4a6cfb5a9c am: a96da52aca am: 52f975bec0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I51a33ed10f3997b5f8c2515947a0377668c1f923
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 14:30:55 +00:00
Austin Wang
1ff3f98444 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 46d2740350 am: f2336f95c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: Ibf27c6e00a355bfa3eed50b0b968685717d9b05d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 11:07:54 +00:00
Austin Wang
45e1a1111c Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 am: eb52e384fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I6e5583b12edecbf9b60503cd8e5f0d669ed4f17b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 11:07:41 +00:00
Automerger Merge Worker
8b8d1c2c99 Merge "Allow mediacodec to access vendor_data_file am: 95845654bf am: 65993e19e8" into tm-d1-dev-plus-aosp am: 032ce42cd3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I2c2e39227d27754d7fd6813ada3f12842f9e4c6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:55:53 +00:00
Austin Wang
bf00994e42 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 am: 84ae81f114 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I8bc0600b651e2a8d511f84ccd6a4cf1a376fd5f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:51:07 +00:00
Jerry Huang
a1b11f5923 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 am: b9d25e06d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I54099be73c1a1f09df00edf8da3e6720e434e5b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:51:03 +00:00
Jerry Huang
c9ee2df4d2 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 am: 29d8fcfa03 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I6422be602be4eef77ccfda29268cd681672b0c09
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:50:46 +00:00
Austin Wang
591c086349 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 9ff2dc972a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: Ia4230c417087921de03a2239b5ff33408efd3283
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:46:47 +00:00
Jerry Huang
41fcd92bf1 Allow mediacodec to access vendor_data_file am: 95845654bf am: 33065ab679 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: Ied63122e6f9fa8de86a95aae8eeeb25fbd52f9d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:46:39 +00:00
Austin Wang
f2336f95c4 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 46d2740350 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: Ic2fed4e290d198298ad28a7a74112df4b73e1c89
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:40:14 +00:00
Austin Wang
eb52e384fc Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I950f1f224cd77942d3718d040f3dce41dfc157b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:59 +00:00
Austin Wang
84ae81f114 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I228618e35faf413867c6d4f6c6b1222ce8185aa1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:55 +00:00
Automerger Merge Worker
032ce42cd3 Merge "Allow mediacodec to access vendor_data_file am: 95845654bf am: 65993e19e8" into tm-d1-dev-plus-aosp 2022-05-13 10:39:55 +00:00
Jerry Huang
b9d25e06d8 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: Id370dfbcc5081e085db3844edd7893ab1aa8b031
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:52 +00:00
Jerry Huang
d217f9119f Allow mediacodec to access vendor_data_file am: 95845654bf am: 65993e19e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I783c7a21ff21f490367777f05db80ea23fe4228a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:51 +00:00
Jerry Huang
29d8fcfa03 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I0b8c09ea5d2396af808728f468482c05bf2e3ffa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:49 +00:00
Nishok Kumar S
cae3a0b2a2 Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 am: ebb393aac0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: Iee7200e1ce9aaee50bd362cfe3e7470df063e3ca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:38:14 +00:00
Nishok Kumar S
00ce8ef6c0 Label GCA-Eng app am: 4a6cfb5a9c am: f021ddaf55 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I35a10ea14256cb4a2bf0fd66258f913430a99674
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:38:13 +00:00
Nishok Kumar S
dd9262e2ca Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 am: b4db422486 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: I9d563cbffa56704441ba57c0b8926f13cc86a79e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:37:56 +00:00
Nishok Kumar S
52f975bec0 Label GCA-Eng app am: 4a6cfb5a9c am: a96da52aca 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I636721df2d3b17c04d7ebcdb84178a3c6f1ebc00
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:37:55 +00:00
Austin Wang
53a167fcf0 Add P22 reverse wireless charging selinux policy am: e5f8377849 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I92b12dd3c05b50244e3c67667ba2296fcf62fd1a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:49:54 +00:00
Jerry Huang
dafeb57668 Allow mediacodec to access vendor_data_file am: 95845654bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I4fd8e3a631a441dfedf06300f5f619706f7b75c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:49:28 +00:00
Austin Wang
46d2740350 Add P22 reverse wireless charging selinux policy am: e5f8377849 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: Ic38aa173a3363c726149086343ea53903e04c235
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:48:22 +00:00
Jerry Huang
65993e19e8 Allow mediacodec to access vendor_data_file am: 95845654bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: Ieb6ddf76f46e735e1a89c85c7221863bbe61bef9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:47:44 +00:00
Austin Wang
9ff2dc972a Add P22 reverse wireless charging selinux policy am: e5f8377849 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I2ca2dca14d150aa5cdd05ab077001781723521d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:47:31 +00:00
Jerry Huang
33065ab679 Allow mediacodec to access vendor_data_file am: 95845654bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I55afdf2c20cc151b40c3346512b48e10c31cc1d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:47:16 +00:00
Nishok Kumar S
b4db422486 Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: Ifd964c84766eb6cbeccf47816c6633bdb0f28d36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:45 +00:00
Nishok Kumar S
a96da52aca Label GCA-Eng app am: 4a6cfb5a9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I539f9e1904b074f5fbf22ef52874ba0da5e6e082
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:44 +00:00
Nishok Kumar S
ebb393aac0 Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: I72867e1f8262f1868e231ef5bbd43fc154853360
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:37 +00:00
Nishok Kumar S
f021ddaf55 Label GCA-Eng app am: 4a6cfb5a9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I22f1a5efcc4263ae03165effa7f69e0f09f196a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:36 +00:00
Austin Wang
e5f8377849 Add P22 reverse wireless charging selinux policy 
Allow Settings to call hal_wlc

Error:

05-13 09:28:20.508  1000  7293  7293 W ndroid.settings: type=1400 audit(0.0:29): avc: denied { call } for scontext=u:r:system_app:s0 tcontext=u:r:hal_wlc:s0 tclass=binder permissive=0

Bug: 231420451
Test: Enable battery share from settings and charge another device.
Change-Id: Ic761bee47ea41f6db8b1838fb3fc2a9f7ef7bb5c
 2022-05-13 09:28:03 +00:00
Jerry Huang
95845654bf Allow mediacodec to access vendor_data_file 
For dumping output buffer of HDR to SDR fliter.

This patch fixes the following denial:

05-10 21:42:49.427   890   890 W HwBinder:890_4: type=1400 audit(0.0:2944): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:42:49.499   890   890 W HwBinder:890_4: type=1400 audit(0.0:2946): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

05-10 21:46:27.735   885   885 W google.hardware: type=1400 audit(0.0:3198): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:46:27.795   885   885 W google.hardware: type=1400 audit(0.0:3200): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

Bug: 229360116
Test: atest android.media.decoder.cts.DecoderTest
Change-Id: I11403b20e8608f50907db561b8232b1b64bea298
 2022-05-13 09:24:38 +00:00
Nishok Kumar S
145f7b5b93 Use google_camera_app label for GCA-Next fishfood app. 
Bug: 230773733
Test: Build selinux and test with GCA-Next on device.
Change-Id: I757e7de2293e25bd027262a5fbf4ece2a44f10d1
 2022-05-13 05:31:34 +00:00
Nishok Kumar S
4a6cfb5a9c Label GCA-Eng app 
- Add policies for GCA-Eng to access GXP device.
 - Allow GCA-Eng to access edgetpu service.

Test: Build selinux and test GCA-Eng on device with
      adb shell setprop camera.artemis_dsp TRUE

Bug: 230773733
Change-Id: I8d04f6e1aef0899b3862ddbb80174cd086156d92
 2022-05-13 05:18:09 +00:00
Android Build Coastguard Worker
44728ebef5 Snap for 8573834 from 26b2d2e33e to udc-release 
Change-Id: Ie2e5ded16269b673e5da5ffa80a965e6a401ff68
 2022-05-12 03:01:40 +00:00
Krzysztof Kosiński
26b2d2e33e Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Bug: 205780065
Bug: 218585004
Test: build & camera check
Change-Id: Ie0338f0d2a6fd0c589777a82c22a014e462bd5c2
 2022-05-10 05:36:53 +00:00
Android Build Coastguard Worker
fa59c11e5b Snap for 8555136 from 417f7069c4 to udc-release 
Change-Id: I551e531e283d7117a6d4cc4b66d4fcb2623657c8
 2022-05-07 05:09:04 +00:00
Asad Abbas Ali
417f7069c4 Allow chre to communicate with fwk_stats_service. am: 7f89d68af2 am: 300c77c7ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18184949

Change-Id: I77f7121aba052409891cf9635f829cd9c66705e1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-06 18:43:02 +00:00
Asad Abbas Ali
300c77c7ad Allow chre to communicate with fwk_stats_service. am: 7f89d68af2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18184949

Change-Id: Ia9cd87ac7d913dea52176a4d894fd043c98f55ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-06 16:30:32 +00:00
Asad Abbas Ali
7f89d68af2 Allow chre to communicate with fwk_stats_service. 
Bug: 230788686
Test: Logged atoms using CHRE + log atom extension.
Change-Id: I45a207996a28bbe61bbfd4288eaf28e2257cdf52
 2022-05-06 16:15:06 +00:00
George Chang
eb1d4ec87c Update nfc from hidl to aidl service 
Bug: 216290344
Test: atest NfcNciInstrumentationTests
Test: atest VtsAidlHalNfcTargetTest
Change-Id: If1f57af334033f9bd7174c052767715c9916700f
 2022-05-06 08:50:35 +00:00
eddielan
4a8b5a4e01 sepolicy: Add SW35 HIDL factory service into sepolicy am: aeb9bd0406 am: 975157ae00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188088

Change-Id: I21ebf2a1fa936efaf92a1ef22e5518007734b0d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-06 07:09:51 +00:00
eddielan
975157ae00 sepolicy: Add SW35 HIDL factory service into sepolicy am: aeb9bd0406 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188088

Change-Id: Idce850a2c0c0b7a79257cad6dd7eaadcca9dcfb6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-06 06:47:22 +00:00
eddielan
aeb9bd0406 sepolicy: Add SW35 HIDL factory service into sepolicy 
Bug: 231549391
Test: Build Pass
Change-Id: If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704
 2022-05-06 12:22:59 +08:00
Android Build Coastguard Worker
55174aa398 Snap for 8548440 from 22214473d8 to udc-release 
Change-Id: I81ffb9b58989d65de63fd52ee84370f96d4a3836
 2022-05-06 03:02:17 +00:00
Kris Chen
22214473d8 Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 am: 2f711e875f am: ab4d1f19cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I817e2983da5eeb4eac8e2d349d3e36ada0cd6f21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 04:35:19 +00:00
Kris Chen
ce72c2890c Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 am: c789f02906 am: ae663f1618 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I97bfe9b1d3dd7998fc1fd63ada9f78aa36a3f9c6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 04:34:42 +00:00
Kris Chen
ab4d1f19cc Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 am: 2f711e875f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I37c2d3103f3fb2c5290381c244ad552731e51924
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 03:25:03 +00:00
Kris Chen
ae663f1618 Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 am: c789f02906 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I17e19556c41528d6f1eb2ed096cf5c34ed41aa5a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 03:24:46 +00:00
Android Build Coastguard Worker
6c2339dcbe Snap for 8543047 from 7e6ad9c3d3 to udc-release 
Change-Id: Ie37437eacd619edf4e18c5474897b87275fda2e6
 2022-05-05 03:02:16 +00:00
Kris Chen
2f711e875f Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I43f89e4465035e5f5aa2797007d419ae1d2040c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 02:35:13 +00:00
Kris Chen
c789f02906 Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I674cb3dd987a1d94c8412d028f880bdac04c00ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 02:35:10 +00:00
Kris Chen
3162407210 Allow hal_fingerprint_default to access hal_pixel_display_service 
Fix the following avc denial:
avc: denied { find } for pid=1158 uid=1000 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=0
avc: denied { call } for scontext=u:r:hal_fingerprint_default:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder permissive=0

Bug: 229716695
Bug: 224573604
Test: build and test fingerprint on device
Change-Id: I104af7f50715090fe0c2aa6845848bf77ab3e3ae
 2022-05-05 02:03:43 +00:00
Android Build Coastguard Worker
982204074b Snap for 8534862 from b5d2b601bb to udc-release 
Change-Id: I5f775b9881de971f5aece94a998b5f3b207bee55
 2022-05-04 03:01:51 +00:00
Jenny Ho
7e6ad9c3d3 sepolicy: allow access debugfs charger register dump am: 5e426a95d0 am: f9e379b88a am: e1578b6a4d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: I9c7464b36192f0e772a0f5f1a97c66e828969cfc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-04 00:52:55 +00:00
Labib
f631ddd9e0 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 177a3796e8 am: 77af035a89 am: 709dfed23a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Id4d8cb6c1439ad29af2f4151dbf12867d6aeefe9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-04 00:51:14 +00:00
Jenny Ho
e1578b6a4d sepolicy: allow access debugfs charger register dump am: 5e426a95d0 am: f9e379b88a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: Ifea2b1ad0d2cb9eb86216a271c49bd9b03909cce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 17:51:32 +00:00
Labib
709dfed23a Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 177a3796e8 am: 77af035a89 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I459e4e2cc235010bca74581b4a01769f77d83609
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 17:51:22 +00:00
Jenny Ho
b5d2b601bb sepolicy: allow access debugfs charger register dump am: 5e426a95d0 am: ff33c561a8 am: c26bb54bb0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: Ic874dc00411a152cb84a5c66742743dffd467ccc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 08:45:49 +00:00
Jenny Ho
c26bb54bb0 sepolicy: allow access debugfs charger register dump am: 5e426a95d0 am: ff33c561a8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: Ia0cec31297a8b396eb79f349998cb9d33a6c1e98
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 07:40:47 +00:00
Jenny Ho
ff33c561a8 sepolicy: allow access debugfs charger register dump am: 5e426a95d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: Ie517da7264b8a3fdc7652f80f07c7a0584718cdc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 07:17:46 +00:00
Jenny Ho
f9e379b88a sepolicy: allow access debugfs charger register dump am: 5e426a95d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: Ib90d53f60f7e30ae600602e4b08038ffd978c65e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 07:17:36 +00:00
Jenny Ho
5e426a95d0 sepolicy: allow access debugfs charger register dump 
Bug: 230360103
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ieedff4d6475706d4d932913e6d647ca401e56966
 2022-05-03 06:54:05 +00:00
Labib
bae8e552d9 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 177a3796e8 am: 22388f50f5 am: 7098b220d5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I41ff2e55982067267affad1343345c174df0b8e8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 06:26:28 +00:00
Labib
b5a6827104 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 7f89bf6be8 am: 9a185b7f49 am: 7795860591 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Id7ec7c1340b052c50dccd6010b9bb60bd8fcc441
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 06:26:01 +00:00
Labib
7098b220d5 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 177a3796e8 am: 22388f50f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I99066d6e0950cf332b2af47c55cfd85841376bc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:59:45 +00:00
Labib
7795860591 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 7f89bf6be8 am: 9a185b7f49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I413961c420656703bc641daa649bf91448dd784c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:59:21 +00:00
Labib
22388f50f5 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 177a3796e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Iae1bb5c50d3c31c55620b5d1460260142404e1ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:42:07 +00:00
Labib
77af035a89 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 177a3796e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I0b83f116a5333924ae661ca3ccad0b08e101da39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:42:05 +00:00
Labib
9a185b7f49 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 7f89bf6be8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I6033a5d87e2849d39198ba58b9889c9f07fa4895
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:30:50 +00:00
Labib
ea9c058272 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: b68668828d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I1a3b4c1c894a547a2a4f4e34270124476f3b2568
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:30:34 +00:00
Labib
177a3796e8 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Iec721cea68d7eae8715537b887911c0f848e1e6d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:07:36 +00:00
Labib
7f89bf6be8 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Ia21d71094878ef44659873ecb813e7c4dffafb8b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:05:01 +00:00
Labib
b68668828d Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I73645004ec900b9ca8626276859ff06341271617
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:05:00 +00:00
Android Build Coastguard Worker
c488b164fb Snap for 8520545 from 8635176437 to udc-release 
Change-Id: Id994dccec566ea2598331945e694ec1eaceb95fe
 2022-04-30 05:07:22 +00:00
George Chang
8635176437 Revert "Update nfc from hidl to aidl service" 
This reverts commit 0d31f7bcd7.

Reason for revert: Broken tests
Bug: 230834308
Change-Id: If695e38eb11b65018768f15aeb4346ba818b058a
 2022-04-29 15:38:26 +00:00
George Chang
0d31f7bcd7 Update nfc from hidl to aidl service 
Bug: 216290344
Test: atest NfcNciInstrumentationTests
Test: atest VtsAidlHalNfcTargetTest
Change-Id: I90b8499b05e0226298ee8f04d84f55390299e8c8
 2022-04-29 06:57:41 +00:00
Wei Wang
fa2ace11d4 allow udfps hal to access trusty am: d85f93ec30 am: cb5e132eab am: 9edfe0c428 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: I331908f8e095495616d707147c02e3a306cf942b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-29 04:18:14 +00:00
Wei Wang
5a5e63d08b allow udfps hal to access trusty am: d85f93ec30 am: 8b0b46b1c3 am: f1981415e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: Ifd62f6632df93d79e92d28a19690f5028c73cc59
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-29 04:01:21 +00:00
Labib
4c8dbb65b8 Give RadioExt permission to write to sysfs node 
Bug: 212601547
Test: Manual
Change-Id: I8c7341833aeacebfedba6e8e05d2696012043d32
 2022-04-28 16:58:34 +08:00
Android Build Coastguard Worker
18e63db05d Snap for 8508902 from b3408244d8 to udc-release 
Change-Id: If438f1d878aaf342746b77216b1614a2e2040c1a
 2022-04-28 03:03:23 +00:00
Wei Wang
9edfe0c428 allow udfps hal to access trusty am: d85f93ec30 am: cb5e132eab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: Iadb9038b0138fcef7b5da697c76ff7f8f21f2cde
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-28 02:08:54 +00:00
Wei Wang
f1981415e4 allow udfps hal to access trusty am: d85f93ec30 am: 8b0b46b1c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: I3d5edc8f30e594cda57d69582969ae57675893b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-28 02:08:38 +00:00
Wei Wang
cb5e132eab allow udfps hal to access trusty am: d85f93ec30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: I5256e98ef31df5201f1e824cf1e2d276411bc7d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-28 01:17:17 +00:00
Wei Wang
8b0b46b1c3 allow udfps hal to access trusty am: d85f93ec30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: Ic4125cc7f4b34be8562db31019be2ee8d7e27b14
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-28 01:15:51 +00:00
Wei Wang
d85f93ec30 allow udfps hal to access trusty 
Bug: 229350721
Bug: 230492593
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ib1abe0e0318689528a6658f3597f1c11ad9fa1c3
 2022-04-27 13:20:02 -07:00
Android Build Coastguard Worker
524dcfa993 Snap for 8503769 from ab5cc9b736 to udc-release 
Change-Id: I621bcbe08efbd766a21697fc0efa11244492591f
 2022-04-27 03:02:45 +00:00
Stephane Lee
b3408244d8 Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e am: 3237df5318 am: ff30e014ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: I211cfd3b9144be4150951e4eb09399592ac8efbb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:37:12 +00:00
Stephane Lee
9d5e89b28e Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 am: 28bb996e11 am: 7a04c33bb0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: I5140f599172d7637a93fb25fcdfdeae89bc24da5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:37:10 +00:00
Stephane Lee
7a62941f36 Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e am: df77f4ec83 am: bd30d9e7f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: I9e510554eae6ceeb0189d390384dae21a46bf4af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:36:48 +00:00
Stephane Lee
23949fdbde Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 am: fcca6c922c am: 26842a33ec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: I485c2620c7b0ed390da0055f95db7ec1af19d7a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:36:47 +00:00
Stephane Lee
ff30e014ce Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e am: 3237df5318 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: Ia70d861bddc2c3eba22876d6347f475e0cf26400
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:20:15 +00:00
Stephane Lee
7a04c33bb0 Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 am: 28bb996e11 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: I81b79fc90049d06f3e65cbaa17bddfed85c06e96
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:20:13 +00:00
Stephane Lee
bd30d9e7f2 Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e am: df77f4ec83 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: I84feb2e6517758043ba8ede99534b2333a1a0462
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:16:43 +00:00
Stephane Lee
26842a33ec Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 am: fcca6c922c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: I1f1200c7fd4f0c87e24b9cbedc33bf3c07dbe93d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:16:42 +00:00
Stephane Lee
3237df5318 Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: I58f62d4a9949a0c518b1f1b5f79889eda7fbcaf2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 01:27:33 +00:00
Stephane Lee
df77f4ec83 Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: I16442188d825d07fcadd54178ab72eea8d0f3050
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 01:27:32 +00:00
Stephane Lee
28bb996e11 Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: Iddd9e9e9500f5ac43d06f460b08632d9a66bd85e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 01:27:32 +00:00
Stephane Lee
fcca6c922c Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: If40508c787ceb286956d1654cc78506e68a8543f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 01:27:31 +00:00
Stephane Lee
85e5caf85e Fix permissions for ODPM permanently by adding all buses 
You don't need wildcards on genfs, just need the base path

Bug: 229895015
Test: Ensure the device boots, verify permissions with ls -AlZ
Change-Id: Ib59693f0404db4e28b9959fcdf1cc4d483c5d1b1
 2022-04-27 01:06:36 +00:00
Stephane Lee
a492311ba4 Allow hal_thermal_default to read iio/odpm sysfs nodes 
Bug: 230031671
Test: There are no errors for iio or odpm nodes
Change-Id: Ifb204fa7b535c001838c7008b30b6e41744a01d1
 2022-04-26 21:24:30 +00:00
Wei Wang
ab5cc9b736 Grant trusty to power hal am: 90f4106b80 am: 0c542ab35f am: a9ab4448db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: I9de323271d0d19b59430d979fc145936b15eb17c
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 18:01:32 +00:00
Wei Wang
8307f850e0 Grant trusty to power hal am: 90f4106b80 am: 6c85eeac05 am: ae95ea381c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: Ia44c194133e280d40fa6964e933e9b43cb551423
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 18:00:44 +00:00
Wei Wang
a9ab4448db Grant trusty to power hal am: 90f4106b80 am: 0c542ab35f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: Ic257a044067e7423f24ddff1b426e7ec2ffba7f1
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 17:37:34 +00:00
Wei Wang
ae95ea381c Grant trusty to power hal am: 90f4106b80 am: 6c85eeac05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: I0191d1ddbb508ca9cf654680d4a753355ca44041
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 17:37:19 +00:00
Wei Wang
0c542ab35f Grant trusty to power hal am: 90f4106b80 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: If11ffc0910580c59f4920b1354e6de27945feb30
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 17:09:52 +00:00
Wei Wang
6c85eeac05 Grant trusty to power hal am: 90f4106b80 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: Id5c126d9111917573c01778a8b42374ee0a1a3d6
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 17:09:49 +00:00
Wei Wang
90f4106b80 Grant trusty to power hal 
Bug: 229350721
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ia88d6cff1d21940e22ae5122dbfcf52de27ad700
 2022-04-23 21:53:44 -07:00
Android Build Coastguard Worker
67b342c9b9 Snap for 8492301 from b47cfb40d4 to udc-release 
Change-Id: I454ea153f14012f71f8058e7706743f458d7a26e
 2022-04-23 05:11:39 +00:00
Android Build Coastguard Worker
57f98a8838 Snap for 8485840 from b2fdd091d4 to udc-release 
Change-Id: Ib33387d8eed85a82ab579d143e3caab8b06e6f5e
 2022-04-22 03:03:11 +00:00
Quang Luong
b47cfb40d4 Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de am: 83129ea904 am: c99bd85fcc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: I52851fdfec3c32b32817bb4925ac07db7c61161f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 02:44:33 +00:00
Quang Luong
05eccb0e94 Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de am: b051bf9b90 am: 884035435d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: I439da534dfefe9c9906f6d2dbfd4c0e0255c61db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 02:44:13 +00:00
Quang Luong
c99bd85fcc Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de am: 83129ea904 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: I2152d34279809f01eafdfaba968a1833c5b89e1b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 02:25:32 +00:00
Quang Luong
884035435d Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de am: b051bf9b90 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: If2a11b503357a69524939ae498659a07f6e259d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 02:16:30 +00:00
Quang Luong
83129ea904 Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: I7b0404c8d99cbc40e8f1fc5cb1dc94987fd2187c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 01:47:15 +00:00
Quang Luong
b051bf9b90 Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: I1bff8899abf63e9e6fa09b5f0185d941a6cf14f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 01:38:24 +00:00
Quang Luong
a36285b0de Revert "Add SEPolicy settings for android logging/tracing servic..." 
Revert submission 17817048-gxp-firmware-log-trace-metrics-service

Reason for revert: breaks CTS tests: b/230031232
Reverted Changes:
I3c9574dca:Add SEPolicy settings for android logging/tracing ...
I6bced8246:Add Firmware Log/Trace service to GXP project outp...
Icfc0ca30f:Add gxp_logging_service as an android service

Change-Id: I4ae6a63b6e2b58a094f45771de87fc3799f99e67
 2022-04-22 00:11:02 +00:00
George Chang
b2fdd091d4 Remove st33spi tracking_denial am: 3135c26574 am: 185edac3af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800454

Change-Id: I712f43000a90d607ee4822bc1875ebd169483169
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 09:40:00 +00:00
Chung-Kai (Michael) Mei
c84a8ec794 Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 am: 26b3d89302 am: 8a97f0800b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: Idae49a922c13d8dfd7bf224d7e55860ca093280a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 09:39:45 +00:00
George Chang
185edac3af Remove st33spi tracking_denial am: 3135c26574 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800454

Change-Id: Iad2d695af30aea9710b749b10829f2098f21eab4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 09:16:44 +00:00
Chung-Kai (Michael) Mei
8a97f0800b Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 am: 26b3d89302 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: Ib07d06befea9c844abb6f772516502dc03ada9c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 09:16:33 +00:00
Chung-Kai (Michael) Mei
263a0fbc7d Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 am: 30daffff0f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: Ie01963871c54ed681f56929ff3dc1e0fff439db5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 09:16:04 +00:00
George Chang
3135c26574 Remove st33spi tracking_denial 
Fixed by remove property access from st33spi hal
aosp/2064213

Bug: 229167195
Test: PtsSELinuxTestCases
Change-Id: Icee8bea36ad68e60a32cfa8c35a2ab9ff6ee515a
 2022-04-21 08:27:28 +00:00
Chung-Kai (Michael) Mei
26b3d89302 Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: I5b4670792368963bd1fe1b6015523bd9dd0f00d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 08:02:41 +00:00
Chung-Kai (Michael) Mei
30daffff0f Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: Ie483649d244b63fe8b80e2f6cbd019485a53e67a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 08:01:44 +00:00
chungkai
379418ca9b genfs_contexts: fix path for i2c peripheral device am: 4db0feed32 am: 75b598a98b am: ffcdab4e35 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17866185

Change-Id: Ia7b2453d8ba2a4dba419ba107811ba8298102486
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 07:31:47 +00:00
Stephane Lee
7a34060f7c Fix boot issues with hal_thermal_default am: 9fdfcb53b5 am: adc37c2bdf am: f086788c1c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17877853

Change-Id: I04dbaa1ba046405d2af9356575a408744b25eec7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 07:31:12 +00:00
Chung-Kai (Michael) Mei
ac45672cc5 Revert "genfs_contexts: fix path for i2c peripheral device" 
This reverts commit 4db0feed32.

Reason for revert: related patch is merged, so it's duplicated

Fix: 229940065
Change-Id: I898dd52f4857983323fec9f72e797bd2f759f724
 2022-04-21 07:28:09 +00:00
chungkai
ffcdab4e35 genfs_contexts: fix path for i2c peripheral device am: 4db0feed32 am: 75b598a98b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17866185

Change-Id: I457d0e1bb841d8c6fd85fc54af2819482d3bd0cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 07:07:08 +00:00
Stephane Lee
f086788c1c Fix boot issues with hal_thermal_default am: 9fdfcb53b5 am: adc37c2bdf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17877853

Change-Id: Ic181282b583336b1bbb889fdaaba53cad1820afe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 07:06:53 +00:00
chungkai
671bbb1107 genfs_contexts: fix path for i2c peripheral device am: 4db0feed32 am: e9b8bcee10 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17866185

Change-Id: Id01cb27905686589b839a59d0d80fe6838cfc6d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 07:06:31 +00:00
Stephane Lee
fa50c902b1 Fix boot issues with hal_thermal_default am: 9fdfcb53b5 am: 1b99d23ddd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17877853

Change-Id: Ibcdb13986b535c1d839838222c41bd438883d8c4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 07:06:24 +00:00
Dinesh Yadav
e03d243a4f Add SEPolicy settings for android logging/tracing service for GXP am: 5f4f4de205 am: e5a286a8ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17818623

Change-Id: Ic27ba76e3fa0bff100b35848a3fc346526e1eced
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:58:42 +00:00
chungkai
75b598a98b genfs_contexts: fix path for i2c peripheral device am: 4db0feed32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17866185

Change-Id: Ie6c3f511a21fa3c50af2c8a138ca81c601eb26ca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:49:05 +00:00
Stephane Lee
adc37c2bdf Fix boot issues with hal_thermal_default am: 9fdfcb53b5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17877853

Change-Id: Ie32473dbd4dd7f663da8a7cd687ffb548a717034
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:48:59 +00:00
chungkai
e9b8bcee10 genfs_contexts: fix path for i2c peripheral device am: 4db0feed32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17866185

Change-Id: I7af902367308ab55c8bc1d8ab3d2191f5a97c090
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:48:10 +00:00
Stephane Lee
1b99d23ddd Fix boot issues with hal_thermal_default am: 9fdfcb53b5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17877853

Change-Id: I7c4d5c22dd3e8bf178560f3fdb9afbe6a423ec64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:48:05 +00:00
Dinesh Yadav
e5a286a8ef Add SEPolicy settings for android logging/tracing service for GXP am: 5f4f4de205 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17818623

Change-Id: I327eecf77bdac19815b12ab2ac29b005c6880932
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:41:40 +00:00
chungkai
4db0feed32 genfs_contexts: fix path for i2c peripheral device 
add original paths since we reverted enable load
module in parallel for other issues

Test: without avc denial
Bug: 229670628
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ie7a2a78eae5d6965beedc0de640ec56acb6a7b2a
 2022-04-21 06:33:21 +00:00
Stephane Lee
9fdfcb53b5 Fix boot issues with hal_thermal_default 
Bug: 229895015
Test: Ensure the device boots, verify permissions with ls -AlZ
Change-Id: I0f95bb7eb58e6ce22a0f66a70408fdf56d94b1b3
 2022-04-21 06:30:34 +00:00
Dinesh Yadav
5f4f4de205 Add SEPolicy settings for android logging/tracing service for GXP 
Change-Id: I3c9574dca5e52356b77172c886ac8971584d3012
 2022-04-21 06:22:37 +00:00
Wayne Lin
5ef6b56e19 gps: sync sepolicy from gs101 to allow gps access pps gpio am: 4d163d5b32 am: c59744b9da am: f79f042ffa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699358

Change-Id: I8e5e6584800413cd3cf260624db8cc26ac7a73b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 03:07:38 +00:00
Wayne Lin
015c86c322 gps: refine gps sepolicy am: 5c9592e973 am: 52af682ee3 am: 322bcb5238 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699753

Change-Id: Ica72eeff83c9144cec2b0c2fe64c1b0d6492a217
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 03:07:37 +00:00
Stephane Lee
28f3d1ca7e Add hwservicemanager to pixelstats permissions am: 3a95426f78 am: f397f35b2e am: 8942800fdc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17831450

Change-Id: Ic1133b6d929f14d3709db717c19e3170ad643387
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 03:07:06 +00:00
Android Build Coastguard Worker
2ce4deb768 Snap for 8479392 from cb465497e8 to udc-release 
Change-Id: I594da6dc6aeb65c810b4839c6bb0de7b69cbef81
 2022-04-21 03:02:27 +00:00
Wayne Lin
dc1f8c0621 gps: sync sepolicy from gs101 to allow gps access pps gpio am: 4d163d5b32 am: a51533f041 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699358

Change-Id: Ibba089ef6dc8c6ceeecff4c06b101c459741661f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:41:55 +00:00
Wayne Lin
1e586bcfd6 gps: refine gps sepolicy am: 5c9592e973 am: 49f83a1e9f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699753

Change-Id: I41559fff04d40a26ff71c24de4a9214255b36704
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:41:54 +00:00
Wayne Lin
f79f042ffa gps: sync sepolicy from gs101 to allow gps access pps gpio am: 4d163d5b32 am: c59744b9da 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699358

Change-Id: Ib949d7265d4bad7b5edde53422e0d688e76db972
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:41:45 +00:00
Wayne Lin
322bcb5238 gps: refine gps sepolicy am: 5c9592e973 am: 52af682ee3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699753

Change-Id: I595d021d510b44178d7303a9e438fc45f426c9d2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:41:44 +00:00
Stephane Lee
cda428263f Add hwservicemanager to pixelstats permissions am: 3a95426f78 am: 012609ce74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17831450

Change-Id: Ic3e6b289ea00e4bc1f875bccd97a4227993feb8a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:41:28 +00:00
Stephane Lee
8942800fdc Add hwservicemanager to pixelstats permissions am: 3a95426f78 am: f397f35b2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17831450

Change-Id: Ie06562cdc967ec49d73679a7f9a6e171152918cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:41:25 +00:00
Wayne Lin
c59744b9da gps: sync sepolicy from gs101 to allow gps access pps gpio am: 4d163d5b32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699358

Change-Id: Ifb5a5c0afac155bdaeccd7313f4ee16dd4dd9834
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:22:17 +00:00
Wayne Lin
52af682ee3 gps: refine gps sepolicy am: 5c9592e973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699753

Change-Id: Ic804efd9b7077145d1d12b1ec00999195a9fc5d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:22:16 +00:00
Stephane Lee
f397f35b2e Add hwservicemanager to pixelstats permissions am: 3a95426f78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17831450

Change-Id: I7765947eb081be8869b038981d2ddfc104bdcadc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:21:48 +00:00
Wayne Lin
a51533f041 gps: sync sepolicy from gs101 to allow gps access pps gpio am: 4d163d5b32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699358

Change-Id: I430c58245e562192949a2ce46c3f4aa22567269e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:21:26 +00:00
Wayne Lin
49f83a1e9f gps: refine gps sepolicy am: 5c9592e973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699753

Change-Id: I8e95905b9e669d9f206bea50195397ae4ec21a53
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:21:25 +00:00
Stephane Lee
012609ce74 Add hwservicemanager to pixelstats permissions am: 3a95426f78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17831450

Change-Id: I64fcba1187f7d5b74437d98b2b1580210cedc9c4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:20:41 +00:00
Wayne Lin
4d163d5b32 gps: sync sepolicy from gs101 to allow gps access pps gpio 
Bug: 228903885
Test: build pass
Change-Id: Ic555a0640872ae0dc1a69a9d4a11027d4364464a
 2022-04-21 01:47:37 +00:00
Wayne Lin
5c9592e973 gps: refine gps sepolicy 
Bug: 228903885
Test: build pass and no avc denied in gpsd
Change-Id: Id0821b1335d316899e3a32b56a0e1c0feb4ba2b6
 2022-04-21 01:47:37 +00:00
Stephane Lee
3a95426f78 Add hwservicemanager to pixelstats permissions 
Bug: 227199213
Test: Ensure there are no more selinux errors
Change-Id: I1d961096df49f82302d7ff14fec809232e5afd28
 2022-04-21 01:42:17 +00:00
Labib
cb465497e8 Let RadioExt talk to bt hal am: 2b189b45af am: b4c3e55628 am: f2edd202c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687

Change-Id: I4aa628d5a9b2e3cd018d0093a79647ed63c0e186
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 04:54:53 +00:00
Labib
f2edd202c4 Let RadioExt talk to bt hal am: 2b189b45af am: b4c3e55628 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687

Change-Id: Id620256e0b6ecad7cb8e648fff9bf833357aeff2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 04:32:02 +00:00
Labib
40018f3bc7 Let RadioExt talk to bt hal am: 2b189b45af am: 8f63e40658 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687

Change-Id: Ib4e91ac07e6aa4e5fed224c6a953490ae0668273
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 04:31:50 +00:00
chungkai
6a8fa19138 sepolicy: fix avc denials am: 32bf1ffbf7 am: 3ab10a4ca3 am: 8b01c1ff49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800453

Change-Id: I2f777f2da7146bcc17b9ce06e9edd176170031ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 04:07:16 +00:00
Labib
b4c3e55628 Let RadioExt talk to bt hal am: 2b189b45af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687

Change-Id: Ia79174e3f47e9cd7b1c9c2bd12c91da7543e2baf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:58:47 +00:00
Labib
8f63e40658 Let RadioExt talk to bt hal am: 2b189b45af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687

Change-Id: I41c1cd2eb48ac552fcc56cd0c83194acbd8a248f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:57:54 +00:00
chungkai
8b01c1ff49 sepolicy: fix avc denials am: 32bf1ffbf7 am: 3ab10a4ca3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800453

Change-Id: I9d9f2d089895227f0b761bcb7f2be8cac277ad68
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:29:40 +00:00
chungkai
3902918365 sepolicy: fix avc denials am: 32bf1ffbf7 am: 3a8df849f1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800453

Change-Id: I78260403080263c6f8971c1d0c4a3b72b59d899b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:28:27 +00:00
Labib
2b189b45af Let RadioExt talk to bt hal 
Bug: 227122249
Test: Manual
Change-Id: I9f41615e8e862af147d6f47e5e4c4e0dde40c233
 2022-04-20 03:20:39 +00:00
chungkai
3ab10a4ca3 sepolicy: fix avc denials am: 32bf1ffbf7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800453

Change-Id: Iafb00b0878360210b8c55ca21f90cb814758eeab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:02:50 +00:00
Android Build Coastguard Worker
ae0f0456e9 Snap for 8474914 from 3a3b7051cb to udc-release 
Change-Id: If1fa5131f13d51e189802b8693f2c343824e61e5
 2022-04-20 03:02:45 +00:00
chungkai
3a8df849f1 sepolicy: fix avc denials am: 32bf1ffbf7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800453

Change-Id: Ic7f02808fc2e363ea4d30b7cab4ac6b79db0efed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:02:19 +00:00
sukiliu
0c96b85f8e Update avc error on ROM 8468959 am: abdd44b0fd am: f44858eeec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800457

Change-Id: I2e926c088bbdf3ea61785b099162c638db489293
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 02:46:54 +00:00
chungkai
32bf1ffbf7 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 226887726
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I4af39bb6e620a59e02417a06c1dabd45df360fc3
 2022-04-20 02:22:31 +00:00
sukiliu
f44858eeec Update avc error on ROM 8468959 am: abdd44b0fd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800457

Change-Id: I0a8cbd2f1fd31f2bfe3309964ae1c354a20ae75c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 02:17:47 +00:00
sukiliu
abdd44b0fd Update avc error on ROM 8468959 
Bug: 229677756
Test: PtsSELinuxTestCases
Change-Id: I0423fa9c02e1e16ecf8ec32d89046704f2667d64
 2022-04-20 01:53:16 +00:00
Jason Macnak
3a3b7051cb [automerger skipped] Remove sysfs_gpu type definition am: a77fc2a6df am: 8ff82017cf am: d42e94b0f3 -s ours 
am skip reason: Merged-In I107f92617bea56590b5af351341cc1c3b2844360 with SHA-1 a77fc2a6df is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17007102

Change-Id: I36d9c4aca7689be7bfb2e3a0b04c9905ce24d9da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 17:12:21 +00:00
Jason Macnak
d42e94b0f3 Remove sysfs_gpu type definition am: a77fc2a6df am: 8ff82017cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17007102

Change-Id: I25d2055ae6b029c9cfe336cfc5061a3fc309fef2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 16:48:39 +00:00
Jason Macnak
d3e2c760fa [automerger skipped] Remove sysfs_gpu type definition am: a77fc2a6df am: 5e49f73b7c -s ours 
am skip reason: Merged-In I107f92617bea56590b5af351341cc1c3b2844360 with SHA-1 6ab671ae18 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17007102

Change-Id: Ibc18c9897adba2e8b32d5f755ccdbb0951218a2c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 16:47:18 +00:00
Jason Macnak
8ff82017cf Remove sysfs_gpu type definition am: a77fc2a6df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17007102

Change-Id: I09a5e41666931c7bb6f4bdaa67f8507aec59c7cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 16:25:31 +00:00
Jason Macnak
5e49f73b7c Remove sysfs_gpu type definition am: a77fc2a6df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17007102

Change-Id: I621268fe203c8f2c6373ff55ad168d32bb15a2f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 16:24:57 +00:00
Jason Macnak
a77fc2a6df Remove sysfs_gpu type definition 
... as it has moved to system/sepolicy.

Bug: b/161819018
Test: presubmit
Change-Id: I107f92617bea56590b5af351341cc1c3b2844360
Merged-In: I107f92617bea56590b5af351341cc1c3b2844360
 2022-04-19 15:59:04 +00:00
Ted Lin
10db70729b Sepolicy: add the system_app.te for hal_wlc am: 55f4e61c8c am: d2abadeef2 am: f956980194 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750775

Change-Id: Iff891a15e8759f314d10f0caa399489052b39584
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 07:17:57 +00:00
Ted Lin
f956980194 Sepolicy: add the system_app.te for hal_wlc am: 55f4e61c8c am: d2abadeef2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750775

Change-Id: I0217fef3318c35342d102aec120de2ddcb691b47
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 06:57:07 +00:00
Ted Lin
6c6ab958bd Sepolicy: add the system_app.te for hal_wlc am: 55f4e61c8c am: e5213f1820 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750775

Change-Id: I14946c7478a76bcb2aed53ca616e52e91be4ca80
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 06:56:26 +00:00
Ted Lin
d2abadeef2 Sepolicy: add the system_app.te for hal_wlc am: 55f4e61c8c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750775

Change-Id: I6bb1ca09ec11fa990f15f2c40ac4eaaf57f2b4a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 06:34:39 +00:00
Ted Lin
e5213f1820 Sepolicy: add the system_app.te for hal_wlc am: 55f4e61c8c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750775

Change-Id: I4e0ad90285d75ae8ae8b8a2ea231980fabcf1d2e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 06:33:45 +00:00
Ted Lin
55f4e61c8c Sepolicy: add the system_app.te for hal_wlc 
04-11 20:28:15.435   523   523 I auditd  : avc:  denied  { find } for interface=vendor.google.wireless_charger::IWirelessCharger sid=u:r:system_app:s0 pid=3755 scontext=u:r:system_app:s0 tcontext=u:object_r:hal_wlc_hwservice:s0 tclass=hwservice_manager permissive=0

Bug:229036607
Test: adb bugreport
Change-Id: I40562204b3517b2861b2a52466f9cde04a5321c5
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-04-19 06:11:19 +00:00
Android Build Coastguard Worker
17feb570f8 Snap for 8469123 from 6ab671ae18 to udc-release 
Change-Id: I0067a4a24b8a6be58b5fc0e9e5e594c93545d929
 2022-04-19 03:07:10 +00:00
chiayupei
44c3d78413 hal_sensors_default: Allow sensors HAL to access AoC sysfs and properties. am: eaeec28c23 am: 8686077cf1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17799083

Change-Id: I46720865410689fa8a562eedecf9aa082393a881
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 02:38:56 +00:00
chiayupei
8686077cf1 hal_sensors_default: Allow sensors HAL to access AoC sysfs and properties. am: eaeec28c23 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17799083

Change-Id: Iafe48b445d456eef6fbf98ed4ed7c3550a3a260d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 02:16:32 +00:00
chiayupei
eaeec28c23 hal_sensors_default: Allow sensors HAL to access AoC sysfs and properties. 
Bug: 202901227
Test: Verify pass by checking device log.

Signed-off-by: chiayupei <chiayupei@google.com>
Change-Id: I67e0fcc4ad89ff3c1945f6fdd83d01f14fcdcbec
 2022-04-19 01:57:08 +00:00
Jason Macnak
6ab671ae18 Remove sysfs_gpu type definition 
... as it has moved to system/sepolicy.

Bug: b/161819018
Test: presubmit
Change-Id: I107f92617bea56590b5af351341cc1c3b2844360
 2022-04-18 22:48:37 +00:00
Alex Hong
c51ef5da57 Update the SELinux context for dumpstate HAL service am: 09ef2e08c5 am: 572c9385f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699359

Change-Id: I4011892e01d20c35f43a397dc141f3baf6279eef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 13:33:38 +00:00
Jerry Huang
7bcc9da819 Allow mediacodec_google to access gpu_device am: 9bc45b2d60 am: 907fa780c6 am: 14fa939e02 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731167

Change-Id: I5473d5b2bdef49db8d721ff6a0559c6e231bacd9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 08:05:08 +00:00
Alex Hong
572c9385f2 Update the SELinux context for dumpstate HAL service am: 09ef2e08c5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699359

Change-Id: Ib383ca5b7ddfa353b83d89faeea0c7db986760e8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 07:51:12 +00:00
Alex Hong
09ef2e08c5 Update the SELinux context for dumpstate HAL service 
Test: atest VtsHalDumpstateTargetTest pass
Bug: 223118410
Change-Id: Ie237579f974bab8bf8d35211367457be178a262b
 2022-04-18 07:45:28 +00:00
Jerry Huang
1d04d76967 Allow mediacodec_google to access gpu_device am: 9bc45b2d60 am: f5bbe7b88a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731167

Change-Id: Ibcfbd72b04db4c68a8b84c050451429a8bec521d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 07:42:26 +00:00
Jerry Huang
14fa939e02 Allow mediacodec_google to access gpu_device am: 9bc45b2d60 am: 907fa780c6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731167

Change-Id: Ia9cf89db957fbcbe2c5fdd508c21ea91b71fba39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 07:42:04 +00:00
Jerry Huang
907fa780c6 Allow mediacodec_google to access gpu_device am: 9bc45b2d60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731167

Change-Id: I4dc3946a1ac18c1c1b88c4c9dbf9baa6612d7cfd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 07:20:30 +00:00
Jerry Huang
f5bbe7b88a Allow mediacodec_google to access gpu_device am: 9bc45b2d60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731167

Change-Id: Id2e4061ed41734a687dc5268da2487d99ad78763
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 07:19:17 +00:00
Jerry Huang
9bc45b2d60 Allow mediacodec_google to access gpu_device 
Bug: 228794372
Test: android.media.decoder.cts.DecoderTest#testAV1HdrToSdr

The change is for following error:
04-08 17:02:44.020  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70491): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0
04-08 17:02:44.028  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70492): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0
04-08 17:02:44.040  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70493): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0
04-08 17:02:44.048  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70494): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0

Change-Id: Ie22903807fcc12d931cbdd36678ae1d4a3776a3d
 2022-04-18 13:34:04 +08:00
sukiliu
2b3e031ead Update avc error on ROM 8459635 am: aa794b4e43 am: 9b19670fde 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764697

Change-Id: I0b6f5a0070907e870baea3e0912cfd7e822eeec1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 02:09:21 +00:00
sukiliu
9b19670fde Update avc error on ROM 8459635 am: aa794b4e43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764697

Change-Id: I45ef7c52bfc599f9e9f303d91848f12af491ff83
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 01:22:54 +00:00
sukiliu
aa794b4e43 Update avc error on ROM 8459635 
Bug: 229354991
Test: PtsSELinuxTestCases
Change-Id: I6b5d7d5b1368021bd927dedf786081c600289974
 2022-04-18 01:05:57 +00:00
Android Build Coastguard Worker
5d11e8cbb1 Snap for 8463111 from cf51eaf2cb to udc-release 
Change-Id: Idf17c97ec887ce71c28d6097bb9a10a05623337a
 2022-04-16 05:12:55 +00:00
Joshua McCloskey
cf51eaf2cb Allow platform apps to access FP Hal am: 2dc0bbd55b am: 93f0eac9b7 am: e3492d9b53 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17625014

Change-Id: I380d7bff2b1d6288b40f52de7e83ffdf2cbfd283
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 23:30:13 +00:00
Joshua McCloskey
e3492d9b53 Allow platform apps to access FP Hal am: 2dc0bbd55b am: 93f0eac9b7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17625014

Change-Id: Icd927343b5116c882505d1c773b8166b8fc1af2f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 22:40:01 +00:00
Joshua McCloskey
d376d62308 Allow platform apps to access FP Hal am: 2dc0bbd55b am: d386974cac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17625014

Change-Id: I1d9ed90bdb1230be3277e95937d066847167a485
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 22:39:33 +00:00
Joshua McCloskey
93f0eac9b7 Allow platform apps to access FP Hal am: 2dc0bbd55b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17625014

Change-Id: I7be27da8b3ee59516612c3f71804ca6799c047f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 22:13:03 +00:00
Joshua McCloskey
d386974cac Allow platform apps to access FP Hal am: 2dc0bbd55b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17625014

Change-Id: I0ff7aeba35e96f3ba82de61d49e9f596ff2b4f6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 22:12:14 +00:00
Joshua McCloskey
2dc0bbd55b Allow platform apps to access FP Hal 
Bug: 227247855
Test: Verified manually that the fingerprint extension is working.
Change-Id: Id5550ca770942d02ad0796ed0d4e8584c434b680
 2022-04-15 21:39:58 +00:00
Oleg Matcovschi
81ed057c7d selinux: remove dpm_[ab] from custom_ab_block_device's am: a79b98eb25 am: cddeaf3f73 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764346

Change-Id: Iac746a89d0f4205b16ed7bc8e4855cdff5ca7ebe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 20:11:24 +00:00
Oleg Matcovschi
cddeaf3f73 selinux: remove dpm_[ab] from custom_ab_block_device's am: a79b98eb25 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764346

Change-Id: I048cca075f5c22dd518b9ab9da288f5318570945
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 19:54:27 +00:00
Oleg Matcovschi
a79b98eb25 selinux: remove dpm_[ab] from custom_ab_block_device's 
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: I774065f331b1f2970b0fee5a41faa097fa88caf8
 2022-04-15 19:08:17 +00:00
chungkai
5ab420e9ca sepolicy: fix avc denials am: d80900ae17 am: efb75b5ced am: 96e63091b4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764688

Change-Id: I25c5b096e2986b91923f61f37733754852fe845b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 07:24:04 +00:00
chungkai
96e63091b4 sepolicy: fix avc denials am: d80900ae17 am: efb75b5ced 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764688

Change-Id: Ie80951fd60033081bda78a7cdb327ff0a7f5fe5e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 07:01:26 +00:00
chungkai
319be9e317 sepolicy: fix avc denials am: d80900ae17 am: beefac99c7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764688

Change-Id: I77bbb44d3cb34d695e34712e02abcfbc7cff5c99
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 07:01:04 +00:00
chungkai
efb75b5ced sepolicy: fix avc denials am: d80900ae17 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764688

Change-Id: I13bbf5aaa37f0855cce70a0ef06ac50fc1ad9006
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 06:39:45 +00:00
chungkai
beefac99c7 sepolicy: fix avc denials am: d80900ae17 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764688

Change-Id: Ifddf30c6372afeb5e5b36236ae4562fa8bafffda
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 06:39:39 +00:00
Android Build Coastguard Worker
5e2711fb71 Snap for 8457487 from efabf50a28 to udc-release 
Change-Id: Ib0f925bb06ba39083ea54131dad4fe6446d46c6e
 2022-04-15 03:02:23 +00:00
chungkai
d80900ae17 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 228947596
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I2e9fa011c049e32011c5880218dd679e03316e24
 2022-04-15 02:56:55 +00:00
chungkai
63751751aa sepolicy: fix avc denials am: d37777dd33 am: 49e28ad8c1 am: 56b70920b6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755771

Change-Id: I4798c75c139f45dbaabc364903bfbd121d0d0267
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:44:27 +00:00
Harpreet Eli Sangha
f531db2f06 Add CccDkTimeSyncService for Digital Key Support am: 1a0b0ce0c4 am: a7eb4ce4f2 am: 9ec5f1f14f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755764

Change-Id: I9a0a82dd29822ea0d3b3cbb2a74d2475a86a659b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:44:06 +00:00
sukiliu
a6398a7291 Update avc error on ROM 8453400 am: 81d9623cbe am: 24a55545cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755772

Change-Id: Ifc044e0045866ed6601e53e534a560fd6cad1606
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:43:57 +00:00
chungkai
7c43e4e343 sepolicy: fix avc denials am: d37777dd33 am: e240db0a69 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755771

Change-Id: I797704ae23193241683e11714866745cbebe0599
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:28:11 +00:00
Harpreet Eli Sangha
545ae1e2d2 Add CccDkTimeSyncService for Digital Key Support am: 1a0b0ce0c4 am: 559e696193 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755764

Change-Id: I7150f2c558f08444d32a2fb93469897d449572cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:28:00 +00:00
chungkai
56b70920b6 sepolicy: fix avc denials am: d37777dd33 am: 49e28ad8c1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755771

Change-Id: I0f1e5b791a88ab62c3432307b6ea12f8e2165264
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:21:37 +00:00
Harpreet Eli Sangha
9ec5f1f14f Add CccDkTimeSyncService for Digital Key Support am: 1a0b0ce0c4 am: a7eb4ce4f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755764

Change-Id: I5f488b8c72afa86fabea4ac23e6fe6f87ce0b3d2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:21:29 +00:00
sukiliu
24a55545cc Update avc error on ROM 8453400 am: 81d9623cbe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755772

Change-Id: I8173752a333d620cba87995bda69117903496671
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:21:11 +00:00
chungkai
49e28ad8c1 sepolicy: fix avc denials am: d37777dd33 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755771

Change-Id: I59b89c687d44c371fed1e83d2a8bce057bb88179
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:07:33 +00:00
chungkai
e240db0a69 sepolicy: fix avc denials am: d37777dd33 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755771

Change-Id: I57d7e4a7b8d5465cad4cefb72ad258f63733ec73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:06:38 +00:00
chungkai
d37777dd33 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 226887726
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: If2ac4c137c1ea074907c363424e6018a5fd646e8
 2022-04-15 01:01:47 +00:00
Harpreet Eli Sangha
a7eb4ce4f2 Add CccDkTimeSyncService for Digital Key Support am: 1a0b0ce0c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755764

Change-Id: If10fb742322ba2bb732bd222990b00e712d00c54
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:00:36 +00:00
Harpreet Eli Sangha
559e696193 Add CccDkTimeSyncService for Digital Key Support am: 1a0b0ce0c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755764

Change-Id: I14defbf1ec7ad439a1b88bc34197987e51d3aa27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 00:59:54 +00:00
sukiliu
81d9623cbe Update avc error on ROM 8453400 
Bug: 229209076
Test: PtsSELinuxTestCases
Change-Id: I05f06fe0d62cbfbd4783ba9c57dea7d7a7a35fca
 2022-04-15 00:52:48 +00:00
Harpreet Eli Sangha
1a0b0ce0c4 Add CccDkTimeSyncService for Digital Key Support 
Test: Build and Run
Bug: 226659256
Signed-off-by: Harpreet Eli Sangha <eliptus@google.com>
Change-Id: I9dd53a864d53e525282bc49c13b09157fc8d2ece
 2022-04-15 00:28:13 +00:00
Anthony Stange
efabf50a28 Update SELinux to allow CHRE to talk to the Wifi HAL am: 403643929d am: abb060273b am: 5e69e1c762 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17715921

Change-Id: I60fe3150c3226224552f47de0d82d41b9f9863c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 17:00:19 +00:00
Anthony Stange
5e69e1c762 Update SELinux to allow CHRE to talk to the Wifi HAL am: 403643929d am: abb060273b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17715921

Change-Id: I842c5555f62e5cb6a9ae6138bb8c96d6ec7fd478
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 16:36:02 +00:00
Anthony Stange
018d0f66a3 Update SELinux to allow CHRE to talk to the Wifi HAL am: 403643929d am: 4e2f01d0af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17715921

Change-Id: Ifdbf239cbd97cede68b4b24c68b0f7adad9ccba2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 16:34:26 +00:00
Anthony Stange
abb060273b Update SELinux to allow CHRE to talk to the Wifi HAL am: 403643929d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17715921

Change-Id: I2fc02c0b95b50587e57dcd4070977c9f0f8cf34f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 16:14:08 +00:00
Anthony Stange
4e2f01d0af Update SELinux to allow CHRE to talk to the Wifi HAL am: 403643929d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17715921

Change-Id: I4e33045cec08c8c2a2d921fa22647ae6155a8968
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 16:14:07 +00:00
Anthony Stange
403643929d Update SELinux to allow CHRE to talk to the Wifi HAL 
Bug: 206614765
Test: Run locally
Change-Id: I2cab195d533e3e2c390094bd09b15b5e761eadf0
 2022-04-14 15:23:22 +00:00
chungkai
26a67971f1 sepolicy: fix avc denials am: fbdb09a2f0 am: d45cf4d6d3 am: 757a3fc7d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750772

Change-Id: Ib13d93e5cfb8a204253065b0f79b446f1e390dd4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 10:34:16 +00:00
chungkai
6e56ba1c25 sepolicy: fix avc denials am: fbdb09a2f0 am: 0653304229 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750772

Change-Id: Icdef8f232937f8fe76a2aea73314a10c9b6c9f66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 10:06:01 +00:00
chungkai
757a3fc7d9 sepolicy: fix avc denials am: fbdb09a2f0 am: d45cf4d6d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750772

Change-Id: I51f07ba55b537303804b46034de3b000588a8cc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 10:05:04 +00:00
chungkai
d45cf4d6d3 sepolicy: fix avc denials am: fbdb09a2f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750772

Change-Id: I60f7a16bec1ac56aace2cde31a17afb009387a62
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 09:42:49 +00:00
chungkai
0653304229 sepolicy: fix avc denials am: fbdb09a2f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750772

Change-Id: Ica3dbe06800cf5ce5cae0d1a6eeb1502b7d039b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 09:41:50 +00:00
TeYuan Wang
81a5499160 sepolicy: label AUR as sysfs_thermal am: 951bad233c am: 28432f8076 am: ec0b702744 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731168

Change-Id: I902c2bd540ca86fca0eb672f7f5f3f9bbab48302
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 08:03:09 +00:00
chungkai
fbdb09a2f0 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 226887726
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ifc618e315e9d28cab6f602ce2c99ac7fe35fc189
 2022-04-14 07:24:58 +00:00
TeYuan Wang
ec0b702744 sepolicy: label AUR as sysfs_thermal am: 951bad233c am: 28432f8076 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731168

Change-Id: Iff17f7bb5babeb0465e974ff187efd2012bbd6f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 07:10:46 +00:00
TeYuan Wang
55af6cbfe5 sepolicy: label AUR as sysfs_thermal am: 951bad233c am: 5389906449 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731168

Change-Id: I57b4e2d0e4b9eccfad70b2aa84827919c9e97b00
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 07:10:17 +00:00
TeYuan Wang
28432f8076 sepolicy: label AUR as sysfs_thermal am: 951bad233c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731168

Change-Id: I90c7de97164a2da58f79d361173d21c40adc3b4c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 06:48:20 +00:00
sukiliu
7090ba8e88 Update avc error on ROM 8449600 am: f0810342eb am: 792db15271 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750769

Change-Id: I23b714d95084f137d9cde82571935ea7d74cdee4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 06:47:46 +00:00
TeYuan Wang
5389906449 sepolicy: label AUR as sysfs_thermal am: 951bad233c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731168

Change-Id: Iaee171d0fe9e2e52b32a25b4eb9bb3ceb203c63c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 06:47:20 +00:00
sukiliu
792db15271 Update avc error on ROM 8449600 am: f0810342eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750769

