Evolution-X-Devices/device_google_zuma
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

merge into: Evolution-X-Devices:vic
Branches Tags
Evolution-X-Devices:bka Evolution-X-Devices:vic Evolution-X-Devices:udc
...
pull from: Evolution-X-Devices:udc
Branches Tags
Evolution-X-Devices:bka Evolution-X-Devices:vic Evolution-X-Devices:udc

2398 Commits
vic ... udc

Author SHA1 Message Date
AnierinB
4da0dfab2c zuma: Initialize for Evolution X 9.x 
Signed-off-by: AnierinB <anierin@evolution-x.org>
 2024-09-10 14:09:46 -07:00
Michael Bestas
22095a0c89 Revert "zuma: Build with 64-bit only GMS if WITH_GMS" 
This reverts commit 5a496e36d0.

Reason for revert: GMS combined these makefiles.

Change-Id: Ibb7e0e04fcdcfdc6778807a105405dd983d54f2c
 2024-09-09 21:28:54 +00:00
Aaron Kling
8d69aa53cf zuma: Remove elf files in copy files check 
New extract files uses packages instead of copy files

Change-Id: I337c07d13bd350958d4808e1693cc6e03753a96c
 2024-09-07 15:54:06 +03:00
basamaryan
c0d5f59080 zuma: Drop unnecessary BOARD_USERDATAIMAGE_FILE_SYSTEM_TYPE flag 
Change-Id: Ibb96c529ac64239d7bb919e46f5a625a6deebf98
 2024-06-23 19:23:44 +03:00
Michael Bestas
cd475bd801 Merge tag 'android-14.0.0_r50' into staging/lineage-21_merge-android-14.0.0_r50 
Android 14.0.0 Release 50 (AP2A.240605.024)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZmdzmwAKCRDorT+BmrEO
# eN+KAJ9+8WsgiRKrXHLrgUpfHI/xjYufKQCfaGkVpBc/mawypov8BsAaENp9imw=
# =hjvk
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Jun 11 00:43:55 2024 EEST
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2542 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Wilson Sung (9) and others
# Via Android Build Coastguard Worker (33) and others
* tag 'android-14.0.0_r50': (47 commits)
  Revert^2 "Remove persist.bootanim.color property definitions"
  Revert "Remove persist.bootanim.color property definitions"
  Remove persist.bootanim.color property definitions
  add dsim wakeup labels
  Update tcpm i2c sepolicy with new device name
  Add HWC permission to access IStats AIDL
  hal_usb_impl: Grant read permission to usb overheat files
  Allow camera_app can access priv-app symlinks
  Allow con_monitor_app to read/write the folder /data/vendor/radio
  Update error on ROM 11396046
  Allow dump_power to read sysfs directories
  Update SELinux error
  Revert "rfsd: add new property to sepolicy"
  Revert "Allow dump_power to read directories under "/sys/class/p..."
  Revert "Allow dump_power to read directories under "/sys/class/p..."
  Revert "Allow dump_power to read directories under "/sys/class/p..."
  liboemservice_proxy: Update sepolicy to hal
  Add `capacity_headroom` to gpu sysfs
  Change the type of hw_jpg_device for selinux policy so that the GCA release flavor could access hw_jpg_device
  [displayport-stats] add sysfs access permission on Zuma devices.
  ...

 Conflicts:
	sepolicy/vendor/file_contexts
	sepolicy/zuma-sepolicy.mk

Change-Id: I3faf6cc680611da752218a7355f4b355a54bf09e
 2024-06-15 22:29:25 +03:00
Michael Bestas
640d956fa3 Merge tag 'android-14.0.0_r50' into staging/lineage-21_merge-android-14.0.0_r50 
Android 14.0.0 Release 50 (AP2A.240605.024)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZmdzmwAKCRDorT+BmrEO
# eBCcAJ4y/zo/Rh8n5sbacxtEm5ngrM2iqACfeL8d4MctLYMXlbSlBWXKdvxLJNw=
# =xFt1
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Jun 11 00:43:55 2024 EEST
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2542 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Daniel Chapin (4) and others
# Via Android (Google) Code Review (45) and others
* tag 'android-14.0.0_r50': (60 commits)
  Update health AIDL HAL to V3
  Revert "Add betterbug mk to zuma"
  Adding android.software.contextualsearch to zuma devices.
  pixelstats: added multiple GMSR paths
  Revert "Add sepolicy include to zuma."
  Removed ImsMedia from zuma
  Add sepolicy include to zuma.
  pixelstats: zuma: add Learning/Update/ModelLoad path
  Fix properties to enable override
  Add betterbug mk to zuma
  Enable Secretkeeper HAL service on zuma
  dumpstate: moving charger nodes to user build
  Revert "zuma: Set max supported page size to 65536"
  Fix permissions for dp_hotplug_error_code sysfs node
  zuma: Set max supported page size to 65536
  Add Youtube back in MRR Small Area Detection Allowlist
  Move manifest entries to gs-common.
  [Refactor] Include edgetpu targets in final image
  Revert^2 "zuma: enable dynamic color mode"
  Revert "zuma: enable dynamic color mode"
  ...

 Conflicts:
	device.mk

Change-Id: Iafc59345bd16d39006f074f12c5edb2ee6f6a254
 2024-06-15 22:28:13 +03:00
Tommy Webb
5db0f71e54 Revert "Add back saturated color mode" 
This presence of this color mode now leads to problems deactivating
color inversion and color correction, even if it is not selected.

This reverts commit 9dbedaab9e.

Issue: calyxos#2312
Change-Id: I1ce6aec9d32d4b3fd2d88545c91c579b8313e50a
 2024-04-30 20:22:07 +03:00
Michael Bestas
411c08290d zuma: Update AiAi configs 
Extracted from stock shiba AP1A.240405.002

Change-Id: Ief71f77fb2475311ed555fece837f46ff1eae4aa
 2024-04-26 18:32:27 +03:00
Michael Bestas
97d87c2bcb fixup! Add AiAi allowlist 
Change-Id: I4058626a7ebcec2217c44e68b6b0a5edb4022ae9
 2024-04-08 00:14:59 +03:00
Michael Bestas
9dc5fd9d5c zuma: overlay: Enable battery cycle count 
Change-Id: I92bc8363e1c9e2ad54c29a0a30dce992e25f697d
 2024-03-28 00:08:41 +02:00
Michael Bestas
2466a30d0f zuma: Always enable displayport output 
Change-Id: If7c2246d38b83914affb1c3379d41bb3568068f3
 2024-03-10 10:34:13 +02:00
Michael Bestas
b96da85bea Merge tag 'android-14.0.0_r29' into staging/lineage-21_merge-android-14.0.0_r29 
Android 14.0.0 release 29

# -----BEGIN PGP SIGNATURE-----
#
# iFwEABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZeZWxwAKCRDorT+BmrEO
# eG4YAJiXC4CAYe+tHHgmS2zRpWvrMp2fAJ95xvTlNaj8SVFvWVYVCJ9DEnb5NA==
# =pYvH
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Mar  5 01:18:31 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2373 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Wilson Sung (8) and others
# Via Automerger Merge Worker (823) and others
* tag 'android-14.0.0_r29': (99 commits)
  selinux: label wakeup for BMS I2C 0x36, 0x69
  Revert "Label dtbo partition as dtbo_block_device"
  Twoshay: Add SELinux Permissions for CHRE [Zuma]
  Update SELinux error
  Update SELinux error
  Add Secretkeeper HAL
  Add eusb_repeater to vendor_usb_debugfs context
  zuma: move sepolicy related to bootctrl hal to gs-common
  Removes duplicate hidraw_device type definition.
  Removes duplicate hidraw_device type definition.
  Revert "zuma: move sepolicy related to bootctrl hal to gs-common"
  Update SELinux error
  Suppress avc error log on debugfs's usb folder.
  zuma: move sepolicy related to bootctrl hal to gs-common
  hal_usb_impl: Add get_prop for vendor_usb_config_prop
  allow vendor init to access percpu_pagelist_high_fraction
  Move sg_device related policy
  Update SELinux error
  Add sepolicy entries for new BT channel
  dontaudit on dir search for vendor_votable_debugfs
  ...

 Conflicts:
	sepolicy/system_ext/private/seapp_contexts
	sepolicy/zuma-sepolicy.mk

Change-Id: I47332362d9b7c4da8e877f2a8c031d3897a06e62
 2024-03-10 09:08:23 +02:00
Michael Bestas
d9760e28fe Merge tag 'android-14.0.0_r29' into staging/lineage-21_merge-android-14.0.0_r29 
Android 14.0.0 release 29

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZeZWxwAKCRDorT+BmrEO
# eOsuAJ9g/XIKJBWTD8E2+Aqm6NMv3nukwwCeLSv4N14ocSv6KO22kRdCrxjYD5w=
# =wJqW
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Mar  5 01:18:31 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2372 signatures in the past
#      2 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Roy Luo (7) and others
# Via Automerger Merge Worker (938) and others
* tag 'android-14.0.0_r29': (140 commits)
  Fine tune media_codecs_performance_c2.xml
  Update media_codecs_performance_c2.xml for meet device performance
  Revert^3 "Use graphics allocator 2"
  Revert "Force disable MTE in Chrome in _fullmte build."
  Add trusty code coverage controller daemon
  init: make dumpstate able to read display logbuffer
  powerstats: change TPU DVFS data source from ACPM to TPU kernel
  Grant the post notification permission to Turbo
  usb: enable media-presence polling for SD cards
  config: Use carrier config in ROM by default
  Revert^2 "usb: introduce UsbDataSessionMonitor class"
  Revert "usb: introduce UsbDataSessionMonitor class"
  dump_power: add eusb_repeater path to dump registers
  zuma: include bootctrl_aidl.mk from gs-common
  zuma: move bootctrl service declaration to gs-common
  zuma: move bootctrl hal to gs-common
  Revert "zuma: move bootctrl hal to gs-common"
  Revert "zuma: move bootctrl service declaration to gs-common"
  Revert "zuma: include bootctrl_aidl.mk from gs-common"
  usb: introduce UsbDataSessionMonitor class
  ...

 Conflicts:
	device.mk
	dumpstate/item.mk

Change-Id: I9707a2ef4b5743eebf49c8d33f1c50b18030745d
 2024-03-10 09:05:36 +02:00
Michael Bestas
fe823ea469 Unset PRODUCT_BROKEN_VERIFY_USES_LIBRARIES 
Change-Id: I6f61d58e2dd419cb11f2aeb4f0faf54145c6a5ce
 2024-03-02 04:22:04 +02:00
Android Build Coastguard Worker
aabf81ebb3 Snap for 11504324 from 48a81fa140 to 24Q2-release 
Change-Id: I956eadfc7fc7a4bfc8ca4e37cc57cb5e1984977c
 2024-02-28 00:03:36 +00:00
Treehugger Robot
48a81fa140 Merge "add dsim wakeup labels" into main 2024-02-27 13:14:49 +00:00
Thiébaud Weksteen
2674171daa Merge "Revert^2 "Remove persist.bootanim.color property definitions"" into main 2024-02-26 22:40:44 +00:00
Thiébaud Weksteen
97a16aff57 Revert^2 "Remove persist.bootanim.color property definitions" 
7b238e3659

Change-Id: I56143303453cce01d812997ed4a06d815f2a6859
 2024-02-25 23:59:26 +00:00
Android Build Coastguard Worker
3307f4ea88 Snap for 11491255 from 0d051585be to 24Q2-release 
Change-Id: I0a8a82f76c6336130a8acf7ecffaf79ca23f5b84
 2024-02-24 02:03:27 +00:00
Rubin Xu
0d051585be Merge "Revert "Remove persist.bootanim.color property definitions"" into main 2024-02-23 12:42:52 +00:00
Rubin Xu
7b238e3659 Revert "Remove persist.bootanim.color property definitions" 
Revert submission 26301396-bootanim_prop

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/quarterdeck/?branch=git_main&target=sdk_goog3_x86_64-trunk_staging-userdebug&lkgb=11487950&lkbb=11488141&fkbb=11488141

Bug: 326521604

Reverted changes: /q/submissionid:26301396-bootanim_prop

Change-Id: Icad6e80687cd7cd2085018bca226b5f38f25db25
 2024-02-23 12:25:54 +00:00
Thiébaud Weksteen
de322545f2 Merge "Remove persist.bootanim.color property definitions" into main 2024-02-23 02:59:57 +00:00
Android Build Coastguard Worker
95095ad8e3 Snap for 11486370 from 1d8864cdee to 24Q2-release 
Change-Id: Id1370f2971a9084b8c12b63870695355e3a25b48
 2024-02-23 00:03:35 +00:00
Thiébaud Weksteen
f75e76f913 Remove persist.bootanim.color property definitions 
These now belong to the platform policy.

Bug: 321088135
Test: build
Change-Id: Ie7fcd37eeb176334e36a86d6ad3d66f42c1b841e
 2024-02-21 13:47:43 +11:00
Peter Lin
161bbcd1e6 add dsim wakeup labels 
Bug: 320693841
Bug: 321733124
test: ls sys/devices/platform/19440000.drmdsim/19440000.drmdsim.0/wakeup -Z
Change-Id: Ie99007455ef3879c8ee0aa1fa20801e4baf5e978
 2024-02-17 08:11:13 +00:00
Will McVicker
1d8864cdee Update tcpm i2c sepolicy with new device name 
The new names fix uninformative kernel wakelock names.

Bug: 315190967
Bug: 323447554
Change-Id: I5e0a4e13484c9886be398782e580313892987e2f
 2024-02-16 15:15:55 -08:00
Android Build Coastguard Worker
bf43e1a3ee Snap for 11434712 from 15fda1a501 to 24Q2-release 
Change-Id: I78b0593d3ab14771fca13a9f6b460a7119ea8635
 2024-02-10 22:03:29 +00:00
Weizhung Ding
15fda1a501 Add HWC permission to access IStats AIDL 
avc:  denied  { call } for  scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:r:system_server:s0 tclass=binder permissive=0

Bug: 266898132
Test: Build and check log
Change-Id: I7e5ec165df0d397250b09f5981c1f45aea27bd4c
 2024-02-10 02:18:16 +00:00
Android Build Coastguard Worker
64bc0e79d9 Snap for 11432641 from 4e66878b19 to 24Q2-release 
Change-Id: Ifacdec7e1b0ee7bdbdcf64a2af45c5bcbb67ae40
 2024-02-10 02:03:37 +00:00
Treehugger Robot
4e66878b19 Merge "[displayport-stats] add sysfs access permission on Zuma devices." into main 2024-02-09 09:17:34 +00:00
Android Build Coastguard Worker
85e20426d7 Snap for 11426397 from 6c5b44f1bb to 24Q2-release 
Change-Id: I0309a067f4c81e5e290e5bdb89925abac9dcf281
 2024-02-09 00:03:43 +00:00
Roy Luo
6c5b44f1bb hal_usb_impl: Grant read permission to usb overheat files 
Carried over from WHI PRO setting.

Bug: 307583011
Test: no audit logs
Change-Id: I45bb396f2597a4a8c150ad2975ecfa427d44f2a9
 2024-02-07 05:18:41 +00:00
Android Build Coastguard Worker
67f7e63ac4 Snap for 11413328 from a1c60e8b9e to 24Q2-release 
Change-Id: Ibccba22d42eacdbfb7d97914ebe7fc1a77e9177c
 2024-02-07 00:03:51 +00:00
Treehugger Robot
a1c60e8b9e Merge "Allow camera_app can access priv-app symlinks" into main 2024-02-06 09:32:27 +00:00
Wilson Sung
332714ffac Allow camera_app can access priv-app symlinks 
Fix: 322417347
Test: make selinux_policy
Change-Id: I467667b3a824a2e8b93e47c61c28ed9015fd44c3
 2024-02-06 08:36:39 +00:00
Android Build Coastguard Worker
59bfc7b00d Snap for 11406759 from cfe12763f2 to 24Q2-release 
Change-Id: I6708ce9d20e7be9fca1d9d08d8cfa673564cbce7
 2024-02-06 00:08:24 +00:00
Android Build Coastguard Worker
14e73ec1b7 Snap for 11399958 from fdc9af0d88 to 24Q2-release 
Change-Id: If4d44f9e39bb277df681d23254e9117a06ebf553
 2024-02-03 02:03:34 +00:00
Hongbo Zeng
cfe12763f2 Allow con_monitor_app to read/write the folder /data/vendor/radio 
Bug: 322266425
Test: after apply the patch, we can see the adum_log/adum_log_old files
      are included in dumpstate_board.bin successfully without denial

Change-Id: Ic488a84a1942fbc424b08aa0cbd4d526014152cd
 2024-02-02 15:42:31 +00:00
Wilson Sung
fdc9af0d88 Update error on ROM 11396046 
Bug: 323471016
Test: SELinuxUncheckedDenialBootTest
Change-Id: I79953f209f474b8d71e06e197795b0d55c3ffce3
 2024-02-02 08:04:40 +00:00
Android Build Coastguard Worker
2ea2f82d36 Snap for 11386701 from 98972beada to 24Q2-release 
Change-Id: Ia1b4d290e1b008fbf8a9aa388c3d5d73eceb4c67
 2024-02-01 00:03:07 +00:00
Kyle Tso
98972beada Allow dump_power to read sysfs directories 
dump_power needs to read the directories under /sys/class/power_supply.

Bug: 320613177
Bug: 322294676
Change-Id: I7bc55b90d67a1d05bb097955ed632d62535e0f40
Signed-off-by: Kyle Tso <kyletso@google.com>
 2024-01-31 07:01:55 +00:00
Wilson Sung
bbd26c9cb8 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 323086582
Test: scanBugreport
Bug: 323087490
Test: scanAvcDeniedLogRightAfterReboot
Bug: 323087197
Change-Id: I99006484464f82125a63be9c26eb8d8051c57840
 2024-01-31 02:58:43 +00:00
Xin Li
6235550122 [automerger skipped] Merge Android 24Q1 Release (ab/11220357) am: a05a0cb116 -s ours 
am skip reason: Merged-In I4a01be73d76a577d8da07c36276349525c0fda68 with SHA-1 b3e48816fa is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25972529

Change-Id: I3c95d14460c6bf995223a283b8856ffcbc7f72e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-31 02:03:39 +00:00
Android Build Coastguard Worker
67bbf21ea1 Snap for 11380007 from 0d82eda10f to 24Q2-release 
Change-Id: I3f89979b13470936e83f4db35d7bf4f9f5acf716
 2024-01-31 00:03:51 +00:00
Kadi Narmamatov
0d82eda10f Merge "Revert "rfsd: add new property to sepolicy"" into main 2024-01-30 08:36:00 +00:00
Kadi Narmamatov
aef38ed6a7 Revert "rfsd: add new property to sepolicy" 
Revert submission 25709311-rfsd-efs-erase

Reason for revert: we don't need it for this repo, only for pro

Reverted changes: /q/submissionid:25709311-rfsd-efs-erase

Bug: 315104803

Change-Id: I54e24ae99087b102c1a2f677ce4a7b2cad670992
 2024-01-30 07:02:22 +00:00
Android Build Coastguard Worker
7c228ccf63 Snap for 11373247 from 4562b9e4e1 to 24Q2-release 
Change-Id: Iebd281a0d6cd2dca6036bf7478f6f986d06813ac
 2024-01-30 02:03:47 +00:00
Kieran Cyphus
4562b9e4e1 Merge "liboemservice_proxy: Update sepolicy to hal" into main 2024-01-29 05:58:46 +00:00
Android Build Coastguard Worker
1d9cc6105a Snap for 11367679 from 6a6f65b5e5 to 24Q2-release 
Change-Id: Ifc76f34cd228823bbe13120d53ebe18aeb14cfe8
 2024-01-27 02:03:38 +00:00
Android Build Coastguard Worker
0be52ff430 Merge cherrypicks of ['googleplex-android-review.googlesource.com/26016344'] into 24Q2-release. 
Change-Id: I6e1dafd1257cc7d5640cca769707ce8391ba2a85
 2024-01-26 01:20:10 +00:00
Daniel Chapin
e079f8fa51 Revert "Allow dump_power to read directories under "/sys/class/p..." 
Revert submission 25915320-320613177

Reason for revert: Droidfood blocking bug: 322294676

Reverted changes: /q/submissionid:25915320-320613177
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a5df4f07bf774eb55aab6752aa2e8055f5a4d68e)
Merged-In: I5545dcd73cdce5ae029444c313bf5dc3f642a5c0
Change-Id: I5545dcd73cdce5ae029444c313bf5dc3f642a5c0
 2024-01-26 01:19:54 +00:00
Android Build Coastguard Worker
73c7d4484e Snap for 11361184 from b042c7713f to 24Q2-release 
Change-Id: I321b8426ca62ea50da1ba5a3acfb90b2f1e267c5
 2024-01-26 00:03:40 +00:00
Daniel Chapin
6a6f65b5e5 Merge "Revert "Allow dump_power to read directories under "/sys/class/p..."" into main 2024-01-25 22:59:25 +00:00
Android Build Coastguard Worker
c4018c027d Merge cherrypicks of ['googleplex-android-review.googlesource.com/26016344'] into 24Q2-release. 
Change-Id: Ia7d81dc488d5504d9f762a53f4aae2b8bc1d3d36
 2024-01-25 21:56:55 +00:00
Daniel Chapin
0fe87230aa Revert "Allow dump_power to read directories under "/sys/class/p..." 
Revert submission 25915320-320613177

Reason for revert: Droidfood blocking bug: 322294676

Reverted changes: /q/submissionid:25915320-320613177
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:a5df4f07bf774eb55aab6752aa2e8055f5a4d68e)
Merged-In: I5545dcd73cdce5ae029444c313bf5dc3f642a5c0
Change-Id: I5545dcd73cdce5ae029444c313bf5dc3f642a5c0
 2024-01-25 21:56:35 +00:00
Daniel Chapin
a5df4f07bf Revert "Allow dump_power to read directories under "/sys/class/p..." 
Revert submission 25915320-320613177

Reason for revert: Droidfood blocking bug: 322294676

Reverted changes: /q/submissionid:25915320-320613177

Change-Id: I5545dcd73cdce5ae029444c313bf5dc3f642a5c0
 2024-01-25 21:44:18 +00:00
kierancyphus
0cdeda46b2 liboemservice_proxy: Update sepolicy to hal 
This was wrongly configured originally, and has instead been modified to
follow the advice from
https://source.android.com/docs/core/architecture/aidl/aidl-hals#sepolicy.

Test: atest vts_treble_vintf_vendor_test:DeviceManifest/SingleAidlTest
Bug: 321867236

Change-Id: I75df4696660b2c052324313785b244c263ebd75b
 2024-01-25 17:51:51 +08:00
Android Build Coastguard Worker
15714494b7 Snap for 11355999 from ab46db5fef to 24Q2-release 
Change-Id: I709de8b648dbbe769e0f8e01de7638e68a59c6db
 2024-01-25 02:34:26 +00:00
Angela Wu
b042c7713f [automerger skipped] Change the type of hw_jpg_device for selinux policy so that the GCA release flavor could access hw_jpg_device am: 3b30421350 -s ours 
am skip reason: Merged-In If77a097b4ca823322ef41b13d6283390dac69d6c with SHA-1 0d32d1c172 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25983001

Change-Id: I5424ea5b92ff1b9bff957b86bfabf6dccb766f22
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-25 02:19:53 +00:00
Treehugger Robot
ab46db5fef Merge "Add capacity_headroom to gpu sysfs" into main 2024-01-24 23:30:45 +00:00
Sean Callanan
d7decd5eee Add capacity_headroom to gpu sysfs 
This allows userspace (notably the power HAL) to apply a boost to GPU
frequency independent of previously measured load.

Bug: 290625326
Test: boot, run modified Power HAL
Change-Id: Ia71266ee751a36a960706ac8aacc7fdefdf8a0f0
 2024-01-24 21:46:23 +00:00
Angela Wu
3b30421350 Change the type of hw_jpg_device for selinux policy so that the GCA release flavor could access hw_jpg_device 
Bug: 320410642
Test:m
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0d32d1c172c19186a7ac4fd3eb316a9b947d612d)
Merged-In: If77a097b4ca823322ef41b13d6283390dac69d6c
Change-Id: If77a097b4ca823322ef41b13d6283390dac69d6c
 2024-01-24 09:47:42 +00:00
Weizhung Ding
3d156c0ad6 [displayport-stats] add sysfs access permission on Zuma devices. 
Bug: 266898132
Test: Build
Change-Id: I4c5bd4729f837c843668c447abbbe4c34beb3fce
 2024-01-24 08:28:40 +00:00
Wilson Sung
abb7616f3d Merge "Update Tracking Denial Bug Map" into main 2024-01-24 07:56:49 +00:00
Imo Richard Umoren
770a65f4a9 Update Tracking Denial Bug Map 
Removes tracking denial for twoshay from bug map

Bug: b/315104941
Test: Manually tested on HK3 DVT
Change-Id: I6cd8f390e98fc98925ed807a2ff24a33c51c75cd
 2024-01-22 18:32:09 +00:00
Kyle Tso
4e48a45727 Allow dump_power to read directories under "/sys/class/power_supply" 
Bug: 320613177
Change-Id: I1a39ddb5fbbf4c62fa5b96e3562b34f2f2091c13
Signed-off-by: Kyle Tso <kyletso@google.com>
 2024-01-22 08:52:59 +00:00
Android Build Coastguard Worker
ee21609fbb Merge cherrypicks of ['googleplex-android-review.googlesource.com/25837251', 'googleplex-android-review.googlesource.com/25874901'] into 24Q1-release. 
Change-Id: I483350f4a19a089428f0ad77bf38808818732f47
 2024-01-19 21:22:44 +00:00
wenchangliu
740a8ae223 Fine tune media_codecs_performance_c2.xml 
Fine tune a stable performance table to mitigate CTS flaky results.

Bug: 317441297
Test: run cts -m CtsVideoTestCases -t android.video.cts.VideoEncoderDecoderTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b9a68d227d4f1c912630c7116152f22e33df8245)
Merged-In: If8b28c55db43d3d050c3c6c3edb29552c13e5b6a
Change-Id: If8b28c55db43d3d050c3c6c3edb29552c13e5b6a
 2024-01-19 21:21:27 +00:00
wenchangliu
16929cd7da Update media_codecs_performance_c2.xml for meet device performance 
Fine tune the performance table since the change in CPU policy for
power saving cause some encoder performance results from the CTS
are not able to meet pass criteria from the original performance
measurement results.

Bug: 317441297
Test: run cts -m CtsVideoTestCases -t android.video.cts.VideoEncoderDecoderTest
Test: run cts -m CtsVideoTestCases -t android.video.cts.CodecDecoderPerformanceTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:90186aa1f3e6c79a210618014523016bd241c248)
Merged-In: Ib75d3f35c5ea2e2dc80ba192d738d54140a09d68
Change-Id: Ib75d3f35c5ea2e2dc80ba192d738d54140a09d68
 2024-01-19 21:21:17 +00:00
Xin Li
a05a0cb116 Merge Android 24Q1 Release (ab/11220357) 
Bug: 319669529
Merged-In: I4a01be73d76a577d8da07c36276349525c0fda68
Change-Id: I44d74dbe5baa23c7b90c7a6703dee5e856801942
 2024-01-17 22:13:21 -08:00
Android Build Coastguard Worker
1c44d8f2c4 Snap for 11324029 from 2d8e52e176 to 24Q2-release 
Change-Id: If44c54f88112725dbd1e6a10debf24f515001055
 2024-01-18 00:04:02 +00:00
Wilson Sung
2d8e52e176 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 320693841
Change-Id: Ia3ffe885f02a8db86d6bd024d34135fd1ce30d7b
 2024-01-17 17:42:53 +00:00
Angela Wu
740cebf8f0 Merge "Change the type of hw_jpg_device for selinux policy so that the GCA release flavor could access hw_jpg_device" into main 2024-01-17 00:32:01 +00:00
Wilson Sung
148d3558f8 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 319403445
Change-Id: I470afdd191741401c197ae32bfff18e9d8b90a96
 2024-01-16 19:20:02 +00:00
Angela Wu
0d32d1c172 Change the type of hw_jpg_device for selinux policy so that the GCA release flavor could access hw_jpg_device 
Bug: 320410642
Test:m

Change-Id: If77a097b4ca823322ef41b13d6283390dac69d6c
 2024-01-16 08:51:05 +00:00
Android Build Coastguard Worker
1d9dd174f1 Snap for 11314147 from feffef59dd to 24Q2-release 
Change-Id: I19639348851d6e0858d06295f91ed97397bcbf20
 2024-01-16 00:04:07 +00:00
Treehugger Robot
feffef59dd Merge "Allow Powerstats service to access refresh rate residency node" into main 2024-01-15 01:24:29 +00:00
Android Build Coastguard Worker
5c50384b56 Snap for 11308440 from 389a451f8f to 24Q2-release 
Change-Id: Ieb321ecac121fe8c10012848c97614e49e347657
 2024-01-13 02:09:13 +00:00
Midas Chien
d6e79769c1 Allow Powerstats service to access refresh rate residency node 
Bug: 315424658
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I86288b4f523b4463a46d710a6556fa6852d4bea0
 2024-01-12 13:01:17 +00:00
Mahesh Kallelil
389a451f8f Merge "Remove modem_svc selinux error from denials bug_map" into main 2024-01-12 06:43:44 +00:00
Android Build Coastguard Worker
881919a5e6 Snap for 11302939 from 80e1b3708f to 24Q2-release 
Change-Id: I539560b305834f90f9dc01f16c51dde467cbb6e7
 2024-01-12 01:11:41 +00:00
Android Build Coastguard Worker
7cf74df212 Merge cherrypicks of ['googleplex-android-review.googlesource.com/25846827'] into 24Q1-release. 
Change-Id: Ief51a9b887dbd9f89fc358345fdfb1efe25f4b71
 2024-01-11 22:19:25 +00:00
Android Build Coastguard Worker
d3936229d9 Merge cherrypicks of ['googleplex-android-review.googlesource.com/25843216'] into 24Q1-release. 
Change-Id: I57a9ef4f681a6035385a7608fd1e08b3f9424605
 2024-01-11 22:19:21 +00:00
Ken Yang
e2b363b48b selinux: label wakeup for BMS I2C 0x36, 0x69 
Bug: 319035561
Signed-off-by: Ken Yang <yangken@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:137c2ebd5ab839f5164058b2c5c028de9e4b4ebe)
Merged-In: Ib57dba71691f70b75fbae23208125fa750b32dc1
Change-Id: Ib57dba71691f70b75fbae23208125fa750b32dc1
 2024-01-11 22:17:40 +00:00
Devika Krishnadas
697482718f Revert^3 "Use graphics allocator 2" 
4c7ea96e6b

Reverting to comply with the Allocator VTS for 24Q1, do not merge to main.

Bug: 310046460
Test: VtsHalGraphicsAllocatorAidl_TargetTest
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b84cbaaeb5757a765755f6f051133fe5be3f88fd)
Merged-In: Id8b721b05dc20032d13aed469327e8e996b0cffe
Change-Id: Id8b721b05dc20032d13aed469327e8e996b0cffe
 2024-01-11 22:17:30 +00:00
Mahesh Kallelil
1d8bcd694b Remove modem_svc selinux error from denials bug_map 
This property was removed and is not being used anymore. So
modem_svc will not need to read it.

Bug: 316816737
Change-Id: Iaee56d15ca69e91fe952eaa188d3aaec69edf5dc
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2024-01-11 09:48:44 -08:00
Inseob Kim
80e1b3708f Label dtbo_block_device with flag-guarding am: 0c15160cad am: f817f9b687 am: bd1ea77736 
Original change: https://android-review.googlesource.com/c/device/google/zuma-sepolicy/+/2903809

Change-Id: I445a175dd8daabc19da05f9d08690955d836f21c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-11 04:07:09 +00:00
Inseob Kim
bd1ea77736 Label dtbo_block_device with flag-guarding am: 0c15160cad am: f817f9b687 
Original change: https://android-review.googlesource.com/c/device/google/zuma-sepolicy/+/2903809

Change-Id: I88784ab20f5e4a4c97000784e426a446a769777c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-11 03:02:37 +00:00
Inseob Kim
f817f9b687 Label dtbo_block_device with flag-guarding am: 0c15160cad 
Original change: https://android-review.googlesource.com/c/device/google/zuma-sepolicy/+/2903809

Change-Id: I0f245e7f165401304b99d07ef7c064d9d86f0a74
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-11 02:31:13 +00:00
Android Build Coastguard Worker
35a5c34e28 Merge cherrypicks of ['android-review.googlesource.com/2903808'] into 24Q1-release. 
Change-Id: Iae28324db8a5570850169e58473e4c24313ad553
 2024-01-11 01:39:33 +00:00
Inseob Kim
b8e8d51428 Revert "Label dtbo partition as dtbo_block_device" 
This reverts commit 3773ca269e.

Reason for revert: b/319035582

Bug: 319035582
Test: boot
(cherry picked from https://android-review.googlesource.com/q/commit:f05143f43c483515a07d064522b43a58dfd1a772)
Merged-In: I3c2a5b5bc871aa506396c12d6e1fa036858c1273
Change-Id: I3c2a5b5bc871aa506396c12d6e1fa036858c1273
 2024-01-11 01:35:50 +00:00
Android Build Coastguard Worker
c3ab3dd558 Snap for 11297328 from 64fd14fdd8 to 24Q2-release 
Change-Id: I109b9690c02f80ec87f11a46d4261d63f308f8d2
 2024-01-11 00:06:28 +00:00
Inseob Kim
64fd14fdd8 Revert "Label dtbo partition as dtbo_block_device" am: f05143f43c am: 478449e638 am: 93607ec24a 
Original change: https://android-review.googlesource.com/c/device/google/zuma-sepolicy/+/2903808

Change-Id: I9b7a68fd405327f22a08b9ba8759a45ee51a8b35
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-10 10:55:30 +00:00
Inseob Kim
93607ec24a Revert "Label dtbo partition as dtbo_block_device" am: f05143f43c am: 478449e638 
Original change: https://android-review.googlesource.com/c/device/google/zuma-sepolicy/+/2903808

Change-Id: Ib54efad23c80ce27e140270759cada42332dd77b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-10 10:24:49 +00:00
Inseob Kim
478449e638 Revert "Label dtbo partition as dtbo_block_device" am: f05143f43c 
Original change: https://android-review.googlesource.com/c/device/google/zuma-sepolicy/+/2903808

Change-Id: If197a913485f18554bf650c37c85911afa00a804
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-10 09:54:32 +00:00
Inseob Kim
0c15160cad Label dtbo_block_device with flag-guarding 
Bug: 319035582
Test: run device assignment demo
Change-Id: I813be88391c9ff79d94e504149963160f1d74b2c
 2024-01-10 17:02:34 +09:00
Inseob Kim
f05143f43c Revert "Label dtbo partition as dtbo_block_device" 
This reverts commit 3773ca269e.

Reason for revert: b/319035582

Bug: 319035582
Test: boot
Change-Id: I3c2a5b5bc871aa506396c12d6e1fa036858c1273
 2024-01-10 17:02:14 +09:00
Ken Yang
137c2ebd5a selinux: label wakeup for BMS I2C 0x36, 0x69 
Bug: 319035561
Change-Id: Ib57dba71691f70b75fbae23208125fa750b32dc1
Signed-off-by: Ken Yang <yangken@google.com>
 2024-01-10 06:14:37 +00:00
Android Build Coastguard Worker
9b18e7ef87 Snap for 11292102 from 52beafc4c4 to 24Q2-release 
Change-Id: I28e751a89b65d103cafd7e2c66e3eea6a33e06e2
 2024-01-10 00:04:15 +00:00
Android Build Coastguard Worker
6cbcbcc2d9 Snap for 11286711 from 8b02313642 to 24Q2-release 
Change-Id: I4d3fbcee0f41c9241dc720eb59f2511f0b97917c
 2024-01-09 00:04:05 +00:00
Nolen Johnson
5a496e36d0 zuma: Build with 64-bit only GMS if WITH_GMS 
* We are 64-bit only and therefore need this config selected.

Change-Id: Ifa31c29bad479f3a54859f51f2ce7a72b29895fa
 2024-01-08 11:10:10 +02:00
Lei Ju
52beafc4c4 [zuma] Use common settings for Contexthub HAL 
Test: compilation
Bug: 248615564
Change-Id: I6691b23af6e532584f4dee9618c264b20b8873c0
 2024-01-07 20:10:59 -08:00
Aaron Tsai
8b02313642 Remove tracking for b/316991604. 
- no need to fix, so just remove the tracking record

Bug: 316991604
Test: manual test
Change-Id: Ifa70774650d3beaed5abd57297a3372f8d33661e
 2024-01-08 02:58:11 +00:00
Treehugger Robot
d8c8e6f873 Merge "face: remove tracking for 305600857" into main 2024-01-08 01:06:39 +00:00
Android Build Coastguard Worker
fe0927a252 Snap for 11282454 from a03af7a36c to 24Q2-release 
Change-Id: I569f403959a0562504abc4ebef8986b3e51498b6
 2024-01-06 22:03:16 +00:00
Michael Bestas
9f93b65da3 Merge tag 'android-14.0.0_r20' into staging/lineage-21_merge-android-14.0.0_r20 
Android 14.0.0 release 20

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZZXyAwAKCRDorT+BmrEO
# eGhRAJ0ZrwN/OgAg7hWFx+NymGua8TzcTQCfWLmoInHHJyqgKYP7fDzcGWo79g4=
# =kbwW
# -----END PGP SIGNATURE-----
# gpg: Signature made Thu Jan  4 01:47:15 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2224 signatures in the past
#      2 years.  Encrypted 4 messages in the past 24 months.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Hungyen Weng (1) and Ruofei Ma (1)
# Via Android Build Coastguard Worker
* tag 'android-14.0.0_r20':
  config: Use carrier config in ROM by default
  Enable adaptive playback for BigWave

Change-Id: I41d31e69f5f1ef63e9843766ca7fd2c6fab023d6
 2024-01-06 14:59:23 +02:00
Nicole Lee
a03af7a36c Allows modem_svc to read the logging related properties am: 93020c0564 am: 8749626448 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25806672

Change-Id: I7934a5ed2936e9f42ed022fa1853974cab5019a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-06 01:00:09 +00:00
Nicole Lee
8749626448 Allows modem_svc to read the logging related properties am: 93020c0564 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25806672

Change-Id: I0f55efc6a18dd8e863debeaf47e32c67fbfdd6c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-01-06 00:29:58 +00:00
Android Build Coastguard Worker
8407aa2501 Merge cherrypicks of ['android-review.googlesource.com/2896760'] into 24Q1-release. 
Change-Id: Ia3aad662ab2d0c2526bd7f50fa2987ffc30e59de
 2024-01-05 21:08:14 +00:00
Evgenii Stepanov
b455f212b8 Revert "Force disable MTE in Chrome in _fullmte build." 
This reverts commit 4a1f9459e5.

The Chrome issue has been fixed upstread and this workaround is no
longer needed; in fact, it triggers another issue where conflicting MTE
mode settings make newer Chrome versions crash at startup.

Bug: 297266100
Bug: 305005339
Bug: https://crbug.com/1515053
Test: chrome still does not crash; debuggerd shows MTE is enabled (grep
for TCF_MTE)
(cherry picked from https://android-review.googlesource.com/q/commit:ff0cc4d3f416080b1f2a7bc6dea186805aa47022)
Merged-In: Iee2b704c4ea39b5809193c1ceed3b8f41618dd40
Change-Id: Iee2b704c4ea39b5809193c1ceed3b8f41618dd40
 2024-01-05 21:03:12 +00:00
Nicole Lee
93020c0564 Allows modem_svc to read the logging related properties 
avc:  denied  { read } for  comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=387 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 316250607
Change-Id: If1942986a0804e24b13c021740f7df8f406e53c2
(cherry picked from commit 728e6baa64)
 2024-01-05 04:40:14 +00:00
Android Build Coastguard Worker
656f222656 Snap for 11275524 from b808c32b7d to 24Q2-release 
Change-Id: I7111d4cee52086c0c30e85e7e1095ced4166eff0
 2024-01-05 00:03:41 +00:00
Ilya Matyukhin
0e9173dfa2 face: remove tracking for 305600857 
The policy was fixed in:
Ia8e4599e7cd44c815e88a34ee7d9229a3391b598

Bug: 305600857
Test: adb logcat | grep "avc:"
Change-Id: I831acc083c118ca35d095d040aedcd9b85cfb3a5
 2024-01-04 22:23:16 +00:00
Treehugger Robot
b808c32b7d Merge "Allows modem_svc to read the logging related properties" into main 2024-01-04 10:09:18 +00:00
Nicole Lee
728e6baa64 Allows modem_svc to read the logging related properties 
avc:  denied  { read } for  comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=387 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 316250607
Change-Id: If1942986a0804e24b13c021740f7df8f406e53c2
 2024-01-02 08:50:36 +00:00
Kiyoung Kim
0d7dcca863 Remove SELinux error from b/313804706 
Remove SELinux error from b/313804706 as the issue is solved now.