Change-Id: If6eab7cb601ee0b5b78e09cc9c90bd305e480b4f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 06:24:53 +00:00
TeYuan Wang
951bad233c sepolicy: label AUR as sysfs_thermal 
Bug: 171499494
Test: adb shell ls -Z /sys/devices/platform/100b0000.AUR
Change-Id: I0aa1b95c11d2af5fa2175c582068daad51360485
 2022-04-14 06:23:35 +00:00
sukiliu
f0810342eb Update avc error on ROM 8449600 
Bug: 229167195
Test: PtsSELinuxTestCases
Change-Id: I0b6cb1142aff6fbfbe828e014a5d9aad91b9817f
 2022-04-14 05:58:56 +00:00
Denny cy Lee
3932a7a2db Sepolicy: Pixel stats orientationCollector sepolicy am: d8eab32b49 am: 2c4cc89cdd am: 469ce3962b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652447

Change-Id: If341d7d5ea3665d102fdf5a1580fe075b456ecc7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 03:29:56 +00:00
Denny cy Lee
469ce3962b Sepolicy: Pixel stats orientationCollector sepolicy am: d8eab32b49 am: 2c4cc89cdd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652447

Change-Id: I7849c0b24b6ac1813ac71b1a914e3cfd043f3d5e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 03:09:14 +00:00
Denny cy Lee
2054d0ec63 Sepolicy: Pixel stats orientationCollector sepolicy am: d8eab32b49 am: 0b28040a89 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652447

Change-Id: Idfc59dbe60ecec4ec0fdd66a8826e579ab34716d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 03:09:02 +00:00
Android Build Coastguard Worker
32fdaf28ca Snap for 8451960 from 9d7d05eb9d to udc-release 
Change-Id: I4353ac93d98ae88f41599619e29702bd90d6f452
 2022-04-14 03:02:11 +00:00
Denny cy Lee
2c4cc89cdd Sepolicy: Pixel stats orientationCollector sepolicy am: d8eab32b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652447

Change-Id: Iec661711780385e125c324d6b057e74a4996eb19
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 02:49:17 +00:00
Denny cy Lee
0b28040a89 Sepolicy: Pixel stats orientationCollector sepolicy am: d8eab32b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652447

Change-Id: I06d1346a58d0a10147f121f4dd1754e354841994
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 02:47:56 +00:00
Denny cy Lee
d8eab32b49 Sepolicy: Pixel stats orientationCollector sepolicy 
Bug: 228547969
Test: adb shell cmd stats print-logs;[do wireless charge], and below log
found
03-31 22:52:21.798   801   809 I statsd  : { uid(1000) 1648738341
240287209019 (105009)0x10000->[S] 0x20000->0[I]  }

Signed-off-by: Denny cy Lee <dennycylee@google.com>
Change-Id: I5ef5279ba7c8bf0fd3d4cf0155f5bcad79eeb6b2
 2022-04-14 02:01:13 +00:00
Jenny Ho
1e39eac789 sepolicy: add sepolicy for disable.battery.defender am: f1a9fb4da2 am: 62e6c46060 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699361

Change-Id: I02075533d62a85d7480983b58b3b548c8146700b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 01:57:54 +00:00
Jenny Ho
62e6c46060 sepolicy: add sepolicy for disable.battery.defender am: f1a9fb4da2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699361

Change-Id: I84efbf136d3024c3deb8a39d6bc1157ab298834a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 01:34:46 +00:00
Jenny Ho
f1a9fb4da2 sepolicy: add sepolicy for disable.battery.defender 
Bug: 221384939
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Iba8f4e7abca98b5805eb75ba386c90581269f749
 2022-04-14 01:06:58 +00:00
Robert Shih
9d7d05eb9d Pixel 2022: MediaDrm AIDL sepolicy am: 38151187bf am: 651b7a0ffa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17592563

Change-Id: Iab635fb51a77eee254c8a900afa937a54231d5fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 19:34:04 +00:00
Robert Shih
651b7a0ffa Pixel 2022: MediaDrm AIDL sepolicy am: 38151187bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17592563

Change-Id: I1c17646ed0ba9ba8b05be9cf280e62ff711deef2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 19:10:14 +00:00
Robert Shih
38151187bf Pixel 2022: MediaDrm AIDL sepolicy 
Bug: 219538389
Bug: 221180205
Change-Id: I985230093d692fcf948049455fa465fce116d2a6
Test: atest VtsAidlHalDrmTargetTest
 2022-04-13 18:38:21 +00:00
Darren Hsu
1e5e5707e4 sepolicy: lable p9412 wakeup for system suspend am: cf2cc47e79 am: 8af71b59c0 am: a709963403 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731166

Change-Id: I007d705709cb514cae9c3bc258994f9be18e0833
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 12:19:59 +00:00
Darren Hsu
a709963403 sepolicy: lable p9412 wakeup for system suspend am: cf2cc47e79 am: 8af71b59c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731166

Change-Id: I3c20b7252a31152e1c4e5d4a2d71fa186a95aa45
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 11:20:26 +00:00
Darren Hsu
65fabe6774 sepolicy: lable p9412 wakeup for system suspend am: cf2cc47e79 am: 5da7e0aa7c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731166

Change-Id: I60d970421cc78253c01d6611afa427451cc7c70b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 11:03:58 +00:00
Darren Hsu
8af71b59c0 sepolicy: lable p9412 wakeup for system suspend am: cf2cc47e79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731166

Change-Id: Ic0c96ad1ef2bc91f5fce9196c4133b39c6a33a50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 10:20:02 +00:00
Darren Hsu
5da7e0aa7c sepolicy: lable p9412 wakeup for system suspend am: cf2cc47e79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731166

Change-Id: I9699672f5daa1cfff2c3beb97d6e8a2da90ca0c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 10:18:59 +00:00
Darren Hsu
cf2cc47e79 sepolicy: lable p9412 wakeup for system suspend 
Bug: 226887726
Bug: 228947596
Test: do bugreport without avc denials
Change-Id: Ic8eab625a20c60a4bf78403ef10465074d782821
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-04-13 13:39:02 +08:00
Wayne Lin
230124c22a gps: allow system server to send sensor data callback to GPS am: aab4f72223 am: 1ae80c59a7 am: 059af1fafb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699754

Change-Id: I585a8e737ec3cdb43dbcfb24b65210986309f31c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 04:21:10 +00:00
Wayne Lin
281c77ca60 gps: allow system server to send sensor data callback to GPS am: aab4f72223 am: d7b86828ba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699754

Change-Id: Ieb6b5af1faba02aa47e42166a6d2030854584d4e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 03:57:57 +00:00
Wayne Lin
059af1fafb gps: allow system server to send sensor data callback to GPS am: aab4f72223 am: 1ae80c59a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699754

Change-Id: I53819b994893a89ece85497ee52d4aaeba408ba3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 03:51:07 +00:00
Wayne Lin
1ae80c59a7 gps: allow system server to send sensor data callback to GPS am: aab4f72223 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699754

Change-Id: I4d29356b95bb185182a24190bc9c7ca5075e5ed2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 03:14:34 +00:00
Wayne Lin
d7b86828ba gps: allow system server to send sensor data callback to GPS am: aab4f72223 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699754

Change-Id: I1ae99f1c010abdce511320041da894e8a9d3177a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 03:13:36 +00:00
Android Build Coastguard Worker
8efd6edbad Snap for 8445428 from 44db109410 to udc-release 
Change-Id: I9a9e33f77955c1e533931300c5bdefd5ac8fc0b9
 2022-04-13 03:02:33 +00:00
Wayne Lin
aab4f72223 gps: allow system server to send sensor data callback to GPS 
avc: denied { call } for scontext=u:r:system_server:s0 tcontext=u:r:gpsd:s0 tclass=binder permissive=0

Bug: 224772976
Test: build pass, verify no avc denied and gpsd can receive sensor callback
Change-Id: If3b58b5527f67732ea60b3dd943ae472aebb7aed
 2022-04-13 02:54:24 +00:00
Albert Wang
44db109410 Add more xHCI wakeup path for suspend_control am: e914d6fcc3 am: 75ee2a71a3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686710

Change-Id: I2119c5c796a50c1ed52cf7ee610b243a21cdbe29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 10:10:24 +00:00
Albert Wang
75ee2a71a3 Add more xHCI wakeup path for suspend_control am: e914d6fcc3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686710

Change-Id: I1991f78ae1dbbfe166e2f8f139f74912ea67cdff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 09:48:02 +00:00
Albert Wang
e914d6fcc3 Add more xHCI wakeup path for suspend_control 
To addressdd the xHCI wakeup nodes permission problem, add new nodes:
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/wakeup
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb2
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb3
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/wakeup
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb2
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb3
/devices/platform/11210000.usb/wakeup

Bug: 228791172
Test: verified with forrest test build
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I457e64c252ec3573ab15923898c469472fc3b9b6
 2022-04-12 15:07:04 +08:00
Darren Hsu
4d289ac71d sepolicy: label charger wakeup for system suspend am: 68f1d4fb71 am: 88dc029b88 am: f611530b69 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686708

Change-Id: Icc0b5015d4346e57e1e60c89dc29504ccfda9190
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 04:50:27 +00:00
Darren Hsu
f611530b69 sepolicy: label charger wakeup for system suspend am: 68f1d4fb71 am: 88dc029b88 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686708

Change-Id: I67783d724652ba090d0b5de319c98eb69db6d6c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 04:20:45 +00:00
Darren Hsu
51171f681c sepolicy: label charger wakeup for system suspend am: 68f1d4fb71 am: 8171577cf2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686708

Change-Id: I07b76609f3c238474b29ae23e5899715b73b3198
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 04:20:06 +00:00
Darren Hsu
88dc029b88 sepolicy: label charger wakeup for system suspend am: 68f1d4fb71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686708

Change-Id: Ia0c3065b170d6be3823dff7b4c4e650396df9c97
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 04:05:03 +00:00
Darren Hsu
8171577cf2 sepolicy: label charger wakeup for system suspend am: 68f1d4fb71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686708

Change-Id: I50c9b2ae060b24278b553aa6cfedc89d36629a52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 04:03:49 +00:00
Android Build Coastguard Worker
b296473330 Snap for 8440419 from 15579c38ef to udc-release 
Change-Id: I3f1a77db1a6aa4ac60b6cd7b129ca2a6e78d9734
 2022-04-12 03:08:04 +00:00
Darren Hsu
68f1d4fb71 sepolicy: label charger wakeup for system suspend 
Bug: 226887726
Test: do bugreport without avc denials
Change-Id: I0b57cfdddb81c1685f6a054944c064e02c099637
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-04-12 07:43:30 +08:00
Grace Chen
15579c38ef Add selinux permissions to r/w sysfs st33spi_state am: 2a8ed004f6 am: f38a4e9217 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17653782

Change-Id: I6095204aa4ffe5bd68115f963440e5f3255d1074
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 21:46:23 +00:00
Grace Chen
f38a4e9217 Add selinux permissions to r/w sysfs st33spi_state am: 2a8ed004f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17653782

Change-Id: I7faf3de35fa80000ab91dc8dd73ded06b6d22e93
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 21:26:45 +00:00
Grace Chen
2a8ed004f6 Add selinux permissions to r/w sysfs st33spi_state 
Bug: 228508704
Test: Confirm can r/w to sysfs file
Change-Id: If96f15f53ee510bf361a2bec5f006d67b178981e
 2022-04-11 21:00:50 +00:00
Darren Hsu
5b3b3b690a Label AoC wakeup for system suspend am: c750a64e4c am: 7903dbb74c am: 6cd7fc1d19 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652444

Change-Id: I8212389919fe6139ec9c8e0aef94d856ba9b8c34
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 09:28:52 +00:00
Darren Hsu
6cd7fc1d19 Label AoC wakeup for system suspend am: c750a64e4c am: 7903dbb74c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652444

Change-Id: Id439b82bbc3537ca33675e91a304b9667cbfc5b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 09:07:45 +00:00
Darren Hsu
3fcd2a33a6 Label AoC wakeup for system suspend am: c750a64e4c am: 1b64a4529a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652444

Change-Id: Ia10de2572c08bcf067016c528a989b41e13516de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 09:07:19 +00:00
Darren Hsu
7903dbb74c Label AoC wakeup for system suspend am: c750a64e4c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652444

Change-Id: I63c19ed0fb37137c0561b62a3fc2cebe5dabc458
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 08:18:19 +00:00
Darren Hsu
1b64a4529a Label AoC wakeup for system suspend am: c750a64e4c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652444

Change-Id: I12f6dd9d2411ae282516eb1bcb3c4f50855aa103
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 08:17:17 +00:00
Darren Hsu
c750a64e4c Label AoC wakeup for system suspend 
Bug: 227531769
Test: do bugreport without avc denials
Change-Id: Ie3efd407ff629b583e37c0b5af430c9a9daf8691
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-04-11 15:54:59 +08:00
Adam Shih
63c8f737cf remove obsolete error am: 28a0ab4015 am: a0a04923c8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686703

Change-Id: Ie7e76987261ecd4e279f4d85035fbf823c19deac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 05:51:21 +00:00
Adam Shih
a0a04923c8 remove obsolete error am: 28a0ab4015 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686703

Change-Id: Ice8313bee0f45ed509494a6b370f68591321aef6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 05:19:18 +00:00
Adam Shih
28a0ab4015 remove obsolete error 
Bug: 207062833
Bug: 210363938
Bug: 220636850
Test: boot with no relevant error log
Change-Id: I4901be83358e860b4a699ce44013fa1b255ceaa5
 2022-04-11 11:05:15 +08:00
Android Build Coastguard Worker
2e01deef58 Snap for 8429660 from ecacc0682c to udc-release 
Change-Id: I891059a5d52263301f64971461bdd32cad1b6b20
 2022-04-09 05:07:52 +00:00
Stephane Lee
ecacc0682c Fix off-mode (charger) sepolicy for the health interface am: 73b95396fd am: ddbaf098f8 am: b6bd708203 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17350882

Change-Id: I13b96737c13053571fe3c173dbcfd6c7679b7e6f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 04:08:31 +00:00
Stephane Lee
4cd2a557da ODPM: Add ODPM config file to be read by powerstats 2.0 am: 5ce2f99f38 am: 4b99160e35 am: 94be7a849d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17621550

Change-Id: I39644719809ee0e7ac9067dbec34f3eb99bbd178
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 04:08:13 +00:00
chungkai
9b779d0796 sepolicy: ignore avc denial am: 2a3100de6e am: 1aa53c1f48 am: d6cdacea46 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17617704

Change-Id: Iac1a8de84b8e8292b559aa16d66b8da9688544b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 04:07:49 +00:00
chungkai
e86dff0003 genfs_contexts: fix path for i2c peripheral device am: fb466b4915 am: cd880aa0e6 am: ea58ed59a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17521224

Change-Id: I24323f8641b279ee2397986bd0a6b5f147487ad7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 04:07:47 +00:00
Stephane Lee
3ee99baeb9 Fix off-mode (charger) sepolicy for the health interface am: 73b95396fd am: 5a32605710 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17350882

Change-Id: Ia44606b7af75dbd2c7c7728067267b4dfa2e07f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:38:24 +00:00
Stephane Lee
b6bd708203 Fix off-mode (charger) sepolicy for the health interface am: 73b95396fd am: ddbaf098f8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17350882

Change-Id: I2dc024c51555249d279cd54a9e844d7e148a3ef8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:38:19 +00:00
Stephane Lee
e868202588 ODPM: Add ODPM config file to be read by powerstats 2.0 am: 5ce2f99f38 am: 04f71ae091 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17621550

Change-Id: Ic3b96fe3e55b2ff58581b50e4320d52186224180
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:38:15 +00:00
Stephane Lee
94be7a849d ODPM: Add ODPM config file to be read by powerstats 2.0 am: 5ce2f99f38 am: 4b99160e35 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17621550

Change-Id: I9a1f4a756d0ccdfe8a7698c644087a4406524d41
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:38:11 +00:00
chungkai
c906700242 sepolicy: ignore avc denial am: 2a3100de6e am: aebc5fa20e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17617704

Change-Id: If7f932eb203c0d0eba27022a70dd3ab4a2a6c989
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:38:02 +00:00
chungkai
695bbd5671 genfs_contexts: fix path for i2c peripheral device am: fb466b4915 am: d2e0a2ef5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17521224

Change-Id: I51f8bbb9f6bd068f9ec1aa51cb6b1e3902535e0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:38:00 +00:00
chungkai
d6cdacea46 sepolicy: ignore avc denial am: 2a3100de6e am: 1aa53c1f48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17617704

Change-Id: I13c195e318c3e514ff69b7add78f7f27ccaac1cb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:37:47 +00:00
chungkai
ea58ed59a0 genfs_contexts: fix path for i2c peripheral device am: fb466b4915 am: cd880aa0e6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17521224

Change-Id: Iccc166d45c486e4c26671c0ecf7d49cb61dea1ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:37:45 +00:00
Stephane Lee
ddbaf098f8 Fix off-mode (charger) sepolicy for the health interface am: 73b95396fd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17350882

Change-Id: I8ad0bb623bf857ed55c381dad6a5c571dcd06409
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:29:06 +00:00
Stephane Lee
5a32605710 Fix off-mode (charger) sepolicy for the health interface am: 73b95396fd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17350882

Change-Id: Ia20811303b891d08e79f0534ee46ed4ef3934d47
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:27:47 +00:00
Stephane Lee
73b95396fd Fix off-mode (charger) sepolicy for the health interface 
Bug: 223537397
Test: Ensure that there are no selinux errors for charger_vendor in
   off-mode charging
Change-Id: I9074079a7ba67813da6b6ad7b110d964b9b7db6d
 2022-04-08 03:13:51 +00:00
Android Build Coastguard Worker
1fa1a65183 Snap for 8421584 from 97c9228497 to udc-release 
Change-Id: Ie17dfb6f08f408a575a12be241f606e2987064b4
 2022-04-08 03:03:22 +00:00
Stephane Lee
4b99160e35 ODPM: Add ODPM config file to be read by powerstats 2.0 am: 5ce2f99f38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17621550

Change-Id: I3bd878b212f35cef8ca71a3bbcb28551c6d5257e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:53:52 +00:00
chungkai
1aa53c1f48 sepolicy: ignore avc denial am: 2a3100de6e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17617704

Change-Id: I25f2f431a19e8cd7dbca347865b85d2dbf46f836
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:53:22 +00:00
chungkai
cd880aa0e6 genfs_contexts: fix path for i2c peripheral device am: fb466b4915 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17521224

Change-Id: I9d6ae44e3c1d28b670796dc87e193281f9699c76
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:53:20 +00:00
Stephane Lee
04f71ae091 ODPM: Add ODPM config file to be read by powerstats 2.0 am: 5ce2f99f38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17621550

Change-Id: Ia82142dcca16e6d54a30d52dec5e5ce1817e023f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:53:01 +00:00
chungkai
aebc5fa20e sepolicy: ignore avc denial am: 2a3100de6e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17617704

Change-Id: I8c8faf53f44f8bde1c43a22e3761d40904222366
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:52:52 +00:00
chungkai
d2e0a2ef5e genfs_contexts: fix path for i2c peripheral device am: fb466b4915 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17521224

Change-Id: Id75935027077c24888c2e168932b621dc75c0926
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:52:50 +00:00
Stephane Lee
5ce2f99f38 ODPM: Add ODPM config file to be read by powerstats 2.0 
Test: Ensure that there are no sepolicy errors when
/data/vendor/powerstats/odpm_config exists
Bug: 228112997

Change-Id: I094c29c4d1a82bccfabde7a5511f4aa833c2cd35
 2022-04-08 02:49:40 +00:00
chungkai
2a3100de6e sepolicy: ignore avc denial 
dont audit since it's debugfs

Bug: 228181404
Test: forrest with boot test
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I77a385b73b5a9edafefa8e7d34a351594cd5cd06
 2022-04-08 02:20:26 +00:00
chungkai
fb466b4915 genfs_contexts: fix path for i2c peripheral device 
paths are changed when we enable parallel module loading and
reorder the initializtaion of devices.

Test: without avc denial
Bug: 227541760
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Icd74392e0684ac5614a83d14b936be880148f919
 2022-04-08 02:20:26 +00:00
Adrian Salido
97c9228497 allow hwc access to persistent vendor display sysprop am: a1c2f220a7 am: ef36588f0e am: 79dde6d1f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17226635

Change-Id: I9ae29f3abf3d2e6f3c46e1cad865660c3147068f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 16:48:26 +00:00
Adrian Salido
79dde6d1f6 allow hwc access to persistent vendor display sysprop am: a1c2f220a7 am: ef36588f0e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17226635

Change-Id: I7d35ba9d0539fc864af1592e451d1f85a92c17d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 16:32:52 +00:00
Adrian Salido
7fcb9ff99f allow hwc access to persistent vendor display sysprop am: a1c2f220a7 am: 94062fcca0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17226635

Change-Id: I5914a9273f55d8a47c6ca9d515c86a2af373bea7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 16:32:38 +00:00
Adrian Salido
ef36588f0e allow hwc access to persistent vendor display sysprop am: a1c2f220a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17226635

Change-Id: I820ddb93fc74c9bc8606e61f07217f7612e419f5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 16:04:20 +00:00
Adrian Salido
94062fcca0 allow hwc access to persistent vendor display sysprop am: a1c2f220a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17226635

Change-Id: Id61b9caf74a1c05577202aa4a57010468ad9859c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 16:03:26 +00:00
Adrian Salido
a1c2f220a7 allow hwc access to persistent vendor display sysprop 
Test: check avc denials while switching resolution
Bug: 217399988
Change-Id: Ia3a3ab394ec23ea3150a8cf4638e045cd1e9cac9
 2022-04-07 15:40:54 +00:00
Adam Shih
697a4e9860 let sensor access aoc am: 1e88b530fa am: 9e10c64350 am: 6d2ad66a5c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609183

Change-Id: Ic8488eb4879dbfd6df8ad489c146f12b84d9f72f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 06:05:32 +00:00
Adam Shih
6d2ad66a5c let sensor access aoc am: 1e88b530fa am: 9e10c64350 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609183

Change-Id: I5ae04443b02d4e3c7e1f8bda6ce389703fa964b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 05:40:39 +00:00
Adam Shih
863629645e let sensor access aoc am: 1e88b530fa am: 73ce03bbd9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609183

Change-Id: I4b981ad2f32841afc31b9c35290929f5f7ba1347
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 05:39:52 +00:00
Adam Shih
9e10c64350 let sensor access aoc am: 1e88b530fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609183

Change-Id: I40ac3df71d11deba2bad8d90a6e7927608b611ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 05:17:17 +00:00
Siddharth Kapoor
5d6cf0ba3b Revert "Move ODPM file rule to pixel sepolicy" am: 15f80f57bf am: 1b92d2d5d2 am: 57baa82fb5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609199

Change-Id: Ia8e488dd65a8f184af0419ea9fae375e2660fe2a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 05:16:45 +00:00
Adam Shih
73ce03bbd9 let sensor access aoc am: 1e88b530fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609183

Change-Id: Ia4534f9706a1fe8164453b8f92d5293ce62e3582
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 05:16:09 +00:00
Siddharth Kapoor
4e2778858c Revert "Move ODPM file rule to pixel sepolicy" am: 15f80f57bf am: 23c89da785 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609199

Change-Id: I4f4636065496d6d015266b420e59da6f19009e0b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 04:46:05 +00:00
Siddharth Kapoor
57baa82fb5 Revert "Move ODPM file rule to pixel sepolicy" am: 15f80f57bf am: 1b92d2d5d2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609199

Change-Id: Ib338e02211ffa4903cb28927bfd8593914d3a8f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 04:45:57 +00:00
Adam Shih
1e88b530fa let sensor access aoc 
04-03 05:57:12.776   859   859 I auditd  : type=1400 audit(0.0:7): avc: denied { read } for comm="UsfHalWorker" name="services" dev="sysfs" ino=69355 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_dumpstate:s0 tclass=file permissive=0
04-03 05:57:12.776   859   859 I auditd  : type=1400 audit(0.0:8): avc: denied { write } for comm="UsfHalWorker" name="reset" dev="sysfs" ino=69363 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_reset:s0 tclass=file permissive=0

Bug: 228030183
Bug: 228030193
Test: boot with no relevant errors
Change-Id: I87fd1aa1dc9b9cf42b23fb0e7f5d4e5b6f845610
 2022-04-07 04:37:49 +00:00
Siddharth Kapoor
1b92d2d5d2 Revert "Move ODPM file rule to pixel sepolicy" am: 15f80f57bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609199

Change-Id: I8f7cbae7916b6bf21415d35afdeb653c243d2c6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 04:23:37 +00:00
Siddharth Kapoor
23c89da785 Revert "Move ODPM file rule to pixel sepolicy" am: 15f80f57bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609199

Change-Id: I4720884741d8e4121aa9492ff1aa66d25a39d4d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 04:22:23 +00:00
Siddharth Kapoor
15f80f57bf Revert "Move ODPM file rule to pixel sepolicy" 
Revert "Move ODPM file rule to pixel sepolicy"

Revert "Move ODPM file rule to pixel sepolicy"

Revert submission 17215583-odpm_sepolicy_refactor-tm-dev

Reason for revert: build failure tracked in b/228261711
Reverted Changes:
Ic9a89950a:Move ODPM file rule to pixel sepolicy
I24105669b:Move ODPM file rule to pixel sepolicy
I044a285ff:Move ODPM file rule to pixel sepolicy

Change-Id: Idbf5cd106f229c8a72b2ecbc6e5ffd20d9e06805
 2022-04-07 04:06:29 +00:00
Android Build Coastguard Worker
2145172544 Snap for 8414851 from 249213ddb6 to udc-release 
Change-Id: I8d59330648bcd0a20c1f36842d2b08d78d3acf17
 2022-04-07 03:03:25 +00:00
Jeremy DeHaan
249213ddb6 Update selinux policy for display information am: 18f8d933ab am: 573cc8efc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17599695

Change-Id: Icfc31a38101cd898fd1812fd6645a2a35d02ec88
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 19:42:56 +00:00
Jeremy DeHaan
573cc8efc5 Update selinux policy for display information am: 18f8d933ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17599695

Change-Id: I59aa272537c9f9566417847890637e05db374ef6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 19:24:05 +00:00
Jeremy DeHaan
18f8d933ab Update selinux policy for display information 
Two new sysfs nodes were added to sysfs_display type and permission to
access sysfs_display nodes was added for the dumpstate service. This
allows display information to be captured during bug report generation.

Bug: 225376485
Test: Manual - ran 'adb bugreport'
Change-Id: Ib121b0b21aa326e791e67c5bd24b3e70979a554c
 2022-04-06 18:51:45 +00:00
Mason Wang
9167990af4 hal_dumpstate_default: Fix avc denial of focaltech_touch. am: 882527f08b am: 60592aae02 am: 18fa16a7aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17524943

Change-Id: I7c3ef346b4e5fbdf4c0e8c710f2e436161446d21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 11:27:50 +00:00
Mason Wang
18fa16a7aa hal_dumpstate_default: Fix avc denial of focaltech_touch. am: 882527f08b am: 60592aae02 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17524943

Change-Id: I75fb5c27d78a599d270538ae62ec8af9f6f57133
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 10:54:31 +00:00
Mason Wang
bf17e02cf7 hal_dumpstate_default: Fix avc denial of focaltech_touch. am: 882527f08b am: 020cb8c9de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17524943

Change-Id: I45f4c70de717e092c5cf4a7b4c5b4cf8e7f001ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 10:54:25 +00:00
Mason Wang
60592aae02 hal_dumpstate_default: Fix avc denial of focaltech_touch. am: 882527f08b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17524943

Change-Id: I303b4b33cd88445e2e277f63a9c0596d641a5ed4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 10:28:53 +00:00
Mason Wang
020cb8c9de hal_dumpstate_default: Fix avc denial of focaltech_touch. am: 882527f08b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17524943

Change-Id: I3fb72c06a72b72cbb0838b6d317a74948d6163b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 10:28:19 +00:00
Mason Wang
882527f08b hal_dumpstate_default: Fix avc denial of focaltech_touch. 
Fixed following avc denial:
avc: denied { read } for name="focaltech_touch" dev="proc" ino=4026535419 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc_touch:s0 tclass=dir permissive=0

Bug: 199105131
Test: Verify pass by checking device log are w/o above errors when
trigger bugreport.

Change-Id: Id2af1f59cd397f0332fba94f68d9940f612a8e81
 2022-04-06 10:03:14 +00:00
samou
b1cef38c36 Move ODPM file rule to pixel sepolicy am: ece8953942 am: 8c8727b061 am: 9710a28d1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213985

Change-Id: Idd070de61fe21298c039b8e6bc355fc1ca2b423d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 03:26:16 +00:00
samou
9710a28d1e Move ODPM file rule to pixel sepolicy am: ece8953942 am: 8c8727b061 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213985

Change-Id: I97e7348827ef41e240376040cff4acb336df3fcb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 02:59:43 +00:00
samou
837e598a78 Move ODPM file rule to pixel sepolicy am: ece8953942 am: df3f4565cd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213985

Change-Id: I3ded387684ddeda364f8c721e95b664ad3a8da38
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 02:59:24 +00:00
samou
8c8727b061 Move ODPM file rule to pixel sepolicy am: ece8953942 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213985

Change-Id: I21d1c1488efa4e00412962f16d2fe837d8ffeb27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 02:38:48 +00:00
samou
df3f4565cd Move ODPM file rule to pixel sepolicy am: ece8953942 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213985

Change-Id: Idd9e78217ff996f571d7c03d1ccbc0ac44ebbadd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 02:37:54 +00:00
samou
ece8953942 Move ODPM file rule to pixel sepolicy 
Bug: 213257759
Change-Id: I24105669b076061780addf5b038607f4d1957ee5
 2022-04-06 02:09:38 +00:00
Android Build Coastguard Worker
2eb5eb7147 Snap for 8404564 from e524403b33 to udc-release 
Change-Id: Icaaad4085c9a1ae26a2e38d515129226690da27e
 2022-04-05 03:01:38 +00:00
Anthony Stange
e524403b33 Add BT HAL SELinux policy am: ede5e0944a am: 2ff2776db0 am: f0c3cec6c1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474643

Change-Id: Ic5670046df3510c826fe9a6b6a9422c3ba3bc42a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-04 17:02:38 +00:00
Anthony Stange
33546719a6 Add BT HAL SELinux policy am: ede5e0944a am: d2b2e29c89 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474643

Change-Id: I2c9ed7d6d14efc978ec179309e7b235962a1528e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-04 16:49:40 +00:00
Anthony Stange
f0c3cec6c1 Add BT HAL SELinux policy am: ede5e0944a am: 2ff2776db0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474643

Change-Id: I7628edd8494927418ae7e9effb3e68e7d9205d19
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-04 16:46:54 +00:00
Anthony Stange
d2b2e29c89 Add BT HAL SELinux policy am: ede5e0944a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474643

Change-Id: I5419086807dee3fbeb05d7e914a80158fb9f3ae3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-04 16:27:26 +00:00
Anthony Stange
2ff2776db0 Add BT HAL SELinux policy am: ede5e0944a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474643

Change-Id: I538afe38e3ed3eb630d05efb74137ec15881cee2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-04 16:27:09 +00:00
Anthony Stange
ede5e0944a Add BT HAL SELinux policy 
Bug: 193474802
Test: presubmits
Change-Id: I0ce730c119b60fdfec6e31dea88f5edbf69048ed
 2022-04-04 15:55:43 +00:00
Android Build Coastguard Worker
91219407a3 Snap for 8398296 from 7ba9b197c0 to udc-release 
Change-Id: I8173e63e1160ad72c00f5c888bdb86f43727b768
 2022-04-02 05:08:38 +00:00
sukiliu
7ba9b197c0 Update avc error on ROM 8388849 am: 97326bf38b am: 6be9cbeb9a am: 96a37c7a80 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17530928

Change-Id: Ica002e09ccdbdb6fa0913cfbdccf1535281f0131
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 08:16:07 +00:00
sukiliu
96a37c7a80 Update avc error on ROM 8388849 am: 97326bf38b am: 6be9cbeb9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17530928

Change-Id: I97dc576a52d5c506889c338eca6c079ba68b3563
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 07:57:07 +00:00
sukiliu
02b322b273 Update avc error on ROM 8388849 am: 97326bf38b am: 2f95d1ab49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17530928

Change-Id: Iaabe48e01ac0c5534a2f920ab6638f2ed8948243
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 07:49:55 +00:00
sukiliu
6be9cbeb9a Update avc error on ROM 8388849 am: 97326bf38b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17530928

Change-Id: Ie3331c90cf0d2de60f38f694861e02ad1a8e6d5c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 07:36:44 +00:00
sukiliu
2f95d1ab49 Update avc error on ROM 8388849 am: 97326bf38b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17530928

Change-Id: I3cd290900175d9c80bd5035b028ec5e8754e8167
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 07:35:58 +00:00
sukiliu
97326bf38b Update avc error on ROM 8388849 
Bug: 221384939
Bug: 227694693
Bug: 227695036
Test: PtsSELinuxTestCases
Change-Id: I0768e29a0a162c6f568a5186602b01f1375a1ca5
 2022-04-01 11:55:09 +08:00
Android Build Coastguard Worker
2ddf4ee531 Snap for 8392174 from 4deaf937b6 to udc-release 
Change-Id: Iea04126725259851c3f4d9a3f32760c65aba3808
 2022-04-01 03:01:46 +00:00
Taesoon Park
22f957df9d Add permission to access vendor.ims property to vendor ims app am: 9211922e70 am: 45d538c645 am: 2db00c7973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17465256

Change-Id: Ia0c18c33a6dcb21204413d11d1f40c31e1e9cbf6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 02:39:09 +00:00
Taesoon Park
b215763c9c Add permission to access vendor.ims property to vendor ims app am: 9211922e70 am: 6409f46ba8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17465256

Change-Id: Ifb8229ab57ffdb15420d92f6f24c116a13573379
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 02:10:00 +00:00
Taesoon Park
2db00c7973 Add permission to access vendor.ims property to vendor ims app am: 9211922e70 am: 45d538c645 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17465256

Change-Id: Ica4a2c64a99687a9aec0289d338c5c93a973d3b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 02:09:36 +00:00
Taesoon Park
45d538c645 Add permission to access vendor.ims property to vendor ims app am: 9211922e70 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17465256

Change-Id: Ia3c34bb10d68af53a47e8939ffea389e6d57e542
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 01:45:59 +00:00
Taesoon Park
6409f46ba8 Add permission to access vendor.ims property to vendor ims app am: 9211922e70 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17465256

Change-Id: Ia93e4b9df47ac0e0cee17da277ba6c324cb0efab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 01:29:04 +00:00
Taesoon Park
9211922e70 Add permission to access vendor.ims property to vendor ims app 
Vendor IMS Service read a SystemProperty starts with
persist.vendor.ims prefix, but it does not have a permission to
access it.
This change create a permission to access the SystemProperties start
with 'persist.vendor.ims.' prefix from vendor ims service.

Bug: 204714230
Test: Test results in b/225430461#comment40 enabling the property

Signed-off-by: Taesoon Park <ts89.park@samsung.com>
Change-Id: Ied50f377a3069eac65836ea999dfe021f4e4ed5d
 2022-04-01 01:19:26 +00:00
chungkai
4deaf937b6 sched: move sysfs to procfs am: 2dc6f70afc am: a66699f706 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17500884

Change-Id: Id4547d16ca3ae61f6191afa78253c0308894baa3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 07:43:54 +00:00
chungkai
ec14f07ee1 sched: move sysfs to procfs am: 2dc6f70afc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17500884

Change-Id: I4910c36d52b42bd2e800890c34b19136587b4191
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 07:23:28 +00:00
chungkai
a66699f706 sched: move sysfs to procfs am: 2dc6f70afc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17500884

Change-Id: I003de1eea466f47583c97b19a730a967dd9aa251
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 07:23:26 +00:00
chungkai
2dc6f70afc sched: move sysfs to procfs 
Modify name from sysfs_vendor_sched to proc_vendor_sched

Test: without avc denial
Bug: 216207007
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ieb829e96ac1db2a1aa28fc416182450d128cac5c
 2022-03-31 07:00:20 +00:00
Ocean Chen
8557b1f255 sepolicy: add smart_idle_maint_enabled_prop for pixelstats am: b36cf348d0 am: 16f97b2c95 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149390

Change-Id: I10ef015dab9758032554bb829e2cbab1e3aa8e9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 03:47:28 +00:00
Ocean Chen
7a2a70daeb sepolicy: add smart_idle_maint_enabled_prop for pixelstats am: b36cf348d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149390

Change-Id: I17c3de914774d744b3b0d0e3000c96a840c1354b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 03:24:47 +00:00
Ocean Chen
16f97b2c95 sepolicy: add smart_idle_maint_enabled_prop for pixelstats am: b36cf348d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149390

Change-Id: If726e1e96c5ca8052e7a22e577695c1ae1cabef5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 03:24:37 +00:00
Ocean Chen
b36cf348d0 sepolicy: add smart_idle_maint_enabled_prop for pixelstats 
pixelstats get this sysprop hit the avc denied
persist.device_config.storage_native_boot.smart_idle_maint_enabled

pixelstats-vend: type=1400 audit(0.0:22): avc: denied { read }
for name="u:object_r:device_config_storage_native_boot_prop:s0"
dev="tmpfs" ino=171 scontext=u:r:pixelstats_vendor:s0
tcontext=u:object_r:device_config_storage_native_boot_prop:s0
tclass=file permissive=0

Bug: 215443809
Test: local build and run pixelstats

Signed-off-by: Ocean Chen <oceanchen@google.com>
Change-Id: Iedb4fa00c5e18cda6c799c3461bf8298bcf357eb
 2022-03-31 03:02:47 +00:00
Android Build Coastguard Worker
a7ee0c6e39 Snap for 8385452 from 0bffd8e27e to udc-release 
Change-Id: I235ad225ff3bbab5c8fdf08bf321efa4dd65bb31
 2022-03-31 03:01:27 +00:00
SalmaxChang
ab4d90eada hal_dumpstate_default: fix avc error am: 8e9be24a81 am: fbcc37b1d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17500885

Change-Id: I898ee93a3507aa62b6eabe2c009839cd1083cbe1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:47:41 +00:00
sukiliu
9a5163a2ef Update avc error on ROM 8374246 am: 6379865b9d am: 35f673409a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474502

Change-Id: Ibb2008de7b5970e4ddc230fbf3e4cc550d6c4f07
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:47:34 +00:00
sukiliu
04a04c81f4 Update avc error on ROM 8378382 am: 3d3ae38c43 am: ff32951fe8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474499

Change-Id: I282a2652658fa6235add430447d230f57d2bb039
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:47:26 +00:00
SalmaxChang
85617f4e3b hal_dumpstate_default: fix avc error am: 8e9be24a81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17500885

Change-Id: I2ace04d3dc6e7b52ab5160a98ba5ce9fd828e4aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:31:43 +00:00
sukiliu
78df243bdc Update avc error on ROM 8374246 am: 6379865b9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474502

Change-Id: I28555dc3f12ce0346fdb57727a41d6fb5ba61fd4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:31:21 +00:00
SalmaxChang
fbcc37b1d8 hal_dumpstate_default: fix avc error am: 8e9be24a81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17500885

Change-Id: I26c00f6bbda92ca9d6de26889bf3778539b9906b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:31:12 +00:00
sukiliu
35f673409a Update avc error on ROM 8374246 am: 6379865b9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474502

Change-Id: I999e0d343f0a6207c2a5e40b506164b8c287fb7d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:31:06 +00:00
sukiliu
ff32951fe8 Update avc error on ROM 8378382 am: 3d3ae38c43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474499

Change-Id: I1ea88e1320e697551c5991b1e5c320da9de1581e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:31:01 +00:00
sukiliu
4575970f13 Update avc error on ROM 8378382 am: 3d3ae38c43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474499

Change-Id: Ifcf3b73b6e9e6462da6b68e65ab651628c83f2c6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-31 02:30:52 +00:00
SalmaxChang
8e9be24a81 hal_dumpstate_default: fix avc error 
avc: denied { search } for comm="dumpstate@1.1-s" name="modem_stat" dev="dm-42" ino=328 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:modem_stat_data_file:s0 tclass=dir

Bug: 227424943
Change-Id: I44e2337129e814ed176ac270ae6c35e34089aa74
 2022-03-31 02:15:19 +00:00
sukiliu
6379865b9d Update avc error on ROM 8374246 
Bug: 227286343
Test: forrest with boot test
Change-Id: I44e32ac8d141dcb14c79ea4d8e78df3f88485dab
 2022-03-31 02:14:40 +00:00
sukiliu
3d3ae38c43 Update avc error on ROM 8378382 
Bug: 226850644
Test: PtsSELinuxTestCases
Change-Id: Ie6c6d8979dc63ebda7c699f10c2abb369a048ab0
 2022-03-31 02:14:00 +00:00
Ray Chi
0bffd8e27e Revert "add sepolicy for set_usb_irq.sh" am: 3fdb24bdc1 am: 7fd923942a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17464004

Change-Id: I9c34d1b9e08d710f349906ecd5b5e31d9598f4e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-30 05:18:11 +00:00
Ray Chi
7fd923942a Revert "add sepolicy for set_usb_irq.sh" am: 3fdb24bdc1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17464004

Change-Id: I4933c6dc9dd7af1daace0f1bcaf97106ba4700d2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-30 05:00:33 +00:00
Ray Chi
035c81b8df Revert "add sepolicy for set_usb_irq.sh" am: 3fdb24bdc1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17464004

Change-Id: I886d7f2afe80798d4166ee7a9edc7697bcf4c94e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-30 05:00:19 +00:00
Android Build Coastguard Worker
4463a593c5 Snap for 8378790 from e9cd4bb590 to udc-release 
Change-Id: Ic96dfd9d9e9bc6c58accc6bd4abcd0a2e37a154e
 2022-03-30 03:01:21 +00:00
Ray Chi
3fdb24bdc1 Revert "add sepolicy for set_usb_irq.sh" 
This reverts commit 6733f9667d.

Bug: 225789036
Test: build pass
Change-Id: If43c8db71c737d509b1dfd098503f564a06bf046
 2022-03-29 15:45:30 +08:00
Android Build Coastguard Worker
4473670bf3 Snap for 8373271 from a401f8c5ce to udc-release 
Change-Id: If53a65e3cfeedb6b54b3b81873f3372a911fd76c
 2022-03-29 03:01:23 +00:00
Kris Chen
e9cd4bb590 Allow hal_fingerprint_default to access sysfs_display am: 32f2e4b0e7 am: 659f0ab560 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17395784

Change-Id: Ib1f08385f2b24a3371c5641ffa9e0bca9a36f1bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-29 02:07:21 +00:00
Kris Chen
659f0ab560 Allow hal_fingerprint_default to access sysfs_display am: 32f2e4b0e7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17395784

Change-Id: Iecf25951e071664241e33b73583af1fbe27b83f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-29 02:06:05 +00:00
Kris Chen
72403141aa Allow hal_fingerprint_default to access sysfs_display am: 32f2e4b0e7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17395784

Change-Id: Ib80d12143916976b7f9617773e1e2d0f95a84466
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-29 02:05:35 +00:00
Kris Chen
32f2e4b0e7 Allow hal_fingerprint_default to access sysfs_display 
Fix the following avc denial:
avc: denied { read } for name="panel_name" dev="sysfs" ino=71133 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=0

Bug: 223687187
Test: build and test fingerprint on device.
Change-Id: Ief1ccc7e2fa6b8b4dc1ecbd6d446cc49ee3936ce
 2022-03-29 01:39:32 +00:00
Minchan Kim
a401f8c5ce sepolicy: allow dump page_pinner am: 3496931400 am: 145aa1f2bd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17410608

Change-Id: I1e444e504418fa9a3eceb8cb24b7cb581f12513d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 17:24:18 +00:00
Minchan Kim
145aa1f2bd sepolicy: allow dump page_pinner am: 3496931400 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17410608

Change-Id: I77ebf664d28637f578151faef02c8bc7f4406a54
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 16:53:30 +00:00
Minchan Kim
56fb8cb807 sepolicy: allow dump page_pinner am: 3496931400 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17410608

Change-Id: Id4385572ff9f2fc059d351c817a764f5a4f0574d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 16:53:16 +00:00
Minchan Kim
3496931400 sepolicy: allow dump page_pinner 
Provide necessary sepolicy for dumpreport to access page_pinner
information in /sys/kernel/debug/page_pinner/{longterm_pinner,
alloc_contig_failed}

Bug: 226956571
Test: Run "adb bugreport <zip>" and verify it contains the output
      from page_pinner.
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I7b00d4930fbaa2061537cd8c84616c1053c829cf
 2022-03-28 16:35:02 +00:00
Adam Shih
1a3c271d6b update error on ROM 8365560 am: 5cc8837eb6 am: c94cff952d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17395798

Change-Id: I1a461593232938ad4729bc453e08e3cfe7024e7d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 05:24:38 +00:00
Adam Shih
c94cff952d update error on ROM 8365560 am: 5cc8837eb6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17395798

Change-Id: I59263d45b9c7a57dc32ef7f5219afa81aec61c4b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 05:08:12 +00:00
Adam Shih
14f5e47200 update error on ROM 8365560 am: 5cc8837eb6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17395798

Change-Id: I97e7b5e9675b31b9379816fa8d3e0878af42b8f4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 05:07:59 +00:00
Adam Shih
5cc8837eb6 update error on ROM 8365560 
Bug: 227121550
Bug: 227122249
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Iab96c7644e6c99d700a5f7b42fba30032d3624b7
 2022-03-28 10:59:04 +08:00
Omer Osman
734e18e250 Add hidraw device and Dynamic Sensor SE Linux policy am: e5cc5f7937 am: afdb7f17b7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17286308

Change-Id: If4bd2041a3aafa36403e1d57407996337fed397f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 02:28:05 +00:00
Omer Osman
afdb7f17b7 Add hidraw device and Dynamic Sensor SE Linux policy am: e5cc5f7937 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17286308

Change-Id: Ia839f8717dc2a44d3bfd52077a471f6f301fc413
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 02:05:25 +00:00
Omer Osman
f79916c309 Add hidraw device and Dynamic Sensor SE Linux policy am: e5cc5f7937 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17286308

Change-Id: I05d2debd765c63b99ecf9c66d91782dbc842ca43
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 02:05:20 +00:00
Omer Osman
e5cc5f7937 Add hidraw device and Dynamic Sensor SE Linux policy 
Test: Incoming HID data from Pixel Buds

Change-Id: I77489100e13d892fb7d3a7cee9734de044795dec
 2022-03-27 23:26:29 +00:00
Android Build Coastguard Worker
fc85049fe7 Snap for 8362880 from a938018ae5 to udc-release 
Change-Id: I2d53f5eb81dd546cfb0bf3ba2c3a05f65941765f
 2022-03-26 05:06:31 +00:00
Lucas Wei
a938018ae5 Label vendor_kernel_boot with boot_block_device for OTA updating am: ab9ec22267 am: 793e41d11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291643

Change-Id: Ic763ff0873d5eecc43eaa6de5f37741d945c7e3d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 09:26:33 +00:00
Lucas Wei
cb6545146a Label vendor_kernel_boot with boot_block_device for OTA updating am: ab9ec22267 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291643

Change-Id: I866f30a7ebd0aed08b44da70a2638b6f59cf8e38
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 09:11:37 +00:00
Lucas Wei
793e41d11d Label vendor_kernel_boot with boot_block_device for OTA updating am: ab9ec22267 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291643

Change-Id: I7228a6bdb0b5c931f0fc06a3b38d67d7666e0a3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 09:11:27 +00:00
Lucas Wei
ab9ec22267 Label vendor_kernel_boot with boot_block_device for OTA updating 
Label with boot_block_device to allow further operations on
vendor_kernel_boot including OTA updating.

This is required for update_engine to be able to write to
vendor_kernel_boot on builds that are enforcing sepolicy.

Bug: 214409109
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: If239690ee168ecfd5c5b755451e389a4523c79b8
 2022-03-25 08:55:00 +00:00
Darren Hsu
b877b6e9e1 Allow hal_power_stats to read sysfs_aoc_dumpstate am: 85710448f3 am: 9d05616fa8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17351092

Change-Id: I08b51dab7e91df001682d6c4cc77b7bd3ed42f15
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 07:44:40 +00:00
Darren Hsu
cfad5ee6a1 Allow hal_power_stats to read sysfs_aoc_dumpstate am: 85710448f3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17351092

Change-Id: I7b7048296e3304eae213939e5648e20039e9acd0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 07:19:34 +00:00
Darren Hsu
9d05616fa8 Allow hal_power_stats to read sysfs_aoc_dumpstate am: 85710448f3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17351092

Change-Id: I6913af827f44b7098c26ffd9f56d1e7f98c36d7c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 07:19:16 +00:00
Darren Hsu
85710448f3 Allow hal_power_stats to read sysfs_aoc_dumpstate 
avc: denied { read } for comm="android.hardwar" name="restart_count"
dev="sysfs" ino=72823 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs_aoc_dumpstate:s0 tclass=file permissive=0

Bug: 226173008
Test: check bugreport without avc denials
Change-Id: I35d886dd05fdad821e38810fd848c7f451893e3f
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-25 06:59:34 +00:00
Android Build Coastguard Worker
8e93f58a21 Snap for 8355292 from 2df9c1b75b to udc-release 
Change-Id: I178d0252e20d418ed44223a20cf259a3895402b3
 2022-03-25 03:01:26 +00:00
Ted Lin
cb078be9f0 Remove the tracking for vendor_battery_defender am: 4b75aab4b8 am: 9c59b398db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342324

Change-Id: I358c8178c3f29a5141e2d4fdf58dc657eb77ba40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 02:26:25 +00:00
Ted Lin
9c59b398db Remove the tracking for vendor_battery_defender am: 4b75aab4b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342324

Change-Id: If643013008f26e6c890d9a43f2d7c4ef177eac68
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 02:02:52 +00:00
Ted Lin
f504cca79a Remove the tracking for vendor_battery_defender am: 4b75aab4b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342324

Change-Id: If12f9cabf9900d4492d7e405f4ed877f2f3f2ae3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 02:02:33 +00:00
Ted Lin
4b75aab4b8 Remove the tracking for vendor_battery_defender 
The function is disabled.

Bug: 221384939
Test: adb bugreport
Change-Id: If8e8b8165329eb9ede86cb62f419a8cf06abb536
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-03-25 01:37:03 +00:00
Chris Kuiper
e20b8b0bde Add rules to allow Sensor HAL write access to als_table am: 967571ee60 am: f5453f84aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17368888

Change-Id: I3ab1b246c094f1438b8bcf6bb4d167dd33872068
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 00:39:23 +00:00
Chris Kuiper
f5453f84aa Add rules to allow Sensor HAL write access to als_table am: 967571ee60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17368888

Change-Id: I8ddfebc5b8febe09cb48cb58f7f2ed9ee74386d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 00:21:03 +00:00
Chris Kuiper
ffebbdcd34 Add rules to allow Sensor HAL write access to als_table am: 967571ee60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17368888

Change-Id: Id038f0254f2c69e917c88cb2da0aa8f47b6861f5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-25 00:20:47 +00:00
Chris Kuiper
967571ee60 Add rules to allow Sensor HAL write access to als_table 
Sensor HAL needs write access to
/sys/class/backlight/panel0-backlight/als_table.

Bug: 226435017
Test: Observing logs
Change-Id: Idb592d601b92c6814493e0d28384e1013935b72f
 2022-03-25 00:00:19 +00:00
chungkai
2df9c1b75b sched: move sysfs to procfs am: 4fa67857c3 am: 9bff8c59b6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17346963

Change-Id: I673097342a9c61b74b5dab7e7758ff2c12a92172
 2022-03-24 18:35:30 +00:00
chungkai
9bff8c59b6 sched: move sysfs to procfs am: 4fa67857c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17346963

Change-Id: Ib855e5bdf15d24defa55f3b548144fd31ed96ecb
 2022-03-24 18:16:44 +00:00
chungkai
3eba3a1004 sched: move sysfs to procfs am: 4fa67857c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17346963

Change-Id: I9152300c03241a0f025002c8325298b2412bbae4
 2022-03-24 18:16:44 +00:00
chungkai
4fa67857c3 sched: move sysfs to procfs 
Modify name from sysfs_vendor_sched to proc_vendor_sched

Test: without avc denial
Bug: 216207007
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I96dc6eb76dd533ff6fd54c27be7e4bc32bf5dbc7
 2022-03-24 17:44:37 +00:00
Holmes Chou
baf62054ef camera: use codename for camera modules am: e0b06b9cbd am: 15a914dbc1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071590

Change-Id: I5326b73fcb3cfc1f5cbc8aef0568116fe6996c9f
 2022-03-24 14:00:24 +00:00
Holmes Chou
15a914dbc1 camera: use codename for camera modules am: e0b06b9cbd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071590

Change-Id: Ibb0e4a61baff6e2d9e405afdb29494a0263e1559
 2022-03-24 13:38:18 +00:00
Holmes Chou
91e48d04e6 camera: use codename for camera modules am: e0b06b9cbd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071590

Change-Id: I316371a838cb4ed83103a9be3675bae736a6e570
 2022-03-24 13:38:04 +00:00
Holmes Chou
e0b06b9cbd camera: use codename for camera modules 
use codename for camera modules
Bug: 209866857
Test: GCA, adb logcat

Change-Id: I55f6998d18a904c83ecdf328d1b0e5ca6a01427f
 2022-03-24 13:11:16 +00:00
Ted Lin
f07365851f hal_health_default: Fix avc denials am: 0adad90ab6 am: 213dd940ff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342323

Change-Id: I365f5883dcc1e1cc00b70881cbb299079129bc65
 2022-03-24 06:16:42 +00:00
Ted Lin
213dd940ff hal_health_default: Fix avc denials am: 0adad90ab6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342323

Change-Id: I8f57a0ab56e2d11109c6a65084983499ab1bd787
 2022-03-24 05:53:09 +00:00
Ted Lin
01fd681875 hal_health_default: Fix avc denials am: 0adad90ab6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342323

Change-Id: I5aa66b895e116b4336e9b1501441727ae09580cd
 2022-03-24 05:52:55 +00:00
Ted Lin
0adad90ab6 hal_health_default: Fix avc denials 
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2270): avc: denied { search } for name="thermal" dev="tmpfs" ino=1028 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2271): avc: denied { search } for name="thermal" dev="sysfs" ino=16790 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2273): avc: denied { open } for path="/sys/devices/virtual/thermal/thermal_zone13/mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2272): avc: denied { write } for name="mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1

Bug:208721638
Test: adb bugreport
Change-Id: I4d9491862ff1bcc88f89b1478497ac569e3d1df1
Signed-off-by: Ted Lin <tedlin@google.com>
(cherry picked from commit 5b6a5292c3)
 2022-03-24 05:26:09 +00:00
Adam Shih
a64c706300 enforce debugfs constraint on userdebug build am: de2696eb72 am: fcae230ef4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342326

Change-Id: I08077c437eec9024573b416c8782f75e33d9f74e
 2022-03-24 04:39:43 +00:00
Adam Shih
fcae230ef4 enforce debugfs constraint on userdebug build am: de2696eb72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342326

Change-Id: I2008bde5b787053f818a58452f629e5bee8e8ced
 2022-03-24 04:12:13 +00:00
Adam Shih
3244ceef37 enforce debugfs constraint on userdebug build am: de2696eb72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17342326

Change-Id: I9017b4539131e88f31580127042cf26908137aed
 2022-03-24 04:10:57 +00:00
Android Build Coastguard Worker
987e3ec9d0 Snap for 8347200 from 287a45f6fd to udc-release 
Change-Id: I82f18ad65741babc77d0c385f10773e12f1f949c
 2022-03-24 03:01:21 +00:00
Adam Shih
de2696eb72 enforce debugfs constraint on userdebug build 
Bug: 225815474
Test: build pass
Change-Id: If9e32d4b67c342b56eea39701518a520a62df199
 2022-03-24 01:05:18 +00:00
Yabin Cui
287a45f6fd [automerger skipped] Add SOC specific ETM sysfs paths am: 02c1ef8b85 am: f387f3dcd3 -s ours 
am skip reason: Merged-In I10c8d250cf88b371ee573561d6678fc24f4e440c with SHA-1 02c1ef8b85 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17324045

Change-Id: If8737a8f9e654963177c42525323f027db12c1eb
 2022-03-23 20:24:44 +00:00
Yabin Cui
045878aa5a [automerger skipped] Add SOC specific ETM sysfs paths am: 02c1ef8b85 -s ours 
am skip reason: Merged-In I10c8d250cf88b371ee573561d6678fc24f4e440c with SHA-1 278d110fba is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17324045

Change-Id: If8f338bccdb77ccd0cfce338e52f9870996c9dfd
 2022-03-23 20:09:10 +00:00
Yabin Cui
f387f3dcd3 Add SOC specific ETM sysfs paths am: 02c1ef8b85 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17324045

Change-Id: I0e5889c043eaea6827d91423c3adfc14073ea289
 2022-03-23 20:07:38 +00:00
Yabin Cui
02c1ef8b85 Add SOC specific ETM sysfs paths 
Bug: 225403280
Test: run profcollectd on c10
Change-Id: I10c8d250cf88b371ee573561d6678fc24f4e440c
Merged-In: I10c8d250cf88b371ee573561d6678fc24f4e440c
 2022-03-23 19:45:48 +00:00
George Lee
586c4699e9 [automerger skipped] health: Grant sysfs_thermal access to health am: 17981f9fc0 am: 8e5d012c72 -s ours 
am skip reason: Merged-In I4d9491862ff1bcc88f89b1478497ac569e3d1df1 with SHA-1 5b6a5292c3 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17312309

Change-Id: I08f32a1b663a40921528dabb26e285a6db7ea58d
 2022-03-23 05:47:32 +00:00
SalmaxChang
704954b7dd modem_svc_sit: fix avc error am: ae6f085676 am: 13a0910c39 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17314904

Change-Id: I0a71f49dc8d028d60a77bd2e9c5c31402323a28c
 2022-03-23 05:47:25 +00:00
SalmaxChang
70a614ec80 vendor_init: fix avc error am: 6dd3de7813 am: a40641f2da 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291644

Change-Id: Idff086bac5ca7eb1a2bfa7b0d09705e5f555dd72
 2022-03-23 05:47:17 +00:00
George Lee
8e5d012c72 health: Grant sysfs_thermal access to health am: 17981f9fc0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17312309

Change-Id: I88cc6908a9d5062b815f077b8e6c9cb38067d1ce
 2022-03-23 05:33:21 +00:00
George Lee
644a47d5a4 [automerger skipped] health: Grant sysfs_thermal access to health am: 17981f9fc0 -s ours 
am skip reason: Merged-In I4d9491862ff1bcc88f89b1478497ac569e3d1df1 with SHA-1 5b6a5292c3 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17312309

Change-Id: Ibffa6cda778adf0b1a3509e3590c355f61bac5b8
 2022-03-23 05:33:07 +00:00
SalmaxChang
13a0910c39 modem_svc_sit: fix avc error am: ae6f085676 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17314904

Change-Id: I3ae7e26013ec250818fee64adedf5e0b568e50c7
 2022-03-23 05:33:06 +00:00
SalmaxChang
a40641f2da vendor_init: fix avc error am: 6dd3de7813 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291644

Change-Id: I58b4e5d1a0bf09666a0f852f2567605ca021cc1a
 2022-03-23 05:33:01 +00:00
SalmaxChang
3ae795cf8b modem_svc_sit: fix avc error am: ae6f085676 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17314904

Change-Id: I0962f68685aaabc68f74fd001c2b5edcc92ac10e
 2022-03-23 05:33:00 +00:00
SalmaxChang
cf09620f3c vendor_init: fix avc error am: 6dd3de7813 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291644

Change-Id: Ic7d9db340241626de5f9852e4ddc01bbf6c8b84b
 2022-03-23 05:32:52 +00:00
George Lee
17981f9fc0 health: Grant sysfs_thermal access to health 
health-service has trouble accessing /dev/thermal.  This change fixes
this.