Bug: 313804706
Test: No selinux denial error from boot with husky-trunk_staging-userdebug build
Change-Id: I19c7fba663abac4d180b6a144f0aff5d108806f6
 2024-01-02 04:30:16 +00:00
Android Build Coastguard Worker
862d1ebdca Snap for 11260009 from 839ddde474 to 24Q2-release 
Change-Id: I860e30e0c1c8e1d4baf0806bc7b3026d3379e3ae
 2023-12-29 00:03:51 +00:00
Jasmine Cha
839ddde474 audio: remove denials list for dcservice 
Bug: 299553227
Test: boot to home with test build b/299553227#comment8

Change-Id: I9ee23a9aa753d891d233e337908c2091d63f3834
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-12-28 05:10:34 +00:00
Lei Ju
5a4795ccd7 Merge "[zuma] Update chre sepolicy for socket connection" into main 2023-12-28 03:50:00 +00:00
Android Build Coastguard Worker
21df9eb2b7 Snap for 11257657 from 26b57fcdc6 to 24Q2-release 
Change-Id: I47f5f9f67346ffdcb62f74a8796f53e24087c979
 2023-12-28 00:03:41 +00:00
Ján Sebechlebský
26b57fcdc6 Merge "Remove bug_map entry for dumpstate <-> virtual_camera" into main 2023-12-27 15:31:07 +00:00
Jan Sebechlebsky
76ea521186 Remove bug_map entry for dumpstate <-> virtual_camera 
The denial was fixed in aosp/2852613.

Bug: 312894238
Test: N/A
Change-Id: I3121489729e23afa10904cb97f547e965e0c68f4
 2023-12-27 14:04:36 +01:00
Lei Ju
8587126f45 [zuma] Update chre sepolicy for socket connection 
With multiclient HAL, the socket server domain changes from chre to
hal_contexthub_default.

Bug: 248615564
Test: updated the sepolicies and observed that avc violation logs
      disappears.
Change-Id: I4b2d27b436c9d81bd0d0cdc5b3c1540884c37fec
 2023-12-27 00:02:57 -08:00
timtmlin
404089ca94 Remove obsolete entries 
Bug: 315720601
Bug: 315720874
Test: make
Change-Id: I538c76e009c6d29c9d2cac39778decc679446906
 2023-12-27 15:23:58 +08:00
Wilson Sung
5b30dbfbb3 Allow SysUI to write protolog file 
This is enabled on debuggable builds only, includes
- Grant mlstrustedsubject typeattribute to wm_trace_data_file
- Grant systemui_app the write access to
  wm_trace_data_file

Bug: 251513116
Fix: 288049075
Test: make sepolicy
Change-Id: Ifa5a5281c6e8c7ecedcd601fc8cc58c4be6bdc3b
 2023-12-27 11:01:12 +08:00
Android Build Coastguard Worker
6e2cf65d55 Snap for 11251507 from 569134db41 to 24Q2-release 
Change-Id: I616426daa3fd7cb04c9a894954e3372c4be82198
 2023-12-23 02:03:36 +00:00
Shiyong Li
569134db41 Merge "display: support primary display preferred mode property" into main 2023-12-22 19:54:46 +00:00
Chi Zhang
f965c0b222 Merge "Allow GRIL to get power stats." into main 2023-12-22 19:29:06 +00:00
Kadi Narmamatov
09c85a0567 Merge "rfsd: add new property to sepolicy" into main 2023-12-22 09:10:49 +00:00
Android Build Coastguard Worker
f515c49e9f Snap for 11248037 from 79ba49730b to 24Q2-release 
Change-Id: I94b0abd6c9ed508551eb70cd84433187f647a84f
 2023-12-22 00:05:55 +00:00
Shiyong Li
d26ab660b8 display: support primary display preferred mode property 
Bug: 315895938
Test: check default mode after factory reset
Change-Id: Ia5a4c12537d50faf54ed5ea82d24e52a623c34e3
Signed-off-by: Shiyong Li <shiyongli@google.com>
 2023-12-21 20:12:45 +00:00
Wilson Sung
79ba49730b Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 317316633
Change-Id: I8c1b97d6c65ec06e0a13e1447538f7cebf21d962
 2023-12-21 07:37:01 +00:00
Android Build Coastguard Worker
8d92dbd2cb Snap for 11243032 from f8f64b668c to 24Q2-release 
Change-Id: I32d1863f4856300aabedf80ebad8c6cdced579fb
 2023-12-21 00:04:19 +00:00
kadirpili
5c28db1f6b rfsd: add new property to sepolicy 
Bug: 307481296
Change-Id: Icd287f863fd6d309297ce984f4ce387fb5d3ae24
 2023-12-20 07:27:32 +00:00
Chi Zhang
a2e8969139 Allow GRIL to get power stats. 
SELinux : avc:  denied  { find } for pid=3147 uid=10219 name=android.hardware.power.stats.IPowerStats/default scontext=u:r:grilservice_app:s0:c219,c256,c512,c768 tcontext=u:object_r:hal_power_stats_service:s0 tclass=service_manager permissive=1

Bug: 286187143
Test: build and boot
Change-Id: I6df25e78ba8fa8efaa7f51aed8e981ac382dcd29
 2023-12-19 12:22:08 -08:00
Wilson Sung
f8f64b668c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 316991604
Change-Id: Ic90ace8d5b6ac787030f6fd26d96f41677fcca42
 2023-12-19 06:27:10 +00:00
Michael Bestas
d5389c2f7c zuma: sepolicy: Don't label SystemUI as systemui_app 
While this might be useful on Pixel stock ROM, this serves no purpose
anywhere else. In fact, it makes it more fragile, as we'd need to track
platform SystemUI related SELinux changes ourselves.

Change-Id: I205df902649fd712a89f21f51099e088c5bdef2e
 2023-12-19 04:01:19 +02:00
Scott Warner
1daa52063d zuma: Add Lineage dependencies 
Change-Id: I5337e8d48f3a468362c936de9a545ddec46446d0
 2023-12-19 04:01:19 +02:00
LuK1337
fe43acad74 zuma: Add liboemcrypto.so to vendor linker config 
This lets com.google.android.widevine.apex access it.

Change-Id: I4e9654fe6317b722f5fbf43b92abb367c18640ce
 2023-12-19 04:01:19 +02:00
Rashed Abdel-Tawab
4e5a90058b zuma: Build a disabled vbmeta image 
Squashed with:
Author: Nolen Johnson <johnsonnolen@gmail.com>
Date:   Sun May 9 16:04:34 2021 -0400

    Simplify AVB flag logic

    * AVB's `--flags 3` argument builds a disabled VBMeta with
      disabled hashtree, so no need to set both flags individually.

    Change-Id: Ibe9ee322a5af58f13e76d53e18dee49451fe8838

Change-Id: Ie8f1e0929b037b35b5e45c2e31be9253fa0bb097
 2023-12-19 04:01:19 +02:00
Neel Chauhan
0e61ff4290 Revert "Enable compressed snapshots/VABc." 
Virtual AB compression prevents GApps from being installed to
cheetah/panther.

This reverts commit 2bfa6d3ba01856d99c6ffdb64627c6e9391c4a41.

Change-Id: I119b8e042e4cdeec27a19ab5dd4f0666cc115ae1
 2023-12-19 04:01:19 +02:00
Michael Bestas
b4feb51d80 zuma: Build Lineage Health HAL 
Change-Id: I70cc903a03ac9fa3303bb8fa039c9de4806449bf
 2023-12-19 04:01:18 +02:00
Alessandro Astone
bbeede9845 zuma: Build pixel touch HAL 
Change-Id: I45cff81e1159613094440dd7b2b73b53519c9de6
 2023-12-19 04:01:18 +02:00
Chirayu Desai
2373f07317 zuma: Allow radio access to IOemSlsiRadioExternal 
Change-Id: Ib5d57b199b3e8288cd3de0c12898f0c1d679be4a
 2023-12-19 04:01:18 +02:00
Michael Bestas
4111ace6d0 zuma: Label additional UWB services 
Change-Id: Ia938529497a5b274354366e6d8c8579184be491c
 2023-12-19 04:01:18 +02:00
Michael Bestas
81e39653bf zuma: Label vendor.dolby.media.c2@1.0-service 
Change-Id: I89fb4c149aed94cf2f7c3d34f7fde5877175b1e2
 2023-12-19 04:01:18 +02:00
Michael Bestas
b8c2535b0a zuma: Include missing vendor sepolicy 
Change-Id: Id35fb4b22e2ee8dfafdfb8ae601ab823435d2b94
 2023-12-19 04:01:18 +02:00
Danny Lin
7290cdcbe0 zuma: Update seapp certificates to match stock presigned apps 
Certificates extracted from stock vendor_mac_permissions.xml using
adevtool: https://github.com/kdrag0n/adevtool

Change-Id: Iaf59f1548905d16fe7ad231c039ba43941c15710
 2023-12-19 04:01:18 +02:00
Alessandro Astone
077a43c106 zuma: Fix public key for EuiccSupportPixel sepolicy domain 
Change-Id: I00f7a9a2b0f41d08af3262b0efd625dd2b6e1c9f
 2023-12-19 04:01:17 +02:00
ReallySnow
7d2abccb6d zuma: Add AiAi allowlist 
* In Android 12, Android System Intelligence (com.google.android.as) uses
  some of the Private Compute Service (com.google.android.as.oss) services.
  The absence of these Allowlists will cause Android System Intelligence
  to fail to connect to the network and cause collapse.
* We don't need to extract google.xml to fix it, just extract the AiAi part

Change-Id: I446ae5d243cff134901094f82c90a0bbf3bb4381
 2023-12-19 04:01:17 +02:00
Danny Lin
77fd31a831 zuma: Squashed import of AiAi configs 
Co-authored-by: Alessandro Astone <ales.astone@gmail.com>
Co-authored-by: Michael Bestas <mkbestas@lineageos.org>
Change-Id: I78bd7d04cbd0b35f6a8c01df3a8c1013d99bbf42
 2023-12-19 04:01:17 +02:00
razorloves
5c4e35db24 zuma: Hide user facing crash dialog for EUICC app 
The GoogleParts app disables the EUICC app when there's no GMS, but it
doesn't happen quick enough. The crash dialog pops up a few times right
after initial boot up. There's no need to alarm the user, so hide it.

Change-Id: Ia06b336b30a8886bae522c6e8a76a1ca15da5edd
 2023-12-19 02:29:48 +02:00
Peter Cai
b9041c91bf zuma: Disable Euicc when GMS and GSF are not installed 
* This avoids EuiccGoogle / GoogleCarrierServices crashing, taking the
  whole telephony stack with them when no GMS or GSF is installed.
* Compared to change 274251, this approach is no-op when GAPPS add-on is
  flashed before the first boot, and thus should not cause issues with
  eSIM when GAPPS is flashed.
* With microG, this also works after installing the microG GMS & GSF
  packages and rebooting, although manual activation of the eSIM is
  needed via Settings - Network.
* The only downside is that users will still see one or two crashes
  during the first boot because our application only starts after the
  device is booted.

Change-Id: I4a11c93e855978abbf8d84fdbe4ffc8b2aedc27c
 2023-12-19 02:29:48 +02:00
Michael Bestas
5ab70064b3 zuma: Inherit common partition reserved sizes 
Change-Id: I444ce2fcd37cdfa58d83a7e872dc547fb05a2a89
 2023-12-19 02:29:48 +02:00
Michael Bestas
898ca9895d zuma: Do not compile AoC audio for Lineage builds 
Change-Id: Ibb75612ccbd41bc078b6bbd49ea442c2a9c00f15
 2023-12-19 02:29:48 +02:00
Michael Bestas
40ea12a5d7 zuma: Include missing ConnectivityThermalPowerManager sepolicy 
Change-Id: I1e0f05159a6797251ed85360966aa45246005bbd
 2023-12-19 02:29:48 +02:00
Danny Lin
b8a90a37be zuma: Allow ConnectivityThermalPowerManager to request thermal mitigation 
ConnectivityThermalPowerManager mainly exists to manage thermal
mitigation.

Change-Id: I7d1ad7cb45a24697e444ac1f85ccfb507cb1ce49
 2023-12-19 02:29:47 +02:00
Danny Lin
0f2864ff5d zuma: Configure ConnectivityThermalPowerManager 
Extracted from stock UQ1A.231205.015 on husky/shiba.

Change-Id: I71ad5adf9bf64bb1e30354446220d5769a9d44ca
 2023-12-19 02:29:46 +02:00
Android Build Coastguard Worker
94d8cd70fc Snap for 11232546 from 31c017f325 to 24Q2-release 
Change-Id: Icbc9c2dd20049727b0001e81faa119e6e9a3d686
 2023-12-19 00:04:50 +00:00
Wilson Sung
31c017f325 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 316816737
Bug: 316816642
Change-Id: Ie61999d23158c81e2acb4d23eb106cb6f61f9b88
 2023-12-18 03:28:40 +00:00
Android Build Coastguard Worker
7826714062 Snap for 11227258 from b3e48816fa to 24Q2-release 
Change-Id: I83dc98cbd6e766b4bc1d0ee18052e9f73c70eda1
 2023-12-16 02:02:44 +00:00
Android Build Coastguard Worker
91309215e8 Snap for 11220357 from 25a875d403 to 24Q1-release 
Change-Id: I32db3eef99d44744cc88312240c3748f2d02689a
 2023-12-15 00:23:08 +00:00
Danny Lin
f643373281 zuma: Enable Adaptive Connectivity setting 
This feature is provided by the ConnectivityThermalPowerManager app that
we extract as a proprietary blob, so we can expose it.

Change-Id: I407e9e2235531fbca0b2c0e48b68105b1e77ad1f
 2023-12-14 14:26:35 +02:00
Michael Bestas
43a2406e3b zuma: Remove quick_qs_{offset,total}_height overlays 
Commit 49895bb361e74ffe92a3c0b76f988c8e4697b5c1 in device/google/gs101
failed to remove these overlays. Since this tree was created from
device/google/gs101, this results in the following issue on shusky:
* Pull down status bar
* Try to adjust brightness, network settings open instead

This is caused by the 171px offset that causes the status bar
to overlap the brightness slider.

Test: Reliably adjust brightness, confirm with "Show layout bounds"
      from developer settings.
Change-Id: I1b97a28c257cb5b0faba830f29e9058d2dbe50fa
 2023-12-14 14:26:01 +02:00
Nolen Johnson
153ce0184e zuma: Set camera extension package to Google package 
Change-Id: I519ebf8a1e2a9d06561471206c91c01b352ebd47
 2023-12-14 14:25:54 +02:00
LuK1337
4e7d985621 zuma: overlay: Add reboot to fastbootd 
Change-Id: I733b4d29129f85b92222e292af46602310b9f29f
 2023-12-14 14:25:45 +02:00
Michael Bestas
e10206f6be zuma: Set default screen brightness 
Extracted from stock.

Change-Id: I8a5e2c8717c145e66aaa0e926ceefc7e117b04c2
 2023-12-14 14:25:37 +02:00
razorloves
d5c115be1b zuma: Set auto brightness mode on by default 
* Stock sets this on by default, mirror that behavior.

Change-Id: I5cb8e3db27849ebd90459a6d70e053158c05bcc9
 2023-12-14 14:25:29 +02:00
Danny Baumann
5a4ee31fb3 zuma: Enable call recording 
Change-Id: I1b4478b330b13cf5d0fe1ed0d40f43e4b3825f33
 2023-12-14 14:24:32 +02:00
razorloves
16612f9b09 zuma: Set OPA property to enable google assistant 
Change-Id: I741171219d64a28d56531f063f95f3f6f6cf81e6
 2023-12-14 14:24:20 +02:00
razorloves
6be82f9ba3 zuma: Use CarrierSettings app instead of CarrierConfig 
The CarrierSettings app enables/disables carrier apps based on sim
inserted, so use it instead of CarrierConfig.

Change-Id: I163dd615e9d8268c5f94a28ae234a30f74c7e83b
 2023-12-14 14:23:58 +02:00
Michael Bestas
370e538a40 zuma: Set config_nightDisplayColorTemperatureCoefficients 
Extracted from stock.

Change-Id: I5d69d01204b0dd86a7205eb3b16e02f97a7f3db2
 2023-12-14 14:23:41 +02:00
Danny Lin
067d352cc0 zuma: Enable USB and skin temperature warnings 
Extracted from stock.

Change-Id: I951f60579a4b7fa2dcc270b5acd433ad1ecb083c
 2023-12-14 14:23:33 +02:00
Dan Pasanen
41b118d126 zuma: enable config_vibrateOnIconAnimation 
* need those sexy vibes

Change-Id: If5671135879f6f4069d0ed881b41b0a243890349
 2023-12-14 14:23:21 +02:00
Michael Bestas
9c058d7f12 zuma: overlay: Update multiple vibration strength levels overlay for 13 
Change-Id: If17503f2dd4bd4d6e333891f9649a7db8d809852
 2023-12-14 14:22:19 +02:00
Danny Lin
d2803aa9d6 zuma: overlay: Settings: Enable multiple vibration strength levels 
All production zuma devices have CS40L2x haptic driver ICs that support
multiple intensities, so expose the Off/Low/Medium/High vibration
strength options like stock.

Change-Id: I72645b5bd5772e182592a630df86f9b6166b4923
 2023-12-14 14:22:17 +02:00
mydongistiny
9dbedaab9e zuma: Add back saturated color mode 
Change-Id: I183c2eabe7c3918fde6c37b0aa360ed7e94f6b61
 2023-12-14 14:16:44 +02:00
Danny Lin
5308b6f994 zuma: Don't pin camera app in memory 
The default camera app can be *huge* in some cases, e.g. when the app in
question is Google Camera. The system will only pin up to the first 80
MiB of the APK file, as well as the first 80 MiB of its odex. There are
several problems with this:

  - We could easily end up with 160 MiB of camera app files pinned,
    which is a tall order with the 6 GiB of usable RAM that we have
  - The data that gets pinned may not even be the most critical data for
    launching the camera

Let's disable pinning of the camera app to save RAM.

Change-Id: I745e39b6ff212dfaf9213517d2a2be8ff7384e24
 2023-12-14 14:16:36 +02:00
Ethan Chen
e2189f19c5 zuma: Disable userdebug diagnostics 
* We can't make use of most of the debug features on userdebug builds.

Change-Id: I31df2090b31243b742c4e82dc08cd8491dada54f
 2023-12-14 14:16:19 +02:00
Chirayu Desai
37f6e87581 zuma: Add device manifest for radio & keymint 
Change-Id: Ib6c4b28d33fb64cb05c715d86a96a829a498beac
 2023-12-14 13:45:41 +02:00
Chirayu Desai
1ebdb9fd7a zuma: Build vbmeta_vendor 
Change-Id: I74c028a2e5ade8830526e95f8ec90b1a1da35afb
 2023-12-14 13:45:24 +02:00
Chirayu Desai
ba50847fd7 zuma: BUILD_BROKEN_ELF_PREBUILT_PRODUCT_COPY_FILES = true 
Change-Id: I0eeaa3ba0f87e5fbe64234d413b5e4eee36957b0
 2023-12-14 13:45:14 +02:00
Chirayu Desai
7257cf0176 zuma: Build vendor 
Change-Id: I08dff42223ae54386a5ed050b51aa4a39e08bdb6
 2023-12-14 13:45:07 +02:00
Chirayu Desai
7fb13af85f zuma: Build vendor_dlkm 
Change-Id: Ic2a0e4cdfdcc448a73bef41e0d2140e9d0aefcf0
 2023-12-14 13:44:54 +02:00
mydongistiny
d33f4b1880 zuma: Use Google's wifi_ext service 
* Use vendor.google.wifi_ext@1.0-service
  that is in the vendor partition instead
  of the AOSP WiFi service.

Change-Id: Ia0fff6ffc532cc6b5e41f8ac242d00e64627cee8
(cherry picked from commit d2c1a98bb37193f598721c4d71267eb8ac2b110b)
 2023-12-14 13:44:19 +02:00
Bruno Martins
a0b4b2a1ab zuma: Pin standard SystemUI instead of Google's 
Change-Id: If96bb13d6cc2c2156d8df111a1037247c96c6e0f
(cherry picked from commit 043d76955467053dcf8f615f6637bdc66b667c0c)
 2023-12-14 13:44:14 +02:00
Chirayu Desai
da26194ccf zuma: Create BoardConfigLineage 
Change-Id: I8136e9f0df40ca3bf96dbfd2453275481178cdaa
 2023-12-14 13:43:55 +02:00
Michael Bestas
b9f727e493 zuma: Update sepolicy path 
Change-Id: Ie2d420cd25e1a8b65977504ed987df57b525dc5f
 2023-12-14 13:41:36 +02:00
Michael Bestas
81354010f2 Add .gitupstream 
Change-Id: I79747ef989659c069386a6ed34a59bba2e8ea860
 2023-12-14 13:39:44 +02:00
Michael Bestas
4012340fa0 Add 'sepolicy/' from tag 'android-14.0.0_r17' 
git-subtree-dir: sepolicy
git-subtree-mainline: 804eaebcae
git-subtree-split: 3286f258be
Change-Id: I30ac8e08a40401d0617b37bea85c4b8ed60ed17b
 2023-12-14 13:36:55 +02:00
Android Build Coastguard Worker
577986678c Snap for 11216811 from b3e48816fa to 24Q1-release 
Change-Id: Ifdf15312217f62374ce30d666e8e16de5fde3ade
 2023-12-14 00:03:39 +00:00
Android Build Coastguard Worker
321dc20fb9 Snap for 11216811 from e1e8933703 to 24Q1-release 
Change-Id: Ia515ea414f08223340989cfbda06f807340fd354
 2023-12-14 00:03:38 +00:00
Android Build Coastguard Worker
8a7d32375e Snap for 11211173 from ed808b4425 to 24Q1-release 
Change-Id: I1662f94e7c3672ad0eb720647d8171023e1720aa
 2023-12-13 00:06:15 +00:00
Imo Richard Umoren
b3e48816fa Twoshay: Add SELinux Permissions for CHRE [Zuma] 
Adds connection and write permissions for chre socket to SELinux policy.
Used for the Wallaby nanoapp.

Bug: b/315347346
Bug: b/314721681
Test: Manually tested on SB3 Proto 1.0
Change-Id: I4a01be73d76a577d8da07c36276349525c0fda68
 2023-12-12 17:23:35 +00:00
Android Build Coastguard Worker
67c3fedb9d Merge cherrypicks of ['googleplex-android-review.googlesource.com/25616149'] into udc-qpr1-release. 
Change-Id: I4193363030c8ad0c80e39b4325d4a126a3e7c08f
 2023-12-12 05:02:40 +00:00
Hungyen Weng
cacbd7f2fc config: Use carrier config in ROM by default 
Bug: 314890118

Test: Flash ROM and confirm the carrier config follows the ROM.
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:06e99301dd1bf20da055af6484694a9e7115dc73)
Merged-In: Iffdb9a3a53e82d86d9917d84a7ce6ac49a3bad2a
Change-Id: Iffdb9a3a53e82d86d9917d84a7ce6ac49a3bad2a
 2023-12-12 05:01:50 +00:00
Android Build Coastguard Worker
7fcd2d361c Snap for 11206181 from 259348f8f7 to 24Q1-release 
Change-Id: Ice268fc3ea3fabd8dd0b95e34dc19ec820de5923
 2023-12-12 02:03:06 +00:00
Android Build Coastguard Worker
145f804642 Snap for 11206181 from 1b45f49762 to 24Q1-release 
Change-Id: I39342f2c5107091e2b32f6ec89170119cd79c911
 2023-12-12 02:03:05 +00:00
Wilson Sung
259348f8f7 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 315720601
Test: scanBugreport
Bug: 315720874
Bug: 315104803
Test: scanAvcDeniedLogRightAfterReboot
Bug: 315104803
Change-Id: If15ba27fec6c876984823f8bb214bb7db59f7fd2
 2023-12-11 02:54:00 +00:00
Android Build Coastguard Worker
ef429a28e9 Snap for 11201039 from 9f7b7c532d to 24Q1-release 
Change-Id: I534e8505c0c19b4b81bdfdc0ee7cc27cb44e8d25
 2023-12-10 00:03:13 +00:00
Android Build Coastguard Worker
607aadef44 Snap for 11200327 from 585d72a3bd to 24Q1-release 
Change-Id: Ibf96d66b35a5d064840c9b01a12f3e3c04d707a7
 2023-12-09 04:03:23 +00:00
Android Build Coastguard Worker
7016a182df Snap for 11192287 from 2ecdf16781 to 24Q1-release 
Change-Id: I0a83af9c60ee1a8f9968511858f032c19fc4f975
 2023-12-08 00:03:44 +00:00
Android Build Coastguard Worker
8831bb3fd1 Snap for 11186783 from 7beccb101a to 24Q1-release 
Change-Id: If70ab8ab01c1b822e644041acb8889a571547f3b
 2023-12-07 00:03:03 +00:00
Android Build Coastguard Worker
fd38ab1041 Snap for 11186783 from ec93b1bbd4 to 24Q1-release 
Change-Id: I06f238bedb11b1f09c8f22d7954fea89096e7ab3
 2023-12-07 00:03:02 +00:00
Wilson Sung
2ecdf16781 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 315104235
Test: scanBugreport
Bug: 315104508
Bug: 315104235
Test: scanAvcDeniedLogRightAfterReboot
Bug: 315104941
Bug: 315104235
Change-Id: Icb01366f95e6ca4001246215e487d702131b6947
 2023-12-06 10:44:09 +00:00
David Drysdale
7beccb101a Merge "Add Secretkeeper HAL" into main 2023-12-06 10:21:03 +00:00
Android Build Coastguard Worker
186d6a8841 Snap for 11180250 from 47c545c8b0 to 24Q1-release 
Change-Id: I0e4e5236ac545323d25bea3123f0d133bbe3db5a
 2023-12-06 00:05:28 +00:00
Android Build Coastguard Worker
bfb557b32a Snap for 11180250 from 1dc0d70de4 to 24Q1-release 
Change-Id: I670e414a427adc4ab7c9f0b3e51808918de8218c
 2023-12-06 00:05:27 +00:00
David Drysdale
98448f5628 Add Secretkeeper HAL 
Test: VtsAidlAuthGraphSessionTest
Bug: 306364873
Change-Id: I57de11a4c08476979e9283914a552a90254ee3fb
 2023-12-05 10:39:26 +00:00
Ray Chi
7e755bb143 Add eusb_repeater to vendor_usb_debugfs context 
Bug: 305145476
Test: adb bugreport
Change-Id: I8fe6eebb43ed80de486d93882879512d0918acee
 2023-12-05 16:38:16 +08:00
Android Build Coastguard Worker
4b9be834b9 Snap for 11175020 from 7e977d05b5 to 24Q1-release 
Change-Id: I4384742f462cf6cc6636537aa4ae31b092ebac07
 2023-12-05 02:31:47 +00:00
Jason Chiu
47c545c8b0 zuma: move sepolicy related to bootctrl hal to gs-common 
Bug: 265063384
Change-Id: Ic99547173f6eade30bce2d60051163336b27ca3b
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-12-05 00:45:55 +08:00
Wilson Sung
7e977d05b5 Merge "Update SELinux error" into main 2023-12-04 02:33:03 +00:00
Android Build Coastguard Worker
d7fb9d25df Snap for 11171107 from 5f8ba1c0d3 to 24Q1-release 
Change-Id: I88b5d765e0661ecf782a8860a261a3983655c13d
 2023-12-02 22:02:54 +00:00
Android Build Coastguard Worker
0857843adc Snap for 11169761 from 979e64b5f2 to 24Q1-release 
Change-Id: I8476c66aa29a51d05a7fdc7936b863699d2441cc
 2023-12-02 02:02:58 +00:00
Android Build Coastguard Worker
7be45da460 Snap for 11169761 from 62f3a1abc4 to 24Q1-release 
Change-Id: I3ea56fbda81b7d951e5fd43a6769a7a4057a9c97
 2023-12-02 02:02:57 +00:00
Daniel Norman
5f8ba1c0d3 Removes duplicate hidraw_device type definition. am: f219d38925 am: f2e746b644 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25533485

Change-Id: Id71f76f518ee2dd74cb7dc4ce0cfc3253853fb1b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-02 01:52:12 +00:00
Daniel Norman
f2e746b644 Removes duplicate hidraw_device type definition. am: f219d38925 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25533485

Change-Id: Ie0b6287cb50284c1ae6fc6ab40f89506efb71887
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-02 01:02:35 +00:00
Daniel Norman
f219d38925 Removes duplicate hidraw_device type definition. 
This type is now defined by the platform.

Bug: 303522222
Change-Id: Ic46a7327bb2dab89f424cde2682a40f2b28a04db
Test: ls -z /dev/hidraw0
(cherry picked from commit 8ff4604573)
 2023-12-02 00:01:28 +00:00
Daniel Norman
979e64b5f2 [automerger skipped] Removes duplicate hidraw_device type definition. am: 2729e96ec8 -s ours 
am skip reason: Merged-In Ic46a7327bb2dab89f424cde2682a40f2b28a04db with SHA-1 8ff4604573 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25531285

Change-Id: I1f0d61fa7d734e739070c1e23cda82d727d66944
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-12-01 23:27:20 +00:00
Daniel Norman
2729e96ec8 Removes duplicate hidraw_device type definition. 
This type is now defined by the platform.

Bug: 303522222
Test: ls -z /dev/hidraw0
Change-Id: Ic46a7327bb2dab89f424cde2682a40f2b28a04db
Merged-In: Ic46a7327bb2dab89f424cde2682a40f2b28a04db
(cherry picked from commit 8ff4604573)
 2023-12-01 19:24:56 +00:00
Dario Freni
2584e99c58 Merge "Revert "zuma: move sepolicy related to bootctrl hal to gs-common"" into main 2023-12-01 13:00:07 +00:00
Sebastian Pickl
fbe923d20a Revert "zuma: move sepolicy related to bootctrl hal to gs-common" 
Revert submission 25477883-gs-common_bootctrl-aidl

Reason for revert: breaking builds b/314240126

Bug: 314240126

Reverted changes: /q/submissionid:25477883-gs-common_bootctrl-aidl

Change-Id: I84dda0a7c98ed1d1f7958734761c9c1a0bd9d169
 2023-12-01 11:30:45 +00:00
Treehugger Robot
421b5abf97 Merge "zuma: move sepolicy related to bootctrl hal to gs-common" into main 2023-12-01 03:57:28 +00:00
Android Build Coastguard Worker
5cdcebad59 Snap for 11162593 from 76972151b2 to 24Q1-release 
Change-Id: Ie20703da7d977d14f3234ccc6bab86cbb6b23021
 2023-12-01 00:03:31 +00:00
Android Build Coastguard Worker
55dbcbce49 Snap for 11162593 from e18209fef7 to 24Q1-release 
Change-Id: I94ca14f18adf4f2eaa5341838400b2e0184b1e94
 2023-12-01 00:03:30 +00:00
Treehugger Robot
124e7aa639 Merge "Suppress avc error log on debugfs's usb folder." into main 2023-11-30 23:26:22 +00:00
Luis Delgado De Mendoza
76972151b2 Merge "Add sepolicy entries for new BT channel" into main 2023-11-30 16:21:41 +00:00
Wilson Sung
14dda6e255 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 314054292
Test: scanBugreport
Bug: 313804706
Bug: 312894238
Change-Id: Ibf9517b585dcd8e06c62075d85dc55eb8ed7d18d
 2023-11-30 07:14:04 +00:00
Khoa Hong
fb1c8b60bb Suppress avc error log on debugfs's usb folder. 
The XHCI driver in kernel will write debugging information to DebugFS on
some USB host operations (for example: plugging in a USB headphone). We
are not using those information right now.

Bug: 311088739
Test: No error when plugging a USB headphone in.
Change-Id: I3a8e2290e97967c02453eadff440d8bbeefa31b1
 2023-11-30 14:50:52 +08:00
Android Build Coastguard Worker
11dc16884e Snap for 11157599 from d05c6ad1e6 to 24Q1-release 
Change-Id: I24079c74eb78f8525f2a7444ae2dcc4b1bda64bc
 2023-11-30 00:04:31 +00:00
Android Build Coastguard Worker
9da38f8b92 Snap for 11146061 from 9c8cb72283 to 24Q1-release 
Change-Id: I7dc1c4dd88350545cf2cd90a796a47f5e3de7df1
 2023-11-28 00:03:34 +00:00
Android Build Coastguard Worker
105faa918d Snap for 11146061 from 6a3349663d to 24Q1-release 
Change-Id: I4a5ec6197a426c425eb55f05f9e3e7a69344a18e
 2023-11-28 00:03:33 +00:00
Jason Chiu
23feade4db zuma: move sepolicy related to bootctrl hal to gs-common 
Bug: 265063384
Change-Id: I230ca394c5d1b6e68dd8b4d51ea06568810eb4e0
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-11-27 17:45:29 +08:00
Treehugger Robot
9c8cb72283 Merge "allow vendor init to access percpu_pagelist_high_fraction" into main 2023-11-27 01:45:54 +00:00
Android Build Coastguard Worker
c18ae977e2 Snap for 11139387 from 9bd6f5ebd1 to 24Q1-release 
Change-Id: I3694643b556b67373a1f87d457c92f3f47755107
 2023-11-24 00:03:22 +00:00
Kyle Tso
9bd6f5ebd1 hal_usb_impl: Add get_prop for vendor_usb_config_prop am: 5775ea074a am: 2816dc3328 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25353179

Change-Id: I8745571157eb29f5809b338383c11aa64a1c67ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-23 14:58:34 +00:00
Kyle Tso
2816dc3328 hal_usb_impl: Add get_prop for vendor_usb_config_prop am: 5775ea074a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25353179

Change-Id: Ie03d8b8da3e6ca672906764bebfc29ef6d3cf97e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-23 14:25:25 +00:00
Kyle Tso
5775ea074a hal_usb_impl: Add get_prop for vendor_usb_config_prop 
avc:  denied  { read } for  comm="android.hardwar" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=391 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=0

Bug: 310560098
Change-Id: I86588715cae2696dd0e045c5b75dde55e0f84c1e
Signed-off-by: Kyle Tso <kyletso@google.com>
 2023-11-23 08:33:04 +00:00
Chia-Chi Teng
59af5f70be Merge "Revert^3 "bluetooth: Allow triggering AOC reset from BT HAL"" into udc-qpr-dev am: edac582d40 am: 650409d4b4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25400378

Change-Id: I2003f92080f61363c0549d36a2a95c0ddf651a6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-23 08:11:42 +00:00
Chia-Chi Teng
650409d4b4 Merge "Revert^3 "bluetooth: Allow triggering AOC reset from BT HAL"" into udc-qpr-dev am: edac582d40 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25400378

Change-Id: I92c8528073ca783dba8f9de5c51dde3616da47c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-23 07:39:22 +00:00
Martin Liu
b25d110b38 allow vendor init to access percpu_pagelist_high_fraction 
Bug: 309409009
Test: boot
Change-Id: I2a4b34e3318b5de8688fe25133d7839165a2566d
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-11-23 15:35:07 +08:00
Chia-Chi Teng
edac582d40 Merge "Revert^3 "bluetooth: Allow triggering AOC reset from BT HAL"" into udc-qpr-dev 2023-11-23 07:07:04 +00:00
Android Build Coastguard Worker
f4961ff03c Snap for 11135477 from 60b467ac40 to 24Q1-release 
Change-Id: I59a8aba6f0d4f1b2823ec066388f3b91fbf4746a
 2023-11-23 00:03:29 +00:00
Randall Huang
60b467ac40 Move sg_device related policy 
Bug: 312582937
Test: make selinux_policy
Change-Id: Ic6e1f6228764cd2ddc96d574a10838ca4bc05332
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-11-22 14:21:06 +08:00
Wilson Sung
039124e7a4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 312590044
Change-Id: I24e5462f111f05d051d398487a5931d808cf3002
 2023-11-22 03:15:40 +00:00
Android Build Coastguard Worker
e13b1ebbb6 Snap for 11130229 from 70a5a27331 to 24Q1-release 
Change-Id: I43746352959ea7470b0ed4ca7e66a1aa5e2871ca
 2023-11-22 00:04:25 +00:00
Android Build Coastguard Worker
e2b583b00a Merge cherrypicks of ['googleplex-android-review.googlesource.com/25398212'] into udc-qpr1-release. 
Change-Id: I95aa412212645226f6ed7498a0d849c023a78124
 2023-11-21 18:03:15 +00:00
Ruofei Ma
10c24e2475 Enable adaptive playback for BigWave 
Bug: 309722491

Signed-off-by: Ruofei Ma <ruofeim@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:d7b343305d3da89cca0b8eaa18ea4959ded6c197)
Merged-In: Ibc5a88efc535cc847fbde45541d451ee97c65a1e
Change-Id: Ibc5a88efc535cc847fbde45541d451ee97c65a1e
 2023-11-21 18:02:43 +00:00
Android Build Coastguard Worker
3897206a7f Snap for 11124398 from 9fcc03e099 to 24Q1-release 
Change-Id: Id4fcd0f9567a6ba42e32beb37c1b33ab178f7031
 2023-11-21 00:02:59 +00:00
Bryan Lavrich
70a5a27331 Merge "aoc: add sysfs file entry" into main 2023-11-20 20:22:27 +00:00
Devika Krishnadas
9fcc03e099 Merge "Add Pixel Mapper as a sp-HAL" into main 2023-11-20 18:17:28 +00:00
Android Build Coastguard Worker
f3d0a8de65 Snap for 11120126 from 09160b77ca to 24Q1-release 
Change-Id: I1f314e115357b94a0188b28d3c1e5ad2d32ff357
 2023-11-19 00:02:58 +00:00
Luis Delgado de Mendoza
e5f95d1fc7 Add sepolicy entries for new BT channel 
Bug: 308452948
Test: Validated locally on husky.
Change-Id: I68bce4f12b086168bdcbe6193b07dd1c11097c2d
 2023-11-17 20:03:39 -08:00
Android Build Coastguard Worker
ef0c883b6b Snap for 11117647 from 658c20d024 to 24Q1-release 
Change-Id: Idb15eab4a9a1503e82fcca09fab40f13490e7ad6
 2023-11-18 02:02:52 +00:00
Android Build Coastguard Worker
73f4e839ea Snap for 11117647 from 228db5e2a5 to 24Q1-release 
Change-Id: I11275e97e08835826604844fa33568eac810a259
 2023-11-18 02:02:51 +00:00
Kyle Tso
658c20d024 dontaudit on dir search for vendor_votable_debugfs 
Bug: 305880925
Bug: 310539058
Change-Id: I5e13370fe5430f3dfbf73ccff787986fbe80f9ea
Signed-off-by: Kyle Tso <kyletso@google.com>
 2023-11-17 05:21:48 +00:00
Kyle Tso
0c0ce3699a Merge "hal_usb_impl: Add get_prop for vendor_usb_config_prop" into main 2023-11-17 03:51:44 +00:00
Chia-Chi Teng
d240d1b4e2 Revert^3 "bluetooth: Allow triggering AOC reset from BT HAL" 
eb2dcaedc8

Change-Id: Idb64a3e6d60747273159682102a5367b99fe6833
 2023-11-16 22:37:36 +00:00
Devika Krishnadas
b5c8a252b2 Add Pixel Mapper as a sp-HAL 
Bug: 267352318

Change-Id: I3068038eb51f1a78a2cd300a6b71d96a2647b641
Signed-off-by: Devika Krishnadas <kdevika@google.com>
 2023-11-16 01:25:45 +00:00
Android Build Coastguard Worker
a5bda83f42 Snap for 11104212 from ca8e0baee7 to 24Q1-release 
Change-Id: Ic31258f8c3a6c47c513cd2d4232838fe616cb063
 2023-11-16 00:03:40 +00:00
Android Build Coastguard Worker
03ba2a0451 Snap for 11104212 from c55415c1e2 to 24Q1-release 
Change-Id: I06ca8d41c44d5222a40ae9539998532c00f5f4f2
 2023-11-16 00:03:39 +00:00
Angela Wu
ca8e0baee7 [automerger skipped] Allows GCA to access the hw_jpeg /dev/video12. am: 77ce612093 -s ours am: 4746ff1aee -s ours 
am skip reason: Merged-In I97a96bddaaca9e95f0596cd4eff0d7e80d6023d6 with SHA-1 6216625ef8 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25321138

Change-Id: Ia2f1c97331008bae978881fb6e3708f93964332b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-15 09:56:28 +00:00
Angela Wu
4746ff1aee [automerger skipped] Allows GCA to access the hw_jpeg /dev/video12. am: 77ce612093 -s ours 
am skip reason: Merged-In I97a96bddaaca9e95f0596cd4eff0d7e80d6023d6 with SHA-1 6216625ef8 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25321138

Change-Id: Iad6a9cc9166ae916b05fc137d5c39ed315f01309
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-15 09:06:56 +00:00
Angela Wu
77ce612093 Allows GCA to access the hw_jpeg /dev/video12. 
Bug: 309578078
Test: https://android-build.corp.google.com/builds/abtd/run/L41100030000291922

Merged-In: I97a96bddaaca9e95f0596cd4eff0d7e80d6023d6
Change-Id: I5b1649ec393d2f998159299b0f4feddcde4da80f
 2023-11-15 06:28:23 +00:00
Android Build Coastguard Worker
50830d4644 Snap for 11097608 from 8ff4604573 to 24Q1-release 
Change-Id: I95208dd4ca5fb6fc0ea669663b94eb21fc7f2c2c
 2023-11-15 00:03:20 +00:00
Kyle Tso
8912975a8b hal_usb_impl: Add get_prop for vendor_usb_config_prop 
avc:  denied  { read } for  comm="android.hardwar" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=391 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=0

Bug: 310560098
Change-Id: I86588715cae2696dd0e045c5b75dde55e0f84c1e
Signed-off-by: Kyle Tso <kyletso@google.com>
 2023-11-14 02:15:14 +00:00
Android Build Coastguard Worker
9907debfaa Snap for 11089623 from 78a70da442 to 24Q1-release 
Change-Id: Ic60ffe7f7bae3e8d5ac9bb350aa18b08f7e52540
 2023-11-14 00:03:01 +00:00
Android Build Coastguard Worker
5bcb107f75 Snap for 11084970 from 0774e72816 to 24Q1-release 
Change-Id: I3224367f9886699167b0dc0bf53dceae01562507
 2023-11-11 02:03:23 +00:00
Android Build Coastguard Worker
ecb4ea9c5a Snap for 11084970 from 398ceca7a9 to 24Q1-release 
Change-Id: I70ba47f4962b30635def0900330543a589040a35
 2023-11-11 02:03:23 +00:00
Daniel Norman
8ff4604573 Removes duplicate hidraw_device type definition. 
This type is now defined by the platform.