Bug: 226009696
Test: dev/thermal/tz-by-name/soc/mode error:Permission denied no longer
exist
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I8d112cb12f3aeb1c8d5433ca69415d0413f070a2
Merged-In: I4d9491862ff1bcc88f89b1478497ac569e3d1df1
 2022-03-23 05:30:33 +00:00
SalmaxChang
ae6f085676 modem_svc_sit: fix avc error 
avc: denied { write } for comm="modem_svc_sit" name="modem_stat" dev="dm-46" ino=333 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 225149029
Change-Id: Id1045d9488a200b6c64abbe02cf5e65926ba0203
 2022-03-23 05:13:29 +00:00
Android Build Coastguard Worker
b923009446 Snap for 8340981 from 278d110fba to udc-release 
Change-Id: I3fa4fca0ffb463841ed3c211b865a0803f0b6a03
 2022-03-23 03:01:11 +00:00
Yabin Cui
278d110fba Add SOC specific ETM sysfs paths 
Bug: 225403280
Test: run profcollectd on c10
Change-Id: I10c8d250cf88b371ee573561d6678fc24f4e440c
 2022-03-22 16:53:23 +00:00
SalmaxChang
6dd3de7813 vendor_init: fix avc error 
avc: denied { getattr } for comm="init" name="/" dev="sda19" ino=2 scontext=u:r:vendor_init:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=0

Bug: 225151104
Change-Id: I508aa6b85039edc4b5a8746aaa602f1131768630
 2022-03-22 07:57:59 +00:00
Kris Chen
b89f8faaca Allow hal_fingerprint_default to access fwk_sensor_hwservice am: 997b8974ef am: 3d1c17ffd7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17288686

Change-Id: Iad8b3eec7c5c9abc23d2df8d09e4b9b3e7b59ccb
 2022-03-22 04:15:55 +00:00
Kris Chen
3d1c17ffd7 Allow hal_fingerprint_default to access fwk_sensor_hwservice am: 997b8974ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17288686

Change-Id: If57f3542180e8e0af17351c50415a8bab57306e5
 2022-03-22 03:59:58 +00:00
Kris Chen
a312c79491 Allow hal_fingerprint_default to access fwk_sensor_hwservice am: 997b8974ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17288686

Change-Id: I68502cce84067dd230bec8e4b02491b5f6bb79fd
 2022-03-22 03:59:50 +00:00
Peter Csaszar
0f9c31fb33 [automerger skipped] pixel-selinux: Port PRO SJTAG policies to tm-dev am: 466adbb2da am: 0b35cf6a3b -s ours 
am skip reason: Merged-In I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff with SHA-1 4041f814be is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17299051

Change-Id: I89786ea8bd4d67e255a1c03f41fea2dbc57912a6
 2022-03-22 03:52:39 +00:00
Roshan Pius
db3c865121 gs-policy: Remove obsolete uwb vendor service rules am: 046601d414 am: d8a25b0f0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17294749

Change-Id: I662ee5a78965812848a52ecb7afbf2a57c017549
 2022-03-22 03:52:15 +00:00
Kris Chen
997b8974ef Allow hal_fingerprint_default to access fwk_sensor_hwservice 
Fix the following avc denial:
avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_fingerprint_default:s0 pid=1258 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 197789721
Test: build and test fingerprint on device.
Change-Id: I7494f28e69e5a1b660dc7fbaa528b1088048723b
(cherry picked from commit 9b54bf3665abce7a6f5f5df22069a8ef081ad80e)
 2022-03-22 03:39:35 +00:00
Peter Csaszar
0b35cf6a3b pixel-selinux: Port PRO SJTAG policies to tm-dev am: 466adbb2da 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17299051

Change-Id: If1cc0d3afa539a104b2ad99b9bebdc18c98bd622
 2022-03-22 03:30:37 +00:00
Peter Csaszar
a2a1b7f0a2 [automerger skipped] pixel-selinux: Port PRO SJTAG policies to tm-dev am: 466adbb2da -s ours 
am skip reason: Merged-In I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff with SHA-1 4041f814be is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17299051

Change-Id: Ie53882049dae4879e6420ede4961e83681bd0905
 2022-03-22 03:30:31 +00:00
Roshan Pius
d8a25b0f0c gs-policy: Remove obsolete uwb vendor service rules am: 046601d414 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17294749

Change-Id: If87ae2d622842f33f4d71568fcf8918847762ee3
 2022-03-22 03:30:17 +00:00
Roshan Pius
8eae925778 gs-policy: Remove obsolete uwb vendor service rules am: 046601d414 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17294749

Change-Id: I5562c289af945a110b2be5280170e0a5b948f6b4
 2022-03-22 03:29:57 +00:00
Peter Csaszar
466adbb2da pixel-selinux: Port PRO SJTAG policies to tm-dev 
These are the SELinux policies for the sysfs files of the SJTAG
kernel interface for WHI-PRO-based devices, now migrated to the
tm-dev branch. The files are in the following directories:

  /sys/devices/platform/sjtag_ap/interface/
  /sys/devices/platform/sjtag_gsa/interface/

Bug: 207571417
Bug: 224022297
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Merged-in: I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff
Change-Id: I56da5763c31ab098859cbc633660897646fe7f3e
 2022-03-22 03:17:40 +00:00
Android Build Coastguard Worker
756b857e19 Snap for 8333853 from a494fa5a99 to udc-release 
Change-Id: I6e3ae965dd89310e1a1e51cd3bd0f298bef16019
 2022-03-22 03:01:13 +00:00
Roshan Pius
046601d414 gs-policy: Remove obsolete uwb vendor service rules 
This service no longer exists in the UCI stack.

Bug: 186585880
Test: Manual UWB tests
Change-Id: I279824be6f51470364ad61833b797aa23cbea859
 2022-03-21 09:18:28 -07:00
Sam Dubey
a494fa5a99 Temporarily don't audit init for modem_img_file am: b92095e322 am: c84e42d3c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17268031

Change-Id: I654b3a8013673c61336f52bcc40dcfdd9eda7c70
 2022-03-21 09:01:09 +00:00
Sam Dubey
c84e42d3c9 Temporarily don't audit init for modem_img_file am: b92095e322 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17268031

Change-Id: Ib2e377cc811fb8f4a589fb184b8c0dd12bf8be2b
 2022-03-21 08:43:21 +00:00
Sam Dubey
b5d69e961f Temporarily don't audit init for modem_img_file am: b92095e322 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17268031

Change-Id: Ica96cf300d8b47387c95220e5571118c8d2789c2
 2022-03-21 08:41:15 +00:00
Mason Wang
500e7624e9 vendor_init: Fix touch avc denial of high_sensitivity. 
Fixed following avc denial:
avc: denied { write } for name="high_sensitivity" dev="proc" ino=4026534550 scontext=u:r:vendor_init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1
//The file node is proc/focaltech_touch/high_sensitivity


Bug: 199105136
Test: Verify pass by checking device log are w/o above errors while
switching setting/display/increase touch sensitivity.

Change-Id: I8dbe4190056767407413082580320593292725fe
 2022-03-21 07:32:49 +00:00
Sam Dubey
b92095e322 Temporarily don't audit init for modem_img_file 
Change-Id: I2c9c788119b20b8a37e71a971997f16a7fe6165b
Fix: 225279974
 2022-03-21 04:42:13 +00:00
yixuanjiang
22cbebd97a audio: sync aocdump setting from gs101 am: 9206ceb227 am: 5143119a16 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17248005

Change-Id: I2e1c65a30673c6327ea53b31f7d3904c16ff365f
 2022-03-21 03:01:58 +00:00
yixuanjiang
5143119a16 audio: sync aocdump setting from gs101 am: 9206ceb227 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17248005

Change-Id: Id7c3c9f2606fe13023a72744230adc6c7ebcc66b
 2022-03-21 02:26:21 +00:00
yixuanjiang
322733ed38 audio: sync aocdump setting from gs101 am: 9206ceb227 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17248005

Change-Id: I10e973862521a98a6e6c75781f1c474390eed175
 2022-03-21 02:25:56 +00:00
yixuanjiang
9206ceb227 audio: sync aocdump setting from gs101 
Bug: 225309469
Test: local
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: Ia9be16c74de666c945d76ca514423b030c0f90d0
 2022-03-21 02:08:55 +00:00
Android Build Coastguard Worker
f3c716953f Snap for 8323526 from 2af25c514e to udc-release 
Change-Id: Ibd6492dec65b98a2f9830c7a93295236fecf9aef
 2022-03-19 05:06:25 +00:00
Mason Wang
2af25c514e [automerger skipped] vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] am: 296823785d am: ae166c90eb -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17229066

Change-Id: I268608821e39e87d3b7a5b86a9bc5e2724f1a998
 2022-03-18 06:44:24 +00:00
Mason Wang
ae166c90eb vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] am: 296823785d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17229066

Change-Id: I5fd10c80b5a1911818334615c4c900b858a4dae7
 2022-03-18 06:22:19 +00:00
Mason Wang
4891389afe [automerger skipped] vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] am: 296823785d -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17229066

Change-Id: I00d0b00c5564091bfce7b1b05ea3d69cfb681875
 2022-03-18 06:21:38 +00:00
Android Build Coastguard Worker
732a485c4a Snap for 8318243 from 937f5cec07 to udc-release 
Change-Id: If0093dfbe89ea3ae3b70a57727357a643c35c113
 2022-03-18 03:01:23 +00:00
Mason Wang
296823785d vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] 
Fixed following avc denial:
avc: denied { write } for name="high_sensitivity" dev="proc" ino=4026534550 scontext=u:r:vendor_init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1
//The file node is proc/focaltech_touch/high_sensitivity


Bug: 199105136
Test: Verify pass by checking device log are w/o above errors while
switching setting/display/increase touch sensitivity.

Change-Id: I8dbe4190056767407413082580320593292725fe
 2022-03-17 10:01:37 +00:00
George Lee
937f5cec07 health: Add sysfs_thermal access am: 2cc598cc9b am: 6548900ffe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17164869

Change-Id: Ia5bf090927849d2949470fc51fac34c3c8c9ede8
 2022-03-17 06:31:45 +00:00
George Lee
6548900ffe health: Add sysfs_thermal access am: 2cc598cc9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17164869

Change-Id: I92b98ee674757c4f68ea5626bff3ac9e18d9df93
 2022-03-17 05:27:52 +00:00
George Lee
c73fa1acfe health: Add sysfs_thermal access am: 2cc598cc9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17164869

Change-Id: I2d335b082919b55a430782de9b79f7037a846af1
 2022-03-17 05:27:23 +00:00
George Lee
2cc598cc9b health: Add sysfs_thermal access 
health-service has trouble accessing /dev/thermal.  This change fixes
this.

Bug: 223928339
Test: dev/thermal/tz-by-name/soc/mode error:Permission denied no longer
exist
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I6077e841d179b6cda50d578e584dd249ce970db0
 2022-03-17 04:55:59 +00:00
Android Build Coastguard Worker
ec6b21fa1c Snap for 8310672 from e0c07357d8 to udc-release 
Change-Id: Ieae26308bd07b6b06c8df5202aaa0197308c82e1
 2022-03-17 03:01:08 +00:00
Adam Shih
e0c07357d8 reject mnt_vendor_file access in user ROM am: bedd866505 am: 66f8cc7ba0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213986

Change-Id: I9a957138941a2791e2a293942b32c0a059232bda
 2022-03-16 09:55:13 +00:00
Adam Shih
66f8cc7ba0 reject mnt_vendor_file access in user ROM am: bedd866505 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213986

Change-Id: Id9efbf8949047e65c36ccf33a465189aa3be6302
 2022-03-16 09:29:29 +00:00
Adam Shih
22e6a7bfbf reject mnt_vendor_file access in user ROM am: bedd866505 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213986

Change-Id: Ia7298a8cf2cb6a601fd86ff2ab640e6b69aa92b8
 2022-03-16 09:29:16 +00:00
Adam Shih
bedd866505 reject mnt_vendor_file access in user ROM 
Bug: 224429437
Test: android.security.cts.SELinuxHostTest#testNoBugreportDenials
Change-Id: I318f11866f7b9c6cc0b7ecf151f789f35ab290cd
 2022-03-16 14:08:09 +08:00
Android Build Coastguard Worker
db9777e087 Snap for 8305076 from 5133ffe91f to udc-release 
Change-Id: I3e150ef09e23609d39c0cec69f84625d6e2b7110
 2022-03-16 03:01:21 +00:00
Denny cy Lee
5133ffe91f Sepolicy: add pixelstats/HardwareInfo sepolicy am: 38c2803c54 am: cf97709e3e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118585

Change-Id: I4b166d6ca643ecd09329c6f5ee193556bc998367
 2022-03-15 03:40:06 +00:00
Darren Hsu
3b308e0f73 sepolicy: reorder genfs labels for system suspend am: 6d25430600 am: ef2662e4b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149073

Change-Id: Id0bbcf19bf7bb4f99467e4cc708d48d0d435f30c
 2022-03-15 03:39:57 +00:00
Denny cy Lee
cf97709e3e Sepolicy: add pixelstats/HardwareInfo sepolicy am: 38c2803c54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118585

Change-Id: I4188f44a34d19106ddfa4664d38e0950a4d9dcfc
 2022-03-15 03:16:24 +00:00
Denny cy Lee
1c087c848d Sepolicy: add pixelstats/HardwareInfo sepolicy am: 38c2803c54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118585

Change-Id: Ida863d602f166dddecfd540eb354c38a8ebd0c09
 2022-03-15 03:16:12 +00:00
Darren Hsu
ef2662e4b8 sepolicy: reorder genfs labels for system suspend am: 6d25430600 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149073

Change-Id: I1d560b9316d343a6354704b1602643880fd20882
 2022-03-15 03:15:39 +00:00
Darren Hsu
356fb92bb2 sepolicy: reorder genfs labels for system suspend am: 6d25430600 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149073

Change-Id: Id01fb5bad47786a03ef5562f14d7df6dc6856448
 2022-03-15 03:15:02 +00:00
Denny cy Lee
38c2803c54 Sepolicy: add pixelstats/HardwareInfo sepolicy 
avc denials to fix (after apply ag/17120763)
[   50.171564] type=1400 audit(1647222380.884:28): avc: denied { read } for comm="pixelstats-vend" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
[   54.519375] type=1400 audit(1647222385.228:29): avc: denied { read } for comm="id.hardwareinfo" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 app=com.google.android.hardwareinfo

Bug: 222019890
Test: manually check debug logcat
Change-Id: I0e4f3f3a66783383b0d1327cec4dcd145ae9a7af
 2022-03-15 03:09:18 +00:00
Android Build Coastguard Worker
d337a336d7 Snap for 8298132 from e1e3f59a21 to udc-release 
Change-Id: I7622775678a5fffc5347d0b16f182171fcc9dd89
 2022-03-15 03:01:10 +00:00
Darren Hsu
6d25430600 sepolicy: reorder genfs labels for system suspend 
Bug: 223683748
Test: check bugreport without relevant avc denials
Change-Id: I295d3dfb96cc87e8faaf16f949918445cc3a0d44
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-15 02:52:48 +00:00
Roshan Pius
e1e3f59a21 gs-sepolicy(uwb): Changes for new UCI stack am: c5710ad18e am: 54840dce7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17002833

Change-Id: I5da7f3dd9988bb379e2e4c96249ff45a3bda18ac
 2022-03-14 17:04:08 +00:00
Roshan Pius
459f4ce3aa gs-sepolicy(uwb): Allow uwb hal permission to net_admin am: 5ddc8be4f4 am: b27000aab9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17092573

Change-Id: I71ed20b827e1f8729f77795543fc7c964562b550
 2022-03-14 17:03:53 +00:00
Roshan Pius
54840dce7d gs-sepolicy(uwb): Changes for new UCI stack am: c5710ad18e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17002833

Change-Id: Ie20b0208354b16ebd1da8b5334836fad50adbe1a
 2022-03-14 16:40:52 +00:00
Roshan Pius
a0c6282ebe gs-sepolicy(uwb): Changes for new UCI stack am: c5710ad18e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17002833

Change-Id: I3c21d7203b751ca6a7bed8f231b9f19f2d7d6173
 2022-03-14 16:40:48 +00:00
Roshan Pius
b27000aab9 gs-sepolicy(uwb): Allow uwb hal permission to net_admin am: 5ddc8be4f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17092573

Change-Id: Ie187d9ecdea4c00c4f08bd2d1dea82ce3ffd9a5e
 2022-03-14 16:40:40 +00:00
Roshan Pius
72007fbc44 gs-sepolicy(uwb): Allow uwb hal permission to net_admin am: 5ddc8be4f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17092573

Change-Id: I283505cd2a3a50810b546fa3345aa63b7a0222da
 2022-03-14 16:40:37 +00:00
Roshan Pius
c5710ad18e gs-sepolicy(uwb): Changes for new UCI stack 
1. Rename uwb vendor app.
2. Rename uwb vendor HAL binary name & service name.
3. Allow vendor HAL to host the AOSP UWB HAL service.
4. Allow NFC HAL to access uwb calibration files.

Bug: 186585880
Bug: 204718220
Bug: 206045367
Test: Manual Tests
Change-Id: Ib0456617d0f5cf116d11a9412f47f36e2b8df570
 2022-03-14 16:09:02 +00:00
Roshan Pius
5ddc8be4f4 gs-sepolicy(uwb): Allow uwb hal permission to net_admin 
This was alloed under gs101-sepolicy. There is an ongoing discussion on
how to resolve this for the long term in b/190461440. But, without this
uwb functionality is broken on new devices.

Bug: 206045367
Bug: 222194886
Change-Id: I6729352f2b7bb93b01990a790e62aa69f60342fe
 2022-03-14 16:09:02 +00:00
Tim Lin
c325ec9aca ril: dump radio hal from user build. am: e42c7120dd am: a5cb956b5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17155484

Change-Id: I64ff1017c167076c42f93be7475a21842a325953
 2022-03-14 11:51:05 +00:00
Tim Lin
a5cb956b5a ril: dump radio hal from user build. am: e42c7120dd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17155484

Change-Id: I4b32ed5c0e662d424eb562589a9cf5b38ca04a1a
 2022-03-14 11:17:19 +00:00
Tim Lin
f4de3d67e9 ril: dump radio hal from user build. am: e42c7120dd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17155484

Change-Id: I65afb8a98149d2e782edd16bbbf2ccc4eb456a67
 2022-03-14 11:17:12 +00:00
Tim Lin
e42c7120dd ril: dump radio hal from user build. 
To get radio hal debug info on user build as we do on previous Pixels.

Bug: 221391981
Test: Trigger bugreport on USERDEBUG with dumpstate.unroot set
to true and check IRadio log

Change-Id: I354d5770272b518761db4aab8da726de97e472bb
 2022-03-14 10:49:07 +00:00
Chungjui Fan
82efa59fb5 sepolicy: allow fastbootd to access gsc device node am: e02f501377 am: a0f0f1e049 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17157683

Change-Id: I8e6d53c215fa9129db2030c011895924456d8a28
 2022-03-14 05:39:42 +00:00
Chungjui Fan
b68cbdf4c8 sepolicy: allow fastbootd to access gsc device node am: e02f501377 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17157683

Change-Id: I7a81fba2eb15464614d294d7aaf5e5667b57e665
 2022-03-14 05:18:51 +00:00
Chungjui Fan
a0f0f1e049 sepolicy: allow fastbootd to access gsc device node am: e02f501377 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17157683

Change-Id: I4234b878168d327657f3114bf96da9e6f056334e
 2022-03-14 05:17:37 +00:00
Chungjui Fan
e02f501377 sepolicy: allow fastbootd to access gsc device node 
audit: type=1400 audit(1646614793.912:8): avc:  denied  { getattr }
for pid=347 comm="fastbootd" path="/dev/gsc0" dev="tmpfs" ino=469
scontext=u:r:fastbootd:s0 tcontext=u:object_r:citadel_device:s0
tclass=chr_file permissive=0

Bug: 221410358
Test: fastboot -w in fastbootd mode
Change-Id: I5680515865c2656ffa91dfe593459aab1ade81cb
Signed-off-by: Chungjui Fan <chungjuifan@google.com>
 2022-03-14 04:47:31 +00:00
Ramji Jiyani
30ce6f42f3 dumpstate: Remove do not audit for /system_dlkm am: cec1d2a769 am: 3b53f750cd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17180360

Change-Id: I5acc30ad207c7940758baba44150f7b3705e5f78
 2022-03-14 04:25:37 +00:00
Ramji Jiyani
b3d20badcf dumpstate: Remove do not audit for /system_dlkm am: cec1d2a769 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17180360

Change-Id: Ib7e5de5db8aee96742905df9ac46aacc6ed81770
 2022-03-14 04:03:56 +00:00
Ramji Jiyani
3b53f750cd dumpstate: Remove do not audit for /system_dlkm am: cec1d2a769 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17180360

Change-Id: I2e71cdc8d343e82a83cf40c5aa6d653458c16625
 2022-03-14 04:02:45 +00:00
Ramji Jiyani
cec1d2a769 dumpstate: Remove do not audit for /system_dlkm 
FixedBy: http://aosp/2022375
Bug: 223332748
Test: atest SELinuxHostTest#testNoBugreportDenials
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I46e427cccec27118fad4440dc6822196d26f4a1b
 2022-03-13 18:32:07 -07:00
Android Build Coastguard Worker
e05f751cfc Snap for 8288609 from b51c7acf6d to udc-release 
Change-Id: I9323d2772109ed9e5826c9e2fdbb7a802923594c
 2022-03-11 04:01:13 +00:00
Taeju Park
b51c7acf6d Allow accessing power_policy sysfs node for GPU am: dc99069f1e am: 127bdb6c52 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17147970

Change-Id: Idfa7938b5c99f8c5447d5d38b2892c7f41b5ea2c
 2022-03-10 10:50:57 +00:00
Taeju Park
28666f9c91 Allow accessing power_policy sysfs node for GPU am: dc99069f1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17147970

Change-Id: I4d6d6f91d20ee796557f0341fd0553b2a880dbb4
 2022-03-10 10:27:29 +00:00
Taeju Park
127bdb6c52 Allow accessing power_policy sysfs node for GPU am: dc99069f1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17147970

Change-Id: Ie859536806978c4e9edca66601bd1a99572c7b87
 2022-03-10 10:26:57 +00:00
Taeju Park
dc99069f1e Allow accessing power_policy sysfs node for GPU 
Bug: 223440487
Signed-off-by: Taeju Park <taeju@google.com>
Change-Id: Iae2e4a0dc8d474d04200e79b4b4014010eedb147
 2022-03-10 10:03:59 +00:00
Darren Hsu
bea4cd8551 sepolicy: label wakeup source for usbc port am: ab8e1fdc58 am: c3524aa570 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129070

Change-Id: Iabd3c7db52dea253016624ba2ffb9d354cf33e00
 2022-03-10 06:53:36 +00:00
Darren Hsu
c3524aa570 sepolicy: label wakeup source for usbc port am: ab8e1fdc58 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129070

Change-Id: I719c86ff9275562322fa1a8741e45f038d813e7c
 2022-03-10 06:32:26 +00:00
Darren Hsu
ddba63c8e1 sepolicy: label wakeup source for usbc port am: ab8e1fdc58 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129070

Change-Id: I5d7a5c785a47406a692e76c5b5ac1f063be4f562
 2022-03-10 06:31:58 +00:00
Android Build Coastguard Worker
705e6b9548 Snap for 8282595 from 28d56b9f45 to udc-release 
Change-Id: Id5bf2ae52d18f858e5c40643e02f073bc7e010b1
 2022-03-10 04:01:14 +00:00
Darren Hsu
ab8e1fdc58 sepolicy: label wakeup source for usbc port 
Bug: 223475365
Test: run vts -m SuspendSepolicyTests
Change-Id: I2116c5f4fd19c5995f1612d593532cc7e065a560
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-10 11:29:15 +08:00
Adam Shih
28d56b9f45 Remove obsolete sepolicy am: e989d0087a am: e2bfc6f47f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17130105

Change-Id: Ic8047d68612de73e05398a268119aeff670c4a92
 2022-03-09 09:24:29 +00:00
Adam Shih
52c687855b Remove obsolete sepolicy am: e989d0087a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17130105

Change-Id: Icc23b10b61b23b9a78cd867f6c6105cc91873594
 2022-03-09 08:58:27 +00:00
Adam Shih
e2bfc6f47f Remove obsolete sepolicy am: e989d0087a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17130105

Change-Id: I1fd83076b7693667b95055e0feef410344720934
 2022-03-09 08:57:02 +00:00
Adam Shih
e989d0087a Remove obsolete sepolicy 
Bug: 207300335
Test: do bugreport without relevant error log showing up
Change-Id: I38e4544c59c49543e746775ec686874ee8ae2473
 2022-03-09 08:14:24 +00:00
Darren Hsu
024cc5351d sepolicy: fix VTS failure for SuspendSepolicyTests am: 284b775f21 am: 971ad610df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118583

Change-Id: I77728bab265ee7459f43b2c2ba00ea14ddd1ab83
 2022-03-09 06:21:03 +00:00
Darren Hsu
541e5a1bec sepolicy: fix VTS failure for SuspendSepolicyTests am: 284b775f21 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118583

Change-Id: Iadc3284119120be092462d2769bf2ce0a4e0bf2d
 2022-03-09 05:57:35 +00:00
Darren Hsu
971ad610df sepolicy: fix VTS failure for SuspendSepolicyTests am: 284b775f21 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118583

Change-Id: I2c33087c2413db910e3ad4968be605dbc10c6ccf
 2022-03-09 05:56:22 +00:00
Darren Hsu
284b775f21 sepolicy: fix VTS failure for SuspendSepolicyTests 
Label the common parent wakeup path instead of each
individual wakeup source to avoid bloating the genfs
contexts.

Bug: 221174227
Test: run vts -m SuspendSepolicyTests
Change-Id: I38e3a349af04f83e63735ea7ca010cf634c2f1ab
 2022-03-09 05:29:09 +00:00
SalmaxChang
c9e43b03e3 incident: Fix avc errors am: 1f72ffdec6 am: e0e47e1d51 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129066

Change-Id: I4d0e9bf5ce5984918e8aea22deb111ccf6de6a31
 2022-03-09 05:20:03 +00:00
sukiliu
114cfa428b Update avc error on ROM 8268341 am: b82a5ab98b am: 82778d58cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118587

Change-Id: Icdb610a1595b7a1676058f5a01c75a1f6e89a11f
 2022-03-09 05:19:51 +00:00
SalmaxChang
e0e47e1d51 incident: Fix avc errors am: 1f72ffdec6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129066

Change-Id: I70701611ef3193e945f8f3fb6fb18707ac2ddf36
 2022-03-09 05:04:17 +00:00
SalmaxChang
8e6d8aca0a incident: Fix avc errors am: 1f72ffdec6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129066

Change-Id: If23a5eadf674fb9dab7fb852d1509e5ff78d0c81
 2022-03-09 05:03:25 +00:00
SalmaxChang
1f72ffdec6 incident: Fix avc errors 
avc: denied { use } for comm="incident" dev="dm-47" ino=10911 scontext=u:r:incident:s0 tcontext=u:r:logger_app:s0:c239,c256,c512,c768 tclass=fd
avc: denied { append } for dev="dm-7" ino=12639 scontext=u:r:incident:s0 tcontext=u:object_r:media_rw_data_file:s0:c30,c257,c512,c768 tclass=file

Bug: 222209243
Change-Id: I9e622e2af1a036eab818cd2b66c07b137fe9cc99
 2022-03-09 04:55:08 +00:00
sukiliu
ab0ae93203 Update avc error on ROM 8268341 am: b82a5ab98b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118587

Change-Id: I3a08a7839302128d7660777a2607e6a87074a2d2
 2022-03-09 04:53:32 +00:00
sukiliu
82778d58cc Update avc error on ROM 8268341 am: b82a5ab98b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118587

Change-Id: I9b5926633555e0cfb2af2a92db05ac2c05bdf4ad
 2022-03-09 04:51:53 +00:00
sukiliu
b82a5ab98b Update avc error on ROM 8268341 
Bug: 223332748
Bug: 208721808
Test: PtsSELinuxTestCases
Change-Id: Ie3c6fdb9c8f29cac41db2750e71d3163132d4951
 2022-03-09 04:25:38 +00:00
Android Build Coastguard Worker
526cb9777c Snap for 8276267 from 23312cd72d to udc-release 
Change-Id: I324e2f174de3705dd9ccba23007fc67d19e13655
 2022-03-09 04:02:18 +00:00
Michael Eastwood
6c5f5af3fb Update SELinux policy to allow camera HAL to send Perfetto trace packets am: 07bf62c387 am: 4724d39907 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17080874

Change-Id: I08eafa3a554e983f7d66cb0f05bf4d3c1c43e804
 2022-03-09 02:15:28 +00:00
SalmaxChang
14126ff3f3 dumpstate: Grant to access media_rw_data_file am: db1196932e am: ea7d1c1e1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17106207

Change-Id: Ic9c598226c737a788753b79209b42c71513d04af
 2022-03-09 02:15:22 +00:00
Michael Eastwood
078d751e2b Update SELinux policy to allow camera HAL to send Perfetto trace packets am: 07bf62c387 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17080874

Change-Id: If2b35a0f557847e3bebd2dd38b870e8f75b6253f
 2022-03-09 01:51:08 +00:00
SalmaxChang
84bbdaa270 dumpstate: Grant to access media_rw_data_file am: db1196932e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17106207

Change-Id: If843f9e5abe481b4ad49e340381ecd38fe995810
 2022-03-09 01:51:02 +00:00
Michael Eastwood
4724d39907 Update SELinux policy to allow camera HAL to send Perfetto trace packets am: 07bf62c387 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17080874

Change-Id: Ib655baa67317b7da8f9b8cea62d7e93c87461dc2
 2022-03-09 01:49:54 +00:00
SalmaxChang
ea7d1c1e1a dumpstate: Grant to access media_rw_data_file am: db1196932e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17106207

Change-Id: I8b415b700c0a3253776e934a1fa073c54fb16e38
 2022-03-09 01:49:49 +00:00
Michael Eastwood
07bf62c387 Update SELinux policy to allow camera HAL to send Perfetto trace packets 
Example denials:

03-04 04:25:37.524   823   823 I TracingMuxer: type=1400 audit(0.0:31): avc: denied { use } for path=2F6D656D66643A706572666574746F5F73686D656D202864656C6574656429 dev="tmpfs" ino=20229 scontext=u:r:hal_camera_default:s0 tcontext=u:r:tr
aced:s0 tclass=fd permissive=1
03-04 04:25:37.524   823   823 I TracingMuxer: type=1400 audit(0.0:32): avc: denied { read write } for path=2F6D656D66643A706572666574746F5F73686D656D202864656C6574656429 dev="tmpfs" ino=20229 scontext=u:r:hal_camera_default:s0 tcontext
=u:object_r:traced_tmpfs:s0 tclass=file permissive=1
03-04 04:25:37.524   823   823 I TracingMuxer: type=1400 audit(0.0:33): avc: denied { getattr } for path=2F6D656D66643A706572666574746F5F73686D656D202864656C6574656429 dev="tmpfs" ino=20229 scontext=u:r:hal_camera_default:s0 tcontext=u:
object_r:traced_tmpfs:s0 tclass=file permissive=1
03-04 04:25:37.524   823   823 I TracingMuxer: type=1400 audit(0.0:34): avc: denied { map } for path=2F6D656D66643A706572666574746F5F73686D656D202864656C6574656429 dev="tmpfs" ino=20229 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:traced_tmpfs:s0 tclass=file permissive=1

Bug: 222684359
Test: Build and push new SELinux policy. Verify that trace packets are received by Perfetto.
Change-Id: I443e84c5bcc701c1c983db19280719655ff02080
 2022-03-09 01:29:20 +00:00
SalmaxChang
db1196932e dumpstate: Grant to access media_rw_data_file 
avc: denied { append } for comm="binder:1426_9" dev="dm-43" ino=15392 scontext=u:r:dumpstate:s0 tcontext=u:object_r:media_rw_data_file:s0:c232,c256,c512,c768 tclass=file permissive=0

Bug: 222209243
Change-Id: I38efe11117c15f99ad1bce54cafbd0f3b038eff2
 2022-03-08 04:57:26 +00:00
Android Build Coastguard Worker
ce5279304b Snap for 8267098 from 3b586d3fe6 to udc-release 
Change-Id: I1f906d9531ee016573bdafaea95b9e33798ea838
 2022-03-08 04:01:28 +00:00
Adam Shih
23312cd72d init: change overlayfs_file rule to dontaudit am: 47b4ca882d am: 1797d3c16a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17102583

Change-Id: Ibbfa21fcda34a142e6d15323672de2e97482e8f9
 2022-03-07 22:32:10 +00:00
Adam Shih
2e18f20056 init: change overlayfs_file rule to dontaudit am: 47b4ca882d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17102583

Change-Id: I5d0bbc490eb3ef4f1fc3f8fd0ceaec8c361705b3
 2022-03-07 22:10:44 +00:00
Adam Shih
1797d3c16a init: change overlayfs_file rule to dontaudit am: 47b4ca882d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17102583

Change-Id: I57c63f5fdcd3f97e1fe8788031842b395ff63b6f
 2022-03-07 22:09:48 +00:00
Adam Shih
47b4ca882d init: change overlayfs_file rule to dontaudit 
Workaround for modem_img being unlabeled after disable-verity.

Bug: 193113005
Bug: 221384981
Test: remount with no avc error
Change-Id: Ie2479470c095f4ee2a9508714565b1088a8d7dce
 2022-03-07 21:39:11 +00:00
Ruofei Ma
3b586d3fe6 [automerger skipped] Allow mediacodec_google to access secure dma heap am: 67e8f968b2 am: a9bdff3482 -s ours 
am skip reason: Merged-In I03e8c9b4f1d2099e6d7cd6d56f8d7f0834fd0009 with SHA-1 67e8f968b2 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17084044

Change-Id: Iec8f108b5010a637b29f870a9e4811066d8570a6
 2022-03-07 20:17:47 +00:00
Ruofei Ma
a9bdff3482 Allow mediacodec_google to access secure dma heap am: 67e8f968b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17084044

Change-Id: Ib949c42ff406ae58148154d6c7d8100293ab0050
 2022-03-07 19:42:45 +00:00
Ruofei Ma
ac80df1872 [automerger skipped] Allow mediacodec_google to access secure dma heap am: 67e8f968b2 -s ours 
am skip reason: Merged-In I03e8c9b4f1d2099e6d7cd6d56f8d7f0834fd0009 with SHA-1 e239561061 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17084044

Change-Id: I24a79b8815bd128f95b4fc0c17caac324d2c6555
 2022-03-07 19:40:15 +00:00
Ruofei Ma
67e8f968b2 Allow mediacodec_google to access secure dma heap 
The change is for following error:
HwBinder:867_1: type=1400 audit(0.0:9): avc: denied { read } for
name="vframe-secure" dev="tmpfs" ino=425 scontext=u:r:mediacodec_google:s0
tcontext=u:object_r:dmabuf_system_secure_heap_device:s0
tclass=chr_file permissive=0

Bug:221500257

Change-Id: I03e8c9b4f1d2099e6d7cd6d56f8d7f0834fd0009
(cherry picked from commit e239561061)
Merged-In: I03e8c9b4f1d2099e6d7cd6d56f8d7f0834fd0009
 2022-03-07 19:13:35 +00:00
Ray Chi
5f05099e62 Allow hal_usb_gadget_impl to access proc_irq am: 455c3c1653 am: 2fd433348f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17041067

Change-Id: If1b05627324722b6b97370beb6fd23817b9bf0f8
 2022-03-07 08:29:19 +00:00
Ray Chi
ee3ddad840 Allow hal_usb_gadget_impl to access proc_irq am: 455c3c1653 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17041067

Change-Id: I4b223ff4282fce938d27ee1c35e5130b387f4efb
 2022-03-07 08:08:59 +00:00
Ray Chi
2fd433348f Allow hal_usb_gadget_impl to access proc_irq am: 455c3c1653 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17041067

Change-Id: I7391e7c65ce2bd2b79bb8fcbf3ffb2a4eb2041ed
 2022-03-07 08:07:43 +00:00
Ray Chi
455c3c1653 Allow hal_usb_gadget_impl to access proc_irq 
Bug: 220996010
Test: build pass
Change-Id: Id9a9adbdc921629b6e89d0850dd8acaf76b1a891
 2022-03-07 11:18:28 +08:00
Tommy Chiu
df872eb420 sepolicy: add permissions to let recovery wipe citadel am: 94995cd0d3 am: ba00764692 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071752

Change-Id: I298bbfe10202de42fc540a100ea4bcd9f63dcb4d
 2022-03-07 01:12:03 +00:00
Tommy Chiu
e8ee3d3789 sepolicy: add permissions to let recovery wipe citadel am: 94995cd0d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071752

Change-Id: I0e86ea1a8a5aa49cf78b6892a0e895c7b759cd57
 2022-03-07 00:49:12 +00:00
Tommy Chiu
ba00764692 sepolicy: add permissions to let recovery wipe citadel am: 94995cd0d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071752

Change-Id: Ibc606f4def81adfbf1182d083c9bdb034025d550
 2022-03-07 00:47:59 +00:00
Tommy Chiu
94995cd0d3 sepolicy: add permissions to let recovery wipe citadel 
This gives recovery the ability to remove user data from citadel in the
same manner as issuing a `fastboot -w` does.  This doesn't allow for
resetting FRP data, just user data.

audit: type=1400 audit(1646379959.016:9): avc:  denied  { getattr } for
  pid=348 comm="recovery" path="/dev/gsc0" dev="tmpfs" ino=754
  scontext=u:r:recovery:s0 tcontext=u:object_r:citadel_device:s0
  tclass=chr_file permissive=0

Bug: 222005928
Change-Id: Ia6113999aecacbbbb31d7a8659a45c0e5a0db2c9
 2022-03-07 00:24:55 +00:00
Android Build Coastguard Worker
6975fdc580 Snap for 8259672 from f24a32c5c2 to udc-release 
Change-Id: I9acfbd7af9a680d1ebc60195d4fa04178a18dbc7
 2022-03-05 06:06:29 +00:00
Tri Vo
f24a32c5c2 Don't audit storageproxyd unlabeled access am: 9fe6aa97af am: b2f8313c88 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17072560

Change-Id: I39081f31ef8f3885227a6fc16a4c39bdd018c5d0
 2022-03-04 18:28:58 +00:00
Tri Vo
b2f8313c88 Don't audit storageproxyd unlabeled access am: 9fe6aa97af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17072560

Change-Id: Ied191c3251cbfddeb9acb4c952d83d897c5c7ecd
 2022-03-04 18:07:19 +00:00
Tri Vo
c4e4e45c43 Don't audit storageproxyd unlabeled access am: 9fe6aa97af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17072560

Change-Id: I61b7cabc61d1e6aa286390a90c0b5b8d04f6c35a
 2022-03-04 18:07:05 +00:00
Tri Vo
9fe6aa97af Don't audit storageproxyd unlabeled access 
Test: m sepolicy
Bug: 197502330
Change-Id: Ibe7292dc659dd454d3c842f6c48d2d90bc77117d
 2022-03-04 17:45:38 +00:00
Adam Shih
afd0fe1d97 remove obsolete code after SELinux is enforced am: 9ba4c9120d am: 9817dff3d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17076606

Change-Id: I1f331b7772f4c2696e046dda290352d41e5c62f0
 2022-03-04 09:34:59 +00:00
Adam Shih
ba54c02dae remove obsolete code after SELinux is enforced am: 9ba4c9120d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17076606

Change-Id: I11026c637a65f3c34a09a4852305ca7d1bc7bc2f
 2022-03-04 09:13:53 +00:00
Adam Shih
9817dff3d6 remove obsolete code after SELinux is enforced am: 9ba4c9120d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17076606

Change-Id: I9a3cc9a9fd9e67d4dc59d9a93040e538c63844f5
 2022-03-04 09:12:13 +00:00
Adam Shih
9ba4c9120d remove obsolete code after SELinux is enforced 
Bug: 207720645
Bug: 208527900
Bug: 208721673
Bug: 205072922
Test: boot with no relevant errors
Change-Id: I68931cc24c55beea52c246a06f268ea2be7d1ecf
 2022-03-04 08:47:59 +00:00
Midas Chien
2818690b9b Allow composer to read panel_idle_handle_exit sysfs node am: bef935f43d am: 8d4bd895eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005599

Change-Id: Iedf4175dab78e4ca9af08b10aae1f2d98ef19e35
 2022-03-04 07:45:10 +00:00
Midas Chien
07be5a9e09 Allow composer to read panel_idle_handle_exit sysfs node am: bef935f43d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005599

Change-Id: Ib3a236dbb535e41050b3535c0e8e8c7e6ac3431a
 2022-03-04 07:22:59 +00:00
Midas Chien
8d4bd895eb Allow composer to read panel_idle_handle_exit sysfs node am: bef935f43d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005599

Change-Id: I8669fb4aee3b42dd8b1b9e62aa6220f33b627580
 2022-03-04 07:21:53 +00:00
Midas Chien
bef935f43d Allow composer to read panel_idle_handle_exit sysfs node 
Change panel_idle_exit_handle selinux type to sysfs_display to allow
composer to access it.

Bug: 202182467
Test: ls -Z to check selinux type
Test: composer can access it in enforce mode
Change-Id: I5e6c5036a946417c782f1389f4423cce69c4df77
 2022-03-04 06:55:04 +00:00
millerliang
3d5df2e177 Fix AAudio avc denied am: 801b87fe71 am: 68e9f1eda3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17052084

Change-Id: I8a2559c151525f2e593114dd4eb9796484d7a3db
 2022-03-04 06:40:45 +00:00
Adam Shih
003f35e2f6 grant bugreport access to camera debug system property am: 1616b97465 am: 32040ce078 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071447

Change-Id: Ia13316d88043d7f1c3e50db548c56425358a4aa8
 2022-03-04 06:40:12 +00:00
millerliang
620c3df5ca Fix AAudio avc denied am: 801b87fe71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17052084

Change-Id: I3e1c7e2aa3e21ca17e0258598f832a392b13004a
 2022-03-04 06:20:31 +00:00
Adam Shih
2ac8aadf75 grant bugreport access to camera debug system property am: 1616b97465 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071447

Change-Id: I1984811f41d0b7e40efd2cd166bdf57e9f212a7e
 2022-03-04 06:20:18 +00:00
millerliang
68e9f1eda3 Fix AAudio avc denied am: 801b87fe71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17052084

Change-Id: If2469a66fe436e6183912d7a43a005f4900accdf
 2022-03-04 06:19:06 +00:00
Adam Shih
32040ce078 grant bugreport access to camera debug system property am: 1616b97465 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17071447

Change-Id: Ie1362e9f46201122818b21355022368d3d383799
 2022-03-04 06:18:39 +00:00
millerliang
801b87fe71 Fix AAudio avc denied 
I auditd  : type=1400 audit(0.0:35): avc:
denied { map } for comm="binder:896_4" path="/dev/snd/pcmC0D0p"
dev="tmpfs" ino=1138 scontext=u:r:audioserver:s0
tcontext=u:object_r:audio_device:s0 tclass=chr_file permissive=0

E SELinux : avc:  denied  { find } for pid=887 uid=1041 name=audio
scontext=u:r:audioserver:s0 tcontext=u:object_r:audio_service:s0
tclass=service_manager permissive=0

Bug: 222191260
Test: Flash TH ROM and test it by the following command
Test: test_steal_exclusive -c0

Signed-off-by: millerliang <millerliang@google.com>
Change-Id: I8ea6741f3682b568de089d040d511b68938374ab
 2022-03-04 06:14:55 +00:00
Adam Shih
1616b97465 grant bugreport access to camera debug system property 
Bug: 221384770
Test: do bugreport without seeing relevant error
Change-Id: Ie27ac5f2c6e13ec31ccec2adb11762dacab1fbdf
 2022-03-04 05:58:20 +00:00
Android Build Coastguard Worker
4bd8bc2fed Snap for 8251073 from 7bff4ad858 to udc-release 
Change-Id: I3cea5c8e64786083b1bb5fb7013567a8b1c92ed0
 2022-03-04 04:01:20 +00:00
Jack Yu
bdcdaecc8f Allow platform_app to access Nfc service am: 450f61d51b am: 0a4921d8ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17049976

Change-Id: I00b0602f68ce7f0a979b7b0fa7efb9de9381f81e
 2022-03-04 03:46:09 +00:00
Jack Yu
0a4921d8ea Allow platform_app to access Nfc service am: 450f61d51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17049976

Change-Id: I444b7cd68f067ad4490f975884d05bd7fab81189
 2022-03-04 03:11:59 +00:00
Jack Yu
2adfcd0067 Allow platform_app to access Nfc service am: 450f61d51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17049976

Change-Id: I2c36dcaa473827137e3cd1c44553f93ae9c6392a
 2022-03-04 03:11:28 +00:00
Jack Yu
450f61d51b Allow platform_app to access Nfc service 
Fix selinux denial below.
avc:  denied  { find } for pid=11183 uid=10224 name=nfc
scontext=u:r:platform_app:s0:c512,c768
tcontext=u:object_r:nfc_service:s0 tclass=service_manager
permissive=0

Bug: 222387662
Test: build pass
Change-Id: If97d8141acab23b4e13ea65ce28589195ef7ad9e
 2022-03-04 02:46:29 +00:00
Jinting Lin
f8e707d628 Allow modem diagnostic app to access default prop am: c3612c7097 am: b95ad92096 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17072663

Change-Id: I524ae98f67e4f3c859e3528d6886318d8147084e
 2022-03-04 02:17:05 +00:00
Jinting Lin
b463b5aa9f Allow modem diagnostic app to access default prop am: c3612c7097 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17072663

Change-Id: If23f46cc3e47c9496310bd9081d0a7461e49eee0
 2022-03-04 01:56:04 +00:00
Jinting Lin
b95ad92096 Allow modem diagnostic app to access default prop am: c3612c7097 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17072663

Change-Id: Iba2f39b55334d40dc8339433b0b955dc29f1be80
 2022-03-04 01:54:47 +00:00
Jinting Lin
c3612c7097 Allow modem diagnostic app to access default prop 
log:
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=154 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.google.mds

Bug: 222509956
Change-Id: I50302b38f074e3f1a078ee48896154353e0937b6
 2022-03-04 01:35:39 +00:00
Ruofei Ma
e239561061 Allow mediacodec_google to access secure dma heap 
The change is for following error:
HwBinder:867_1: type=1400 audit(0.0:9): avc: denied { read } for
name="vframe-secure" dev="tmpfs" ino=425 scontext=u:r:mediacodec_google:s0
tcontext=u:object_r:dmabuf_system_secure_heap_device:s0
tclass=chr_file permissive=0

Bug:221500257

Change-Id: I03e8c9b4f1d2099e6d7cd6d56f8d7f0834fd0009
 2022-03-04 01:21:32 +00:00
Devin Moore
7bff4ad858 [automerger skipped] Add the init_boot partition sepolicy am: ac44b340d3 am: 6ce3b8a590 -s ours 
am skip reason: Merged-In Ic991fa314c8a6fdb848199a626852a68a57d1df5 with SHA-1 ac44b340d3 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17070163

Change-Id: Ia7aed68cf3e0783b60b5879d782e621f314f3518
 2022-03-03 20:54:31 +00:00
Devin Moore
6ce3b8a590 Add the init_boot partition sepolicy am: ac44b340d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17070163

Change-Id: If8db325971ac8ecd1d3ae318ab942df98bc847d8
 2022-03-03 20:30:36 +00:00
Devin Moore
bfb5875873 [automerger skipped] Add the init_boot partition sepolicy am: ac44b340d3 -s ours 
am skip reason: Merged-In Ic991fa314c8a6fdb848199a626852a68a57d1df5 with SHA-1 b3a10db9d6 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17070163

Change-Id: If2c578b3c59cc42c44d34255cee3a252de6ca405
 2022-03-03 20:30:18 +00:00
Devin Moore
ac44b340d3 Add the init_boot partition sepolicy 
Tagging the partition as a boot_block_device so everything that had
permission to read/write to the boot partition now also has permissions
for this new init_boot partition.

This is required for update_engine to be able to write to init_boot on
builds that are enforcing sepolicy.

Bug: 222052598
Test: adb shell setenforce 1 && update_device.py ota.zip

Merged-In: Ic991fa314c8a6fdb848199a626852a68a57d1df5
Change-Id: Ic991fa314c8a6fdb848199a626852a68a57d1df5
 2022-03-03 20:01:09 +00:00
Robb Glasser
3f56033179 Add hal_graphics_composer_default to sensors sepolicy. am: 990294708f am: 3bd74d90b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17051308

Change-Id: I629dc58eaf6f9b09cb35f0eafc7b1878ecdf63da
 2022-03-03 19:35:45 +00:00
Robb Glasser
44953b58b3 Add hal_graphics_composer_default to sensors sepolicy. am: 990294708f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17051308

Change-Id: Idf592c4d84da206ddc8cd6ed64d0f23c57d02717
 2022-03-03 19:11:54 +00:00
Robb Glasser
3bd74d90b2 Add hal_graphics_composer_default to sensors sepolicy. am: 990294708f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17051308

Change-Id: I692867ec79753dbd0c4f3909d26549d51c5e8f7d
 2022-03-03 19:11:41 +00:00
Robb Glasser
990294708f Add hal_graphics_composer_default to sensors sepolicy. 
Bug: 221396170
Test: No avc denial.

Change-Id: I23299524dec50d8c589c6acc9da8b3c8c3399f97
 2022-03-03 18:42:58 +00:00
Devin Moore
b3a10db9d6 Add the init_boot partition sepolicy 
Tagging the partition as a boot_block_device so everything that had
permission to read/write to the boot partition now also has permissions
for this new init_boot partition.

This is required for update_engine to be able to write to init_boot on
builds that are enforcing sepolicy.

Bug: 222052598
Test: adb shell setenforce 1 && update_device.py ota.zip

Change-Id: Ic991fa314c8a6fdb848199a626852a68a57d1df5
 2022-03-03 17:14:41 +00:00
Nishok Kumar S
a8c8d9f1be Allow camera HAL and GCA to access Aurora GXP device. am: e95f5edafe am: dd3de4d24e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17035623

Change-Id: I566cbdca0bbe6aa0aa2936983534c4b076391fe4
 2022-03-03 04:54:17 +00:00
Nishok Kumar S
dd3de4d24e Allow camera HAL and GCA to access Aurora GXP device. am: e95f5edafe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17035623

Change-Id: If5cbce0c7a2489272853813e915a58560e1cfe86
 2022-03-03 04:30:16 +00:00
Nishok Kumar S
f91a98467c Allow camera HAL and GCA to access Aurora GXP device. am: e95f5edafe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17035623

Change-Id: Ie637dc2f227d20fcd7b82ae4d9bf45708e995dfa
 2022-03-03 04:30:14 +00:00
Nishok Kumar S
e95f5edafe Allow camera HAL and GCA to access Aurora GXP device. 
The camera HAL and Google Camera App
need selinux permission to run workloads on Aurora DSP. This
change adds the selinux rules too allow these clients to
access the GXP device and load firmware onto DSP cores
in order to execute workloads on DSP.

Bug: 220086991
Test: Verified that the camera HAL service and GCA app is able to access the GXP device and load GXP firmware.
Change-Id: I1bd327cfbe5b37c88154acda54bf6c396e939289
 2022-03-03 04:02:33 +00:00
Android Build Coastguard Worker
5c210b79bb Snap for 8243542 from 431f4747cc to udc-release 
Change-Id: I5b3523ebe0951375cad7e6351962a1c871554e0c
 2022-03-03 04:01:39 +00:00
Robert Lee
fcd5a53861 Fix selinux error for aocd am: 129ef29bc8 am: fd043e784a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17050631

Change-Id: Id4fbde99b2a48ecb455edd7de6d0712e41dd3b39
 2022-03-03 03:16:07 +00:00
Robert Lee
f5fb96dd9d Fix selinux error for aocd am: 129ef29bc8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17050631

Change-Id: I0fa5066a5278676cb68ab2b53d7f60f03c7546c3
 2022-03-03 02:53:34 +00:00
Robert Lee
fd043e784a Fix selinux error for aocd am: 129ef29bc8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17050631

Change-Id: I12907f22900800c745b69d263208dae82f0b4d4d
 2022-03-03 02:52:11 +00:00
Robert Lee
129ef29bc8 Fix selinux error for aocd 
allow write permission to fix following error
auditd  : type=1400 audit(0.0:4): avc: denied { write } for comm="aocd" name="aoc" dev="tmpfs" ino=497 scontext=u:r:aocd:s0 tcontext=u:object_r:aoc_device:s0 tclass=chr_file permissive=0

Bug: 198490099
Test: no avc deny when enable no_ap_restart
Change-Id: I06dc99f1a5859589b33f89ce435745d15e2e5749
Signed-off-by: Robert Lee <lerobert@google.com>
 2022-03-03 02:22:53 +00:00
Siddharth Kapoor
c0e662dc27 Add libgpudataproducer as sphal am: 2d43200489 am: dbefffd54b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17052905

Change-Id: I8b89645d0ae235a1ca48be49f98dabbef737d4df
 2022-03-03 01:59:27 +00:00
Jinting Lin
a7dc4f5973 Fix avc denied for slsi engineermode app am: 94d7f6cce6 am: b0cb6083a9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17041066

Change-Id: Ia04f584defd026f8bf29b1cc8ad053b646452ee2
 2022-03-03 01:58:51 +00:00
Siddharth Kapoor
1869966388 Add libgpudataproducer as sphal am: 2d43200489 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17052905

Change-Id: I95227f77d2c276dc630f21ada38efdc34d58cdb2
 2022-03-03 01:26:48 +00:00
Siddharth Kapoor
dbefffd54b Add libgpudataproducer as sphal am: 2d43200489 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17052905

Change-Id: I92c4b3a7dee9578980ca4850e744921782ea16f8
 2022-03-03 01:24:36 +00:00
Jinting Lin
b0cb6083a9 Fix avc denied for slsi engineermode app am: 94d7f6cce6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17041066

Change-Id: I300f01cc8f98c7b740f327ef655dfcd5648b13ca
 2022-03-03 01:24:31 +00:00
Jinting Lin
1714417845 Fix avc denied for slsi engineermode app am: 94d7f6cce6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17041066

Change-Id: Ifa1e8c56273b69f8fbfcdb4be95fe3924e4df0aa
 2022-03-03 01:23:20 +00:00
Siddharth Kapoor
2d43200489 Add libgpudataproducer as sphal 
Bug: 222042714
Test: CtsGpuProfilingDataTestCases passes on User build

Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
Change-Id: I1997f3e66327486f15b1aa742aa8e82855b07e05
 2022-03-03 01:08:52 +00:00
Jinting Lin
94d7f6cce6 Fix avc denied for slsi engineermode app 
log:
avc: denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:platform_app:s0:c512,c768 pid=5111 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { call } for comm="si.engineermode" scontext=u:r:platform_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.samsung.slsi.engineermode
avc: denied { call } for comm="HwBinder:1016_1" scontext=u:r:rild:s0 tcontext=u:r:platform_app:s0:c512,c768 tclass=binder permissive=0
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=154 scontext=u:r:vendor_engineermode_app:s0:c225,c256,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.samsung.slsi.engineermode

Test: side load the trail build sepolicy, then check the app

Bug: 221482792
Change-Id: I84768ed128a2b8c57d6a3e0a0f0aa8c4d4b91857
 2022-03-03 01:01:08 +00:00
sukiliu
431f4747cc update error on ROM 8223177 am: b1c5fcff3d am: d0afc4ccf5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005595

Change-Id: I1796687e67345c2e3ae7d52849d36e02a511e611
 2022-03-02 07:11:09 +00:00
sukiliu
88653306ce update error on ROM 8223177 am: b1c5fcff3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005595

Change-Id: I00cb31a95f1076bd185e71c09b85ca5cb563b367
 2022-03-02 06:50:04 +00:00
sukiliu
d0afc4ccf5 update error on ROM 8223177 am: b1c5fcff3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005595

Change-Id: I43a4d7d92ba5bb868d0e9167afbb5af5dac852c9
 2022-03-02 06:49:10 +00:00
sukiliu
b1c5fcff3d update error on ROM 8223177 
Bug: 221384981
Bug: 221384939
Bug: 221384996
Bug: 221384768
Bug: 221384770
Bug: 221384860
Test: PtsSELinuxTestCases
Change-Id: I50916dca7548bce0e77d90a36ad8f9ba1ca7c711
 2022-03-02 06:30:05 +00:00
Android Build Coastguard Worker
470e20dc47 Snap for 8237959 from 2fe3313727 to udc-release 
Change-Id: If1ccdb06ddec8a116782b8adcf4d832540d2a9e4
 2022-03-02 04:01:11 +00:00
Roshan Pius
2fe3313727 gs-sepolicy: Fix legacy UWB stack sepolicy rules am: a1f0d2aa9a am: a492dff7cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17045928

Change-Id: Ie9b49694ff62287867606d6e8f31f05c85501765
 2022-03-01 19:18:41 +00:00
Roshan Pius
8dd3e0b971 gs-sepolicy: Fix legacy UWB stack sepolicy rules am: a1f0d2aa9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17045928

Change-Id: Ibf58b9ef905da9b1c8fd94beb2603f0ea7dc79b5
 2022-03-01 18:54:19 +00:00
Roshan Pius
a492dff7cc gs-sepolicy: Fix legacy UWB stack sepolicy rules am: a1f0d2aa9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17045928

Change-Id: I4e5377239bc0ebddb388ae4de486e2e87ccea0d1
 2022-03-01 18:52:42 +00:00
Roshan Pius
a1f0d2aa9a gs-sepolicy: Fix legacy UWB stack sepolicy rules 
This rule was present on previous devices.