Bug: 303522222
Change-Id: Ic46a7327bb2dab89f424cde2682a40f2b28a04db
Test: ls -z /dev/hidraw0
 2023-11-10 22:52:00 +00:00
Alex Iacobucci
ca145d66c3 aoc: add sysfs file entry 
Test: on device
Bug: 309950738
Change-Id: Iddaf30fce0bfd88d275d577b71bedd826b7a3ee6
Signed-off-by: Alex Iacobucci <alexiacobucci@google.com>
 2023-11-10 18:27:42 +00:00
Angela Wu
0774e72816 Allows GCA to access the hw_jpeg /dev/video12. am: 6216625ef8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25311860

Change-Id: I2d7bf8ff4ff6dc07bffc1aa43c966a4a6ccda05f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-11-10 03:19:12 +00:00
Android Build Coastguard Worker
792846a535 Snap for 11078623 from 64853c99f4 to 24Q1-release 
Change-Id: If4d909a21558223196e7eb4f9d5538f822359de8
 2023-11-10 00:03:03 +00:00
Angela Wu
6216625ef8 Allows GCA to access the hw_jpeg /dev/video12. 
Bug: 309578078
Test: https://android-build.corp.google.com/builds/abtd/run/L93200030000133974
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0dde58951666a96f788a8a75bf63cde34079d48a)
Merged-In: I5b1649ec393d2f998159299b0f4feddcde4da80f
Change-Id: I5b1649ec393d2f998159299b0f4feddcde4da80f
This change is essentially a re-submission of ag/25305073 to an upstream branch.

Change-Id: I97a96bddaaca9e95f0596cd4eff0d7e80d6023d6
 2023-11-09 10:09:31 +00:00
Android Build Coastguard Worker
562b4b17c1 Snap for 11071763 from d6f83eba29 to 24Q1-release 
Change-Id: Id7c59391cdaac8295ed1928d1f39e959c830fd6d
 2023-11-09 00:03:04 +00:00
Android Build Coastguard Worker
e98afc3ba9 Snap for 11071763 from ff513752a1 to 24Q1-release 
Change-Id: I54d085bdc6ef19ca75f2b547b56a364aa30939ea
 2023-11-09 00:03:03 +00:00
Mike Wang
d6f83eba29 Merge "Change the MDS to platform app in selinux ap context." into main 2023-11-08 07:05:09 +00:00
Angela Wu
2e724b4b7f Merge "Allows GCA to access the hw_jpeg /dev/video12." into main 2023-11-08 05:20:21 +00:00
Treehugger Robot
0418f329cf Merge "Allow HWC to access display refresh control" into main 2023-11-08 04:20:23 +00:00
Mike Wang
96bac14cb1 Change the MDS to platform app in selinux ap context. 
The MDS will be signed with platform key and become a platform app. To
make the selinux rules for modem_diagnostic_app work, need to set it to
platform app in app context.

Bug: 287683516

Test: Tested with both dev key or platform key signed MDS apps and the selinux rules works.


Change-Id: I375f57537a81514d3a6230ca042a4407accd6c15
 2023-11-08 04:01:26 +00:00
Angela Wu
73caf508ec Allows GCA to access the hw_jpeg /dev/video12. 
Bug: 309578078
Change-Id: Ic243a8dc0d6b2decd0ac70d076a456296936e9af
Test: https://android-build.corp.google.com/builds/abtd/run/L93200030000133974
 2023-11-08 03:36:48 +00:00
Android Build Coastguard Worker
1dbc5e2c6b Snap for 11065517 from d76fa68860 to 24Q1-release 
Change-Id: I37b4c332b173fb836ad92970c663d4cd990fa191
 2023-11-08 00:05:58 +00:00
Treehugger Robot
d76fa68860 Merge "sensors: Move USF related sepolicy to gs-common." into main 2023-11-07 06:49:08 +00:00
Android Build Coastguard Worker
2c315c5526 Snap for 11059422 from c3d0ba2da2 to 24Q1-release 
Change-Id: Iefecaff650f57d55f332f13e8f3c7f640bc604cd
 2023-11-07 02:03:24 +00:00
Android Build Coastguard Worker
0f977a4b6c Snap for 11059422 from 5f6d9cc357 to 24Q1-release 
Change-Id: I68c47c1d2dd09b0119fe4863f10c13ef9c8a4170
 2023-11-07 02:03:23 +00:00
Rick Chen
587903f7c4 sensors: Move USF related sepolicy to gs-common. 
Bug: 305120274
Test: Compile pass. Flash the build to ZUMA devices and no sensor
      related avc denied log.
Change-Id: I6911992b59802b62ffd206fd53e678da65ef1363
Signed-off-by: Rick Chen <rickctchen@google.com>
 2023-11-06 23:20:16 +08:00
Sam Ou
c3d0ba2da2 Merge changes from topic "thismeal_enhancement" into main 
* changes:
  Allow dump_power to create thismeal.txt by executing battery_mitigation
  Update odpm scale value sepolicy
 2023-11-06 10:36:49 +00:00
Chris Lu
c13e6b0d82 Allow HWC to access display refresh control 
Bug: 295603692
Test: write the node successfully
Change-Id: Ie900a9de4c23201ddefd61456bb2b8a80ba1945a
 2023-11-06 09:28:09 +00:00
Mike Wang
7d43b5edb6 Merge "Add selinux policy change to allow MDS access Samsung OemRil hal." into main 2023-11-06 02:30:55 +00:00
samou
90ef181121 Allow dump_power to create thismeal.txt by executing battery_mitigation 
Bug: 293899466
Change-Id: I88d4e3bcf18e818e9ee53ed69e522c9678c6edff
Signed-off-by: samou <samou@google.com>
 2023-11-03 09:59:05 +00:00
mikeyuewang
b066861a22 Add selinux policy change to allow MDS access Samsung OemRil hal. 
Bug: 301641283

selinux log:
11-03 15:32:38.850  2643  2643 I auditd  : type=1400 audit(0.0:1616): avc:  denied  { call } for  comm="binder:2643_3" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.850  2643  2643 I binder:2643_3: type=1400 audit(0.0:1616): avc:  denied  { call } for  scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.854  2643  2643 I auditd  : type=1400 audit(0.0:1617): avc:  denied  { transfer } for  comm="binder:2643_3" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.854  2643  2643 I binder:2643_3: type=1400 audit(0.0:1617): avc:  denied  { transfer } for  scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.google.mds
11-03 15:32:38.854  1095  1095 I auditd  : type=1400 audit(0.0:1618): avc:  denied  { call } for  comm="HwBinder:1095_1" scontext=u:r:rild:s0 tcontext=u:r:modem_diagnostic_app:s0:c512,c768 tclass=binder permissive=1
11-03 15:32:38.854  1095  1095 I HwBinder:1095_1: type=1400 audit(0.0:1618): avc:  denied  { call } for  scontext=u:r:rild:s0 tcontext=u:r:modem_diagnostic_app:s0:c512,c768 tclass=binder permissive=1


Change-Id: Ia71844db230302fd3120b28b3ade2e55443ec078
 2023-11-03 07:42:38 +00:00
Android Build Coastguard Worker
ee41c86fa3 Snap for 11044623 from 73d96fb40f to 24Q1-release 
Change-Id: I6c506d4edaa3202ffb7a1c263e72529ab32925fd
 2023-11-03 01:03:56 +00:00
Android Build Coastguard Worker
e31789f758 Snap for 11038355 from 4a0a7997b5 to 24Q1-release 
Change-Id: I158dfabfc2fcd3e478b4f5fa5a72fe2c698f2191
 2023-11-02 01:03:40 +00:00
Android Build Coastguard Worker
4c72e906c3 Snap for 11031655 from 244aed251d to 24Q1-release 
Change-Id: I02a8b0824d6e4b485c891565478d4a2f99395aa2
 2023-11-01 01:03:36 +00:00
Chia-Chi Teng
244aed251d Revert^2 "bluetooth: Allow triggering AOC reset from BT HAL" am: eb2dcaedc8 am: 5c827dca3a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25205134

Change-Id: Ief73384699e0dfba3d3b8a79545bb3a3ad27c4c4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-31 19:03:04 +00:00
Chia-Chi Teng
5c827dca3a Revert^2 "bluetooth: Allow triggering AOC reset from BT HAL" am: eb2dcaedc8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/25205134

Change-Id: I075a05a8ccf755700923c9de7106b57f7f876830
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-31 17:56:21 +00:00
samou
3f67ca9478 Update odpm scale value sepolicy 
Bug: 290149543
Change-Id: I66108d908ffa5cc6853b1e8280a5568c92a2e66f
Signed-off-by: samou <samou@google.com>
 2023-10-31 12:13:45 +00:00
Android Build Coastguard Worker
d2a15ecb69 Snap for 11025555 from 11ea7dd6d6 to 24Q1-release 
Change-Id: I654e6e8d437ba5f123ef0ac786e1c01cc5310fce
 2023-10-31 01:03:14 +00:00
Android Build Coastguard Worker
590dea55dc Snap for 11025555 from d2c07f3b87 to 24Q1-release 
Change-Id: Id0a99831fcb5220089e2381a28bb5e848fccd267
 2023-10-31 01:03:13 +00:00
Android Build Coastguard Worker
9105fc486a Snap for 11020550 from fa6626b128 to 24Q1-release 
Change-Id: Ia5d07babb40279fb5b5d3148ac34887b19a04719
 2023-10-29 23:03:39 +00:00
Android Build Coastguard Worker
5d719004a9 Snap for 11017726 from 32d99c3e05 to 24Q1-release 
Change-Id: I02f72d71a4702780ae425573bea923be6b9adbcb
 2023-10-28 03:12:50 +00:00
Android Build Coastguard Worker
0e13f9add8 Snap for 11017726 from 44082e91da to 24Q1-release 
Change-Id: I8e0583265715c85b5eca2189fcb7fb4db5c510ed
 2023-10-28 03:12:49 +00:00
Chia-Chi Teng
eb2dcaedc8 Revert^2 "bluetooth: Allow triggering AOC reset from BT HAL" 
This reverts commit 0aa787efa8.

Reason for revert: Debug BT HCI timeout on UD2A build and P23 on main

Bug: 306646797
Test: presubmit PTS
Change-Id: Ia72ea9d0ba0209cce483d220b420933b243e05b3
 2023-10-27 22:53:17 +00:00
Daniel Okazaki
11ea7dd6d6 dump_power: adding dwell defend logs sepolicy 
Bug: 306108267
Test: build/flash
Test: adb bugreport
Change-Id: Idb0571b6a974b98649f9cc071d506a8be94966f5
Signed-off-by: Daniel Okazaki <dtokazaki@google.com>
 2023-10-27 18:45:43 +00:00
Chris Lu
32d99c3e05 Set context for sysfs file panel_pwr_vreg 
Bug: 296978805
Test: read panel_pwr_vreg by dumpstate
Change-Id: Idc4845cadb278ef6406003cb3e55bfbdba758b4b
 2023-10-27 07:46:46 +00:00
Android Build Coastguard Worker
2f8b18c626 Snap for 11012804 from 5d83d85ad2 to 24Q1-release 
Change-Id: Icbd92ebadb85db1eea13826f3a461eaf8a8dd028
 2023-10-27 03:19:57 +00:00
Android Build Coastguard Worker
539fd546c4 Snap for 11012804 from f60b0e874f to 24Q1-release 
Change-Id: I102c5bfa108f4c2aba63e95a38cc6ab2520b1761
 2023-10-27 03:19:57 +00:00
Sam Ou
5d83d85ad2 Merge "Allow battery_motigation to access gpu cur_freq" into main 2023-10-27 02:33:00 +00:00
Android Build Coastguard Worker
aa3d20b9d9 Snap for 11005173 from 151ef4d45d to 24Q1-release 
Change-Id: Idd8ce140666dabe12ebe531424fbd3ab44e684ba
 2023-10-26 01:36:30 +00:00
Android Build Coastguard Worker
e13b8f4cc2 Snap for 10998418 from 2129b7fe3f to 24Q1-release 
Change-Id: I88696dd518f7d915067d1cd692bae2b80c67d85e
 2023-10-25 01:06:37 +00:00
Android Build Coastguard Worker
c54e58f059 Snap for 10992821 from 8d46bb7983 to 24Q1-release 
Change-Id: I9c2acbaa0babd2a89a0eeaad7bd9a2d66498691b
 2023-10-24 01:06:40 +00:00
Android Build Coastguard Worker
04c81876c4 Snap for 10992821 from a4c5c5f621 to 24Q1-release 
Change-Id: I39ff0bf255ca68cc4b6d6bf54cc1050335231af7
 2023-10-24 01:06:39 +00:00
Jacky Liu
8d46bb7983 Update sepolicy for new static i2c bus numbers 
Bug: 305242309
Test: Boot to home
Change-Id: Ic235f6c2a4d325103dcd03e0977c1a88e98a0605
 2023-10-23 14:26:55 +08:00
samou
a534079494 Allow battery_motigation to access gpu cur_freq 
Bug: 290149543
Change-Id: I3396573d67f9f0995e63cd1e559f968107695d8b
Signed-off-by: samou <samou@google.com>
 2023-10-23 01:44:06 +00:00
Android Build Coastguard Worker
e0dd8973ec Snap for 10985023 from fcf7f847ae to 24Q1-release 
Change-Id: Ieb32781fb68e02d49b705fa8f9d84d2a4743743e
 2023-10-21 03:06:24 +00:00
Android Build Coastguard Worker
da84af699d Snap for 10985023 from ebe3cf6812 to 24Q1-release 
Change-Id: Ifbb38778c43675d97837349cf136006aa24c6429
 2023-10-21 03:06:23 +00:00
Ken Yang
fcf7f847ae SELinux: fix wakeup selinux issue 
Bug: 305600876
Change-Id: I21a8993291b05a991e32bb7c363b5e831f4d0db0
Signed-off-by: Ken Yang <yangken@google.com>
 2023-10-20 09:48:03 +00:00
Android Build Coastguard Worker
376b209966 Snap for 10970117 from d20bee68db to 24Q1-release 
Change-Id: Ibb223f8e23730b7779c1adfcc4d0982a6f0cac57
 2023-10-19 01:10:05 +00:00
Android Build Coastguard Worker
0c6106e23a Snap for 10970117 from ab87cd4fae to 24Q1-release 
Change-Id: I2e3322ce0e9ba4d291aeca5e6281a10c790653b3
 2023-10-19 01:10:04 +00:00
John Chang
d20bee68db Merge "display: properties of vrr settings" into main 2023-10-18 15:46:47 +00:00
Android Build Coastguard Worker
4a2cace054 Snap for 10963245 from d77b117b40 to 24Q1-release 
Change-Id: I1fb41c223ee96eb854e6656e06e75283eadc6019
 2023-10-18 01:05:26 +00:00
Android Build Coastguard Worker
58472995a1 Snap for 10958510 from d48c63c215 to 24Q1-release 
Change-Id: I3769b3f8e87a3285180f31b30130b739f04a5c50
 2023-10-17 02:30:46 +00:00
Wilson Sung
d48c63c215 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 305600857
Change-Id: I4715b66f1b1c051c8d83cffefdf4f3de6e5971ef
 2023-10-16 12:19:18 +08:00
Hiroshi Akiyama
ea65836d59 Merge "Update missing dump_power sepolicy" into main 2023-10-15 23:45:47 +00:00
Android Build Coastguard Worker
7dfb3a5e3b Snap for 10950137 from 5883c27036 to 24Q1-release 
Change-Id: I7626c38f44914b2dd29bcffe030bd5eb136e5863
 2023-10-14 05:05:20 +00:00
Android Build Coastguard Worker
2f12992d4d Snap for 10950137 from 5cc2bfebf4 to 24Q1-release 
Change-Id: I2aa51fe6a88b27cc2b2574d5ddfb50c353c33c46
 2023-10-14 05:05:19 +00:00
Hiroshi Akiyama
400a9d2068 Update missing dump_power sepolicy 
Bug: 304851502
Test: adb bugreport and check dumpstate_board.txt
Change-Id: I1aed85ec3c1106381a395867a6eb90c11a8a1f84
Signed-off-by: Hiroshi Akiyama <hiroshiakiyama@google.com>
 2023-10-14 05:02:16 +00:00
Android Build Coastguard Worker
3286f258be Snap for 10949315 from 127ca27edc to udc-qpr1-release 
Change-Id: I953a4cc7cb3da49a1c0e59c9a42f923ca79f7a09
 2023-10-14 01:07:37 +00:00
jonerlin
5883c27036 allow hal_bluetooth_btlinux write sysfs file am: 127ca27edc am: a49aa2bdf1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24947936

Change-Id: I52e9eb48b5e73a6f388a3fb446d1e402bdca4468
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-13 03:14:04 +00:00
Android Build Coastguard Worker
817b351fa5 Snap for 10942032 from f08b6e4d84 to 24Q1-release 
Change-Id: I82b43192d4f9022dfe43248bc1beca162757019f
 2023-10-13 03:10:35 +00:00
jonerlin
a49aa2bdf1 allow hal_bluetooth_btlinux write sysfs file am: 127ca27edc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24947936

Change-Id: I183c49c5209e811166a96d2a9e2819bd29373b7c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-13 02:56:21 +00:00
Treehugger Robot
9b0ab2c62c Merge "hal_sensors_default: Add permission to AOC reset sysfs node." into main 2023-10-13 02:43:10 +00:00
Rick Chen
c31ec37715 hal_sensors_default: Add permission to AOC reset sysfs node. 
[21675.099727] type=1400 audit(1697127034.684:751): avc:  denied  { write } for  comm="binder:912_1" name="reset" dev="sysfs" ino=102250 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_reset:s0 tclass=file permissive=0

Bug: 304681766
Test: Modify sensor HAL to trigger SSR when init.
      No avc denied log when sensor HAL access AOC reset sysfs node.
Change-Id: Iede0fa94a627c5e0d3166bec05ef7041154d8efe
Signed-off-by: Rick Chen <rickctchen@google.com>
 2023-10-13 02:41:28 +00:00
jonerlin
127ca27edc allow hal_bluetooth_btlinux write sysfs file 
Bug: 294747612
Test: v2/pixel-pts/release/bootstress/1200counts/suspend-resume
Change-Id: I62147f0b32156ede2a4e18e5a2bcb77fc2c91831
 2023-10-13 09:00:07 +08:00
Android Build Coastguard Worker
1525445198 Merge cherrypicks of ['googleplex-android-review.googlesource.com/24948148'] into udc-qpr1-release. 
Change-Id: Ibb4079baea932f9ebb9e7939c47242ff52e9994c
 2023-10-12 23:55:38 +00:00
Chia-Chi Teng
c2fc0be24a Revert "bluetooth: Allow triggering AOC reset from BT HAL" 
Revert submission 24871772-bt-aoc-coredump

Reason for revert: b/300076774 root cause identified as b/299038059

Reverted changes: /q/submissionid:24871772-bt-aoc-coredump

Bug: 299038059
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0aa787efa82477a31e9941374ec5fa17738a4f07)
Merged-In: Ibd021c6b983c2eb390c268cf89f30e2e8ee54d21
Change-Id: Ibd021c6b983c2eb390c268cf89f30e2e8ee54d21
 2023-10-12 23:55:19 +00:00
Brian Duddie
48527a1e6f Merge "Revert "bluetooth: Allow triggering AOC reset from BT HAL"" into udc-qpr-dev am: c387226619 am: d1ddce264c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24948148

Change-Id: Ic95a0ecc1722769c2ac9ac7711ae93ea85a16ce0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-12 23:20:21 +00:00
Brian Duddie
d1ddce264c Merge "Revert "bluetooth: Allow triggering AOC reset from BT HAL"" into udc-qpr-dev am: c387226619 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24948148

Change-Id: I59fbb4f03909803a422ff9a9abd17cae32eb7014
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-12 22:48:59 +00:00
Brian Duddie
c387226619 Merge "Revert "bluetooth: Allow triggering AOC reset from BT HAL"" into udc-qpr-dev 2023-10-12 22:25:50 +00:00
Android Build Coastguard Worker
fa0f83b22d Snap for 10929702 from a7648dfb45 to 24Q1-release 
Change-Id: I134d8d703021537b284d20d5d5e49bcf12025081
 2023-10-11 01:05:22 +00:00
John Chang
33c5d3185c display: properties of vrr settings 
Bug: 290843234
Test: verify getprop/setprop after reboot.
Change-Id: I7e69fba9d16cabf899bf0d1c4ba041f079e645c1
 2023-10-10 21:37:17 +00:00
Android Build Coastguard Worker
c168d1d626 Snap for 10923648 from b2592218d6 to 24Q1-release 
Change-Id: Ia6a28090702866c884312ec3f01c10d57a2b4684
 2023-10-10 01:05:55 +00:00
Matthew Sedam
b2592218d6 Merge "Allow CHRE to access the IStats service for the zuma target" into main 2023-10-09 18:18:57 +00:00
Android Build Coastguard Worker
711588b4fd Snap for 10915631 from 3c42b0fd71 to 24Q1-release 
Change-Id: I175dd44cb3a9a454eb6a9a6eab7c74218d42005d
 2023-10-07 03:06:01 +00:00
Chia-Chi Teng
0aa787efa8 Revert "bluetooth: Allow triggering AOC reset from BT HAL" 
Revert submission 24871772-bt-aoc-coredump

Reason for revert: b/300076774 root cause identified as b/299038059

Reverted changes: /q/submissionid:24871772-bt-aoc-coredump

Bug: 299038059
Change-Id: Ibd021c6b983c2eb390c268cf89f30e2e8ee54d21
 2023-10-06 22:04:57 +00:00
Android Build Coastguard Worker
c9c0c08991 Snap for 10909147 from 56723a2036 to 24Q1-release 
Change-Id: I6ff3a0be981469f00c1200db604b0201d0e935d3
 2023-10-06 01:05:21 +00:00
Android Build Coastguard Worker
bbcbaf407b Snap for 10909147 from 2685dda06f to 24Q1-release 
Change-Id: Ia3f90e27a53066e10fee8195d02337fe517dec58
 2023-10-06 01:05:20 +00:00
Android Build Coastguard Worker
56eb30285e Snap for 10909010 from fd78823dfa to udc-qpr1-release 
Change-Id: Id5dc44ab68d45c22fe5699ae1bf8797f920e6e03
 2023-10-05 23:03:34 +00:00
Roy Luo
56723a2036 Merge "Support metric upload in USB HAL" into main 2023-10-05 20:24:46 +00:00
Mike Wang
bb474d5e68 Merge "Grant the MDS access to the IPowerStats hal service." into udc-qpr-dev am: fd78823dfa am: 7eafbc0be0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24610375

Change-Id: Ic1bc4799d21df9a120946241f5bf278a1be6e12c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-05 17:13:10 +00:00
Mike Wang
7eafbc0be0 Merge "Grant the MDS access to the IPowerStats hal service." into udc-qpr-dev am: fd78823dfa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24610375

Change-Id: If95e8b46a87625618bce50a19690bf4773625e9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-05 16:24:40 +00:00
Mike Wang
fd78823dfa Merge "Grant the MDS access to the IPowerStats hal service." into udc-qpr-dev 2023-10-05 15:55:47 +00:00
Android Build Coastguard Worker
b499a9eedc Snap for 10903783 from a9c5940732 to 24Q1-release 
Change-Id: Iae2b2edfb94db92a97700d5cd86902ad4ba8fe65
 2023-10-05 03:05:13 +00:00
Roy Luo
aa5218c8a7 Support metric upload in USB HAL 
Grant access to stats service.
Sample error logs: avc:  denied  { find } for pid=949 uid=1000
name=android.frameworks.stats.IStats/default
scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:fwk_stats_service:s0
tclass=service_manager permissive=0

Bug: 297224564
Test: no audit log in logcat after command execution
Change-Id: I4a80e11e63ec164dff73288e93aac851ffebb696
 2023-10-04 20:02:39 +00:00
Android Build Coastguard Worker
b6630efc4f Snap for 10897809 from 03fd3d9a37 to 24Q1-release 
Change-Id: Iff90dc140ae70aac2088499bae4b3638c4db2cfd
 2023-10-04 02:30:01 +00:00
Android Build Coastguard Worker
b929216e86 Snap for 10889587 from 78a11c134a to 24Q1-release 
Change-Id: I529c57390a86aef1deada2e229a7d0889502be4f
 2023-10-03 03:05:17 +00:00
Matthew Sedam
ad0075acd6 Allow CHRE to access the IStats service for the zuma target 
Bug: 298459533
Test: Use stats service from chre
Change-Id: Ie4c9a24d3cd331621136c7c21989685631d87519
 2023-10-02 20:52:36 +00:00
Android Build Coastguard Worker
ac9934df2c Snap for 10884074 from e853c1919d to 24Q1-release 
Change-Id: I28c2e27f9252d6d2975a9cb0db5e87ede8561221
 2023-09-30 03:05:14 +00:00
Android Build Coastguard Worker
a8cf202eb4 Snap for 10884074 from 77b0f3fc8c to 24Q1-release 
Change-Id: I33188b71c7dd7ef50a197f47bf7c0f4e92be957c
 2023-09-30 03:05:13 +00:00
Android Build Coastguard Worker
eba8de4a1b Merge cherrypicks of ['googleplex-android-review.googlesource.com/24892143'] into 24Q1-release. 
Change-Id: Ifaddb3c8e88aa1c8d33c706284b303ed7dd05cc3
 2023-09-29 03:31:24 +00:00
Android Build Coastguard Worker
6ad62e2c3c Merge cherrypicks of ['googleplex-android-review.googlesource.com/24892142'] into 24Q1-release. 
Change-Id: I9cf29f764cd8a53e38e8c1785ab841c1271a6f7e
 2023-09-29 03:31:21 +00:00
Jing Wang
501cc68087 Revert "Add vendor_sjtag_lock_state_prop and init-check_ap_pd_au..." 
Test: Revert submission 24754347-zuma-etm2dram

Reason for revert: b/302352974

Reverted changes: /q/submissionid:24754347-zuma-etm2dram

Bug: 302352974
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:e853c1919d4fef493c545ed3e1c79958158f7d20)
Merged-In: I251c3a62c79722a9050bdbce85dc758fc4b6fda9
Change-Id: I251c3a62c79722a9050bdbce85dc758fc4b6fda9
 2023-09-29 03:31:14 +00:00
Jing Wang
37a9786437 Revert "init.debug.rc: enable etm/etm2dram when SJTAG is unlocked" 
Revert submission 24754347-zuma-etm2dram

Reason for revert: b/302352974

Reverted changes: /q/submissionid:24754347-zuma-etm2dram

Bug: 302352974
Signed-off-by: Jing Wang <jwangh@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:77b0f3fc8c55f7cc934d380c6d295aa5f47ffc5f)
Merged-In: I937658f7c78a97e2c3065a05058353b5cf16e860
Change-Id: I937658f7c78a97e2c3065a05058353b5cf16e860
 2023-09-29 03:31:06 +00:00
Jing Wang
e853c1919d Revert "Add vendor_sjtag_lock_state_prop and init-check_ap_pd_au..." 
Test: Revert submission 24754347-zuma-etm2dram

Reason for revert: b/302352974

Reverted changes: /q/submissionid:24754347-zuma-etm2dram

Bug: 302352974
Change-Id: I251c3a62c79722a9050bdbce85dc758fc4b6fda9
 2023-09-29 01:25:27 +00:00
Android Build Coastguard Worker
40b9df9454 Snap for 10878163 from 1af5314ec0 to 24Q1-release 
Change-Id: I5a34bbd3e3c66c111725237286b3cfaeaf9bc4a7
 2023-09-29 01:04:54 +00:00
Android Build Coastguard Worker
04ba176333 Snap for 10878163 from 447cdc3f6c to 24Q1-release 
Change-Id: I4875bd2d385560dfdd361aa0c170c6c81686e356
 2023-09-29 01:04:54 +00:00
Android Build Coastguard Worker
bca4ed4030 Snap for 10877629 from 858f999657 to udc-qpr1-release 
Change-Id: Iedf7e84ba802018bd59a03d9e53782fe2c37f112
 2023-09-28 23:03:21 +00:00
mikeyuewang
1ee598d5d2 Grant the MDS access to the IPowerStats hal service. 
ref logs:
09-06 10:07:18.006   536   536 I auditd  : avc:  denied  { find } for pid=22543 uid=10225 name=android.hardware.power.stats.IPowerStats/default scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:hal_power_stats_service:s0 tclass=service_manager permissive=1
09-06 10:07:18.010 22543 22543 I auditd  : type=1400 audit(0.0:65): avc:  denied  { call } for  comm="pool-4-thread-1" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=1 app=com.google.mds

Test: Tested with MDS app and the MDS can get IPowerStats binder and
call the interface.

Bug: 297250368
Change-Id: I7b0eeabdafb49eb33d8016666f9c02f2616f898d
 2023-09-28 15:22:00 +00:00
Android Build Coastguard Worker
d1f9ed8154 Snap for 10872577 from 160a33cd99 to 24Q1-release 
Change-Id: I4caf645b96b7580201ee98f87eb6408b6047e7e3
 2023-09-28 01:09:57 +00:00
Brian Duddie
1af5314ec0 bluetooth: Allow triggering AOC reset from BT HAL am: 858f999657 am: 89d7732591 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24869257

Change-Id: I3381cfdfff17ca8c2f77fa5043775a5f80ea028e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-27 22:50:28 +00:00
Brian Duddie
89d7732591 bluetooth: Allow triggering AOC reset from BT HAL am: 858f999657 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24869257

Change-Id: I5bdeb95ad44c69d2b8cd04f12dc7cde49580084c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-27 21:45:56 +00:00
Android Build Coastguard Worker
bc5b04415c Snap for 10865348 from 22eae6d60c to 24Q1-release 
Change-Id: Iea8fca6b7031df1c47e00647714ea6a183a8ac3f
 2023-09-27 01:04:04 +00:00
Brian Duddie
858f999657 bluetooth: Allow triggering AOC reset from BT HAL 
Supports debugging and recovery from fatal errors that do not trigger
AOC SSR on their own.

Bug: 300076774
Test: trigger SSR from BT HAL
Change-Id: I795b2c1830625e2cf05a9aa63c6f7ef273b01a87
 2023-09-27 00:08:19 +00:00
Android Build Coastguard Worker
4993d95a2d Snap for 10853826 from 3a73468bc5 to 24Q1-release 
Change-Id: I10947ad33257a080ce6912e462ea6140e777ebdf
 2023-09-23 23:03:06 +00:00
Android Build Coastguard Worker
3962771be5 Snap for 10851067 from a20daced19 to 24Q1-release 
Change-Id: Id168f38b1e63fd426e78472b82a92d8ee39fbe9a
 2023-09-23 03:03:54 +00:00
Android Build Coastguard Worker
043e39f30b Snap for 10844961 from b9abd19bc2 to 24Q1-release 
Change-Id: I75f5e632b20d09b51166a206b4d1db712f90634d
 2023-09-22 01:04:17 +00:00
Android Build Coastguard Worker
4d30db4766 Snap for 10843824 from 2c8f57245a to 24Q1-release 
Change-Id: I0faefc9c392d7ede93f766d1b703bb04839bf08e
 2023-09-21 21:53:27 +00:00
Android Build Coastguard Worker
351ce41e3e Snap for 10843824 from a1e0faee5b to 24Q1-release 
Change-Id: I86951ab09f23cfde10d21f9b1808e19df7a58392
 2023-09-21 21:53:25 +00:00
Sergey Volk
a1e0faee5b Allow HWC access to dp_hotplug_error_code in sysfs 
When an error is detected, DisplayPort kernel driver writes hotplug error code into a sysfs file. Hardware composer reads the error code from sysfs and then needs to write 0 in there to reset the code.

Test: manual
Bug: 283461313
Change-Id: Ifadc2403d62b12b0661fd170fa6df36b6a199fc3
 2023-09-21 02:56:08 +00:00
Treehugger Robot
56e8cb4aa3 Merge "Add vendor_sjtag_lock_state_prop and init-check_ap_pd_auth-sh" into main 2023-09-20 08:24:55 +00:00
John Chang
acb925a4fe Merge "display: properties of vrr settings" into main 2023-09-18 21:38:01 +00:00
Yixuan Wang
143311cda0 Merge "Add selinux policy for chre vendor data directory" into main 2023-09-18 17:35:11 +00:00
John Chang
85d45d6776 display: properties of vrr settings 
Bug: 290843234
Test: verify getprop/setprop after reboot.
Change-Id: I1ff2b7069f0e6a5a9aef6ac2f6ac6d89b457dcc3
 2023-09-18 14:19:11 +00:00
Wilson Sung
488d348114 Merge changes from topic "b299029620_cleanup" into main 
* changes:
  Relocate common tracking denial entries
  Remove obsolete entries
 2023-09-18 02:54:32 +00:00
yixuanwang
0a4d3c2f89 Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I33d1e73a375c86602ce632665fe96c5876347c52
 2023-09-16 02:51:45 +00:00
Android Build Coastguard Worker
e02d2b662b Snap for 10817717 from adf19fcc76 to udc-qpr1-release 
Change-Id: Ia256b5d9cc68bf7b3f542d1f7730ea4ccb5332f3
 2023-09-16 01:07:46 +00:00
Yixuan Wang
eae42fd8f4 Merge changes from topic "am-1b65f256ed6d44cb931295968c81bde7" into udc-qpr-dev-plus-aosp am: 284bdc3fa5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: I7806e779a085c025de63d728eb0c52340db9612d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 20:07:37 +00:00
Yixuan Wang
43f05a7e41 [automerger skipped] Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev am: adf19fcc76 am: b02946bca9 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: I0a663d71d92d175823b7878aa37b6c032471cf58
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 20:07:34 +00:00
Yixuan Wang
ca2ba97013 [automerger skipped] Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev am: adf19fcc76 am: 0603f723f4 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: I6e7230b804267bea465fb976bfa906240db91b83
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 20:04:23 +00:00
Yixuan Wang
6100be27ef [automerger skipped] Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..." am: bd654f00d9 am: cb920d586f -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: I6df3d77eaa660e9474dfc76a0691b8222fd7fba0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 20:04:21 +00:00
Yixuan Wang
284bdc3fa5 Merge changes from topic "am-1b65f256ed6d44cb931295968c81bde7" into udc-qpr-dev-plus-aosp 
* changes:
  Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev am: adf19fcc76
  Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..." am: bd654f00d9
 2023-09-15 18:38:02 +00:00
Yixuan Wang
0603f723f4 Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev am: adf19fcc76 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: I307c73fcecb5e213ab186b4610a5be681262a680
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 18:14:42 +00:00
Yixuan Wang
cb920d586f Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..." am: bd654f00d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: Iba1c14faaf0c1e423f914ca860f83d75d5496a54
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 18:14:40 +00:00
Desmond Huang
c62d6871b3 Relocate common tracking denial entries 
Bug: 299029620
Change-Id: I587e53a54e6bf4e3ccaa572cb35c28b4a0bc1eed
 2023-09-15 03:39:48 +00:00
Desmond Huang
6f2589ec74 Remove obsolete entries 
Bug: 299029620
Change-Id: Ib4782148b3e1167fd0113e5ec3eced7348a0cac2
 2023-09-15 03:37:16 +00:00
Yixuan Wang
b02946bca9 Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev am: adf19fcc76 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: Ifbc5098189471983e87ef6e607b0a50e82b985a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 01:12:39 +00:00
Yixuan Wang
1c333dd6dc Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..." am: bd654f00d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24589942

Change-Id: Id83469911f8d0f9bd997f53aa49176dc6c083bd5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-15 01:12:33 +00:00
Yixuan Wang
adf19fcc76 Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev 2023-09-15 00:23:04 +00:00
Android Build Coastguard Worker
2c7a2f3b96 Snap for 10810697 from 64c085cfab to udc-qpr1-release 
Change-Id: I509643a1cde727ce05c37851bc6f8f7a7d395d83
 2023-09-14 23:03:38 +00:00
Treehugger Robot
e3aa243bcf Merge "Add required sepolicy rule for Camera" into udc-qpr-dev am: 64c085cfab am: ed60a3086e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24418269

Change-Id: Id7f41df36e3fec35001a4188e4dd023c84f704f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-14 04:14:40 +00:00
Treehugger Robot
ed60a3086e Merge "Add required sepolicy rule for Camera" into udc-qpr-dev am: 64c085cfab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24418269

Change-Id: I28d9a36decdc7e2646ee17450804fae715cbc4f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-14 04:04:59 +00:00
Treehugger Robot
64c085cfab Merge "Add required sepolicy rule for Camera" into udc-qpr-dev 2023-09-14 03:20:33 +00:00
Woody Lin
9687d162bc Add vendor_sjtag_lock_state_prop and init-check_ap_pd_auth-sh 
1. Add init-check_ap_pd_auth-sh for the vendor daemon script
   `/vendor/bin/init.check_ap_pd_auth.sh`.
2. Add policy for properties `ro.vendor.sjtag_{ap,gsa}_is_unlocked` for
   init, init-check_ap_pd_auth-sh and ssr_detector to access them.

SjtagService: type=1400 audit(0.0:1005): avc:  denied  { open } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1006): avc:  denied  { getattr } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1007): avc:  denied  { map } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1008): avc:  denied  { write } for  name="property_service" dev="tmpfs" ino=446 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
SjtagService: type=1400 audit(0.0:1009): avc:  denied  { connectto } for  path="/dev/socket/property_service" scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1

Bug: 299043634
Change-Id: I6b2abf69fca9b4765f2dfb7ed82e6546159e96e9
 2023-09-14 10:48:08 +08:00
Android Build Coastguard Worker
a159dd37ea Snap for 10804332 from 1a65e5d5e4 to udc-qpr1-release 
Change-Id: I5d2fbb62a49f0a3b4e1f84532c424fd4289d08cb
 2023-09-13 23:03:22 +00:00
Tai Kuo
e45cb8ef52 Allow regmap debugfs for drivers probed by insmod am: 1a65e5d5e4 am: 8cf4f20ca3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24727593

Change-Id: Id56ae9157f1fb0278d9b70641818c6dcb1629b8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-13 00:32:10 +00:00
Tai Kuo
8cf4f20ca3 Allow regmap debugfs for drivers probed by insmod am: 1a65e5d5e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24727593

Change-Id: Ia298dbfa2909cea74711f2f10b0bdca3c301a0a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-12 23:42:40 +00:00
Pointer Kung
be9c098a46 Add required sepolicy rule for Camera 
Grant access for TNR max_freq to let libperfmgr can control it via powerhint.