Denial logs:
02-24 09:22:08.214   427   427 E SELinux : avc:  denied  { find } for
pid=1479 uid=1000 name=uwb_vendor scontext=u:r:system_server:s0
tcontext=u:object_r:uwb_vendor_service:s0 tclass=service_manager permissive=0

Bug: 221292100
Test: Compiles
Change-Id: I6de4000a9cebf46a0d94032aade7b2d40b94ca16
 2022-03-01 18:25:00 +00:00
Tommy Chiu
024f58cc54 RKP: Add IRemotelyProvisionedComponent service am: b7790aa7a8 am: c94ef875af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17034406

Change-Id: Iecf2ba97b2f4c99d2d52be40f36babe3ab773937
 2022-03-01 07:02:37 +00:00
Tommy Chiu
7845870ddd RKP: Add IRemotelyProvisionedComponent service am: b7790aa7a8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17034406

Change-Id: Ie8a7f246dbbc26d9e64a18a831326d3aee5ed1f9
 2022-03-01 06:42:23 +00:00
Tommy Chiu
c94ef875af RKP: Add IRemotelyProvisionedComponent service am: b7790aa7a8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17034406

Change-Id: I19740f1d8d82c0ff1227709aa639bd8c2b0938db
 2022-03-01 06:39:43 +00:00
Tommy Chiu
b7790aa7a8 RKP: Add IRemotelyProvisionedComponent service 
Bug: 212643050
Bug: 221503025
Change-Id: I7932ba96d0d7dd603d360cd7319997a7c108500a
 2022-03-01 06:10:23 +00:00
Badhri Jagan Sridharan
b9268781da [automerger skipped] android.hardware.usb.IUsb AIDL migration am: fc08341bd6 am: b68d5b153c -s ours 
am skip reason: Merged-In Ia8c24610244856490c8271433710afb57d3da157 with SHA-1 fc08341bd6 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17009127

Change-Id: Id6b50ba2b3860238fa6adebad6dc974aa3b2352a
 2022-03-01 04:17:17 +00:00
Badhri Jagan Sridharan
98d92876de [automerger skipped] android.hardware.usb.IUsb AIDL migration am: fc08341bd6 -s ours 
am skip reason: Merged-In Ia8c24610244856490c8271433710afb57d3da157 with SHA-1 775523d1eb is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17009127

Change-Id: I107a850c88f445e4b91253a46a00e4197e806bf1
 2022-03-01 03:55:58 +00:00
Badhri Jagan Sridharan
b68d5b153c android.hardware.usb.IUsb AIDL migration am: fc08341bd6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17009127

Change-Id: Ib469d2785c355195621edc4a509f3db07d11ea54
 2022-03-01 03:55:10 +00:00
Badhri Jagan Sridharan
fc08341bd6 android.hardware.usb.IUsb AIDL migration 
Cherry-pick of <775523d1eb5976c85c36c9d5632ff199686e48e6>

android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.

[   37.177042] type=1400 audit(1645536157.528:3): avc: denied { wake_alarm } for comm="android.hardwar" capability=35 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   37.177139] type=1400 audit(1645536157.528:4): avc: denied { block_suspend } for comm="android.hardwar" capability=36 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   39.936357] type=1400 audit(1645536160.292:5): avc: denied { call } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
[   39.936403] type=1400 audit(1645536160.292:6): avc: denied { transfer } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
...
[   42.845054] type=1400 audit(1645550991.268:8): avc: denied { read } for comm="HwBinder:860_1" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.877781] type=1400 audit(1645550991.268:9): avc: denied { open } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.915532] type=1400 audit(1645550991.268:10): avc: denied { getattr } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.962130] type=1400 audit(1645550991.268:11): avc: denied { map } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   43.003097] type=1400 audit(1645550991.268:12): avc: denied { watch watch_reads } for comm="HwBinder:860_1" path="/dev/usb-ffs/adb" dev="functionfs" ino=40814 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:functionfs:s0 tclass=dir permissive=1
[   43.024529] type=1400 audit(1645550991.268:13): avc: denied { write } for comm="HwBinder:860_1" name="property_service" dev="tmpfs" ino=376 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
[   43.057605] type=1400 audit(1645550991.268:14): avc: denied { connectto } for comm="HwBinder:860_1" path="/dev/socket/property_service" scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1
[   43.084549] type=1107 audit(1645550991.268:15): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.usb.dwc3_irq pid=860 uid=0 gid=0 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=1'

Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
Merged-In: Ia8c24610244856490c8271433710afb57d3da157
 2022-03-01 03:32:23 +00:00
YiHo Cheng
5b27c53dd7 thermal: Label tmu register dump sysfs am: be92764669 am: 3a13f5708b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005600

Change-Id: Iee1567b0c9563388b270f99f29dc62efdc2ae2a7
 2022-03-01 02:15:46 +00:00
YiHo Cheng
6a1e7e3340 thermal: Label tmu register dump sysfs am: be92764669 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005600

Change-Id: I5d714128eacd3e64dc44baff1e6ad295a6bf61fe
 2022-03-01 01:51:51 +00:00
YiHo Cheng
3a13f5708b thermal: Label tmu register dump sysfs am: be92764669 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005600

Change-Id: I3b54fe773cedef0087cd9f3733b23b0dcdeb1da9
 2022-03-01 01:50:45 +00:00
YiHo Cheng
be92764669 thermal: Label tmu register dump sysfs 
Allow dumpstate to access tmu register dump sysfs

[  174.114566] type=1400 audit(1645790696.920:13): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_reg_dump_state" dev="sysfs"
ino=65178
 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0
 tclass=file permissive=0
 [  174.115092] type=1400 audit(1645790696.920:14): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_reg_dump_current_temp" dev="sysfs"
 in
 o=65179 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
 [  174.115208] type=1400 audit(1645790696.920:15): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_rise_thres"
 dev="sysfs"
 ino=65180 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
 [  174.115398] type=1400 audit(1645790696.920:16): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_fall_thres"
 dev="sysfs"
 ino=65182 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
 [  174.115498] type=1400 audit(1645790696.920:17): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_sub_reg_dump_rise_thres"
 dev="sysfs"
 ino=65181 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 215040856
Test: check tmu register dump sysfs output in dumpstate
Change-Id: Ica48e37344a69264d4b4367af7856ec20b566a9e
 2022-03-01 01:24:00 +00:00
Android Build Coastguard Worker
3dac81ca67 Snap for 8228195 from 7a53f0050b to udc-release 
Change-Id: I12aa12e92c0dde3510dd9488c8f17d0fad4dbabe
 2022-02-26 06:06:17 +00:00
Yu-Chi Cheng
7a53f0050b Allowed GCA to access EdgeTPU for P22 devices. am: 172271fdbc am: e398726310 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17016803

Change-Id: I5ac3df1ecd82d58ace49d97910168e004f416555
 2022-02-26 00:24:58 +00:00
Yu-Chi Cheng
e398726310 Allowed GCA to access EdgeTPU for P22 devices. am: 172271fdbc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17016803

Change-Id: I75df18545ece29becfff7c4eb1624c07c12eefd7
 2022-02-26 00:01:27 +00:00
Yu-Chi Cheng
b6adb75029 Allowed GCA to access EdgeTPU for P22 devices. am: 172271fdbc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17016803

Change-Id: If1a466f643e9768974cc02ed555d6cd543bad153
 2022-02-26 00:01:15 +00:00
Yu-Chi Cheng
172271fdbc Allowed GCA to access EdgeTPU for P22 devices. 
This change includes the google_camera_app domain
into the EdgeTPU selinux rules. With it the GCA
is now able to access EdgeTPU.

Bug: 221020793
Test: verified GCA to work on P22.
Change-Id: I69010e2a8cca1429df402ae587b939d38e20a287
 2022-02-25 23:36:01 +00:00
Jinting Lin
ee692faed2 Fix avc denied for vendor silent logging app am: e44f3c867c am: 45fcc5f934 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986448

Change-Id: I104b71459beb590797d977e18f0a0455329aee74
 2022-02-25 16:04:55 +00:00
Jinting Lin
079719c2b0 Fix avc denied for vendor silent logging app am: e44f3c867c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986448

Change-Id: I6360f039728d972f47c761e06748d6b2443ba911
 2022-02-25 08:27:05 +00:00
Jinting Lin
45fcc5f934 Fix avc denied for vendor silent logging app am: e44f3c867c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986448

Change-Id: I4a4019c4c847dbfabf4bcc985b7dba56591dc6e9
 2022-02-25 06:05:41 +00:00
Jinting Lin
e44f3c867c Fix avc denied for vendor silent logging app 
log:
avc: denied { getattr } for comm="y.silentlogging" path="/data/user/0/com.samsung.slsi.telephony.silentlogging" dev="dm-42" ino=6793 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { search } for comm="y.silentlogging" name="com.samsung.slsi.telephony.silentlogging" dev="dm-42" ino=6793 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
denied { read } for comm="y.silentlogging" name="u:object_r:vendor_slog_prop:s0" dev="tmpfs" ino=338 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_prop:s0 tclass=file permissive=0
avc: denied { search } for comm="y.silentlogging" name="slog" dev="dm-42" ino=314 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=0
avc: denied { read } for comm="y.silentlogging" name="u:object_r:default_prop:s0" dev="tmpfs" ino=150 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.oemservice::IOemService sid=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 pid=7322 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_vendor_oem_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { call } for comm="y.silentlogging" scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:r:dmd:s0 tclass=binder permissive=0
avc: denied { call } for comm="y.silentlogging" scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:r:sced:s0 tclass=binder permissive=0
avc: denied { read } for comm="getenforce" name="enforce" dev="selinuxfs" ino=4 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=0
avc: denied { set } for property=persist.vendor.modem.logging.shannon_app pid=7279 uid=1000 gid=1000 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_modem_prop:s0 tclass=property_service permissive=0'

avc: denied { call } for comm="HwBinder:1001_1" scontext=u:r:sced:s0 tcontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tclass=binder permissive=0

avc: denied { call } for scontext=u:r:dmd:s0 tcontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tclass=binder permissive=0

avc: denied { getattr } for comm="tlogging:remote" path="/data/user/0/com.samsung.slsi.telephony.silentlogging" dev="dm-42" ino=6793 scontext=u:r:vendor_silentlogging_remote_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="slog" dev="dm-42" ino=314 scontext=u:r:vendor_silentlogging_remote_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=0

Test: flash TH build then run basic test of silent logging app

Bug: 220847487
Change-Id: Ib5ac1e796e8e816d024cebc584b5699ab8ed1162
 2022-02-25 05:35:06 +00:00
Android Build Coastguard Worker
d7a45befba Snap for 8221814 from d355e26031 to udc-release 
Change-Id: I920e4b830caa9a3372f99a5ff73b535be394c1c7
 2022-02-25 04:01:26 +00:00
Badhri Jagan Sridharan
775523d1eb android.hardware.usb.IUsb AIDL migration 
android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.

[   37.177042] type=1400 audit(1645536157.528:3): avc: denied { wake_alarm } for comm="android.hardwar" capability=35 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   37.177139] type=1400 audit(1645536157.528:4): avc: denied { block_suspend } for comm="android.hardwar" capability=36 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   39.936357] type=1400 audit(1645536160.292:5): avc: denied { call } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
[   39.936403] type=1400 audit(1645536160.292:6): avc: denied { transfer } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
...
[   42.845054] type=1400 audit(1645550991.268:8): avc: denied { read } for comm="HwBinder:860_1" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.877781] type=1400 audit(1645550991.268:9): avc: denied { open } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.915532] type=1400 audit(1645550991.268:10): avc: denied { getattr } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.962130] type=1400 audit(1645550991.268:11): avc: denied { map } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   43.003097] type=1400 audit(1645550991.268:12): avc: denied { watch watch_reads } for comm="HwBinder:860_1" path="/dev/usb-ffs/adb" dev="functionfs" ino=40814 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:functionfs:s0 tclass=dir permissive=1
[   43.024529] type=1400 audit(1645550991.268:13): avc: denied { write } for comm="HwBinder:860_1" name="property_service" dev="tmpfs" ino=376 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
[   43.057605] type=1400 audit(1645550991.268:14): avc: denied { connectto } for comm="HwBinder:860_1" path="/dev/socket/property_service" scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1
[   43.084549] type=1107 audit(1645550991.268:15): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.usb.dwc3_irq pid=860 uid=0 gid=0 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=1'

Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
 2022-02-25 00:51:26 +00:00
SalmaxChang
d355e26031 Add missing vendor_logger_prop rule am: 7cb9cc182b am: 711eb4d39e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16996081

Change-Id: I898d40f04b1d92ba70d1a473b78142882f7f1c57
 2022-02-24 14:29:19 +00:00
SalmaxChang
6e50b6c086 Add missing vendor_logger_prop rule am: 7cb9cc182b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16996081

Change-Id: I7a0bbf078bf056c35c03f4438020a165d0eb1866
 2022-02-24 13:29:32 +00:00
SalmaxChang
711eb4d39e Add missing vendor_logger_prop rule am: 7cb9cc182b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16996081

Change-Id: If4364de5ee9fd24dcdbbd881550596456907f4eb
 2022-02-24 13:06:15 +00:00
SalmaxChang
7cb9cc182b Add missing vendor_logger_prop rule 
init    : Do not have permissions to set 'persist.vendor.verbose_logging_enabled' to 'true' in property file '/vendor/build.prop': SELinux permission check failed

Bug: 221173724
Bug: 221154649
Change-Id: Ic35e6f1d40f15efefead4530f8d320b72d7366e4
 2022-02-24 07:45:39 +00:00
Zachary Iqbal
cbd2301c12 Give gralloc access to the faceauth_heap_device. am: 4bbc6969e5 am: 0dca35958b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16995763

Change-Id: I821a83023676a3bffeb0d4dc4eda84ff3bc2418a
 2022-02-24 07:16:53 +00:00
Zachary Iqbal
d5591c285c Give gralloc access to the faceauth_heap_device. am: 4bbc6969e5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16995763

Change-Id: I4f7125f019a79f981bcdbabdf937f702705a56ab
 2022-02-24 07:09:17 +00:00
Alex Hong
b98a993585 [automerger skipped] Remove the sepolicy for tetheroffload service am: 4443c79bbb am: 1ca456915b -s ours 
am skip reason: Merged-In I5ecec46512ff4e1ae6c52147cfa0179e5fc93420 with SHA-1 4443c79bbb is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972946

Change-Id: Ibdaef3f7222496386d8b4c59f8b2bc7bdcb46955
 2022-02-24 06:54:51 +00:00
Joseph Jang
6478f87461 identity: Add sepolicy permission for hal_identity_citadel to find hal_remotelyprovisionedcomponent_service am: 5fb066e143 am: 5523e01f2c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984428

Change-Id: I00ffa527ead4c916ed209fed35ffb653bb77fd73
 2022-02-24 06:54:40 +00:00
Jack Yu
e6fff8063a [automerger skipped] uwb: permissions for factory uwb calibration file am: 97a25bf259 am: 769645d0c1 -s ours 
am skip reason: Merged-In I33093231577b71c24d5bf6f980c7021cc546fa98 with SHA-1 97a25bf259 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986452

Change-Id: Ic7d5107dcebc73e2278a8239cacab2d223677c17
 2022-02-24 06:54:23 +00:00
Zachary Iqbal
0dca35958b Give gralloc access to the faceauth_heap_device. am: 4bbc6969e5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16995763

Change-Id: I68667c239af8739e332082286f6004bacc0f328d
 2022-02-24 05:45:18 +00:00
Zachary Iqbal
4bbc6969e5 Give gralloc access to the faceauth_heap_device. 
Notes:
- This is required for face authentication.

Fixes: 221098313
Test: Built locally.
Change-Id: I6292c76c0809f091108ac73bef2d9e2db430a680
 2022-02-24 05:20:30 +00:00
Darren Hsu
b06dbbfdbc Allow hal_power_stats to read UWB sysfs nodes am: 8f90cf5408 am: 7306a159f7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986443

Change-Id: I1a7332a9eb0db6285209536d6c347739dda89438
 2022-02-24 04:58:13 +00:00
Jinting Lin
634a200efe [automerger skipped] Adds mnt file and batt info permissions for modem app am: e6af74a6c4 am: b9b03f61f8 -s ours 
am skip reason: Merged-In Icd02d4f8757719afed020c27a90812921d5f37ec with SHA-1 e6af74a6c4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984429

Change-Id: Ia2c32d7d844bd19c3cbcd86a61b0f8b0077aab69
 2022-02-24 04:35:25 +00:00
Alex Hong
a44591db67 [automerger skipped] Remove the sepolicy for tetheroffload service am: 4443c79bbb -s ours 
am skip reason: Merged-In I5ecec46512ff4e1ae6c52147cfa0179e5fc93420 with SHA-1 453b37ebdc is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972946

Change-Id: I4ae413cd29ada17b91a2023027f7157b42821de9
 2022-02-24 04:34:33 +00:00
Jinting Lin
fdd73ecdd3 [automerger skipped] Adds logging related properties for logger app am: 7ba8b12bb8 am: 43dd982131 -s ours 
am skip reason: Merged-In I3917ce13f51a5ccb3304eb2db860f4da8424438b with SHA-1 7ba8b12bb8 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16983456

Change-Id: Ie53a001f9de3e6fa44e8151a6e3e8af9691a55d7
 2022-02-24 04:24:54 +00:00
Alex Hong
1ca456915b Remove the sepolicy for tetheroffload service am: 4443c79bbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972946

Change-Id: I8ef64c6cfeb59e985cdff44fc31bd8d7f20a62d7
 2022-02-24 04:13:56 +00:00
Joseph Jang
083d19df94 identity: Add sepolicy permission for hal_identity_citadel to find hal_remotelyprovisionedcomponent_service am: 5fb066e143 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984428

Change-Id: Id4f363c69b621d0090f02630c2fdc0d207b1e92a
 2022-02-24 04:09:44 +00:00
Jack Yu
5dce5312f8 [automerger skipped] uwb: permissions for factory uwb calibration file am: 97a25bf259 -s ours 
am skip reason: Merged-In I33093231577b71c24d5bf6f980c7021cc546fa98 with SHA-1 62d5b40d35 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986452

Change-Id: I1a412c0ca108b8f4135a862810682c46e8ee8265
 2022-02-24 04:08:05 +00:00
Darren Hsu
9b1d657510 Allow hal_power_stats to read UWB sysfs nodes am: 8f90cf5408 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986443

Change-Id: Iba1a0e7a804473c04b0ec9df05b5286dc316a68d
 2022-02-24 04:06:34 +00:00
Alex Hong
4443c79bbb Remove the sepolicy for tetheroffload service 
Test: m checkvintf
      run vts -m VtsHalTetheroffloadControlV1_0TargetTest
Bug: 207076973
Bug: 214494717
Change-Id: I5ecec46512ff4e1ae6c52147cfa0179e5fc93420
Merged-In: I5ecec46512ff4e1ae6c52147cfa0179e5fc93420
 2022-02-24 04:03:32 +00:00
Jinting Lin
4859443fe4 [automerger skipped] Adds mnt file and batt info permissions for modem app am: e6af74a6c4 -s ours 
am skip reason: Merged-In Icd02d4f8757719afed020c27a90812921d5f37ec with SHA-1 2c914cd02c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984429

Change-Id: I104197e4346c57a6bd8ea7acc0245c025841c42f
 2022-02-24 04:03:03 +00:00
Krzysztof Kosiński
62f0ad72b9 Camera: re-add TEE access. am: 3884738538 am: 084defd392 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16980638

Change-Id: Idbc0156037e4583d366664547d79d03ada12c3b1
 2022-02-24 03:06:26 +00:00
Joseph Jang
5523e01f2c identity: Add sepolicy permission for hal_identity_citadel to find hal_remotelyprovisionedcomponent_service am: 5fb066e143 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984428

Change-Id: I7e43e5ece9d6f552a69905ceeb271a6e0d319a5e
 2022-02-24 02:52:40 +00:00
Joseph Jang
5fb066e143 identity: Add sepolicy permission for hal_identity_citadel to find hal_remotelyprovisionedcomponent_service 
log:
SELinux : avc:  denied  { find } for pid=885 uid=9999
name=android.hardware.security.keymint.IRemotelyProvisionedComponent/strongbox
scontext=u:r:hal_identity_citadel:s0
tcontext=u:object_r:hal_remotelyprovisionedcomponent_service:s0
tclass=service_manager permissive=0

Bug: 218613398
Change-Id: I124ea5898609a3f68bee13b6db931878252d4081
 2022-02-24 02:20:37 +00:00
Jinting Lin
0022390c95 [automerger skipped] Adds logging related properties for logger app am: 7ba8b12bb8 -s ours 
am skip reason: Merged-In I3917ce13f51a5ccb3304eb2db860f4da8424438b with SHA-1 e65363450c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16983456

Change-Id: Ife58cc0ac85ee0154c335950c161ae5008cfaa65
 2022-02-24 02:08:25 +00:00
Krzysztof Kosiński
5eae12b451 Camera: re-add TEE access. am: 3884738538 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16980638

Change-Id: Idfdd081b47c1a747f11352a8b2beaa0bdc6ba2df
 2022-02-24 01:56:26 +00:00
Adam Shih
a7bd615bd6 [automerger skipped] avoid pixellogger from crashing am: b158d7b088 am: 79481cc1b3 -s ours 
am skip reason: skipped by user adamshih

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16983453

Change-Id: Id3fe0b0c2910f9555e6ca50476276b522e34b428
 2022-02-24 01:46:20 +00:00
Jack Yu
769645d0c1 uwb: permissions for factory uwb calibration file am: 97a25bf259 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986452

Change-Id: Ie1aba2e1a2bb3c9d79caa04f454df271a531a9b0
 2022-02-24 01:34:13 +00:00
Darren Hsu
7306a159f7 Allow hal_power_stats to read UWB sysfs nodes am: 8f90cf5408 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986443

Change-Id: If507662ac99de839314da9d03df7f3b7eb44bafb
 2022-02-24 01:33:49 +00:00
Jinting Lin
b9b03f61f8 Adds mnt file and batt info permissions for modem app am: e6af74a6c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984429

Change-Id: Ie7d2cfab67eaf4ec2477f4dbaccc056b42b9df3a
 2022-02-24 01:32:56 +00:00
Jack Yu
97a25bf259 uwb: permissions for factory uwb calibration file 
Allow nfc hal accessing /data/vendor/uwb.

Bug: 220167093
Test: build pass
Merged-In: I33093231577b71c24d5bf6f980c7021cc546fa98
Change-Id: I33093231577b71c24d5bf6f980c7021cc546fa98
 2022-02-24 01:02:52 +00:00
Darren Hsu
8f90cf5408 Allow hal_power_stats to read UWB sysfs nodes 
Bug: 219369324
Test: Dump power stats and see no avc denials
Change-Id: Ib1ac15867f51069bef3f68e91bf65b842b7c0734
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-02-24 01:02:11 +00:00
Jinting Lin
43dd982131 Adds logging related properties for logger app am: 7ba8b12bb8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16983456

Change-Id: I4de5106dddc7252b298fd12496afae00f2464ca3
 2022-02-23 17:29:05 +00:00
Krzysztof Kosiński
084defd392 Camera: re-add TEE access. am: 3884738538 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16980638

Change-Id: I6f455d8b6bb2d558ce9fbf5a1aaea66674fc43be
 2022-02-23 17:24:31 +00:00
Adam Shih
79481cc1b3 avoid pixellogger from crashing am: b158d7b088 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16983453

Change-Id: I15f04a00b6e2ac537bf565423f3b190b1869e3ab
 2022-02-23 17:18:06 +00:00
Jinting Lin
e6af74a6c4 Adds mnt file and batt info permissions for modem app 
Bug: 220076340
Merged-In: Icd02d4f8757719afed020c27a90812921d5f37ec
Change-Id: Icd02d4f8757719afed020c27a90812921d5f37ec
(cherry picked from commit 2c914cd02c)
 2022-02-23 05:55:57 +00:00
Android Build Coastguard Worker
7f75daebf1 Snap for 8211263 from 340ceb1bfb to udc-release 
Change-Id: I37e6496636734a63006e744e81a25bf2841216bf
 2022-02-23 04:01:37 +00:00
Jinting Lin
7ba8b12bb8 Adds logging related properties for logger app 
Bug: 220073302
Merged-In: I3917ce13f51a5ccb3304eb2db860f4da8424438b
Change-Id: I3917ce13f51a5ccb3304eb2db860f4da8424438b
(cherry picked from commit e65363450c)
 2022-02-23 03:16:00 +00:00
Krzysztof Kosiński
3884738538 Camera: re-add TEE access. 
Face auth is being investigated for Android T, so this access
is still needed. It was initially omitted from ag/16719985 because
it did not launch in Android S.

Bug: 220886644
Test: build for P10
Change-Id: I61ecc685397fcab6f356e98abfc88e8cb34254f4
 2022-02-23 02:51:40 +00:00
Adam Shih
b158d7b088 avoid pixellogger from crashing 
Bug: 220935985
Test: pixellogger stays alive for 2 minutes
Change-Id: I9f70f1a936731332ada3abfa945e60f8aff58279
 2022-02-23 09:58:37 +08:00
Robb Glasser
340ceb1bfb Fix sensors_hal selinux denials. am: 727d070b13 am: b273426e98 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16945897

Change-Id: I2dd11ffcf9de7efd0f58fd809dca79c92687846f
 2022-02-22 20:39:55 +00:00
Robb Glasser
b273426e98 Fix sensors_hal selinux denials. am: 727d070b13 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16945897

Change-Id: Ic2597d188b9f5b4fd8d779d22ec8bc57ab02d16a
 2022-02-22 19:46:30 +00:00
Robb Glasser
727d070b13 Fix sensors_hal selinux denials. 
Bug: 214473093
Bug: 218930975
Bug: 210067282
Test: com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: Ifd865efd0544f246d1c188f3edce9f05f27313d2
 2022-02-22 19:25:50 +00:00
Krzysztof Kosiński
9257cd2a09 Camera: add setsched capability. am: 7997d6a8a0 am: 5975dd89c8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16943772

Change-Id: I18ad1039c0bd0d91d42d6acb27f6e1da412f7c6b
 2022-02-22 10:26:21 +00:00
Ted Lin
5b6a5292c3 hal_health_default: Fix avc denials 
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2270): avc: denied { search } for name="thermal" dev="tmpfs" ino=1028 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2271): avc: denied { search } for name="thermal" dev="sysfs" ino=16790 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2273): avc: denied { open } for path="/sys/devices/virtual/thermal/thermal_zone13/mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1
12-02 11:15:45.224   756   756 I health@2.1-serv: type=1400 audit(0.0:2272): avc: denied { write } for name="mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1

Bug:208721638
Test: adb bugreport
Change-Id: I4d9491862ff1bcc88f89b1478497ac569e3d1df1
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-02-22 09:11:43 +00:00
Krzysztof Kosiński
7fa1b979e3 Camera: add setsched capability. am: 7997d6a8a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16943772

Change-Id: I3cf5fac31683c37c05f427d8226e013f11e3f5a2
 2022-02-22 08:51:22 +00:00
Adam Shih
f3a6247154 Let GPU reload am: b322df9960 am: 37c001e736 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972944

Change-Id: I23b27fef19cd8bbfdd81c23f72562cc48ffc6ab9
 2022-02-22 08:49:00 +00:00
Krzysztof Kosiński
5975dd89c8 Camera: add setsched capability. am: 7997d6a8a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16943772

Change-Id: I0dd3ce7386c49db308618ceb5b75c04e1c58c5fe
 2022-02-22 08:48:23 +00:00
Krzysztof Kosiński
7997d6a8a0 Camera: add setsched capability. 
The camera HAL needs to increase the priority of some threads
to reduce frame drops.

Bug: 205072921
Test: Inspected logcat on P10
Change-Id: Ife5194c780a91f32d718f8db38e41f2f47fb929f
 2022-02-22 08:12:57 +00:00
Adam Shih
37c001e736 Let GPU reload am: b322df9960 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972944

Change-Id: I378151b91d62b5c0eca3f876a82a5d73886dbe18
 2022-02-22 07:43:55 +00:00
Adam Shih
b322df9960 Let GPU reload 
02-22 12:59:47.955    15    15 I mali 28000000.mali: reloading firmware
02-22 12:59:47.955    15    15 W mali 28000000.mali: loading /vendor/firmware/mali_csffw.bin failed with error -13
02-22 12:59:47.955    15    15 W mali 28000000.mali: Direct firmware load for mali_csffw.bin failed with error -2
02-22 12:59:47.955    15    15 E mali 28000000.mali: Failed to reload firmware image 'mali_csffw.bin'
02-22 12:59:47.920    15    15 W kworker/0:1: type=1400 audit(0.0:10): avc: denied { read } for name="mali_csffw.bin" dev="dm-4" ino=5689716 scontext=u:r:kernel:s0 tcontext=u:object_r:same_process_hal_file:s0 tclass=file permissive=0

Bug: 220801802
Test: device can resume after an hour of suspend.
Change-Id: Ib252d6b1ac50ba7578a2ebf8cd8745004c385378
 2022-02-22 07:05:54 +00:00
Android Build Coastguard Worker
bb351a5483 Snap for 8207854 from 1bdb2ced7c to udc-release 
Change-Id: Ic883668e64bb8c7fa52b272e31b1d87d3c83f494
 2022-02-22 04:01:09 +00:00
neoyu
3cbca42df5 Fix SELinux errors for ims am: 9d12b77b67 am: faac353bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962938

Change-Id: Icf4c3c27289c35edafa7f1d17d1a8ad52a62af73
 2022-02-22 03:10:32 +00:00
neoyu
faac353bfb Fix SELinux errors for ims am: 9d12b77b67 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962938

Change-Id: I9cc01f3a6b6ef01dbe3e6356e124c55354510559
 2022-02-22 02:27:58 +00:00
neoyu
9d12b77b67 Fix SELinux errors for ims 
Sync different parts from P21 to P22

Bug: 220244357
Test: manual
Change-Id: Idf8e5e612b46370812be0907e75e9ae43f37ab7b
 2022-02-22 01:43:29 +00:00
Jack Yu
62d5b40d35 uwb: permissions for factory uwb calibration file 
Allow nfc hal accessing /data/vendor/uwb.

Bug: 220167093
Test: build pass
Change-Id: I33093231577b71c24d5bf6f980c7021cc546fa98
 2022-02-22 01:24:47 +00:00
Jinting Lin
2c914cd02c Adds mnt file and batt info permissions for modem app 
Bug: 220076340
Change-Id: Icd02d4f8757719afed020c27a90812921d5f37ec
 2022-02-22 01:16:41 +00:00
neoyu
1bdb2ced7c Fix SELinux errors for vendor_init am: 7a34798ea4 am: d889ee6353 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962933

Change-Id: I71911df1c95d7f1570d49eb50490039c7352c2d0
 2022-02-21 12:02:00 +00:00
neoyu
d889ee6353 Fix SELinux errors for vendor_init am: 7a34798ea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962933

Change-Id: I22d3af89dd84fab0330f1180b39a55157add6f33
 2022-02-21 10:32:55 +00:00
neoyu
662c55b911 Fix SELinux errors for rild am: 26aa7c150e am: 05fbdcedc3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962925

Change-Id: I6b323d560fe4fc45c009dd3e32659b12d2d6ba41
 2022-02-21 07:34:49 +00:00
Tai Kuo
528d78f539 Remove hal_vibrator_default avc tracking denials am: bc3924f61d am: 373795e6a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939010

Change-Id: Icb76e10d0fb5a72ab54b4d069cd3cdf71d6bc530
 2022-02-21 07:33:50 +00:00
wenchangliu
8087834fce Allow hal_graphics_allocator to access vscaler_heap_device am: 84d53775e1 am: 44eba6830b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962930

Change-Id: Ia4cec67bee98b0921b5b8c6875a26d00a90c387d
 2022-02-21 07:23:25 +00:00
wenchangliu
2638c815af Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device am: ad0a033f97 am: 258318a4af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962929

Change-Id: I1639ad7fa458d8174194973f547f12a9eb1c2492
 2022-02-21 07:23:24 +00:00
neoyu
05fbdcedc3 Fix SELinux errors for rild am: 26aa7c150e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962925

Change-Id: I288eca3c6e1e92558775082bbeac8c371d549379
 2022-02-21 07:01:27 +00:00
Tai Kuo
373795e6a5 Remove hal_vibrator_default avc tracking denials am: bc3924f61d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939010

Change-Id: I6a962e36cee9d8f402e1386f3736219e9a15b8a7
 2022-02-21 07:01:17 +00:00
wenchangliu
44eba6830b Allow hal_graphics_allocator to access vscaler_heap_device am: 84d53775e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962930

Change-Id: I6524c426deb02574346c67e66e81c8caa226d731
 2022-02-21 07:01:04 +00:00
wenchangliu
258318a4af Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device am: ad0a033f97 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962929

Change-Id: Ic9b9d211039819015f0a432d6ec703d259cb5677
 2022-02-21 07:01:04 +00:00
neoyu
7a34798ea4 Fix SELinux errors for vendor_init 
avc: denied { set } for property=logd.logpersistd pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:logpersistd_logging_prop:s0 tclass=property_service permissive=0'
avc: denied { set } for property=logd.logpersistd.size pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:logpersistd_logging_prop:s0 tclass=property_service permissive=0'
avc: denied { set } for property=persist.vendor.ril.use.iccid_to_plmn pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0'
avc: denied { set } for property=persist.vendor.ril.emergencynumber.mode pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0'
avc: denied { set } for property=persist.vendor.ril.log_mask pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0'
avc: denied { set } for property=persist.vendor.ril.log.base_dir pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0'
avc: denied { set } for property=persist.vendor.ril.log.chunk_size pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0'

Bug: 220261262
Test: manual
Change-Id: Ieb6673234f913af25e275e61404098a0deccbed2
 2022-02-21 14:58:29 +08:00
neoyu
dffd11e39f [automerger skipped] Fix SELinux errors for ims am: e909ddabea am: bf6cd933e7 -s ours 
am skip reason: Merged-In I3e7f6781718c3967f7842b074b0ef91818508af2 with SHA-1 e909ddabea is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962927

Change-Id: If504e329add9e6a18766a60dcbbab83cc4a1b3ce
 2022-02-21 06:50:47 +00:00
neoyu
0123c39413 Fix SELinux errors for rild am: 26aa7c150e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962925

Change-Id: Ib2262bfdebeb032a401037aa1bfad9bf8159b74a
 2022-02-21 06:42:31 +00:00
Tai Kuo
f65f586495 Remove hal_vibrator_default avc tracking denials am: bc3924f61d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939010

Change-Id: I09aab5de63058d127791e41a7fa2dcfe08e283a0
 2022-02-21 06:42:00 +00:00
wenchangliu
29dd317644 Allow hal_graphics_allocator to access vscaler_heap_device am: 84d53775e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962930

Change-Id: Ic1f28fb4f370715ed9bb2ad5cb169888cb296c9d
 2022-02-21 06:41:43 +00:00
wenchangliu
032d245dec Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device am: ad0a033f97 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962929

Change-Id: Ia9dc74f81614ce5e7b7f9b0cc1390e79fab5d990
 2022-02-21 06:41:42 +00:00
neoyu
9ba325c541 [automerger skipped] Fix SELinux errors for ims am: e909ddabea -s ours 
am skip reason: Merged-In I3e7f6781718c3967f7842b074b0ef91818508af2 with SHA-1 0d22c86fef is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962927

Change-Id: Ic5568e403b77bc6a4983962e8188b5c8e0df9dc0
 2022-02-21 06:41:12 +00:00
neoyu
26aa7c150e Fix SELinux errors for rild 
avc: denied { set } for property=vendor.sys.modem_reset pid=990 uid=1001 gid=1001 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 220261262
Test: manual
Change-Id: I2bd616345f665c0cffd1ee73db790708f9cbca06
 2022-02-21 06:38:42 +00:00
Tai Kuo
bc3924f61d Remove hal_vibrator_default avc tracking denials 
Bug: 204718450
Bug: 207062207
Bug: 208721729
Test: pts-tradefed run pts -m PtsSELinuxTest -t
  com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: Icb3d6a48fc9fbb6e6644d1d65150436f7c0c8c3f
 2022-02-21 06:37:00 +00:00
wenchangliu
84d53775e1 Allow hal_graphics_allocator to access vscaler_heap_device 
avc: denied { read } for name="vscaler-secure" dev="tmpfs" \
ino=458 scontext=u:r:hal_graphics_allocator_default:s0 \
tcontext=u:object_r:vscaler_heap_device:s0 \
tclass=chr_file permissive=0

Bug: 199467922
Test: ExoPlayer secure playback
Change-Id: I2b3be9f4f038317eb456a20b33e555e8d5db2678
 2022-02-21 06:36:34 +00:00
wenchangliu
ad0a033f97 Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device 
avc: denied { ioctl } for path="/dev/dma_heap/vframe-secure" dev="tmpfs" \
ino=801 ioctlcmd=0x4800 scontext=u:r:hal_graphics_allocator_default:s0 \
tcontext=u:object_r:dmabuf_system_secure_heap_device:s0 \
tclass=chr_file permissive=0

Bug: 199467922
Test: ExoPlayer secure playback
Change-Id: I9e6e1bba6d01c1a416a440e8ad425a5cf2ac19c5
 2022-02-21 06:36:34 +00:00
neoyu
bf6cd933e7 Fix SELinux errors for ims am: e909ddabea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962927

Change-Id: I4c07a8c15ae99f489044c360e84a7480d2348846
 2022-02-21 06:14:24 +00:00
neoyu
e909ddabea Fix SELinux errors for ims 
avc: denied { write } for name="property_service" dev="tmpfs" ino=362 scontext=u:r:vendor_ims_app:s0:c208,c256,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 app=com.shannon.imsservice
avc: denied { set } for property=persist.radio.call.audio.output pid=1920 uid=10216 gid=10216 scontext=u:r:vendor_ims_app:s0:c216,c256,c512,c768 tcontext=u:object_r:radio_prop:s0 tclass=property_service permissive=0'

Bug: 219954530
Test: manual
Change-Id: I3e7f6781718c3967f7842b074b0ef91818508af2
(cherry picked from commit 0d22c86fef)
Merged-In: I3e7f6781718c3967f7842b074b0ef91818508af2
 2022-02-21 05:44:38 +00:00
Adam Shih
9809b69b55 update error on ROM 8205122 am: 2b6835e404 am: 9589916921 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962923

Change-Id: I9dfaff1b0924a18001d84799aa8b1921870ee8ee
 2022-02-21 04:37:51 +00:00
Adam Shih
76a7ff4af6 update error on ROM 8205122 am: 2b6835e404 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962923

Change-Id: I7c9696fb57a9521edc5a54eef871d236cae0c17a
 2022-02-21 04:20:20 +00:00
wenchangliu
9adddfcfed Allow mediacodec_samsung to access gpu device am: 28817da2a3 am: 318db1ac82 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939013

Change-Id: I73c0b9acc2cf297e8baf2ea9ebf524c6acdb1491
 2022-02-21 04:07:39 +00:00
Adam Shih
9589916921 update error on ROM 8205122 am: 2b6835e404 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962923

Change-Id: I69c24ef1ae29c7eba9085e0ab2f113a0039dd670
 2022-02-21 03:34:06 +00:00
wenchangliu
318db1ac82 Allow mediacodec_samsung to access gpu device am: 28817da2a3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939013

Change-Id: I0fa6c765db711a277e356fbdadc6de1f526d5943
 2022-02-21 03:34:00 +00:00
Adam Shih
2b6835e404 update error on ROM 8205122 
Bug: 220636850
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I201f9e84eca676b9f7aa5d09356bce384df1fa4b
 2022-02-21 03:20:59 +00:00
Jinting Lin
e65363450c Adds logging related properties for logger app 
Bug: 220073302
Change-Id: I3917ce13f51a5ccb3304eb2db860f4da8424438b
 2022-02-21 01:45:27 +00:00
Android Build Coastguard Worker
d5723095e5 Snap for 8203021 from 453b37ebdc to udc-release 
Change-Id: I4db0d3519712a9e6db10530db598c336817381e7
 2022-02-19 06:06:09 +00:00
wenchangliu
28817da2a3 Allow mediacodec_samsung to access gpu device 
avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" \
ino=1042 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1

avc: denied { read write } for name="mali0" dev="tmpfs" \
ino=1042 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1

avc: denied { open } for path="/dev/mali0" dev="tmpfs" \
ino=1042 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1

avc: denied { ioctl } for path="/dev/mali0" dev="tmpfs" \
ino=1042 ioctlcmd=0x8034 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1

avc: denied { map } for path="/dev/mali0" dev="tmpfs" \
ino=1042 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1

Bug: 205772037
Test: demo-transformer HDR editing
Change-Id: Ib5d075bfd1247112c803f01db430d93259fd9e7f
 2022-02-18 13:50:13 +00:00
Alex Hong
453b37ebdc Remove the sepolicy for tetheroffload service 
Test: m checkvintf
      run vts -m VtsHalTetheroffloadControlV1_0TargetTest
Bug: 207076973
Bug: 214494717
Change-Id: I5ecec46512ff4e1ae6c52147cfa0179e5fc93420
 2022-02-18 07:55:02 +00:00
Android Build Coastguard Worker
124bc16bd7 Snap for 8195043 from c8c1f766d2 to udc-release 
Change-Id: I49167a9bee074ce545156597837b3e66a9c3f3bf
 2022-02-18 04:01:17 +00:00
neoyu
0d22c86fef Fix SELinux errors for ims 
avc: denied { write } for name="property_service" dev="tmpfs" ino=362 scontext=u:r:vendor_ims_app:s0:c208,c256,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 app=com.shannon.imsservice
avc: denied { set } for property=persist.radio.call.audio.output pid=1920 uid=10216 gid=10216 scontext=u:r:vendor_ims_app:s0:c216,c256,c512,c768 tcontext=u:object_r:radio_prop:s0 tclass=property_service permissive=0'

Bug: 219954530
Test: manual
Change-Id: I3e7f6781718c3967f7842b074b0ef91818508af2
 2022-02-18 02:39:23 +00:00
Peter Csaszar
4041f814be pixel-selinux: add SJTAG policies 
These are the SELinux policies for the sysfs files of the SJTAG
kernel interface. The files are in the following directories:

  /sys/devices/platform/sjtag_ap/interface/
  /sys/devices/platform/sjtag_gsa/interface/

Bug: 207571417
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff
 2022-02-17 12:31:09 -08:00
Midas Chien
c8c1f766d2 Allow composer to read panel_idle sysfs node 
Change panel_idle selinux type to sysfs_display to allow composer can
access it.

Bug: 198808492
Test: ls -Z to check selinux type
Test: make sure composer can access it
Change-Id: Ic2bd697c79b398b8093dd00598b1076e3ea3aec2
 2022-02-17 09:17:42 +00:00
Denny cy Lee
efbd9fa0b2 sepolicy: hwinfo: Add battery fuel gauge permission 
Bug: 208909060
Bug: 219660742
Bug: 219660741
Test: check dmeg and search "avc: denied { search } for
comm="id.hardwareinfo" vendor_maxfg_debugfs avc gone after apply patch

Change-Id: I3399e696b59218e62c4d1adcc2a12f5d6ee5c8cc
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2022-02-17 09:04:23 +00:00
Android Build Coastguard Worker
32b4648732 Snap for 8191477 from 064c6a86e0 to udc-release 
Change-Id: I822a9411837520cdbbb3b0394a3375c03d42059b
 2022-02-17 04:01:48 +00:00
Junkyu Kang
064c6a86e0 Add persist.vendor.gps to sepolicy 
Bug: 196002632
Test: PixelLogger can modify persist.vendor.gps.*
Change-Id: I17f16d1f147287abf86b18452743842594be7531
 2022-02-16 08:16:03 +00:00
Adam Shih
b2c284177a label sysfs_fabric to target_load 
[   11.149987] type=1400 audit(1644984050.124:9): avc: denied { open } for comm="NodeLooperThrea" path="/sys/devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/interactive/target_load" dev="sysfs" ino=48615 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
Bug: 218500026
Test: boot with no error loop under enforcing mode

Change-Id: Ie2f78f8ee39233e0c1f83fc2ba654f4a116e12a4
 2022-02-16 13:01:30 +08:00
Android Build Coastguard Worker
aafe4d5f85 Snap for 8188455 from 2d7c980fa6 to udc-release 
Change-Id: If4e66aca0d50d362fdad00ef747d1d08589eb9b3
 2022-02-16 04:01:23 +00:00
chungkai
2d7c980fa6 Fix avc denials for powerhal 
selinux policy is already added by other commit "9cc7041",
so remove the previous setting.

Test: boot to home screen
Bug: 218934377
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Id11ee7b4ae216a54e7051190f8ca382e97a76ade
 2022-02-16 02:21:04 +00:00
SalmaxChang
c5f0e9723f cbd: fix avc errors 
avc: denied { search } for comm="cbd" name="/" dev="sda1" ino=3 scontext=u:r:cbd:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
avc: denied { setuid } for comm="cbd" capability=7 scontext=u:r:cbd:s0 tcontext=u:r:cbd:s0 tclass=capability permissive=1

Bug: 205779872
Bug: 205904432
Change-Id: I09f1ac5473b728d5e6f38b01dc83f4b9c4c8fbcc
 2022-02-16 01:55:39 +00:00
SalmaxChang
1420e3d5d7 rfsd: fix avc errors 
[    8.024353] type=1400 audit(1636594727.560:42): avc: denied { chown } for comm="rfsd" capability=0 scontext=u:r:rfsd:s0 tcontext=u:r:rfsd:s0 tclass=capability permissive=1
[    8.027666] type=1400 audit(1636594727.564:43): avc: denied { setuid } for comm="rfsd" capability=7 scontext=u:r:rfsd:s0 tcontext=u:r:rfsd:s0 tclass=capability permissive=1

Bug: 205904361
Change-Id: I6e30a9622b930273fbc524e6bc84f2112f79f11c
 2022-02-16 01:55:31 +00:00
Mars Lin
a320d9b575 Add required sepolicy rules for CatEngine 
Fix:
02-15 11:55:44.005   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=activity scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:activity_service:s0 tclass=service_manager permissive=1
02-15 11:55:44.082   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=game scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:game_service:s0 tclass=service_manager permissive=1
02-15 11:55:44.087   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=netstats scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=1
02-15 11:55:44.092   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=content_capture scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=1

Bug: 219632839
Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I1db9b29e3a3c7dae782bced3427e7c24c5dee945
 2022-02-16 01:34:11 +00:00
Adam Shih
501767b174 remove bt obsolete sepolicy 
Bug: 207062775
Bug: 208721525
Test: do bt connection under enforcing mode
Change-Id: I787bfcffdb8cfcff7276d8d183c04d985296ff1c
 2022-02-15 07:45:58 +00:00
Adam Shih
027e04ab2b update error on ROM 8184037 
Bug: 219632839
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ie3a2325f2e80aea94d7ca79257f5bf3db8578259
 2022-02-15 06:59:08 +00:00
Android Build Coastguard Worker
3f56b64034 Snap for 8183730 from 76b772519a to udc-release 
Change-Id: I686682bf51213848170427d61a2767853c687923
 2022-02-15 04:02:20 +00:00
Alex Hong
58b6e68d51 Add required sepolicy rules for Sensor function 
Bug: 210067282
Bug: 214473093
Bug: 218930975
Bug: 218499995
Test: run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#checkSensors
Change-Id: I21bbbe35b8c487e9de46b03c508a483134c0b1b8
 2022-02-14 19:31:08 +08:00
Rick Yiu
76b772519a Allow dumping vendor groups values 
Fix:
I dumpstate@1.1-s: type=1400 audit(0.0:37): avc: denied { search } for name="vendor_sched" dev="proc" ino=4026532870 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc_vendor_sched:s0 tclass=dir permissive=1
I dumpstate@1.1-s: type=1400 audit(0.0:38): avc: denied { read } for name="dump_task" dev="proc" ino=4026532871 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc_vendor_sched:s0 tclass=file permissive=1
I dumpstate@1.1-s: type=1400 audit(0.0:39): avc: denied { open } for path="/proc/vendor_sched/dump_task" dev="proc" ino=4026532871 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc_vendor_sched:s0 tclass=file permissive=1

Bug: 216844247
Test: build pass
Change-Id: Icfecf373aa7b49d504d9ed4e15dcbfe2a53d47d3
 2022-02-14 06:05:03 +00:00
Adam Shih
015d77ab54 update error on ROM 8179635 
Bug: 219369324
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Iee33b4d8cefca3b91caa0fce1ed1d4a0686a05a2
 2022-02-14 05:19:24 +00:00
Mars Lin
549512a38e Add sepolicy for CatEngine 
Bug: 187989782
Test: Run CAT adb check log
Change-Id: Ib715ac2fb8efc8ad79fe190942dcfae716291d2b
 2022-02-14 03:03:39 +00:00
Adam Shih
436106d52f Let citadel talk to system_server 
Bug: 205904322
Test: no request loop caused by citadeld
Change-Id: Ia258ed2555d82eb2ea2b139a266c8f76d3b29d06
 2022-02-11 06:54:28 +00:00
Adam Shih
e01b568cfe update error on ROM 8172195 
Bug: 218934377
Bug: 218930975
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I125453803e0c827c45ad9551616366b96cc89816
 2022-02-11 05:31:05 +00:00
Alex Hong
9cc70410c5 Add required sepolicy rules for Camera function 
Bug: 218499972
Test: Switch to Enforcing mode
      Take a picture, camera recording
Change-Id: I57f3e8454ece6906624f028b7a3771ffddcaa963
 2022-02-11 03:26:56 +00:00
Alex Hong
cd4f508c92 Grant hal_dumpstate_default access 
Bug: 208721677
Bug: 208909124
Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: Ie5463e96958a95431630941c19b7888a3eea2e3e
 2022-02-11 03:26:56 +00:00
davidycchen
7b7394be79 Remove touch_service 
Remove touch_service here because we already define in
hardware/google/pixel-sepolicy/input and add by ag/16251913.

Bug: 199104528
Test: No any related error.

Signed-off-by: davidycchen <davidycchen@google.com>
Change-Id: I3e5f705f6d3cde18d9495cb110e16c4152fe3d4f
 2022-02-11 02:36:29 +00:00
davidycchen
bfda745e26 Remove touch_offload_device declaration 
touch_offload_device is already declare in
hardware/google/pixel-sepolicy/input.

device/google/gs201-sepolicy/whitechapel_pro/device.te:14:ERROR
'Duplicate declaration of type' at token ';' on line 76173:
type rls_device, dev_type;
type touch_offload_device, dev_type;

Bug: 199104528
Test: build pass

Signed-off-by: davidycchen <davidycchen@google.com>
Change-Id: I3cedb25473d8327eb42d3b65cf714cf5dc22712f
 2022-02-11 02:36:29 +00:00
Ankit Goyal
239885a306 Rename vulkan library to be platform agnostic 
Bug: 174232579
Test: Boots to home
Change-Id: Ib8618f4f8e1fc47753039f1143269211df0c42be
 2022-02-11 00:52:54 +00:00
Adam Shih
08db42d941 update error on ROM 8162414 
Bug: 218585004
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I9ac82ab564eb4399a88516427f1cdc735a257da2
 2022-02-09 05:17:19 +00:00
chungkai
b1177899bd Fix avc denials for powerhal 
Test: boot to home screen
Bug: 214121738
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ic5e14f7c8d321278c2c39797126db930a0dc93f3
 2022-02-09 04:10:28 +00:00
Denny cy Lee
92d0030e6a hardwareinfo: add sepolicy for SoC 
Bug: 208721710
Test: search avc in logcat

Change-Id: I3828d39981666db98e6a34aa70ae39b7f126e495
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2022-02-08 03:33:06 +00:00
Marco Nelissen
362074c629 Really allow logd to read the Trusty log 
The previous change was missing some permissions.

Bug: 190050919
Test: run
Change-Id: I09d50b663a926cb616279e4a741d34598ca80ab7
 2022-01-27 13:30:28 -08:00
Krzysztof Kosiński
b76b5e3872 Add camera HAL sepolicy based on previous chip family. 
The camera HAL code is reused from the previous chip and needs to
perform the same operations as previously, with the following
differences:
- The interrupt affinity workaround may no longer be necessary
  due to image sensor changes, so the ability to set interrupt
  affinity is removed.
- Access to some files that were only present before the APEX
  migration is removed.
- vendor_camera_tuning_file is no longer needed.
- TEE access for face auth is removed for now.

Bug: 205904406
Bug: 205657132
Bug: 205780186
Bug: 205072921
Bug: 205657133
Bug: 205780065
Bug: 204718762
Bug: 207300298
Bug: 209889068
Bug: 210067468
Test: Ensure that the policy builds; I don't have access to target
      hardware at the moment.

Change-Id: Ia70b98d4e1f3a156a5e719f0d069a90579b6a247
 2022-01-27 15:36:30 +00:00
Marco Nelissen
ef2c46c2f4 Allow logd to read the Trusty log 
Bug: 190050919
Test: run

Change-Id: I52c1bfadbbe7d2a471bd8e9be995284f8887543a
 2022-01-26 17:28:12 +00:00
Ted Lin
cdee7b6e78 fix avc denied for charge_stats 
01-13 11:05:03.196  1000  3806  3806 I pixelstats-vend: type=1400 audit(0.0:32): avc: denied { search } for name="i2c-p9412" dev="sysfs" ino=59835 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
01-13 11:05:03.196  1000  3806  3806 I pixelstats-vend: type=1400 audit(0.0:33): avc: denied { read } for name="charge_stats" dev="sysfs" ino=70092 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=1
01-13 11:05:03.196  1000  3806  3806 I pixelstats-vend: type=1400 audit(0.0:34): avc: denied { open } for path="/sys/devices/platform/10da0000.hsi2c/i2c-6/i2c-p9412/charge_stats" dev="sysfs" ino=70092 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=1
01-13 11:05:03.196  1000  3806  3806 I pixelstats-vend: type=1400 audit(0.0:35): avc: denied { getattr } for path="/sys/devices/platform/10da0000.hsi2c/i2c-6/i2c-p9412/charge_stats" dev="sysfs" ino=70092 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=1

Bug:208909060
Test: adb bugreport
Change-Id: Idf43a85d07727bbeb8c3f34475da6f697573bfed
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-01-26 08:08:54 +00:00
Ted Lin
2e64171fe1 Remove the tracking for regmap read on hardwareinfo 
Bug: 208909060
Test: adb bugreport
Change-Id: Id81634ccf58a984e8b9ac54e400a1f8035b1304a
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-01-26 08:08:54 +00:00
TeYuan Wang
0f6ba3f806 remove thermal_link_device tracking_denials rules 
we remove the thermal zone policy change by ag/16713094,
so we do not need this tracking_denials rules anymore

Bug: 202907037
Test: no avc denied log found
Change-Id: I5fe8b0d94c9fddac02e92fcd611b7098f0e68971
 2022-01-26 02:41:03 +00:00
TeYuan Wang
213dbe2a39 Add sepolicy for thermalHAL power link feature 
Bug: 204522993
Test: thermalHAL can read ODPM data under enforcing mode
Change-Id: I58ad63003a68421b25b65fe5c43fa2c3a50696c4
 2022-01-25 09:37:14 +00:00
Jinting Lin
6c24e3f9ba sepolicy: fix avc denied for logger app 
Bug: 205202541
Bug: 205779798
Bug: 207062780
Bug: 206045604
Bug: 207571546
Bug: 207431041
Bug: 208721679

Test: flash forrest build, no avc denied log on logger app

Change-Id: I6be694f727d619ba89eaa4d006c74ba4dc582095
 2022-01-25 08:16:48 +00:00
Ted Lin
9748ae74c2 Using dontaudit to fix the avc on boot test 
[    1.950092] audit: type=1400 audit(1641787406.988:2): avc:  denied  { search } for  pid=49 comm="kworker/7:0" name="google_battery" dev="debugfs" ino=36095 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_battery_debugfs:s0 tclass=dir permissive=1

Bug: 213817227
Test: check bugreport
Change-Id: Ia056856476a17feb40c20c21cf1515e0feddfc17
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-01-25 05:18:18 +00:00
Ray Chi
6733f9667d add sepolicy for set_usb_irq.sh 
Bug: 202103325
Test: build pass
(synced from commit 714075eba72067489d08c36b87bfed9656092b2c)

Change-Id: I309e24a5084ed33278d3fbe49e4ad1cc91b1255a
 2022-01-25 03:28:35 +00:00
Stephen Crane
019c8e6fcf Allow TEE storageproxyd permissions needed for DSU handling 
Allows the vendor TEE access to GSI metadata files (which are publicly
readable). Storageproxyd needs access to this metadata to determine if a
GSI image is currently booted. Also allows the TEE domain to make new
directories in its data path.

Test: access /metadata/gsi/dsu/booted from storageproxyd
Bug: 203719297
Change-Id: Ief6166aaa20ccab27dc7864373722383efae0718
 2022-01-24 23:23:04 +00:00
Adam Shih
c050b66976 update error on ROM 8101782 
Bug: 215649341
Bug: 215649571
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I1469117c6b9479fe40aa16975b00bcbe23ced015
 2022-01-24 03:56:22 +00:00
Jagadeesh Pakaravoor
a846416750 camera_hal: allow changing kthread priority 
Allow changing kthread priority during insmod for camera-hal/LWIS.