Bug: 298595475
Test: adb shell cat cur_freq, GCA, CTS
Change-Id: Ibea9d8b60a41802ba7d685daa591471a9e8cbd91
 2023-09-12 09:16:01 +00:00
Tai Kuo
1a65e5d5e4 Allow regmap debugfs for drivers probed by insmod 
auditd  : type=1400 audit(0.0:731): avc:  denied  { search } for
comm="modprobe" name="regmap" dev="debugfs" ino=2057
scontext=u:r:insmod-sh:s0 tcontext=u:object_r:vendor_regmap_debugfs:s0
tclass=dir permissive=1 bug=b/274727542

vendor_kernel_boot and vendor_dlkm modules probe by insmod need this.
Move regmap debugfs from legacy/whitechapel_pro/ to vendor/.

Bug: 274727542
Bug: 289012421
Test: ls -d /sys/kernel/debug/regmap/*-0043
Change-Id: I2bd35a6bc942536505f62d4122f0de892f243802
 2023-09-12 16:45:09 +08:00
Android Build Coastguard Worker
5cde7e9535 Snap for 10739918 from 4bb847b815 to udc-qpr1-release 
Change-Id: I9a0e3277ca7efec34580b9dbb672131ccb9bf358
 2023-08-30 23:03:59 +00:00
Treehugger Robot
216f86b0c2 Merge "audio: move related sepolicy of audio to gs-common" into udc-qpr-dev am: 4bb847b815 am: 207188241d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24585767

Change-Id: Ia622fbf9e355e3e04e4dd732776d30657b02ff2d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-30 18:24:30 +00:00
Treehugger Robot
207188241d Merge "audio: move related sepolicy of audio to gs-common" into udc-qpr-dev am: 4bb847b815 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24585767

Change-Id: I9df8bae38a17b05df787654de85517064fb7aaec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-30 17:35:13 +00:00
Treehugger Robot
4bb847b815 Merge "audio: move related sepolicy of audio to gs-common" into udc-qpr-dev 2023-08-30 16:29:24 +00:00
Android Build Coastguard Worker
7276b2f7b5 Snap for 10732685 from ea09b155f2 to udc-qpr1-release 
Change-Id: Iee4e1b49a299f4c5646d63b28a5db02c4c213e82
 2023-08-29 23:03:01 +00:00
Yixuan Wang
bd654f00d9 Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..." 
Revert submission 24526613-revert-23834879-CHRE BT LOG-MHDBQNZAGV

Reason for revert: Fixed and tested with a followup cl

Reverted changes: /q/submissionid:24526613-revert-23834879-CHRE+BT+LOG-MHDBQNZAGV

Change-Id: I29866a91abfcfa380d772da447eb95344df43f8f
 2023-08-29 19:17:32 +00:00
Safayat Ullah
6e969be173 [automerger skipped] display: add persist property to vendor_display_prop am: ea09b155f2 am: 2c7187af19 -s ours 
am skip reason: Merged-In I2497960fbc76e56dd3a9c69d3fe274f0685744f8 with SHA-1 b27308445d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24549050

Change-Id: Ifd6f9184a55de25ca13b0d4146181b2148371fc2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-29 14:24:57 +00:00
Safayat Ullah
2c7187af19 display: add persist property to vendor_display_prop am: ea09b155f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24549050

Change-Id: If21c57942053863ff2157d88a4810a81b30a03f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-29 13:34:23 +00:00
Safayat Ullah
ea09b155f2 display: add persist property to vendor_display_prop 
Bug: 290162920
Test: no avc denied log
Change-Id: I60747df56c6993251bc736994da828814bcdf607
Merged-In: I2497960fbc76e56dd3a9c69d3fe274f0685744f8
 2023-08-29 09:06:57 +00:00
Jasmine Cha
8fb992eacb audio: move related sepolicy of audio to gs-common 
Bug: 297482504
Test: build pass

Change-Id: I9444b9e63f32bf898c845e42edbf682798bce300
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-08-29 16:45:47 +08:00
Safayat Ullah
b27308445d display: add persist property to vendor_display_prop 
Bug: 290162920
Test: no avc denied log
Change-Id: I2497960fbc76e56dd3a9c69d3fe274f0685744f8
 2023-08-29 08:01:45 +00:00
Kieran Cyphus
68fae0f171 Merge "DMD MDS: register proxy service and update MDS policy." into main 2023-08-28 01:42:43 +00:00
Android Build Coastguard Worker
1e83e2b16b Snap for 10712072 from ae9ab242e8 to udc-qpr1-release 
Change-Id: Iee6cca82d00379e851f7b9958e7e820178372284
 2023-08-24 23:03:01 +00:00
Sebastian Pickl
be13832180 Merge "Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..."" into udc-qpr-dev am: ae9ab242e8 am: 00b4a62dd1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24526611

Change-Id: I71963049de8eb6c01ba75d32faeae378ca4ac84c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-24 11:33:44 +00:00
Sebastian Pickl
b5491c6650 Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." am: 84f1209636 am: 7ee5ae18de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24526611

Change-Id: If8ca0317f923da98e74ff8642b97f83894206b2f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-24 11:33:41 +00:00
Sebastian Pickl
00b4a62dd1 Merge "Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..."" into udc-qpr-dev am: ae9ab242e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24526611

Change-Id: I79952f32ed00fface67437449575e7750959bca5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-24 10:51:25 +00:00
Sebastian Pickl
7ee5ae18de Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." am: 84f1209636 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24526611

Change-Id: I3e4c175289017c75c26df4029421b61ad4efcfbe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-24 10:51:24 +00:00
Sebastian Pickl
ae9ab242e8 Merge "Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..."" into udc-qpr-dev 2023-08-24 10:06:57 +00:00
Sebastian Pickl
84f1209636 Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." 
Revert submission 23834879-CHRE BT LOG

Reason for revert: fixes broken test b/297255998 verified by go/abtd: https://android-build.googleplex.com/builds/abtd/run/L30000000962735539
Bug:297255998

Reverted changes: /q/submissionid:23834879-CHRE+BT+LOG

Change-Id: I56b800260303834ed76dedf354b5a32af00b3684
 2023-08-24 09:47:19 +00:00
Yixuan Wang
cf9a0ff772 Merge "[DO NOT MERGE] Add selinux policy for chre vendor data directory" into udc-qpr-dev am: 0fcc802265 am: 4773f8519d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23834879

Change-Id: I70f328b984f29ef7bdc922bfb24352a963857da3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-23 20:01:35 +00:00
Yixuan Wang
890c3869c3 [DO NOT MERGE] Add selinux policy for chre vendor data directory am: 22d9b28316 am: 2058641a14 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23834879

Change-Id: If2a3d433f56159e7a4264f52b53288afc557df61
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-23 20:01:32 +00:00
Yixuan Wang
4773f8519d Merge "[DO NOT MERGE] Add selinux policy for chre vendor data directory" into udc-qpr-dev am: 0fcc802265 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23834879

Change-Id: I819f616efd223718dd98bb8e953d3b020a296e80
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-23 19:52:30 +00:00
Yixuan Wang
2058641a14 [DO NOT MERGE] Add selinux policy for chre vendor data directory am: 22d9b28316 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23834879

Change-Id: Id8058dbdf765871ba8e762ed10dd1af309642351
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-23 19:52:24 +00:00
Yixuan Wang
0fcc802265 Merge "[DO NOT MERGE] Add selinux policy for chre vendor data directory" into udc-qpr-dev 2023-08-23 19:29:45 +00:00
kierancyphus
9c6ec7fdd9 DMD MDS: register proxy service and update MDS policy. 
MDS is a privileged app which get its permissions from `privapp-permissions-google-product.xml`, however, part of this work requires custom SEPolicy and so those permissions have been translated in SEPolicy.

This is a copy of 022dd13252865e131127da6596f5ada71fbf104f (ag/23056498) which can't be cherry picked because it was previously merged and reverted on main.

Test: Manually flash device
Bug: 270279779
Change-Id: If93515aa6b37bcbe8ec34241da1fa144d61e3d5d
 2023-08-22 06:41:36 +00:00
Android Build Coastguard Worker
071efa5a8d Snap for 10690357 from 7f3e2b9212 to udc-qpr1-release 
Change-Id: Id3462b680735b5993a677c847cbb2b1dc79f0864
 2023-08-21 23:03:19 +00:00
Kris Chen
3f2bf29e1f Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f am: 7f3e2b9212 am: beed400798 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I73f79b88b8605c20e3c0eb71699b84f08d6a5b94
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 07:45:10 +00:00
Kris Chen
7e2cb4f5f6 Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f am: 4a49dbceac am: 12c2d23a4b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I64a4f98723a7d5425062c5144402d60af9a55661
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 07:44:46 +00:00
Kris Chen
beed400798 Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f am: 7f3e2b9212 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I61b5d78945f4606a1a8924c2ba9e1e4b887d5895
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 07:08:39 +00:00
Kris Chen
12c2d23a4b Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f am: 4a49dbceac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: Ibcac24727053aac68e937156421b16b9ab892200
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 07:04:41 +00:00
Kris Chen
4a49dbceac Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I9f99fc149fc832a44d45d09b563ba8bc913a12d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 06:39:06 +00:00
Kris Chen
7f3e2b9212 Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I6a6014a9efe1d543b559bc9142766d0765468339
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 06:33:12 +00:00
Nicole Lee
c21ab073a4 Add rules for letting logger app send the command to ril am: 3c5d001e7d am: 61d25d70ff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24465106

Change-Id: I960f16e413999fa9e831a5535a39d7b4a62c899c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 03:16:18 +00:00
Nicole Lee
61d25d70ff Add rules for letting logger app send the command to ril am: 3c5d001e7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24465106

Change-Id: Ie4811b143d31103f5efbdf941fbfdff4e6c1ac93
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 02:40:44 +00:00
Seungjae Yoo
0612fa8de5 [automerger skipped] Label dtbo partition as dtbo_block_device am: 8256e72c4a am: 34eb573ac9 -s ours 
am skip reason: Merged-In Iccca8de440cad7e9cd12015e0271262a217c457b with SHA-1 3773ca269e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24438745

Change-Id: I81162dcf5812bb778f3c5d476da929542ee26ab3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-18 10:05:39 +00:00
Seungjae Yoo
34eb573ac9 Label dtbo partition as dtbo_block_device am: 8256e72c4a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24438745

Change-Id: Ia4dc306e5e6fdb008c890b538804fba528319806
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-18 09:28:08 +00:00
Treehugger Robot
438b7da691 Merge "Revert "DMD MDS: register proxy service and update MDS policy."" into main 2023-08-18 08:55:00 +00:00
Nicole Lee
3c5d001e7d Add rules for letting logger app send the command to ril 
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c3,c257,c512,c768 pid=3217 scontext=u:r:logger_app:s0:c3,c257,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 293351399
Test: Verify SetDebugTrace funciton on p23
Change-Id: I1e51954886a7ea8bf5d31213634d4df34619eb33
 2023-08-18 07:59:11 +00:00
Hsin-Yi Chen
f4b5074d48 Revert "DMD MDS: register proxy service and update MDS policy." 
This reverts commit 2f5496582d.

Bug: 296329753
Reason for revert: broken build

Change-Id: I9336cebf8d4947450f5d3e2f0ec4df839aca3574
 2023-08-18 07:40:37 +00:00
Renato Grottesi
fa4f421d41 Merge "Cleanup unused ArmNN settings." into main 2023-08-18 04:31:47 +00:00
Seungjae Yoo
8256e72c4a Label dtbo partition as dtbo_block_device 
Bug: 291191362
Test: m

Merged-In: Iccca8de440cad7e9cd12015e0271262a217c457b
Change-Id: Iccca8de440cad7e9cd12015e0271262a217c457b
 2023-08-18 00:38:06 +00:00
Android Build Coastguard Worker
6bbd96b4b5 Snap for 10675748 from 013ec5ce54 to udc-qpr1-release 
Change-Id: Ie031a9573ca3967c61f7bfdb01ac92a0948afa2c
 2023-08-17 23:03:08 +00:00
Seungjae Yoo
7961d4ee51 Merge "Label dtbo partition as dtbo_block_device" into main 2023-08-17 22:32:36 +00:00
Kris Chen
c9d21c380f Allow hal_power_default to access sysfs_scsi_devices_0000 
Fix the following avc denial:
avc:  denied  { write } for  name="clkgate_enable" dev="sysfs"
ino=69304 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 290709897
Test: enroll fingerprint
Change-Id: Ib153087839d59e1839ceed4373a9be6f42e89619
 2023-08-17 12:59:19 +00:00
Renato Grottesi
96f1f214a2 Cleanup unused ArmNN settings. 
Test: pre-submit
Bug: 294463729
Change-Id: Ic417154724c4ddc06925ee2de1bd419dddfa1413
 2023-08-17 09:03:35 +00:00
Kieran Cyphus
a294bcb262 Merge "DMD MDS: register proxy service and update MDS policy." into main 2023-08-17 02:30:26 +00:00
Ilya Matyukhin
ee710b08c1 Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev am: 013ec5ce54 am: 41056381db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24343631

Change-Id: I43c243eff3bfbf14828f29f13789b1a3eb9f38c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 22:10:07 +00:00
Ilya Matyukhin
41056381db Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev am: 013ec5ce54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24343631

Change-Id: Icd84167a866d6bf8cf7fa2c0661320882acfaf6b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 21:26:07 +00:00
Ilya Matyukhin
013ec5ce54 Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev 2023-08-16 20:38:34 +00:00
Seungjae Yoo
3773ca269e Label dtbo partition as dtbo_block_device 
Bug: 291191362
Test: m

Change-Id: Iccca8de440cad7e9cd12015e0271262a217c457b
 2023-08-16 11:16:37 +09:00
Android Build Coastguard Worker
085b322676 Snap for 10658274 from 746bd9ad3c to udc-qpr1-release 
Change-Id: I39fa91dcd50530959cd46c6e3507f31f40b3c43c
 2023-08-15 01:08:40 +00:00
Wilson Sung
33db592c7a Supress kernel avc log before SELinux initialized am: 746bd9ad3c am: eb6368402e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24393095

Change-Id: If9ce34cb0f0b44998215f20d1be88578f0e8f56b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-14 03:26:28 +00:00
Wilson Sung
eb6368402e Supress kernel avc log before SELinux initialized am: 746bd9ad3c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24393095

Change-Id: Ib00fc07da24ed16e6b77f39985724eea892a1e50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-14 02:25:22 +00:00
kierancyphus
2f5496582d DMD MDS: register proxy service and update MDS policy. 
MDS is a privileged app which get its permissions from `privapp-permissions-google-product.xml`, however, part of this work requires custom SEPolicy and so those permissions have been translated in SEPolicy.

Test: Manually flash device
Bug: 270279779
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:022dd13252865e131127da6596f5ada71fbf104f)
Merged-In: I47c1a1163a7d40089d36960ed11822505a7a0a7a
Change-Id: I47c1a1163a7d40089d36960ed11822505a7a0a7a
 2023-08-14 02:10:34 +00:00
Ilya Matyukhin
33540f5a05 zuma: Add sysfs_faceauth_gcma_heap type 
Bug: 288156745
Test: build
Change-Id: I937b37542d8ff5a9e9e0d4d9b53c8300820a1826
 2023-08-11 05:37:59 +00:00
Wilson Sung
746bd9ad3c Supress kernel avc log before SELinux initialized 
Fix: 295430975
Change-Id: I11fe6c6705f7c4f7b3730b8f4b40229b083c0a13
 2023-08-11 12:40:55 +08:00
Roy Luo
41a2c13c6a Merge "Support monitoring USB sysfs attributes in USB HAL" into main 2023-08-10 04:33:29 +00:00
Inseob Kim
dc372f869b [automerger skipped] Move coredomain seapp contexts to system_ext am: ac8048a4f7 am: 5eb322b197 -s ours 
am skip reason: Merged-In Ib8d191a6c07278b51eec88cd8142adf6c1a45668 with SHA-1 8f14aa12a1 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24354514

Change-Id: I530d41e884e7cbc058e74da48799835bfd2a8818
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-09 04:40:09 +00:00
Inseob Kim
5eb322b197 Move coredomain seapp contexts to system_ext am: ac8048a4f7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24354514

Change-Id: I94af7d6ba7a52b5747781bb763f05e5c05b65715
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-09 03:56:23 +00:00
Inseob Kim
ac8048a4f7 Move coredomain seapp contexts to system_ext 
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: Ib8d191a6c07278b51eec88cd8142adf6c1a45668
Merged-In: Ib8d191a6c07278b51eec88cd8142adf6c1a45668
 2023-08-08 15:11:08 +00:00
Inseob Kim
8f14aa12a1 Move coredomain seapp contexts to system_ext 
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: Ib8d191a6c07278b51eec88cd8142adf6c1a45668
 2023-08-08 21:05:21 +09:00
Android Build Coastguard Worker
f7edd28e4f Snap for 10622798 from 2d2ec40c1a to udc-qpr1-release 
Change-Id: Ie326fadfc261fe8f80956ffbd0b37ba3820c9c59
 2023-08-07 23:03:49 +00:00
Roy Luo
8849e1a49a Support monitoring USB sysfs attributes in USB HAL 
Grant access to USB sysfs attributes.

Bug: 285199434
Test: no audit log in logcat after command execution
Change-Id: Ia5f3333318b47f4e0a05140bd6b95e939197fde5
 2023-08-07 19:49:09 +00:00
Wilson Sung
2d7bfbbf4d Supress kernel avc log before SELinux initialized am: 2d2ec40c1a am: e93cda1238 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24319337

Change-Id: Ib9a60e381cd91505dbfc33335674321a696c80af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-07 04:41:48 +00:00
Wilson Sung
e93cda1238 Supress kernel avc log before SELinux initialized am: 2d2ec40c1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24319337

Change-Id: I9df6960739466feb4e249141d16d0b2d2e3b7467
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-07 03:59:19 +00:00
Wilson Sung
2d2ec40c1a Supress kernel avc log before SELinux initialized 
Fix: 281814849
Fix: 292059050
Change-Id: Ie83557668ded8ab17bf77e60ed21db33e9f4f580
 2023-08-04 07:32:39 +00:00
Android Build Coastguard Worker
983316518d Snap for 10594510 from 61939d2308 to udc-qpr1-release 
Change-Id: I4042a485da8d152d47293071789149d60418aeae
 2023-08-01 23:03:15 +00:00
Treehugger Robot
e207f9e4ff Merge "gps: maintain one solution" into udc-qpr-dev am: 61939d2308 am: 1b1abb7ac9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24259847

Change-Id: I5662ab33e381357fbe3ab1aaf91304624c503bb9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-01 05:56:23 +00:00
Treehugger Robot
1b1abb7ac9 Merge "gps: maintain one solution" into udc-qpr-dev am: 61939d2308 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24259847

Change-Id: Ie350939f0b0fb03dfc400e7ca89cf3b46214ecac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-01 05:15:48 +00:00
Treehugger Robot
61939d2308 Merge "gps: maintain one solution" into udc-qpr-dev 2023-08-01 04:40:51 +00:00
Cheng Chang
cd3d87535f gps: maintain one solution 
Bug: 288813677
Test: compile for different devices and check binary.
Test: verification test at b/288813677.
Change-Id: I7ee13ab2641aee0256d4ddb5ba27070b51dbc5e5
 2023-07-31 02:26:40 +00:00
Android Build Coastguard Worker
08faa85ed9 Snap for 10580366 from 91cd7cbad8 to udc-qpr1-release 
Change-Id: Idca0aaad3fcae7b6e544fe739ec2268c3a31dfaa
 2023-07-29 01:07:39 +00:00
Treehugger Robot
04e1c629f9 Merge "Revert "Update SELinux error"" into udc-d1-dev am: 0f46a31902 am: 91cd7cbad8 am: e1153b6555 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24178926

Change-Id: I79639f3b6a0b8cf396959a29bcbbaba8669f3774
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-28 19:28:20 +00:00
Treehugger Robot
e1153b6555 Merge "Revert "Update SELinux error"" into udc-d1-dev am: 0f46a31902 am: 91cd7cbad8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24178926

Change-Id: If65e8446a432d2466a306da78ca40e04ece27efc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-28 18:17:35 +00:00
Treehugger Robot
91cd7cbad8 Merge "Revert "Update SELinux error"" into udc-d1-dev am: 0f46a31902 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24178926

Change-Id: I2aaa3eee203c5859a8f6cb57ee3612498f2d882e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-28 18:02:52 +00:00
Treehugger Robot
e30c4abfb6 Merge "Revert "Update SELinux error"" into udc-d1-dev am: 0f46a31902 am: 3377a38d65 am: 563532e1a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24178926

Change-Id: I6f714c86a79872576ea8552f8b14adaa6156f358
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-28 14:37:02 +00:00
Treehugger Robot
563532e1a2 Merge "Revert "Update SELinux error"" into udc-d1-dev am: 0f46a31902 am: 3377a38d65 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24178926

Change-Id: I87762ed51ab7acc8d9889e8565451badeba56610
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-28 10:32:14 +00:00
Treehugger Robot
3377a38d65 Merge "Revert "Update SELinux error"" into udc-d1-dev am: 0f46a31902 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24178926

Change-Id: I68f3638898f861784276508406773649d6d21c21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-28 09:49:05 +00:00
Treehugger Robot
0f46a31902 Merge "Revert "Update SELinux error"" into udc-d1-dev 2023-07-28 00:06:22 +00:00
Jason Chiu
2db1e0046f Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 am: 65ce874b81 am: 5eb65dec3a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: If43d7f85e36fa0b1187a33a07f9735c67c97f9bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 13:35:33 +00:00
Jason Chiu
05e87e1087 remove rule for bootctrl hidl version 1.2 am: 54b0343059 am: 27e2aeafa7 am: b7f9178a76 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: Ib79c46884070e3379f3ea51243a258a9e6796e38
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 13:35:31 +00:00
Jason Chiu
45253208c0 Add rule for bootctrl AIDL am: 17fa2e6fe5 am: 36dc08bf81 am: d88644ea2f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: I4c825e5161fd9336429880ff00b91eaa5e2a392a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 13:35:28 +00:00
Jason Chiu
5eb65dec3a Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 am: 65ce874b81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I4f3d173599f6c719baba66dd8f2fdae854a00371
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 13:12:23 +00:00
Jason Chiu
b7f9178a76 remove rule for bootctrl hidl version 1.2 am: 54b0343059 am: 27e2aeafa7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: Ic3e8ecf57f805fd32e6973dbfc708704002753bd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 13:12:19 +00:00
Jason Chiu
d88644ea2f Add rule for bootctrl AIDL am: 17fa2e6fe5 am: 36dc08bf81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: Iafe0815e93e1a7b8e00b729acff21253a40cf748
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 13:12:11 +00:00
Jason Chiu
65ce874b81 Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I72d2747b0751ff8b462e59abf974dc3a1a1a1aea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 12:28:20 +00:00
Jason Chiu
27e2aeafa7 remove rule for bootctrl hidl version 1.2 am: 54b0343059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: I43897ecaaae1ecbcb30479f510637e2680406c40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 12:28:18 +00:00
Jason Chiu
36dc08bf81 Add rule for bootctrl AIDL am: 17fa2e6fe5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: Ic0fa67cd73840070825f3cb197ad00656b4c296b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-27 12:28:16 +00:00
Jason Chiu
a31f1a6d5c Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 am: 7aa9a5e3c0 am: fe9e70cbbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I3c4125d31626e02e59523a5fd4c249a3311986b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 20:39:14 +00:00
Jason Chiu
67addf1851 remove rule for bootctrl hidl version 1.2 am: 54b0343059 am: b9e73326ee am: 8bceac530e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: I9411d0f4e94a85fd3814cf3317b560016bcd9697
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 20:39:12 +00:00
Jason Chiu
bd9241df07 Add rule for bootctrl AIDL am: 17fa2e6fe5 am: cbb8fed21e am: 1882450326 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: I5aa4575978be397e77eeaef2c9b09e7f393a7c02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 20:39:10 +00:00
Jason Chiu
fe9e70cbbb Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 am: 7aa9a5e3c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I8f36ce99361c4ce5d54b0ca52ff6f790de495457
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 19:41:50 +00:00
Jason Chiu
8bceac530e remove rule for bootctrl hidl version 1.2 am: 54b0343059 am: b9e73326ee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: Ib1165fd100b06806f479b42785c1b68149cac6d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 19:41:48 +00:00
Jason Chiu
1882450326 Add rule for bootctrl AIDL am: 17fa2e6fe5 am: cbb8fed21e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: If43e26b093fe9f77712a03e54506f86702be9485
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 19:41:45 +00:00
Yunju Lee
72f7cbe324 Revert "Update SELinux error" 
This reverts commit 8f56fc9709.

Reason for revert: b/291237127 is fixed

Bug: 291237127
Change-Id: I58e2636fb2ef1113a4305152948e07ed8a27a7d9
 2023-07-24 15:10:01 +00:00
Android Build Coastguard Worker
883ea98a15 Snap for 10542431 from 7aa9a5e3c0 to udc-qpr1-release 
Change-Id: I6988e04123e8eec15a423af916f99e5155dd490d
 2023-07-22 01:07:45 +00:00
Jason Chiu
7aa9a5e3c0 Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I3bc9799d166ad41bbbb547884a9993a352b3f6c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:19 +00:00
Jason Chiu
b9e73326ee remove rule for bootctrl hidl version 1.2 am: 54b0343059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: Ia4efc4cdc0cb92c62c4ddcb7b6f458c4149657a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:16 +00:00
Jason Chiu
cbb8fed21e Add rule for bootctrl AIDL am: 17fa2e6fe5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: Idbac1303702c0845fd549564f28b20f2bf9f0a03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:13 +00:00
Jason Chiu
3aa432be32 Merge "Add rule for bootctrl AIDL" 
Bug: 282670401
Change-Id: I1b4c5e7ced0fe67bbbaca2b607e4ca7422e170e1
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 21:00:41 +08:00
Jason Chiu
90a1f80488 Add hal_bootctl_default read permission to rootfs in Recovery mode 
Fix the following avc denial:
avc:  denied  { read } for  pid=485 comm="android.hardwar" name="bin" dev="rootfs" ino=9529 scontext=u:r:hal_bootctl_default:s0 tcontext=u:object_r:rootfs:s0 tclass=dir permissive=0

Bug: 282670401
Change-Id: I23ab086ba21d6ffea8b48b4208933c031effc4d4
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:47 +00:00
Jason Chiu
54b0343059 remove rule for bootctrl hidl version 1.2 
Bug: 282670401
Change-Id: I25d169c335fb551cf1862fdf6e6540485a2b8016
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:38 +00:00
Jason Chiu
17fa2e6fe5 Add rule for bootctrl AIDL 
Bug: 282670401
Change-Id: I1b4c5e7ced0fe67bbbaca2b607e4ca7422e170e1
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 20:53:04 +08:00
Android Build Coastguard Worker
a55496243b Snap for 10527654 from 62b083db4d to udc-qpr1-release 
Change-Id: Ibcfdf6034c45caa00774e029d008bbc4904a595c
 2023-07-19 23:03:16 +00:00
Utku Utkan
c2e654730b Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" am: 62b083db4d am: 4f7d7213fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24124264

Change-Id: Ie2bb0cfcf9613d1e12da3fea6887000c4761fb5b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 19:58:33 +00:00
Utku Utkan
4f7d7213fe Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" am: 62b083db4d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24124264

Change-Id: Iafecf9b6bfcc9982ca7ad609c7d4242df71a745c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 18:49:46 +00:00
Utku Utkan
62b083db4d Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Reason for revert: Relanding the original topic after copying the certificates under `device/google` for `without-vendor` branches

Reverted changes: /q/submissionid:24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Bug: 287069860
Test: m && flashall
Change-Id: Icc801ca310c0e512769ed84d185dd6149ae5f22b
 2023-07-18 20:37:42 -07:00
Inseob Kim
ffec72585d Revert "Introduce CameraServices seinfo tag for PixelCameraServices" am: 1ef04d8dda am: ef514a009d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24122567

Change-Id: I11407eb1d65424f34d3ebe601a6c16e660dd8e4d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 03:33:46 +00:00
Inseob Kim
ef514a009d Revert "Introduce CameraServices seinfo tag for PixelCameraServices" am: 1ef04d8dda 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24122567

Change-Id: Icc8049a6eb58141c8ab7109f5810306492f2f3d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 02:50:44 +00:00
Inseob Kim
1ef04d8dda Revert "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24056607-pixel-camera-services-extensions-sepolicy

Reason for revert: build breakage on git_main-without-vendor

Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy

Change-Id: I42e68b982d521acb9b9a088d58ff521be25beb7e
 2023-07-19 01:15:27 +00:00
Utku Utkan
ed8790420e Introduce CameraServices seinfo tag for PixelCameraServices am: c3cf1b7cf0 am: 5dfb9ad64d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24030833

Change-Id: I628cb17d6053851612608f82700e518a043c2884
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 22:35:36 +00:00
Utku Utkan
5dfb9ad64d Introduce CameraServices seinfo tag for PixelCameraServices am: c3cf1b7cf0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24030833

Change-Id: I3ba20fc4bca8798a1bb84ace89f6097ea268041b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 21:49:07 +00:00
Utku Utkan
c3cf1b7cf0 Introduce CameraServices seinfo tag for PixelCameraServices 
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I843c7e0577d88a7e84cb939135fe89f5923ea294
 2023-07-18 12:18:35 -07:00
Android Build Coastguard Worker
3794175969 Snap for 10509334 from 40759437ea to udc-qpr1-release 
Change-Id: I4c6a7efb601a58b06b623ac8b8da7ed9c0881ad4
 2023-07-17 23:03:33 +00:00
Wilson Sung
2ef1135c13 Update SELinux error am: 8f56fc9709 am: 40759437ea am: eb7e1f003a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24058780

Change-Id: I9bdb387f12c8ffa74040ba77c55f072bcb552d17
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 10:45:43 +00:00
Wilson Sung
78b62791f3 Update SELinux error am: 8f56fc9709 am: 358275a825 am: 4e94cbac7c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24058780

Change-Id: Ia4fe3eb12d1882205e22a92281fd7cd583feb683
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 10:45:29 +00:00
Wilson Sung
eb7e1f003a Update SELinux error am: 8f56fc9709 am: 40759437ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24058780

Change-Id: Ia16972d5a05cca4c250ccb6d2e10749556cd17c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 10:08:50 +00:00
Wilson Sung
4e94cbac7c Update SELinux error am: 8f56fc9709 am: 358275a825 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24058780

Change-Id: If8899f2fa1458fd7b0d376b72ef50cdc14a7d993
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 10:00:58 +00:00
Wilson Sung
40759437ea Update SELinux error am: 8f56fc9709 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24058780

Change-Id: I0713b4a21b1df066a4c6ed72be62a50cd89050fc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 09:17:57 +00:00
Wilson Sung
358275a825 Update SELinux error am: 8f56fc9709 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24058780

Change-Id: I971f8532161a1e9e25fc3015a26bd497a9176be6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 09:15:38 +00:00
Wilson Sung
8f56fc9709 Update SELinux error 
Test: scanBugreport
Bug: 291237127
Change-Id: Iacb47dce94f8ee2f71d382a9d0a22a6570345e2d
 2023-07-17 13:50:09 +08:00
Android Build Coastguard Worker
16486ff98f Snap for 10503120 from 8e0c6c3838 to udc-qpr1-release 
Change-Id: I74bc77633dd80d6def09110d204058124c6234b7
 2023-07-15 21:02:51 +00:00
Krzysztof Kosiński
c34f5f375c Remove bug map entry for unknown property reads in camera HAL. am: 583baf021c am: 8e0c6c3838 am: 3d97096517 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23935721

Change-Id: I37a0f3f2ad8d010daa6fb942621261b9d505a036
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-15 00:05:16 +00:00
Krzysztof Kosiński
a728716390 Remove bug map entry for unknown property reads in camera HAL. am: 583baf021c am: b069918c11 am: def8ee2ded 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23935721

Change-Id: I53b503bc70e0bf78f62fbd532c96fcb1dddc88f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 23:46:21 +00:00
Krzysztof Kosiński
3d97096517 Remove bug map entry for unknown property reads in camera HAL. am: 583baf021c am: 8e0c6c3838 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23935721

Change-Id: Id7d5c1f05cf53c6417142ae2522f748ad16ff95b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 23:07:08 +00:00
Krzysztof Kosiński
def8ee2ded Remove bug map entry for unknown property reads in camera HAL. am: 583baf021c am: b069918c11 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23935721

Change-Id: I4c54779e8cbb4c1dea697d02564fc1488ff80133
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 23:04:08 +00:00
Krzysztof Kosiński
8e0c6c3838 Remove bug map entry for unknown property reads in camera HAL. am: 583baf021c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23935721

Change-Id: I364339a11ddaeec5dc2e71b3add58b20384a532a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 22:14:09 +00:00
Krzysztof Kosiński
b069918c11 Remove bug map entry for unknown property reads in camera HAL. am: 583baf021c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23935721

Change-Id: I3397af974f95726b175abcea36a44a02e304cb5d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 22:12:18 +00:00
Krzysztof Kosiński
583baf021c Remove bug map entry for unknown property reads in camera HAL. 
Fixed by avoiding reading a property with the name "218".

Bug: 286508419
Test: check log for denials when running the camera on zuma device.
Change-Id: I3632868187d263ed787f5abf729c4e5c10a4f4c4
 2023-07-14 07:12:51 +00:00
Dinesh Yadav
67b64c50b4 Merge "[Cleanup]: Move gxp sepolicies to gs-common for P23" into main 2023-07-14 04:00:25 +00:00
Treehugger Robot
69ae4e5963 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 am: 7eba1f29bc am: 0e9bd10bb6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: Ibddd2cf980d5f4fc149dcb4aa3443477aed7b246
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 01:17:16 +00:00
Treehugger Robot
00cc329f1c Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 am: a5187246a1 am: d079eb063f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I2c9fe5900fcdaa1fbbfa0bf0ee923cc68819c4b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 01:16:08 +00:00
Badhri Jagan Sridharan
5cda2ff488 [automerger skipped] Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 am: 5958be5bd0 -s ours am: 0079a99873 -s ours 
am skip reason: Merged-In I72711aea571dad5be7ff36ca7a7c59240aaa2226 with SHA-1 62e714d81c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: I63b0cba5b0321d6dfada8c00022e7aa2a4032727
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 00:49:12 +00:00
Badhri Jagan Sridharan
3251bfa4aa [automerger skipped] Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 am: 3e1e0b9b68 am: cd3f2ab5c5 -s ours 
am skip reason: Merged-In I72711aea571dad5be7ff36ca7a7c59240aaa2226 with SHA-1 4f16f36a78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: Ic7028407b0e61dd6609d61032801cacb5cb3395f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 00:27:00 +00:00
Android Build Coastguard Worker
0c02ac7c0d Snap for 10492621 from a5187246a1 to udc-qpr1-release 
Change-Id: I002838d2214d453cbe99f938cb4ffb3c91aa0013
 2023-07-13 23:03:37 +00:00
Treehugger Robot
0e9bd10bb6 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 am: 7eba1f29bc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I6c96a540b0c2214c93f11856c12930bbecd4ec2b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 20:09:14 +00:00
Treehugger Robot
d079eb063f Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 am: a5187246a1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I2f92a0f4c5a54e73ca000b0d57a72366034999e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 19:09:55 +00:00
Badhri Jagan Sridharan
0079a99873 [automerger skipped] Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 am: 5958be5bd0 -s ours 
am skip reason: Merged-In I72711aea571dad5be7ff36ca7a7c59240aaa2226 with SHA-1 62e714d81c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: I5190546cac91a0859b9b24f321cf4f4d22beca20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 19:09:35 +00:00
Treehugger Robot
a5187246a1 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I5662604da8561e8e8729cd494ba35d1797339e82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 19:02:40 +00:00
Treehugger Robot
7eba1f29bc Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I21783e724b86aa309cdd464420858f543f549e68
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 19:00:41 +00:00
Badhri Jagan Sridharan
cd3f2ab5c5 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 am: 3e1e0b9b68 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: Ia0fa536f5e6dfe951fab287f39bc938b67780818
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 18:16:09 +00:00
Treehugger Robot
8bcc8a1242 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev 2023-07-13 17:47:48 +00:00
Badhri Jagan Sridharan
5958be5bd0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: I512b4db16ff18acc313dc0d0c94f78bf4743ddcc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 17:34:05 +00:00
Badhri Jagan Sridharan
3e1e0b9b68 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: Ie727156612f14c298a032468ca8c4567d6341f58
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 17:31:26 +00:00
Badhri Jagan Sridharan
20eade41f0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev 2023-07-13 16:43:18 +00:00
Android Build Coastguard Worker
6915794c2d Snap for 10486787 from 4c3281ff67 to udc-qpr1-release 
Change-Id: Id118904027a228e389df433740c6e7b7e7b8cf03
 2023-07-12 23:03:24 +00:00
Wilson Sung
7a4e047d6a Move systemui seapp_contexts to private am: 5c63d0ef54 am: 4c3281ff67 am: 9975c3e8f1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24018505

Change-Id: I13ca07d21731abae8854f5724421ac675d621878
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 08:28:07 +00:00
Wilson Sung
af1f68ca9f Move systemui seapp_contexts to private am: 5c63d0ef54 am: f33940a050 am: 2d80278b62 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24018505

Change-Id: Ib174e16bddbc0cb11bbabea6101b8072fa5ed1e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 08:27:47 +00:00
Wilson Sung
9975c3e8f1 Move systemui seapp_contexts to private am: 5c63d0ef54 am: 4c3281ff67 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24018505

Change-Id: I509a29a79857e76a55310b683ae3e5278bfd2b71
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 07:51:03 +00:00
Wilson Sung
2d80278b62 Move systemui seapp_contexts to private am: 5c63d0ef54 am: f33940a050 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24018505

Change-Id: I843d0640c84539163a3dafb1b48847d735c2a6d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 07:48:18 +00:00
Wilson Sung
4c3281ff67 Move systemui seapp_contexts to private am: 5c63d0ef54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24018505

Change-Id: I4ca08dc42bf7ce9ff292336d3863c2152afc5145
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 07:05:59 +00:00
Wilson Sung
f33940a050 Move systemui seapp_contexts to private am: 5c63d0ef54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24018505

Change-Id: Ibb9b6cb84e984021e632d14323d622b549e40179
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 07:03:26 +00:00
Android Build Coastguard Worker
47f1f8365f Snap for 10477539 from 4640c96bb4 to udc-qpr1-release 
Change-Id: I7e4a6ba5b199d7bc029d72918abe6f583a6f11c8
 2023-07-11 23:03:09 +00:00
Hasan Awais
ab0cc41a0d uwb: add permission to read SELinux state am: 4640c96bb4 am: 484e16d61b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24007918

Change-Id: I00b3af162bc57f840ac55d8ff881fa55034bc238
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-11 18:10:26 +00:00
Hasan Awais
484e16d61b uwb: add permission to read SELinux state am: 4640c96bb4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24007918

Change-Id: Ie5b1758ea190103d6f7005246e3d2e37e6344fc7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-11 17:33:16 +00:00
Wilson Sung
5c63d0ef54 Move systemui seapp_contexts to private 
Fix: 289480799
Bug: 288227521
Change-Id: Ifc4288125d454569a66151c3c61e000ffd3526ac
 2023-07-11 15:24:10 +08:00
Android Build Coastguard Worker
983c584b52 Snap for 10468395 from 01714c600b to udc-qpr1-release 
Change-Id: Ia5228f0586733af638e2286bf9a6bd71499509c7
 2023-07-10 23:08:05 +00:00
Hasan Awais
4640c96bb4 uwb: add permission to read SELinux state 
Allows UWB HAL to read selinuxfs to determine the state
Used for controlling access to debugfs

Bug: 288049522
Test: local build pass
Change-Id: I1237d001d27999c796bbb28629847f5a5639cd3e
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2023-07-10 17:12:33 +00:00
Wilson Sung
e41a6fa986 Update SELinux error am: 83671d2646 am: 01714c600b am: e0c443771a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24002585