Bug: 199950581
Test: boot, local camera testing
Change-Id: If59bfe101cab17854a5472ef388411bd19ef0a68
 2022-01-24 03:17:16 +00:00
Darren Hsu
89f14a9496 sepolicy: allow PowerStats HAL to access below sysfs 
aoc, acpm_stats, cpu, edgetpu, iio_devices, odpm, wifi and ufs

(All avc logs are listed in b/207598247#comment2)

Bug: 207062210
Bug: 207571335
Bug: 207720720
Bug: 207598247
Test: dump power stats with no relevant avc error
Change-Id: I9c99af2d06461a2f86ef02d76b3aa8ea669e58e9
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-01-24 02:05:11 +00:00
Darren Hsu
a7e3b39ca4 sepolicy: allow PowerStats HAL to call BT HAL 
Bug: 205904367
Test: dump power stats with no relevant avc error
Change-Id: Idc7ecbc7e3571011c8c12c421bdce0015e78135f
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-01-24 02:04:21 +00:00
Adam Shih
13bd5ff5df let vendor_init set usb property 
[    6.419785] type=1107 audit(1642741073.304:7): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.usb.rndis.config pid=352 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=0'
Bug: 205214899
Test: unplug and plug in usb with no relevant error
Change-Id: I8104ba9f0e0cb5b8b0d5e66964d9306d39d4c296

Change-Id: Ib76f7cae9015bcbd255d79edc099072a58860028
 2022-01-21 07:03:22 +00:00
Adam Shih
cf275e10c6 fix sim card related permission 
[   21.176786] type=1107 audit(1642737478.108:25): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.radio.allowed_types_loaded0 pid=1931 uid=10205 gid=10205 scontext=u:r:oemrilservice_app:s0:c205,c256,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=1'
[   32.319439] type=1400 audit(1642737489.248:28): avc: denied { read } for comm="pool-4-thread-1" name="u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=321 scontext=u:r:vendor_ims_app:s0:c212,c256,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=1 app=com.shannon.imsservice
Bug: 205214899
Test: boot to home with sim card inserted

Change-Id: Id54441adc109d6977013abdc94c31d9b46bc203b
 2022-01-21 07:03:02 +00:00
William Tai
492f8a39f4 allow android.hardware.power.stats-service.pixel to access sysfs_leds 
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:8): avc: denied { search } for name="backlight" dev="sysfs" ino=69387 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:9): avc: denied { read } for name="state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

Bug: 214473005
Test: no avc denied error during bootup
Change-Id: I5b8a232202a8f1c5b10878c10be9bec3329fb7ad
 2022-01-21 06:14:32 +00:00
Devika Krishnadas
35abe98124 Edit vframe-secure policy 
Bug: 215417614
Test: GL2SecureRendering.apk
Signed-off-by: Devika Krishnadas <kdevika@google.com>
Change-Id: Ief75b8581887d28916d512ec90acc575311276db
 2022-01-21 04:47:21 +00:00
Adam Shih
3062ac34cd allow storageproxyd to set itself to system 
Bug: 205904330
Test: boot to home under enforcing mode
Change-Id: I48272f6507f6cdb930f734b86d3b21b0e553cac0
 2022-01-20 14:48:49 +08:00
Adam Shih
26778aff7b be able to dump camera info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I90a4c971c50290c38f7913dc18404daf0270b907
 2022-01-20 14:17:00 +08:00
Adam Shih
f56dba1b24 be able to dump CPU info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I14abe138b6ad4a842edb143318cc5d867d575ec3
 2022-01-20 14:11:25 +08:00
Adam Shih
36dc06e08a be able to dump debugfs info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I4f7fc7a8f0029f1c1f398403d938bd6b7b96a43e
 2022-01-20 11:12:06 +08:00
Adam Shih
8209221242 be able to run usf dump binary 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I83687a284c4a27e723e31ce19edd2cbceaa69ab8
 2022-01-20 11:12:06 +08:00
Adam Shih
f6dd48e07b be able to dump modem silent log 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Iec520b21d904fa4119a4111fe4de659c28634826
 2022-01-20 11:12:06 +08:00
Adam Shih
0e96eb0865 be able to dump rfsd info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Idbe125d76392a8c04b3fa5f475e0c3aa2f9a199c
 2022-01-20 11:12:06 +08:00
Adam Shih
43d7a148d5 be able to dump GPS 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ied6d86090e3ae29c0b49c4880a515669940c5706
 2022-01-20 11:12:06 +08:00
Adam Shih
bfe1d014a2 be able to dump chip id 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ie539ab9afac80ea58e418a6fbe503ad822299b3f
 2022-01-20 11:12:06 +08:00
Adam Shih
8518e2e1ce be able to dump wireless charging info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ie4e19a322a312e183e23197f600a527ee5ceed4d
 2022-01-20 11:12:06 +08:00
Adam Shih
75ad9a3fcc be able to dump exynos info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I72ca4c8715130558d8dd3dccbf941dde6b9f064e
 2022-01-20 11:12:05 +08:00
Adam Shih
93000fdd06 be able to dump aoc info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I60cb5cce8b6cb7e417ee3efdeceeaafc2f071dfa
 2022-01-20 11:12:05 +08:00
Adam Shih
2417726674 be able to dump crashinfo 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Id01348da754d39f36262a7757d8c65ee746032c3
 2022-01-20 11:12:05 +08:00
Adam Shih
dee839cecd be able to dump thermal 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I6f8e2ce3b64220efba4172ef6fe05cc3fdbb6cf3
 2022-01-20 11:12:05 +08:00
Adam Shih
f884bc1f19 be able to dump wifi info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I3d0c257a20cfd6da6572cd01e76416dfa56c3c23
 2022-01-20 11:12:05 +08:00
Adam Shih
e8da0e146f be able to dump bcl in userdebug ROM only 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Id8127d495ff1b332284beda1e411b2327ec8625f
 2022-01-20 11:12:05 +08:00
Adam Shih
db22459b69 be able to dump battery info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I3705ee59b37d34c7d676943ca8f0c9995ef0262e
 2022-01-20 11:12:05 +08:00
Adam Shih
7717461bb2 be able to dump acpm 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I2435fea779977313e2f731733463c5c4313fda3c
 2022-01-20 11:12:05 +08:00
Adam Shih
7897e0f6ca Be able to dump ramdump info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I0cd8ca483df669505f11ff6fdd19cc15cb9959e1
 2022-01-19 05:38:52 +00:00
Adam Shih
03fbacc6ac Be able to dump radio info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I6a83029e9e0d0c42892b64a8acfa60cc514efba9
 2022-01-19 05:38:52 +00:00
Adam Shih
f72d021bd0 Be able to dump modem info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I0b9384ec4ddda5d3d49a451c529c03fc4d53da8f
 2022-01-19 05:38:52 +00:00
Adam Shih
5b00a6c8a2 Be able to dump logbuffer 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ieae4d64b497e911a6c8048f789e364cd1b9d2f4b
 2022-01-19 05:38:52 +00:00
Adam Shih
b8053f6b6e Be able to dump citadel info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I4f76a17004b81adbddeb7557e50f488b471aa3c7
 2022-01-19 05:38:52 +00:00
Adam Shih
11d9e265ee be able to dump aoc device 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Icbb2364638dbabe9bcccd744413d5c679b35d058
 2022-01-19 05:38:52 +00:00
Chris Lu
ca13b6a9bf hardwareinfo: add sepolicy for display 
Bug: 203593024
Test: 1. rm -r /data/data/com.google.android.hardwareinfo/
      2. Connect wifi and reboot
      3. Check hardwareinfo, there is no avc denied logs
Change-Id: I44db881286946a283f320302efd6e662fcdae683
 2022-01-19 04:27:22 +00:00
Adam Shih
b2f810f9dd sort tracking file to review it easily 
Bug: 208909124
Bug: 208721677
Test: boot with no relevant error when taking a bugreport
Change-Id: I5dc5d5cdbae329372f58f056dcf10e205ee7e02a
 2022-01-18 08:30:45 +00:00
Adam Shih
72a1bebd3d update error on ROM 8088139 
Bug: 215042694
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I741e1e101f050fe915142ec1699d2bbc553f14d7
 2022-01-18 05:42:55 +00:00
Matt Buckley
59a7bf0bb7 SEPolicy access issue for hal_graphics_composer_default should be fixed 
with ag/16631829

Bug: b/214473134
Test: pts-tradefed run pts -m PtsSELinuxTest

Change-Id: Id790bbfb9db534b86c4c5ae4564cfb2d5771ec4b
 2022-01-17 20:51:58 +00:00
joenchen
dd55e32ba1 Label min_vrefresh and idle_delay_ms as sysfs_display 
Bug: 213299701
Test: Check the files label by "adb shell ls -Z"
Change-Id: I4c10582ec7dee516b54fb8aac77dafa825aaa93d
 2022-01-17 10:21:16 +00:00
Adam Shih
56df08e495 fix dumpstate permission 
Bug: 208721809
Test: run bugreport under enforcing mode and found  no relevant errors
Change-Id: I106d95fd01b321af815ef8e580305702be716021
 2022-01-17 14:54:54 +08:00
Adam Shih
d9a2fb8506 grant systemui app access to touch service 
Bug: 204718221
Test: boot with no relevant error
Change-Id: Ic320cf682e481522ef9acad6c4eb63891c84c80c
 2022-01-17 11:20:07 +08:00
linjoey
42ac322b3d Add vulkan and gralloc sepolicy. 
Bug: 206891640
Test: Test CTS testVulkanHardwareFeatures passed.
Change-Id: Ia14aa691d6dbfad40344895c9e6a63a267754864
 2022-01-17 02:21:04 +00:00
Adam Shih
0b322cac3d make GPU mali firmware accessible 
Bug: 205779849
Test: boot with no relevant log.

Change-Id: I0cc1c1f84df44b5fbed239d6771937f62861bdb2
 2022-01-17 02:11:39 +00:00
Matt Buckley
5bf8862b01 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags 
For the hardware composer and surfaceflinger to coordinate on certain features, it is necessary for the hardware composer to be able to read the surface_flinger_native_boot_prop to know what should be enabled.

Bug: b/214473134
Test: None
Change-Id: If03dae54ea17a8131c489f56092c0edd974ea41b
 2022-01-14 20:20:24 +00:00
Xu Han
9633922461 Fix rlsserive selinux denials 
Bug: 213817228
Test: check "avc denied" log with camera streaming.
Change-Id: Id255ffab3ca145cb0708b701e2afccdcd76ef4ea
 2022-01-14 10:22:40 -08:00
Adam Shih
22786d49a4 update error on ROM 8078837 
Bug: 214473134
Bug: 214473005
Bug: 214473093
Bug: 214472867
Bug: 214472869
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8a84883655b6b259b0079d947496616974beb944
 2022-01-14 05:44:13 +00:00
Siddharth Kapoor
8b241f5c35 Update selinux for init-insmod-sh needed for gpu probe 
Bug: 207062151
Test: related avc denials not noticed in the device logs
Change-Id: I87ff2251fd7d92f8b0eb3fac43889758788b702f
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2022-01-14 04:24:52 +00:00
chloedai
f442239ffd Remove nfc.te 
type=1400 audit(0.0:186): avc: denied { transfer } for
scontext=u:r:nfc:s0 tcontext=u:r:zygote:s0
tclass=binder permissive=1

type=1400 audit(1636594745.812:186): avc: denied { transfer } for
comm="Binder:2617_2" scontext=u:r:nfc:s0  tcontext=u:r:zygote:s0
tclass=binder permissive=1

Bug: 205904208
Test: Run test and check "avc: denied { transfer }" error in avc log
Change-Id: I38f396de7d18eb32cc1c6ff6b30ee51122f4c3b0
 2022-01-13 13:00:14 +00:00
Jasmine Cha
431ba37038 audio: add sepolicy for getting thermal event 
type=1400 audit(0.0:15): avc: denied { call } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

type=1400 audit(0.0:16): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

Bug: 204271308
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I73070815b1ab73a58fd776e1301a5d4a8e198109
 2022-01-12 11:32:47 +00:00
linpeter
72dc78222f update display sepolicy 
Bug: 205073165
Bug: 205656937
Bug: 205779906
Bug: 205904436
Bug: 207062172
Bug: 208721526
Bug: 204718757
Bug: 205904380
Bug: 213133646

test: check avc denied with hal_graphics_composer_default, hbmsvmanager_app
Change-Id: I964a62fa6570fd9056b420efae7bf2fcbbe9fc9f
 2022-01-12 08:10:50 +00:00
Adam Shih
673d412421 update error on ROM 8069652 
Bug: 214121738
Bug: 214122471
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8db4e1c7d5a2cf50798c63a3a1eda0fa82b89f5a
 2022-01-12 11:14:35 +08:00
Yifan Hong
d799f2f773 Implement health AIDL HAL. 
Test: VTS
Test: manual charger mode
Test: recovery
Bug: 213273090
Change-Id: I823e202f8877ad04e7fb5508358682bc6458f7c1
 2022-01-11 21:39:14 +00:00
TeYuan Wang
89bec046aa Label TMU as sysfs_thermal 
Bug: 202805103
Test: switch thermal tj property and check thermal threshold
Change-Id: Ie1d20912f6111cbb85c04fce5a39e2be803e530f
 2022-01-11 05:52:04 +00:00
Ray Chi
9b8f698ee8 Fix avc denials for USB hals 
Bug: 205073230
Bug: 207062542
Bug: 208527968
Test: no avc log for hal_usb_impl
Change-Id: I840d8cb69ed9189f2697d13ae43b4bdeb25cd616
 2022-01-10 18:33:56 +08:00
Adam Shih
af12430ab3 update error on ROM 8058425 
Bug: 213817227
Bug: 213817228
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8d4eaf583b7b012e55705eb99684f97af2dd611f
 2022-01-10 06:56:02 +00:00
horngchuang
ebe7b7c9a5 Remove l10 specific camera component sepolicy settings 
Move these settings to L10 specific folder

Bug: 210598444
Test: build okay
Change-Id: I517d5414f64a32098fd8e5bfa6554f2272680826
 2022-01-10 05:43:46 +00:00
yawensu
4f08892ca1 Fix SELinux errors for vendor_rcs_service_app 
avc:  denied  { find } for pid=2194 uid=10193 name=isub scontext=u:r:vendor_rcs_service_app:s0:c193,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1

Bug: 205779869
Test: Manual.
Change-Id: I8589a0178500ee4ced318fbb487aad585758a3f3
 2022-01-10 11:22:15 +08:00
Jaegeuk Kim
5134bb2094 Revert converting ext4 to f2fs 
Revert the below commits:

commit bf900e2ae5 "allow to convert /efs to f2fs"
commit 54b0addb16 "convert_to_f2fs.sh: add sepolicy"

And, tracking_denials WA.

Bug: 207031989
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Id3dd1c5b8cad962845fd7a88b9069315819e5f3d
 2022-01-06 16:44:08 +00:00
Shiyong Li
a781d5020b consolidate display sysfs nodes into one context 
Bug: 209890345
Bug: 209705194
Test: check selinux denial info
Signed-off-by: Shiyong Li <shiyongli@google.com>
Change-Id: I208f84caf0cbcd18bb3da8004362e6f996cbaba5
 2022-01-05 01:31:58 +00:00
JimiChen
bec2f8f10d Add permision for new sensors and eeproms 
sensor: imx712 and imx712-uw
eeprom: m24c64x-imx712 and m24c64x-imx712-uw

Bug: 210657475
Bug: 210569509
Test: build okay
Change-Id: Ide8429ce41a34b5c27b23eea1095bae93c5b88c4
 2022-01-04 05:49:24 +00:00
horngchuang
c8f6c81670 Add imx787 sensor entry to selinux policy 
/dev/lwis-sensor-imx787 used by rear-cam sensor

Bug: 210654152
Test: local build Pass, boot to Home
Change-Id: Ia15ad131d763190d3ecbfee397f0de33987ddb65
 2022-01-04 05:40:30 +00:00
Adam Shih
37710df1c0 remove obsolete sepolicy 
Bug: 205904207
Test: boot with no relevant errors
Change-Id: Id2baad991e43784f5b999e6ae1f0141352acdbca
 2022-01-04 03:48:25 +00:00
Adam Shih
be9bc5e2da Grant hal_weaver_citadel access to vndbinder and citadeld 
Test: boot to home under enforcing mode
Bug: 205657092
Bug: 205904286
Change-Id: Ic6f46f0c827d202fd81fb744f4ec3241b24396d6
 2022-01-04 03:48:16 +00:00
Adam Shih
70d78900fd Grant init_citadel access 
Test: boot to home under enforcing mode
Bug: 205655298
Bug: 205779736
Bug: 205904401
Change-Id: Ia7c1033240970122f3af79428bdb9012dcbc9d45
 2022-01-04 03:48:04 +00:00
Adam Shih
b627a2f18b Grant citadeld access 
Test: boot to home under enforcing mode
Bug: 205657177
Bug: 205904322
Change-Id: I49a7f14d4948f94814067e7ef137186610547033
 2022-01-04 03:47:51 +00:00
chungkai
7fe7e43582 Fix avc denials for powerhal 
Test: build pass
Bug: 208909174
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I565df75c22d66199e6966dfac4af2e19b88606a0
 2022-01-03 03:32:01 +00:00
neoyu
8b48664bdc Fix SELinux errors for rild 
avc: denied { read } for comm="rild_exynos" name="u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1
avc: denied { getattr } for path="/dev/__properties__/u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1
avc: denied { map } for path="/dev/__properties__/u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1
avc: denied { open } for path="/dev/__properties__/u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1

Bug: 205073023
Test: manual
Change-Id: I2687c443b2830cf08210726f5b2e266c55793d41
 2021-12-30 05:44:38 +00:00
Ted Lin
66f8039b5d HardwareInfo: Add sepolicy for battery 
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:11): avc: denied { getattr } for path="/sys/devices/platform/google,battery/power_supply/battery/serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/google,battery/power_supply/battery/serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:9): avc: denied { read } for name="serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug:208909060
Test: adb bugreport
Change-Id: Ide376401ada800718acf35db11ce79a5e63fe75d
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-12-30 05:21:23 +00:00
neoyu
ad89088b6e Fix SELinux errors for rild 
avc: denied { call } for comm="rild_exynos" scontext=u:r:rild:s0 tcontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tclass=binder permissive=1
avc: denied { call } for comm="rild_exynos" scontext=u:r:rild:s0 tcontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tclass=binder permissive=1

Bug: 205904441
Test: manual
Change-Id: I02339f8d7ef7004091244c9c8708a759da05d751
 2021-12-28 14:32:42 +08:00
neoyu
186040a5e9 Fix SELinux errors for vendor_ims_app 
avc:  denied  { find } for pid=1813 uid=10213 name=isub scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1
avc: denied { call } for scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { transfer } for comm="nnon.imsservice" scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { transfer } for scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { call } for comm="nnon.imsservice" scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { call } for comm="ImsConnectivity" scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice

Bug: 205780067
Bug: 205904439
Test: manual
Change-Id: I50b0861994f19801068a2559ac35521095a18339
 2021-12-27 11:58:43 +08:00
neoyu
02775432c2 Fix SELinux errors for vendor_rcs_app 
avc: denied { call } for comm="nnon.rcsservice" scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice
nnon.rcsservice: type=1400 audit(0.0:116): avc: denied { call } for scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice
avc: denied { transfer } for scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice
avc: denied { transfer } for comm="nnon.rcsservice" scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice

Bug: 205904435
Test: manual
Change-Id: Ia988e89ac3ccb543cefabfc289e446db09e01c2b
 2021-12-27 11:53:53 +08:00
Joel Galenson
7fd619a67c Include core policy OWNERS 
Test: None
Change-Id: Ic8704a9152985ed5046abc5abbd0890808b7fe95
 2021-12-21 07:37:30 -08:00
gwenlin
361962851f Add permission for binding rild and grilservice 
Bug: 208371668
Test: build
Change-Id: Ib5310032194fc4a13326db5002060a204d5f5b27
 2021-12-15 01:42:46 +00:00
Adam Shih
8edf4a3e83 update error on ROM 7993545 
Bug: 210363983
Bug: 210363938
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I41b6acd2513bc031efe128be8154b1e1aacfcd8b
 2021-12-13 11:45:44 +08:00
Adam Shih
233cdab535 update error on ROM 7987555 
Bug: 210067468
Bug: 210067282
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I921568297189f2c90951448a2f15f7fb8e597dfc
 2021-12-10 04:48:15 +00:00
chungkai
0d52e28b50 Fix avc denials for permissioncontroller_app 
avc: denied { search } for name="vendor_sched" dev="sysfs" ino=46151 scontext=u:r:permissioncontroller_app:s0:c240,c256,c512,c768
tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=dir permissive=1 app=com.google.android.permissioncontroller

Test: boot to home
Bug: 208909174
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I4fb27d02318459546eded3cf15da380d26477ef2
 2021-12-10 03:46:34 +00:00
Krzysztof Kosiński
deb9d361cd Add sepolicy for camera persist files. 
Bug: 208866457
Test: Verified label for /mnt/vendor/persist/camera on P10
Change-Id: Id4af051ea2e783bed7cabfd2be80bdac994a11ab
 2021-12-10 01:39:26 +00:00
Shiyong Li
8bae253501 allow android.hardware.power.stats-service.pixel to access display sysfs 
Fix the follwoing violations:
avc: denied { read } for name="state" dev="sysfs" ino=68654
scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_sensors:s0
tclass=file
...
avc: denied { open } for path=
"/sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state"
dev="sysfs" ino=68654 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs_sensors:s0 tclass=file

Bug: 209704948
Change-Id: Iad586164811457d09f6c0e81c67c0f217b77ccc2
Signed-off-by: Shiyong Li <shiyongli@google.com>
 2021-12-09 20:10:44 +00:00
Midas Chien
a4f16bf147 allow hwc to access sysfs_display 
Bug: 207615889
Test: check avc denials while hwc access early wakeup node
Change-Id: I453e50de739c31b1075f81fb4c1195a5dffd4d75
 2021-12-09 12:49:06 +00:00
Adam Shih
60633eef54 update error on ROM 7982728 
Bug: 209889068
Bug: 209890345
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I6177759eeaf641c0515db9f070a20c343ee740ac
 2021-12-09 11:02:26 +08:00
Adam Shih
6004d58760 label camera app 
Bug: 209329856
Test: boot with google camera's label changed
Change-Id: Iff83bf8f42f9e6f9588fc5f45852a11608dc4445
 2021-12-08 13:20:20 +08:00
Adam Shih
4820dcfdba make libraries app-reachable 
Bug: 209703854
Test: Boot with no relevant errors
Change-Id: I5f0d6ed1b578d1684c476bc07d81baaf91005bc6
 2021-12-08 13:17:52 +08:00
Adam Shih
1fb766e7a3 update system_suspend wakeup files 
Bug: 209705335
Test: boot with no relevant errors
Change-Id: I8d9d9b72449319184167790859c655e0695c4c98
 2021-12-08 13:16:07 +08:00
Adam Shih
82e4faa61a update error on ROM 7978521 
Bug: 209705194
Bug: 209704948
Bug: 209703854
Bug: 209705394
Bug: 209705335
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Id30e22a1d210f1aabdf8014cef5c5e009e00199c
 2021-12-08 11:08:02 +08:00
Robb Glasser
3dad021ae8 Fix sensors hal selinux denials on C10. 
Bug: 205657063
Bug: 205780093
Bug: 204718449
Bug: 205904379
Bug: 207721033
Bug: 207062541
Bug: 208909175
Test: SELinuxTest#scanAvcDeniedLogRightAfterReboot on C10
Change-Id: I678ac355fc09da56bc7718c4d70fb40d4cd79de0
 2021-12-08 00:53:52 +00:00
Adam Shih
ccabcd4a24 label telephony apps 
Bug: 208721636
Test: boot with error log changed from system_app to right ones
Change-Id: Ia65b2c8f1759866eca8fcd12dcbed4cedaa61ea2
 2021-12-06 11:27:22 +08:00
Adam Shih
d69e2703f5 dump hal_graphics_composer 
Bug: 208909191
Test: do bugreport with no relevant error logs
Change-Id: I5d89e6a1a40c856d8717d07040362aec5a88fa59
 2021-12-06 10:36:11 +08:00
Adam Shih
474da130f9 remove redundant bug 
incidentd always access all system property during permissive mode
Bug: 208721673
Test: do bugreport with no relevant logs

Change-Id: I0b5395ad5639980c0793744399d27b7eb4651afb
 2021-12-06 10:24:35 +08:00
Adam Shih
d3d316704e update error on ROM 7971030 
Bug: 209329856
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I2e0c33b1fae3fcaad2ead33406d656a8a538d90d
 2021-12-06 09:33:01 +08:00
Adam Shih
b466b688e0 update error on ROM 7964913 
Bug: 208909191
Bug: 208909124
Bug: 208909174
Bug: 208909175
Bug: 208909060
Bug: 208909270
Bug: 208909232
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I7e3edb49e5a191a2fc9e34f7232d754ecd2fed00
 2021-12-03 10:08:39 +08:00
Randall Huang
abc92ffabe fix vold selinux error 
Bug: 208721768
Test: boot to home
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: I22060550896722e9c8eab4acdaf39dbeb12026ce
 2021-12-02 06:29:49 +00:00
George Chang
b2d162fda7 Fix SELinux error coming from hal_secure_element_uicc 
12-02 09:45:55.564   796   796 I secure_element@: type=1400 audit(0.0:3): avc: denied { call } for scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1
[   11.030503] type=1400 audit(1638409555.564:3): avc: denied { call } for comm="secure_element@" scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1

Bug: 208715886
Test: check avc
Change-Id: I701b36fbb58f1c071f1dbc394048dad467ac6c4c
 2021-12-02 06:17:22 +00:00
Roger Fang
ad3e880a3f sepolicy: Add suez audio sepolicy 
pixelstats-vend: type=1400 audit(0.0:30): avc: denied { read } for name="codec_state" dev="sysfs" ino=83880 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_pixelstats:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:31): avc: denied { open } for path="/sys/devices/platform/audiometrics/codec_state" dev="sysfs" ino=83880 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_pixelstats:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:32): avc: denied { getattr } for path="/sys/devices/platform/audiometrics/codec_state" dev="sysfs" ino=83880 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_pixelstats:s0 tclass=file permissive=1

Bug: 206007421
Test: build passed and no avc deniel logs

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: Ib5f5dd248e276f470e213cc053728cbf70c20dbf
 2021-12-02 04:51:37 +00:00
Roger Fang
e25c4dca39 sepolicy: add permission for the hardware info putDsp function 
Bug: 202814070
Test: Manually test passed

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: I15b8fa09fddc89dcbe7893ef73fea72ac6ae63e4
 2021-12-02 04:51:17 +00:00
Adam Shih
cfbef530da update error on ROM 7961148 
Bug: 208721809
Bug: 208721525
Bug: 208721677
Bug: 208721526
Bug: 208721638
Bug: 208721505
Bug: 208721729
Bug: 208721710
Bug: 208721673
Bug: 208721679
Bug: 208721707
Bug: 208721808
Bug: 208721636
Bug: 208721768
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ida37756678645dea41d343ede41868ce717fe9da
 2021-12-02 11:24:28 +08:00
Adam Shih
390b8cfa91 update error on ROM 7961148 
Bug: 208715886
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I898382e65a8f321a07984c67cca642b9710d1612
 2021-12-02 09:52:57 +08:00
Adam Shih
316d846ac4 copy euiccpixel_app setting to gs201 
12-01 13:56:53.328  7682  7682 I Thread-2: type=1400 audit(0.0:44): avc: denied { map } for path="/dev/__properties__/u:object_r:dck_prop:s0" dev="tmpfs" ino=136 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:dck_prop:s0 tclass=file permissive=1 app=com.google.euiccpixel
There is only one source of code in
vendor/unbundled_google/packages/EuiccSupportPixelPrebuilt/Android.mk

Bug: 208527969
Test: no relevant error logs were found any more
Change-Id: I06b1cdcfb9109956f9c65dede1208310d2b79c48
 2021-12-01 15:33:58 +00:00
Adam Shih
0546c79a47 make some libraries app reachable 
Bug: 208527969
Test: boot with no relevant error log
Change-Id: Ic21fcecd4a9ff3d293dafe1e7a9dbebd0e736852
 2021-12-01 15:33:49 +00:00
George Chang
097157613a Fix SELinux error coming from hal_secure_element_uicc 
11-11 09:38:59.168   794   794 I secure_element@: type=1400 audit(0.0:102): avc: denied { call } for scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1
[   19.632309] type=1400 audit(1636594739.168:103): avc: denied { transfer } for comm="secure_element@" scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1
[   19.631474] type=1400 audit(1636594739.168:102): avc: denied { call } for comm="secure_element@" scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1
11-11 09:38:59.168   794   794 I secure_element@: type=1400 audit(0.0:103): avc: denied { transfer } for scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1
[   19.633481] type=1400 audit(1636594739.172:104): avc: denied { call } for comm="rild_exynos" scontext=u:r:rild:s0 tcontext=u:r:hal_secure_element_uicc:s0 tclass=binder permissive=1
11-11 09:38:59.172   971   971 I rild_exynos: type=1400 audit(0.0:104): avc: denied { call } for scontext=u:r:rild:s0 tcontext=u:r:hal_secure_element_uicc:s0 tclass=binder permissive=1

Bug: 205904403
Test: check avc
Change-Id: I9186714d81e21ba8920aaa900a92f542e98ceddb
 2021-12-01 06:57:57 +00:00
Adam Shih
f8d59b9305 update error on ROM 7957241 
Bug: 208527900
Bug: 208527968
Bug: 208527969
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ic6de1f2232c1c0efd210bfe19ebac11207f72198
 2021-12-01 11:04:38 +08:00
davidycchen
262709f2ba allow hal_dumpstate_default to access touch sysfs node 
avc: denied { open } for comm="sh"
path="/sys/devices/platform/10d10000.spi/spi_master/spi0/spi0.0/
synaptics_tcm.0/sysfs/force_active" dev="sysfs" ino=89691
scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0
tclass=file permissive=1

Bug: 199104466
Test: trigger bugreport and check log.

Signed-off-by: davidycchen <davidycchen@google.com>
Change-Id: If35d651b2c8ca375f7f9cc36403eb02911912ebb
 2021-12-01 01:52:46 +00:00
yawensu
24eafb45c8 Fix SELinux error in vendor_qualifiednetworks_app. 
SELinux : avc:  denied  { find } for pid=1763 uid=10201 name=isub scontext=u:r:vendor_qualifiednetworks_app:s0:c201,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1

Bug: 204718865
Test: The error is gone after applying the patch.
Change-Id: I77d5f550614e1d63ab1547fc8d0ad1b70f72bed8
 2021-11-30 01:55:08 +00:00
Midas Chien
8cd52d9d33 Allowed PowerHAL service access Display node 
Bug: 207615889
Test: PowerHAL can access early_wakeup node in enforcing mode
Change-Id: I190e49f07c0c23c576a9fb8444ffb7c68eedf3ac
 2021-11-29 17:34:48 +00:00
chungkai
9721a3076e Fix avc denials for sysfs_vendor_sched 
Bug: 207300315
Bug: 207062875
Bug: 207062781
Test: build pass
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I17212c840c725f66d91f337c57af8e72e5e08b8c
 2021-11-29 03:42:14 +00:00
chungkai
7bbd1fb38a Allow vendor_init to modify proc_sched 
Bug: 207062206
Test: Boot to home
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I5d51e322c1522046623046051e8090fc64bedee5
 2021-11-28 15:47:11 +00:00
Ted Lin
115e8e0990 sepolicy: Remove tracking denials files and fix avc problems 
11-25 14:00:09.300  1000   764   764 I android.hardwar: type=1400 audit(0.0:3): avc: denied { getattr } for path="/sys/devices/platform/10da0000.hsi2c/i2c-6/i2c-p9412/power_supply/wireless/capacity" dev="sysfs" ino=68496 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
11-25 14:00:09.300  1000   764   764 I android.hardwar: type=1400 audit(0.0:5): avc: denied { open } for path="/sys/devices/platform/10d60000.hsi2c/i2c-5/5-0069/power_supply/dc/type" dev="sysfs" ino=67693 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
11-25 14:00:09.348  1000   764   764 I health@2.1-serv: type=1400 audit(0.0:7): avc: denied { open } for path="/sys/devices/platform/10da0000.hsi2c/i2c-6/i2c-p9412/power_supply/wireless/online" dev="sysfs" ino=68490 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
11-25 14:00:09.348  1000   764   764 I health@2.1-serv: type=1400 audit(0.0:8): avc: denied { getattr } for path="/sys/devices/platform/10da0000.hsi2c/i2c-6/i2c-p9412/power_supply/wireless/online" dev="sysfs" ino=68490 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
...
11-25 14:28:35.996  1000   768   768 I android.hardwar: type=1400 audit(0.0:3): avc: denied { search } for name="i2c-p9412" dev="sysfs" ino=58948 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
11-25 14:28:36.020  1000   768   768 I health@2.1-serv: type=1400 audit(0.0:4): avc: denied { search } for name="i2c-p9412" dev="sysfs" ino=58948 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
...

11-26 11:11:36.172  1000   751   751 I android.hardwar: type=1400 audit(0.0:3): avc: denied { read } for name="type" dev="sysfs" ino=68359 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
11-26 11:11:36.172  1000   751   751 I android.hardwar: type=1400 audit(0.0:4): avc: denied { open } for path="/sys/devices/platform/google,cpm/power_supply/gcpm_pps/type" dev="sysfs" ino=68359 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
11-26 11:11:36.172  1000   751   751 I android.hardwar: type=1400 audit(0.0:5): avc: denied { getattr } for path="/sys/devices/platform/google,cpm/power_supply/gcpm_pps/type" dev="sysfs" ino=68359 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug:207062562
Bug:207062231
Test: adb bugreport and check avc problem
Change-Id: I253f1cbe00650fdb96aced69edc8eaafa06ff6f9
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-11-26 09:11:19 +00:00
Kris Chen
8d3c4a7b4e fingerprint: Fix avc errors 
Bug: 207062260
Test: boot with no relevant error on C10
Change-Id: I6d3b74c34d2344c4e889afaf8bb99278785e5416
 2021-11-25 07:09:31 +00:00
yixuanjiang
2720d2ac38 aoc: add audio property for audio aocdump feature 
Bug: 204080552
Test: local
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: Ie638676d86a20eafbc6975df03ebbbcf5ec193ac
 2021-11-25 07:05:24 +00:00
Adam Shih
1bb2fac3f6 update error on ROM 7945168 
Bug: 207720645
Bug: 207720720
Bug: 207721033
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Iba41496590f1b82a51897c62e1cb74a224e484a5
 2021-11-25 03:00:28 +00:00
wenchangliu
81fb5ecc31 Allow mediacodec_samsung to access mfc sysfs file 
avc: denied { read } for name="name" dev="sysfs" \
ino=61284 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

avc: denied { open } for \
path="/sys/devices/platform/mfc/video4linux/video6/name" \
dev="sysfs" ino=61284 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

avc: denied { getattr } for \
path="/sys/devices/platform/mfc/video4linux/video6/name" \
dev="sysfs" ino=61284 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 204718809
Test: video playback / camera recording
Change-Id: I95c937375aa7ae19aef61af6b0f1aef73bd8957d
 2021-11-25 02:29:04 +00:00
Oleg Matcovschi
48d1b71ab1 sepolicy: Remove sscoredump tracking denials file 
Bug: 205073166
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: I67d2500a5323203577c7fb90741c8dfec1cffd83
 2021-11-24 18:50:15 +00:00
Kyle Lin
f80cb8ae4e Add policy for memlat governor needs create/delete perf events 
[46756.223414] type=1400 audit(1637720953.624:1227238): avc: denied { cpu } for comm="cpuhp/3" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=1
[46791.079905] type=1400 audit(1637720988.480:1228172): avc: denied { cpu } for comm="cpuhp/5" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=1
[46831.825465] type=1400 audit(1637721029.228:1230804): avc: denied { cpu } for comm="cpuhp/4" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=1
[47068.752724] type=1400 audit(1637721266.152:1237844): avc: denied { cpu } for comm="cpuhp/3" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=1
[47227.488992] type=1400 audit(1637721424.888:1241154): avc: denied { cpu } for comm="cpuhp/7" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=1

Bug: 207047575
Test: build, boot and check warning message
Change-Id: I735d5cfa5eb5614114d83a7892123d37c980d531
 2021-11-24 17:13:10 +00:00
wenchangliu
4bb1061c2d Add SELinux policy for mediacodec_samsung 
mediacodec_samsung is separated from mediacodec for
mfc encoder/decoder. Add assumption from mediacodec.te
as well.

Bug: 204718809
Test: boot to home
Change-Id: I67ce385903cf5abd2ba9dc62b7229320b3f7daa9
 2021-11-24 07:46:27 +00:00
wenchangliu
ecdcc0f739 Allow mediacodec_samsung to fallback crash dump 
avc: denied { write } for name="tombstoned_crash" \
dev="tmpfs" ino=948 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:tombstoned_crash_socket:s0 \
tclass=sock_file permissive=1

avc: denied { connectto } for path="/dev/socket/tombstoned_crash" \
scontext=u:r:mediacodec_samsung:s0 tcontext=u:r:tombstoned:s0 \
tclass=unix_stream_socket permissive=1

avc: denied { write } for path="pipe:[63031]" dev="pipefs" ino=63031 \
scontext=u:r:mediacodec_samsung:s0 tcontext=u:r:system_server:s0 \
tclass=fifo_file permissive=1

avc: denied { append } for path="pipe:[63031]" dev="pipefs" ino=63031 \
scontext=u:r:mediacodec_samsung:s0 tcontext=u:r:system_server:s0 \
tclass=fifo_file permissive=

Bug: 204718809
Test: boot to home
Change-Id: Iad67f936ac9d6d11e5f5646918074153372b8b00
 2021-11-24 07:46:27 +00:00
wenchangliu
fae7e19893 Allow mediacodec_samsung to access graphics allocator 
avc:  denied  { find } for interface=android.hardware.graphics.mapper::IMapper \
sid=u:r:mediacodec_samsung:s0 pid=792 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:hal_graphics_mapper_hwservice:s0 tclass=hwservice_manager permissive=1

avc: denied { use } for path="/dmabuf:" dev="dmabuf" ino=94523 \
scontext=u:r:mediacodec_samsung:s0 tcontext=u:r:hal_graphics_allocator_default:s0 \
tclass=fd permissive=1

Bug: 205657093
Test: video playback / screen recording
Change-Id: I6c64b4d2483b146358ef678c56aec68dd86eb878
 2021-11-24 07:46:27 +00:00
wenchangliu
f2b1870b23 Allow mediacodec_samsung to access video device and system-uncached DMA-BUF heap 
This patch fixes the following denial:

avc: denied { getattr } for path="/dev/dma_heap/system-uncached" \
dev="tmpfs" ino=487 scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1

avc: denied { getattr } for path="/dev/video6" dev="tmpfs" ino=477 \
scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:video_device:s0 \
tclass=chr_file permissive=1

avc: denied { read write } for name="video6" dev="tmpfs" ino=477 \
scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:video_device:s0 \
tclass=chr_file permissive=1

avc: denied { open } for path="/dev/video6" dev="tmpfs" ino=477 \
scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:video_device:s0 \
tclass=chr_file permissive=1

avc: denied { ioctl } for path="/dev/video6" dev="tmpfs" ino=477 \
ioctlcmd=0x561b scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=1

Bug: 205657093
Test: video playback / screen recording
Change-Id: Ia09bd29652b8197b4d5009f84077f6d5bb5551e2
 2021-11-24 07:46:27 +00:00
wenchangliu
0df2e47cb1 Allow mediacodec_samsung can route /dev/binder traffic to /dev/vndbinder 
This patch fixes the following denial:

avc: denied { call } for scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:r:vndservicemanager:s0 tclass=binder permissive=1

avc: denied { transfer } for scontext=u:r:mediacodec_samsung:s0 \
tcontext=u:r:vndservicemanager:s0 tclass=binder permissive=1

Bug: 205904381
Test: boot to home
Change-Id: Ie2c0577bdf987466b4f729d9f78d1a6704cd9d24
 2021-11-24 07:46:27 +00:00
Adam Shih
5e6beee1e6 update error on ROM 7941916 
Bug: 207571335
Bug: 207571546
Bug: 207571417
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I7b75837d13b532793ccbc326379c1d95aada429b
 2021-11-24 10:41:32 +08:00
Firman Hadi Prayoga
7599ba8e55 Add /dev/lwis-eeprom-m24c64x-3j1 entry to selinux policy. 
lwis-eeprom-m24c64x-3j1 used by camera hal to access
P22 front camere EEPROM device.

Bug: 207062209
Fix: 207062209
Test: Boot, no avc denied logs for eeprom
Change-Id: Ia12da5dbed1baef6d8a8ab2bf421b2987639e826
 2021-11-24 01:01:44 +00:00
SalmaxChang
742cbc29b8 ssr_detector_app: fix avc error 
avc: denied { read } for name="u:object_r:vendor_persist_sys_default_prop:s0" dev="tmpfs" ino=320 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=file permissive=1

Bug: 205202542
Change-Id: I84cbdb9d85ab58219554bfe0da35a00464a955ff
 2021-11-23 12:17:51 +00:00
SalmaxChang
5e2ac8ab48 Fix modem related avc errors 
avc: denied { read } for name="u:object_r:vendor_modem_prop:s0" dev="tmpfs" ino=317 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_modem_prop:s0 tclass=file permissive=1
avc: denied { read } for comm="dmd" name="u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:dmd:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1
avc: denied { read } for name="u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:vcd:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1

Bug: 205073232
Bug: 205073025
Bug: 206045605
Change-Id: I3f76a138b4d6eeffb488fb5e5e15985ac6ef707d
 2021-11-23 12:17:51 +00:00
George Chang
3dc2515efe Update SecureElement sysfs_st33spi Sepolicy 
Add rules for sysfs_st33spi

Bug: 205250948
Test: check avc without secure_element
Change-Id: I1ccf39ca09c6b19a597114f04803800d38fdf774
 2021-11-23 11:40:16 +00:00
Adam Shih
e5e4f9f2b7 make libOpenCL reachable 
Bug: 207300281
Test: boot with no relevant error log
Change-Id: I294d23e2b29afd62da5c2327175f0c163da98cf0
 2021-11-23 06:00:16 +00:00
Adam Shih
851a7bb16b label extcon and remove obsolete zygote error 
Bug: 205904404
Bug: 206045368
Bug: 207062229
Test: boot with no relevant error logs
Change-Id: If4c2f5591907bfcab2fd638f1222f84377270623
 2021-11-23 05:28:39 +00:00
Adam Shih
f6f699700c update error on ROM 7938763 
Bug: 207431041
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I775a28827b107d43b47d3486e70f87a36a6babcc
 2021-11-23 04:15:22 +00:00
Adam Shih
48435ccfaa let uwb app access secure element property 
Bug: 207300261
Test: boot with no relevant error log
Change-Id: I10f505d1ef3cbbc118082e5c44381c1b55389da3
 2021-11-23 03:25:46 +00:00
Randall Huang
1a57e5c346 Fix selinux for vold idle-maint 
Bug: 206741894
Bug: 207062776
Test: adb shell sm idle-maint run
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: Ieb55fe439d3250b6d819381c4bc97e3e895ac23f
 2021-11-23 03:24:56 +00:00
George Chang
8a4d5bd3b5 Fix nfc avc denials for sysfs_vendor_sched 
11-19 12:38:54.416  2631  2631 I com.android.nfc: type=1400 audit(0.0:404): avc: denied { search } for comm=4173796E635461736B202331 name="vendor_sched" dev="sysfs" ino=45736 scontext=u:r:nfc:s0 tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=dir permissive=1

Bug: 207062484
Test: check avc without nfc
Change-Id: I50507934c071745e257434f512d9dc835790e669
 2021-11-23 03:14:55 +00:00
Randall Huang
a2b1ca5f7e Fix selinux for adb bugreport 
Bug: 206741894
Test: adb bugreport
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: If82f30392676f414a79ddabe27d73ce751d61eee
 2021-11-23 02:58:21 +00:00
Adam Shih
ed245711ec fix sysfs_vendor_sched access 
Bug: 207062776
Bug: 207062777
Bug: 207062877
Bug: 207062211
Bug: 207062232
Bug: 207062208
Test: boot with no relevant access
Change-Id: I585653383ad0061fc6e9669c0590432c235f7e14
 2021-11-23 02:51:59 +00:00
Adam Shih
c90030d1f7 label system_suspend wakeup files 
use "adb shell ls -l sys/class/wakeup" to get all paths
Bug: 207062779
Test: boot with no relevant error log

Change-Id: Ib43090cecf3d74e5c8b07e7e13de58cf6ee7ddbe
 2021-11-23 02:51:46 +00:00
Oleg Matcovschi
a4a0b90afb sepolicy: add persist.vendor.sys.ssr property context 
Bug: 205073166
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: I81794ab8d320affcfef8f77895712aaa840f7abc
 2021-11-22 19:54:08 +00:00
Randall Huang
3ba42745f4 Allow vendor_init to modify read_ahead_kb 
Bug: 206741894
Bug: 207062206
Test: boot to home
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: I6cc59722520df12aef103fc330f9acd8e800318d
 2021-11-22 06:55:58 +00:00
George Chang
d15185b2d7 Fix SELinux error coming from hal_secure_element_gto and gto_ese2 
update hal_secure_element_st54spi/st33spi form gto/gto_ese2

hal_secure_element_gto.te => hal_secure_element_st54spi.te
[   10.846098] type=1400 audit(1637296724.408:40): avc: denied { map } for comm="android.hardwar" path="/dev/__properties__/u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
11-19 12:38:44.408   776   776 I android.hardwar: type=1400 audit(0.0:40): avc: denied { map } for path="/dev/__properties__/u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
11-19 12:38:44.408   776   776 I android.hardwar: type=1400 audit(0.0:39): avc: denied { getattr } for path="/dev/__properties__/u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
11-19 12:38:44.408   776   776 I android.hardwar: type=1400 audit(0.0:38): avc: denied { open } for path="/dev/__properties__/u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
11-19 12:38:44.408   776   776 I android.hardwar: type=1400 audit(0.0:37): avc: denied { read } for name="u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
[   10.846033] type=1400 audit(1637296724.408:37): avc: denied { read } for comm="android.hardwar" name="u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
[   10.846072] type=1400 audit(1637296724.408:38): avc: denied { open } for comm="android.hardwar" path="/dev/__properties__/u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
[   10.846086] type=1400 audit(1637296724.408:39): avc: denied { getattr } for comm="android.hardwar" path="/dev/__properties__/u:object_r:vendor_secure_element_prop:s0" dev="tmpfs" ino=327 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=file permissive=1
11-11 09:38:59.132   785   785 I secure_element@: type=1400 audit(0.0:100): avc: denied { write } for name="property_service" dev="tmpfs" ino=357 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
11-11 09:38:59.132   785   785 I secure_element@: type=1400 audit(0.0:101): avc: denied { connectto } for path="/dev/socket/property_service" scontext=u:r:hal_secure_element_gto:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1
[   19.593472] type=1400 audit(1636594739.132:101): avc: denied { connectto } for comm="secure_element@" path="/dev/socket/property_service" scontext=u:r:hal_secure_element_gto:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1
[   19.593175] type=1400 audit(1636594739.132:100): avc: denied { write } for comm="secure_element@" name="property_service" dev="tmpfs" ino=357 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
11-09 12:04:08.620   786   786 I secure_element@: type=1400 audit(0.0:135): avc: denied { open } for path="/dev/st54spi" dev="tmpfs" ino=584 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1
[   17.142141] type=1400 audit(1636430648.620:135): avc: denied { open } for comm="secure_element@" path="/dev/st54spi" dev="tmpfs" ino=584 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1
[   17.141947] type=1400 audit(1636430648.620:134): avc: denied { read write } for comm="secure_element@" name="st54spi" dev="tmpfs" ino=584 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1
11-09 12:04:08.620   786   786 I secure_element@: type=1400 audit(0.0:134): avc: denied { read write } for name="st54spi" dev="tmpfs" ino=584 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1
11-04 13:27:24.564     1     1 I /system/bin/init: type=1107 audit(0.0:52): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.se.reset pid=772 uid=1068 gid=1068 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:vendor_secure_element_prop:s0 tclass=property_service permissive=1'
11-19 10:22:25.052   797   797 I secure_element@: type=1400 audit(0.0:49): avc: denied { read write } for name="st21nfc" dev="tmpfs" ino=708 scontext=u:r:hal_secure_element_st54spi:s0 tcontext=u:object_r:nfc_device:s0 tclass=chr_file permissive=1
11-19 10:22:25.052   797   797 I secure_element@: type=1400 audit(0.0:50): avc: denied { open } for path="/dev/st21nfc" dev="tmpfs" ino=708 scontext=u:r:hal_secure_element_st54spi:s0 tcontext=u:object_r:nfc_device:s0 tclass=chr_file permissive=1

hal_secure_element_gto_ese2 =>  hal_secure_element_st33spi.te
11-09 12:04:09.140   771   771 I secure_element@: type=1400 audit(0.0:137): avc: denied { open } for path="/dev/st33spi" dev="tmpfs" ino=728 scontext=u:r:hal_secure_element_gto_ese2:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1
[   17.660987] type=1400 audit(1636430649.140:137): avc: denied { open } for comm="secure_element@" path="/dev/st33spi" dev="tmpfs" ino=728 scontext=u:r:hal_secure_element_gto_ese2:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1
[   17.660845] type=1400 audit(1636430649.140:136): avc: denied { read write } for comm="secure_element@" name="st33spi" dev="tmpfs" ino=728 scontext=u:r:hal_secure_element_gto_ese2:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1
11-09 12:04:09.140   771   771 I secure_element@: type=1400 audit(0.0:136): avc: denied { read write } for name="st33spi" dev="tmpfs" ino=728 scontext=u:r:hal_secure_element_gto_ese2:s0 tcontext=u:object_r:secure_element_device:s0 tclass=chr_file permissive=1

Bug: 207062261
Bug: 205073164
Bug: 205656951
Bug: 205657039
Bug: 205904452
Test: check avc without secure_element
Change-Id: I312299deb6d6bfa353e7936d41a723e75d3ea06b
 2021-11-22 02:59:34 +00:00
Adam Shih
a1a5f11872 label google battery sysfs file 
Bug: 207062874
Test: boot with no relevant error log
Change-Id: Ic5477f0deb24f0bd9c46aef70459f0b629cdb5ef
 2021-11-22 10:17:50 +08:00
Adam Shih
78d0abfb73 update error on ROM 7935766 
Bug: 207300335
Bug: 207300298
Bug: 207300281
Bug: 207300315
Bug: 207300261
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ia79829128db2286ec8ae9c20520be8a25c195cb0
 2021-11-22 09:59:08 +08:00
Randall Huang
a578c846fa storage: update sepolicy for storage suez 
Bug: 206741894
Bug: 188793183
Test: boot to home
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: I206178e34156f0b02c4a5b743ac9467e7dafb74f
 2021-11-19 17:45:48 +08:00
Randall Huang
f317331d7a allow init to set scsi tunables 
Bug: 206741894
Bug: 207062776
Test: boot to home
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: Iff52af62e6495e4390c7f961f11b3d8702b09ef9
 2021-11-19 16:12:54 +08:00
Adam Shih
6dc46556e3 update error on ROM 7930790 
Bug: 207062875
Bug: 207062775
Bug: 207062209
Bug: 207062260
Bug: 207062874
Bug: 207062172
Bug: 207062562
Bug: 207062564
Bug: 207062210
Bug: 207062261
Bug: 207062541
Bug: 207062542
Bug: 207062207
Bug: 207062231
Bug: 207062151
Bug: 207062776
Bug: 207062777
Bug: 207062780
Bug: 207062877
Bug: 207062484
Bug: 207062781
Bug: 207062833
Bug: 207062258
Bug: 207062211
Bug: 207062229
Bug: 207062779
Bug: 207062232
Bug: 207062206
Bug: 207062540
Bug: 207062208
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I23da4247c6d3d24d193a8a7ce28da9ac1ea88842
 2021-11-19 05:14:34 +00:00
Adam Shih
6459d30fb1 unleash all SELinux error 
Bug: 205212735
Test: boot with all the selinux error showing up
Change-Id: If34d16a26f788458510cf5d920e8978bc68211be
 2021-11-19 00:48:32 +00:00
Shiyong Li
11994a8ca0 allow systemui to toggle display lhbm node 
Fix the following selinux violation:
avc: denied { call } for scontext=u:r:platform_app:s0:c512,c768
tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder
permissive=1 app=com.android.systemui

Bug: 205640231
Test: check avc logs while using udfps
Signed-off-by: Shiyong Li <shiyongli@google.com>
Change-Id: I196ade950541d56affd3dc38568b0275f159c799
 2021-11-18 17:36:48 +00:00
George Chang
646216405f Fix SELinux error coming from vendor_init for nfc and se 
avc: denied { set } for property=persist.vendor.nfc.streset
avc: denied { set } for property=persist.vendor.se.strese

Bug: 205070818
Test: no nfc se vendor_init avc errors
Change-Id: Id5002bd93e155d81cb8d56ba0cf38cb58b9409c6
 2021-11-18 07:12:05 +00:00
chenpaul
966f3dc7a0 Remove wifi_logger related sepolicy settings 
Due to the fact that /vendor/bin/wifi_logger no longer exists
on the P21 master branch any more, we remove obsolete sepolicy.

Bug: 201599426
Test: wlan_logger in Pixel Logger is workable
Change-Id: Iaa7e4da6564a4ea2b0938db34bb7efff6ed54ee0
 2021-11-18 04:49:04 +00:00
Chungkai Mei
149dec3f70 selinux: hal_camera_default: fix avc denied logs 
avc: denied { transfer } for comm="android.hardwar" scontext=u:r:hal_power_default:s0
tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=1

Bug: 205904442
Test: local build pass
Signed-off-by: Chungkai Mei <chungkai@google.com>
Change-Id: I39e84cfa895b56d44f248015dddb5f99d099fd76
 2021-11-18 03:46:39 +00:00
Adam Shih
e72ecd59d8 fix UWB app settings and zygote library access 
11-16 14:46:01.647   446   446 E SELinux : avc:  denied  { add } for pid=2502 uid=1083 name=uwb_vendor scontext=u:r:uwb_vendor_app:s0:c59,c260,c512,c768 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=1
11-16 14:41:41.238   440   440 E SELinux : avc:  denied  { find } for pid=2555 uid=1083 name=hardware.qorvo.uwb.IUwb/default scontext=u:r:uwb_vendor_app:s0:c59,c260,c512,c768 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=1
Bug: 206331617
Bug: 206045471
Bug: 205904384
Test: boot with no zygote errors

Change-Id: I5fe048434d430120334d172481b9cc07cff141dd
 2021-11-18 02:20:49 +00:00
Adam Shih
4c66de3d3b allow pixelstats_vendor binder access 
Bug: 205904433
Test: boot with no relevant error logs
Change-Id: I897a5feb41e8c127834fb3ed795aaeb5d3f3fc54
 2021-11-18 02:20:49 +00:00
Randall Huang
895dfe3008 Fix zram avc denied 
Bug: 205657025
Bug: 205657090
Bug: 205779799
Test: boot to home
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: Ib23d40c2f9e96680108311d23aca708a8db4b67b
 2021-11-17 06:26:34 +00:00
Ruofei Ma
fded60a79e Add SELinux policy for mediacodec_google 
mediacodec_google represents google av1 decoder
hal service.

Bug: 205657135

Signed-off-by: Ruofei Ma <ruofeim@google.com>
Change-Id: Ied61107d1991a22b24170b055bf3613165cbe050
 2021-11-17 00:57:08 +00:00
Adam Shih
bc651b87ce let citadel and camera hal use binder 
Bug: 205904207
Test: boot with no relevant error log
Change-Id: I0544f0ea645c5e594279bfda5aef4714c7929d26
 2021-11-16 11:37:38 +08:00
Adam Shih
32db046e67 suppress bootanim android watch behavior on phones 
Bug: 205780088
Test: boot with no relevant error log
Change-Id: Ic928d3212a016984ff31f358486109022d82b1ee
 2021-11-16 11:02:46 +08:00
Adam Shih
af53f729cf allow kernel to access firmware and zram 
Bug: 205780090
Test: boot with no relevant error log
Change-Id: I272d9babfb0283e46cfc2e65e0bb85323bf8b7a2
 2021-11-16 02:13:10 +00:00
Adam Shih
d66ba1bd25 allow system ui to call hal_wlc 
Bug: 205904327
Test: Boot with no relevant error log
Change-Id: Ieeb3a27266055ead7fd8e0bb5aaa85c4137bccef
 2021-11-16 02:13:04 +00:00
Adam Shih
2ef225b9c5 label oemrilservice_app and grant relevant permission 
11-15 11:32:41.059   442   442 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:oemrilservice_app:s0:c195,c256,c512,c768 pid=1866 scontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=1
11-15 11:32:41.060  1013  1013 I rild_exynos: type=1400 audit(0.0:5): avc: denied { call } for scontext=u:r:rild:s0 tcontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tclass=binder permissive=1
11-15 11:32:41.368  1013  1013 I rild_exynos: type=1400 audit(0.0:6): avc: denied { call } for scontext=u:r:rild:s0 tcontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tclass=binder permissive=1
11-15 11:32:41.890   441   441 E SELinux : avc:  denied  { find } for pid=1866 uid=10195 name=isub scontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1
Bug: 205904553
Bug: 205073117
Bug: 204718782
Bug: 205904441
Test: boot with no relevant error log

Change-Id: I258aa58b4d3c95b901405e9181138c0d68c2b154
 2021-11-16 02:12:53 +00:00
Tommy Chiu
94f78934d9 Keymint: Fix SELinux denial 
Also remove -dontaudit- configuration.