Change-Id: Ifdcc482bb684a9a6cecbb7c8d8fd9b54e111cf51
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-10 11:38:26 +00:00
Wilson Sung
fc7ef081c6 Update SELinux error am: 83671d2646 am: 1c8431e2b4 am: 5ca7dc1f44 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24002585

Change-Id: I072dd6136d581d465298559f081228fa5c348b12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-10 11:38:06 +00:00
Wilson Sung
e0c443771a Update SELinux error am: 83671d2646 am: 01714c600b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24002585

Change-Id: Ib508bbbdf4dcaf39f96ee371cff499c041aa9f83
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-10 11:08:31 +00:00
Wilson Sung
5ca7dc1f44 Update SELinux error am: 83671d2646 am: 1c8431e2b4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24002585

Change-Id: I8e6d9974c86df95b0b6a44343d1c59469c4b664a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-10 11:02:48 +00:00
Wilson Sung
01714c600b Update SELinux error am: 83671d2646 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24002585

Change-Id: I2bf029eace9344aa077b358085736df271264c5a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-10 10:23:10 +00:00
Wilson Sung
1c8431e2b4 Update SELinux error am: 83671d2646 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24002585

Change-Id: Ib45ed15b3233364f3f81f0e972c475c8eacfcc17
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-10 10:20:45 +00:00
Wilson Sung
83671d2646 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 289480799
Change-Id: I6c013d99b9b004b0a39d0b1861fa89da46bc846d
 2023-07-10 14:21:22 +08:00
Dinesh Yadav
1278d8fc59 [Cleanup]: Move gxp sepolicies to gs-common for P23 
These policies are moved to gs-common as part of ag/24002524

Bug: 288368306
Change-Id: Iaa15e497eafd54b1b702192a3c8f7fe0c908f8a1
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-07-10 05:13:16 +00:00
Android Build Coastguard Worker
5e46b76d8b Snap for 10459084 from f65918769f to udc-qpr1-release 
Change-Id: I44ea053a7f13cf3ccd87ea177c2c7a6e9a0a0eff
 2023-07-08 01:07:39 +00:00
Yunju Lee
0a86789618 Add GPU power hint sysfs node to sepolicy for Zuma 
Bug: 228076319
Bug: 278493002
Test: Perfetto trace inspection
Change-Id: I2f78c2e9175faa3f8af4b55e93e9b0f3d6bebdf2
 2023-07-07 21:40:20 +00:00
Samuel Huang
21912887e8 Merge "Revert "Revert "Create telephony.ril.silent_reset system_ext pro..."" into udc-qpr-dev am: f65918769f am: c7ae549508 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23841767

Change-Id: I53bac0abab54f6850bb9f2047ea5ea36f9948e57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-07 03:10:44 +00:00
Samuel Huang
c7ae549508 Merge "Revert "Revert "Create telephony.ril.silent_reset system_ext pro..."" into udc-qpr-dev am: f65918769f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23841767

Change-Id: I5ca51bbe84429d6db54699d15c64a2127cb2678a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-07 02:32:58 +00:00
Samuel Huang
f65918769f Merge "Revert "Revert "Create telephony.ril.silent_reset system_ext pro..."" into udc-qpr-dev 2023-07-07 01:45:24 +00:00
Android Build Coastguard Worker
4bf5b52b7e Snap for 10449897 from 304b7da426 to udc-qpr1-release 
Change-Id: I3cf7cca895d8930905a5e2fb1f39c29b3a18ddd1
 2023-07-06 23:03:24 +00:00
Treehugger Robot
a0cae277cb Merge "Update SELinux error" into udc-d1-dev am: 58c254fcaa am: 304b7da426 am: d04ae24b43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23875908

Change-Id: I52a523821bee362417872b7cd60f16f56cfd6dd2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 17:41:21 +00:00
Treehugger Robot
bdf46d1f83 Merge "Update SELinux error" into udc-d1-dev am: 58c254fcaa am: fe8aefb6a5 am: 7be39ffb70 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23875908

Change-Id: Ib4ae654d871071e85a8949bc84bf630380820a56
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 17:40:51 +00:00
Treehugger Robot
d04ae24b43 Merge "Update SELinux error" into udc-d1-dev am: 58c254fcaa am: 304b7da426 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23875908

Change-Id: Icebf3a9172a6c8f3d2c226cf7aab2e2380bf261c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 17:01:40 +00:00
Treehugger Robot
7be39ffb70 Merge "Update SELinux error" into udc-d1-dev am: 58c254fcaa am: fe8aefb6a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23875908

Change-Id: Ib31dd40b81d334cdbc9836ed788d2873bc7e0b22
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 16:55:12 +00:00
Treehugger Robot
304b7da426 Merge "Update SELinux error" into udc-d1-dev am: 58c254fcaa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23875908

Change-Id: Ic709ca1a390ba7aa81492fcc93ee34c1a2a4372f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 16:14:12 +00:00
Treehugger Robot
fe8aefb6a5 Merge "Update SELinux error" into udc-d1-dev am: 58c254fcaa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23875908

Change-Id: I00b23b4aa5953b1ec71b73c4a928d81af659d726
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 16:09:44 +00:00
Treehugger Robot
58c254fcaa Merge "Update SELinux error" into udc-d1-dev 2023-07-06 15:09:35 +00:00
Ruofei Ma
5ca0cabab9 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev am: f3258b9e00 am: 99ff7c4007 am: a0d8301375 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23852417

Change-Id: Ia306a480812cbc1240ea979b42223401a102d6db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 05:29:05 +00:00
Ruofei Ma
81c25a7a49 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev am: aa2084fe54 am: 4471c5e525 am: deabc971aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23850445

Change-Id: I126b579bd71bfdbd0140aa29c20b8301a9ce3feb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 05:28:57 +00:00
Ruofei Ma
8ccd2bdb48 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev am: f3258b9e00 am: d853f05f4e am: 545d486384 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23852417

Change-Id: I86ae0f4173db0618b55fdebf02cea1e9e1aacc3e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 05:28:39 +00:00
Ruofei Ma
a5365042c2 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev am: aa2084fe54 am: 5358c08714 am: a87ac085c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23850445

Change-Id: I06f846290147757f90432f5cb414b87329c8c271
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 05:26:15 +00:00
Ruofei Ma
a0d8301375 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev am: f3258b9e00 am: 99ff7c4007 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23852417

Change-Id: I0bd63164ba394bb54e309fb59b3062feae9792d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 04:46:46 +00:00
Ruofei Ma
deabc971aa Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev am: aa2084fe54 am: 4471c5e525 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23850445

Change-Id: Ie9d002961517ba1476d4fbc43301c79acab9b5b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 04:44:05 +00:00
Ruofei Ma
545d486384 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev am: f3258b9e00 am: d853f05f4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23852417

Change-Id: I465659921f35ec199201b5d1284f2b0c6cc43d50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 04:42:15 +00:00
Ruofei Ma
a87ac085c0 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev am: aa2084fe54 am: 5358c08714 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23850445

Change-Id: Ia939ab3855b0260c427d5d490e37f94a5ce35a27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 04:40:28 +00:00
Ruofei Ma
99ff7c4007 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev am: f3258b9e00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23852417

Change-Id: I0976a47af9e3ccab16a391c9835885b88166ac95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 03:33:06 +00:00
Ruofei Ma
4471c5e525 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev am: aa2084fe54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23850445

Change-Id: I28bbba859b673990f752fed64098a8e56a9cb99a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 03:32:45 +00:00
Ruofei Ma
d853f05f4e Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev am: f3258b9e00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23852417

Change-Id: I1794ae0ae12c8dda929e25f7d988a4a87a7428a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 03:30:53 +00:00
Ruofei Ma
5358c08714 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev am: aa2084fe54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23850445

Change-Id: Idb18a29b7bf6da51892eee82b3b6d4f9f9503659
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 03:30:23 +00:00
Ruofei Ma
f3258b9e00 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev 2023-07-06 02:49:56 +00:00
Ruofei Ma
aa2084fe54 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev 2023-07-06 02:49:51 +00:00
Wilson Sung
7a77620145 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 289856761
Test: scanBugreport
Bug: 289856761
Test: scanAvcDeniedLogRightAfterReboot
Bug: 289856761
Change-Id: I4a3dcd037b1f63b8d06edab5a5ef4919ce75b8bc
 2023-07-04 11:17:41 +08:00
Badhri Jagan Sridharan
62e714d81c Add USB wakeup sources sepolicy contexts 
Bug: 289376260
Change-Id: I72711aea571dad5be7ff36ca7a7c59240aaa2226
Merged-In: I72711aea571dad5be7ff36ca7a7c59240aaa2226
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
 2023-06-30 19:36:01 +00:00
Badhri Jagan Sridharan
4f16f36a78 Add USB wakeup sources sepolicy contexts 
Bug: 289376260
Change-Id: I72711aea571dad5be7ff36ca7a7c59240aaa2226
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
 2023-06-30 02:13:27 +00:00
Android Build Coastguard Worker
68e32d7824 Snap for 10412120 from bd6892b9d3 to udc-qpr1-release 
Change-Id: I05d34a6801ae14bae786726acbe49d691d08a32f
 2023-06-29 23:03:39 +00:00
Wilson Sung
4515515f60 Move sysUI contexts to system_ext am: 4862829753 am: bd6892b9d3 am: c798459b5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23840925

Change-Id: Iff3c91cef02e228891324ab06d38ad9361c5d883
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-29 05:48:59 +00:00
Wilson Sung
5915cd099a Move sysUI contexts to system_ext am: 4862829753 am: b8ec9b7fc4 am: 0998a42154 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23840925

Change-Id: Ibc19fce60a0c362923f89ae8f9af65164ce16a82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-29 05:48:49 +00:00
Wilson Sung
c798459b5e Move sysUI contexts to system_ext am: 4862829753 am: bd6892b9d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23840925

Change-Id: Idc9c918ec744d32b2362cef93b9e3c5a66085a85
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-29 05:05:15 +00:00
Wilson Sung
0998a42154 Move sysUI contexts to system_ext am: 4862829753 am: b8ec9b7fc4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23840925

Change-Id: I9963b7fa09e1f22ba868cd3abe3fcb090a46cc39
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-29 04:59:33 +00:00
Wilson Sung
bd6892b9d3 Move sysUI contexts to system_ext am: 4862829753 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23840925

Change-Id: Iae1889fe451b09d41160689c24d2888a1a4da796
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-29 04:17:50 +00:00
Wilson Sung
b8ec9b7fc4 Move sysUI contexts to system_ext am: 4862829753 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23840925

Change-Id: I375b899f1d97c6c994a2f2392d562814e4c3a0d4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-29 04:15:43 +00:00
Ruofei Ma
4ee8ce9cd6 Dec: SELinux policy change to allow uclamp.min set 
To get better performance for 4K60FPS HDR video, we need
to boost the cpu when the load is too heavy for Bigwave
decoder.

Bug: 274736629

Change-Id: I32d683084dd55354002d4fd4c266492df3839a35
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2023-06-29 00:22:24 +00:00
Ruofei Ma
4bb2aa413d Revert "mediacodec_google: add hal_power" 
This reverts commit 3346e879e6.

Reason for revert: This change is not needed since the performance boost implementation has changed

Change-Id: Icda43f23354e70503d3bb2efe0631a2d754a4920
 2023-06-29 00:22:11 +00:00
Yixuan Wang
22d9b28316 [DO NOT MERGE] Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I1ac96655571f811c116540aec3a1626d5cca1b16
(cherry picked from commit 7530c4bc13)
 2023-06-28 17:16:15 +00:00
Samuel Huang
0166c5fe0a Revert "Revert "Create telephony.ril.silent_reset system_ext pro..." 
Revert submission 23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Reason for revert: The root cause is missing property definition in gs101-sepolicy. This CL can be merged safely. Verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L48900000961646046

Reverted changes: /q/submissionid:23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Bug: 286476107
Change-Id: I6dde24447cb7caae0bf35d8b0342985e8c2f434a
 2023-06-28 10:28:24 +00:00
Wilson Sung
4862829753 Move sysUI contexts to system_ext 
Bug: 288227521
Change-Id: I3e5f2e76bf067f98b191b3b8ee6010c1abd95cb0
 2023-06-28 14:10:06 +08:00
Android Build Coastguard Worker
99b8156815 Snap for 10393214 from 6f65e69366 to udc-qpr1-release 
Change-Id: If02e1101984fca49c2913d3743fb2729c279f218
 2023-06-27 23:03:07 +00:00
Sebastian Pickl
3bce98be6d Merge "Revert "Create telephony.ril.silent_reset system_ext property fo..."" into udc-qpr-dev am: 6f65e69366 am: 2e6a679fce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23817867

Change-Id: Id5f3601fef67ac0407c054dc234e9638e5f4608c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 12:03:39 +00:00
Sebastian Pickl
2e6a679fce Merge "Revert "Create telephony.ril.silent_reset system_ext property fo..."" into udc-qpr-dev am: 6f65e69366 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23817867

Change-Id: I6c900e08c22cf1355c4c70e944a7a58c7125b1d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 11:16:33 +00:00
Sebastian Pickl
6f65e69366 Merge "Revert "Create telephony.ril.silent_reset system_ext property fo..."" into udc-qpr-dev 2023-06-27 10:37:16 +00:00
Sebastian Pickl
a14eb4e6b5 Revert "Create telephony.ril.silent_reset system_ext property fo..." 
Revert submission 23736941-tpsr-ril-property

Reason for revert: culprit for b/289014054 verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L54800000961620143

Bug: 289014054

Reverted changes: /q/submissionid:23736941-tpsr-ril-property

Change-Id: I6bd6b1e890fa77140d2d0e33ce6ae8a8a03e16f6
 2023-06-27 10:05:32 +00:00
Samuel Huang
c58d851674 Merge "Create telephony.ril.silent_reset system_ext property for RILD restart" into udc-qpr-dev am: 6a7b19e2dc am: 1fb389168d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736941

Change-Id: Ia55ce09c87cebda5c821e5d65d115384b4e212f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 03:55:53 +00:00
Samuel Huang
1fb389168d Merge "Create telephony.ril.silent_reset system_ext property for RILD restart" into udc-qpr-dev am: 6a7b19e2dc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736941

Change-Id: Ia320c14b63008e66cea92d389df5085da17a7e24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 03:07:55 +00:00
Samuel Huang
6a7b19e2dc Merge "Create telephony.ril.silent_reset system_ext property for RILD restart" into udc-qpr-dev 2023-06-27 02:21:20 +00:00
Android Build Coastguard Worker
54f73084ef Snap for 10361546 from 62b8a1fed8 to udc-qpr1-release 
Change-Id: I901e6b26481cc990bc93cc6976bb569a02c5c05f
 2023-06-22 01:07:38 +00:00
TreeHugger Robot
1959bbb904 Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev am: 043ae16d5f am: cae8b7f115 am: 29a97a49aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753755

Change-Id: I2cde8f773d192d149844e83a2a0e2f44f61d85af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 13:12:33 +00:00
TreeHugger Robot
29a97a49aa Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev am: 043ae16d5f am: cae8b7f115 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753755

Change-Id: Ia045ac9ec33ac55cf3ac592851ee7107a1b983d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 12:25:03 +00:00
TreeHugger Robot
95453db458 Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev am: 043ae16d5f am: 62b8a1fed8 am: 4841655987 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753755

Change-Id: Ib628b70bb7c0dd455e456be91714217479e7ed06
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:49:09 +00:00
Treehugger Robot
e074ae4af0 Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 am: e25310025c am: 172a152ab3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: I2a4c05fa0da33eb5661f73cb145108ac9ec74c48
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:48:40 +00:00
Treehugger Robot
124d76da0e Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 am: 2a4fea9c9e am: bac6c337b1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: I75815cc322f7cb7c0a3d1d07fede9c988569923f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:48:29 +00:00
TreeHugger Robot
cae8b7f115 Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev am: 043ae16d5f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753755

Change-Id: I1cee789da99f85b5ac1c5485d53e577448ea806d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:43:07 +00:00
TreeHugger Robot
4841655987 Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev am: 043ae16d5f am: 62b8a1fed8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753755

Change-Id: I2974aeeaf24cbf8041b5fb5823a4440677f612fd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:25:03 +00:00
Treehugger Robot
172a152ab3 Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 am: e25310025c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: I720de5e928b94586e3297bbfa1c6a3464cb5c126
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:24:56 +00:00
TreeHugger Robot
62b8a1fed8 Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev am: 043ae16d5f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753755

Change-Id: I64ce27f29959da86f4a3effdc2700c9edd12c365
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:02:13 +00:00
Treehugger Robot
bac6c337b1 Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 am: 2a4fea9c9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: Id590901414e2cfd34eeecb7747cec3a122ca4134
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 10:57:38 +00:00
TreeHugger Robot
043ae16d5f Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev 2023-06-21 10:47:39 +00:00
Treehugger Robot
22bdc11dbe Merge "Update SELinux error" into udc-d1-dev am: 81237d3843 am: 939f102259 am: 4e1e64c9db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736939

Change-Id: I1705ec8feb2e814797cbe616e9e1558c99dd08e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 10:46:20 +00:00
Treehugger Robot
bb97e862be Merge "Update SELinux error" into udc-d1-dev am: 81237d3843 am: 47da87bda2 am: 795c49c0e7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736939

Change-Id: I444780e9407d31484bc0ea8da61bea812b76412e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 10:40:30 +00:00
Treehugger Robot
e25310025c Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: I7c9fa2e932b7547fee5aacf6a82177513f8d59ef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 10:38:30 +00:00
Treehugger Robot
2a4fea9c9e Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: I03fdab2f74f5caf3b63ad5e869e2a95f43e76635
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 10:34:22 +00:00
Treehugger Robot
d8b11ef832 Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev 2023-06-21 09:59:33 +00:00
Treehugger Robot
4e1e64c9db Merge "Update SELinux error" into udc-d1-dev am: 81237d3843 am: 939f102259 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736939

Change-Id: I05619a4d33acadd7c9747fb239e5f2add3ed8d1c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 09:54:45 +00:00
Treehugger Robot
795c49c0e7 Merge "Update SELinux error" into udc-d1-dev am: 81237d3843 am: 47da87bda2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736939

Change-Id: Ia29324e2f8e99e26385c0b853564c9bc216dea55
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 09:48:55 +00:00
Treehugger Robot
939f102259 Merge "Update SELinux error" into udc-d1-dev am: 81237d3843 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736939

Change-Id: Ibbf26b42ca7ee968f3fa6d2d4f9122a328bf788b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 09:08:06 +00:00
Treehugger Robot
47da87bda2 Merge "Update SELinux error" into udc-d1-dev am: 81237d3843 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736939

Change-Id: I019165c5000c529f4a4de90c20e880b3501c3fd1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 09:03:51 +00:00
Treehugger Robot
81237d3843 Merge "Update SELinux error" into udc-d1-dev 2023-06-21 08:02:49 +00:00
Wilson Sung
3657f78cb0 Add kernel vendor_fw_file dir read permission 
Fix: 288049349
Change-Id: I76751deb04e5b6a4362917c76764cddc74d0f76d
 2023-06-21 16:02:41 +08:00
Wilson Sung
0b77875c4a Supress kernel avc log before SELinux initialized 
Bug: 288049349
Fix: 288049229
Change-Id: I5087a77e65ecdbaa868a7257342f5d99f424880a
 2023-06-21 16:02:29 +08:00
Treehugger Robot
1697357be9 Merge "Remove unused trace_marker dontaudit" into udc-d1-dev am: 107d5bb0f9 am: 0227a650c2 am: bb331a604a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736932

Change-Id: I665a34524efc37a533a531ba1ba402ecdd96b775
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 07:37:22 +00:00
Treehugger Robot
442860590b Merge "Remove unused trace_marker dontaudit" into udc-d1-dev am: 107d5bb0f9 am: c03753058f am: 00f84dd5ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736932

Change-Id: If096a4d70d492efc8717cb08b5d9e87f35a341b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 06:35:25 +00:00
Samuel Huang
1f2933970f Create telephony.ril.silent_reset system_ext property for RILD restart 
RILD listens for changes to this property. If the value changes to 1, RILD will restart itself and set this property back to 0.

The TelephonyGoogle app will set this property to 1 when it receives a request from the SCONE app. Since TelephonyGoogle runs in the com.android.phone process, we also need to give the radio domain permission to set the telephony.ril.silent_reset property.

Bug: 286476107
Test: manual
Change-Id: I5ee72c7ab8e0bce75bbb23b676f515cabe40ed23
 2023-06-21 06:34:55 +00:00
Wilson Sung
8818dd2de5 Update SELinux error 
Test: scanBugreport
Bug: 288049050
Bug: 288049522
Bug: 288049561
Bug: 288049349
Bug: 288049075
Test: scanAvcDeniedLogRightAfterReboot
Bug: 288049229
Change-Id: I939cd8981e64eadb0fa047b09162a02056ec2abf
 2023-06-21 06:04:23 +00:00
Treehugger Robot
bb331a604a Merge "Remove unused trace_marker dontaudit" into udc-d1-dev am: 107d5bb0f9 am: 0227a650c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736932

Change-Id: I1d1cd1f22ba22caa4dd1ccb0c0271751cb02a5dd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 05:46:38 +00:00
Treehugger Robot
00f84dd5ea Merge "Remove unused trace_marker dontaudit" into udc-d1-dev am: 107d5bb0f9 am: c03753058f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736932

Change-Id: Ic95f6dca878f43fd19f22e7cf563dd1525bac114
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 05:40:41 +00:00
Treehugger Robot
0227a650c2 Merge "Remove unused trace_marker dontaudit" into udc-d1-dev am: 107d5bb0f9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736932

Change-Id: Ic30c2463f2dcff66cf21f437583921247ca085d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 05:02:16 +00:00
Treehugger Robot
c03753058f Merge "Remove unused trace_marker dontaudit" into udc-d1-dev am: 107d5bb0f9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736932

Change-Id: Ib407f87305f84dda1edc1d440d03156ea7df90c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 04:58:08 +00:00
Treehugger Robot
107d5bb0f9 Merge "Remove unused trace_marker dontaudit" into udc-d1-dev 2023-06-21 04:18:51 +00:00
Android Build Coastguard Worker
00fc81481a Snap for 10354447 from 2f78573928 to udc-qpr1-release 
Change-Id: Ia0c791375bae24adcb66b04c2552de9de8cc7978
 2023-06-21 03:03:22 +00:00
Anthony Zhang
c435a7c0fc [automerger skipped] Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev am: a594a23554 am: 2f78573928 am: 4db541297a -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: Idde868be0d106299f6f0e6df4d302b6b5f8f20ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 20:02:35 +00:00
Anthony Zhang
26d0764ba3 [automerger skipped] [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 am: b0c6280ba5 am: 82211212be -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: Ic0cf5337945ed3299f3d3ac7b06da340496a5801
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 20:02:34 +00:00
Anthony Zhang
d6f42b3789 [automerger skipped] Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev am: a594a23554 am: fbceb3b769 am: c15f35b510 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I119794ba66d6b223b83e9f3039c304874c1e19b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 20:01:10 +00:00
Anthony Zhang
63bba8b88b [automerger skipped] [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 am: 6096b4605d am: bdda1f3563 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I3abb1d2a2adf7ef3f5d18a4016404b78939d0eb1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 20:01:09 +00:00
Anthony Zhang
4db541297a Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev am: a594a23554 am: 2f78573928 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I8b662f7522b8945982aae5e963960913b8805394
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 19:02:06 +00:00
Anthony Zhang
82211212be [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 am: b0c6280ba5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I741bf5ff3e13ef4fe39c6f97c61765da9c22d4f1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 19:02:04 +00:00
Anthony Zhang
c15f35b510 Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev am: a594a23554 am: fbceb3b769 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I976437c263aac7750f0663983c2a24175a9c953a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:54:33 +00:00
Anthony Zhang
bdda1f3563 [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 am: 6096b4605d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: Ief35f2761e877322522b4879383bf9a8da2b1af3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:54:30 +00:00
Anthony Zhang
2f78573928 Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev am: a594a23554 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I7db822716e72399a9038e1ab1501150e4db88760
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:12:45 +00:00
Anthony Zhang
b0c6280ba5 [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I484b590b74da12bdf34de1bd84132a327d8387f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:12:44 +00:00
Anthony Zhang
fbceb3b769 Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev am: a594a23554 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: Ic77f4c7fcc9ee54afdbc70880979f1a094c69828
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:10:20 +00:00
Anthony Zhang
6096b4605d [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: Ib229248e32c537641601e0d60bd223570e713883
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:10:18 +00:00
Anthony Zhang
a594a23554 Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev 2023-06-20 17:31:31 +00:00
Wilson Sung
f82fc11c11 Remove unused trace_marker dontaudit 
Fix: 260366195
Change-Id: I7ece6549a64740c878dc92ce4b011136eb313533
 2023-06-20 14:34:01 +08:00
Android Build Coastguard Worker
60eb4031dc Snap for 10347638 from 78f862e8ed to udc-qpr1-release 
Change-Id: I43c4ff9720ab39af0842c5189af69c7374c931c0
 2023-06-20 01:07:31 +00:00
Wilson Sung
62f4c4cc13 Update SELinux error am: 0561b1bd1e am: 78f862e8ed am: 61bbf0e529 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23726793

Change-Id: I5cf6a73809f9994446d3bcf1358beb8a5cad76a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 11:07:51 +00:00
Wilson Sung
f5d9e3c18a Remove obsolete bug_map and dontaudit am: 94fd2403a7 am: 324af7e2a0 am: 06f2d05799 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23657127

Change-Id: I1d9a306e2c303a46beba1d219cda8f57152fed27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 11:07:49 +00:00
Wilson Sung
5dcd966c3f Update SELinux error am: 0561b1bd1e am: 23683d360c am: d1f81b978c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23726793

Change-Id: I97427924840bba4e5c316cd2a34f888e209fa044
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 11:07:38 +00:00
Wilson Sung
3a53a3d96b Remove obsolete bug_map and dontaudit am: 94fd2403a7 am: 385d8910b5 am: 8460688dfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23657127

Change-Id: I67a5bc76946250e4e9ac04c097cd93cac12c07ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 11:07:35 +00:00
Wilson Sung
61bbf0e529 Update SELinux error am: 0561b1bd1e am: 78f862e8ed 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23726793

Change-Id: I9f7659967897083db3fd026525bb907bfa40491a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 10:23:04 +00:00
Wilson Sung
06f2d05799 Remove obsolete bug_map and dontaudit am: 94fd2403a7 am: 324af7e2a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23657127

Change-Id: I164a18ccdc77a6f0dd05f062578e522fafe8917b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 10:23:02 +00:00
Wilson Sung
d1f81b978c Update SELinux error am: 0561b1bd1e am: 23683d360c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23726793

Change-Id: I719680512ea1bb723dde78205330f054ea07769c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 10:17:15 +00:00
Wilson Sung
8460688dfb Remove obsolete bug_map and dontaudit am: 94fd2403a7 am: 385d8910b5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23657127

Change-Id: I818d1856cfe9f6cc731ebb94747ad42a606a80a7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 10:17:13 +00:00
Wilson Sung
78f862e8ed Update SELinux error am: 0561b1bd1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23726793

Change-Id: Ibcef6ef61c7fe4fe864bd83179af5fa294f63808
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 09:39:19 +00:00
Wilson Sung
324af7e2a0 Remove obsolete bug_map and dontaudit am: 94fd2403a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23657127

Change-Id: I6f72c9b5b16e23d3062a5b52e3e761984119a7eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 09:39:14 +00:00
Wilson Sung
23683d360c Update SELinux error am: 0561b1bd1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23726793

Change-Id: I4bafe9717f682cfb0a2da65de21b414edcbc62bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 09:35:07 +00:00
Wilson Sung
385d8910b5 Remove obsolete bug_map and dontaudit am: 94fd2403a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23657127

Change-Id: Ic6a1f3525323749ab01b9a8d4b634e17c0df58ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 09:35:05 +00:00
Wilson Sung
0561b1bd1e Update SELinux error 
Test: scanBugreport
Bug: 287898138
Change-Id: I297e59df3774a32305d72706ee6a160f111dee7a
 2023-06-19 06:45:37 +00:00
Wilson Sung
94fd2403a7 Remove obsolete bug_map and dontaudit 
Fix: 287154997
Fix: 281815537
Fix: 279680264
Fix: 264600171
Fix: 264483456
Fix: 264600171
Fix: 264600171
Fix: 274374769
Fix: 274727372
Fix: 279680070
Fix: 280706610
Fix: 279680213
Fix: 272628762
Fix: 274374992
Fix: 283725554
Fix: 274374722
Fix: 272166737
Fix: 272166787
Fix: 264483532
Fix: 264483753
Fix: 264483754
Fix: 281815594
Fix: 269964574
Fix: 269964574
Fix: 280705998
Fix: 269964558
Fix: 264599934
Fix: 267714573
Fix: 268566481
Fix: 273143844
Fix: 275645636
Fix: 275646003
Fix: 267714573
Fix: 272166664
Fix: 267714573
Fix: 268566481
Fix: 273143844
Fix: 277155496
Fix: 267260619
Fix: 261933310
Fix: 262794429
Fix: 267261048
Change-Id: I1e6da1e43b1aaa398d496cd7b1f3b6267fd39e21
 2023-06-19 06:45:30 +00:00
Treehugger Robot
8ad54c6672 Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 am: af63d1adeb am: a6df16ff3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I581d6455409a7a528e83271d10d419e3db8fe96e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 03:43:10 +00:00
Treehugger Robot
fb415c6804 Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 am: 6c37bd03ee am: 70578d9eeb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I3f38d3558d5aba1ae98c5f4cc36891a853f617b6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 03:42:55 +00:00
Treehugger Robot
a6df16ff3d Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 am: af63d1adeb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I51fbbb574a58e93487ccfb4289b44b99973784c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 02:59:07 +00:00
Treehugger Robot
70578d9eeb Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 am: 6c37bd03ee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I2646ed87072a5e6aebb41fee785b0281a45c3173
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 02:53:30 +00:00
Treehugger Robot
af63d1adeb Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: Ia4b379de76b03ce2e4fb66b42992806e7e40965f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 02:13:15 +00:00
Treehugger Robot
6c37bd03ee Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I796a8fd929bf0d2d76d89d8edfb397b84acb989b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 02:09:07 +00:00
Treehugger Robot
a3e9615016 Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev 2023-06-19 01:35:28 +00:00
Android Build Coastguard Worker
96c49a15c5 Snap for 10342904 from 461409cecd to udc-qpr1-release 
Change-Id: I3fb76220f23c25cbfc6b477c7e927495065f0cc0
 2023-06-17 23:02:51 +00:00
Treehugger Robot
4ec39b4108 Merge "Update SELinux error" into udc-d1-dev am: 344c7f46c1 am: 461409cecd am: 31a91022bd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667878

Change-Id: I9c6538cda5a506b7cdceb35b1ef98e20575e3c25
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-17 08:32:15 +00:00
Treehugger Robot
b0ffbe7830 Merge "Update SELinux error" into udc-d1-dev am: 344c7f46c1 am: a8b6a0ffa6 am: 1658327140 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667878

Change-Id: I2c6c1941a66eaa53be82e261557377dcc783ad90
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-17 08:32:05 +00:00
Treehugger Robot
31a91022bd Merge "Update SELinux error" into udc-d1-dev am: 344c7f46c1 am: 461409cecd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667878

Change-Id: Ife4dac76505f121b8948f886a08a1f5df015b892
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-17 07:46:49 +00:00
Treehugger Robot
1658327140 Merge "Update SELinux error" into udc-d1-dev am: 344c7f46c1 am: a8b6a0ffa6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667878

Change-Id: I23defbb8d24c34e1f4107f91ee44a3d621b138a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-17 07:40:42 +00:00
Treehugger Robot
461409cecd Merge "Update SELinux error" into udc-d1-dev am: 344c7f46c1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667878

Change-Id: I376e5acd176e648021dd03e1d5bd576469ea1f5c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-17 07:01:34 +00:00
Treehugger Robot
a8b6a0ffa6 Merge "Update SELinux error" into udc-d1-dev am: 344c7f46c1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667878

Change-Id: I2f57c78df9524faa34ebc8c52b4a25a4847f2864
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-17 06:55:59 +00:00
Treehugger Robot
344c7f46c1 Merge "Update SELinux error" into udc-d1-dev 2023-06-17 06:10:56 +00:00
Anthony Zhang
fb29e39ee1 [DO NOT MERGE] Allow fingerprint to access persist property 
For zuma devices.

Bug: 258901849
Test: Local test on enrollment/delete, version update
Change-Id: I2c10bde2940778e0a434c2a073eb5793efeea455
 2023-06-16 09:37:10 -07:00
Darren Hsu
f4f3f57534 sepolicy: allow hal_power_stats to read sysfs_edgetpu 
Bug: 253702169
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ica2274f6e61cc35f7baf089ecc7b6c35f0914aeb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-16 17:21:50 +08:00
Android Build Coastguard Worker
7607133132 Snap for 10330433 from 2bd05aeaad to udc-qpr1-release 
Change-Id: Ib596f67d9bbfd910edf2497bc5116142f4d37966
 2023-06-16 03:03:00 +00:00
Dinesh Yadav
307aca1d6b [automerger skipped] Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d am: 2bd05aeaad am: f2ea110859 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: I08cfca2cf7b2f7bcc91e1881df457929500a795c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 06:30:16 +00:00
Dinesh Yadav
d396ec656c [automerger skipped] Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d am: a95fa016e1 am: 57575e4ee2 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: I9191d9c88dbf6f62e7412c87ff39868d95775344
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 06:29:54 +00:00
Dinesh Yadav
f2ea110859 Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d am: 2bd05aeaad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: Ic122fd605153609244a3ffbf36021386c83ee1b1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 04:43:14 +00:00
Dinesh Yadav
57575e4ee2 Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d am: a95fa016e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: I76996f49845acb4a6739b2c0d781232ceb24b44d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 04:37:29 +00:00
Dinesh Yadav
2bd05aeaad Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: I4bd79f57f2a063aef60e8dab049460636633ccea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 03:57:29 +00:00
Dinesh Yadav
a95fa016e1 Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: Ic93c5c244e98865bfd567238fcc916ac04d9811d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 03:53:35 +00:00
Android Build Coastguard Worker
33a3f2d2e4 Snap for 10322046 from 3c8fb109b8 to udc-qpr1-release 
Change-Id: Ic04abba26a4993107cc2a350ebbac207acc93d83
 2023-06-15 01:52:51 +00:00
Darren Hsu
3f20e683b1 sepolicy: lable NFC sysfs path for hal_power_stats am: 3c8fb109b8 am: 0893338352 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667874

Change-Id: Ib6be476ccb2948ed30ce2b108c90b32c26b958f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 12:34:15 +00:00
Darren Hsu
0893338352 sepolicy: lable NFC sysfs path for hal_power_stats am: 3c8fb109b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667874

Change-Id: Ief308c99d8f56d080aafb2b643cfc7ed0b92b1fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 11:50:18 +00:00
Wilson Sung
5fb350f09f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 286508419
Test: scanBugreport
Bug: 286508419
Test: scanAvcDeniedLogRightAfterReboot
Bug: 286508419
Change-Id: I1ba324133f5f4e14c5a7d43cfea25d98bda9faa9
 2023-06-14 15:30:08 +08:00
Darren Hsu
3c8fb109b8 sepolicy: lable NFC sysfs path for hal_power_stats 
Bug: 270498656
Test: capture a bugreport and ensure that there is
no avc denials for power stats
Change-Id: Ie765f6267ceacbc0b11426f4ee81ea0670195ddb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-14 13:58:33 +08:00
Android Build Coastguard Worker
dcafe61f09 Snap for 10313683 from d19ec7a5b6 to udc-qpr1-release 
Change-Id: Ic945902e7bec0af3830c0eabe6080b37912fb7c0
 2023-06-14 02:28:07 +00:00
Joerg Wagner
724a0cc7c5 Merge "Prepare for Mali r44p0 UMD update" into udc-qpr-dev am: d19ec7a5b6 am: 029fcb5e8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23599640

Change-Id: Ib339b9efc10937378c5dc802fda8fb758372d90a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 07:35:27 +00:00
Joerg Wagner
029fcb5e8a Merge "Prepare for Mali r44p0 UMD update" into udc-qpr-dev am: d19ec7a5b6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23599640

Change-Id: I76600fc5e3c949e8ec780b666f1b955cd35f18f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 06:51:27 +00:00
Joerg Wagner
d19ec7a5b6 Merge "Prepare for Mali r44p0 UMD update" into udc-qpr-dev 2023-06-13 06:03:15 +00:00
Dinesh Yadav
100dd2387d Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] 
gxp_logging service will periodically check the sysfs files exposed by
the gxp kernel driver and report stats to Suez framework.
These policies are needed to report the metrics.

Tested:
Found no violation with these policies on a P23 device

Bug: 278514198
Change-Id: I8c3e57dfe4e9a6caab425f2424d07e83f5e7b9c6
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-06-13 03:37:56 +00:00
Android Build Coastguard Worker
655617578b Snap for 10309372 from cac09c20ba to udc-qpr1-release 
Change-Id: I584e3962d263699bae3223658b05bd64c0f8629e
 2023-06-13 03:02:48 +00:00
Ruofei Ma
9d4141ec12 Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 am: cac09c20ba am: 4e97198c56 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: Ib97113a56844a62033be8650cec5d2d63170f7f4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 17:24:01 +00:00
Ruofei Ma
5d25af7ca0 Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 am: a0f664f798 am: 46e587c075 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: I245423cee724e5ddbcb3fdffc411ec6aa00b1e44
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 17:22:13 +00:00
Ruofei Ma
4e97198c56 Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 am: cac09c20ba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: I630b7889376612d003848f323b1bc3caba5678e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 16:40:40 +00:00
Ruofei Ma
46e587c075 Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 am: a0f664f798 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: I98e4ef057003235ecb66c2cd9ed0837dbf001e6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 16:37:58 +00:00
Ruofei Ma
cac09c20ba Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: Ib439b6d6464dcdaab8337ada3558780579363843
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 15:53:18 +00:00
Ruofei Ma
a0f664f798 Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: Icc85ce19bc59035553f2902a493cb7681ace2b6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 15:50:45 +00:00
Ruofei Ma
abd1dee381 Merge "mediacodec_google: add hal_power" into udc-d1-dev 2023-06-12 15:17:42 +00:00
TreeHugger Robot
92c27120be Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de am: 00ed1044ff am: b18d19409a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: I8bcedee8227e08324b6104ac2341ed10ffb3cf38
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 08:43:04 +00:00
TreeHugger Robot
85a335c593 Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de am: 0450d548a2 am: 62ad33134c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: If4404f2bd3f7b5ebd675b85c3a9f6fd22f909aaa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 08:42:44 +00:00
TreeHugger Robot
b18d19409a Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de am: 00ed1044ff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: I3e80089107c6fa2e72061b56c4c68e44427d796d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 08:01:33 +00:00
TreeHugger Robot
62ad33134c Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de am: 0450d548a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: Id066ca9d7b254964311413f4ae6f6d7cd555dbcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 07:55:50 +00:00
TreeHugger Robot
00ed1044ff Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: Id39de7c6a03f11dd3d74e3ce9f9a0deca58873a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 07:18:17 +00:00
TreeHugger Robot
0450d548a2 Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: I214bf272f8cd35697063ffd39501cd65a2fb9c3f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 07:14:00 +00:00
TreeHugger Robot
032d9942de Merge changes from topic "283841311" into udc-d1-dev 
* changes:
  Allow systemui_app access statsmanager_service
  Move systemui_app to system_ext
 2023-06-12 06:30:36 +00:00
Krzysztof Kosiński
84812b8565 Remove Google Camera access to GXP firmware. am: 35910a3e8b am: 9332337e8e am: 311f9e5d45 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: If589b112b5393a8ec26e329c8e6a135bb8106e8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 03:29:29 +00:00
Krzysztof Kosiński
523f2035e1 Remove Google Camera access to GXP firmware. am: 35910a3e8b am: e27ecde5d5 am: 3ac14e2c1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: I90a8198024412b9f410cff827150589c8076c5a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 03:29:04 +00:00
Krzysztof Kosiński
311f9e5d45 Remove Google Camera access to GXP firmware. am: 35910a3e8b am: 9332337e8e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: I6b99371098f13305543471dedeed452cc9517181
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 02:46:33 +00:00
Krzysztof Kosiński
3ac14e2c1a Remove Google Camera access to GXP firmware. am: 35910a3e8b am: e27ecde5d5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: I88fe02fc109ca320056e1d0e80bcaef359ab805e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 02:40:32 +00:00
Wilson Sung
5ac528406e Allow systemui_app access statsmanager_service 
Bug: 283841311
Change-Id: Id3c2838179736b42070959b3dad7c2ecd5580f22
 2023-06-12 10:26:46 +08:00
Wilson Sung
7b19701919 Move systemui_app to system_ext 
Bug: 283841311
Bug: 264266705
Change-Id: I6c2f167cda9a52da4698f3732c9fdbb13674bea8
 2023-06-12 10:26:31 +08:00
Krzysztof Kosiński
9332337e8e Remove Google Camera access to GXP firmware. am: 35910a3e8b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: I5efdb04c8be5e6d3a01850ff747ca5c7b20992f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 02:03:17 +00:00
Krzysztof Kosiński
e27ecde5d5 Remove Google Camera access to GXP firmware. am: 35910a3e8b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: Ie4e1237fa5e8f18fb54bbe9733342d6cd4b83767
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 01:59:21 +00:00
Android Build Coastguard Worker
651940e9a0 Snap for 10289553 from 088b6c2879 to udc-qpr1-release 
Change-Id: Ia3cfe45a4073b75977412dc27a71aed6cbed727c
 2023-06-09 03:02:35 +00:00
Ruofei Ma
3346e879e6 mediacodec_google: add hal_power 
Add mediacodec_google as a client to hal_power for it to
do power hint.

Bug: 274736629

Change-Id: Ib07001be6ae4aaeaebf2e97439b9af0766640dc9
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2023-06-08 18:28:50 +00:00
Krzysztof Kosiński
35910a3e8b Remove Google Camera access to GXP firmware. 
This was originally a workaround and is not needed on Zuma.

Bug: 264489778
Test: gca_smoke.py on zuma device
Change-Id: I35d168a2f832a430ec1b782b12fb642bcea4bfd1
 2023-06-08 10:19:18 +00:00
Treehugger Robot
11ff0923ca Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 am: 088b6c2879 am: 8ea5fd6f96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: I874f3e9767ff8842bc0c86e5c4c28d0bb7541abd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 09:16:57 +00:00
Treehugger Robot
ba91204313 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 am: 8d8f96f8d9 am: 10d6b74a4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: I23fd2b50990ef3fe0c5ecc54867897bb0a4d2c24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 09:15:54 +00:00
Treehugger Robot
8ea5fd6f96 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 am: 088b6c2879 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: I75f298097b2a880a482e2fff17ae3a328bc4a183
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 08:10:00 +00:00
Treehugger Robot
10d6b74a4e Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 am: 8d8f96f8d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: Ib667a39b605ee78facd3098e14801d11e613633c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 08:04:24 +00:00
Treehugger Robot
088b6c2879 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: I0ee764a32b7d46acd14160228f32fe81b2708990
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 07:22:34 +00:00
Treehugger Robot
8d8f96f8d9 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: Ieb5077bdd5fc38b9eed1283a31a80c4f7c0b93d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 07:21:08 +00:00
Treehugger Robot
8733772e74 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev 2023-06-08 06:25:44 +00:00
Android Build Coastguard Worker
65c0c041c7 Snap for 10277391 from 4c051c0cc2 to udc-qpr1-release 
Change-Id: I80861d8015eece79e7d81953e195b9149116817e
 2023-06-08 01:03:17 +00:00
Jörg Wagner
ce42de2ebd Prepare for Mali r44p0 UMD update 
Add selinux rule to allow new V2 interface file alongside of V1 used up to r43p0.
The V1 entry will be removed once the r44p0 UMD update completes.
This decouples small changes from large, potentially intrusive ones in
other repositories.

Bug: 284254900
Change-Id: Ia928f871d8ea1fdbfb963cecb8fc4a99947e443e
 2023-06-07 10:19:17 +00:00
Android Build Coastguard Worker
ae1bfc5a03 Snap for 10268796 from 77bbb28eae to udc-qpr1-release 
Change-Id: I4f716224f4666e9a606c148ded523adcf3edbde6
 2023-06-07 03:03:06 +00:00
Wei Wang
78fed6095a Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 am: 4c051c0cc2 am: 599989a20d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: If0bd4dac295c108b6a60e47fb7bdfac55d8aefcb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-07 00:20:26 +00:00
Wei Wang
f1c34d8891 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 am: 75529f8437 am: 35e6fbb0fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: I925c4d4ae039a7cd73a4d90fbaf1a77ead2dbbeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-07 00:20:04 +00:00
Wei Wang
599989a20d Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 am: 4c051c0cc2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: Ia6d0fd65784eb3ceaffd163bd677698093bbee65
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 23:40:42 +00:00
Wei Wang
35e6fbb0fa Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 am: 75529f8437 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: Idf8f3e69de57e455a34563ddeefb65e4bf506d9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 23:38:03 +00:00
Wei Wang
4c051c0cc2 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: I2d294b36b2ce9a6eaf47963bc2387b083e1c2050
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 22:55:16 +00:00
Wei Wang
75529f8437 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: I5a14e15ddee07150b3489e9ab6502229d0508eea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 22:53:01 +00:00
Wei Wang
55020988a0 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev 2023-06-06 22:25:11 +00:00
Zixuan Lan
1fc4fc4f05 Merge "remove 280706211 from bug map" into udc-d1-dev am: bdee55bb57 am: 77bbb28eae am: 9951e85e00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575516

Change-Id: Ic515883ca305c24561f46858a2931cf9a68908a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 14:48:50 +00:00
Zixuan Lan
45b4bd669c Merge "remove 280706211 from bug map" into udc-d1-dev am: bdee55bb57 am: d98d82581c am: d24d531f30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575516

Change-Id: I7d3f03e563e48be95268c071255906acd74b57d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 14:48:03 +00:00
Zixuan Lan
9951e85e00 Merge "remove 280706211 from bug map" into udc-d1-dev am: bdee55bb57 am: 77bbb28eae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575516

Change-Id: Ie99500b6e75e1002888fe5d6f74fb016e28f68f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 14:25:01 +00:00
Zixuan Lan
d24d531f30 Merge "remove 280706211 from bug map" into udc-d1-dev am: bdee55bb57 am: d98d82581c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575516

Change-Id: I370df909aa0aded9fb9305dcc65938ea39651954
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 14:19:22 +00:00
Zixuan Lan
77bbb28eae Merge "remove 280706211 from bug map" into udc-d1-dev am: bdee55bb57 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575516

Change-Id: Ie3c0aed656b9a9be90fca81894b989ce0fb226bd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 13:40:43 +00:00
Zixuan Lan
d98d82581c Merge "remove 280706211 from bug map" into udc-d1-dev am: bdee55bb57 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575516

Change-Id: Ie5aa4533851dfe43e9826640be2123409f51c987
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 13:36:37 +00:00
Zixuan Lan
bdee55bb57 Merge "remove 280706211 from bug map" into udc-d1-dev 2023-06-06 13:02:17 +00:00
Allen Xu
8873375330 Add sepolicy for ConnectivityMonitor am: 78b62802e4 am: 4a13ad4cc2 am: 60612f7750 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: Ibaa6ac58ec58ba42661be4c6be6c3dbd13df456e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 08:03:36 +00:00
Allen Xu
9236600765 Add sepolicy for ConnectivityMonitor am: 78b62802e4 am: ef2e13dcd1 am: 75821af430 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: I9ee542ee1322c61ee88a93d2e2886441dad67658
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 08:03:08 +00:00
Allen Xu
60612f7750 Add sepolicy for ConnectivityMonitor am: 78b62802e4 am: 4a13ad4cc2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: Ied5b3d19cc95af4db2853cf96a09446272d9702f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 07:21:34 +00:00
Allen Xu
75821af430 Add sepolicy for ConnectivityMonitor am: 78b62802e4 am: ef2e13dcd1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: I63ffc60b44c59854cabb67db128cf56a3b813207
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 07:16:18 +00:00
Allen Xu
4a13ad4cc2 Add sepolicy for ConnectivityMonitor am: 78b62802e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: Ie7c9013431ba535001797e30b984a1f57340ed08
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 06:37:54 +00:00
Allen Xu
ef2e13dcd1 Add sepolicy for ConnectivityMonitor am: 78b62802e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: I02dc07acc680587081f8c19883984d95dc9f6602
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 06:33:49 +00:00
Allen Xu
78b62802e4 Add sepolicy for ConnectivityMonitor 
Bug: 264489520
Test: v2/pixel-pts/base
Change-Id: I669a538fe3d0a03422638d7d19fc62a793246f6b
 2023-06-06 02:01:38 +00:00
Zixuan Lan
76b53940a9 remove 280706211 from bug map 
Bug: 280706211
Test: adb log
Change-Id: I167041363a27c294a3c8d2d2fb145ce751a34db7
 2023-06-06 08:30:25 +08:00
Android Build Coastguard Worker
d3cf064eb6 Snap for 10245577 from 5ab934799d to udc-qpr1-release 
Change-Id: I362c965515b429b07a33b67ce6be6944a021736f
 2023-06-02 03:02:25 +00:00
Leo Hsieh
e2cd135f0a [automerger skipped] Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev am: 72577756e2 am: 5ab934799d am: 4f6900614d -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I385ea5bbfd9b59e8c2426fa5b7bf34e1e30477ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:57:38 +00:00
leohsieh
651cd9a37e [automerger skipped] Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] am: 458b60e5c9 am: f225931a7c am: 8a180eed8a -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I84756287b4e87d9661c30e97a57c89b21787bbb8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:57:37 +00:00
Leo Hsieh
7e538d7716 [automerger skipped] Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev am: 72577756e2 am: d702116b8e am: b8fd73406f -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I0531857ec8f844ccfc147dde1de4002ad2e80e60
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:56:29 +00:00
leohsieh
4b50fd4abb [automerger skipped] Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] am: 458b60e5c9 am: 70ba8a58fc am: 9de660b680 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I9813fcb4f7095b9cbab9fb6e3be14009492fd4a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:56:27 +00:00
Leo Hsieh
4f6900614d Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev am: 72577756e2 am: 5ab934799d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I1eb768e9069c1e52570546d9839511f72e7d37a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:15:04 +00:00
leohsieh
8a180eed8a Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] am: 458b60e5c9 am: f225931a7c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I6332f95aba070960bd434da1dc18ea60778dc205
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:15:03 +00:00
Leo Hsieh
b8fd73406f Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev am: 72577756e2 am: d702116b8e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I22ffff01ed00293d6890d383ef9f7ba110d66bdc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:09:25 +00:00
leohsieh
9de660b680 Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] am: 458b60e5c9 am: 70ba8a58fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I4273f2744a4ad017f75defb46dd0547938bb86d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 14:09:24 +00:00
Leo Hsieh
5ab934799d Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev am: 72577756e2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: Ie15f3a943605194780e76b2f6c5c76263fc6f519
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 13:29:03 +00:00
leohsieh
f225931a7c Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] am: 458b60e5c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: If23a454731b5ce0045a27923066c42526322ce9d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 13:29:02 +00:00
Leo Hsieh
d702116b8e Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev am: 72577756e2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I6f02745df01d808135acef08fc3f4f1a8de8f99d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 13:26:04 +00:00
leohsieh
70ba8a58fc Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] am: 458b60e5c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: Ib549e910bb1c844153ff692edbc7d6608f9a0d6f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 13:26:02 +00:00
Leo Hsieh
72577756e2 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev 2023-06-01 12:40:24 +00:00
Mark su
a4a8590805 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf am: 73334bf1d1 am: 1cb4ca1475 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: Iaada4b327106f8b026312b415bccfb14d4bf4466
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 09:07:44 +00:00
Mark su
725f5b8df8 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf am: cbc15223d5 am: 870eb2484d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: If4516eb1c6fcf0dfd20c9d04a76092fb9300a7d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 09:06:22 +00:00
Mark su
1cb4ca1475 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf am: 73334bf1d1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: I64cd3f840c3f0a3cfae946963be4e639e2a84957
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 08:21:24 +00:00
Mark su
870eb2484d Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf am: cbc15223d5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: Ief1246df91cc21927417e398d4157be643c85787
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 08:15:37 +00:00
Mark su
73334bf1d1 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: I27031f93a5210145bcb50acbf8f4707c9459b113
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 07:34:54 +00:00
Mark su
cbc15223d5 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: I760c9c39cf1b99340a60ccb36261dff889ce97cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 07:30:39 +00:00
Android Build Coastguard Worker
f6dc1820c1 Snap for 10233403 from 3f157f2b26 to udc-qpr1-release 
Change-Id: I9321de05a665c59f1a60172129bb2b51befd868e
 2023-06-01 02:37:28 +00:00
TreeHugger Robot
44564ae24b Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df am: 3f157f2b26 am: 99eb44cdb5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: I20237f97bf299a74404180400289b45faa5a68ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 07:58:16 +00:00
TreeHugger Robot
2df1fd9399 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df am: ae82081798 am: 55c2250a35 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: I0972ca583406d0dbfba0528515890bb1b0946097
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 07:57:20 +00:00
TreeHugger Robot
99eb44cdb5 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df am: 3f157f2b26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: Icc1df44cc917a1df94be95201cf382caa893ab9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 07:14:42 +00:00
TreeHugger Robot
55c2250a35 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df am: ae82081798 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: Ic08f03bf9a0b9026b8ca9ee354b40815e697efe7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 07:10:27 +00:00
TreeHugger Robot
3f157f2b26 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: I52c70ff896514058585b1d5ef6810331005758cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 06:25:04 +00:00
TreeHugger Robot
ae82081798 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: Ice441b75eb029e6fe3940d3d9dd0d28eee5556b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 06:23:08 +00:00
Mark su
51c91e5bdf Add video12 as hw_jpg_device and enable it for debug_camera_app 
Test: 05-05 05:07:06.652  4616  4616 W FinishThread: type=1400 audit(0.0:24): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=646 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=0 app=com.google.android.GoogleCameraEng
05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { read } for  name="lib_jpg_encoder.so"
 dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_data_file:s0 tcl
ass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { open } for  path="/vendor/lib64/lib_j
pg_encoder.so" dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_da
ta_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:46:00.260  4784  4784 I FinishThread: type=1400 audit(0.0:29): avc:  denied  { execute } for  path="/vendor/lib64/
libhwjpeg.so" dev="dm-50" ino=55596 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_d
ata_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { getattr } for  path="/vendor/lib64/
lib_jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_ca
mera_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { map } for  path="/vendor/lib64/lib_
jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera
_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

binder:7312_2: type=1400 audit(0.0:18): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1
05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:19): avc:  denied  { open } for  path="/dev/video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:20): avc:  denied  { ioctl } for  path="/dev/video12" dev="tmpfs" ino=680 ioctlcmd=0x5600 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.700  7312  7312 I binder:7312_2: type=1400 audit(0.0:21): avc:  denied  { read } for  name="u:object_r:default_prop:s0" dev="tmpfs" ino=167 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=1

Bug: 267820687
Change-Id: I69f502d721f683d3532038d618f5fafc83f38b6b
 2023-05-31 06:08:46 +00:00
TreeHugger Robot
23440aa9df Merge "Remove old secure_element HIDL permission" into udc-d1-dev 2023-05-31 05:27:32 +00:00
leohsieh
458b60e5c9 Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] 
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=22035 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=0
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=106891 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=106893 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 267271482
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Change-Id: I39a2e69b1c314d52944bb16ada61e7e6761561cf
 2023-05-31 13:16:43 +08:00
Dinesh Yadav
a4a6eadf3c Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab am: d3f5a8b038 am: 1b5f5ec0e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: I9e7f26279502e21590e10a3e4726dd0b506379d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:58:16 +00:00
Dinesh Yadav
55064ee2f6 Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab am: 489a7de117 am: 87199f3e5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: I9db72caf2b829f6cd05b57267a12be49acdc6695
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:57:46 +00:00
Dinesh Yadav
1b5f5ec0e9 Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab am: d3f5a8b038 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: I3e039d2ac1cf7493e2b110076cc272f9c7ba7dbc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:13:50 +00:00
Dinesh Yadav
87199f3e5a Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab am: 489a7de117 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: If1e74bf230ecb4ab6a6da5f80de5b083eeeef2aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:11:19 +00:00
Dinesh Yadav
d3f5a8b038 Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: If50c2234c819bba039e421782381e5835c71ba02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 03:20:24 +00:00
Dinesh Yadav
489a7de117 Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: Iee24750f7f5471c2489375db47cf018799ea62b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 03:18:05 +00:00
Hyungjun Park
6de0a33f0a Remove old secure_element HIDL permission 
AIDL HAL is used in the new project and remove the old HIDL part.

Bug: 280530945
Test: VTS pass

Change-Id: Idd38fc59d7e89e2cafab5f4693d00abd6d4fb138
Signed-off-by: Hyungjun Park <hjun78.park@samsung.com>
 2023-05-31 03:12:02 +00:00
Dinesh Yadav
15f5afcfab Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev 2023-05-31 02:22:42 +00:00
Yixuan Wang
8a16687b51 Merge "Add selinux policy for chre vendor data directory" 2023-05-31 01:24:48 +00:00
Yixuan Wang
7530c4bc13 Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I1ac96655571f811c116540aec3a1626d5cca1b16
 2023-05-30 21:16:26 +00:00
Android Build Coastguard Worker
002a8c97dc Snap for 10220938 from cb1221098a to udc-qpr1-release 
Change-Id: I2302d863309b713ebf86f1ff14d53bba2a46dfa6
 2023-05-30 01:07:44 +00:00
Chung-Kai (Michael) Mei
5efb72b8da Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b am: cb1221098a am: 09ebeb1491 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: I5d5d240bc3b61d7a043ec01d5833abca0ddd2738
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 08:16:52 +00:00
Chung-Kai (Michael) Mei
f782e8f4ac Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b am: 3a43eaaad6 am: b6ccf1254e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: I9e5c466f0694b56fb3b05441e03b4cd5086f1dde
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 08:16:44 +00:00
Chung-Kai (Michael) Mei
09ebeb1491 Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b am: cb1221098a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: I513810fa0fa9544c9fb7043542fc2c0e7bd3a204
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 07:32:32 +00:00
Chung-Kai (Michael) Mei
b6ccf1254e Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b am: 3a43eaaad6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: I5c0c4697a486ae4e44a116e3e572db26ae52c3bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 07:27:05 +00:00
Chung-Kai (Michael) Mei
cb1221098a Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: Ie14b266747f7737678665d9d86d206a0ef2a5e37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 06:24:10 +00:00
Chung-Kai (Michael) Mei
3a43eaaad6 Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: I5db4cd7aac7ebd2f34c1dae48914a5f97a9babff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 06:20:01 +00:00
Chung-Kai (Michael) Mei
ca068bf60b Merge "sepolicy: ignore avc denial" into udc-d1-dev 2023-05-29 05:47:43 +00:00
Chungkai Mei
e97101a6e8 sepolicy: ignore avc denial 
ignore avc denial since it's debugfs

Bug: 271931921
Test: device-boot-health-check-extra test show passed https://android-build.googleplex.com/builds/abtd/run/L74000000960917226
Change-Id: I5f491f02c99776251cf3893de6224fb0f02cb320
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-05-29 03:11:41 +00:00
Android Build Coastguard Worker
f57e5e357e Snap for 10213992 from 363d20bf36 to udc-qpr1-release 
Change-Id: I44500806456d9eb182183c0f490f6f3f1470575c
 2023-05-27 05:08:57 +00:00
Donnie Pollitz
732153a23e Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 am: 363d20bf36 am: 0127c50829 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: Ie4e83b22e68d84afa5f8aab5104a4a91da77868e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:50:46 +00:00
Donnie Pollitz
260cf9cc56 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 am: 5bf2864bf3 am: 5a45fb8698 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: Ib6f835b90e03032e515046545c5ddc41e2674baa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:50:01 +00:00
Donnie Pollitz
0127c50829 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 am: 363d20bf36 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: I0fbe770e137ff58ba49fcd7b5852427ee2b5528e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:05:17 +00:00
Donnie Pollitz
5a45fb8698 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 am: 5bf2864bf3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: Iccf2d6a42718c71b1995123d3e2adee7dd30e50c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:02:20 +00:00
Donnie Pollitz
363d20bf36 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: Ic6dfeafbab9bd207716fc701137ce66746f4b1eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 07:54:11 +00:00
Donnie Pollitz
5bf2864bf3 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: I16f8ebe09908fb8f648e903a2f052783f5eb4040
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 07:49:59 +00:00
Donnie Pollitz
9fc92bdb28 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev 2023-05-26 07:17:41 +00:00
Dinesh Yadav
e6d2f01a89 Add SEPolicy for gxp_metrics_logger.so logging to stats service 
In order to access the gxp metrics library from the google camera
app (product partition), we need to create an SELinux exception for
the related shared library (in vendor) it uses.
This CL adds the same_process_hal_file tag to allow this exception.

Bug: 278516358
Change-Id: I42d41243d3ee47ebff4f766cd769b5387fd20852
 2023-05-26 04:01:09 +00:00
Android Build Coastguard Worker
19eb1c4762 Snap for 10204122 from af8727c24e to udc-qpr1-release 
Change-Id: I82084a8443ada17b3f12d6959787b9e40658efb2
 2023-05-26 01:09:01 +00:00
TreeHugger Robot
c042544073 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 am: af8727c24e am: 0e3ad3faa4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: I15a2a443e7454d1b23db09fb74b0961e2aa54fca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:55:49 +00:00
TreeHugger Robot
030a33fc07 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 am: 40efb336ad am: 20e76532f1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: I792a37eadc3c5c54ebe6b847bcb878147bfd87a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:55:02 +00:00
TreeHugger Robot
0e3ad3faa4 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 am: af8727c24e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: Ia254c97161114d155858954ceedeb8144838909d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:09:41 +00:00
TreeHugger Robot
20e76532f1 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 am: 40efb336ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: Id7a6b1154541d0431ae0b3925f9e51adf76ec51e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:05:39 +00:00
TreeHugger Robot
af8727c24e Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: I6995431b91f4dd93a1311155df686d2ba39f111c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 06:22:31 +00:00
TreeHugger Robot
40efb336ad Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: Ia4b73e0c54bf9972682b169ce5e79b42f3ed4596
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 06:18:56 +00:00
TreeHugger Robot
df113325a5 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev 2023-05-25 05:28:46 +00:00
Android Build Coastguard Worker
464fc09491 Snap for 10196038 from 72f862ed29 to udc-qpr1-release 
Change-Id: Ia1f7963ac52834f16828a6d5d469aaabe523a65e
 2023-05-25 02:42:40 +00:00
Leo Hsieh
3443d6d373 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps" 2023-05-25 00:58:34 +00:00
Donnie Pollitz
16440338de Allow vendor_init to fix permissions of TEE data file 
Background:
* vendor_init needs to be able to possibly fix ownership of
  tee_data_file

Bug: 280325952
Test: Changed permissions and confirmed user transitions
Change-Id: I2363f9ff695209bbf7b6661c8e9eb3b376b84ace
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-05-24 16:45:28 +02:00
Jimmy Hu
9f3215a000 Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f am: 72f862ed29 am: 1ccbc11db5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: If64b3bea330a7782eeb81891e6e0af626a41e9a7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:35:23 +00:00
Jimmy Hu
a6b09ce04e Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f am: 9279426af4 am: 41369192ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: Ic4b1dd6c02cffaf4ec285e49e5ba6763c020b531
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:34:07 +00:00
Jimmy Hu
1ccbc11db5 Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f am: 72f862ed29 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: I71631507e3a3f316b2db3cb5b086870401fe196b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 08:52:08 +00:00
Jimmy Hu
41369192ab Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f am: 9279426af4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: Ieba000770bd6c6f9f419cb7dd3a56f24e91e3ed9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 08:49:56 +00:00
Jimmy Hu
72f862ed29 Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: I77dec3ec400e338a662d51a0f3832e561dbdf1d2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 08:29:49 +00:00
Jimmy Hu
9279426af4 Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: I6a938dee1103a1b2b445669a5258f7470729248c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 08:25:48 +00:00
Jimmy Hu
86cb19bb2f Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev 2023-05-24 08:14:01 +00:00
Jin Jeong
4c8783ce96 Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d am: 01bc6a6edb am: 4b3bca8f40 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: Ide86f25d726da8bf9b5108e4ceed42b05924c9f1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:13:37 +00:00
Jin Jeong
e19b6070d4 Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d am: b4bac68874 am: 80af45ba72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: I6ac4bc6fad96365507a13b0d3bae1c3223d26b92
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:13:14 +00:00
Android Build Coastguard Worker
1db2fb26e8 Snap for 10186302 from 951634d720 to udc-qpr1-release 
Change-Id: Ieb66a881cc4ae976e5a31ba96bc2519588da8347
 2023-05-24 03:02:58 +00:00
Jin Jeong
4b3bca8f40 Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d am: 01bc6a6edb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: I7817766c5a9d97d73a88d041c782dd8becfd2a64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:31:06 +00:00
Jin Jeong
80af45ba72 Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d am: b4bac68874 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: Id62f1ff7fb4f5a2623783711eb8e62064feb1f4c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:25:04 +00:00
Jin Jeong
01bc6a6edb Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: I5c731d28cba0a6073f8762c76f4b932f0befd80b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:45:51 +00:00
Jin Jeong
b4bac68874 Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: I88f2266fdc8cf1f50fb3bcc6391d8b7f55715f62
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:42:02 +00:00
Jin Jeong
f77e90366d Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev 2023-05-24 01:07:12 +00:00
Wilson Sung
e889f684c3 Update SELinux error am: d73217d81f am: 951634d720 am: a9069e0cdd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23364725

Change-Id: I823b18f5b79dba1e7967bf4c17dc8be2e504b524
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 11:16:08 +00:00
Wilson Sung
47bf4ca0a7 Update SELinux error am: d73217d81f am: f2042a36ab am: e30a1056fb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23364725

Change-Id: If00e30067a45aaaf2abf1cf4ef5230baf3df8f35
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 11:13:54 +00:00
Wilson Sung
a9069e0cdd Update SELinux error am: d73217d81f am: 951634d720 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23364725

Change-Id: I68abd4e279371a06a34c97c2c928c41246540ebc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 10:30:29 +00:00
Wilson Sung
e30a1056fb Update SELinux error am: d73217d81f am: f2042a36ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23364725

Change-Id: Iceb3e0805bca71944ab115f29c58ada28d302bf1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 10:28:37 +00:00
Wilson Sung
951634d720 Update SELinux error am: d73217d81f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23364725

Change-Id: I0cc36602e12660f4bd186cbc4d98c6183f814ad0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 09:48:11 +00:00
Wilson Sung
f2042a36ab Update SELinux error am: d73217d81f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23364725

Change-Id: I022bd1a22194279f776490d8af53452d92f3ce09
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-23 09:44:10 +00:00
Android Build Coastguard Worker
f066c154ff Snap for 10179466 from 751150f9bc to udc-qpr1-release 
Change-Id: Ic7884826f3ebc0bf49a96a57af61efed8414f87a
 2023-05-23 01:07:43 +00:00
Wilson Sung
d73217d81f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 283725554
Test: scanBugreport
Bug: 283725554
Bug: 283725302
Test: scanAvcDeniedLogRightAfterReboot
Bug: 283725554
Change-Id: Ie482a46311c1dc1153ef04889e82971a09361e49
 2023-05-22 15:01:49 +08:00
Kenny Root
b552d02d0c [automerger skipped] Merge "Add GSA logs policy" into udc-d1-dev am: 107d3314a4 am: 751150f9bc -s ours am: 92ec73dc3a -s ours 
am skip reason: Merged-In I8842c0bec972c4cfad15ca689f8e4ae7fa99e179 with SHA-1 7be3a71942 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23268925

Change-Id: I680e4d97e76ba6f967ea5f68498efe05e9f39953
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 06:35:10 +00:00
Kenny Root
db6226ed8b [automerger skipped] Merge "Add GSA logs policy" into udc-d1-dev am: 107d3314a4 am: b1e5122f5b am: 6dd4b9338b -s ours 
am skip reason: Merged-In I8842c0bec972c4cfad15ca689f8e4ae7fa99e179 with SHA-1 076591d107 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23268925

Change-Id: I90400f827f867eb3b399640c59b9e0f10b595a63
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 06:34:19 +00:00
Kenny Root
92ec73dc3a [automerger skipped] Merge "Add GSA logs policy" into udc-d1-dev am: 107d3314a4 am: 751150f9bc -s ours 
am skip reason: Merged-In I8842c0bec972c4cfad15ca689f8e4ae7fa99e179 with SHA-1 7be3a71942 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23268925

Change-Id: Iae62daf92725e624df0f4e788f19d490407d9ebb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 06:10:55 +00:00
Kenny Root
6dd4b9338b Merge "Add GSA logs policy" into udc-d1-dev am: 107d3314a4 am: b1e5122f5b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23268925

Change-Id: If7a772bfecae240d7229810b8fc22f9328578033
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 06:08:47 +00:00
Kenny Root
751150f9bc Merge "Add GSA logs policy" into udc-d1-dev am: 107d3314a4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23268925

Change-Id: Ic150e6aa8ca8eefbb0957871c176f5c0904d5d07
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 05:42:14 +00:00
Kenny Root
b1e5122f5b Merge "Add GSA logs policy" into udc-d1-dev am: 107d3314a4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23268925

Change-Id: Ib9c3b04f95760982a04b3b545115cc13786985ef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 05:39:41 +00:00
Kenny Root
107d3314a4 Merge "Add GSA logs policy" into udc-d1-dev 2023-05-22 05:14:11 +00:00
Android Build Coastguard Worker
8c6ea1b90d Snap for 10171934 from 9897966578 to udc-qpr1-release 
Change-Id: If1bfb885f867e3bd3c5fe273bd082611f1c5acc8
 2023-05-20 04:38:20 +00:00
Lawrence Huang
78131df600 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev am: 7bf6643438 am: 9897966578 am: 41132e4495 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338581

Change-Id: I71327a290563c05e5f1ab14837c70f103bbe0833
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 22:23:22 +00:00
Lawrence Huang
4e5655b819 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev am: 7bf6643438 am: da39d4174a am: 4a15a8d448 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338581

Change-Id: Ic45f57e2793919c10eb28d2fbc638cadc95d5ba8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 22:21:49 +00:00
Lawrence Huang
41132e4495 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev am: 7bf6643438 am: 9897966578 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338581

Change-Id: I559cabd18cc00c1ac5954b4c48575b5af5cb9460
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 21:37:44 +00:00
Lawrence Huang
4a15a8d448 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev am: 7bf6643438 am: da39d4174a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338581

Change-Id: I6e967c863e136ae650860732bf332009a0e9d40b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 21:36:08 +00:00
Lawrence Huang
9897966578 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev am: 7bf6643438 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338581

Change-Id: I4fcdf42bc673495deb3747a2ad7c7249787ca9fd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 20:50:04 +00:00
Lawrence Huang
da39d4174a Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev am: 7bf6643438 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338581

Change-Id: Ia4e68a5f2b74985a1c8e15e43418a81dc22cc798
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 20:48:09 +00:00
Lawrence Huang
7bf6643438 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev 2023-05-19 19:59:58 +00:00
Jimmy Hu
70e6dd395b Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 263916675
Bug: 264231895
Test: setprop vendor.usb.contaminantdisable true
Change-Id: Ia451a6abc4a3c872c002efa323d06e9179bd656b
Signed-off-by: Jimmy Hu <hhhuuu@google.com>
 2023-05-19 09:54:23 +00:00
Treehugger Robot
3072c4a1ee Merge "Remove selinux error bug reference after fixing" into udc-d1-dev am: b295326a78 am: fe0408840c am: d4943987ec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338576

Change-Id: I4345917671730fb66d27329d4bcc6f841b13e0a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 05:23:33 +00:00
Treehugger Robot
b19db37cdc Merge "Remove selinux error bug reference after fixing" into udc-d1-dev am: b295326a78 am: 45b4e68788 am: d97787af6a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338576

Change-Id: Ia5d287d7896d86c5b4747ff14f18570e6eca4b8f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 05:22:44 +00:00
Treehugger Robot
d4943987ec Merge "Remove selinux error bug reference after fixing" into udc-d1-dev am: b295326a78 am: fe0408840c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338576

Change-Id: Icf6df94c61627741b777769dc460dcda78eaa6b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 04:44:48 +00:00
Treehugger Robot
d97787af6a Merge "Remove selinux error bug reference after fixing" into udc-d1-dev am: b295326a78 am: 45b4e68788 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338576

Change-Id: I515451f0cd19165050226f9f2a5cdf301a04ecba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 04:40:50 +00:00
Prasanna Prapancham
49c0960467 add 8411 to logbuffer am: 9138d3d1de am: e8199c4239 am: 7337bd4da5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23302169

Change-Id: If68b3e42daab98522c80ae115b7c4830c27a3aa0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 04:00:42 +00:00
Prasanna Prapancham
56eea097d7 add 8411 to logbuffer am: 9138d3d1de am: a64fd32572 am: 0ed9e533c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23302169

Change-Id: I2145136b9a5cd061caaf8e78a20d9721a8a9295a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 03:59:25 +00:00
Treehugger Robot
fe0408840c Merge "Remove selinux error bug reference after fixing" into udc-d1-dev am: b295326a78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338576

Change-Id: Ie4b290dcd5f481a9c8f43d49199af4adc4e9fbe7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 03:58:47 +00:00
Treehugger Robot
45b4e68788 Merge "Remove selinux error bug reference after fixing" into udc-d1-dev am: b295326a78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23338576

Change-Id: I34dba1ef3b40020df96832e93b49ea8eb073e1fe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 03:56:27 +00:00
Prasanna Prapancham
7337bd4da5 add 8411 to logbuffer am: 9138d3d1de am: e8199c4239 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23302169

Change-Id: I81d07155c50892b77705f18af530a54e0824dd49
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 03:18:54 +00:00
Prasanna Prapancham
0ed9e533c3 add 8411 to logbuffer am: 9138d3d1de am: a64fd32572 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23302169

Change-Id: I16c398a087cf11b0c8060c2cfb3d96a5d8ebd370
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 03:16:59 +00:00
Treehugger Robot
b295326a78 Merge "Remove selinux error bug reference after fixing" into udc-d1-dev 2023-05-19 03:07:49 +00:00
Prasanna Prapancham
e8199c4239 add 8411 to logbuffer am: 9138d3d1de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23302169

Change-Id: If8cc54e939bd06c9aec5509962119b5107497734
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 02:31:39 +00:00
Prasanna Prapancham
a64fd32572 add 8411 to logbuffer am: 9138d3d1de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23302169

Change-Id: Ia3eb2c23e55ac4108fe44d285ba603a78f2f3f02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-19 02:29:29 +00:00
Lawrence Huang
c64c508a51 Add net_domain for GCA on zuma devices 
Bug: 277097939

Change-Id: Iadfc1be5f9e6830693aed9d9b619815c7d1f9caf
(cherry picked from commit e979543b99)
 2023-05-19 01:53:03 +00:00
Grace Chen
e151f78f5a Remove selinux error bug reference after fixing 
Bug: 264483151
Test: None, simple bug removal
Change-Id: Id93085566c772e6b434777955b62b1ccaba64ae2
 2023-05-18 17:54:20 -07:00
Android Build Coastguard Worker
64a3671bb0 Snap for 10157673 from bd597dc5a2 to udc-qpr1-release 
Change-Id: I66f1374af26c6bf5dd55d7714e5e06fbce43d021
 2023-05-18 03:03:20 +00:00
Prasanna Prapancham
9138d3d1de add 8411 to logbuffer 
Test: Flash local build and collect bugreport
Bug: 277799048
Change-Id: I877a91999a2f17df5ea90d3d2257b93bfd67e8e6
Signed-off-by: Prasanna Prapancham <prapancham@google.com>
(cherry picked from commit c1715483d1)
 2023-05-17 22:52:57 +00:00
Xu Han
ccce301128 Merge "Add permission for nautilus devices" into udc-d1-dev am: 639d91fb93 am: bd597dc5a2 am: 5334397f8b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23279761

Change-Id: I5a014a6d73240c3945cb4698fbc7f211fa164510
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 19:27:28 +00:00
Xu Han
01b692295a Merge "Add permission for nautilus devices" into udc-d1-dev am: 639d91fb93 am: cb92b8fcdc am: 6c5f7b4982 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23279761

Change-Id: I0e08457034c3abb712d3abf9bd0eb2f75c3a526b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 19:02:42 +00:00
Xu Han
5334397f8b Merge "Add permission for nautilus devices" into udc-d1-dev am: 639d91fb93 am: bd597dc5a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23279761

Change-Id: I3d0da4aaea18f17f9fb678c50023f8ac61318ab3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 18:34:14 +00:00
Xu Han
6c5f7b4982 Merge "Add permission for nautilus devices" into udc-d1-dev am: 639d91fb93 am: cb92b8fcdc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23279761

Change-Id: I0d818942b44db361307b8078a9b4c95dee1d55a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 18:28:33 +00:00
Kenny Root
7be3a71942 Add GSA logs policy 
This adds a label to the sysfs files for GSA logs to allow dumpstate to
read them during a bugreport.