Bug: 205073229
Bug: 205655569
Bug: 205904323
Change-Id: If8de3b4e6ee01488fdd563b702fbba1bd7c73ef0
 2021-11-15 16:12:38 +00:00
Leo Liou
8423a70e12 sepolicy: hal_health_default: fix avc denied logs 
avc: denied { search } for comm="health@2.1-serv" name="/"
dev="sda1" ino=3 scontext=u:r:hal_health_default:s0
tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1

avc: denied { search } for name="/" dev="sda1" ino=3
scontext=u:r:hal_health_default:s0
tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1

avc: denied { search } for name="vendor" dev="tmpfs" ino=2
scontext=u:r:hal_health_default:s0
tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1

avc: denied { search } for comm="health@2.1-serv" name="vendor"
dev="tmpfs" ino=2 scontext=u:r:hal_health_default:s0
tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1

Bug: 205779737
Test: local build pass
Change-Id: I2be76d97e35bff4e22075641b9031872d628e980
Signed-off-by: Leo Liou <leoliou@google.com>
 2021-11-15 14:55:38 +08:00
chenpaul
1053cee419 Wifi: Add sepolicy files for hal_wifi_ext service 
avc denied log:
avc: denied { search } for comm="wifi_ext@1.0-se" name="wifi" dev="dm-43" ino=365 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:updated_wifi_firmware_data_file:s0 tclass=dir permissive=1

Bug: 205779850
Test: pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest
      #scanAvcDeniedLogRightAfterReboot
Change-Id: I0c41193b2b9c6a596f142f02c6fee4665fbf2011
 2021-11-15 05:25:50 +00:00
Adam Shih
8e6af6f9ad update error on ROM 7914295 
Bug: 206331617
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I3dcd875e127ff1d53554eb419259e8721c2ae628
 2021-11-15 03:10:20 +00:00
Jenny Ho
014051a9f7 create hal_health_default.te for Battery Defender access file node 
Bug: 205073003
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: I946b85e8b595601f56df26c567d31df76f7a5a5b
 2021-11-15 01:53:50 +00:00
Jenny Ho
d99197dd19 enable battery information dump 
Bug: 205071645
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: If811765d51add03d8d7a1f5e8276d2f56c7922a7
 2021-11-15 01:53:30 +00:00
Long Ling
5ff0c059b3 sepolicy: gs201: update label for hwc3 service 
Bug: 201321174
Change-Id: I5ecce6c513eecad22a463d52b7cfb718284f3c02
 2021-11-12 04:39:24 +00:00
Adam Shih
830fa53e9f update error on ROM 7908395 
Bug: 206045367
Bug: 206045604
Bug: 206045368
Bug: 206045605
Bug: 206045471
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8b1a0ae9686f47d684428bb79650a7bb0dfe9904
 2021-11-12 02:21:53 +00:00
Joseph Jang
b4393a0bf3 Fix SELinux error coming from hal_identity_citadel 
Bug: 205657024
Change-Id: Ic23b631eb63cf13ba7e08215590e73386d2a3126
 2021-11-11 14:52:05 +08:00
Adam Shih
ab13d5a1f7 update error on ROM 7904131 
Bug: 205904432
Bug: 205904322
Bug: 205904438
Bug: 205904406
Bug: 205904310
Bug: 205904436
Bug: 205904402
Bug: 205904552
Bug: 205904323
Bug: 205904442
Bug: 205904367
Bug: 205904452
Bug: 205904403
Bug: 205904379
Bug: 205904328
Bug: 205904286
Bug: 205904380
Bug: 205904401
Bug: 205904381
Bug: 205904208
Bug: 205904433
Bug: 205904327
Bug: 205904553
Bug: 205904361
Bug: 205904441
Bug: 205904324
Bug: 205904207
Bug: 205904404
Bug: 205904330
Bug: 205904439
Bug: 205904435
Bug: 205904384
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I64432a24d562d5868f21a317e5bfd6f25ad24900
 2021-11-11 09:47:32 +08:00
Adam Shih
e3bb63ab1b Make display related libraries reachable 
Bug: 205780068
Bug: 205779849
Test: boot with no relevant error
Change-Id: I806ecb779690346674816b793a5da21acf1be59b
 2021-11-11 01:15:49 +00:00
Adam Shih
e73b78bdd8 unleash the rest of error log not related to sysfs 
Bug: 205212735
Test: boot with error revealed
Change-Id: I3e07ff8632e60cf93360907bccf5cacd16b8c5b9
 2021-11-10 12:15:04 +08:00
Adam Shih
53371742c2 update error on ROM 7900024 
Bug: 205780088
Bug: 205779872
Bug: 205779877
Bug: 205780065
Bug: 205779906
Bug: 205779737
Bug: 205779871
Bug: 205780093
Bug: 205779850
Bug: 205779736
Bug: 205780090
Bug: 205779798
Bug: 205780186
Bug: 205779849
Bug: 205779799
Bug: 205780067
Bug: 205779581
Bug: 205779869
Bug: 205780068
Test: pts-tradefed run pts -m PtsSELinuxTest

Change-Id: I979411b162c42ace670c35fcfd6ba286f0ea02fb
 2021-11-10 11:06:37 +08:00
Adam Shih
7caaa15bd9 unleash error log related to file access 
Bug: 205212735
Test: boot with error revealed
Change-Id: I7cee80913ca621e7ab19f690eeb70d79e3d692dc
 2021-11-09 14:10:25 +08:00
Adam Shih
95c4e650c8 update error on ROM 7895525 
Bug: 205657177
Bug: 205657040
Bug: 205657133
Bug: 205656936
Bug: 205656937
Bug: 205657024
Bug: 205655569
Bug: 205656951
Bug: 205657039
Bug: 205657063
Bug: 205657092
Bug: 205657025
Bug: 205655298
Bug: 205657135
Bug: 205657093
Bug: 205657132
Bug: 205657090
Bug: 205656950
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I71c27247f9a19fe23a3602bf29793b1f0efc8bc8
 2021-11-09 05:45:36 +00:00
Adam Shih
dd5b14c118 unleash error log related to device access 
Bug: 205212735
Test: boot with error revealed
Change-Id: I49a995ecf3a050174c614453725fd51e09358688
 2021-11-09 01:50:45 +00:00
Roger Wang
5f1a03bf0e Wifi: Add sepolicy files for hal_wifi_ext service 
This commit adds the sepolicy related files for hal_wifi_ext service.

avc msg:
avc: denied { set } for property=vendor.wlan.firmware.version pid=682 uid=1010 gid=1010 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=1'
avc: denied { call } for scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c143,c258,c512,c768 tclass=binder permissive=1

Bug: 205073038
Test: Check no avc_deny on hal_wifi_ext
Change-Id: I5d9b59c56b723174543c0308dd6b0235e998e76c
Signed-off-by: Roger Wang <wangroger@google.com>
 2021-11-05 11:08:11 +00:00
Adam Shih
0060a1335c let init.rc set GKI ready property 
Bug: 205070818
Test: boot with no relevant error
Change-Id: I929a9d2cfbb5267b178fde09fc5e1f3dcc9ec3d0
 2021-11-05 11:25:01 +08:00
Adam Shih
4c9dd893b8 fix platform_app property access 
Bug: 205073024
Test: boot with no relevant error log
Change-Id: Ia230b025b89981ed797c95cdf76fe7efd56d3fa7
 2021-11-05 11:24:57 +08:00
Adam Shih
64af79f39a update error on ROM 7886118 
Bug: 205202540
Bug: 205202541
Bug: 205202542
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I21db6eb0ee47a9a4d002fc897c143eae0f0b614a
 2021-11-05 10:36:11 +08:00
Adam Shih
f2353c6aed update error on ROM 7882509 
Bug: 205073232
Bug: 205072921
Bug: 205073231
Bug: 205073165
Bug: 205073003
Bug: 205073229
Bug: 205073167
Bug: 205073164
Bug: 205073230
Bug: 205073038
Bug: 205073024
Bug: 205073117
Bug: 205073023
Bug: 205072922
Bug: 205073166
Bug: 205072689
Bug: 205073025
Bug: 205070818
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I84cc72176363ed31203b7f7afe0720c3153d2cc6
 2021-11-04 14:09:41 +08:00
Adam Shih
d43e7773ee unleash error log related to property access 
Bug: 203621307
Test: boot with error revealed
Change-Id: Id537726570bd5cce5716759316559bb792ab055b
 2021-11-01 15:15:16 +08:00
Adam Shih
c0d04c41b3 fix citadeld service access 
Bug: 204718569
Test: boot with no relevant error
Change-Id: Iba8c01f34c4453c8001e56b25089b467c4de79ea
 2021-11-01 10:45:13 +08:00
Adam Shih
8550b06ea4 update error on ROM 7870491 
Bug: 204718569
Bug: 204718762
Bug: 204718449
Bug: 204718220
Bug: 204718450
Bug: 204718757
Bug: 204718809
Bug: 204718221
Bug: 204718782
Bug: 204718864
Bug: 204718865
Bug: 204717520
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ic0b136fe876bcf67a94d7c35927c6bd0c6506005
 2021-11-01 10:39:07 +08:00
Rex Lin
d6f5c71db9 Uwb: Create a new Uwb system service 
inherit from gs101-sepolicy

Signed-off-by: Rex Lin <rexcylin@google.com>

Bug: 201232020

Test: ranging works
Change-Id: I0567e6bda78a94c12da3401444faffb36586f331
 2021-10-29 12:43:07 +08:00
Adam Shih
de48018a88 remove errors that were filed on the wrong ROM ID 
Bug: 202906903
Bug: 202906772
Bug: 202907037
Test: boot with those errors appear again
Change-Id: I5bc173c18b0d2a94ac2146e1c6e405c542e0c9ba
 2021-10-29 11:10:43 +08:00
Adam Shih
8cc3f28ac1 fix wlc_hwservice access 
10-29 10:38:01.270   440   440 E SELinux : avc:  denied  { find } for pid=1594 uid=10210 name=com.google.input.ITouchContextService/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:touch_service:s0 tclass=service_manager permissive=1
10-29 10:38:01.277   440   440 E SELinux : avc:  denied  { find } for pid=1594 uid=10210 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=1
Bug: 202906787
Test: boot with no relevant error

Change-Id: I47ea0f1dfe6f3f7b024d4512e0ccd94bc0da93a1
 2021-10-29 10:57:39 +08:00
Adam Shih
73845f7fcd fix rlsservice service access 
Bug: 202906997
Test: boot with no relevant error
Change-Id: I964d11956b5f78c410aec230289abc1f6a045023
 2021-10-29 10:21:00 +08:00
Adam Shih
c9392bd414 fix vendor_ims_app service access 
Bug: 202906888
Test: boot with no relevant error
Change-Id: I25e967bed593b017f11b647c23cfd148738227e0
 2021-10-29 10:19:38 +08:00
Adam Shih
d73b97b740 fix vendor_rcs_app service access 
Bug: 202907058
Test: boot with no relevant error
Change-Id: Ie435cdadc54cb59b09dadba890a9d1cbdb94b458
 2021-10-29 10:17:57 +08:00
Adam Shih
ee3287231f fix hal_usb_impl service access 
Bug: 202906786
Test: boot with no relevant error
Change-Id: I99178488a97aa2d0b3d7e4775c88b00321084d63
 2021-10-29 10:12:28 +08:00
Max Kogan
68217c1ae6 sepolicy: gs201: allow dumpstate access AoC stats 
Merge changes from gs101

Bug: 203827311
Change-Id: I3028e8d2c162dde74b747cbfe6458cc37a9ad759
 2021-10-28 05:14:06 +00:00
Adam Shih
23b637e260 fix mediacodec_samsung service access 
Bug: 202906949
Test: boot with no relevant errors
Change-Id: I015c58f1b223978cb0e61377f5fc6930477c9a53
 2021-10-27 13:24:52 +08:00
Adam Shih
e171a156e2 fix mediacodec_google service access 
Bug: 202906901
Test: boot with no relevant errors
Change-Id: I8ba645de225af4a25c52cc14eb05eb60a64ea202
 2021-10-27 13:24:46 +08:00
Adam Shih
5e572d5c72 fix hal_camera_default service access 
10-25 11:52:35.916   437   437 E SELinux : avc:  denied  { find } for pid=711 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
Bug: 202906784
Test: boot with no hal_camera_default errors

Change-Id: I0e21cc11808b973c859ddc2ddebc0db81f999d9f
 2021-10-27 13:24:34 +08:00
Adam Shih
abf31d56d6 fix secure element service access 
Bug: 202902683
Test: boot with no secure element errors
Change-Id: I84ee827d356e6a99af192cce9178fb4f408de5ec
 2021-10-25 11:37:10 +08:00
Adam Shih
0ae5acc904 fix graphics_composer services denials 
10-25 11:28:32.230   438   438 E SELinux : avc:  denied  { add } for pid=500 uid=1000 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=1
10-25 11:28:33.787   438   438 E SELinux : avc:  denied  { find } for pid=500 uid=1000 name=android.hardware.power.IPower/default scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=1
Bug: 202906947
Test: boot with no graphics_composer errors

Change-Id: I4174cbcacb7149427814ca67703799ab02b992e4
 2021-10-25 11:31:39 +08:00
Adam Shih
be8aedd6ac fix hal_fingerprint_default denails 
10-25 11:19:03.649   430   430 E SELinux : avc:  denied  { find } for pid=958 uid=1000 name=android.hardware.power.IPower/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=1
10-25 11:19:04.509   430   430 E SELinux : avc:  denied  { find } for pid=958 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
Bug: 202906981
Test: boot with no fingerprint errors

Change-Id: I95dcda0698c7fcec1e4874b95b598bc987e83e58
 2021-10-25 11:24:26 +08:00
Adam Shih
9cb1f625ba fix hal_weaver_citadel denials 
Bug: 202907040
Test: boot with nno relevant errors
Change-Id: Ieb7a57518b433cc6cd2849afb58c8616b409db13
 2021-10-25 11:09:06 +08:00
Jasmine Cha
6dea3e0842 audio: add permission to request health/sensor data 
- Add audio hal into hal_health clients
- allow audio hal to find fwk_sensor_hwservice

SELinux : avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1
SELinux : avc:  denied  { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1
audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1
audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1


Bug: 199382564
Bug: 199801586
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I6c8d9cd73953b20905857368d740fd91e92c6928
 2021-10-20 04:12:48 +00:00
Adam Shih
fc1ec67aa4 fix init_citadel service access 
Bug: 202906904
Test: boot to home with no relevant error
Change-Id: I6729ced49cbbecbc33234e311fb81652a065fe39
 2021-10-20 10:41:56 +08:00
Adam Shih
ecc3a24449 fix identity service access 
10-20 10:32:58.701   438   438 E SELinux : avc:  denied  { find } for pid=742 uid=9999 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_identity_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1
Bug: 202906902
Test: boot to home with no relevant error

Change-Id: Ia6e09343843f9a5c96e06998ba5c50fb64948d7f
 2021-10-20 10:35:18 +08:00
Adam Shih
4c20c40f50 Fix hal_keymint_citadel service access 
10-20 10:24:31.155   432   432 E SELinux : avc:  denied  { find } for pid=481 uid=1064 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_keymint_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1
Bug: 202907039
Test: boot to home with no keymint errors

Change-Id: I7935fe52a9774f8fca67336be9c9d47fe2675756
 2021-10-20 10:26:18 +08:00
Adam Shih
e9d02e08f5 fix widevine drm access 
Bug: 202906980
Test: boot with no relevant logs

Change-Id: Idc37f7e1441d9fae1f570bc53ff67a7a48656ed3
 2021-10-20 10:06:10 +08:00
Adam Shih
56bef214d3 fix citadeld's service access 
Bug: 202906931
Test: boot with no relevant logs
Change-Id: Ic65c6f218f69a1afa14fcd1b6eb0feacf48ea54f
 2021-10-20 09:54:52 +08:00
Adam Shih
a39f2e902e remove unlabeled dontaudits 
The log shows up when we remount the phone, causing modem images going
back to default file contexts: "unlabeled"
Bug: 202906831
Test: Boot to home with no relevant log

Change-Id: I69baced268782d9b38c1a56c62b3c63ae55733e4
 2021-10-20 09:46:02 +08:00
Adam Shih
a5f61547cf remove legacy folder 
Bug: 196916111
Test: boot to home
Change-Id: I33e4cf4a339092a31c951098e982c0bd38e53852
 2021-10-20 09:33:29 +08:00
Adam Shih
862eca1510 remove redundant bluetooth sepolicy 
Bug: 202790744
Test: boot with bluetooth hal started

Change-Id: Ie78cb9caeabd6b202ff99f9896fe0ae6e57cabfe
 2021-10-18 12:02:08 +08:00
Adam Shih
e0107f4952 remove legacy sepolicy to have a clean start 
Bug: 196916111
Test: build pass and boot to home
Change-Id: Idb220db3c1f8b35a9dfac15caf6114fa2e6737fe
 2021-10-18 12:01:54 +08:00
Adam Shih
90068020c3 review property settings 
Bug: 203025336
Test: build pass
Change-Id: I48bc1b0a5ffc4631fec04750c9b58bed8f15d39d
 2021-10-18 12:01:42 +08:00
Adam Shih
503d402cb2 review the rest of file declaration 
Bug: 203025336
Test: build pass
Change-Id: I330a8dd46bdf6b731d4f7f61544e1d1f1e59876c
 2021-10-18 12:01:13 +08:00
Adam Shih
37e4973df6 review file declaration 
Bug: 203025336
Test: build pass
Change-Id: I8cfec54ac035f41ccafc58f1ec0b125613e0742b
 2021-10-18 10:31:31 +08:00
Adam Shih
11c3b49e36 review file_contexts 
Bug: 203025336
Test: check if every path exists
Change-Id: I156c4953a50d888e54249038b45992d134b4aaca
 2021-10-18 00:46:45 +00:00
Adam Shih
e5b1c96b00 review genfs_contexts besides bluetooth 
Bug: 203025336
Test: check each path's existence
Change-Id: I0b45434f544fb243bd2810ea7abdb896056aed0e
 2021-10-15 03:45:59 +00:00
Adam Shih
37a0cb7547 review sys file nodes 
Bug: 203025336
Test: check if the paths exist
Change-Id: I5141545211e19d3c18b2c3bb315c10d33d5e3774
 2021-10-15 03:45:59 +00:00
Adam Shih
cf06f9ccbf review proc, tracefs, and system_suspend nodes 
Bug: 203025336
Test: check if each file path exists
Change-Id: I980742978599c162a6c0d09fa2a3a07d97434981
 2021-10-15 03:45:59 +00:00
Bart Van Assche
c6a7058dc3 Stop using the bdev_type SELinux attribute 
The bdev_type is being removed from all SELinux policy files. Hence this
patch.

Bug: 202520796
Test: Treehugger
Change-Id: I475ff63b3f77f1bfe49519b76bb31b90c3216105
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-10-15 01:52:10 +00:00
Adam Shih
0b4e85afe7 review debugfs 
Bug: 203025336
Test: Boot to home with those files labeled
Change-Id: Ibe758555512417953eb9726bdba05c4ac2ff2ccf
 2021-10-14 13:57:18 +08:00
Adam Shih
0b42f3ba82 review file_contexts 
Bug: 203025336
Test: boot to home and check if the files are there
Change-Id: I2b748b18cca389d7fdd8b1b472dcb1605e0ddaaa
 2021-10-14 13:34:33 +08:00
Adam Shih
0a570d1bc1 review hw service settings 
Bug: 196916111
Test: boot to home
Change-Id: I63bc13119cee3564fd577b12aba9042f484ec18f
 2021-10-14 04:01:42 +00:00
Adam Shih
bfd5097be2 dispatch service related error 
Bug: 202906787
Test: pts-tradefed run pts -m PtsSELinuxTest

Change-Id: Ifbdf1de156994572b8fedfd18180d3821ef1594c
 2021-10-14 10:50:12 +08:00
Jaegeuk Kim
bf900e2ae5 allow to convert /efs to f2fs 
Bug: 201348703
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: If69f1443a0ee4d46a468a33524e8a51f774b2d28
 2021-10-14 02:17:56 +00:00
Konstantin Vyshetsky
54b0addb16 convert_to_f2fs.sh: add sepolicy 
Add entries for convert_to_f2fs.sh executable.

Bug: 202511062
Signed-off-by: Konstantin Vyshetsky <vkon@google.com>
Change-Id: I76ca5e169efec06f7a856e3938f50cfee5e6a7f3
 2021-10-14 02:17:56 +00:00
Adam Shih
dfbc96da03 remove redundant exo sepolicy 
All exo sepolicy live in gs101
Bug: 196916111
Test: build pass

Change-Id: I5c9a8af806c62ee74b4f2ab23bd60cd9706b2dae
 2021-10-14 02:14:56 +00:00
Adam Shih
4d8c9e5940 review legacy contexts and keys 
Bug: 196916111
Test: build pass and boot to home
Change-Id: I1b709cf6617668418150f269359eaa28421c1d43
 2021-10-14 10:09:05 +08:00
Adam Shih
5b51181f96 review grilservice_app 
Bug: 198532074
Test: boot with gril app started
Change-Id: I9e21bee23ad2cbb7e6d0e7363780ba0fbf5adb3b
 2021-10-14 10:08:56 +08:00
Shiyong Li
cc27fae6e5 allow hwc to access displaycolor service 
Fix the following violations:
SELinux : avc:  denied  { add } for pid=487 uid=1000 name=displaycolor
scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:vendor_displaycolor_service:s0 tclass=service_manager
permissive=1
SELinux : avc:  denied  { find } for pid=487 uid=1000 name=displaycolor
scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:vendor_displaycolor_service:s0 tclass=service_manager
permissive=1

Bug: 199467938
Test: check avc denials while hwc loads calibration file
Signed-off-by: Shiyong Li <shiyongli@google.com>
Change-Id: I43865b0a0fc406dc1955b58a80295c556d650797
 2021-10-13 17:21:58 +00:00
Adam Shih
1aaa9d5be9 review hardware_info_app 
Bug: 196916111
Test: boot with app correctly labeled
Change-Id: I31335fff6356edeedc10ebd2e55b8ed62e39ee02
 2021-10-08 11:39:38 +08:00
Adam Shih
9e0b7599b4 review logger_app 
Bug: 196916111
Test: boot to home
Change-Id: I882d0c302a44eb6c3467ced6fefa4437469d4c44
 2021-10-08 11:33:40 +08:00
Adam Shih
37ca0bdfa4 review pixelstats_vendor 
Bug: 202462997
Test: boot with pixelstats_vendor started
Change-Id: I1cd14413ea05362f3760e61b2d0d7b1db164a31c
 2021-10-08 10:56:54 +08:00
Adam Shih
a787a30f8d review trusty domains 
Bug: 198723116
Test: boot to home with trusty domains started
Change-Id: If5c6c0a75b6ad0eb032f637fd51ab2e4cea1e389
 2021-10-08 10:48:04 +08:00
Adam Shih
34693feadc review mediacodec 
Bug: 196916111
Test: boot with google and samsung mediacodec running
Change-Id: I7aaee5def774c8b7c19699f4da9b0b51f4869be9
 2021-10-06 00:47:41 +00:00
Adam Shih
791aeae701 review ramdump_app 
Bug: 196916111
Test: boot to home
Change-Id: I756f9022a7c20392dd8d07d2be7c972395176629
 2021-10-06 00:47:41 +00:00
Adam Shih
1d0b6d22bc remove uwb app 
uwb app does not exist on ROM 7793030
Bug: 196916111
Test: boot to home

Change-Id: I37d02e98589c7b3e894defa04de709ae0d904f09
 2021-10-06 00:47:41 +00:00
Adam Shih
9c8da5b91c remove uwb 
No uwb hal were found on ROM 7793030
Bug: 196916111
Test: Boot to home

Change-Id: I89ce68505c13b8de080d7aec5fc594fd2ada11c6
 2021-10-06 00:47:41 +00:00
Kris Chen
fc82a2b242 fingerprint: Fix SELinux error 
Fix the following SELinux error:
E init    : Could not start service 'vendor.fps_hal' as part of class 'late_start': File /vendor/bin/hw/android.hardware.biometrics.fingerprint@2.1-service.goodix(labeled "u:object_r:vendor_file:s0") has incorrect label or no domain transition from u:r:init:s0 to another SELinux domain defined.

Bug: 201500671
Test: build and run on DUT.
Change-Id: I85bd89edfaa6aaca003a5be21f4a045ce5944ab9
 2021-10-05 03:44:27 +00:00
Adam Shih
16c10d6a33 review init-insmod-sh 
Bug: 196916111
Test: boot to home
Change-Id: I085ff319e08c65cfc3d51fb480259fa137f8e3f3
 2021-10-05 01:42:16 +00:00
Adam Shih
cccebb9eaf remove bugreport related sepolicy 
Bug: 196916111
Test: adb bugreport
Change-Id: If52a43baed4022ffb3ecb248067eb1f4712c5feb
 2021-10-05 01:42:16 +00:00
Adam Shih
798b72ad9c review hal_tetheroffload_default 
Bug: 201599426
Test: boot to home with hal_tetheroffload_default started
Change-Id: I85491753dc7336eff285f61c71ad51840a13d7c3
 2021-10-05 01:42:16 +00:00
Adam Shih
0a4f633d40 remove hal_wifi_ext 
This is a shared module across qcom and google platform.
It is hard to tell whether it always behaves the same.
Bug: 201599426
Test: boot to home with hal_wifi_ext started

Change-Id: Ica8fa1168ecc07e3fed34bfad1c8d113e42bef22
 2021-10-05 01:42:16 +00:00
Adam Shih
3f619c21ad centralize wifi_ext config 
Bug: 201599426
Test: boot with wifi_ext started
Change-Id: I100363628bed970628cd3312a73f6d39bca533ef
 2021-10-05 01:38:45 +00:00
Adam Shih
618ea304d4 review tcpdump_logger 
Bug: 201599426
Test: boot with tcpdump_logger started
Change-Id: I023f48ea45b8d5a2180c91577241e9d9410469a4
 2021-09-30 14:40:10 +08:00
Adam Shih
5ec277bf7c review hal_wifi 
Bug: 201599426
Test: boot to home
Change-Id: I05538169275a7e8dc7638e075114440abda8c11b
 2021-09-30 11:13:35 +08:00
Adam Shih
82cdc92c84 review hal_usb 
Bug: 201599187
Test: boot with hal_usb_impl started
Change-Id: I77875c6911f6582454d666a57ed59cc1e386885b
 2021-09-30 11:00:43 +08:00
Adam Shih
7ac4d6ae8c review hal_power_stats_default 
Bug: 201230944
Test: make sure all file contexts took effect
Change-Id: Ifefb09f69b722747ccbb1c8cfbd423b27204e4e4
 2021-09-28 14:42:35 +08:00
Adam Shih
fb11c9aaa0 restore rlsservice 
01-01 20:00:12.304   425   425 E SELinux : avc:  denied  { add } for pid=704 uid=1000 name=rlsservice scontext=u:r:rlsservice:s0 tcontext=u:object_r:default_android_vndservice:s0 tclass=service_manager permissive=1
01-01 20:00:11.374     1     1 I SELinux : Context u:object_r:rlsservice_exec:s0 is not valid (left unmapped).
rlsservice uses apex, that's why it cannot be found in vendor.img
Bug: 196916111
Test: boot with rlsservice started

Change-Id: I8e052d75473f9431bbaeafb74d0e4043b02a1b51
 2021-09-28 14:23:36 +08:00
Adam Shih
758dd9c309 review hal_power_default related contexts 
Bug: 201230944
Test: make sure all contexts setting take effect
Change-Id: I1e3be99700560583153e70efdd21de5356b97c74
 2021-09-28 13:54:03 +08:00
Adam Shih
cc911a8963 remove obsolete setting 
Bug: 196916111
Test: boot to home
Change-Id: I7488b9d0789a002457891e0287d394ca281e945d
 2021-09-28 13:19:35 +08:00
Adam Shih
8c532b1a65 remove un-reviewable sepolicy 
Bug: 196916111
Test: boot to home
Change-Id: Idac79eece3a2e36eca8ad1b1e0ffc8d771f445d3
 2021-09-28 08:04:57 +08:00
Adam Shih
ad68e7dc96 remove hal_health_default 
It will be easier to review it through boot test
Bug: 201230944
Test: boot to home

Change-Id: I5008c4054ce04f062a8ca01a1e2bfd4cfe8daf70
 2021-09-28 08:04:38 +08:00
Adam Shih
962e580a3c review hal_wlc 
Bug: 201230944
Test: boot with hal_wlc started
Change-Id: I81d5ff7ed4745fb6d760f59c6acc50cc1732c95e
 2021-09-28 08:03:15 +08:00
Adam Shih
53641894eb use gs101 neuralnetwork armnn 
Bug: 196916111
Test: boot with armnn started
Change-Id: I50b1968034c60f922e679205e68841d63aadf5ae
 2021-09-27 23:54:37 +00:00
Arthur Ishiguro
81ab5aceb9 Add Context Hub AIDL to gs201 sepolicy 
Bug: 194285834
Test: None
Change-Id: Ife9b43cad3b3c500f549e72b4deda1836f6d79a0
 2021-09-23 21:05:19 +00:00
Adam Shih
76b0758e9e review hal_thermal_default 
Bug: 196916111
Test: boot to home
Change-Id: I6e804abe5761dae7a2563fbb514da293e7988fce
 2021-09-23 00:25:52 +00:00
Adam Shih
48a9994ea4 remove obsolete sepolicy setting 
ROM 7726471 does not have wlcfwupdate
Bug: 196916111
Test: build pass

Change-Id: I390552aa75a0139be2e23074f781c5aba513b4d5
 2021-09-23 00:25:52 +00:00
Adam Shih
87f3dd73e5 organize wifi_sniffer 
Bug: 196916111
Test: boot with wifi_sniffer started

Change-Id: I9bd8c7d517a4c264758db52054033cde2d84bf95
 2021-09-22 04:56:01 +00:00
Adam Shih
54e3056f4c review vendor_battery_profile_prop 
The action came from PTS
Bug: 196916111
Test: boot to home

Change-Id: I950fb0fa3fd959d3c176d5fc960b57f905034d67
 2021-09-22 10:21:27 +08:00
Adam Shih
889f58606b remove untraceable rules 
Bug: 196916111
Test: boot to home
Change-Id: I50ac7a469f76a25adca0ef3e3a9751a0e8afbd2a
 2021-09-22 10:14:45 +08:00
Adam Shih
3f1c23ad58 rewrite hbmsv app 
This app has different sources for every device
Bug: 196916111
Test: boot to home

Change-Id: Iccbdc94eb68c03a5e7b5f1081e802b29c11cb5b0
 2021-09-17 12:46:12 +08:00
Adam Shih
368ac5f679 review hal_nfc_default 
Bug: 196916111
Test: boot to home with nfc hal started
Change-Id: Iee8c30777f83788ff703c8094c03182171d713c5
 2021-09-17 11:06:51 +08:00
Adam Shih
9ffc6d62b8 remove hal_camera_default 
The file does not exist on ROM 7736863
Bug: 196916111
Test: boot to home

Change-Id: I40e64665c33869b93857798055ee1d8145a507aa
 2021-09-16 14:13:30 +08:00
Adam Shih
18db3d30dd remove rlsservice 
The file does not exist
Bug: 196916111
Test: boot to home

Change-Id: I1bd4b13be5912c2620fbfae2913f01543a09915f
 2021-09-16 14:07:40 +08:00
Adam Shih
d57c9cd1fc review graphics related sepolicy 
Bug: 196916111
Test: boot to home
Change-Id: I43a875fb69e4237009b0515d8db6ebac8e2982b5
 2021-09-16 14:07:31 +08:00
Adam Shih
01d2b96516 restart dauntless sepolicy 
Bug: 199685763
Test: build ROM with relevant modules labeled correctly
Change-Id: I9d01ad1dea9da059cb91142adadd3f55f50cf9ca
 2021-09-16 04:45:52 +00:00
Adam Shih
256795caa7 review SSR app 
Bug: 198532074
Test: boot with SSR app labeled
Change-Id: I7fd0765ffdcc5632be1c91a28de25c6e1e531e26
 2021-09-14 04:00:15 +00:00
Adam Shih
349700cece remove twoshay 
It does not eexist on raven claw on Build ID 7726471
Bug: 196916111
Test: boot to home

Change-Id: Ie358657de3f4dfd6704288798dc2a198f25ae419
 2021-09-13 14:59:36 +08:00
Adam Shih
2a422d7159 remove fingerprint policy 
Bug: 196916111
Test: boot ot home with fingerprint hal started
Change-Id: I24a81eb5bae26120e66e7d77f9672566bb1f049b
 2021-09-13 14:59:36 +08:00
Adam Shih
953c43b31a remove untraceable rules 
Bug: 196916111
Test: boot to home
01-01 12:00:13.140   903   903 I Binder:903_1: type=1400 audit(0.0:9): avc: denied { quotaget } for scontext=u:r:installd:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=1

Change-Id: Iec8f2495b13df6b035af0cf11f67cd1525bcf9ea
 2021-09-13 14:59:16 +08:00
Adam Shih
0a091e5308 modulize drm modules 
Bug: 199232842
Test: boot with drm modules started
Change-Id: Ic02f6c8498a4ac6cbda2b10b0e9647f733b54478
 2021-09-08 13:49:49 +08:00
Adam Shih
ba469d27e4 remove obsolete devices 
Bug: 196916111
Test: build pass
Change-Id: I3e0768802f4a49aad799e5053627f1f0328316f5
 2021-09-08 13:04:43 +08:00
Adam Shih
cf1ea7aad5 review block devices 
Bug: 196916111
Test: boot with those partition mounted with no avc error
Change-Id: I6248be92d19abf37f5b901aa6101436832813f42
 2021-09-08 12:34:14 +08:00
Adam Shih
95cc78f004 review ofl_app 
Bug: 198532074
Test: boot with ofl app labeled correctly
Change-Id: Ic00207c063e6c8771c2c6b077169ae1d25c77225
 2021-09-08 12:17:23 +08:00
Adam Shih
89923acb04 review radio app 
Bug: 198532074
Test: boot with app correctly labeled
Change-Id: Iba1f5c949052fafca8e629aba24484a7705f3f21
 2021-09-08 11:27:34 +08:00
Adam Shih
948098bcd6 review hal_radioext_default 
Bug: 198532074
Test: boot with hal_radioext_default started
Change-Id: I083fd55749f0d82cabe527e7fa611ad2633d0ecd
 2021-09-08 10:54:34 +08:00
Adam Shih
aef3b66218 review con_monitor 
bug: 198532074
Test: boot with the app labeled
Change-Id: I1d268c292603aabb25e5e626f442b39a7ad7b4e7
 2021-09-06 11:31:36 +08:00
Adam Shih
2fc26d0a5e refactor ims app 
Bug: 198532074
Test: boot with those apps labeled correctly
Change-Id: I15c559551b7af8a9688b4e489b6daeba032da308
 2021-09-06 11:24:37 +08:00
Adam Shih
6f97e91778 review init.radio.sh 
Bug: 198532074
Test: boot with init.radio.sh started
Change-Id: Ieb47925b319866cc648e4de9b34fc3153ba1717b
 2021-09-06 10:59:10 +08:00
Adam Shih
98ebd6e7f1 review tee 
Bug: 198723116
Test: boot with tee started
Change-Id: Ib50698834d16887fa00bdbbaf81801f1067909ba
 2021-09-03 15:26:51 +08:00
Adam Shih
b05c0902ad refactor hal_secure_element 
01-01 20:00:07.579   419   419 E SELinux : avc:  denied  { find } for interface=android.hardware.secure_element::ISecureElement sid=u:r:hal_secure_element_gto_ese2:s0 pid=748 scontext=u:r:hal_secure_element_gto_ese2:s0 tcontext=u:object_r:hal_secure_element_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.595   419   419 E SELinux : avc:  denied  { add } for interface=android.hardware.secure_element::ISecureElement sid=u:r:hal_secure_element_gto_ese2:s0 pid=748 scontext=u:r:hal_secure_element_gto_ese2:s0 tcontext=u:object_r:hal_secure_element_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.596   419   419 E SELinux : avc:  denied  { add } for interface=android.hidl.base::IBase sid=u:r:hal_secure_element_gto_ese2:s0 pid=748 scontext=u:r:hal_secure_element_gto_ese2:s0 tcontext=u:object_r:hidl_base_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.597   419   419 E SELinux : avc:  denied  { find } for interface=android.hardware.secure_element::ISecureElement sid=u:r:hal_secure_element_gto:s0 pid=749 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:hal_secure_element_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.597   419   419 E SELinux : avc:  denied  { find } for interface=android.hardware.secure_element::ISecureElement sid=u:r:hal_secure_element_uicc:s0 pid=750 scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:object_r:hal_secure_element_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.599   419   419 E SELinux : avc:  denied  { add } for interface=android.hardware.secure_element::ISecureElement sid=u:r:hal_secure_element_uicc:s0 pid=750 scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:object_r:hal_secure_element_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.600   419   419 E SELinux : avc:  denied  { add } for interface=android.hidl.base::IBase sid=u:r:hal_secure_element_uicc:s0 pid=750 scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:object_r:hidl_base_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.601   419   419 E SELinux : avc:  denied  { add } for interface=android.hardware.secure_element::ISecureElement sid=u:r:hal_secure_element_gto:s0 pid=749 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:hal_secure_element_hwservice:s0 tclass=hwservice_manager permissive=1
01-01 20:00:07.602   419   419 E SELinux : avc:  denied  { add } for interface=android.hidl.base::IBase sid=u:r:hal_secure_element_gto:s0 pid=749 scontext=u:r:hal_secure_element_gto:s0 tcontext=u:object_r:hidl_base_hwservice:s0 tclass=hwservice_manager permissive=1
09-03 10:51:44.574   419   419 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:hal_secure_element_uicc:s0 pid=750 scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=1
Bug: 198713948
Test: boot with secure_element started
Change-Id: Ie79b80f3c0fbe21c898e6a67384d98a2cc282f93

Change-Id: I14d9f01b6ef901fd87e8927d691ce96a9b174ed3
 2021-09-03 15:26:38 +08:00
Adam Shih
18fb79d460 review rild 
Bug: 198532074
Test: boot with rild started
Change-Id: Ic29d2cbbb9691f1386c024d1438fdd050ef14b8f
 2021-09-03 15:25:10 +08:00
Kyle Tso
7295743ea6 Add file context for /dev/logbuffer_tcpm 
/dev/logbuffer_tcpm gets accessed by dumpstate while bugreport
generation.

(Port of ag/15019635)

Bug: 189792358
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: Id73f7c884f45364b5386a9fe13900cb94d914520
 2021-09-03 11:57:59 +08:00
Adam Shih
7a20b1d9c0 Merge changes I183c75b5,I938fe187,Ic3e07e73 
* changes:
  review rfsd
  review bootdevice_sysdev
  review mount and block devices
 2021-09-03 02:03:02 +00:00
Adam Shih
ff91ffd98a review rfsd 
Bug: 198532074
Test: boot with rfsd started
Change-Id: I183c75b5fad35eec56fbca693896c94f7a1ca410
 2021-09-02 14:48:13 +08:00
Adam Shih
a90c8fe1b5 review bootdevice_sysdev 
Bug: 196916111
Test: boot with bootdevice_sysdev labeled
Change-Id: I938fe18718356bf4156bb55937528a1ca3e072fb
 2021-09-02 13:24:46 +08:00
Adam Shih
91d989bca4 review mount and block devices 
Bug: 196916111
Test: make sure all path under ufs is labeled
Change-Id: Ic3e07e7341f838f54c483ab8b272407a70f1f8f2
 2021-09-02 12:49:38 +08:00
Adam Shih
59b7224754 Merge changes I30184915,Iced4bfaa 
* changes:
  review modem_svc_sit
  review cbd
 2021-09-02 04:22:17 +00:00
Adam Shih
ee0c81fbc6 review modem_svc_sit 
Bug: 198532074
Test: boot with modem_svc_sit started
Change-Id: I3018491564eb3bb5dafc5e9ad6446f353d54b18b
 2021-09-02 11:41:59 +08:00
Adam Shih
c6111a8666 review cbd 
Bug: 198532074
Test: boot with cbd started
Change-Id: Iced4bfaa9ea8e749cc0a8cb7a8da91abfc88d765
 2021-09-02 11:41:48 +08:00
Adam Shih
3a8ed7968c sscoredump: remove sepolicy 
Bug: 198365717
Test: build ROM with sscoredump started
Change-Id: I3fd72ed6958bd0a95947dbf513f5ba658a229948
 2021-09-02 01:24:39 +00:00
Adam Shih
f5ed5632e2 review recovery related operations 
Bug: 196916111
Test: make sure the files are labeled correctly (ls -Z)
Change-Id: I735de8b9635c7852a18ec8f32733cb0a0abd38f3
 2021-08-30 14:45:29 +08:00
Adam Shih
ffc779eaa8 review chre 
Bug: 198109521
Test: boot with chre started
Change-Id: Ibca6cc3ca0049a412d36e433cb5dcb3363d60527
 2021-08-30 14:02:30 +08:00
Adam Shih
e1db507a06 review cbrs app 
Bug: 198107733
Test: boot with app launched.
Change-Id: I6e32a4ff04f84bba42060bffadf82466f1c7a749
 2021-08-30 13:30:56 +08:00
Adam Shih
2220917375 review bipchmgr 
Bug: 198102284
Test: boot with bipchmgr started
Change-Id: I29a35ac4c93749481fe08edd3c1f25bffd013224
 2021-08-30 10:40:57 +08:00
Adam Shih
49784e0285 modularize gpsd 
Bug: 197914244
Test: boot with gpsd started
Change-Id: I4bcb0b55f95609a770810d676e8496c389b5cc73
 2021-08-27 12:08:37 +08:00
Adam Shih
d646306b48 modularize hal_gnss_default 
Bug: 197914244
Test: boot with hal_gnss_default started
Change-Id: I7b3d71fb9ae151363e3ce54587721ffe04d42b55
 2021-08-27 11:38:00 +08:00
Adam Shih
99ab56746a modularize lhd 
Bug: 197914244
Test: boot with lhd started
Change-Id: I873a151e4dc6e512b8831b936c3e057ae544888c
 2021-08-27 11:29:09 +08:00
Adam Shih
8f611991f7 modularize scd 
Bug: 197914244
Test: boot with scd started
Change-Id: If2c033e9aaf33b47f2fe5db3507fac052dcaef1a
 2021-08-27 11:16:47 +08:00
Adam Shih
2cdc065832 Merge changes from topic "aoc-module" 
* changes:
  modularize hal_audiometricext_default
  modularize hal_audio_default
  modularize aocdump
  modularize aocd
 2021-08-26 02:47:17 +00:00
Adam Shih
7d4d5a8940 modularize hal_audiometricext_default 
Bug: 197585437
Test: boot with hal_audiometricext_default initialized
Change-Id: I3d9aa576af2faefd2b03b911141d5ffdafc7902e
 2021-08-25 15:40:02 +08:00
Roshan Pius
6ec775cffd Merge "gs201-sepolicy: Rename hal_uwb -> hal_uwb_vendor" 2021-08-25 00:49:38 +00:00
Adam Shih
d9c4ed7b59 modularize hal_audio_default 
Bug: 197585437
Test: boot with hal_audio_default initialized
Change-Id: I90435ffa66d342ee5c96bcb872d2ebefe5b4ef7c
 2021-08-24 15:18:53 +08:00
Adam Shih
ee94f61357 modularize aocdump 
Bug: 197585437
Test: build ROM with aocdump labeled correctly
Change-Id: Ia2c2877a337bca6711d0f15a309b9012624ce76b
 2021-08-24 14:31:54 +08:00
Adam Shih
1eeb466b55 modularize aocd 
Bug: 197585437
Test: boot with aoc started
Change-Id: Ib8f3aad606f8a2c3d5d5a75287816ab4cb8318a8
 2021-08-24 13:57:53 +08:00
Roshan Pius
6fc63f75c3 gs201-sepolicy: Rename hal_uwb -> hal_uwb_vendor 
Since we are now creating an AOSP HAL for uwb. Rename qorvo's internal
HAL to hal_uwb_vendor to avoid conflicts with the AOSP HAL sepolicy
rules.

Bug: 195308730
Test: Compiles
Change-Id: I0c06a9d191d6bf2f2e5c66f70be0c7f8e8aa96b4
 2021-08-23 13:05:58 -07:00
Adam Shih
72ad95d1eb review vcd and remove obsolete declarations 
Bug: 196916111
Test: boot with vcd started
Change-Id: Ic82975e998dad4437c38afc625a7a88428417b7a
 2021-08-23 14:06:17 +08:00
Adam Shih
dcf0597594 review sced 
Bug: 196916111
Test: boot with sced started
Change-Id: I9140b5bc0f7ad4efedbbbcf58f9e773e5246df74
 2021-08-23 11:45:31 +08:00
Adam Shih
5656f81f62 reuse gs101 confirmation UI 
Bug: 196916111
Test: boot with confirmation UI started
Change-Id: I39ff3c0eecb017bb78118a1f7b42c8ce87eda971
 2021-08-23 10:56:10 +08:00
Adam Shih
6dc0391fab reuse gs101 pktrouter 
Bug: 196916111
Test: boot with pktrouter launched
Change-Id: Ie901adcba877aa11fcae188e360538c38184db00
 2021-08-23 10:26:58 +08:00
Adam Shih
e7538e644a review modem_logging_control 
Bug: 196916111
Test: boot with modem_logging_control launched
Change-Id: I16c810298343310003a626397d88861f47c5a207
 2021-08-18 11:21:15 +08:00
Adam Shih
b12473a9de review modem_diagnostic_app 
Bug: 196916111
Test: boot with modem_diagnostic_app running
Change-Id: Ic79f2048f840845ba73cc4d0853371a50ce63317
 2021-08-18 11:07:37 +08:00
Adam Shih
c2582ecc01 review dmd sepolicy 
Bug: 196916111
Test: boot with dmd launched successfully
Change-Id: Ic962ab09dcd7697c27f9b2ab68400a0060573888
 2021-08-18 09:46:29 +08:00
Adam Shih
c1ffe9c177 Initialize gs201 to zero 
Bug: 196916111
Test: boot to home with all services launched
Change-Id: I3453fc01cec5fd7b2b2a44a6f20c64e818ce1acd
 2021-08-18 09:46:14 +08:00
Petri Gynther
471fb507d1 Add vbmeta_vendor_[ab] to file_contexts 
Bug: 197026498
Change-Id: Icd6a6ac7b2cd302a7bc2032241ff1a540eaa5024
 2021-08-17 17:30:47 -07:00
TreeHugger Robot
2d2ddfca10 Merge "storage: update sepolicy for hardwareinfoservice" 2021-08-17 21:26:55 +00:00
Ocean Chen
827b204adb storage: update sepolicy for hardwareinfoservice 
Bug: 188793183
Test: run pixel/022
Change-Id: I921c4eae0744278896007183a7947f281925b24f
 2021-08-17 16:25:46 +00:00
Richard Hsu
63bf045d2a Merge "[Bringup] Add Janeiro sysfs(s) to part of sysfs_edgetpu group" 2021-08-13 01:27:22 +00:00
Richard Hsu
da3b06d9c4 [Bringup] Add Janeiro sysfs(s) to part of sysfs_edgetpu group 
For the logging service to access sysfs, the sysfs needs to be included in the sysfs_edgetpu group. This CL makes gs201 sepolicy on par with the gs101 version, by including janeiro (PRO) in the gs201 setup.

gs101 genfs file: https://source.corp.google.com/sc-dev/device/google/gs101-sepolicy/edgetpu/genfs_contexts;l=2?q=sysfs_edgetpu&ct=os

Bug: 196105736

Test: Restarted logging service on cloudripper. No AVC denial.

Change-Id: I4d5fa33e1110c28904f7fffea0024d7688387b11
 2021-08-12 15:54:22 -07:00
Jiyong Park
3652d4beda Remove ndk_platform backend. Use the ndk backend. 
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same ndk backend.

Bug: 161456198
Test: m
Change-Id: Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2
 2021-08-10 03:15:31 +00:00
Rick Yiu
0d404b7105 gs201-sepolicy: Remove sysfs_vendor_sched 
Moved to system/sepolicy.

Bug: 194656257
Test: build pass
Change-Id: I5b392d001495d77408f2078f3a8e0f9d1eec6e65
 2021-07-30 00:45:03 +00:00
Armelle Laine
c6ac9f51a4 Replace se-policy of the deprecated Keymaster HAL with Keymint HAL's 
Bug: 193715461
Test: `vendor.keymint-trusty` service up
Change-Id: Ib5d5234a0501c93f56dbdfc2e4796d50e7f0be3a
Signed-off-by: Armelle Laine <armellel@google.com>
 2021-07-15 00:18:07 +00:00
Ted Wang
d33073eba5 Grant sepolicy for Bluetooth Ccc Timesync feature 
Add sepolicy rules for Bluetooth Ccc Timessync

Bug: 191846449
Test: make
Change-Id: Ibca95f7a9bd1da7b2c599d97f46856322e7f3487
 2021-06-29 16:39:31 +08:00
Armelle Laine
ba494ca01d Add se-policy to /dev/trusty-log0 
Allows /dev/trusty-logs to be accessed by dumpstate hal

Test: adb bugreport to include a trusty section in dumpstate_board.txt
Bug: 192036703
Change-Id: Ib4e1825b4167880e05fed0afbc87d2d5f1595790
Signed-off-by: Armelle Laine <armellel@google.com>
 2021-06-25 20:37:12 +00:00
Richard Hsu
02ccab0539 [Bringup] Update SEPolicy for TPU (Janeiro) for PRO. 
Reuse the same SEPolicy for edgetpu gs101 for gs201.
1. gs101 sepolicy has been refactored into an edgetpu directory, which
is meant to be reused. We only need to match the gs201 side to mirror
that. This CL references Adam's ag/14911633.
2. In a separete CL, add /dev/janeiro into the common gs101 sepolicy.

Bug: 191185522

Test: run_tflite_test_odc passes.
https://paste.googleplex.com/5466657955774464

Change-Id: Idd9e47a3c8da70f9dd4696cb7db7d4439e9897d6
 2021-06-17 17:22:43 -07:00
weichinweng
c674d9f3e4 Change gs201 bluetooth uart port to dev/ttySAC18 
Bug: 189727579
Test: Bluetooth can be turned ON from settings
Change-Id: Ia261c207ac8d1c617c40765c432545a33cc55670
 2021-06-01 16:36:10 +08:00
Hyunki Koo
0bad7bc816 change name 11110000.usb to 11210000.usb 
Bug: 188672439
Signed-off-by: Pat Tjin <pattjin@google.com>
Signed-off-by: Hyunki Koo <hyunki00.koo@samsung.com>
Change-Id: I2de4b90e65176e7c00404428c3659491363b0da9
 2021-05-21 15:00:01 -07:00
Pat Tjin
d3a63de64b clone sepolicy from gs101 
s/gs101/gs201/g

Bug: 186836335
Test: Boot
Signed-off-by: Pat Tjin <pattjin@google.com>
Change-Id: Ifa0d083f7317c38eb02c8228c2804cbd4d5ee19f
 2021-05-20 17:51:49 -07:00
Aaron Ding
703587e97c init gs201-sepolicy.mk 
Bug: 183183095
Change-Id: Id4b568100f2dbd438d9527253b56169bb4540f44
 2021-05-19 15:28:01 +08:00
Inna Palant
6a85e12ff9 Initial empty repository 2021-05-18 11:37:03 -07:00
207 changed files with 3992 additions and 58 deletions
Expand all files Collapse all files

1
.gitupstream Normal file
View File

@@ -0,0 +1 @@
https://android.googlesource.com/device/google/gs201

16
BoardConfig-common.mk
View File

@@ -170,7 +170,6 @@ BOARD_AVB_INIT_BOOT_ROLLBACK_INDEX_LOCATION := 4
TARGET_USERIMAGES_USE_EXT4 := true
TARGET_USERIMAGES_USE_F2FS := true
BOARD_USERDATAIMAGE_PARTITION_SIZE := 11796480000
BOARD_USERDATAIMAGE_FILE_SYSTEM_TYPE := f2fs
PRODUCT_FS_COMPRESSION := 1
BOARD_FLASH_BLOCK_SIZE := 4096
BOARD_MOUNT_SDCARD_RW := true
@@ -231,7 +230,7 @@ BOARD_USES_GENERIC_AUDIO := true
$(call soong_config_set,aoc_audio_func,ext_hidl,true)
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
$(call soong_config_set,aoc_audio_func,dump_usecase_data,true)
$(call soong_config_set,aoc_audio_func,hal_socket_control,true)
$(call soong_config_set,aoc_audio_func,record_tuning_keys,true)
@@ -405,15 +404,7 @@ BOARD_VENDOR_KERNEL_MODULES_LOAD := $(strip $(shell cat $(KERNEL_MODULE_DIR)/ven
ifndef BOARD_VENDOR_KERNEL_MODULES_LOAD
$(error vendor_dlkm.modules.load not found or empty)
endif
# staging kernels might have modules split between system/vendor_dlkm. If
# the target defined modules on the system_dlkm image, honor the split.
# Otherwise, assume all modules are stored on the vendor_dlkm image.
ifneq ($(BOARD_SYSTEM_KERNEL_MODULES),)
BOARD_VENDOR_KERNEL_MODULES := $(addprefix $(KERNEL_MODULE_DIR)/, $(notdir $(BOARD_VENDOR_KERNEL_MODULES_LOAD)))
else
BOARD_VENDOR_KERNEL_MODULES := $(KERNEL_MODULES)
endif
BOARD_SYSTEM_KERNEL_MODULES_LOAD := $(strip $(shell cat $(KERNEL_MODULE_DIR)/system_dlkm.modules.load))
BOARD_SYSTEM_KERNEL_MODULES := $(addprefix $(KERNEL_MODULE_DIR)/, $(notdir $(BOARD_SYSTEM_KERNEL_MODULES_LOAD)))
@@ -421,7 +412,7 @@ BOARD_SYSTEM_KERNEL_MODULES := $(addprefix $(KERNEL_MODULE_DIR)/, $(notdir $(BOA
# Using BUILD_COPY_HEADERS
BUILD_BROKEN_USES_BUILD_COPY_HEADERS := true
include device/google/gs201-sepolicy/gs201-sepolicy.mk
include device/google/gs201/sepolicy/gs201-sepolicy.mk
# Battery options
BOARD_KERNEL_CMDLINE += at24.write_timeout=100
@@ -434,3 +425,6 @@ BOARD_PVMFWIMAGE_PARTITION_SIZE := 0x00100000
# pick up library for cleaning digital car keys on factory reset
-include vendor/google_devices/gs-common/proprietary/BoardConfigVendor.mk
include device/google/gs201/BoardConfigLineage.mk
include device/google/gs201/BoardConfigEvolution.mk

9
BoardConfigEvolution.mk Normal file
View File

@@ -0,0 +1,9 @@
#
# Copyright (C) 2024 The Evolution X Project
#
# SPDX-License-Identifier: Apache-2.0
#
DISABLE_ARTIFACT_PATH_REQUIREMENTS := true
SPOOF_FIRST_API_LEVEL_32 := true

41
BoardConfigLineage.mk Normal file
View File

@@ -0,0 +1,41 @@
#
# Copyright (C) 2022 The LineageOS Project
#
# SPDX-License-Identifier: Apache-2.0
#
# Lineage Health
TARGET_HEALTH_CHARGING_CONTROL_SUPPORTS_DEADLINE := true
TARGET_HEALTH_CHARGING_CONTROL_SUPPORTS_TOGGLE := false
# Manifests
DEVICE_FRAMEWORK_COMPATIBILITY_MATRIX_FILE += vendor/lineage/config/device_framework_matrix.xml
DEVICE_MANIFEST_FILE += device/google/gs201/android.hardware.security.rkp-service.citadel.xml
ifneq ($(BOARD_WITHOUT_RADIO),true)
DEVICE_MANIFEST_FILE += device/google/gs201/manifest_radio_ds.xml
endif
# Partitions
AB_OTA_PARTITIONS += \
vendor \
vendor_dlkm
BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE := ext4
BOARD_VENDOR_DLKMIMAGE_FILE_SYSTEM_TYPE := ext4
TARGET_COPY_OUT_VENDOR_DLKM := vendor_dlkm
# Enable chain partition for vendor.
BOARD_AVB_VBMETA_VENDOR := vendor
BOARD_AVB_VBMETA_VENDOR_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
BOARD_AVB_VBMETA_VENDOR_ALGORITHM := SHA256_RSA2048
BOARD_AVB_VBMETA_VENDOR_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP)
BOARD_AVB_VBMETA_VENDOR_ROLLBACK_INDEX_LOCATION := 3
AB_OTA_PARTITIONS += \
vbmeta_vendor
# Reserve space for gapps install
-include vendor/lineage/config/BoardConfigReservedSize.mk
# Verified Boot
BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --flags 3

31
allowlist_com.google.android.as.xml Normal file
View File

@@ -0,0 +1,31 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (C) 2022 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<config>
<!-- Specify the explicit set of other applications that AI services are allowed to
interact with, including the providers that back the implementation of the APIs
provided by the package. -->
<allow-association target="com.google.android.as" allowed="com.android.bluetooth" />
<allow-association target="com.google.android.as" allowed="com.android.bluetooth.services" />
<allow-association target="com.google.android.as" allowed="com.android.providers.contacts" />
<allow-association target="com.google.android.as" allowed="com.android.providers.media" />
<allow-association target="com.google.android.as" allowed="com.android.providers.telephony" />
<allow-association target="com.google.android.as" allowed="com.android.systemui" />
<!-- AI services can bind to its open-source network component. -->
<allow-association target="com.google.android.as" allowed="com.google.android.as.oss" />
<!-- AI services open-source network component can only bind back to the core package. -->
<allow-association target="com.google.android.as.oss" allowed="com.google.android.as" />
</config>

7
android.hardware.security.rkp-service.citadel.xml Normal file
View File

@@ -0,0 +1,7 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.security.keymint</name>
<version>3</version>
<fqname>IRemotelyProvisionedComponent/strongbox</fqname>
</hal>
</manifest>

12
aosp_common.mk
View File

@@ -27,25 +27,29 @@ PRODUCT_ENFORCE_ARTIFACT_PATH_REQUIREMENTS := relaxed
# All components inherited here go to system_ext image
#
$(call inherit-product, $(SRC_TARGET_DIR)/product/handheld_system_ext.mk)
ifneq ($(BOARD_WITHOUT_RADIO),true)
$(call inherit-product, $(SRC_TARGET_DIR)/product/telephony_system_ext.mk)
endif
#
# All components inherited here go to product image
#
$(call inherit-product, $(SRC_TARGET_DIR)/product/aosp_product.mk)
$(call inherit-product, $(SRC_TARGET_DIR)/product/handheld_product.mk)
ifneq ($(BOARD_WITHOUT_RADIO),true)
$(call inherit-product, $(SRC_TARGET_DIR)/product/telephony_product.mk)
endif
#
# All components inherited here go to vendor image
#
# TODO(b/136525499): move *_vendor.mk into the vendor makefile later
$(call inherit-product, $(SRC_TARGET_DIR)/product/handheld_vendor.mk)
ifneq ($(BOARD_WITHOUT_RADIO),true)
$(call inherit-product, $(SRC_TARGET_DIR)/product/telephony_vendor.mk)
endif
#$(call inherit-product, device/google/gs201/device.mk)
#$(call inherit-product-if-exists, vendor/google_devices/gs201/proprietary/device-vendor.mk)
# TODO: fix
# PRODUCT_RESTRICT_VENDOR_FILES := all
# b/189477034: Bypass build time check on uses_libs until vendor fixes all their apps
PRODUCT_BROKEN_VERIFY_USES_LIBRARIES := true

15
conf/init.gs201.rc
View File

@@ -2,12 +2,11 @@ import /vendor/etc/init/hw/init.gs201.usb.rc
import android.hardware.drm@1.2-service.widevine.rc
import init.exynos.sensorhub.rc
on early-init && property:ro.debuggable=1
# Convert /dev/block/by-name/persist to ext4 on userdebug builds only
on early-init && property:ro.build.type=eng
# Convert /dev/block/by-name/persist to ext4 on eng builds only
exec -- /system_ext/bin/convert_to_ext4.sh /dev/block/by-name/persist false
mount_all /vendor/etc/fstab.persist --early
on early-init && property:ro.debuggable=0
on early-init
mount_all /vendor/etc/fstab.persist --early
on init
@@ -621,8 +620,8 @@ service abox /vendor/bin/main_abox 17c50000.abox
group audioserver
seclabel u:r:abox:s0
# on userdebug and eng builds, enable kgdb on the serial console
on property:ro.debuggable=1
# on eng builds, enable kgdb on the serial console
on property:ro.build.type=eng
write /sys/module/kgdboc/parameters/kgdboc ttyFIQ1
write /sys/module/fiq_debugger/parameters/kgdb_enable 1
@@ -834,8 +833,8 @@ on property:persist.sys.test_harness=1 && property:persist.vendor.testing_batte
setprop persist.vendor.charge.start.level 0
setprop vendor.battery.defender.disable 1
# on userdebug and eng builds, enable scsi error recovery log
on property:ro.debuggable=1
# on eng builds, enable scsi error recovery log
on property:ro.build.type=eng
write /sys/module/scsi_mod/parameters/scsi_logging_level 63
service init_display /vendor/bin/init.display.sh

2
conf/init.recovery.device.rc
View File

@@ -3,7 +3,7 @@ on init
setprop sys.usb.controller "11210000.dwc3"
setprop sys.usb.configfs 1
on init && property:ro.debuggable=1 && property:ro.boot.mode=recovery
on init && property:ro.build.type=eng && property:ro.boot.mode=recovery
start recovery-console
service recovery-console /system/bin/sh