(cherry picked from commit 076591d107)

Bug: 271125313
Test: adb shell dumpstate
Change-Id: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
Merged-In: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
 2023-05-17 17:36:35 +00:00
Xu Han
bd597dc5a2 Merge "Add permission for nautilus devices" into udc-d1-dev am: 639d91fb93 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23279761

Change-Id: I6cea27586f37856b3e31a181edfcdca6d958394b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 17:24:05 +00:00
Xu Han
cb92b8fcdc Merge "Add permission for nautilus devices" into udc-d1-dev am: 639d91fb93 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23279761

Change-Id: Ib51a391011a30f9c142bc9bd3bb15ea576c88bbb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 17:21:48 +00:00
Xu Han
639d91fb93 Merge "Add permission for nautilus devices" into udc-d1-dev 2023-05-17 16:48:55 +00:00
Luke Chang
5c1a96b260 [automerger skipped] Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev am: 3d16072afb am: 063595b096 -s ours am: b85699d605 -s ours 
am skip reason: Merged-In I127ffc74aa68976de4aaa4a750b4043def4e2759 with SHA-1 73e88c0a83 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23270943

Change-Id: I60e2e2b9053b0fa1c765de0ea2b6bd2e150133e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 12:50:33 +00:00
Luke Chang
cf711b8ccb [automerger skipped] Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev am: 3d16072afb am: de2132476f am: 44dd9f7afa -s ours 
am skip reason: Merged-In I127ffc74aa68976de4aaa4a750b4043def4e2759 with SHA-1 b7f556c9cb is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23270943

Change-Id: Id03587e66956656c9a2a5c337ea9217fdb93eec1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 12:49:57 +00:00
Luke Chang
b85699d605 [automerger skipped] Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev am: 3d16072afb am: 063595b096 -s ours 
am skip reason: Merged-In I127ffc74aa68976de4aaa4a750b4043def4e2759 with SHA-1 73e88c0a83 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23270943

Change-Id: Ic45336dc8c8abffb36cdef61773a23cfeaba7f2f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 12:07:55 +00:00
Luke Chang
44dd9f7afa Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev am: 3d16072afb am: de2132476f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23270943

Change-Id: If4ae5813e128ec9eca5988c20f19f59badde7c0c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 11:57:49 +00:00
Luke Chang
063595b096 Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev am: 3d16072afb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23270943

Change-Id: I6cf00241401db9725b1d285dd27abf5a3befd3b6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 11:04:00 +00:00
Luke Chang
de2132476f Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev am: 3d16072afb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23270943

Change-Id: I0809900155d08d626e730b338feee23516254ec3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 11:01:10 +00:00
Luke Chang
3d16072afb Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev 2023-05-17 10:09:06 +00:00
Xu Han
bdc91f6477 Add permission for nautilus devices 
Bug: 283015605
Test: Build
Change-Id: I986a2798a4a5ca927a1a2aaea61edca9fa59b2c5
 2023-05-17 03:59:43 +00:00
lukechang
73e88c0a83 sepolicy: label cpd cl2 & cl1 target_residency 
Test: build and boot to home
Bug: 277390134

Merged-In: I127ffc74aa68976de4aaa4a750b4043def4e2759
Change-Id: I127ffc74aa68976de4aaa4a750b4043def4e2759
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-17 02:11:41 +00:00
TreeHugger Robot
3bf618f649 [automerger skipped] Merge "Add chre channel sepolicy entries" into udc-d1-dev am: 3203ccc21a -s ours am: 73a081d4f9 -s ours am: 812e9182be -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: I6bb4ef213ef8b815fdfecd9de944a71474934bd0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 02:07:20 +00:00
Luis Delgado de Mendoza Garcia
d8934c6762 [automerger skipped] Add chre channel sepolicy entries am: a3f0628f68 -s ours am: f653d739b9 -s ours am: 6ab893e07c -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: I57cd66f306cdb7e0dbb99851a5a786e605bb2801
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 02:07:19 +00:00
TreeHugger Robot
98636fec3a [automerger skipped] Merge "Add chre channel sepolicy entries" into udc-d1-dev am: 3203ccc21a am: 455a2dcd69 -s ours am: 5803c89182 -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: I6a9ff0d31848570e2fb0f42b6e2f9a8ee141b7c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 02:05:37 +00:00
Luke Chang
c371a4da4a Merge "sepolicy: label cpd cl2 & cl1 target_residency" 2023-05-17 02:05:30 +00:00
TreeHugger Robot
812e9182be [automerger skipped] Merge "Add chre channel sepolicy entries" into udc-d1-dev am: 3203ccc21a -s ours am: 73a081d4f9 -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: Ice97dbac132fc93e115a08515c63b9d00029859b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 01:24:58 +00:00
Luis Delgado de Mendoza Garcia
6ab893e07c [automerger skipped] Add chre channel sepolicy entries am: a3f0628f68 -s ours am: f653d739b9 -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: Id326e142a07e5ff5f87e9b2aedec29a794a730ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 01:24:56 +00:00
TreeHugger Robot
5803c89182 [automerger skipped] Merge "Add chre channel sepolicy entries" into udc-d1-dev am: 3203ccc21a am: 455a2dcd69 -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: I98998758b61fa726a392a7291ca6e81523a17fb3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 01:22:50 +00:00
Android Build Coastguard Worker
f69d60b879 Snap for 10146593 from f2adc20b6d to udc-qpr1-release 
Change-Id: I30d448c3d4ea9d3ad2999f21372e6aa3c459c5e0
 2023-05-17 01:08:21 +00:00
TreeHugger Robot
73a081d4f9 [automerger skipped] Merge "Add chre channel sepolicy entries" into udc-d1-dev am: 3203ccc21a -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: Idb9591eaa889cd20af58bb6b8eac814c2e00ecfa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-16 23:57:00 +00:00
Luis Delgado de Mendoza Garcia
f653d739b9 [automerger skipped] Add chre channel sepolicy entries am: a3f0628f68 -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 f31c984cda is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: I6ecfbf8ce1f32a972e4bfdace29c1a71755d4e3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-16 23:56:59 +00:00
TreeHugger Robot
455a2dcd69 Merge "Add chre channel sepolicy entries" into udc-d1-dev am: 3203ccc21a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22953495

Change-Id: Ib2d8972837eb6bbd894d2bc31c529c105375d2f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-16 23:54:49 +00:00
TreeHugger Robot
3203ccc21a Merge "Add chre channel sepolicy entries" into udc-d1-dev 2023-05-16 23:04:18 +00:00
Luis Delgado de Mendoza Garcia
a3f0628f68 Add chre channel sepolicy entries 
Bug: 275143652
Fix: 275143652
Test: in-device verification.
Change-Id: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
Merged-In: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
 2023-05-16 21:43:09 +00:00
lukechang
b7f556c9cb sepolicy: label cpd cl2 & cl1 target_residency 
Test: build and boot to home
Bug: 277390134

Change-Id: I127ffc74aa68976de4aaa4a750b4043def4e2759
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-16 09:11:25 +00:00
Treehugger Robot
d225fd100e Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 am: f2adc20b6d am: 5fc40842ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: I3d68610c621737407b71c3cda094aa936dcb4351
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 18:44:24 +00:00
Treehugger Robot
8768ad1049 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 am: e1766dcd82 am: a521555ae0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: Ice663723abb01c161ba1f3431d92e12fbf20711a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 18:43:50 +00:00
Treehugger Robot
5fc40842ce Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 am: f2adc20b6d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: I31e9390d4873715a12e503cb0759066433bfb109
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 18:00:45 +00:00
Treehugger Robot
a521555ae0 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 am: e1766dcd82 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: I9ddf2be0e89f66a08ef9b559f30706369df180cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 17:57:47 +00:00
Treehugger Robot
f2adc20b6d Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: Ie69f2adaf56ad5afe8e158df60cd064121e55d6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 17:35:24 +00:00
Treehugger Robot
e1766dcd82 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: I8383f4ed2858abd05dceeef3fc7d7720e42a3031
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 17:33:21 +00:00
Treehugger Robot
05abdf9f26 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev 2023-05-15 16:54:11 +00:00
Adam Shih
1efa9ed8b0 Merge "introduce a new sepolicy owner" 2023-05-15 02:07:02 +00:00
Jin Jeong
b3c701b9c4 Revert "[Zuma] Fix SeLinux error" 
This reverts commit 709ad06c0e.

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Change-Id: Ibe56941737506158ef963bba2ae00035c5c11069
 2023-05-12 04:20:27 +00:00
Android Build Coastguard Worker
3242ad02de Snap for 10120310 from f4258fafc6 to udc-qpr1-release 
Change-Id: I06d7a21260c8c1f64a2830a4b3fa51811e3b67bf
 2023-05-12 03:03:32 +00:00
Adam Shih
062f6c0a85 introduce a new sepolicy owner 
Bug: 281631102
Test: N/A
Change-Id: I2885d990aefafacc00b12bac9c529c40e007585c
 2023-05-12 02:27:18 +00:00
Wilson Sung
f983f9dd7e Remove fixed SELinux bug from bug_map am: 2e511cf418 am: 6be3026f0f am: 670f7f3fdc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23156963

Change-Id: Id002a3992f6d14b04201d3d2c5669eebf96b01e8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 20:02:46 +00:00
Wilson Sung
d8d8d5775e Remove fixed SELinux bug from bug_map am: 2e511cf418 am: f4258fafc6 am: ae683a9ba3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23156963

Change-Id: I6dbb1d372e0d5003f11c6475a912b5adabad0e9f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 20:01:15 +00:00
Luis Delgado de Mendoza Garcia
cdd88f31bf [automerger skipped] Add chre channel sepolicy entries am: f31c984cda am: 7dea662e4f -s ours 
am skip reason: Merged-In Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2 with SHA-1 2a06b44cdc is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22954838

Change-Id: If8c970d6808636e417bc97a55e6a1ffcb42073b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 19:59:02 +00:00
Wilson Sung
670f7f3fdc Remove fixed SELinux bug from bug_map am: 2e511cf418 am: 6be3026f0f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23156963

Change-Id: I0dfe1c04a96c9ef15627fb3cfae60112d4de1dc0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 19:10:49 +00:00
Wilson Sung
ae683a9ba3 Remove fixed SELinux bug from bug_map am: 2e511cf418 am: f4258fafc6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23156963

Change-Id: Ic90fbbb2ac7ab6b4f3a784848929b7c2cd84e64f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 18:47:14 +00:00
Luis Delgado de Mendoza Garcia
7dea662e4f Add chre channel sepolicy entries am: f31c984cda 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22954838

Change-Id: I52117acc2c9650437bd76f1ad938ba011989dbcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 18:46:21 +00:00
Wilson Sung
f4258fafc6 Remove fixed SELinux bug from bug_map am: 2e511cf418 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23156963

Change-Id: I6b4d4a3b21cbf31fd0a4cc43c8a29943a72856e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 18:41:30 +00:00
Wilson Sung
6be3026f0f Remove fixed SELinux bug from bug_map am: 2e511cf418 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23156963

Change-Id: I0d9db68056fd36b51302cf4906370e6d951ad573
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 18:39:11 +00:00
Luis Delgado de Mendoza Garcia
f31c984cda Add chre channel sepolicy entries 
Bug: 241960170
Test: in-device verification.
Change-Id: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
Merged-In: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
 2023-05-11 13:08:29 +00:00
Wilson Sung
334ab73f05 Update SELinux error am: 17a784cf97 am: 33104c2431 am: 682c60aeb2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23125888

Change-Id: Id0c563b0a28d917aded3260f8e33928328df4d9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 08:12:58 +00:00
Wilson Sung
5f078d8913 Update SELinux error am: 17a784cf97 am: 806dfc977c am: ec7504042a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23125888

Change-Id: I49f6b24269620c95e4479a51fb5c39e7e584a363
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 07:58:19 +00:00
Wilson Sung
2e511cf418 Remove fixed SELinux bug from bug_map 
Fix: 280706292
Bug: 280522410
Change-Id: I5b35759d2b89246e65683fbbc3ca877af04ef25b
 2023-05-11 14:10:41 +08:00
Wilson Sung
682c60aeb2 Update SELinux error am: 17a784cf97 am: 33104c2431 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23125888

Change-Id: I10c33da1edd3a17f0e5302b5ac1e695b869b632f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 05:37:51 +00:00
Wilson Sung
ec7504042a Update SELinux error am: 17a784cf97 am: 806dfc977c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23125888

Change-Id: Ia4a0baa07f36cd034e2e183333e65cecc2c4058d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 05:34:57 +00:00
Wilson Sung
33104c2431 Update SELinux error am: 17a784cf97 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23125888

Change-Id: If4b5dbaeb803ae1f2c3f812ede89ad228a431b13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 04:53:03 +00:00
Wilson Sung
806dfc977c Update SELinux error am: 17a784cf97 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23125888

Change-Id: I9c64aee39c85fc94bc05413970bd6367dc1e8684
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 04:48:55 +00:00
Wilson Sung
17a784cf97 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 281815594
Test: scanBugreport
Bug: 281815594
Bug: 281815537
Test: scanAvcDeniedLogRightAfterReboot
Bug: 281815594
Fix: 281645191
Change-Id: Ia1e72cdee3ca535eb978ad8becad94c9c4d8c2cd
 2023-05-11 04:06:31 +00:00
Android Build Coastguard Worker
f459e0c544 Snap for 10109327 from 9d30bd990e to udc-qpr1-release 
Change-Id: I4268f8f50712ab13eeef2574c9bb9bcc15595724
 2023-05-11 03:03:25 +00:00
Luis Delgado de Mendoza Garcia
2a06b44cdc Add chre channel sepolicy entries 
Bug: 241960170
Test: in-device verification.
Change-Id: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
 2023-05-10 17:35:01 +00:00
leohsieh
b7db7f8eae Allow hal_fingerprint_default to access sysfs_aoc_udfps 
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=22035 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=0
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=106891 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=106893 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 267271482
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Change-Id: I39a2e69b1c314d52944bb16ada61e7e6761561cf
 2023-05-10 14:50:56 +08:00
Android Build Coastguard Worker
1cd4216143 Snap for 10094917 from 24dcac2665 to udc-qpr1-release 
Change-Id: Ie2b892afa0644ebe11069c3bec750958583192c2
 2023-05-10 03:04:02 +00:00
Zixuan Lan
d5119aa18f remove fixed selinux bug from bug map. am: 288623d4d4 am: 9d30bd990e am: e3d6e64d16 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23040174

Change-Id: I1b5b5485564c3817d53fc8769623a055f4dd0d08
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 03:01:44 +00:00
Zixuan Lan
82df0b05d1 remove fixed selinux bug from bug map. am: 288623d4d4 am: c7bf80dd24 am: 0559af9ad1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23040174

Change-Id: I7de6a69605beebb044bb11533b7efc71fef47803
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 03:01:36 +00:00
Zixuan Lan
e3d6e64d16 remove fixed selinux bug from bug map. am: 288623d4d4 am: 9d30bd990e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23040174

Change-Id: I3890e72bd2eef91679e59a38cfa6d8063107916e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 02:17:08 +00:00
Zixuan Lan
0559af9ad1 remove fixed selinux bug from bug map. am: 288623d4d4 am: c7bf80dd24 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23040174

Change-Id: I07c024f4300f6a242e0cafe955d643c3374bc53d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 02:14:20 +00:00
Zixuan Lan
9d30bd990e remove fixed selinux bug from bug map. am: 288623d4d4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23040174

Change-Id: I74266f9c72cba0b62382fc49b2ab9c9cb01e35a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 01:30:53 +00:00
Zixuan Lan
c7bf80dd24 remove fixed selinux bug from bug map. am: 288623d4d4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23040174

Change-Id: I420a0e14dec2b62a81bd860950599f2e4bc08310
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-10 01:28:43 +00:00
Zixuan Lan
288623d4d4 remove fixed selinux bug from bug map. 
TPU permission was fixed to avoid error in hal_camera_defaul.The corresponding bug for tracking should be removed from the bug map. Please see bug for more details.
Bug: 275001641
Test: logcat grep for selinux error

Change-Id: I3622a1877f94b41d03d1bcb1c16a404db4b3ea8d
 2023-05-09 16:38:38 -07:00
Zheng Pan
e317e139bd Merge "Allow systemui to find adbd" into udc-d1-dev am: 705cc4abf8 am: 62ceeb7896 am: 501afe43c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23104216

Change-Id: I4bd80ceb328e42af63384138bc6724fe4a455817
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 23:03:49 +00:00
Zheng Pan
9ca108ac70 Merge "Allow systemui to find adbd" into udc-d1-dev am: 705cc4abf8 am: a98b8a881f am: 5dcb7abfa7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23104216

Change-Id: I6c1a04b234ac35b8723adae4fa697af8374206b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 23:03:04 +00:00
Zheng Pan
501afe43c0 Merge "Allow systemui to find adbd" into udc-d1-dev am: 705cc4abf8 am: 62ceeb7896 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23104216

Change-Id: Icfbba75868dd10f09aa811f64c117761b39904c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 22:29:55 +00:00
Zheng Pan
5dcb7abfa7 Merge "Allow systemui to find adbd" into udc-d1-dev am: 705cc4abf8 am: a98b8a881f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23104216

Change-Id: I2bc341d01dfced4d7c5c3c53ec1764bb305e38dd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 21:56:42 +00:00
Zheng Pan
62ceeb7896 Merge "Allow systemui to find adbd" into udc-d1-dev am: 705cc4abf8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23104216

Change-Id: I9b18f91f520d0537ed5a0aa73369bfb52eb2ac77
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 21:16:01 +00:00
Zheng Pan
a98b8a881f Merge "Allow systemui to find adbd" into udc-d1-dev am: 705cc4abf8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23104216

Change-Id: I0f37291b0dd6ca03020fff173603fcea1cb517a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 21:12:20 +00:00
Zheng Pan
705cc4abf8 Merge "Allow systemui to find adbd" into udc-d1-dev 2023-05-09 20:21:14 +00:00
Wilson Sung
c997682743 Merge "Update SELinux error" into udc-d1-dev am: e797557f08 am: 24dcac2665 am: 317fc7a431 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23015883

Change-Id: I996a56c25132eef594a8d4e620e2b7d2fd38a56a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 14:10:48 +00:00
Mahesh Kallelil
102a44272d Allow dump_modem to read logbuffer and wakeup events am: 1f885d0bcd am: e761ce1954 am: e6b59eccbd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22834646

Change-Id: I7b398d14de6182088f3914d740278094a7ce4f11
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 12:50:11 +00:00
Wilson Sung
0d48d895d0 Merge "Update SELinux error" into udc-d1-dev am: e797557f08 am: f4499ed385 am: 45ca50b7ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23015883

Change-Id: I702d65ae52493262edb138077135cc10d2db5678
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 12:49:32 +00:00
Mahesh Kallelil
8e513c2155 Allow dump_modem to read logbuffer and wakeup events am: 1f885d0bcd am: 56184ab96e am: af236c3219 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22834646

Change-Id: I38d6bd8125af59ec6373d699e58d6a2461eedc5e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 12:42:59 +00:00
Treehugger Robot
02a2518daa Merge "Update SELinux error" into udc-d1-dev am: 254911d666 am: 5dbbb257fb am: b1c5395580 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23100096

Change-Id: Ic592f74443d1bc301cc641af3f640cbafa3a4367
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 12:42:49 +00:00
Wilson Sung
317fc7a431 Merge "Update SELinux error" into udc-d1-dev am: e797557f08 am: 24dcac2665 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23015883

Change-Id: If697af11c825c5db4c71a0533dc2518a677a5c8a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 11:12:34 +00:00
Mahesh Kallelil
e6b59eccbd Allow dump_modem to read logbuffer and wakeup events am: 1f885d0bcd am: e761ce1954 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22834646

Change-Id: I37a8d9f819f52d0bb902528a21a9323f2219785b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 11:12:14 +00:00
Luke Chang
be097e2d1f [automerger skipped] Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev am: f86a07903b am: 590c58bc44 -s ours am: 0b82087f38 -s ours 
am skip reason: Merged-In Iad525a9c556ee436afb8cbd29156b6b593329e83 with SHA-1 9d44de7ecf is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980665

Change-Id: Ia0cb0d11b57d8f21b3f2895f5db4a47cdc36f583
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 11:09:47 +00:00
Treehugger Robot
febc01991d Merge "Update SELinux error" into udc-d1-dev am: 254911d666 am: a23adf7f91 am: 6a2772ccbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23100096

Change-Id: Ieeb5b5d1eda0b664ccf3848c2fc5e6ab6a576d3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:53:58 +00:00
Wilson Sung
45ca50b7ef Merge "Update SELinux error" into udc-d1-dev am: e797557f08 am: f4499ed385 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23015883

Change-Id: Ief8aedafd856fa67c93189e80c536723a6b8a4d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:46:46 +00:00
Mahesh Kallelil
af236c3219 Allow dump_modem to read logbuffer and wakeup events am: 1f885d0bcd am: 56184ab96e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22834646

Change-Id: Ie63f838555e7f05f553235da83e8a865efcd6de6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:46:25 +00:00
Luke Chang
c41a5d78e3 [automerger skipped] Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev am: f86a07903b am: 43e7df4ae7 am: 62acff57a3 -s ours 
am skip reason: Merged-In Iad525a9c556ee436afb8cbd29156b6b593329e83 with SHA-1 35f3c85c09 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980665

Change-Id: I53951bff0eab3967c606e9736c430922d54b3843
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:29:29 +00:00
Wilson Sung
f4499ed385 Merge "Update SELinux error" into udc-d1-dev am: e797557f08 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23015883

Change-Id: I8ff067a88f7754d007f26c0a273c2a91edbf0bf1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:29:22 +00:00
Mahesh Kallelil
56184ab96e Allow dump_modem to read logbuffer and wakeup events am: 1f885d0bcd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22834646

Change-Id: I2c96c9fce37659d5cd4ed5258bdb647c7b7b8981
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:28:59 +00:00
Wilson Sung
24dcac2665 Merge "Update SELinux error" into udc-d1-dev am: e797557f08 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23015883

Change-Id: Icb32af4694c3e430ae6b14dad5e296ff64553ee2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:27:05 +00:00
Mahesh Kallelil
e761ce1954 Allow dump_modem to read logbuffer and wakeup events am: 1f885d0bcd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22834646

Change-Id: Ifbed4af2a24798a5a96b4d9caddef51909b94e46
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:26:51 +00:00
Treehugger Robot
b1c5395580 Merge "Update SELinux error" into udc-d1-dev am: 254911d666 am: 5dbbb257fb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23100096

Change-Id: Ic212b2d6b0313777d63a42aadcef34a22f6cade0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:26:27 +00:00
Wilson Sung
e797557f08 Merge "Update SELinux error" into udc-d1-dev 2023-05-09 10:06:38 +00:00
Luke Chang
0b82087f38 [automerger skipped] Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev am: f86a07903b am: 590c58bc44 -s ours 
am skip reason: Merged-In Iad525a9c556ee436afb8cbd29156b6b593329e83 with SHA-1 9d44de7ecf is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980665

Change-Id: If34b098e76061823610134da947a921e5da746a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 10:04:37 +00:00
Treehugger Robot
6a2772ccbb Merge "Update SELinux error" into udc-d1-dev am: 254911d666 am: a23adf7f91 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23100096

Change-Id: I9da027f7fbbe95770ff12426ba2117ab7ff3bf1a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 09:30:14 +00:00
Luke Chang
62acff57a3 Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev am: f86a07903b am: 43e7df4ae7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980665

Change-Id: I59fb777b8ad2f3ec932afad979d656ed60c7bbaa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 09:29:06 +00:00
Treehugger Robot
5dbbb257fb Merge "Update SELinux error" into udc-d1-dev am: 254911d666 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23100096

Change-Id: I6ef7907e508e29b621c24b3b061edd1e019e453a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 08:59:18 +00:00
Luke Chang
590c58bc44 Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev am: f86a07903b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980665

Change-Id: Ia1c127dc965d6b8997a0b265bdc46c298d40ccfd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 08:55:59 +00:00
Treehugger Robot
a23adf7f91 Merge "Update SELinux error" into udc-d1-dev am: 254911d666 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23100096

Change-Id: Ib60cf6b2f6472ebf514f70c3e2b8b1ee8653db64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 08:28:47 +00:00
Luke Chang
43e7df4ae7 Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev am: f86a07903b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980665

Change-Id: I345486020372ee78c3309e7521564c285891da24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 08:25:08 +00:00
Mahesh Kallelil
1f885d0bcd Allow dump_modem to read logbuffer and wakeup events 
Updating sepolicy for dump_modem to read /dev/logbuffer_cpif. This is
required as part of bugreport.

Test: Tested bugreport on P23
Bug: 278501642
Change-Id: I102583e37ec2e3852fd901a75bbb06de9ac6f77c
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-05-09 00:20:07 -07:00
Jin Jeong
48e309e0b3 Merge "[Zuma] Fix SeLinux error" into udc-d1-dev am: e22788ae78 am: 62a999aff6 am: 7fc312e435 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22984822

Change-Id: I0fefc926217d9cdcbbb250bc0244306998386f24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 07:19:03 +00:00
Treehugger Robot
254911d666 Merge "Update SELinux error" into udc-d1-dev 2023-05-09 07:15:25 +00:00
Luke Chang
f86a07903b Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev 2023-05-09 06:09:33 +00:00
Wilson Sung
fd60d077ad Allow systemui to find adbd 
Bug: 276415118
Fix: 272628396
Test: connect to adb with no avc error
Change-Id: I07496d663628f62ed975785d794854d1cdc77040
 2023-05-09 05:22:16 +00:00
Luke Chang
ab998b462c Merge "sepolicy: label cpd cl2 & cl1" 2023-05-09 04:54:33 +00:00
Jin Jeong
7fc312e435 Merge "[Zuma] Fix SeLinux error" into udc-d1-dev am: e22788ae78 am: 62a999aff6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22984822

Change-Id: I14094b208ea594cf7771bf3a59ccb0f4ae7f7c10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 02:37:33 +00:00
Jin Jeong
f4389a4333 Merge "[Zuma] Fix SeLinux error" into udc-d1-dev am: e22788ae78 am: 53cfab53be am: 077bfe327c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22984822

Change-Id: I1cdf145a6810a3754b7cbd3e2b44471366db1ebd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 02:23:13 +00:00
Wilson Sung
6ee8a855f9 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 280706211
Test: scanBugreport
Bug: 280706211
Bug: 280705998
Test: scanAvcDeniedLogRightAfterReboot
Bug: 280706211
Change-Id: I84d50fc4e4f05d0228bc3713cf1b216bf12a72cd
 2023-05-09 10:07:46 +08:00
Android Build Coastguard Worker
e925ee7fd6 Snap for 10088597 from 6b0dd58200 to udc-qpr1-release 
Change-Id: I83b53eb44a5289eed7d32bdaf328a483d532d222
 2023-05-09 01:17:44 +00:00
Jin Jeong
077bfe327c Merge "[Zuma] Fix SeLinux error" into udc-d1-dev am: e22788ae78 am: 53cfab53be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22984822

Change-Id: I20d4b660fd5deec8bac58d00a0ef1fc24af6f53e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 01:05:55 +00:00
Hasan Awais
14b2c135bb uwb: add permissions for factory uwb calib file 
needed for copying the factory calib file from persist to
/data/vendor/uwb, along with converting the file to a valid format
for uwb HAL

Bug: 274513871
Bug: 279820265
Test: local build passed
Change-Id: I4c4286cd5c200475cac3b9d58a81724d631c49e0
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2023-05-09 00:27:47 +00:00
Jin Jeong
62a999aff6 Merge "[Zuma] Fix SeLinux error" into udc-d1-dev am: e22788ae78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22984822

Change-Id: I61a44b6ddbc189fd34e5146c2fb16af13e83d8db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 00:18:53 +00:00
Jin Jeong
53cfab53be Merge "[Zuma] Fix SeLinux error" into udc-d1-dev am: e22788ae78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22984822

Change-Id: I2ab1f4d0c0f18746c09ef7ce75535eacc96de1ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-09 00:16:00 +00:00
Jin Jeong
e22788ae78 Merge "[Zuma] Fix SeLinux error" into udc-d1-dev 2023-05-08 23:37:28 +00:00
Martin Liu
e4e930185a Add sepolicies for gcma_camera heaps 
Bug: 275481134
Test: launch camera
Change-Id: I2efe897826d3c32bb85c815207865c0db557ea9f
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-05-08 23:54:55 +08:00
lukechang
35f3c85c09 sepolicy: label cpd cl2 & cl1 
Test: build and boot to home
Bug: 277390134

Change-Id: Iad525a9c556ee436afb8cbd29156b6b593329e83
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-08 08:49:45 +00:00
lukechang
9d44de7ecf sepolicy: label cpd cl2 & cl1 
Test: build and boot to home
Bug: 277390134

Merged-In: Iad525a9c556ee436afb8cbd29156b6b593329e83
Change-Id: Iad525a9c556ee436afb8cbd29156b6b593329e83
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-08 08:39:21 +00:00
sashwinbalaji
771b533133 thermal: thermal_metrics: Update selinux to reset stats 
Bug: 193833982
Test: Local build and verify statsD logs
adb shell cmd stats print-logs && adb logcat -b all | grep -i 105045
Change-Id: I09afbea9386724f0abf6b9cab5838e89a060a5fd
 2023-05-08 05:15:39 +00:00
TreeHugger Robot
8dd5670012 Merge "Add tele sensor sepolicy permission" into udc-d1-dev am: b417627fb8 am: 6b0dd58200 am: aa2b28601a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020018

Change-Id: I8668884aff86fe0b87c7e53349cba9a9e1b27f30
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-08 04:02:04 +00:00
TreeHugger Robot
99c3feb294 Merge "Add tele sensor sepolicy permission" into udc-d1-dev am: b417627fb8 am: 899d3062b6 am: ebb31ef6bb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020018

Change-Id: I2c9c384487f02bf9d8a12db6121982a611a903f1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-08 04:00:55 +00:00
TreeHugger Robot
aa2b28601a Merge "Add tele sensor sepolicy permission" into udc-d1-dev am: b417627fb8 am: 6b0dd58200 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020018

Change-Id: Ic1c29f98787000eea36561f871a4069bc6013a6d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-08 03:19:25 +00:00
TreeHugger Robot
ebb31ef6bb Merge "Add tele sensor sepolicy permission" into udc-d1-dev am: b417627fb8 am: 899d3062b6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020018

Change-Id: I5686d799847f3c5968b14ff017ff10faaf22ef1e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-08 03:14:05 +00:00
TreeHugger Robot
6b0dd58200 Merge "Add tele sensor sepolicy permission" into udc-d1-dev am: b417627fb8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020018

Change-Id: I0d003c1421b2744d6064a62031abcc3889fab7b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-08 02:36:17 +00:00
TreeHugger Robot
899d3062b6 Merge "Add tele sensor sepolicy permission" into udc-d1-dev am: b417627fb8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020018

Change-Id: I2b27f715f84d664965ce7dfef14d59cee4788b22
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-08 02:32:21 +00:00
TreeHugger Robot
b417627fb8 Merge "Add tele sensor sepolicy permission" into udc-d1-dev 2023-05-08 02:00:59 +00:00
Android Build Coastguard Worker
39eb0901f7 Snap for 10080193 from ad2c33b44a to udc-qpr1-release 
Change-Id: I30328b99e397727b55c22e0b3283c95033a810ce
 2023-05-06 03:03:44 +00:00
Treehugger Robot
d294d6e5b0 Merge "Add sepolicy permission of new camera components" into udc-d1-dev am: 74e0e5fc37 am: 0c91639fd5 am: d305e261fb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982823

Change-Id: I777157a9280ca8262f35d37bd7794a4dc84e53b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:58:01 +00:00
Ted Wang
6d13276776 Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev am: be9ee4c01d am: 08f24f30a6 am: cf944428b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344152

Change-Id: I57c9831d68438e70d91377ca335ba2ecae75d40f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:36:37 +00:00
Treehugger Robot
ab47a1ae3b Merge "Add sepolicy permission of new camera components" into udc-d1-dev am: 74e0e5fc37 am: ad2c33b44a am: 76ab0fefef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982823

Change-Id: Ia805db6bdaa4a25a8606473eb668ab9bcf029590
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:36:25 +00:00
Ted Wang
0a096b1aef Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev am: be9ee4c01d am: b1473d353f am: 15b8415e2b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344152

Change-Id: I072ce6c114d1c4cb0ba0604a8faf2284c64b19ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:35:23 +00:00
TreeHugger Robot
d1fc4d5cad Merge "[display-stats] enable pixelstats access to display metrics on Zuma devices." into udc-d1-dev am: 1db3ac365d am: 5000b9ffc9 am: 255fe1a87f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22589719

Change-Id: Ibb98318a4adc347d68652ea291d7ff67829ec212
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:35:05 +00:00
TreeHugger Robot
27d8b200d6 Merge "[display-stats] enable pixelstats access to display metrics on Zuma devices." into udc-d1-dev am: 1db3ac365d am: 55ecf93b7d am: 5b6de1f086 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22589719

Change-Id: I70e686a83c79305cd21fe972748c72056e64c433
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:34:49 +00:00
Treehugger Robot
d305e261fb Merge "Add sepolicy permission of new camera components" into udc-d1-dev am: 74e0e5fc37 am: 0c91639fd5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982823

Change-Id: Icfb0bb463e969fef02d1778e221264cd5bb8bdd7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:09:02 +00:00
Ted Wang
cf944428b8 Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev am: be9ee4c01d am: 08f24f30a6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344152

Change-Id: Ie557fc668df0ee100ca360400411608e245ee69e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 07:08:09 +00:00
Treehugger Robot
76ab0fefef Merge "Add sepolicy permission of new camera components" into udc-d1-dev am: 74e0e5fc37 am: ad2c33b44a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982823

Change-Id: Id90dea66dcd553edc0c05f5e3a698fc5e15fb243
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:54:10 +00:00
Ted Wang
15b8415e2b Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev am: be9ee4c01d am: b1473d353f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344152

Change-Id: Iba691955123a22ecf7db8baa790b20541e89bd37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:53:31 +00:00
TreeHugger Robot
255fe1a87f Merge "[display-stats] enable pixelstats access to display metrics on Zuma devices." into udc-d1-dev am: 1db3ac365d am: 5000b9ffc9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22589719

Change-Id: I381454f3ef03a44685ca2d8b17e4b0fdd5cdbd6b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:52:15 +00:00
Treehugger Robot
0c91639fd5 Merge "Add sepolicy permission of new camera components" into udc-d1-dev am: 74e0e5fc37 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982823

Change-Id: Ic57a119ec1d8bd364567cb99ff603a703b1b6767
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:47:47 +00:00
Ted Wang
08f24f30a6 Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev am: be9ee4c01d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344152

Change-Id: Ib6a3152e7cdaa68a880fe0e94c7a5ea633db24e1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:47:14 +00:00
TreeHugger Robot
5b6de1f086 Merge "[display-stats] enable pixelstats access to display metrics on Zuma devices." into udc-d1-dev am: 1db3ac365d am: 55ecf93b7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22589719

Change-Id: I4b90e024958ac7499abedcffdaec0c8136fd9fca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:46:52 +00:00
Treehugger Robot
ad2c33b44a Merge "Add sepolicy permission of new camera components" into udc-d1-dev am: 74e0e5fc37 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982823

Change-Id: I4d3d646c03432e7f75545fc64f717141d04fdefa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:31:22 +00:00
Ted Wang
b1473d353f Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev am: be9ee4c01d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344152

Change-Id: I6904e8eb3197a52e2ea3cf0c6bbbed5676abe7cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:30:32 +00:00
Treehugger Robot
74e0e5fc37 Merge "Add sepolicy permission of new camera components" into udc-d1-dev 2023-05-05 06:27:43 +00:00
Ted Wang
be9ee4c01d Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev 2023-05-05 06:19:10 +00:00
TreeHugger Robot
5000b9ffc9 Merge "[display-stats] enable pixelstats access to display metrics on Zuma devices." into udc-d1-dev am: 1db3ac365d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22589719

Change-Id: Idcdfb170127ff401e98b3ddad03f7a36ecf16f73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:09:39 +00:00
TreeHugger Robot
55ecf93b7d Merge "[display-stats] enable pixelstats access to display metrics on Zuma devices." into udc-d1-dev am: 1db3ac365d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22589719

Change-Id: I9c31d1f117be3993b6114a7b636095a9229050b0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 06:05:33 +00:00
TreeHugger Robot
1db3ac365d Merge "[display-stats] enable pixelstats access to display metrics on Zuma devices." into udc-d1-dev 2023-05-05 05:35:55 +00:00
George Chang
e1cbf46acb Allow systemui_app to access Nfc service am: 178e94cb81 am: f1878d0214 am: a2ee31e9ac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020017

Change-Id: I651e56aa43c0785bf0ef92385d5c21be1005be0b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 02:43:55 +00:00
George Chang
e5b9b50686 Allow systemui_app to access Nfc service am: 178e94cb81 am: 74937b19bb am: 2613956e78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020017

Change-Id: Iaf5cd6da5e75a67a9d01eb700438d3336ade7528
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 02:32:33 +00:00
George Chang
a2ee31e9ac Allow systemui_app to access Nfc service am: 178e94cb81 am: f1878d0214 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020017

Change-Id: Ic40e606dd9ec4d91e7cbcac38330c664b912b865
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 01:37:33 +00:00
George Chang
2613956e78 Allow systemui_app to access Nfc service am: 178e94cb81 am: 74937b19bb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020017

Change-Id: I7e082ed9794b6a27439822214701a8bdf27d9088
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 01:28:08 +00:00
George Chang
f1878d0214 Allow systemui_app to access Nfc service am: 178e94cb81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020017

Change-Id: Ic8ab756c17663c0b1aae72d85908f4bc80e4980d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 00:26:01 +00:00
George Chang
74937b19bb Allow systemui_app to access Nfc service am: 178e94cb81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23020017

Change-Id: Ia2a718ce595dbb51c0a4b7fac05a8f5053547b8a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-05 00:18:59 +00:00
Manali Bhutiyani
cf161d6ce3 [display-stats] enable pixelstats access to display metrics on Zuma devices. 
Bug: 259554507
Test: Build and boot on device
adb shell cmd stats print-stats | grep -i <atom-id>

Change-Id: Ifc47211063b98f727b3b0eb7f7ebd42e3c7bb99b
 2023-05-04 20:56:24 +00:00
George Chang
178e94cb81 Allow systemui_app to access Nfc service 
avc:  denied  { find } for pid=1867 uid=10249 name=nfc
scontext=u:r:systemui_app:s0:c249,c256,c512,c768
tcontext=u:object_r:nfc_service:s0 tclass=service_manager
permissive=0

Bug: 280531969
Test: manually check nfc signal after battery share on
Change-Id: I7c9092388d031e8714b8f3f4738db77776c66326
 2023-05-04 09:52:14 +00:00
Kamal Shafi
e1464f8e53 Add tele sensor sepolicy permission 
Bug: 280370254
Test: build pass
Change-Id: If76c157e272f40159bcd6aac08d4b3bc88991338
 2023-05-04 09:18:55 +00:00
horngchuang
5e6e5b568b Add sepolicy permission of new camera components 
Bug: 279885244
Bug: 280392819
Test: Build and test for sensor denials
Change-Id: Ib29b0287bc52f9c0fe6e3c18c272e6593507371b
 2023-05-04 07:38:46 +00:00
Wilson Sung
e7a70d62b5 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 280706211
Bug: 280706292
Test: scanBugreport
Bug: 280706211
Bug: 280706610
Bug: 280705998
Test: scanAvcDeniedLogRightAfterReboot
Bug: 280706211
Change-Id: I67e0d2ec15b3ea057688644ba5c41c8fb5755128
 2023-05-04 12:40:51 +08:00
Android Build Coastguard Worker
5772fd0f40 Snap for 10063449 from ac8c60c304 to udc-qpr1-release 
Change-Id: If90ee866e89f5204f2b733d9727631126de3ef87
 2023-05-04 01:05:24 +00:00
Treehugger Robot
d72c289e0b Merge "Allow accessing dumpstate from hal_usb_impl" into udc-d1-dev am: b3c7fb06fa am: ac8c60c304 am: 7ad3d47236 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982957

Change-Id: I6f6c26fb61713553399179e964f049deeae2f1ca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 18:01:03 +00:00
Treehugger Robot
4bf45f603f Merge "Allow accessing dumpstate from hal_usb_impl" into udc-d1-dev am: b3c7fb06fa am: fdb7364a3f am: 1264a719b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982957

Change-Id: If0c30a3137e97a09df0b7cd9b8d64a4d8de6ceff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 18:00:22 +00:00
Treehugger Robot
7ad3d47236 Merge "Allow accessing dumpstate from hal_usb_impl" into udc-d1-dev am: b3c7fb06fa am: ac8c60c304 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982957

Change-Id: I6623db6db04055956236a97226b37f8c60048699
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 17:42:47 +00:00
Treehugger Robot
1264a719b2 Merge "Allow accessing dumpstate from hal_usb_impl" into udc-d1-dev am: b3c7fb06fa am: fdb7364a3f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982957

Change-Id: I4dda0a4a6255a32712d1a887f4f170424239d1f1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 17:15:36 +00:00
Treehugger Robot
ac8c60c304 Merge "Allow accessing dumpstate from hal_usb_impl" into udc-d1-dev am: b3c7fb06fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982957

Change-Id: I1b6f1c07f85fd304cd1e59d20f0fc0079735c5f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 16:15:25 +00:00
Treehugger Robot
fdb7364a3f Merge "Allow accessing dumpstate from hal_usb_impl" into udc-d1-dev am: b3c7fb06fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22982957

Change-Id: Ia74b455412d430da3ea5a3509d087d9c82aea521
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 16:12:47 +00:00
Treehugger Robot
b3c7fb06fa Merge "Allow accessing dumpstate from hal_usb_impl" into udc-d1-dev 2023-05-03 15:42:14 +00:00
Jack Wu
4a56279734 sepolicy: allows pixelstat to access pca file nodes am: 8d45937a38 am: 1c8f85fa7e am: b34c2e957d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22987856

Change-Id: Id98597ee67281e69d4969e24f3a87d6400dd58a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 15:33:56 +00:00
Jack Wu
06bd429e9e sepolicy: allows pixelstat to access pca file nodes am: 8d45937a38 am: 923f9f2f5e am: 4b33e0e2d2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22987856

Change-Id: I79ee04faddffa909f5529a81af5fdf68c3a2a879
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 15:33:44 +00:00
Jack Wu
b34c2e957d sepolicy: allows pixelstat to access pca file nodes am: 8d45937a38 am: 1c8f85fa7e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22987856

Change-Id: Ifba657a25364a02838ef4e240fa2d772d6d4c5a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 14:52:15 +00:00
Jack Wu
4b33e0e2d2 sepolicy: allows pixelstat to access pca file nodes am: 8d45937a38 am: 923f9f2f5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22987856

Change-Id: If4f9cd3914808ee66777d0414b64b7602bc265ef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 14:46:50 +00:00
Jack Wu
1c8f85fa7e sepolicy: allows pixelstat to access pca file nodes am: 8d45937a38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22987856

Change-Id: I78d5270e1c0b8f029e83aabd3b65887ede450ce0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 14:09:59 +00:00
Jack Wu
923f9f2f5e sepolicy: allows pixelstat to access pca file nodes am: 8d45937a38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22987856

Change-Id: I05c8ca4fcd1273a5636d9ccff229aff5ec0ae807
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 14:06:07 +00:00
Treehugger Robot
34e7665c6c Merge "Correct sepolicy permission for new UW cam EEPROM" into udc-d1-dev am: cdb62d5474 am: 0c354e937d am: e4f550ed1c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22896105

Change-Id: I2145c39003ed83e7a7cd17405e74461ef7e353ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 10:28:12 +00:00
Treehugger Robot
03abfd7621 Merge "Correct sepolicy permission for new UW cam EEPROM" into udc-d1-dev am: cdb62d5474 am: a43377782f am: 8efc7938fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22896105

Change-Id: Id34f927edf557c108df3e70acb5e8fe57ddae3d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 10:27:45 +00:00
Treehugger Robot
e4f550ed1c Merge "Correct sepolicy permission for new UW cam EEPROM" into udc-d1-dev am: cdb62d5474 am: 0c354e937d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22896105

Change-Id: Id5834959bb8cde414e0b141e771eea4aab8eb03f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 09:38:04 +00:00
Treehugger Robot
8efc7938fe Merge "Correct sepolicy permission for new UW cam EEPROM" into udc-d1-dev am: cdb62d5474 am: a43377782f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22896105

Change-Id: Ibbc0a6ed8476e8a046cc420e23e48e2546a3a5f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 09:35:58 +00:00
Jack Wu
8d45937a38 sepolicy: allows pixelstat to access pca file nodes 
Bug: 262520811
Test: no Permission denied while accessing the file node
Change-Id: I0b50d85ea7002c9ee16f4c34b472b45def7f374e
Signed-off-by: Jack Wu <wjack@google.com>
 2023-05-03 09:31:08 +00:00
Treehugger Robot
0c354e937d Merge "Correct sepolicy permission for new UW cam EEPROM" into udc-d1-dev am: cdb62d5474 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22896105

Change-Id: I64fa337c73cbb1759c7a1176a2590f18e154776e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 08:54:36 +00:00
Treehugger Robot
a43377782f Merge "Correct sepolicy permission for new UW cam EEPROM" into udc-d1-dev am: cdb62d5474 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22896105

Change-Id: Iad5319efdd82be6d1349fb7b4ec05b8bc17b500e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 08:54:01 +00:00
Treehugger Robot
cdb62d5474 Merge "Correct sepolicy permission for new UW cam EEPROM" into udc-d1-dev 2023-05-03 08:20:05 +00:00
Jinyoung Jeong
709ad06c0e [Zuma] Fix SeLinux error 
Bug: 280522410
Test: no denial logs found for com.google.android.euicc b/280522410#comment3
Change-Id: I2837a71548cc8c8125b982313e2645ec8c913921
 2023-05-03 07:44:44 +00:00
Horng Chuang
49e23f552f Merge "Add sepolicy permission for new svarog sensor" into udc-d1-dev am: 5a2189a5ae am: 9606b32ce9 am: ebcd1fecca 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22668237

Change-Id: I7b71429ad812f6bd1f07928e66380ca631bff3a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 05:49:22 +00:00
Horng Chuang
bf13c5b01c Merge "Add sepolicy permission for new svarog sensor" into udc-d1-dev am: 5a2189a5ae am: 0f17ef32db am: de56475f2b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22668237

Change-Id: Idc51f1cac6f6f8b441a90372de16d129c152c7ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 05:48:17 +00:00
Horng Chuang
ebcd1fecca Merge "Add sepolicy permission for new svarog sensor" into udc-d1-dev am: 5a2189a5ae am: 9606b32ce9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22668237

Change-Id: I57482bc0eb887ecd2a6140485f1a3d03a5483f12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 05:08:27 +00:00
Horng Chuang
de56475f2b Merge "Add sepolicy permission for new svarog sensor" into udc-d1-dev am: 5a2189a5ae am: 0f17ef32db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22668237

Change-Id: I7f14a667567093f3e9e7ebd24ee1dedbd5a7bd25
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 05:04:11 +00:00
Horng Chuang
9606b32ce9 Merge "Add sepolicy permission for new svarog sensor" into udc-d1-dev am: 5a2189a5ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22668237

Change-Id: Ia4563480915d19f6599399ce57597eb712187a16
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 04:25:39 +00:00
Horng Chuang
0f17ef32db Merge "Add sepolicy permission for new svarog sensor" into udc-d1-dev am: 5a2189a5ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22668237

Change-Id: I83d5b0218b54bcac0a31a34971f7f5b9c39879ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 04:22:11 +00:00
Horng Chuang
5a2189a5ae Merge "Add sepolicy permission for new svarog sensor" into udc-d1-dev 2023-05-03 03:26:50 +00:00
Kyle Tso
649f19fc94 Allow accessing dumpstate from hal_usb_impl 
Fix SELinux errors.