53
device.mk
View File

@@ -91,7 +91,7 @@ PRODUCT_SOONG_NAMESPACES += \
vendor/samsung_slsi/telephony/$(BOARD_USES_SHARED_VENDOR_TELEPHONY)
endif
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
#Set IKE logs to verbose for WFC
PRODUCT_PROPERTY_OVERRIDES += log.tag.IKE=VERBOSE
@@ -110,7 +110,7 @@ PRODUCT_PROPERTY_OVERRIDES += log.tag.ShannonQNS-HC=DEBUG
include device/google/gs201/modem/userdebug.mk
endif
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
# b/36703476: Set default log size to 1M
PRODUCT_PROPERTY_OVERRIDES += \
ro.logd.size=1M
@@ -140,8 +140,10 @@ PRODUCT_PRODUCT_PROPERTIES += \
persist.radio.reboot_on_modem_change=false
# Configure DSDS by default
ifneq ($(BOARD_WITHOUT_RADIO),true)
PRODUCT_PRODUCT_PROPERTIES += \
persist.radio.multisim.config=dsds
endif
# Enable Early Camping
PRODUCT_PRODUCT_PROPERTIES += \
@@ -335,7 +337,7 @@ PRODUCT_COPY_FILES += \
PRODUCT_COPY_FILES += \
device/google/gs201/conf/init.gs201.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/hw/init.gs201.rc
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_COPY_FILES += \
device/google/gs201/conf/init.debug.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/init.debug.rc \
device/google/gs201/conf/init.check_ap_pd_auth.sh:$(TARGET_COPY_OUT_VENDOR)/bin/init.check_ap_pd_auth.sh
@@ -366,12 +368,9 @@ include device/google/gs-common/insmod/insmod.mk
PRODUCT_HOST_PACKAGES += \
mkdtimg
PRODUCT_PACKAGES += \
messaging
# CHRE
## tools
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += \
chre_power_test_client \
chre_test_client \
@@ -401,7 +400,7 @@ PRODUCT_PACKAGES += \
checkpoint_gc
# Vendor verbose logging default property
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.verbose_logging_enabled=true
else
@@ -457,7 +456,7 @@ PRODUCT_COPY_FILES += \
endif
# default usb debug functions
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.usb.usbradio.config=dm
endif
@@ -566,7 +565,6 @@ $(call soong_config_set,google3a_config,soc,gs201)
# WiFi
PRODUCT_PACKAGES += \
android.hardware.wifi-service \
wificond \
libwpa_client
@@ -574,11 +572,13 @@ PRODUCT_PACKAGES += \
PRODUCT_PACKAGES += \
ConnectivityOverlay
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
f2fs_io \
check_f2fs \
f2fs.fibmap \
dump.f2fs
endif
# Storage dump
include device/google/gs-common/storage/storage.mk
@@ -595,8 +595,7 @@ include device/google/gs-common/battery_mitigation/bcl.mk
# Enable project quotas and casefolding for emulated storage without sdcardfs
$(call inherit-product, $(SRC_TARGET_DIR)/product/emulated_storage.mk)
$(call inherit-product, $(SRC_TARGET_DIR)/product/virtual_ab_ota/android_t_baseline.mk)
PRODUCT_VIRTUAL_AB_COMPRESSION_METHOD := lz4
$(call inherit-product, $(SRC_TARGET_DIR)/product/virtual_ab_ota/launch_with_vendor_ramdisk.mk)
# Enforce generic ramdisk allow list
$(call inherit-product, $(SRC_TARGET_DIR)/product/generic_ramdisk.mk)
@@ -606,8 +605,10 @@ ifeq (,$(filter true, $(BOARD_WITHOUT_DTLS)))
include device/google/gs-common/dauntless/gsc.mk
endif
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
WvInstallKeybox
endif
# Copy Camera HFD Setfiles
#PRODUCT_COPY_FILES += \
@@ -660,7 +661,7 @@ PRODUCT_PROPERTY_OVERRIDES += \
debug.slsi_platform=1 \
debug.hwc.winupdate=1
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += displaycolor_service
endif
@@ -722,7 +723,11 @@ PRODUCT_DEFAULT_PROPERTY_OVERRIDES += vendor.hwc.dpp.downscale=2
PRODUCT_PROPERTY_OVERRIDES += \
ro.vendor.ddk.set.afbc=1
ifeq ($(USE_TABLET_BT_COD),true)
PRODUCT_CHARACTERISTICS := nosdcard,tablet
else
PRODUCT_CHARACTERISTICS := nosdcard
endif
# WIFI COEX
PRODUCT_COPY_FILES += \
@@ -734,7 +739,7 @@ PRODUCT_PACKAGES += wpa_supplicant.conf
WIFI_PRIV_CMD_UPDATE_MBO_CELL_STATUS := enabled
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += wpa_cli
PRODUCT_PACKAGES += hostapd_cli
endif
@@ -801,11 +806,13 @@ $(call inherit-product, system/core/trusty/trusty-base.mk)
include device/google/gs-common/trusty/trusty.mk
# Trusty unit test and code coverage tool
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
trusty-ut-ctrl \
tipc-test \
trusty_stats_test \
trusty-coverage-controller \
trusty-coverage-controller
endif
include device/google/gs101/confirmationui/confirmationui.mk
@@ -830,7 +837,7 @@ PRODUCT_PROPERTY_OVERRIDES += \
ro.frp.pst=/dev/block/by-name/frp
# System props to enable Bluetooth Quality Report (BQR) feature
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PRODUCT_PROPERTIES += \
persist.bluetooth.bqr.event_mask?=262174 \
persist.bluetooth.bqr.min_interval_ms=500
@@ -874,8 +881,8 @@ PRODUCT_PACKAGES += \
PRODUCT_PACKAGES += \
Iwlan
#Iwlan test app for userdebug/eng builds
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
#Iwlan test app for eng builds
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += \
IwlanTestApp
endif
@@ -898,8 +905,10 @@ $(call inherit-product-if-exists, vendor/samsung_slsi/telephony/$(BOARD_USES_SHA
PRODUCT_PACKAGES += ShannonIms
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
preinstalled-packages-product-gs201-device-debug.xml
endif
PRODUCT_PACKAGES += ShannonRcs
endif
@@ -940,7 +949,7 @@ PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.sys.modem.logging.enable=true
# Enable silent CP crash handling
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.ril.crash_handling_mode=1
else
@@ -985,11 +994,13 @@ PRODUCT_COPY_FILES += \
device/google/$(TARGET_BOARD_PLATFORM)/radio/config/Pixel_stability.nprf:$(TARGET_COPY_OUT_VENDOR)/etc/modem/Pixel_stability.nprf \
# Vibrator Diag
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
diag-vibrator \
diag-vibrator-cs40l25a \
diag-vibrator-drv2624 \
$(NULL)
endif
PRODUCT_PACKAGES += \
android.hardware.health-service.gs201 \
@@ -1028,7 +1039,7 @@ PRODUCT_PACKAGES += vndservicemanager
PRODUCT_PACKAGES += vndservice
## TinyTools, debug tool and cs35l41 speaker calibration tool for Audio
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += \
tinyplay \
tinycap \
@@ -1127,7 +1138,9 @@ USES_RADIOEXT_V1_5 = true
include hardware/google/pixel/wifi_ext/device.mk
# Battery Stats Viewer
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += BatteryStatsViewer
endif
PRODUCT_PACKAGES += dump_power_gs201.sh
# Install product specific framework compatibility matrix

8
dumpstate/dump_power_gs201.sh
View File

@@ -88,7 +88,7 @@ if [ -e "/dev/logbuffer_tcpm" ]
then
echo "\n------ Logbuffer TCPM ------"
cat "/dev/logbuffer_tcpm"
elif [ $build_type = "userdebug" ]
elif [ $build_type = "eng" ]
then
echo "\n------ TCPM logs ------"
if [ -d "/sys/kernel/debug/tcpm" ]
@@ -172,7 +172,7 @@ cat "/sys/class/power_supply/main-charger/device/registers_dump"
echo "\n------ max77729_pmic registers dump ------"
cat /sys/devices/platform/*.hsi2c/i2c-*/*-0066/registers_dump
if [ $build_type = "userdebug" ]
if [ $build_type = "eng" ]
then
echo "\n------ Charging table dump ------"
cat "/d/google_battery/chg_raw_profile"
@@ -226,7 +226,7 @@ fi
echo "\n------ Charger Stats ------"
cat "/sys/class/power_supply/battery/charge_details"
if [ $build_type = "userdebug" ]
if [ $build_type = "eng" ]
then
echo "\n------ Google Charger ------"
cd /sys/kernel/debug/google_charger/
@@ -253,7 +253,7 @@ cat "/sys/class/power_supply/wireless/device/fw_rev"
echo "\n------ RTX ------"
cat "/dev/logbuffer_rtx"
if [ $build_type = "userdebug" ]
if [ $build_type = "eng" ]
then
echo "\n------ gvotables ------"
cat /sys/kernel/debug/gvotables/*/status

6
evolution.dependencies Normal file
View File

@@ -0,0 +1,6 @@
[
{
"repository": "device_google_gs101",
"target_path": "device/google/gs101"
}
]

8
evolution_common.mk Normal file
View File

@@ -0,0 +1,8 @@
#
# Copyright (C) 2024 The Evolution X Project
#
# SPDX-License-Identifier: Apache-2.0
#
# PixelParts
include packages/apps/PixelParts/device.mk

34
lineage_common.mk Normal file
View File

@@ -0,0 +1,34 @@
#
# Copyright (C) 2022 The LineageOS Project
#
# SPDX-License-Identifier: Apache-2.0
#
# Overlays
DEVICE_PACKAGE_OVERLAYS += device/google/gs201/overlay-lineage
# AiAi Config
PRODUCT_COPY_FILES += \
device/google/gs201/allowlist_com.google.android.as.xml:$(TARGET_COPY_OUT_PRODUCT)/etc/sysconfig/allowlist_com.google.android.as.xml
# Camera
PRODUCT_PRODUCT_PROPERTIES += \
ro.vendor.camera.extensions.package=com.google.android.apps.camera.services \
ro.vendor.camera.extensions.service=com.google.android.apps.camera.services.extensions.service.PixelExtensions
# Google Assistant
PRODUCT_PRODUCT_PROPERTIES += ro.opa.eligible_device=true
# Lineage Health
include hardware/google/pixel/lineage_health/device.mk
# Linker config
PRODUCT_VENDOR_LINKER_CONFIG_FRAGMENTS += \
device/google/gs201/linker.config.json
# Parts
PRODUCT_PACKAGES += \
GoogleParts
# Touch
include hardware/google/pixel/touch/device.mk

5
linker.config.json Normal file
View File

@@ -0,0 +1,5 @@
{
"provideLibs": [
"liboemcrypto.so"
]
}

53
manifest_radio_ds.xml Normal file
View File

@@ -0,0 +1,53 @@
<manifest version="1.0" type="device">
<hal format="hidl">
<name>android.hardware.radio</name>
<transport>hwbinder</transport>
<fqname>@1.2::ISap/slot1</fqname>
<fqname>@1.2::ISap/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.config</name>
<fqname>IRadioConfig/default</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.data</name>
<fqname>IRadioData/slot1</fqname>
<fqname>IRadioData/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.messaging</name>
<fqname>IRadioMessaging/slot1</fqname>
<fqname>IRadioMessaging/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.modem</name>
<fqname>IRadioModem/slot1</fqname>
<fqname>IRadioModem/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.network</name>
<fqname>IRadioNetwork/slot1</fqname>
<fqname>IRadioNetwork/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.sim</name>
<fqname>IRadioSim/slot1</fqname>
<fqname>IRadioSim/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.voice</name>
<fqname>IRadioVoice/slot1</fqname>
<fqname>IRadioVoice/slot2</fqname>
</hal>
<hal format="hidl">
<name>android.hardware.secure_element</name>
<transport>hwbinder</transport>
<fqname>@1.2::ISecureElement/SIM1</fqname>
<fqname>@1.2::ISecureElement/SIM2</fqname>
</hal>
<hal format="hidl">
<name>vendor.samsung_slsi.telephony.hardware.radioExternal</name>
<transport>hwbinder</transport>
<fqname>@1.1::IOemSlsiRadioExternal/rilExternal</fqname>
</hal>
</manifest>

64
overlay-lineage/frameworks/base/core/res/res/values/config.xml Normal file
View File

@@ -0,0 +1,64 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/*
** Copyright 2021, The LineageOS Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<string-array name="config_nightDisplayColorTemperatureCoefficients">
<!-- R a-coefficient --> <item>0.0</item>
<!-- R b-coefficient --> <item>0.0</item>
<!-- R y-intercept --> <item>1.0</item>
<!-- G a-coefficient --> <item>-0.000000014365268757</item>
<!-- G b-coefficient --> <item>0.000255092801250106</item>
<!-- G y-intercept --> <item>-0.064156942434907716</item>
<!-- B a-coefficient --> <item>-0.000000000910931179</item>
<!-- B b-coefficient --> <item>0.000207598323269139</item>
<!-- B y-intercept --> <item>-0.349361641294833436</item>
</string-array>
<!-- List of comma separated package names for which we the system will not show crash, ANR,
etc. dialogs. -->
<string translatable="false" name="config_appsNotReportingCrashes">com.google.android.euicc</string>
<!-- Flag indicating whether we should enable the adaptive sleep.-->
<bool name="config_adaptive_sleep_available">true</bool>
<!-- The component name for the default system attention service.
This service must be trusted, as it can be activated without explicit consent of the user.
See android.attention.AttentionManagerService.
-->
<string name="config_defaultAttentionService" translatable="false">com.google.android.as/com.google.android.apps.miphone.aiai.attention.service.AiAiAttentionService</string>
<!-- Live Captions -->
<string name="config_defaultSystemCaptionsManagerService">com.google.android.as/com.google.android.apps.miphone.aiai.captions.SystemCaptionsManagerService</string>
<!-- Recents text and image selection for Pixel Launcher (not supported by Launcher3) -->
<string name="config_defaultContentSuggestionsService" translatable="false">com.google.android.as/com.google.android.apps.miphone.aiai.app.AiAiContentSuggestionsService</string>
<!-- Launcher app suggestions -->
<string name="config_defaultAppPredictionService" translatable="false">com.google.android.as/com.google.android.apps.miphone.aiai.app.AiAiPredictionService</string>
<!-- Make AiAi the default role holder for System Intelligence -->
<string name="config_systemAmbientAudioIntelligence">com.google.android.as</string>
<string name="config_systemAudioIntelligence">com.google.android.as</string>
<string name="config_systemNotificationIntelligence">com.google.android.as</string>
<string name="config_systemTextIntelligence">com.google.android.as</string>
<string name="config_systemUiIntelligence">com.google.android.as</string>
<string name="config_systemVisualIntelligence">com.google.android.as</string>
</resources>

24
overlay-lineage/frameworks/base/packages/SettingsProvider/res/values/defaults.xml Normal file
View File

@@ -0,0 +1,24 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/**
* Copyright 2021, The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-->
<resources>
<!-- Default screen brightness, from 0 to 255. 102 is 40%. -->
<integer name="def_screen_brightness">82</integer>
<!-- Set the automatic brightness mode on by default -->
<bool name="def_screen_brightness_automatic_mode">true</bool>
</resources>

34
overlay-lineage/frameworks/base/packages/SystemUI/res/values/config.xml Normal file
View File

@@ -0,0 +1,34 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/*
** Copyright 2009, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<!-- These resources are around just to allow their values to be customized
for different hardware and product builds. -->
<resources>
<!-- Should we vibrate on an icon animation of the shelf. This should only be active if the
vibrator is capable of subtle vibrations -->
<bool name="config_vibrateOnIconAnimation">true</bool>
<!-- Whether to show a warning notification when device's skin temperature is high. -->
<integer name="config_showTemperatureWarning">1</integer>
<!-- Whether to show a alarm dialog when device's usb port is overheating. -->
<integer name="config_showUsbPortAlarm">1</integer>
</resources>

29
overlay-lineage/lineage-sdk/lineage/res/res/values/config.xml Normal file
View File

@@ -0,0 +1,29 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/*
** Copyright 2019, The LineageOS Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<!-- Defines the actions shown in advanced reboot submenu -->
<string-array name="config_restartActionsList">
<item>restart</item>
<item>restart_systemui</item>
<item>restart_recovery</item>
<item>restart_fastboot</item>
<item>restart_bootloader</item>
</string-array>
</resources>

20
overlay-lineage/packages/apps/Dialer/java/com/android/dialer/callrecord/res/values/config.xml Normal file
View File

@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (C) 2021 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources>
<bool name="call_recording_enabled">true</bool>
<integer name="call_recording_audio_source">4</integer>
</resources>

39
overlay-lineage/packages/apps/Settings/res/values/config.xml Normal file
View File

@@ -0,0 +1,39 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (C) 2007 The Android Open Source Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<!-- The number of vibration intensity levels supported by the device.
Note that this should correspond to the ability to vary the vibration amplitude, with
enough dynamic range to have at least as many distinct intensity levels as defined here.
Supported values are 1, 2, 3. If '1', the settings app will use a toggle for the settings,
otherwise a slider. If '3', the settings app maps intensities directly to the levels
supported by the Vibrator HAL APIs. If '2', then the levels will be mapped to
VIBRATION_INTENSITY_LOW and VIBRATION_INTENSITY_HIGH, which gives the most range for
scaling vibrations. The medium intensity will be skipped.
The default intensity values are configured at
frameworks/base/core/res/res/values/config.xml's config_default[type]VibrationIntensity.
Make sure that each default intensity value is consistent with the supported levels set
here. If this settings supports only 2 levels, for example, then the default intensity
should be either LOW (1) or HIGH (3).
-->
<integer name="config_vibration_supported_intensity_levels">3</integer>
<!-- Whether to show the Preference for Adaptive connectivity -->
<bool name="config_show_adaptive_connectivity">true</bool>
</resources>

20
overlay-lineage/packages/apps/Settings/res/values/lineage_config.xml Normal file
View File

@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (C) 2020-2024 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources>
<!-- Show battery cycle count -->
<bool name="config_show_battery_cycle_count" translatable="false">true</bool>
</resources>

145
overlay-lineage/packages/apps/SimpleDeviceConfig/res/values/config.xml Normal file
View File

@@ -0,0 +1,145 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (C) 2020 The Proton AOSP Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources>
<string-array name="configs_device">
<!-- ConnectivityThermalPowerManager 5G modem monitoring rules -->
<item>connectivity_thermal_power_manager/apply_action_time_seconds=10</item>
<item>connectivity_thermal_power_manager/atm_power_threshold_mw=800</item>
<item>connectivity_thermal_power_manager/cellular_thermal_adaptive_thermal_status_adaptive_action_list=</item>
<item>connectivity_thermal_power_manager/criteria_4_enabled=true</item>
<item>connectivity_thermal_power_manager/wifi_disconnected_time_seconds=180</item>
<item>connectivity_thermal_power_manager/wifi_internet_driven_endc_product_carrier_id_set=shiba,husky,akita,komodo,tokay,caiman,comet@1,1989,2023,2576,2067,2071,2073,2577,2522,2075,2578,2083,2433,1949</item>
<!-- Live Caption (Pixel 2017 + OEM) -->
<item>device_personalization_services/Captions__allow_box_x_axis_movement=true</item>
<item>device_personalization_services/Captions__allow_use_public_speech_recognition=true</item>
<item>device_personalization_services/Captions__allow_voip_call_without_audio_recording=false</item>
<item>device_personalization_services/Captions__available_for_download=en-US;en-GB;en-CA;en-IE;en-AU;en-SG;en-IN;fr-FR;fr-CA;fr-BE;fr-CH;it-IT;it-CH;de-DE;de-AT;de-BE;de-CH;ja-JP;es-ES;es-US;cmn-Hant-TW;hi-IN</item>
<item>device_personalization_services/Captions__disable_prod=false</item>
<!-- <item>device_personalization_services/Captions__enable=false</item> -->
<item>device_personalization_services/Captions__enable_adaptive_box_width=true</item>
<item>device_personalization_services/Captions__enable_augmented_modality=true</item>
<item>device_personalization_services/Captions__enable_augmented_modality_input=true</item>
<item>device_personalization_services/Captions__enable_augmented_modality_language_detection=true</item>
<item>device_personalization_services/Captions__enable_augmented_music=true</item>
<!-- <item>device_personalization_services/Captions__enable_clearcut_logging=true</item> -->
<item>device_personalization_services/Captions__enable_drag_and_double_tap_to_resize=false</item>
<item>device_personalization_services/Captions__enable_language_detection=true</item>
<item>device_personalization_services/Captions__enable_one_caption_experiment=false</item>
<item>device_personalization_services/Captions__enable_punctuations=true</item>
<item>device_personalization_services/Captions__enable_setting_page=false</item>
<item>device_personalization_services/Captions__enable_text_transform=true</item>
<item>device_personalization_services/Captions__enable_westworld_logging=false</item>
<item>device_personalization_services/Captions__enable_zero_day=false</item>
<item>device_personalization_services/Captions__manifest_url_template=https://storage.googleapis.com/captions/%{NAMESPACE}_%{VERSION}_manifest.json</item>
<item>device_personalization_services/Captions__model_version_v1=20190613</item>
<item>device_personalization_services/Captions__model_version_v1_2=20200112</item>
<item>device_personalization_services/Captions__new_model_version=20210623</item>
<item>device_personalization_services/Captions__new_model_version_advanced_2022=20230807</item>
<item>device_personalization_services/Captions__speech_threshold=0.2</item>
<item>device_personalization_services/Captions__supported_languages=en-US;fr-FR;it-IT;de-DE;ja-JP;es-ES;cmn-Hant-TW;hi-IN</item>
<item>device_personalization_services/Captions__surface_sound_events=true</item>
<item>device_personalization_services/Captions__text_transform_augmented_input=true</item>
<item>device_personalization_services/Captions__visibility_playing_duration_millis=5000</item>
<item>device_personalization_services/Captions__visibility_stopped_duration_millis=1500</item>
<!-- Now Playing (Pixel 2017) -->
<item>device_personalization_services/NowPlaying__ambient_music_apk_music_detector_min_score=0.45</item>
<item>device_personalization_services/NowPlaying__ambient_music_get_model_state_cooldown_seconds_cloud_search=9</item>
<item>device_personalization_services/NowPlaying__ambient_music_index_manifest_17_09_02=3082:https://storage.googleapis.com/music-iq-db/updatable_db_v3/20240421-030101/manifest.json</item>
<item>device_personalization_services/NowPlaying__ambient_music_matcher_match_threshold_17_09_02=1.0E-6</item>
<item>device_personalization_services/NowPlaying__ambient_music_on_demand_enabled=true</item>
<item>device_personalization_services/NowPlaying__ambient_music_on_demand_music_confidence=0.48</item>
<item>device_personalization_services/NowPlaying__cloud_api_allowed=true</item>
<item>device_personalization_services/NowPlaying__dsp_model_checksum_enabled=true</item>
<!-- <item>device_personalization_services/NowPlaying__enable_usage_fa=true</item> -->
<item>device_personalization_services/NowPlaying__favorites_enabled=true</item>
<item>device_personalization_services/NowPlaying__feature_users_count_enabled=true</item>
<!-- <item>device_personalization_services/NowPlaying__federated_analytics_allowed=true</item> -->
<item>device_personalization_services/NowPlaying__handle_ambient_music_results_with_history=true</item>
<item>device_personalization_services/NowPlaying__min_training_interval_millis=86400000</item>
<item>device_personalization_services/NowPlaying__nnfp_v3_model_enabled=true</item>
<item>device_personalization_services/NowPlaying__on_demand_enable_eager_prompt=true</item>
<item>device_personalization_services/NowPlaying__on_demand_fingerprinter_being_setup_warning=true</item>
<item>device_personalization_services/NowPlaying__on_demand_hide_if_fingerprinter_install_not_confirmed=true</item>
<item>device_personalization_services/NowPlaying__on_demand_min_supported_aga_version=12.35.17</item>
<item>device_personalization_services/NowPlaying__on_demand_retry_fingerprinter_install=true</item>
<item>device_personalization_services/NowPlaying__youtube_export_enabled=true</item>
<!-- Adaptive Sound (Pixel 2020) -->
<item>device_personalization_services/AdaptiveAudio__enable_adaptive_audio=true</item>
<item>device_personalization_services/AdaptiveAudio__show_promo_notification=false</item>
<item>device_personalization_services/AdaptiveAudio__use_silence_detector_state_bug_fix=true</item>
<!-- Screen attention (Pixel 2019) -->
<item>device_personalization_services/Attention__accel_sensor_enabled=false</item>
<item>device_personalization_services/Attention__accel_sensor_threshold_mss=0.2</item>
<item>device_personalization_services/Attention__enabled=true</item>
<item>device_personalization_services/Attention__margin_horizontal_px=1000</item>
<item>device_personalization_services/Attention__margin_vertical_px=1000</item>
<item>device_personalization_services/Attention__proximity_sensor_enabled=false</item>
<!-- Translation -->
<item>device_personalization_services/Translate__app_blocklist=com.google.android.talk</item>
<item>device_personalization_services/Translate__blue_chip_translate_enabled=true</item>
<item>device_personalization_services/Translate__characterset_lang_detection_enabled=true</item>
<item>device_personalization_services/Translate__chat_translate_languages=de,en,es,fr,it,ja,hi,zh,ru,pl,pt,ko,th,tr,nl,zh_Hant,sv,da,vi,ar,fa,no,bn,fil</item>
<item>device_personalization_services/Translate__copy_to_translate_enabled=true</item>
<item>device_personalization_services/Translate__differentiate_simplified_and_traditional_chinese=true</item>
<item>device_personalization_services/Translate__disable_translate_without_system_animation=false</item>
<item>device_personalization_services/Translate__enable_chronicle_migration=true</item>
<item>device_personalization_services/Translate__enable_default_langid_model=false</item>
<item>device_personalization_services/Translate__enable_dictionary_langid_detection=true</item>
<item>device_personalization_services/Translate__enable_opmv4_service=true</item>
<item>device_personalization_services/Translate__enable_setup_wizard_dialog_v2=false</item>
<item>device_personalization_services/Translate__enable_spa_setting=false</item>
<item>device_personalization_services/Translate__interpreter_source_languages=de,en,ja,es,fr,it</item>
<item>device_personalization_services/Translate__interpreter_target_languages=de,en,ja,es,fr,it</item>
<item>device_personalization_services/Translate__replace_auto_translate_copied_text_enabled=true</item>
<item>device_personalization_services/Translate__text_to_text_language_list=vi,ja,fa,ro,nl,mr,mt,ar,ms,it,eo,is,et,es,iw,zh,uk,af,id,ur,mk,cy,hi,el,be,pt,lt,hr,lv,hu,ht,te,de,bg,th,bn,tl,pl,tr,kn,sv,gl,ko,sw,cs,da,ta,gu,ka,sl,ca,sk,ga,sq,no,fi,ru,fr,en,zh_Hant,fil</item>
<item>device_personalization_services/Translate__translation_service_enabled=true</item>
<item>device_personalization_services/Translate__translator_expiration_enabled=true</item>
<item>device_personalization_services/Translate__use_translate_kit_streaming_api=true</item>
<!-- Recents text selection (for Pixel Launcher users) -->
<item>device_personalization_services/Overview__enable_barcode_detection=false</item>
<item>device_personalization_services/Overview__enable_image_search=false</item>
<item>device_personalization_services/Overview__enable_image_selection=true</item>
<item>device_personalization_services/Overview__enable_japanese_ocr=true</item>
<item>device_personalization_services/Overview__enable_lens_r_overview_long_press=true</item>
<item>device_personalization_services/Overview__enable_lens_r_overview_select_mode=true</item>
<item>device_personalization_services/Overview__enable_lens_r_overview_translate_action=false</item>
<item>device_personalization_services/Overview__enable_overview=true</item>
<item>device_personalization_services/Overview__enable_pir_clearcut_logging=true</item>
<item>device_personalization_services/Overview__enable_pir_westworld_logging=true</item>
<item>device_personalization_services/Overview__enable_proactive_hints=false</item>
<item>device_personalization_services/Overview__enable_superpacks_pir_protocol=true</item>
<item>device_personalization_services/Overview__min_lens_agsa_app_version=301084649</item>
<!-- Disable federated learning -->
<item>device_personalization_services/OverviewFederatedAnalytics__enable_fa=false</item>
<item>device_personalization_services/OverviewFederatedAnalytics__enable_min_training_interval=false</item>
<item>device_personalization_services/OverviewFederatedAnalytics__enable_non_synthetic_logs=false</item>
<!-- Disable unused AiAi features -->
<item>device_personalization_services/Autofill__enable=false</item>
<item>device_personalization_services/Autofill__enable_fa=false</item>
<item>device_personalization_services/Fedex__enable_fedex=false</item>
<item>device_personalization_services/Logging__enable_aiai_clearcut_logging=false</item>
<item>device_personalization_services/NotificationAssistant__enable_service=false</item>
<item>device_personalization_services/VisualCortex__enable=false</item>
</string-array>
</resources>

27
overlay-lineage/packages/services/Telephony/res/values/config.xml Normal file
View File

@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright 2021, The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- Phone app resources that may need to be customized
for different hardware or product builds. -->
<resources>
<!-- The package name for the platform carrier config app, bundled with system image. -->
<string name="platform_carrier_config_package" translatable="false">com.google.android.carrier</string>
<!-- The package names which can request thermal mitigation. -->
<string-array name="thermal_mitigation_allowlisted_packages" translatable="false">
<item>com.google.android.connectivitythermalpowermanager</item>
</string-array>
</resources>

10
overlay/frameworks/base/core/res/res/values/config.xml
View File

@@ -117,11 +117,6 @@
<!-- Height of the status bar -->
<dimen name="status_bar_height_portrait">28dp</dimen>
<!-- Height of area above QQS where battery/time go (equal to status bar height if > 48dp) -->
<dimen name="quick_qs_offset_height">171px</dimen>
<!-- Total height of QQS (quick_qs_offset_height + 128dp) -->
<dimen name="quick_qs_total_height">177dp</dimen>
<!-- Shutdown if the battery temperature exceeds (this value * 0.1) Celsius. -->
<integer name="config_shutdownBatteryTemperature">600</integer>
@@ -243,12 +238,9 @@
<item>"/system/framework/framework.jar"</item>
<item>"/system/framework/services.jar"</item>
<item>"/system/bin/surfaceflinger"</item>
<item>"/system_ext/priv-app/SystemUIGoogle/SystemUIGoogle.apk"</item>
<item>"/system_ext/priv-app/SystemUI/SystemUI.apk"</item>
</string-array>
<!-- Should the pinner service pin the Camera application? -->
<bool name="config_pinnerCameraApp">true</bool>
<!-- Should the pinner service pin the Home application? -->
<bool name="config_pinnerHomeApp">true</bool>

23
parts/Android.bp Normal file
View File

@@ -0,0 +1,23 @@
//
// Copyright (C) 2021 The LineageOS Project
//
// SPDX-License-Identifier: Apache-2.0
//
android_app {
name: "GoogleParts",
srcs: ["src/**/*.java"],
certificate: "platform",
platform_apis: true,
privileged: true,
system_ext_specific: true,
static_libs: [
"org.lineageos.settings.resources",
],
optimize: {
proguard_flags_files: ["proguard.flags"],
},
}

48
parts/AndroidManifest.xml Normal file
View File

@@ -0,0 +1,48 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (C) 2021 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="org.lineageos.settings"
android:versionCode="1"
android:versionName="1.0"
android:sharedUserId="android.uid.system">
<queries>
<package android:name="com.google.android.gms" />
<package android:name="com.google.android.gsf" />
<package android:name="com.google.android.euicc" />
<package android:name="com.google.euiccpixel" />
</queries>
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-sdk
android:minSdkVersion="30"
android:targetSdkVersion="30"/>
<application
android:label="@string/device_settings_app_name"
android:persistent="true">
<receiver android:name=".BootCompletedReceiver">
<intent-filter>
<action android:name="android.intent.action.BOOT_COMPLETED" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</receiver>
</application>
</manifest>

3
parts/proguard.flags Normal file
View File

@@ -0,0 +1,3 @@
-keep class org.lineageos.settings.* {
*;
}

32
parts/src/org/lineageos/settings/BootCompletedReceiver.java Normal file
View File

@@ -0,0 +1,32 @@
/*
* Copyright (C) 2021 The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.lineageos.settings;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.util.Log;
public class BootCompletedReceiver extends BroadcastReceiver {
private static final String TAG = "GoogleParts";
@Override
public void onReceive(final Context context, Intent intent) {
Log.d(TAG, "Received boot completed intent");
EuiccDisabler.enableOrDisableEuicc(context);
}
}

71
parts/src/org/lineageos/settings/EuiccDisabler.java Normal file
View File

@@ -0,0 +1,71 @@
/*
* Copyright (C) 2021 The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.lineageos.settings;
import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.util.Log;
class EuiccDisabler {
private static final String TAG = "GoogleParts";
private static final String[] EUICC_DEPENDENCIES = new String[]{
"com.google.android.gms",
"com.google.android.gsf"
};
private static final String[] EUICC_PACKAGES = new String[]{
"com.google.android.euicc",
"com.google.euiccpixel"
};
private static boolean isInstalledAndEnabled(PackageManager pm, String pkgName) {
try {
PackageInfo info = pm.getPackageInfo(pkgName, 0);
Log.d(TAG, "package " + pkgName + " installed, " +
"enabled = " + info.applicationInfo.enabled);
return info.applicationInfo.enabled;
} catch (PackageManager.NameNotFoundException e) {
Log.d(TAG, "package " + pkgName + " is not installed");
return false;
}
}
private static boolean shouldDisable(PackageManager pm) {
for (String dep : EUICC_DEPENDENCIES) {
if (!isInstalledAndEnabled(pm, dep)) {
// Disable if any of the dependencies are disabled
return true;
}
}
return false;
}
public static void enableOrDisableEuicc(Context context) {
PackageManager pm = context.getPackageManager();
boolean disable = shouldDisable(pm);
int flag = disable
? PackageManager.COMPONENT_ENABLED_STATE_DISABLED
: PackageManager.COMPONENT_ENABLED_STATE_ENABLED;
for (String pkg : EUICC_PACKAGES) {
try {
pm.setApplicationEnabledSetting(pkg, flag, 0);
} catch (IllegalArgumentException e) {
Log.d(TAG, "package " + pkg + " is not present");
}
}
}
}

1
sepolicy/.gitupstream Normal file
View File

@@ -0,0 +1 @@
https://android.googlesource.com/device/google/gs201-sepolicy

4
sepolicy/OWNERS Normal file
View File

@@ -0,0 +1,4 @@
include device/google/gs-common:/sepolicy/OWNERS
adamshih@google.com

36
sepolicy/gs201-sepolicy.mk Normal file
View File

@@ -0,0 +1,36 @@
# ConnectivityThermalPowerManager
BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/connectivity_thermal_power_manager
# ramdump
BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/ramdump
# twoshay
BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/input
# google_battery service
BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/googlebattery
# sepolicy that are shared among devices using whitechapel
BOARD_SEPOLICY_DIRS += device/google/gs201/sepolicy/whitechapel_pro
# unresolved SELinux error log with bug tracking
BOARD_SEPOLICY_DIRS += device/google/gs201/sepolicy/tracking_denials
PRODUCT_PUBLIC_SEPOLICY_DIRS += device/google/gs201/sepolicy/public
PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/gs201/sepolicy/private
# system_ext
SYSTEM_EXT_PUBLIC_SEPOLICY_DIRS += device/google/gs201/sepolicy/system_ext/public
SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/gs201/sepolicy/system_ext/private
#
# Pixel-wide
#
# Dauntless sepolicy (b/199685763)
BOARD_SEPOLICY_DIRS += device/google/gs201/sepolicy/dauntless
# PowerStats HAL
BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/powerstats
# Health HAL
BOARD_SEPOLICY_DIRS += device/google/gs201/sepolicy/health

1
sepolicy/health/file_contexts Normal file
View File

@@ -0,0 +1 @@
/vendor/bin/hw/android\.hardware\.health-service\.gs201 u:object_r:hal_health_default_exec:s0

16
sepolicy/private/debug_camera_app.te Normal file
View File

@@ -0,0 +1,16 @@
typeattribute debug_camera_app coredomain;
userdebug_or_eng(`
app_domain(debug_camera_app)
net_domain(debug_camera_app)
allow debug_camera_app app_api_service:service_manager find;
allow debug_camera_app audioserver_service:service_manager find;
allow debug_camera_app cameraserver_service:service_manager find;
allow debug_camera_app mediaextractor_service:service_manager find;
allow debug_camera_app mediametrics_service:service_manager find;
allow debug_camera_app mediaserver_service:service_manager find;
# Allows camera app to access the PowerHAL.
hal_client_domain(debug_camera_app, hal_power)
')

17
sepolicy/private/google_camera_app.te Normal file
View File

@@ -0,0 +1,17 @@
typeattribute google_camera_app coredomain;
app_domain(google_camera_app)
net_domain(google_camera_app)
allow google_camera_app app_api_service:service_manager find;
allow google_camera_app audioserver_service:service_manager find;
allow google_camera_app cameraserver_service:service_manager find;
allow google_camera_app mediaextractor_service:service_manager find;
allow google_camera_app mediametrics_service:service_manager find;
allow google_camera_app mediaserver_service:service_manager find;
# Allows camera app to access the PowerHAL.
hal_client_domain(google_camera_app, hal_power)
# Library code may try to access vendor properties, but should be denied
dontaudit google_camera_app vendor_default_prop:file { getattr map open };

2
sepolicy/private/permissioncontroller_app.te Normal file
View File

@@ -0,0 +1,2 @@
allow permissioncontroller_app proc_vendor_sched:dir r_dir_perms;
allow permissioncontroller_app proc_vendor_sched:file w_file_perms;

1
sepolicy/private/radio.te Normal file
View File

@@ -0,0 +1 @@
add_service(radio, uce_service)

11
sepolicy/private/seapp_contexts Normal file
View File

@@ -0,0 +1,11 @@
# Google Camera
user=_app isPrivApp=true seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=all
# Also allow GoogleCameraNext, the fishfood version, the same access as GoogleCamera
user=_app seinfo=CameraFishfood name=com.google.android.apps.googlecamera.fishfood domain=google_camera_app type=app_data_file levelFrom=all
# Google Camera Eng
user=_app seinfo=CameraEng name=com.google.android.GoogleCameraEng domain=debug_camera_app type=app_data_file levelFrom=all
# Also label GoogleCameraNext, built with debug keys as debug_camera_app.
user=_app seinfo=CameraEng name=com.google.android.apps.googlecamera.fishfood domain=debug_camera_app type=app_data_file levelFrom=all

1
sepolicy/private/service_contexts Normal file
View File

@@ -0,0 +1 @@
telephony.oem.oemrilhook u:object_r:radio_service:s0

1
sepolicy/public/debug_camera_app.te Normal file
View File

@@ -0,0 +1 @@
type debug_camera_app, domain;

1
sepolicy/public/google_camera_app.te Normal file
View File

@@ -0,0 +1 @@
type google_camera_app, domain;

29
sepolicy/system_ext/private/certs/com_qorvo_uwb.x509.pem Normal file
View File

@@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIFyTCCA7GgAwIBAgIVANWkcWcmZf4abdvo9BViyvCckwRrMA0GCSqGSIb3DQEBCwUAMHQxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQw
EgYDVQQKEwtHb29nbGUgSW5jLjEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9pZDAg
Fw0yMTA1MDQwNTAyMDhaGA8yMDUxMDUwNDA1MDIwOFowdDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
CkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMu
MRAwDgYDVQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEAs41Lur5ric6Q5biv8m8gDzTJfGausbkJ0QRNXUOE2m5BaAs9YOoE1FRalYld
6VxySfDLpiSanE0O21Gk9QMRNZmN7Aybci79uyWF7zTPrP1yNTC0UJZu1ke5OzOtp5rLGSDRuFP2
oF/momrDT9w51ucDLGkhCr5a97O78yQRiN16MPrRjiB5/pTlt+d95auF5ZNnfshs5/z95Aw8HD/M
T2KjzeF6xANhkLL3pcaPN3CjSxFuj0o6W4R2rIezaw7yBvKlg2UtVaHMvPoEvrQTffCOL9PZeKWR
xwqKWwOWcG0mJNMYX9czOHS72UOfYEpAL5rqlrFslDG+oAm3Jt39aZwyJXIu6RutXDqzlPYE+vXY
K8bSUeLtBKklJA2VzfldIhjg8/+LNbLDjTYIGZqQjEbf25ACru9coeo49sTCepFAdW0eb+6wPlI9
xuK0DW1YEKP0yJRPsvM7beCwWIMZnT/dqITb5ALQI2lQ7Mfy6Oc5q5DB5eichP7wccpfPG5sls8e
q071Jx7SUFwqgXRlyrkTzsq+VachUGFs+4E43HeFLDsKdAuvnLBnxwpI33DwNzEVDnf4UVqc/mbg
tkLlTuYheqHnyJSJU6rzqXEe8vCjQwc5nz0MrQ0JHBTIEJ35y3tlQLzd8Km+NO2nspMDZA0fRO/V
Xaqr5ZftECU3fGUCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUk38scNBtcZ9dICGl
jytNyyMgaikwHwYDVR0jBBgwFoAUk38scNBtcZ9dICGljytNyyMgaikwDQYJKoZIhvcNAQELBQAD
ggIBAAthh8JaDOEFLUWXv7JhDWy/bsIg23p7adOui8ubWmE4843v2ZF874F09mHavP6oXfq69Ppq
H0K8+u8+vDunPLFutxSIvy+VCGq17T99LRE0d9aj11TNflanlONzt8qoBcWy7MEofqlxXkxx9upR
lUO89ASqyCr7r7UbWSjSGJlSapMParMXRSzRhOJCEdfvyfAMqTYMoekRnytcqR3ujUIXktALqkZe
WmVwJE+psstvPRSgDS3YR5j+B61u2GNBYie4x3Fwn0tcT5ioRlOGxptAUNtB/c7dEMYeYyeMw/rg
SGwzC3l3cQrJIObsPJGY7T9B6e8njP2ssytrM7ExjdB9nboIFifgBpQxNYhQpT5JyRM+yj7tDTm6
GdUzsxE6YgXxOazquIiF+K0RAprVj8Ztlz53VbHEubgFrc0zjc+KMNdGD7NvpP7Td4SNkb6hDLgO
CP43SgdjpCdqeEpgZhJVYDZ2C9LXmDjAmcIDWHYt+/WX7NEEURgeuSNJtMgS+/TxI1SAUkSFPsmJ
qoQUXywQJBJ8fZZv5dNXFr0C5GDql/Rjb7S2jB6ROcGr1wKEIakrFz0VFMhZetCogPZiwSN3IaET
/ZJZg+O+eckcZTIhPO7o7l+4uuIh+8o7TOy4qDJiX4hI3rpYLJr2nTNypsU8OWjqJTqKxGbJWzG5
Vtjc
-----END CERTIFICATE-----

7
sepolicy/system_ext/private/con_monitor.te Normal file
View File

@@ -0,0 +1,7 @@
typeattribute con_monitor_app coredomain;
app_domain(con_monitor_app)
set_prop(con_monitor_app, radio_prop)
allow con_monitor_app app_api_service:service_manager find;
allow con_monitor_app radio_service:service_manager find;

2
sepolicy/system_ext/private/file.te Normal file
View File

@@ -0,0 +1,2 @@
type uwb_vendor_data_file, file_type, data_file_type, app_data_file_type;

11
sepolicy/system_ext/private/hbmsvmanager_app.te Normal file
View File

@@ -0,0 +1,11 @@
typeattribute hbmsvmanager_app coredomain;
app_domain(hbmsvmanager_app);
allow hbmsvmanager_app proc_vendor_sched:dir r_dir_perms;
allow hbmsvmanager_app proc_vendor_sched:file w_file_perms;
# Standard system services
allow hbmsvmanager_app app_api_service:service_manager find;
allow hbmsvmanager_app cameraserver_service:service_manager find;

3
sepolicy/system_ext/private/keys.conf Normal file
View File

@@ -0,0 +1,3 @@
[@UWB]
ALL : device/google/gs201/sepolicy/system_ext/private/certs/com_qorvo_uwb.x509.pem

27
sepolicy/system_ext/private/mac_permissions.xml Normal file
View File

@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<policy>
<!--
* A signature is a hex encoded X.509 certificate or a tag defined in
keys.conf and is required for each signer tag.
* A signer tag may contain a seinfo tag and multiple package stanzas.
* A default tag is allowed that can contain policy for all apps not signed with a
previously listed cert. It may not contain any inner package stanzas.
* Each signer/default/package tag is allowed to contain one seinfo tag. This tag
represents additional info that each app can use in setting a SELinux security
context on the eventual process.
* When a package is installed the following logic is used to determine what seinfo
value, if any, is assigned.
- All signatures used to sign the app are checked first.
- If a signer stanza has inner package stanzas, those stanza will be checked
to try and match the package name of the app. If the package name matches
then that seinfo tag is used. If no inner package matches then the outer
seinfo tag is assigned.
- The default tag is consulted last if needed.
-->
<!-- google apps key -->
<signer signature="@UWB" >
<seinfo value="uwb" />
</signer>
</policy>

2
sepolicy/system_ext/private/platform_app.te Normal file
View File

@@ -0,0 +1,2 @@
# allow systemui access to fingerprint
hal_client_domain(platform_app, hal_fingerprint)

5
sepolicy/system_ext/private/property_contexts Normal file
View File

@@ -0,0 +1,5 @@
# Fingerprint (UDFPS) GHBM/LHBM toggle
persist.fingerprint.ghbm u:object_r:fingerprint_ghbm_prop:s0 exact bool
# Telephony
telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool

10
sepolicy/system_ext/private/seapp_contexts Normal file
View File

@@ -0,0 +1,10 @@
# Domain for connectivity monitor
user=_app isPrivApp=true seinfo=platform name=com.google.android.connectivitymonitor domain=con_monitor_app type=app_data_file levelFrom=all
# HbmSVManager
user=_app seinfo=platform name=com.android.hbmsvmanager domain=hbmsvmanager_app type=app_data_file levelFrom=all
# Qorvo UWB system app
# TODO(b/222204912): Should this run under uwb user?
user=_app isPrivApp=true seinfo=uwb name=com.qorvo.uwb.vendorservice domain=uwb_vendor_app type=uwb_vendor_data_file levelFrom=all

12
sepolicy/system_ext/private/uwb_vendor_app.te Normal file
View File

@@ -0,0 +1,12 @@
app_domain(uwb_vendor_app)
not_recovery(`
allow uwb_vendor_app app_api_service:service_manager find;
allow uwb_vendor_app nfc_service:service_manager find;
allow uwb_vendor_app radio_service:service_manager find;
allow uwb_vendor_app uwb_vendor_data_file:file create_file_perms;
allow uwb_vendor_app uwb_vendor_data_file:dir create_dir_perms;
')

2
sepolicy/system_ext/public/con_monitor.te Normal file
View File

@@ -0,0 +1,2 @@
# ConnectivityMonitor app
type con_monitor_app, domain;

1
sepolicy/system_ext/public/hbmsvmanager_app.te Normal file
View File

@@ -0,0 +1 @@
type hbmsvmanager_app, domain;

9
sepolicy/system_ext/public/property.te Normal file
View File

@@ -0,0 +1,9 @@
# Fingerprint (UDFPS) GHBM/LHBM toggle
system_vendor_config_prop(fingerprint_ghbm_prop)
# Telephony
system_public_prop(telephony_ril_prop)
userdebug_or_eng(`
set_prop(shell, telephony_ril_prop)
')

2
sepolicy/system_ext/public/uwb_vendor_app.te Normal file
View File

@@ -0,0 +1,2 @@
type uwb_vendor_app, domain;

2
sepolicy/tracking_denials/README.txt Normal file
View File

@@ -0,0 +1,2 @@
This folder stores known errors detected by PTS. Be sure to remove relevant
files to reproduce error log on latest ROMs.

13
sepolicy/tracking_denials/bug_map Normal file
View File

@@ -0,0 +1,13 @@
hal_face_default traced_producer_socket sock_file b/305600808
hal_power_default hal_power_default capability b/237492146
incidentd debugfs_wakeup_sources file b/282626428
incidentd incidentd anon_inode b/282626428
kernel dm_device blk_file b/319403445
kernel tmpfs chr_file b/321731318
rfsd vendor_cbd_prop file b/317734397
surfaceflinger selinuxfs file b/315104594
vendor_init default_prop file b/315104479
vendor_init default_prop file b/315104803
vendor_init default_prop file b/323086703
vendor_init default_prop file b/323086890
vendor_init default_prop property_service b/315104803

2
sepolicy/tracking_denials/dmd.te Normal file
View File

@@ -0,0 +1,2 @@
#b/303391666
dontaudit dmd servicemanager:binder { call };

2
sepolicy/tracking_denials/dumpstate.te Normal file
View File

@@ -0,0 +1,2 @@
# b/185723618
dontaudit dumpstate hal_power_stats_vendor_service:service_manager { find };

2
sepolicy/tracking_denials/rebalance_interrupts_vendor.te Normal file
View File

@@ -0,0 +1,2 @@
# b/214472867
dontaudit rebalance_interrupts_vendor rebalance_interrupts_vendor:capability { dac_override };

2
sepolicy/tracking_denials/servicemanager.te Normal file
View File

@@ -0,0 +1,2 @@
# b/305600595
dontaudit servicemanager hal_thermal_default:binder call;

1
sepolicy/whitechapel_pro/attributes Normal file
View File

@@ -0,0 +1 @@
attribute vendor_persist_type;

3
sepolicy/whitechapel_pro/audioserver.te Normal file
View File

@@ -0,0 +1,3 @@
# allow access to ALSA MMAP FDs for AAudio API
allow audioserver audio_device:chr_file r_file_perms;
allow audioserver audio_service:service_manager find;

9
sepolicy/whitechapel_pro/bipchmgr.te Normal file
View File

@@ -0,0 +1,9 @@
type bipchmgr, domain;
type bipchmgr_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(bipchmgr)
get_prop(bipchmgr, hwservicemanager_prop);
allow bipchmgr hal_exynos_rild_hwservice:hwservice_manager find;
hwbinder_use(bipchmgr)
binder_call(bipchmgr, rild)

5
sepolicy/whitechapel_pro/bluetooth.te Normal file
View File

@@ -0,0 +1,5 @@
allow bluetooth proc_vendor_sched:dir r_dir_perms;
allow bluetooth proc_vendor_sched:file w_file_perms;
allow hal_bluetooth_btlinux aoc_device:chr_file { getattr open read write };
allow hal_bluetooth_btlinux device:dir r_dir_perms;

5
sepolicy/whitechapel_pro/bootanim.te Normal file
View File

@@ -0,0 +1,5 @@
# TODO(b/62954877). On Android Wear, bootanim reads the time
# during boot to display. It currently gets that time from a file
# in /data/system. This should be moved. In the meantime, suppress
# this denial on phones since this functionality is not used.
dontaudit bootanim system_data_file:dir r_dir_perms;

1
sepolicy/whitechapel_pro/bootdevice_sysdev.te Normal file
View File

@@ -0,0 +1 @@
allow bootdevice_sysdev sysfs:filesystem associate;

9
sepolicy/whitechapel_pro/cat_engine_service_app.te Normal file
View File

@@ -0,0 +1,9 @@
type cat_engine_service_app, domain;
userdebug_or_eng(`
app_domain(cat_engine_service_app)
get_prop(cat_engine_service_app, vendor_rild_prop)
allow cat_engine_service_app app_api_service:service_manager find;
allow cat_engine_service_app system_app_data_file:dir create_dir_perms;
allow cat_engine_service_app system_app_data_file:file create_file_perms;
')

63
sepolicy/whitechapel_pro/cbd.te Normal file
View File

@@ -0,0 +1,63 @@
type cbd, domain;
type cbd_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(cbd)
set_prop(cbd, vendor_modem_prop)
set_prop(cbd, vendor_cbd_prop)
set_prop(cbd, vendor_rild_prop)
# Allow cbd to set gid/uid from too to radio
allow cbd self:capability { setgid setuid };
allow cbd mnt_vendor_file:dir r_dir_perms;
allow cbd kmsg_device:chr_file rw_file_perms;
allow cbd vendor_shell_exec:file execute_no_trans;
allow cbd vendor_toolbox_exec:file execute_no_trans;
# Allow cbd to access modem block device
allow cbd block_device:dir search;
allow cbd modem_block_device:blk_file r_file_perms;
# Allow cbd to access sysfs chosen files
allow cbd sysfs_chosen:file r_file_perms;
allow cbd sysfs_chosen:dir r_dir_perms;
allow cbd radio_device:chr_file rw_file_perms;
allow cbd proc_cmdline:file r_file_perms;
allow cbd persist_modem_file:dir create_dir_perms;
allow cbd persist_modem_file:file create_file_perms;
allow cbd persist_file:dir search;
allow cbd radio_vendor_data_file:dir create_dir_perms;
allow cbd radio_vendor_data_file:file create_file_perms;
# Allow cbd to operate with modem EFS file/dir
allow cbd modem_efs_file:dir create_dir_perms;
allow cbd modem_efs_file:file create_file_perms;
# Allow cbd to operate with modem userdata file/dir
allow cbd modem_userdata_file:dir create_dir_perms;
allow cbd modem_userdata_file:file create_file_perms;
# Allow cbd to access modem image file/dir
allow cbd modem_img_file:dir r_dir_perms;
allow cbd modem_img_file:file r_file_perms;
allow cbd modem_img_file:lnk_file r_file_perms;
# Allow cbd to collect crash info
allow cbd sscoredump_vendor_data_crashinfo_file:dir create_dir_perms;
allow cbd sscoredump_vendor_data_crashinfo_file:file create_file_perms;
userdebug_or_eng(`
r_dir_file(cbd, vendor_slog_file)
allow cbd kernel:system syslog_read;
allow cbd sscoredump_vendor_data_coredump_file:dir create_dir_perms;
allow cbd sscoredump_vendor_data_coredump_file:file create_file_perms;
')

13
sepolicy/whitechapel_pro/cbrs_setup.te Normal file
View File

@@ -0,0 +1,13 @@
# GoogleCBRS app
type cbrs_setup_app, domain;
userdebug_or_eng(`
app_domain(cbrs_setup_app)
net_domain(cbrs_setup_app)
allow cbrs_setup_app app_api_service:service_manager find;
allow cbrs_setup_app cameraserver_service:service_manager find;
allow cbrs_setup_app radio_service:service_manager find;
set_prop(cbrs_setup_app, radio_prop)
set_prop(cbrs_setup_app, vendor_rild_prop)
')

10
sepolicy/whitechapel_pro/cccdk_timesync_app.te Normal file
View File

@@ -0,0 +1,10 @@
type vendor_cccdktimesync_app, domain;
app_domain(vendor_cccdktimesync_app)
allow vendor_cccdktimesync_app app_api_service:service_manager find;
binder_call(vendor_cccdktimesync_app, hal_bluetooth_btlinux)
allow vendor_cccdktimesync_app hal_bluetooth_coexistence_hwservice:hwservice_manager find;
# allow the HAL to call our registered callbacks
binder_call(hal_bluetooth_btlinux, vendor_cccdktimesync_app)

33
sepolicy/whitechapel_pro/certs/EuiccSupportPixel.x509.pem Normal file
View File

@@ -0,0 +1,33 @@
-----BEGIN CERTIFICATE-----
MIIFxjCCA66gAwIBAgIURH+ESClecwsP2Et2gQ1RAHxabWcwDQYJKoZIhvcNAQEL
BQAwdDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcT
DU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMuMRAwDgYDVQQLEwdB
bmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMB4XDTE5MDIyODE5MjIxNloXDTQ5MDIy
ODE5MjIxNlowdDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU
BgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMuMRAwDgYD
VQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMIICIjANBgkqhkiG9w0BAQEF
AAOCAg8AMIICCgKCAgEA5AVOe4SKiCOnR4DQ2V3sIo5LNpGtmdzZ54MnHIrsSX8n
43xtCTpfQWDWnDZFCIHSmR8KAOQ0BNxL8ajtr66gU6tFzD5Vlistwl9P9uUlYWgG
aeyEoOUqtiN2HtsJDpcCLYKOz6oH2c5NeruDp5n/Z49xpXXXLgoOTlsoS65tsTcW
FrcSuuOE40UyFJ+Rwhh1EiXGPvT99gaXNnDq5WIsPNNe39jV7f01lZs/g5iUn4dV
A/DxLMam/CQh7qQkh6qWkDL8koQ21N9xEZYTR8qvGvgz3Zd1yfT0P1HsgJaPXK5F
qb2vLV1NP8KoYIlB2KqadCn+HJjIgH8UIbB+R8o6KuWCYzLb5vPs87HkXG5/Y+GB
7HrCIC+6a8BJ4UUyjUkg/HtBd7GlEixZKLtbcJ3erdfL7uigjCJEqAYDXr2Zes31
898ePcl3YQO5/rHobB7f4w3iF/TwIAAyRRlOceoskCEa/vCbmb7I8HQIJthSNedW
cBiKUneohCtfLT3qS0JUVZewiFRMOVD8mwcZFr4o/UfVslEe8DpBp0WXs/83OeEJ
dtfRc861jdOJ7EIyfDmBX91iWgLCBgv6aXtMvP7CwgZV7y+C+WbbsjYTYSjsNVSA
1uexVPozsSkIjxote0aAiu6+b8LAq9bq2c6Yc6MoldgBqlfcwvFzlKqlm966q6UC
AwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUuH5K2ov/9L++x+8UhrCD
hNdJm6EwHwYDVR0jBBgwFoAUuH5K2ov/9L++x+8UhrCDhNdJm6EwDQYJKoZIhvcN
AQELBQADggIBAIV1Wx+iwchzxx+ggbWlmJx+oPya2axvj8cgbLGujxI+nmtY2b7U
vzazggubioxJJW7rzemLMDwfKPlfiZkIeQmBe2YJhHiwIPaRAB2juZTfQARsEkd4
qYvcIDui6PbbgitLWOh3lYNDcVe/c8+EwbJuNNSqjPwIZvj2lodTQNI7uUy1ff5h
ytHsznObr/rh+MeJlKKY56JL6VEzsD694iVFxJ7f4FXK5Y0pjqYmGj1krcfMFoxH
PAmj57yf3VVzeGKx5re+5WIMe5K0RZB9IWxfvx1DsxXvzVeaHYW/c6VF7TVT/RUV
+iLtst+1A1RJbeXDu3uLHxPAC44WUb3FQOUKPRP2cIul70ifJSbvu+qLuyfgwltX
yYIeQMSrUw4WK6NMNYaIPgEq1BX4rLUlKxlH4xaNwT5ZCWLTRdWozYP5FFSMdQhh
Ob1Ki81wKmr1f9EkXoW9eGRZBj3tAg90k0qltel30eLpW6gmnNg+la84nyaXfBF3
vQAbaAuW5D3TAMWR/Wl6nHoPItdrXHkyMRvQkzx2ezKz61ZP3uDfEZvMLXR0lle8
s6pTZB3GLS4mY9LFQdDwPlc1xk8yEcdnUAZs+9U6zZF1+FKSgb3UNy81g2DHUMp0
FCBXTy+kLm0LQVYU91kLd+fTkmgkWl4xSyXeV5g3FFuiv9ahl7//vvCG
-----END CERTIFICATE-----

27
sepolicy/whitechapel_pro/certs/app.x509.pem Normal file
View File

@@ -0,0 +1,27 @@
-----BEGIN CERTIFICATE-----
MIIEqDCCA5CgAwIBAgIJANWFuGx90071MA0GCSqGSIb3DQEBBAUAMIGUMQswCQYD
VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4g
VmlldzEQMA4GA1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UE
AxMHQW5kcm9pZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTAe
Fw0wODA0MTUyMzM2NTZaFw0zNTA5MDEyMzM2NTZaMIGUMQswCQYDVQQGEwJVUzET
MBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4G
A1UEChMHQW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9p
ZDEiMCAGCSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbTCCASAwDQYJKoZI
hvcNAQEBBQADggENADCCAQgCggEBANbOLggKv+IxTdGNs8/TGFy0PTP6DHThvbbR
24kT9ixcOd9W+EaBPWW+wPPKQmsHxajtWjmQwWfna8mZuSeJS48LIgAZlKkpFeVy
xW0qMBujb8X8ETrWy550NaFtI6t9+u7hZeTfHwqNvacKhp1RbE6dBRGWynwMVX8X
W8N1+UjFaq6GCJukT4qmpN2afb8sCjUigq0GuMwYXrFVee74bQgLHWGJwPmvmLHC
69EH6kWr22ijx4OKXlSIx2xT1AsSHee70w5iDBiK4aph27yH3TxkXy9V89TDdexA
cKk/cVHYNnDBapcavl7y0RiQ4biu8ymM8Ga/nmzhRKya6G0cGw8CAQOjgfwwgfkw
HQYDVR0OBBYEFI0cxb6VTEM8YYY6FbBMvAPyT+CyMIHJBgNVHSMEgcEwgb6AFI0c
xb6VTEM8YYY6FbBMvAPyT+CyoYGapIGXMIGUMQswCQYDVQQGEwJVUzETMBEGA1UE
CBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEQMA4GA1UEChMH
QW5kcm9pZDEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9pZDEiMCAG
CSqGSIb3DQEJARYTYW5kcm9pZEBhbmRyb2lkLmNvbYIJANWFuGx90071MAwGA1Ud
EwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBABnTDPEF+3iSP0wNfdIjIz1AlnrP
zgAIHVvXxunW7SBrDhEglQZBbKJEk5kT0mtKoOD1JMrSu1xuTKEBahWRbqHsXcla
XjoBADb0kkjVEJu/Lh5hgYZnOjvlba8Ld7HCKePCVePoTJBdI4fvugnL8TsgK05a
IskyY0hKI9L8KfqfGTl1lzOv2KoWD0KWwtAWPoGChZxmQ+nBli+gwYMzM1vAkP+a
ayLe0a1EQimlOalO762r0GXO0ks+UeXde2Z4e+8S/pf7pITEI/tP+MxJTALw9QUW
Ev9lKTk+jkbqxbsh8nfBUapfKqYn0eidpwq2AzVp3juYl7//fKnaPhJD9gs=
-----END CERTIFICATE-----

17
sepolicy/whitechapel_pro/certs/camera_eng.x509.pem Normal file
View File

@@ -0,0 +1,17 @@
-----BEGIN CERTIFICATE-----
MIICpzCCAmWgAwIBAgIEUAV8QjALBgcqhkjOOAQDBQAwNzELMAkGA1UEBhMCVVMx
EDAOBgNVBAoTB0FuZHJvaWQxFjAUBgNVBAMTDUFuZHJvaWQgRGVidWcwHhcNMTIw
NzE3MTQ1MjUwWhcNMjIwNzE1MTQ1MjUwWjA3MQswCQYDVQQGEwJVUzEQMA4GA1UE
ChMHQW5kcm9pZDEWMBQGA1UEAxMNQW5kcm9pZCBEZWJ1ZzCCAbcwggEsBgcqhkjO
OAQBMIIBHwKBgQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR
+1k9jVj6v8X1ujD2y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb
+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdg
UI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlX
TAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCj
rh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQB
TDv+z0kqA4GEAAKBgGrRG9fVZtJ69DnALkForP1FtL6FvJmMe5uOHHdUaT+MDUKK
pPzhEISBOEJPpozRMFJO7/bxNzhjgi+mNymL/k1GoLhmZe7wQRc5AQNbHIBqoxgY
DTA6qMyeWSPgam+r+nVoPEU7sgd3fPL958+xmxQwOBSqHfe0PVsiK1cGtIuUMAsG
ByqGSM44BAMFAAMvADAsAhQJ0tGwRwIptb7SkCZh0RLycMXmHQIUZ1ACBqeAULp4
rscXTxYEf4Tqovc=
-----END CERTIFICATE-----

15
sepolicy/whitechapel_pro/certs/camera_fishfood.x509.pem Normal file
View File

@@ -0,0 +1,15 @@
-----BEGIN CERTIFICATE-----
MIICUjCCAbsCBEk0mH4wDQYJKoZIhvcNAQEEBQAwcDELMAkGA1UEBhMCVVMxCzAJ
BgNVBAgTAkNBMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQwEgYDVQQKEwtHb29n
bGUsIEluYzEUMBIGA1UECxMLR29vZ2xlLCBJbmMxEDAOBgNVBAMTB1Vua25vd24w
HhcNMDgxMjAyMDIwNzU4WhcNMzYwNDE5MDIwNzU4WjBwMQswCQYDVQQGEwJVUzEL
MAkGA1UECBMCQ0ExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dv
b2dsZSwgSW5jMRQwEgYDVQQLEwtHb29nbGUsIEluYzEQMA4GA1UEAxMHVW5rbm93
bjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAn0gDGZD5sUcmOE4EU9GPjAu/
jcd7JQSksSB8TGxEurwArcZhD6a2qy2oDjPy7vFrJqP2uFua+sqQn/u+s/TJT36B
IqeY4OunXO090in6c2X0FRZBWqnBYX3Vg84Zuuigu9iF/BeptL0mQIBRIarbk3fe
tAATOBQYiC7FIoL8WA0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQBAhmae1jHaQ4Td
0GHSJuBzuYzEuZ34teS+njy+l1Aeg98cb6lZwM5gXE/SrG0chM7eIEdsurGb6PIg
Ov93F61lLY/MiQcI0SFtqERXWSZJ4OnTxLtM9Y2hnbHU/EG8uVhPZOZfQQ0FKf1b
aIOMFB0Km9HbEZHLKg33kOoMsS2zpA==
-----END CERTIFICATE-----

30
sepolicy/whitechapel_pro/certs/com_google_android_apps_camera_services.x509.pem Normal file
View File

@@ -0,0 +1,30 @@
-----BEGIN CERTIFICATE-----
MIIGCzCCA/OgAwIBAgIVAIHtywgrR7O/EgQ+PeYSfHDaUDt8MA0GCSqGSIb3DQEBCwUAMIGUMQsw
CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU
MBIGA1UEChMLR29vZ2xlIEluYy4xEDAOBgNVBAsTB0FuZHJvaWQxMDAuBgNVBAMMJ2NvbV9nb29n
bGVfYW5kcm9pZF9hcHBzX2NhbWVyYV9zZXJ2aWNlczAgFw0yMTA2MzAyMzI2MThaGA8yMDUxMDYz
MDIzMjYxOFowgZQxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1N
b3VudGFpbiBWaWV3MRQwEgYDVQQKEwtHb29nbGUgSW5jLjEQMA4GA1UECxMHQW5kcm9pZDEwMC4G
A1UEAwwnY29tX2dvb2dsZV9hbmRyb2lkX2FwcHNfY2FtZXJhX3NlcnZpY2VzMIICIjANBgkqhkiG
9w0BAQEFAAOCAg8AMIICCgKCAgEAof2MqYxoQkV05oUZULYlNLDIJKryWjC8ha300YUktBNNVBSP
1y33+ZTBldm7drcBGo54S1JE1lCIP1dMxby0rNTJ8/Zv2bMVMjXX0haF5vULt64itDcR0SqUDfFR
UsHapPVmRmMpDOMOUYUbN7gjU7iYAc9oWBo6BFfckdpwwKfzYY/sgieen1E/MN7Zpzmefct3WDU5
4Dc8mpoNsen3oqquieYAgv9FOw5gCIgsDaOfYFBgvAE08Pqo3J/zU6dAuqUJztNH8EhgTNbcaNVL
jCmofa+iIAjSpmP69jcgaUyfmH0EE3/m55qouVRJzqARvmEO/M7LEr3n1ZKKhDZdO6TJysMzP9g8
pONPO8/3hTQ+GP+7fOQooNQJEGNgJuZOHSyNL/8nGCgHBZKgZdZPKk8HV2M578UDf8yNyV5AYpx0
VK1JdoBtNMzp0cv7Q6TTugIuDEzT3jmgGGp6WmXE6B9dJOq+cnVC7cSYva8wctFS3RpoqT79vkW3
A7g2b26bM5GMQ8KcGC4qm4pJkrX5kKZWZGWXjm0F8gRJQ5D0S/AcUw3B+sG/AmfQzLm8SCK36HhO
sFnPsQJ/VdL7kg9HHWrQYVexNaQnD/QLOCenk09COUzSwexws+kQhUH45OSbQFjOJwPbS4YAn9qV
eV+DPlvemZEFYF5+MVlDwOGQ3JsCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUtjMO
nlaC4nsk4PwT+fcIYpg52JQwHwYDVR0jBBgwFoAUtjMOnlaC4nsk4PwT+fcIYpg52JQwDQYJKoZI
hvcNAQELBQADggIBABhYDqPD2yWiXNCVtHk6h7Kb2H2U3rc8G7Or1/mwrXSCEgqHnCkpiWeb1h/5
YNS9fRrexQD+O0hukCpjvIFccQvk8EkZdWpn4kDlrUqfakWpASzlwEqRviS31Hiybn/+QUpYuDTm
FYorrHzDzPiNttzxVK0ENt4T4ETDWVqiGB7tbTlLPr6tz/oxDjRH8y4iS/For7SkfdI512txJgDr
njvRVY9WJykySs+AAqwS1PIMXGoI03UmLJUsFNUjHehaqguPS1uiewlKiQq07blWbnQXdcyH7QTI
hOUPY2rRBh8ciXu4L0Uk4To7+DP/8nHSGC7qXPvP6W3gqW1hj0d6GviMEfJ9fBSUEzaCRF3aL/5e
JOGQQKxh7Jsl/zZs4+MYg0Q2cyg/BQVNNOhESG4et4OV5go9W+1oAy20FV0NgtdPoeb9ABNoi4T3
IrKLgxOsbACpoDt3zPhncqiJhX3feFtyVV4oRiylydiiYO927qNdfMGmcnGFSG4814kUxSdpkoCA
V7WCQD42zfBYj4pkdZwiJW4yZSaPWN/Eodi3PBsV+10Y1O1WOvebJuTGmcvWWMCPGtFQJDijUy4H
r8rDe3ZmRGQ+vEGPJZC8nx9+qxLQ314ZCzdS0R1HwRRuOji3fCSCnaPQuCFe3YlzhB2j6fRGNf7F
DB17LhMLl0GxX9j1
-----END CERTIFICATE-----

29
sepolicy/whitechapel_pro/certs/com_google_mds.x509.pem Normal file
View File

@@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIFxjCCA66gAwIBAgIUHaTgvNgfCuCnEGvjMtysCgoCclIwDQYJKoZIhvcNAQELBQAwdDELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDAS
BgNVBAoTC0dvb2dsZSBJbmMuMRAwDgYDVQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMB4X
DTE5MDQyMjE0NTcwNVoXDTQ5MDQyMjE0NTcwNVowdDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
bGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMuMRAw
DgYDVQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
MIICCgKCAgEAwrx6YQqIIvZEULv/1AAF8HR4t0kPnZsgGwoR3SrumpGCNRPjAN8yztJi6fdNZSLn
lj7giXZm16lDTWQ+/bKwuDof5adaRuE7nrf2oVTzRQ3Z1XFcw0400mQ0EHZYTBV6wgl9/K4zepIi
/149Vyy0ynkiB3kmZYCDS6VfOvHHyqxxuKlwF2ry0YILGo3PwaNDiONizpq2RtLNIYseyK6ow5QH
wHtL81n8bc3bIbwJjrKnCef2WDEy8ZaVMyLIYZwYZ3rw4MLQVF5Pqy93RKMfz7ZzJaERlwWsqz01
2Ae1QpP82MBQVMoAUhjFKO3XAlD1592nx1zNzf5kpwGhTEpSWrnVS3UUW3ISBactM/fihmjOot5S
UXidLa0W2FvJuLDn0XL7TnwLU8MOekesKKQQa17ESEGTpSlJP3nw/xccbaYAzXof6yRJ3iJnNsGG
2njAxC9XqxwaaV4PsomfFueqgx0u3wQsPWskTbRgLQK3z/V8+hoTxsrZ4VE23DZ3z4vz4CXn/1Iz
up7Gceun4cBqEYz+leVsc3ML28dsbOmoju910uOeCH28D6aDHRKzsGClj09bUeL/ZpStLEPA1AU+
Nju2Y7rQI1T0l7tWIhKq5W6pPPpZcePNNflLvF72gudEa5v/PQGjWmElXOEMmzpRhqZovaDbcpej
CWu11DeYtfkCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUEdfzOO0hHPuLPlpdLAtl
gtAUNckwHwYDVR0jBBgwFoAUEdfzOO0hHPuLPlpdLAtlgtAUNckwDQYJKoZIhvcNAQELBQADggIB
AHUv2QmPiuvFHmroIn0GztonAEKcHYENCKvC7nDGrj7MedD46Fn7mC1Nej2yuXM8KOkpjapjOA9o
4ggV75R28HDkHP3Ies1xK1TejPGekxfvvLP+RmWFJPiuKaVhwn78BM4IWSSqKA3vh/pZH+OqK8kO
HK1BpFkwvlyira025XGnCPWzBNij9pMqioUpGjz3Pp7cw2iPY1tTlcmYXsCns7AbZ9Z3YNav7Zx6
jku9aJRsdAtW3tfKi4rmuh0VAYVmlp4BmcVkmRKozYn8QKyB/PAhGbDAnIwDzoHsrFvwxpKwMJJs
JFVumvh9JrGq0YvY6R52DzA7+KvWkAMe22JXW70EhSZ8QD5t7WphZ683Hpjf5fWpWXcU/fUqkihi
HPy9ogiNlJ5hYaDMbkKyA2vzsagJorK4V1pXg3gk7D96MOE5wFSROd/WQit8W+4ApkF3DOIjyCEC
KHAZVkcp8nx//hs50GoirtUhLpj4PcYHUg6I2c+Gx/krSOQD/fxuC7PWxE5whIZRBaXIkHWALufR
e7eeFI9peEu/nvn/MjNXyVoUbuQ3Ja4QFt+Ku7+KU+numH8ajBCzaPeu6bxosVNXyiDAxDI+Tfuk
jn37lHw/TQ8athakHqhxg63+nwsbnkyd0S1qPG38ocHqLliPBVz8nntcmUR1PdeFZpvGGlD83sJV
-----END CERTIFICATE-----

10
sepolicy/whitechapel_pro/charger_vendor.te Normal file
View File

@@ -0,0 +1,10 @@
allow charger_vendor mnt_vendor_file:dir search;
allow charger_vendor sysfs_batteryinfo:file w_file_perms;
allow charger_vendor persist_file:dir search;
allow charger_vendor persist_battery_file:dir search;
allow charger_vendor persist_battery_file:file rw_file_perms;
allow charger_vendor sysfs_scsi_devices_0000:file r_file_perms;
allow charger_vendor sysfs_thermal:file w_file_perms;
allow charger_vendor sysfs_thermal:lnk_file read;
allow charger_vendor thermal_link_device:dir search;
set_prop(charger_vendor, vendor_battery_defender_prop)

31
sepolicy/whitechapel_pro/chre.te Normal file
View File

@@ -0,0 +1,31 @@
type chre, domain;
type chre_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(chre)
# Permit communication with AoC
allow chre aoc_device:chr_file rw_file_perms;
# Allow CHRE to determine AoC's current clock
allow chre sysfs_aoc:dir search;
allow chre sysfs_aoc_boottime:file r_file_perms;
# Allow CHRE to create thread to watch AOC's device
allow chre device:dir r_dir_perms;
# Allow CHRE to use the USF low latency transport
usf_low_latency_transport(chre)
# Allow CHRE to talk to the WiFi HAL
allow chre hal_wifi_ext:binder { call transfer };
allow chre hal_wifi_ext_hwservice:hwservice_manager find;
allow chre hal_wifi_ext_service:service_manager find;
# Allow CHRE host to talk to stats service
allow chre fwk_stats_service:service_manager find;
binder_call(chre, stats_service_server)
# Allow CHRE to use WakeLock
wakelock_use(chre)
# Allow CHRE to block suspend, which is required to use EPOLLWAKEUP.
allow chre self:global_capability2_class_set block_suspend;

2
sepolicy/whitechapel_pro/con_monitor.te Normal file
View File

@@ -0,0 +1,2 @@
allow con_monitor_app radio_vendor_data_file:dir rw_dir_perms;
allow con_monitor_app radio_vendor_data_file:file create_file_perms;

34
sepolicy/whitechapel_pro/convert-to-ext4-sh.te Normal file
View File

@@ -0,0 +1,34 @@
type convert-to-ext4-sh, domain, coredomain;
type convert-to-ext4-sh_exec, system_file_type, exec_type, file_type;
userdebug_or_eng(`
permissive convert-to-ext4-sh;
init_daemon_domain(convert-to-ext4-sh)
allow convert-to-ext4-sh block_device:dir search;
allow convert-to-ext4-sh e2fs_exec:file rx_file_perms;
allow convert-to-ext4-sh efs_block_device:blk_file rw_file_perms;
allow convert-to-ext4-sh kernel:process setsched;
allow convert-to-ext4-sh kmsg_device:chr_file rw_file_perms;
allow convert-to-ext4-sh persist_block_device:blk_file { getattr ioctl open read write };
allow convert-to-ext4-sh shell_exec:file rx_file_perms;
allow convert-to-ext4-sh sysfs_fs_ext4_features:dir { read search };
allow convert-to-ext4-sh sysfs_fs_ext4_features:file read;
allow convert-to-ext4-sh tmpfs:dir { add_name create mounton open };
allow convert-to-ext4-sh tmpfs:dir { remove_name rmdir rw_file_perms setattr };
allow convert-to-ext4-sh tmpfs:file { create rw_file_perms unlink };
allow convert-to-ext4-sh toolbox_exec:file rx_file_perms;
allow convert-to-ext4-sh vendor_persist_type:dir { rw_file_perms search };
allow convert-to-ext4-sh vendor_persist_type:file rw_file_perms;
allowxperm convert-to-ext4-sh { efs_block_device persist_block_device}:blk_file ioctl {
BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET LOOP_CLR_FD
};
dontaudit convert-to-ext4-sh labeledfs:filesystem { mount unmount };
dontaudit convert-to-ext4-sh self:capability { chown fowner fsetid dac_read_search sys_admin sys_rawio };
dontaudit convert-to-ext4-sh unlabeled:dir { add_name create mounton open rw_file_perms search setattr };
dontaudit convert-to-ext4-sh unlabeled:file { create rw_file_perms setattr };
dontaudit convert-to-ext4-sh convert-to-ext4-sh:capability { dac_override };
')

12
sepolicy/whitechapel_pro/debug_camera_app.te Normal file
View File

@@ -0,0 +1,12 @@
userdebug_or_eng(`
# Allows camera app to access the GXP device and properties.
allow debug_camera_app gxp_device:chr_file rw_file_perms;
get_prop(debug_camera_app, vendor_gxp_prop)
# Allows camera app to search for GXP firmware file.
allow debug_camera_app vendor_fw_file:dir search;
# Allows GCA-Eng to find and access the EdgeTPU.
allow debug_camera_app edgetpu_app_service:service_manager find;
allow debug_camera_app edgetpu_device:chr_file { getattr read write ioctl map };
')

22
sepolicy/whitechapel_pro/device.te Normal file
View File

@@ -0,0 +1,22 @@
type modem_block_device, dev_type;
type custom_ab_block_device, dev_type;
type persist_block_device, dev_type;
type efs_block_device, dev_type;
type modem_userdata_block_device, dev_type;
type mfg_data_block_device, dev_type;
type vendor_toe_device, dev_type;
type lwis_device, dev_type;
type logbuffer_device, dev_type;
type rls_device, dev_type;
type fingerprint_device, dev_type;
type sensor_direct_heap_device, dmabuf_heap_device_type, dev_type;
type faceauth_heap_device, dmabuf_heap_device_type, dev_type;
type vframe_heap_device, dmabuf_heap_device_type, dev_type;
type vscaler_heap_device, dmabuf_heap_device_type, dev_type;
type radio_test_device, dev_type;
type vendor_gnss_device, dev_type;
type fips_block_device, dev_type;
# SecureElement SPI device
type st54spi_device, dev_type;
type st33spi_device, dev_type;

7
sepolicy/whitechapel_pro/disable-contaminant-detection-sh.te Normal file
View File

@@ -0,0 +1,7 @@
type disable-contaminant-detection-sh, domain;
type disable-contaminant-detection-sh_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(disable-contaminant-detection-sh)
allow disable-contaminant-detection-sh vendor_toolbox_exec:file execute_no_trans;
allow disable-contaminant-detection-sh sysfs_batteryinfo:dir r_dir_perms;
allow disable-contaminant-detection-sh sysfs_batteryinfo:file rw_file_perms;

32
sepolicy/whitechapel_pro/dmd.te Normal file
View File

@@ -0,0 +1,32 @@
type dmd, domain;
type dmd_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(dmd)
# Grant to access serial device for external logging tool
allow dmd serial_device:chr_file rw_file_perms;
# Grant to access radio device
allow dmd radio_device:chr_file rw_file_perms;
# Grant to access slog dir/file
allow dmd vendor_slog_file:dir create_dir_perms;
allow dmd vendor_slog_file:file create_file_perms;
# Grant to access tcp socket
allow dmd node:tcp_socket node_bind;
allow dmd self:tcp_socket { create_socket_perms_no_ioctl listen accept bind };
# Grant to access log related properties
set_prop(dmd, vendor_diag_prop)
set_prop(dmd, vendor_slog_prop)
set_prop(dmd, vendor_modem_prop)
get_prop(dmd, vendor_persist_config_default_prop)
# Grant to access hwservice manager
get_prop(dmd, hwservicemanager_prop)
allow dmd hidl_base_hwservice:hwservice_manager add;
allow dmd hal_vendor_oem_hwservice:hwservice_manager { add find };
binder_call(dmd, hwservicemanager)
binder_call(dmd, modem_diagnostic_app)
binder_call(dmd, modem_logging_control)
binder_call(dmd, vendor_telephony_silentlogging_app)

6
sepolicy/whitechapel_pro/domain.te Normal file
View File

@@ -0,0 +1,6 @@
allow {domain -appdomain -rs} proc_vendor_sched:dir r_dir_perms;
allow {domain -appdomain -rs} proc_vendor_sched:file w_file_perms;
# Mali
get_prop(domain, vendor_arm_runtime_option_prop)

30
sepolicy/whitechapel_pro/dump_power_gs201.te Normal file
View File

@@ -0,0 +1,30 @@
pixel_bugreport(dump_power_gs201)
allow dump_power_gs201 sysfs_acpm_stats:dir r_dir_perms;
allow dump_power_gs201 sysfs_acpm_stats:file r_file_perms;
allow dump_power_gs201 sysfs_cpu:file r_file_perms;
allow dump_power_gs201 vendor_toolbox_exec:file execute_no_trans;
allow dump_power_gs201 logbuffer_device:chr_file r_file_perms;
allow dump_power_gs201 mitigation_vendor_data_file:dir r_dir_perms;
allow dump_power_gs201 sysfs:dir r_dir_perms;
allow dump_power_gs201 sysfs_batteryinfo:dir r_dir_perms;
allow dump_power_gs201 sysfs_batteryinfo:file r_file_perms;
allow dump_power_gs201 sysfs_bcl:dir r_dir_perms;
allow dump_power_gs201 sysfs_bcl:file r_file_perms;
allow dump_power_gs201 sysfs_wlc:dir r_dir_perms;
allow dump_power_gs201 sysfs_wlc:file r_file_perms;
allow dump_power_gs201 battery_history_device:chr_file r_file_perms;
allow dump_power_gs201 mitigation_vendor_data_file:file r_file_perms;
userdebug_or_eng(`
allow dump_power_gs201 debugfs:dir r_dir_perms;
allow dump_power_gs201 vendor_battery_debugfs:dir r_dir_perms;
allow dump_power_gs201 vendor_battery_debugfs:file r_file_perms;
allow dump_power_gs201 vendor_charger_debugfs:dir r_dir_perms;
allow dump_power_gs201 vendor_charger_debugfs:file r_file_perms;
allow dump_power_gs201 vendor_pm_genpd_debugfs:file r_file_perms;
allow dump_power_gs201 vendor_maxfg_debugfs:dir r_dir_perms;
allow dump_power_gs201 vendor_maxfg_debugfs:file r_file_perms;
allow dump_power_gs201 vendor_votable_debugfs:dir r_dir_perms;
allow dump_power_gs201 vendor_votable_debugfs:file r_file_perms;
')

16
sepolicy/whitechapel_pro/dumpstate.te Normal file
View File

@@ -0,0 +1,16 @@
dump_hal(hal_health)
dump_hal(hal_graphics_composer)
dump_hal(hal_telephony)
dump_hal(hal_uwb_vendor)
userdebug_or_eng(`
allow dumpstate media_rw_data_file:file append;
')
allow dumpstate sysfs_scsi_devices_0000:file r_file_perms;
allow dumpstate persist_file:dir r_dir_perms;
allow dumpstate modem_efs_file:dir r_dir_perms;
allow dumpstate modem_userdata_file:dir r_dir_perms;
allow dumpstate modem_img_file:dir r_dir_perms;
allow dumpstate fuse:dir search;
allow dumpstate rlsservice:binder call;

8
sepolicy/whitechapel_pro/e2fs.te Normal file
View File

@@ -0,0 +1,8 @@
allow e2fs persist_block_device:blk_file rw_file_perms;
allow e2fs efs_block_device:blk_file rw_file_perms;
allow e2fs modem_userdata_block_device:blk_file rw_file_perms;
allowxperm e2fs { persist_block_device efs_block_device modem_userdata_block_device }:blk_file ioctl {
BLKSECDISCARD BLKDISCARD BLKPBSZGET BLKDISCARDZEROES BLKROGET
};
allow e2fs sysfs_scsi_devices_0000:dir r_dir_perms;
allow e2fs sysfs_scsi_devices_0000:file r_file_perms;

26
sepolicy/whitechapel_pro/euiccpixel_app.te Normal file
View File

@@ -0,0 +1,26 @@
# EuiccSupportPixel app
type euiccpixel_app, domain;
app_domain(euiccpixel_app)
allow euiccpixel_app app_api_service:service_manager find;
allow euiccpixel_app radio_service:service_manager find;
allow euiccpixel_app nfc_service:service_manager find;
allow euiccpixel_app sysfs_st33spi:dir search;
allow euiccpixel_app sysfs_st33spi:file rw_file_perms;
set_prop(euiccpixel_app, vendor_secure_element_prop)
set_prop(euiccpixel_app, vendor_modem_prop)
get_prop(euiccpixel_app, dck_prop)
userdebug_or_eng(`
net_domain(euiccpixel_app)
# Access to directly upgrade firmware on st54spi_device used for engineering devices
typeattribute st54spi_device mlstrustedobject;
allow euiccpixel_app st54spi_device:chr_file rw_file_perms;
# Access to directly upgrade firmware on st33spi_device used for engineering devices
typeattribute st33spi_device mlstrustedobject;
allow euiccpixel_app st33spi_device:chr_file rw_file_perms;
')

8
sepolicy/whitechapel_pro/fastbootd.te Normal file
View File

@@ -0,0 +1,8 @@
# Required by the bootcontrol HAL for the 'set_active' command.
recovery_only(`
allow fastbootd devinfo_block_device:blk_file rw_file_perms;
allow fastbootd sda_block_device:blk_file rw_file_perms;
allow fastbootd sysfs_ota:file rw_file_perms;
allow fastbootd st54spi_device:chr_file rw_file_perms;
allow fastbootd custom_ab_block_device:blk_file rw_file_perms;
')

95
sepolicy/whitechapel_pro/file.te Normal file
View File

@@ -0,0 +1,95 @@
# Data
type chre_data_file, file_type, data_file_type;
type rild_vendor_data_file, file_type, data_file_type;
type vendor_log_file, file_type, data_file_type;
type vendor_rfsd_log_file, file_type, data_file_type;
type modem_stat_data_file, file_type, data_file_type;
type vendor_slog_file, file_type, data_file_type;
type updated_wifi_firmware_data_file, file_type, data_file_type;
type vendor_misc_data_file, file_type, data_file_type;
type per_boot_file, file_type, data_file_type, core_data_file_type;
type uwb_data_vendor, file_type, data_file_type;
type powerstats_vendor_data_file, file_type, data_file_type;
type vendor_gps_file, file_type, data_file_type;
userdebug_or_eng(`
typeattribute vendor_gps_file mlstrustedobject;
typeattribute vendor_slog_file mlstrustedobject;
')
# Exynos Firmware
type vendor_fw_file, vendor_file_type, file_type;
# Trusty
type sysfs_trusty, sysfs_type, fs_type;
# EM Profile
type sysfs_em_profile, sysfs_type, fs_type;
# sysfs
type sysfs_chosen, sysfs_type, fs_type;
type bootdevice_sysdev, dev_type;
type sysfs_fabric, sysfs_type, fs_type;
type sysfs_acpm_stats, sysfs_type, fs_type;
type sysfs_wifi, sysfs_type, fs_type;
type sysfs_exynos_pcie_stats, sysfs_type, fs_type;
type sysfs_bcmdhd, sysfs_type, fs_type;
type sysfs_chargelevel, sysfs_type, fs_type;
type sysfs_camera, sysfs_type, fs_type;
type sysfs_write_leds, sysfs_type, fs_type;
type sysfs_pca, sysfs_type, fs_type;
type sysfs_ptracker, sysfs_type, fs_type;
# debugfs
type vendor_maxfg_debugfs, fs_type, debugfs_type;
type vendor_pm_genpd_debugfs, fs_type, debugfs_type;
type vendor_regmap_debugfs, fs_type, debugfs_type;
type vendor_usb_debugfs, fs_type, debugfs_type;
type vendor_charger_debugfs, fs_type, debugfs_type;
type vendor_votable_debugfs, fs_type, debugfs_type;
type vendor_battery_debugfs, fs_type, debugfs_type;
# vendor extra images
type modem_img_file, contextmount_type, file_type, vendor_file_type;
allow modem_img_file self:filesystem associate;
# persist
type persist_battery_file, file_type, vendor_persist_type;
type persist_camera_file, file_type, vendor_persist_type;
type persist_modem_file, file_type, vendor_persist_type;
type persist_ss_file, file_type, vendor_persist_type;
type persist_uwb_file, file_type, vendor_persist_type;
type persist_display_file, file_type, vendor_persist_type;
# CHRE
type chre_socket, file_type;
# Storage Health HAL
type proc_f2fs, proc_type, fs_type;
# Vendor tools
type vendor_dumpsys, vendor_file_type, file_type;
# Modem
type modem_efs_file, file_type;
type modem_userdata_file, file_type;
type sysfs_modem, sysfs_type, fs_type;
# SecureElement
type sysfs_st33spi, sysfs_type, fs_type;
typeattribute sysfs_st33spi mlstrustedobject;
# Vendor sched files
userdebug_or_eng(`
typeattribute proc_vendor_sched mlstrustedobject;
')
# SJTAG
type sysfs_sjtag, fs_type, sysfs_type;
userdebug_or_eng(`
typeattribute sysfs_sjtag mlstrustedobject;
')
# USB-C throttling stats
type sysfs_usbc_throttling_stats, sysfs_type, fs_type;
# WLC
type sysfs_wlc, sysfs_type, fs_type;

225
sepolicy/whitechapel_pro/file_contexts Normal file
View File

@@ -0,0 +1,225 @@
# Binaries
/vendor/bin/dmd u:object_r:dmd_exec:s0
/vendor/bin/modem_logging_control u:object_r:modem_logging_control_exec:s0
/vendor/bin/sced u:object_r:sced_exec:s0
/vendor/bin/vcd u:object_r:vcd_exec:s0
/vendor/bin/chre u:object_r:chre_exec:s0
/vendor/bin/cbd u:object_r:cbd_exec:s0
/vendor/bin/modem_svc_sit u:object_r:modem_svc_sit_exec:s0
/vendor/bin/rfsd u:object_r:rfsd_exec:s0
/vendor/bin/bipchmgr u:object_r:bipchmgr_exec:s0
/vendor/bin/storageproxyd u:object_r:tee_exec:s0
/vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0
/vendor/bin/tcpdump_logger u:object_r:tcpdump_logger_exec:s0
/vendor/bin/init\.display\.sh u:object_r:init-display-sh_exec:s0
/vendor/bin/trusty_apploader u:object_r:trusty_apploader_exec:s0
/vendor/bin/trusty_metricsd u:object_r:trusty_metricsd_exec:s0
/vendor/bin/dumpsys u:object_r:vendor_dumpsys:s0
/vendor/bin/init\.uwb\.calib\.sh u:object_r:vendor_uwb_init_exec:s0
/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0
/vendor/bin/hw/android\.hardware\.gatekeeper-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0
/vendor/bin/hw/android\.hardware\.security\.keymint-service\.trusty u:object_r:hal_keymint_default_exec:s0
/vendor/bin/hw/android\.hardware\.security\.keymint-service\.rust\.trusty u:object_r:hal_keymint_default_exec:s0
/vendor/bin/hw/android\.hardware\.security\.secretkeeper\.trusty u:object_r:hal_secretkeeper_default_exec:s0
/vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0
/vendor/bin/hw/android\.hardware\.composer\.hwc3-service\.pixel u:object_r:hal_graphics_composer_default_exec:s0
/vendor/bin/hw/google\.hardware\.media\.c2@1\.0-service u:object_r:mediacodec_google_exec:s0
/vendor/bin/hw/vendor\.dolby\.media\.c2@1\.0-service u:object_r:mediacodec_exec:s0
/vendor/bin/hw/android\.hardware\.secure_element@1\.2-service-gto u:object_r:hal_secure_element_st54spi_exec:s0
/vendor/bin/hw/android\.hardware\.secure_element@1\.2-service-gto-ese2 u:object_r:hal_secure_element_st33spi_exec:s0
/vendor/bin/hw/android\.hardware\.secure_element@1\.2-uicc-service u:object_r:hal_secure_element_uicc_exec:s0
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.goodix u:object_r:hal_fingerprint_default_exec:s0
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.goodix u:object_r:hal_fingerprint_default_exec:s0
/vendor/bin/hw/android\.hardware\.nfc-service\.st u:object_r:hal_nfc_default_exec:s0
/vendor/bin/hw/vendor\.google\.wireless_charger@1\.3-service-vendor u:object_r:hal_wlc_exec:s0
/vendor/bin/hw/android\.hardware\.usb-service u:object_r:hal_usb_impl_exec:s0
/vendor/bin/hw/android\.hardware\.usb\.gadget-service u:object_r:hal_usb_gadget_impl_exec:s0
/vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0
/vendor/bin/hw/android\.hardware\.qorvo\.uwb\.service u:object_r:hal_uwb_vendor_default_exec:s0
/vendor/bin/rlsservice u:object_r:rlsservice_exec:s0
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.fpc u:object_r:fingerprint_factory_service_exec:s0
/vendor/bin/hw/android\.hardware\.memtrack-service\.pixel u:object_r:hal_memtrack_default_exec:s0
/system_ext/bin/convert_to_ext4\.sh u:object_r:convert-to-ext4-sh_exec:s0
/vendor/bin/hw/disable_contaminant_detection\.sh u:object_r:disable-contaminant-detection-sh_exec:s0
/vendor/bin/dump/dump_power_gs201\.sh u:object_r:dump_power_gs201_exec:s0
/vendor/bin/ufs_firmware_update\.sh u:object_r:ufs_firmware_update_exec:s0
/vendor/bin/init\.check_ap_pd_auth\.sh u:object_r:init-check_ap_pd_auth-sh_exec:s0
# Vendor Firmwares
/vendor/firmware(/.*)? u:object_r:vendor_fw_file:s0
# Gralloc
/(vendor|system/vendor)/lib(64)?/hw/mapper\.pixel\.so u:object_r:same_process_hal_file:s0
# Vendor libraries
/vendor/lib(64)?/libdrm\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libion_google\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/arm\.graphics-V1-ndk\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libOpenCL-pixel\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libOpenCL\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/lib_aion_buffer\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libGralloc4Wrapper\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/pixel-power-ext-V1-ndk\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/android\.frameworks\.stats-V1-ndk\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/vendor-pixelatoms-cpp\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libprotobuf-cpp-lite-(\d+\.){2,3}so u:object_r:same_process_hal_file:s0
# Graphics
/vendor/lib(64)?/hw/gralloc\.gs201\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/hw/vulkan\.mali\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libgpudataproducer\.so u:object_r:same_process_hal_file:s0
# Devices
/dev/dma_heap/sensor_direct_heap u:object_r:sensor_direct_heap_device:s0
/dev/ttySAC0 u:object_r:tty_device:s0
/dev/dma_heap/faceauth_tpu-secure u:object_r:faceauth_heap_device:s0
/dev/dma_heap/faimg-secure u:object_r:faceauth_heap_device:s0
/dev/dma_heap/famodel-secure u:object_r:faceauth_heap_device:s0
/dev/dma_heap/faprev-secure u:object_r:faceauth_heap_device:s0
/dev/dma_heap/farawimg-secure u:object_r:faceauth_heap_device:s0
/dev/dma_heap/vframe-secure u:object_r:dmabuf_system_secure_heap_device:s0
/dev/dma_heap/vscaler-secure u:object_r:vscaler_heap_device:s0
/dev/dma_heap/vstream-secure u:object_r:dmabuf_system_secure_heap_device:s0
/dev/janeiro u:object_r:edgetpu_device:s0
/dev/bigocean u:object_r:video_device:s0
/dev/goodix_fp u:object_r:fingerprint_device:s0
/dev/stmvl53l1_ranging u:object_r:rls_device:s0
/dev/watchdog0 u:object_r:watchdog_device:s0
/dev/mali0 u:object_r:gpu_device:s0
/dev/logbuffer_usbpd u:object_r:logbuffer_device:s0
/dev/logbuffer_pogo_transport u:object_r:logbuffer_device:s0
/dev/logbuffer_ssoc u:object_r:logbuffer_device:s0
/dev/logbuffer_wireless u:object_r:logbuffer_device:s0
/dev/logbuffer_ttf u:object_r:logbuffer_device:s0
/dev/logbuffer_maxq u:object_r:logbuffer_device:s0
/dev/logbuffer_rtx u:object_r:logbuffer_device:s0
/dev/logbuffer_maxfg u:object_r:logbuffer_device:s0
/dev/logbuffer_maxfg_base u:object_r:logbuffer_device:s0
/dev/logbuffer_maxfg_flip u:object_r:logbuffer_device:s0
/dev/logbuffer_pca9468_tcpm u:object_r:logbuffer_device:s0
/dev/logbuffer_pca9468 u:object_r:logbuffer_device:s0
/dev/logbuffer_cpm u:object_r:logbuffer_device:s0
/dev/logbuffer_maxfg_monitor u:object_r:logbuffer_device:s0
/dev/logbuffer_maxfg_base_monitor u:object_r:logbuffer_device:s0
/dev/logbuffer_maxfg_flip_monitor u:object_r:logbuffer_device:s0
/dev/logbuffer_bd u:object_r:logbuffer_device:s0
/dev/logbuffer_cpif u:object_r:logbuffer_device:s0
/dev/logbuffer_pcie0 u:object_r:logbuffer_device:s0
/dev/logbuffer_pcie1 u:object_r:logbuffer_device:s0
/dev/bbd_pwrstat u:object_r:power_stats_device:s0
/dev/lwis-act-jotnar u:object_r:lwis_device:s0
/dev/lwis-act-slenderman u:object_r:lwis_device:s0
/dev/lwis-act-slenderman-sandworm u:object_r:lwis_device:s0
/dev/lwis-csi u:object_r:lwis_device:s0
/dev/lwis-dpm u:object_r:lwis_device:s0
/dev/lwis-eeprom-gargoyle u:object_r:lwis_device:s0
/dev/lwis-eeprom-jotnar u:object_r:lwis_device:s0
/dev/lwis-eeprom-smaug-buraq u:object_r:lwis_device:s0
/dev/lwis-eeprom-smaug-dokkaebi u:object_r:lwis_device:s0
/dev/lwis-eeprom-smaug-sandworm u:object_r:lwis_device:s0
/dev/lwis-flash-lm3644 u:object_r:lwis_device:s0
/dev/lwis-g3aa u:object_r:lwis_device:s0
/dev/lwis-gdc0 u:object_r:lwis_device:s0
/dev/lwis-gdc1 u:object_r:lwis_device:s0
/dev/lwis-gtnr-align u:object_r:lwis_device:s0
/dev/lwis-gtnr-merge u:object_r:lwis_device:s0
/dev/lwis-ipp u:object_r:lwis_device:s0
/dev/lwis-itp u:object_r:lwis_device:s0
/dev/lwis-mcsc u:object_r:lwis_device:s0
/dev/lwis-ois-gargoyle u:object_r:lwis_device:s0
/dev/lwis-ois-jotnar u:object_r:lwis_device:s0
/dev/lwis-pdp u:object_r:lwis_device:s0
/dev/lwis-scsc u:object_r:lwis_device:s0
/dev/lwis-sensor-buraq u:object_r:lwis_device:s0
/dev/lwis-sensor-dokkaebi u:object_r:lwis_device:s0
/dev/lwis-sensor-kraken u:object_r:lwis_device:s0
/dev/lwis-sensor-lamassu u:object_r:lwis_device:s0
/dev/lwis-sensor-nagual u:object_r:lwis_device:s0
/dev/lwis-sensor-sandworm u:object_r:lwis_device:s0
/dev/lwis-slc u:object_r:lwis_device:s0
/dev/lwis-top u:object_r:lwis_device:s0
/dev/lwis-votf u:object_r:lwis_device:s0
/dev/dri/card0 u:object_r:graphics_device:s0
/dev/fimg2d u:object_r:graphics_device:s0
/dev/g2d u:object_r:graphics_device:s0
/dev/gxp u:object_r:gxp_device:s0
/dev/dit2 u:object_r:vendor_toe_device:s0
/dev/trusty-ipc-dev0 u:object_r:tee_device:s0
/dev/st21nfc u:object_r:nfc_device:s0
/dev/st54spi u:object_r:st54spi_device:s0
/dev/st33spi u:object_r:st33spi_device:s0
/dev/ttyGS[0-3] u:object_r:serial_device:s0
/dev/oem_ipc[0-7] u:object_r:radio_device:s0
/dev/oem_test u:object_r:radio_test_device:s0
/dev/umts_boot0 u:object_r:radio_device:s0
/dev/umts_ipc0 u:object_r:radio_device:s0
/dev/umts_ipc1 u:object_r:radio_device:s0
/dev/umts_rfs0 u:object_r:radio_device:s0
/dev/umts_dm0 u:object_r:radio_device:s0
/dev/umts_router u:object_r:radio_device:s0
/dev/logbuffer_tcpm u:object_r:logbuffer_device:s0
/dev/sys/block/bootdevice(/.*)? u:object_r:bootdevice_sysdev:s0
/dev/socket/chre u:object_r:chre_socket:s0
/dev/block/sda u:object_r:sda_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/abl_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/bl1_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/bl2_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/bl31_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/boot_[ab] u:object_r:boot_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/init_boot_[ab] u:object_r:boot_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/devinfo u:object_r:devinfo_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/dram_train_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/dtbo_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/efs u:object_r:efs_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/efs_backup u:object_r:efs_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/frp u:object_r:frp_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/gsa_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/ldfw_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/metadata u:object_r:metadata_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/mfg_data u:object_r:mfg_data_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/misc u:object_r:misc_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/modem_[ab] u:object_r:modem_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/modem_userdata u:object_r:modem_userdata_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/pbl_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/persist u:object_r:persist_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/pvmfw_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/super u:object_r:super_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/tzsw_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/userdata u:object_r:userdata_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/vbmeta_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/vbmeta_system_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/vbmeta_vendor_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/vendor_boot_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/vendor_kernel_boot_[ab] u:object_r:custom_ab_block_device:s0
/dev/block/platform/14700000\.ufs/by-name/fips u:object_r:fips_block_device:s0
# Data
/data/vendor/chre(/.*)? u:object_r:chre_data_file:s0
/data/vendor/slog(/.*)? u:object_r:vendor_slog_file:s0
/data/vendor/modem_stat(/.*)? u:object_r:modem_stat_data_file:s0
/data/vendor/log(/.*)? u:object_r:vendor_log_file:s0
/data/vendor/log/rfsd(/.*)? u:object_r:vendor_rfsd_log_file:s0
/data/vendor/rild(/.*)? u:object_r:rild_vendor_data_file:s0
/data/vendor/ss(/.*)? u:object_r:tee_data_file:s0
/data/nfc(/.*)? u:object_r:nfc_data_file:s0
/data/vendor/firmware/wifi(/.*)? u:object_r:updated_wifi_firmware_data_file:s0
/data/vendor/misc(/.*)? u:object_r:vendor_misc_data_file:s0
/data/per_boot(/.*)? u:object_r:per_boot_file:s0
/data/vendor/uwb(/.*)? u:object_r:uwb_data_vendor:s0
/dev/maxfg_history u:object_r:battery_history_device:s0
/dev/battery_history u:object_r:battery_history_device:s0
/data/vendor/powerstats(/.*)? u:object_r:powerstats_vendor_data_file:s0
# Persist
/mnt/vendor/persist/battery(/.*)? u:object_r:persist_battery_file:s0
/mnt/vendor/persist/camera(/.*)? u:object_r:persist_camera_file:s0
/mnt/vendor/persist/modem(/.*)? u:object_r:persist_modem_file:s0
/mnt/vendor/persist/ss(/.*)? u:object_r:persist_ss_file:s0
/mnt/vendor/persist/uwb(/.*)? u:object_r:persist_uwb_file:s0
/mnt/vendor/persist/display(/.*)? u:object_r:persist_display_file:s0
# Extra mount images
/mnt/vendor/modem_img(/.*)? u:object_r:modem_img_file:s0
/mnt/vendor/efs(/.*)? u:object_r:modem_efs_file:s0
/mnt/vendor/efs_backup(/.*)? u:object_r:modem_efs_file:s0
/mnt/vendor/modem_userdata(/.*)? u:object_r:modem_userdata_file:s0

3
sepolicy/whitechapel_pro/fingerprint_factory_service.te Normal file
View File

@@ -0,0 +1,3 @@
type fingerprint_factory_service, service_manager_type;
type fingerprint_factory_service_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(fingerprint_factory_service)

5
sepolicy/whitechapel_pro/fsck.te Normal file
View File

@@ -0,0 +1,5 @@
allow fsck persist_block_device:blk_file rw_file_perms;
allow fsck efs_block_device:blk_file rw_file_perms;
allow fsck modem_userdata_block_device:blk_file rw_file_perms;
allow fsck sysfs_scsi_devices_0000:dir r_dir_perms;
allow fsck sysfs_scsi_devices_0000:file r_file_perms;

301
sepolicy/whitechapel_pro/genfs_contexts Normal file
View File

@@ -0,0 +1,301 @@
genfscon sysfs /firmware/devicetree/base/chosen u:object_r:sysfs_chosen:s0
# EdgeTPU
genfscon sysfs /devices/platform/1ce00000.janeiro u:object_r:sysfs_edgetpu:s0
# CPU
genfscon sysfs /devices/platform/28000000.mali/time_in_state u:object_r:sysfs_cpu:s0
genfscon sysfs /devices/platform/28000000.mali/uid_time_in_state u:object_r:sysfs_cpu:s0
genfscon sysfs /devices/soc0/machine u:object_r:sysfs_soc:s0
genfscon sysfs /devices/soc0/revision u:object_r:sysfs_soc:s0
# tracefs
genfscon tracefs /events/dmabuf_heap/dma_heap_stat u:object_r:debugfs_tracing:s0
# Networking
genfscon sysfs /devices/platform/10db0000.spi/spi_master/spi16/spi16.0/ieee802154/phy0/net u:object_r:sysfs_net:s0
# WiFi
genfscon sysfs /wifi u:object_r:sysfs_wifi:s0
genfscon sysfs /wlan_ptracker u:object_r:sysfs_ptracker:s0
# ACPM
genfscon sysfs /devices/platform/acpm_stats u:object_r:sysfs_acpm_stats:s0
# Broadcom
genfscon sysfs /module/bcmdhd4389 u:object_r:sysfs_bcmdhd:s0
# GPU
genfscon sysfs /devices/platform/28000000.mali/hint_min_freq u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/28000000.mali/power_policy u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/28000000.mali/dma_buf_gpu_mem u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/28000000.mali/total_gpu_mem u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/28000000.mali/kprcs u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/28000000.mali/dvfs_period u:object_r:sysfs_gpu:s0
# Fabric
genfscon sysfs /devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/min_freq u:object_r:sysfs_fabric:s0
genfscon sysfs /devices/platform/17000020.devfreq_int/devfreq/17000020.devfreq_int/min_freq u:object_r:sysfs_fabric:s0
genfscon sysfs /devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/interactive/target_load u:object_r:sysfs_fabric:s0
# sscoredump (per device)
genfscon sysfs /devices/platform/aoc/sscoredump/sscd_aoc/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/bigocean/sscoredump/sscd_bigocean/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/debugcore/sscoredump/sscd_debugcore/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/mfc-core/sscoredump/sscd_mfc-core/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/wlan/sscoredump/sscd_wlan/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/mali/sscoredump/sscd_mali/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
# Power Stats
genfscon sysfs /devices/platform/cpif/modem/power_stats u:object_r:sysfs_power_stats:s0
genfscon sysfs /devices/platform/11920000.pcie/power_stats u:object_r:sysfs_power_stats:s0
genfscon sysfs /devices/platform/14520000.pcie/power_stats u:object_r:sysfs_power_stats:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0008/power_stats u:object_r:sysfs_power_stats:s0
genfscon sysfs /devices/platform/10db0000.spi/spi_master/spi16/spi16.0/uwb/power_stats u:object_r:sysfs_power_stats:s0
# Modem
genfscon sysfs /devices/platform/cp-tm1/cp_temp u:object_r:sysfs_modem:s0
# Power ODPM
genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-20/20-001f/s2mpg12-meter/s2mpg12-odpm/iio:device u:object_r:sysfs_odpm:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-20/20-001f/s2mpg12-meter/s2mpg12-odpm/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18110000/i2c-21/21-002f/s2mpg13-meter/s2mpg13-odpm/iio:device u:object_r:sysfs_odpm:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18110000/i2c-21/21-002f/s2mpg13-meter/s2mpg13-odpm/wakeup u:object_r:sysfs_wakeup:s0
# Devfreq current frequency
genfscon sysfs /devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/cur_freq u:object_r:sysfs_devfreq_cur:s0
genfscon sysfs /devices/platform/17000020.devfreq_int/devfreq/17000020.devfreq_int/cur_freq u:object_r:sysfs_devfreq_cur:s0
genfscon sysfs /devices/platform/17000030.devfreq_intcam/devfreq/17000030.devfreq_intcam/cur_freq u:object_r:sysfs_devfreq_cur:s0
genfscon sysfs /devices/platform/17000040.devfreq_disp/devfreq/17000040.devfreq_disp/cur_freq u:object_r:sysfs_devfreq_cur:s0
genfscon sysfs /devices/platform/17000050.devfreq_cam/devfreq/17000050.devfreq_cam/cur_freq u:object_r:sysfs_devfreq_cur:s0
genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/cur_freq u:object_r:sysfs_devfreq_cur:s0
genfscon sysfs /devices/platform/17000070.devfreq_mfc/devfreq/17000070.devfreq_mfc/cur_freq u:object_r:sysfs_devfreq_cur:s0
genfscon sysfs /devices/platform/17000080.devfreq_bo/devfreq/17000080.devfreq_bo/cur_freq u:object_r:sysfs_devfreq_cur:s0
# OTA
genfscon sysfs /devices/platform/14700000.ufs/pixel/boot_lun_enabled u:object_r:sysfs_ota:s0
# Input
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb2/2-1 u:object_r:sysfs_uhid:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb2/2-1 u:object_r:sysfs_uhid:s0
# Display
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/available_disp_stats u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/gamma u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/min_vrefresh u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/idle_delay_ms u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_idle u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/osc2_clk_khz u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/time_in_state u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c240000.drmdecon/early_wakeup u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c242000.drmdecon/early_wakeup u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c240000.drmdecon/counters u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c241000.drmdecon/counters u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c242000.drmdecon/counters u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight u:object_r:sysfs_leds:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_extinfo u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_name u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/serial_number u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/refresh_rate u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/backlight u:object_r:sysfs_leds:s0
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_extinfo u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_name u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/serial_number u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/refresh_rate u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c240000.drmdecon/dqe0/atc u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c241000.drmdecon/dqe1/atc u:object_r:sysfs_display:s0
genfscon sysfs /module/drm/parameters/vblankoffdelay u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/exynos-drm/tui_status u:object_r:sysfs_display:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/als_table u:object_r:sysfs_write_leds:s0
# Storage
genfscon proc /fs/f2fs u:object_r:proc_f2fs:s0
genfscon proc /sys/vm/swappiness u:object_r:proc_dirty:s0
genfscon sysfs /devices/platform/14700000.ufs/slowio_read_cnt u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/slowio_write_cnt u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/slowio_unmap_cnt u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/slowio_sync_cnt u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/manual_gc u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/io_stats u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/req_stats u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/err_stats u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/device_descriptor u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/clkgate_enable u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/hibern8_on_idle_enable u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/health_descriptor u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/host0/target0:0:0/0:0:0: u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/ufs_stats u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/attributes/wb_avail_buf u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/vendor u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/model u:object_r:sysfs_scsi_devices_0000:s0
genfscon sysfs /devices/platform/14700000.ufs/rev u:object_r:sysfs_scsi_devices_0000:s0
# debugfs
genfscon debugfs /maxfg u:object_r:vendor_maxfg_debugfs:s0
genfscon debugfs /maxfg_base u:object_r:vendor_maxfg_debugfs:s0
genfscon debugfs /maxfg_secondary u:object_r:vendor_maxfg_debugfs:s0
genfscon debugfs /pm_genpd/pm_genpd_summary u:object_r:vendor_pm_genpd_debugfs:s0
genfscon debugfs /regmap u:object_r:vendor_regmap_debugfs:s0
genfscon debugfs /usb u:object_r:vendor_usb_debugfs:s0
genfscon debugfs /google_charger u:object_r:vendor_charger_debugfs:s0
genfscon debugfs /max77759_chg u:object_r:vendor_charger_debugfs:s0
genfscon debugfs /max77729_pmic u:object_r:vendor_charger_debugfs:s0
genfscon debugfs /gvotables u:object_r:vendor_votable_debugfs:s0
genfscon debugfs /google_battery u:object_r:vendor_battery_debugfs:s0
# Battery
genfscon sysfs /devices/platform/google,battery/power_supply/battery u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/google,cpm u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/google,charger u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10d60000.hsi2c u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/pseudo_0/adapter0/host1/target1:0:0/1:0:0:0/block/sde u:object_r:sysfs_devices_block:s0
# P22 battery
genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-15/15-003c/power_supply u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-15/15-0050/eeprom u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0069/power_supply u:object_r:sysfs_batteryinfo:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0057/chg_stats u:object_r:sysfs_pca:s0
# Extcon
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0025/extcon u:object_r:sysfs_extcon:s0
# Haptics
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0043 u:object_r:sysfs_vibrator:s0
# system suspend wakeup files
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0008/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d10000.spi/spi_master/spi0/spi0.0/synaptics_tcm.0/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0036/power_supply/maxfg/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0036/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0057/power_supply/pca94xx-mains/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0069/wakeup/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0025/power_supply/tcpm-source-psy-13-0025/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0025/power_supply/tcpm-source-psy-i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10d60000.hsi2c/i2c-13/13-0025/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-15/15-003c/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-15/15-003c/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb2 u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb3 u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb2 u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb3 u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.6.auto/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.6.auto/usb2 u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.6.auto/usb3 u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/11210000.usb/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/14520000.pcie/pci0001:00/0001:00:00.0/0001:01:00.0/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/14520000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19000000.aoc/com.google.usf/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19000000.aoc/com.google.usf.non_wake_up/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19000000.aoc/com.google.chre/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19000000.aoc/com.google.chre.non_wake_up/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19000000.aoc/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/19000000.aoc/usb_control/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-20/20-001f/s2mpg12-power-keys/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-20/20-001f/s2mpg12-rtc/rtc/rtc0/alarmtimer.1.auto/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-20/20-001f/s2mpg12-rtc/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18100000/i2c-20/20-001f/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/acpm_mfd_bus@18110000/i2c-21/21-002f/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/cpif/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/google,battery/power_supply/battery/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/google,cpm/power_supply/gcpm_pps/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/google,cpm/power_supply/gcpm/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/gpio_keys/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/sound-aoc/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/wakeup u:object_r:sysfs_wakeup:s0
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/wakeup u:object_r:sysfs_wakeup:s0
#SecureElement
genfscon sysfs /devices/platform/181c0000.spi/spi_master/spi17/spi17.0/st33spi u:object_r:sysfs_st33spi:s0
# Thermal
genfscon sysfs /devices/platform/100a0000.LITTLE u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100a0000.MID u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100a0000.BIG u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100a0000.ISP u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100b0000.G3D u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100b0000.TPU u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100b0000.AUR u:object_r:sysfs_thermal:s0
genfscon sysfs /thermal_zone14/mode u:object_r:sysfs_thermal:s0
# PCIe link
genfscon sysfs /devices/platform/14520000.pcie/link_stats u:object_r:sysfs_exynos_pcie_stats:s0
genfscon sysfs /devices/platform/11920000.pcie/link_stats u:object_r:sysfs_exynos_pcie_stats:s0
# Camera
genfscon sysfs /devices/platform/17000030.devfreq_intcam/devfreq/17000030.devfreq_intcam/min_freq u:object_r:sysfs_camera:s0
genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/max_freq u:object_r:sysfs_camera:s0
genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/min_freq u:object_r:sysfs_camera:s0
# SJTAG
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0
# USB-C throttling stats
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/cleared_time u:object_r:sysfs_usbc_throttling_stats:s0
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/hysteresis_time u:object_r:sysfs_usbc_throttling_stats:s0
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/trip_time u:object_r:sysfs_usbc_throttling_stats:s0
# Coresight ETM
genfscon sysfs /devices/platform/2b840000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2b940000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2ba40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bb40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bc40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bd40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2be40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bf40000.etm u:object_r:sysfs_devices_cs_etm:s0
# Trusty
genfscon sysfs /module/trusty_virtio/parameters/use_high_wq u:object_r:sysfs_trusty:s0
genfscon sysfs /module/trusty_core/parameters/use_high_wq u:object_r:sysfs_trusty:s0
# EM Profile
genfscon sysfs /kernel/pixel_em/active_profile u:object_r:sysfs_em_profile:s0
# Privacy LED
genfscon sysfs /devices/platform/pwmleds/leds/green/brightness u:object_r:sysfs_leds:s0
genfscon sysfs /devices/platform/pwmleds/leds/green/max_brightness u:object_r:sysfs_leds:s0
# AOC
genfscon sysfs /devices/platform/19000000.aoc/aoc_clock_and_kernel_boottime u:object_r:sysfs_aoc_boottime:s0
genfscon sysfs /devices/platform/19000000.aoc/firmware u:object_r:sysfs_aoc_firmware:s0
genfscon sysfs /devices/platform/19000000.aoc u:object_r:sysfs_aoc:s0
genfscon sysfs /devices/platform/19000000.aoc/reset u:object_r:sysfs_aoc_reset:s0
genfscon sysfs /devices/platform/19000000.aoc/services u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/restart_count u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/coredump_count u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/ring_buffer_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/host_ipc_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/usf_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/audio_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/logging_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/hotword_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/memory_exception u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes_a32 u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes_ff1 u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/notify_timeout_aoc_status u:object_r:sysfs_aoc_notifytimeout:s0
# GPS
genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby u:object_r:sysfs_gps:s0
# WLC
genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-15/15-003c u:object_r:sysfs_wlc:s0

10
sepolicy/whitechapel_pro/google_camera_app.te Normal file
View File

@@ -0,0 +1,10 @@
# Allows camera app to access the GXP device and properties.
allow google_camera_app gxp_device:chr_file rw_file_perms;
get_prop(google_camera_app, vendor_gxp_prop)
# Allows camera app to search for GXP firmware file.
allow google_camera_app vendor_fw_file:dir search;
# Allows GCA to find and access the EdgeTPU.
allow google_camera_app edgetpu_app_service:service_manager find;
allow google_camera_app edgetpu_device:chr_file { getattr read write ioctl map };

9
sepolicy/whitechapel_pro/gpsd.te Normal file
View File

@@ -0,0 +1,9 @@
type gpsd, domain;
type gpsd_exec, vendor_file_type, exec_type, file_type;
# Allow gpsd access PixelLogger unix socket in debug build only
userdebug_or_eng(`
typeattribute gpsd mlstrustedsubject;
allow gpsd logger_app:unix_stream_socket connectto;
')

Some files were not shown because too many files have changed in this diff Show More