Bug: 267261163
Change-Id: I73a311d796eb520ede3849edc6384c965ec5c915
Signed-off-by: Kyle Tso <kyletso@google.com>
 2023-05-03 11:23:52 +08:00
Android Build Coastguard Worker
ea57b1ab64 Snap for 10054401 from a7d4318ac1 to udc-qpr1-release 
Change-Id: I44d523805171fafd0dd3bb79f2b717da59cc4518
 2023-05-03 01:08:10 +00:00
Tommy Kardach
b513278e45 Merge "Allow P23 Camera HAL to acquire wake locks" into udc-d1-dev am: 6bf3b733ac am: a7d4318ac1 am: 10521dfe0f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22915638

Change-Id: I33b7859141250dbc745a6b716984c9871997f85b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 00:11:29 +00:00
Tommy Kardach
b0b0a9080d Merge "Allow P23 Camera HAL to acquire wake locks" into udc-d1-dev am: 6bf3b733ac am: 1e317a26ad am: bf83401a50 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22915638

Change-Id: I14818b48d7d61617f236be906db75898fd192b52
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 00:11:11 +00:00
Tommy Kardach
10521dfe0f Merge "Allow P23 Camera HAL to acquire wake locks" into udc-d1-dev am: 6bf3b733ac am: a7d4318ac1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22915638

Change-Id: I78317225938c19725136299f757738fed6da02b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 23:32:22 +00:00
Tommy Kardach
bf83401a50 Merge "Allow P23 Camera HAL to acquire wake locks" into udc-d1-dev am: 6bf3b733ac am: 1e317a26ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22915638

Change-Id: I49341964a6bc10ab32b389e10c415d6d5be9d329
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 23:26:54 +00:00
Tommy Kardach
a7d4318ac1 Merge "Allow P23 Camera HAL to acquire wake locks" into udc-d1-dev am: 6bf3b733ac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22915638

Change-Id: I3a4788ae6efe73c132c5a8d2f6fcbeebb5c82eae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 22:48:37 +00:00
Tommy Kardach
1e317a26ad Merge "Allow P23 Camera HAL to acquire wake locks" into udc-d1-dev am: 6bf3b733ac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22915638

Change-Id: I2d66703cd4fe7ac51373bb704c441bf6282d561f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 22:45:42 +00:00
Tommy Kardach
6bf3b733ac Merge "Allow P23 Camera HAL to acquire wake locks" into udc-d1-dev 2023-05-02 22:23:36 +00:00
Tommy Kardach
659c17d428 Allow P23 Camera HAL to acquire wake locks 
Bug: 279977277
Test: mm && flash/test
Change-Id: I6150ccf788d5074ab9e2d29c6866c8a477a3ef71
 2023-05-02 17:25:51 +00:00
Dan Moore
ed888f3844 Merge "Allow sensor HAL access to thermal HAL" into udc-d1-dev am: 47eea99fb2 am: 8ba8dc5097 am: c251120fc2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22932758

Change-Id: Ibb5c853bf5e8980f7bea5000e147062d2a4785c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 17:06:43 +00:00
Dan Moore
ce9357676d Merge "Allow sensor HAL access to thermal HAL" into udc-d1-dev am: 47eea99fb2 am: 57bea4ff01 am: b2af8c9026 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22932758

Change-Id: I4f63d020f599602fc01ee13647972315e358d463
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 17:05:44 +00:00
Dan Moore
c251120fc2 Merge "Allow sensor HAL access to thermal HAL" into udc-d1-dev am: 47eea99fb2 am: 8ba8dc5097 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22932758

Change-Id: Ic7476882fcbbd0043ff9b1a9b67cd032a87928ef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 16:25:35 +00:00
Dan Moore
b2af8c9026 Merge "Allow sensor HAL access to thermal HAL" into udc-d1-dev am: 47eea99fb2 am: 57bea4ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22932758

Change-Id: I82d0defed48c93832d061542bbd248bff9025d95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:58:45 +00:00
Dan Moore
8ba8dc5097 Merge "Allow sensor HAL access to thermal HAL" into udc-d1-dev am: 47eea99fb2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22932758

Change-Id: I822ba6f4c418963fc92c4673337d47a29a81c07e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:41:10 +00:00
Dan Moore
57bea4ff01 Merge "Allow sensor HAL access to thermal HAL" into udc-d1-dev am: 47eea99fb2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22932758

Change-Id: I3f450687c9be51b9c1d9cb7cb691f6535e011004
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 15:36:56 +00:00
Dan Moore
47eea99fb2 Merge "Allow sensor HAL access to thermal HAL" into udc-d1-dev 2023-05-02 15:00:31 +00:00
Treehugger Robot
090b5bf423 Merge "Remove obsolete tracking entry" into udc-d1-dev am: 11ea9b76d6 am: 6b61366417 am: ce08ec5dde 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880900

Change-Id: I3cf050155e95687a736938f1f8ffcda81ddb6fff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:58:15 +00:00
Treehugger Robot
b6eb5414de Merge "Enforce fastbootd" into udc-d1-dev am: 470eda92e4 am: 03f88f77fc am: 3998123e08 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22649706

Change-Id: Ib4db279f8ea2330ef48030bbd0c0bf60d136ab8f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:49:08 +00:00
Treehugger Robot
46ce2b9dde Merge "sepolicy: ignore avc denial" into udc-d1-dev am: 5c70865797 am: dc5aac4409 am: 09de29827f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246611

Change-Id: I35f50cd6baf3817034ef0a23356f4e8c8d62c371
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:48:59 +00:00
Treehugger Robot
3d7010fa58 Merge "Remove obsolete tracking entry" into udc-d1-dev am: 11ea9b76d6 am: 8c3cc91d38 am: cad6bbdd01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880900

Change-Id: Iaad34aecc6b29f95dc4fd43333b8c9a05f4ffba1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:46:03 +00:00
Treehugger Robot
66f77bbb93 Merge "Enforce fastbootd" into udc-d1-dev am: 470eda92e4 am: bbfbf90c71 am: e2fea4a565 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22649706

Change-Id: I26df5d3c976f239975c96ba86c62aab9b8962519
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:45:49 +00:00
Treehugger Robot
6cb57dd371 Merge "sepolicy: ignore avc denial" into udc-d1-dev am: 5c70865797 am: 222413abe5 am: 28ba80bbfa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246611

Change-Id: I4e8c905d653469e84fb2062c9ae74027566c96c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:39:24 +00:00
Tom Huang
b3e504c77d Merge "Add hidraw device sepolicy for headtracking" into udc-d1-dev am: dd5df5791f am: a903ddebb1 am: 27de572652 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874908

Change-Id: I84550bb12e25219599eb8fbb85ecdea1e4f205b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 14:26:14 +00:00
Tom Huang
8fde4edfbf Merge "Add hidraw device sepolicy for headtracking" into udc-d1-dev am: dd5df5791f am: 5c0053c5ec am: 34dd9a81d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874908

Change-Id: Id094f59aa2876b5742ae239f0f546ca9cda868e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 12:37:13 +00:00
Treehugger Robot
ce08ec5dde Merge "Remove obsolete tracking entry" into udc-d1-dev am: 11ea9b76d6 am: 6b61366417 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880900

Change-Id: Ie96e5b88dd1230c8530ac7b3272b077d24df9a4c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:54:17 +00:00
Treehugger Robot
3998123e08 Merge "Enforce fastbootd" into udc-d1-dev am: 470eda92e4 am: 03f88f77fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22649706

Change-Id: Ia2106df0f80ac1a25bc3b9271f7b53495e0f53c0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:54:06 +00:00
Treehugger Robot
09de29827f Merge "sepolicy: ignore avc denial" into udc-d1-dev am: 5c70865797 am: dc5aac4409 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246611

Change-Id: If11c5d673b84ffb5d7f42ec3c8d7aeb8bc828dc6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:52:16 +00:00
Treehugger Robot
cad6bbdd01 Merge "Remove obsolete tracking entry" into udc-d1-dev am: 11ea9b76d6 am: 8c3cc91d38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880900

Change-Id: I01c1a901400acb7d22db8737ac663aff5490aa1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:46:38 +00:00
Treehugger Robot
e2fea4a565 Merge "Enforce fastbootd" into udc-d1-dev am: 470eda92e4 am: bbfbf90c71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22649706

Change-Id: Ic50fe5b40461df6fac51b5a0a97ec479792c7cfa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:38:32 +00:00
Treehugger Robot
28ba80bbfa Merge "sepolicy: ignore avc denial" into udc-d1-dev am: 5c70865797 am: 222413abe5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246611

Change-Id: Icee56690788d7ef2b5c354bb0903e21d568e8f96
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:34:32 +00:00
Tom Huang
27de572652 Merge "Add hidraw device sepolicy for headtracking" into udc-d1-dev am: dd5df5791f am: a903ddebb1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874908

Change-Id: I9a920c193d1bfbf9c91221a6ea868208c4e88c66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:33:00 +00:00
Tom Huang
34dd9a81d9 Merge "Add hidraw device sepolicy for headtracking" into udc-d1-dev am: dd5df5791f am: 5c0053c5ec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874908

Change-Id: Ia744b032d92be1de1b00ca1787fa446bba8606c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 10:29:49 +00:00
Treehugger Robot
6b61366417 Merge "Remove obsolete tracking entry" into udc-d1-dev am: 11ea9b76d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880900

Change-Id: I73a0f09e483cb91805b3530ab513ee39529f4146
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 09:40:27 +00:00
Treehugger Robot
03f88f77fc Merge "Enforce fastbootd" into udc-d1-dev am: 470eda92e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22649706

Change-Id: Ib41b87547cb4610fa30cbb49a79bf72e9944b7e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 09:34:22 +00:00
Treehugger Robot
dc5aac4409 Merge "sepolicy: ignore avc denial" into udc-d1-dev am: 5c70865797 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246611

Change-Id: Ia489a4cd3d15e82f6d506bacedcadb514367eb14
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 09:07:40 +00:00
Tom Huang
5c0053c5ec Merge "Add hidraw device sepolicy for headtracking" into udc-d1-dev am: dd5df5791f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874908

Change-Id: I4f083a33f9e8a5af927496df1189d1085f19e616
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 09:07:31 +00:00
Treehugger Robot
8c3cc91d38 Merge "Remove obsolete tracking entry" into udc-d1-dev am: 11ea9b76d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880900

Change-Id: Iea5e3f6a0f41992b26dd08419d2721278954adb2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 08:34:44 +00:00
Treehugger Robot
bbfbf90c71 Merge "Enforce fastbootd" into udc-d1-dev am: 470eda92e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22649706

Change-Id: I9c4a6ef2c0721d66241e5e5425b1cf4e44d34a26
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 08:33:43 +00:00
Treehugger Robot
222413abe5 Merge "sepolicy: ignore avc denial" into udc-d1-dev am: 5c70865797 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246611

Change-Id: I03cffa3b2f0ca4daef371d6316e06d9e3a9fce61
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 08:32:15 +00:00
Tom Huang
a903ddebb1 Merge "Add hidraw device sepolicy for headtracking" into udc-d1-dev am: dd5df5791f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874908

Change-Id: If5e1ad9871cf5612f6ff1ef78079c3fb95fcaf46
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-02 08:32:02 +00:00
Treehugger Robot
11ea9b76d6 Merge "Remove obsolete tracking entry" into udc-d1-dev 2023-05-02 07:12:52 +00:00
Treehugger Robot
470eda92e4 Merge "Enforce fastbootd" into udc-d1-dev 2023-05-02 04:54:37 +00:00
Treehugger Robot
5c70865797 Merge "sepolicy: ignore avc denial" into udc-d1-dev 2023-05-02 04:36:22 +00:00
Tom Huang
dd5df5791f Merge "Add hidraw device sepolicy for headtracking" into udc-d1-dev 2023-05-02 04:07:15 +00:00
Wilson Sung
8080b95d06 Enforce fastbootd 
Fix: 264489957
Test: flash and no related avc error
Change-Id: Ibf616a98e9341310e18db6dda27d86adbf24deac
 2023-05-02 11:42:59 +08:00
horngchuang
a6d7203408 Add sepolicy permission for new svarog sensor 
Bug: 278473644
Test: Build and test for sensor denials
Change-Id: I2816a2ada49d4369b975ac22693994cff5cd6aec
 2023-05-01 15:34:33 +00:00
Android Build Coastguard Worker
531ef9b71d Snap for 10037196 from fc8dcdd504 to udc-qpr1-release 
Change-Id: I6a9c84ed458a0c5b0d4afbe483a05238cb64a9b3
 2023-04-29 03:03:22 +00:00
Krzysztof Kosiński
a89fbcc4aa Merge "Enforce sepolicy for Google Camera App." into udc-d1-dev am: 9f7dec1023 am: fc8dcdd504 am: e5d28c14af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22908419

Change-Id: Ice868332c7434b81c2fccf6aa5d92a78ff6152d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-29 01:33:47 +00:00
Krzysztof Kosiński
1e74c58ae7 Merge "Enforce sepolicy for Google Camera App." into udc-d1-dev am: 9f7dec1023 am: bc2fb0e761 am: de77c8b0ac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22908419

Change-Id: I8bea0257ca6fbec1341283346e81c67748571fc3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-29 01:12:25 +00:00
Krzysztof Kosiński
e5d28c14af Merge "Enforce sepolicy for Google Camera App." into udc-d1-dev am: 9f7dec1023 am: fc8dcdd504 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22908419

Change-Id: I171cbff976edabed3891713dba286969db2da713
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 23:47:51 +00:00
Krzysztof Kosiński
de77c8b0ac Merge "Enforce sepolicy for Google Camera App." into udc-d1-dev am: 9f7dec1023 am: bc2fb0e761 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22908419

Change-Id: I4f8967f5656c83147282f036bd83e23eddccc363
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 23:42:25 +00:00
Krzysztof Kosiński
fc8dcdd504 Merge "Enforce sepolicy for Google Camera App." into udc-d1-dev am: 9f7dec1023 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22908419

Change-Id: I79336102f4c82c4971cddbaf5839becf9c8bc818
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 23:02:10 +00:00
Krzysztof Kosiński
bc2fb0e761 Merge "Enforce sepolicy for Google Camera App." into udc-d1-dev am: 9f7dec1023 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22908419

Change-Id: I871183bddb6cca48ce185235fcab8a8509959a48
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 23:00:27 +00:00
Krzysztof Kosiński
9f7dec1023 Merge "Enforce sepolicy for Google Camera App." into udc-d1-dev 2023-04-28 22:18:37 +00:00
Dan Moore
4a0259ff34 Allow sensor HAL access to thermal HAL 
The FIR temperature sensor must report an estimate of window temperature
so that the BTS SaMD can determine if the boundary condition between the
sensor and window is within accuracy specification.

Test: logcat previously reported access denied to thermal HAL. Access is
now granted and the Twindow elements are accessible.

Bug: 276738070
Change-Id: I72846053840e36ba8d3d59df9ba580c6c416e867
 2023-04-28 12:13:32 -04:00
martinwu
d038ba2c5d [TSV2] Add sepolicy for dumpstate to zip tcpdump into bugreport am: 09aaf3dfbc am: 149ac2a92e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22899260

Change-Id: I52c702454a0435c445b190138618b05e09d1704e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 08:09:08 +00:00
martinwu
149ac2a92e [TSV2] Add sepolicy for dumpstate to zip tcpdump into bugreport am: 09aaf3dfbc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22899260

Change-Id: I0a894186a7b618d703fb4aeefcac5e62d7e472f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 07:16:37 +00:00
Ted Wang
8831352474 Add sepolicy for aidl bt extension hal 
Bug: 274906319
Test: build pass and manual test
Change-Id: Id54796fec22e790a197255f2db4ba23b4a58212d
 2023-04-28 04:48:33 +00:00
Kamal Shafi
47f407fa8d Correct sepolicy permission for new UW cam EEPROM 
change imentet camera sensor EEPROM naming to its codename.

Bug: 279547216
Test: build pass
Change-Id: Ib831119318a0b4467f81f93c009a28831cebac25
 2023-04-28 02:56:30 +00:00
Android Build Coastguard Worker
072c6a9d90 Snap for 10017868 from 74494540d6 to udc-qpr1-release 
Change-Id: I91b9681c25ac4a3bfe72ed0ebb8cf5aae3a0fa77
 2023-04-28 01:08:01 +00:00
Krzysztof Kosiński
5b2134d5c5 Enforce sepolicy for Google Camera App. 
Added missing statement allowing GXP firmware access.

Bug: 264489778
Test: GCA smoke test in setenforce mode.
Change-Id: Ied2f675a2e11f7aebcf4e1e6ac49fc2e39dd2ecf
 2023-04-27 19:53:25 +00:00
Taeju Park
2a5fed4ac2 SELinux: allow to access GPU dvfs period change 
Bug: 258095095
Change-Id: I96a41371d70f32ed42de0597c74e87e192b6b55f
Signed-off-by: Taeju Park <taeju@google.com>
 2023-04-27 19:46:17 +00:00
Chungkai Mei
fdd0ef451e sepolicy: ignore avc denial 
ignore avc denial since it is debugfs

Bug: 271931921
Test: pass boot health check extra test https://android-build.googleplex.com/builds/abtd/run/L49300000960255489
Change-Id: Iceee4d347b5e90bce6d16054c6ee0c8091652a9b
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-04-27 14:24:40 +00:00
martinwu
09aaf3dfbc [TSV2] Add sepolicy for dumpstate to zip tcpdump into bugreport 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I45c894fa9378a7878bc853f7723162ebd6141115
 2023-04-27 13:47:34 +00:00
Bruno BELANYI
5613f731d3 [automerger skipped] Merge "Add ArmNN config sysprops SELinux rules" into udc-d1-dev am: 83087bd818 am: 9c4ffd3dd2 -s ours 
am skip reason: Merged-In I77b29468258520265e5f660452794aff068ca07d with SHA-1 aac79fd4d9 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22786211

Change-Id: I5b9727f38bb3f8462e7d0dc14df8568f1efdd3b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 09:19:44 +00:00
Bruno BELANYI
9c4ffd3dd2 Merge "Add ArmNN config sysprops SELinux rules" into udc-d1-dev am: 83087bd818 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22786211

Change-Id: I08085e0fb372ded139063aeedb3b7dd38e1da2c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 08:36:53 +00:00
Bruno BELANYI
83087bd818 Merge "Add ArmNN config sysprops SELinux rules" into udc-d1-dev 2023-04-27 08:06:48 +00:00
Carol Cheng
7d9bc8bb83 Merge "Revert "Add sepolicy for dumpstate to zip tcpdump into bugreport"" into udc-d1-dev am: bb1f0f25bb am: fd882830cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22891380

Change-Id: I15c39c2c43ac4266dd0791132a89dd8dff03fadb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:54:54 +00:00
Carol Cheng
fd882830cc Merge "Revert "Add sepolicy for dumpstate to zip tcpdump into bugreport"" into udc-d1-dev am: bb1f0f25bb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22891380

Change-Id: Ie0a44ba0d36b95a842a28b47d5a62f78cf30f6e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:11:50 +00:00
Carol Cheng
bb1f0f25bb Merge "Revert "Add sepolicy for dumpstate to zip tcpdump into bugreport"" into udc-d1-dev 2023-04-27 06:36:48 +00:00
Andrew Chant
4f15fe1b3c Merge "Use tof sensor codenames" into udc-d1-dev am: 6641141f91 am: ffa498bd79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22307463

Change-Id: Ia9f66a6de0435447964bbaca863318d44e0e889f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:41:14 +00:00
Treehugger Robot
4d1e793af4 Merge "Add sepolicy for dumpstate to zip tcpdump into bugreport" into udc-d1-dev am: fe27339606 am: 8a3c78df60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22838381

Change-Id: Idec32d0bb3f3f2d738049eaedf24eca3f209b307
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:40:48 +00:00
Kamal Shafi
36cf79f233 Add sepolicy permission for new UW camera am: eb22b7d648 am: fedde4710a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880541

Change-Id: I49afec0ddae190e345d286f2e267852a3698aef8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:38:58 +00:00
Martin Wu
4e2023c263 Revert "Add sepolicy for dumpstate to zip tcpdump into bugreport" 
Revert submission 22814097-Fix-tcpdump-sepolicy

Reason for revert: build break

Reverted changes: /q/submissionid:22814097-Fix-tcpdump-sepolicy

Change-Id: I795de89a17c5ccee702fa3a59af03d48d89fbaf2
 2023-04-27 02:21:00 +00:00
Andrew Chant
ffa498bd79 Merge "Use tof sensor codenames" into udc-d1-dev am: 6641141f91 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22307463

Change-Id: Ic8acdfb36ad3945c93bf336b91ef9cd2a69a8bd8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:20:37 +00:00
Andrew Chant
6641141f91 Merge "Use tof sensor codenames" into udc-d1-dev 2023-04-27 02:07:29 +00:00
Treehugger Robot
8a3c78df60 Merge "Add sepolicy for dumpstate to zip tcpdump into bugreport" into udc-d1-dev am: fe27339606 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22838381

Change-Id: I69f575b3857d391561c1f214833e28d3bee2eb30
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 01:56:24 +00:00
Kamal Shafi
fedde4710a Add sepolicy permission for new UW camera am: eb22b7d648 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880541

Change-Id: Icf6c3862d91bd7312bc822772314c2816b16f596
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 01:55:40 +00:00
Treehugger Robot
fe27339606 Merge "Add sepolicy for dumpstate to zip tcpdump into bugreport" into udc-d1-dev 2023-04-27 01:43:58 +00:00
martinwu
da1f9ffa79 Add sepolicy for dumpstate to zip tcpdump into bugreport 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I04ca96860c78baf24afd7deecff7dd4d470d9539
 2023-04-26 14:17:56 +00:00
Kamal Shafi
eb22b7d648 Add sepolicy permission for new UW camera 
sepolicy including imentet camera sensor and gt24p64e EEPROM

Bug: 277988592
Bug: 279547216
Test: build pass
Change-Id: I01e2bc558eba7cf03c11818d9c806e6053808fd1
 2023-04-26 11:32:33 +00:00
Wilson Sung
594771dd12 Update SELinux error am: 74494540d6 am: 3107cd8aa5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22873618

Change-Id: I1882d42b0eca2bb0fd198062f00db4e717faf4e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 10:46:39 +00:00
Wilson Sung
3107cd8aa5 Update SELinux error am: 74494540d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22873618

Change-Id: I624f57e7815c7617e8956de1f5144c3e167637c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 09:51:05 +00:00
kuanyuhuang
477d58d695 Add hidraw device sepolicy for headtracking 
Test: make and incoming HID data from Pixel Buds Pro
Bug: 276163506
Change-Id: I10833e215962ad007ad32a0d713e9b37ae888fdb
 2023-04-26 09:20:11 +00:00
Salmax Chang
5ddf0079c6 Remove obsolete tracking entry 
Bug: 264489567
Bug: 261651131
Change-Id: Ibf1116ea7b393f3c1e6eec0794e492b5dc2fd1ad
 2023-04-26 17:15:36 +08:00
Bruno BELANYI
61df5feff7 Add ArmNN config sysprops SELinux rules 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:aac79fd4d9bec6517b2932cfca1e1c84b7711cc8)
Merged-In: I77b29468258520265e5f660452794aff068ca07d
Change-Id: I77b29468258520265e5f660452794aff068ca07d
 2023-04-26 08:12:29 +00:00
Wilson Sung
74494540d6 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 279680070
Test: scanBugreport
Bug: 279680070
Bug: 279680213
Bug: 279680264
Test: scanAvcDeniedLogRightAfterReboot
Bug: 279680070
Change-Id: I0a5aadfed90377aeee60a15aaab212c7709d091a
 2023-04-26 15:10:44 +08:00
Treehugger Robot
76cbc04182 [automerger skipped] Merge "Remove 'hal_neuralnetworks_armnn' '/data' access exception" into udc-d1-dev am: 8ebffeef84 am: 74272bfe60 -s ours 
am skip reason: Merged-In I7bf68036522553a2919076fc6243a577086ffb3a with SHA-1 deec8fec9d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22786212

Change-Id: I87ce35d3098d0c9bdc52fc8b6db41d1a8b4295a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:54:51 +00:00
Treehugger Robot
d3bc092059 [automerger skipped] Merge "Remove hal_power_default bug from bug_map" into udc-d1-dev am: 8f8f545307 am: 381f2fb49e -s ours 
am skip reason: Merged-In I4ca6180ad286970d36ce204cd4c44e75962b26e0 with SHA-1 8051a8759a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22873619

Change-Id: I1c9fb11cbee8bc93980a90d15505d6ed8f63ce0e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:54:40 +00:00
Treehugger Robot
854774309b [automerger skipped] Merge "Remove old debug map entries." into udc-d1-dev am: 471a0c621a am: f69eaca047 -s ours 
am skip reason: Merged-In Ie47107328f58dc4f1d4070e93c0cd09e88cee021 with SHA-1 af3702bffd is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874902

Change-Id: I8be3c0783e0b0769000bb86896682a5cbb8f53df
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:54:10 +00:00
Joseph Jang
0ae77f1e35 Merge "Move recovery.te to device/google/gs-common/dauntless/sepolicy" into udc-d1-dev am: 49269dd7dc am: b777b6c4f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22787680

Change-Id: I40abdc7f4ac10caf84732c63845d863480fd4ecc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:52:59 +00:00
Treehugger Robot
74272bfe60 Merge "Remove 'hal_neuralnetworks_armnn' '/data' access exception" into udc-d1-dev am: 8ebffeef84 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22786212

Change-Id: If5fe6067ec2fcea498366aeb59feb5ab9f403e26
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:13:10 +00:00
Treehugger Robot
381f2fb49e Merge "Remove hal_power_default bug from bug_map" into udc-d1-dev am: 8f8f545307 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22873619

Change-Id: I592a54f761941a31cbbe69ba18e21bc2dc1f0a37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:12:34 +00:00
Treehugger Robot
f69eaca047 Merge "Remove old debug map entries." into udc-d1-dev am: 471a0c621a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22874902

Change-Id: I9b1d926ebd6a33269d3c2cf754eebf638cab7aec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:11:59 +00:00
Joseph Jang
b777b6c4f4 Merge "Move recovery.te to device/google/gs-common/dauntless/sepolicy" into udc-d1-dev am: 49269dd7dc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22787680

Change-Id: Iffe6499c41302c285d40c3d1fb9cd31aa5d5aa9d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:11:02 +00:00
Treehugger Robot
8ebffeef84 Merge "Remove 'hal_neuralnetworks_armnn' '/data' access exception" into udc-d1-dev 2023-04-26 05:07:41 +00:00
Treehugger Robot
8f8f545307 Merge "Remove hal_power_default bug from bug_map" into udc-d1-dev 2023-04-26 04:59:43 +00:00
Treehugger Robot
471a0c621a Merge "Remove old debug map entries." into udc-d1-dev 2023-04-26 04:59:25 +00:00
Joseph Jang
49269dd7dc Merge "Move recovery.te to device/google/gs-common/dauntless/sepolicy" into udc-d1-dev 2023-04-26 04:41:05 +00:00
Treehugger Robot
57eb37c05b Merge "Add sepolicy permission for new project" into udc-d1-dev am: dd9d69e132 am: b00e740e38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22839998

Change-Id: Id3c71d2796366c78ced9b77cc1003c32c9fb65f4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 03:57:50 +00:00
Treehugger Robot
37dc3a4e96 [automerger skipped] Merge "Remove dontaudit since read early_wakeup completed" into udc-d1-dev am: e94c391ebb am: 175d165ded -s ours 
am skip reason: Merged-In I6c058a1a85ada7e5d6eb1f8acafaac8231ae5329 with SHA-1 1d966a0db9 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22819356

Change-Id: I73aa286e861903150d9927c1da8f3c20ded5a56d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 03:55:32 +00:00
Treehugger Robot
500a72081b Merge "Allow InputProcessor HAL to read display resolution" into udc-d1-dev am: 0cdcdbf433 am: bb8e835b7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22830940

Change-Id: Iba66d9912e014cc60dabd9d50885d2ef2be5cfaf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 03:49:27 +00:00
Bruno BELANYI
f9d70ef1b2 Remove 'hal_neuralnetworks_armnn' '/data' access exception 
The mali driver has been configured not to look there anymore.

Fix: 205779871
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I7bf68036522553a2919076fc6243a577086ffb3a
Merged-In: I7bf68036522553a2919076fc6243a577086ffb3a
(cherry picked from commit deec8fec9d)
 2023-04-26 03:35:52 +00:00
Nicolas Geoffray
42b382da0c Remove old debug map entries. 
Fix: 264483352
Change-Id: Ie47107328f58dc4f1d4070e93c0cd09e88cee021
Merged-In: Ie47107328f58dc4f1d4070e93c0cd09e88cee021
(cherry picked from commit af3702bffd)
 2023-04-26 03:33:31 +00:00
Chungkai Mei
c01d4b7d9b Remove hal_power_default bug from bug_map 
SELinux errors are fixed and hence removing from bug map

Bug: 273638876
Test: Build and boot on device
Change-Id: I4ca6180ad286970d36ce204cd4c44e75962b26e0
Merged-In: I4ca6180ad286970d36ce204cd4c44e75962b26e0
Signed-off-by: Chungkai Mei <chungkai@google.com>
(cherry picked from commit 8051a8759a)
 2023-04-26 03:32:21 +00:00
Treehugger Robot
b00e740e38 Merge "Add sepolicy permission for new project" into udc-d1-dev am: dd9d69e132 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22839998

Change-Id: I3f8d423a56f4fa3c8305b0ecd6fc79715d716697
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 03:05:01 +00:00
Treehugger Robot
175d165ded Merge "Remove dontaudit since read early_wakeup completed" into udc-d1-dev am: e94c391ebb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22819356

Change-Id: Ia10e80313407c749bfd6018318878228d3786a99
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 03:04:45 +00:00
Treehugger Robot
bb8e835b7d Merge "Allow InputProcessor HAL to read display resolution" into udc-d1-dev am: 0cdcdbf433 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22830940

Change-Id: Ibda1fcc2bd040922d31e5bb9c24b2c2b7b84d8fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 03:02:20 +00:00
Treehugger Robot
dd9d69e132 Merge "Add sepolicy permission for new project" into udc-d1-dev 2023-04-26 02:34:56 +00:00
Treehugger Robot
e94c391ebb Merge "Remove dontaudit since read early_wakeup completed" into udc-d1-dev 2023-04-26 02:25:01 +00:00
Treehugger Robot
0cdcdbf433 Merge "Allow InputProcessor HAL to read display resolution" into udc-d1-dev 2023-04-26 02:19:40 +00:00
Lawrence Huang
e979543b99 Add net_domain for GCA on zuma devices 
Bug: 277097939

Change-Id: Iadfc1be5f9e6830693aed9d9b619815c7d1f9caf
 2023-04-26 01:41:33 +00:00
TreeHugger Robot
0c8288d278 Merge "Add memtrack" into udc-d1-dev am: d1c31b785d am: e23db371db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22780494

Change-Id: Ida509a8cc023577b896d3df8f60e15f61421cf13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 00:37:20 +00:00
timmyli
3a79d36619 Allow camera hal to access aoc device am: c09931ad38 am: 783a1cf431 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22735036

Change-Id: I707edf37cdecaf85e95cf459a83d97fbc583edcb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 00:10:16 +00:00
TreeHugger Robot
e23db371db Merge "Add memtrack" into udc-d1-dev am: d1c31b785d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22780494

Change-Id: Ide9394cba29e3efa76453ae917a8446d638c9922
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-25 22:25:02 +00:00
TreeHugger Robot
d1c31b785d Merge "Add memtrack" into udc-d1-dev 2023-04-25 21:44:08 +00:00
timmyli
783a1cf431 Allow camera hal to access aoc device am: c09931ad38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22735036

Change-Id: I4d2ea0de7bbb0867859fad4a0bd8715fa437cdd6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-25 19:32:37 +00:00
Prasanna Prapancham
43abed40a0 Merge "add 8411 to logbuffer" 2023-04-25 18:06:51 +00:00
horngchuang
4c3cd890be Add sepolicy permission for new project 
Bug: 279542096
Test: Build and test for sensor denials
Change-Id: I3d6b7ce33e101bd9eeacefae128239af3512b67f
 2023-04-25 08:09:29 +00:00
Andrew Chant
55ef8a9026 Allow InputProcessor HAL to read display resolution 
Cherry-pick of Change I23285c21a82748c63fbe20988af42884b9261b66
from Siarhei Vishniakou <svv@google.com>:

Currently, there's no API to read the resolution from the system domain,
so the HAL has to read this from the sysprop provided by the display
code.

Allow the HAL to do so in this CL.

Bug: 236200710
Bug: 279510160
Change-Id: I449232d91533b6b9a40f2a6c4a91c511f5b38e3c
 2023-04-24 16:59:04 -07:00
timmyli
c09931ad38 Allow camera hal to access aoc device 
Camera team needs to talk to aoc device in order to use libusf.
It will do this instead of talking to rlsservice. Soon, we can
remove rlsservice from the se policy for camera hal.

Bug: 277959222
Test: manual test, logs provided in comments
Change-Id: I7453fd94891dcc0c1c587bccb3bb6cff80f46e8b
 2023-04-24 20:05:57 +00:00
Chungkai Mei
97f5b3c87a Remove dontaudit since read early_wakeup completed 
The display file node, early_wakeup, just for trigger the worker for
display and it doesn't have meaningful read function. But PowerHAL read
all nodes and try to dump their valuesi while triggering bugreport. As
the read operation has been completed, so we can remove the clause.

07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:8): avc: denied { dac_read_search } for capability=2 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:9): avc: denied { dac_override } for capability=1 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0

Bug: 267261305
Test: Boot to home
Change-Id: I6c058a1a85ada7e5d6eb1f8acafaac8231ae5329
Merged-In: I6c058a1a85ada7e5d6eb1f8acafaac8231ae5329
Signed-off-by: Chungkai Mei <chungkai@google.com>
(cherry picked from commit 55d41f1a3e89b1f4d2525d9925e3319ef59e2705)
(cherry picked from commit 1d966a0db9)
 2023-04-24 17:21:53 +00:00
Chung-Kai (Michael) Mei
4a631e2fff Merge "Remove dontaudit since read early_wakeup completed" 2023-04-24 11:31:53 +00:00
Chungkai Mei
1d966a0db9 Remove dontaudit since read early_wakeup completed 
The display file node, early_wakeup, just for trigger the worker for
display and it doesn't have meaningful read function. But PowerHAL read
all nodes and try to dump their valuesi while triggering bugreport. As
the read operation has been completed, so we can remove the clause.

07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:8): avc: denied { dac_read_search } for capability=2 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:9): avc: denied { dac_override } for capability=1 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0

Bug: 267261305
Test: Boot to home
Change-Id: I6c058a1a85ada7e5d6eb1f8acafaac8231ae5329
Signed-off-by: Chungkai Mei <chungkai@google.com>
(cherry picked from commit 55d41f1a3e89b1f4d2525d9925e3319ef59e2705)
 2023-04-24 09:05:55 +00:00
Joseph Jang
6d754405ff Move recovery.te to device/google/gs-common/dauntless/sepolicy 
Bug: 279381809
Change-Id: Icb4f899d76e1a5e1d6f6f2cee4c1c7f46105338c
 2023-04-24 08:01:42 +00:00
Bruno BELANYI
d389b4a4f6 Remove 'hal_neuralnetworks_armnn' permissive rule 
Not needed after fixing the various violations that were raised in the
past.

Bug: b/264489188
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I9a5b5f916e3e188ea98646b23a43e5dec0cd8501
 2023-04-21 14:09:58 +00:00
Bruno BELANYI
1e587e4afe Merge "Remove 'hal_neuralnetworks_armnn' '/data' access exception" 2023-04-21 08:13:01 +00:00
Ankit Goyal
5e4db7517c Add memtrack 
Bug: 279108265
Test: dumpsys meminfo
Change-Id: Ib46c89811aa3aa1a5573076f9dc69e7222f56ea4
 2023-04-20 23:18:56 -07:00
Treehugger Robot
e08f641871 Merge "Add Ims process label" into udc-d1-dev am: d90ebc1fdb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22779319

Change-Id: I52dc0e8d8de887bf66cb999e70603f8d28f274dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 05:20:34 +00:00
Treehugger Robot
d90ebc1fdb Merge "Add Ims process label" into udc-d1-dev 2023-04-21 04:40:24 +00:00
Treehugger Robot
dcede81999 Merge changes from topic "260522202" into udc-d1-dev am: c84559a813 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22730572

Change-Id: Ibf95c8f590e37aa14370269a219ace06de9a8e82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 04:17:54 +00:00
Treehugger Robot
c84559a813 Merge changes from topic "260522202" into udc-d1-dev 
* changes:
  Remove untraceable rules
  Enforce installd
 2023-04-21 03:45:54 +00:00
Treehugger Robot
e91e9f18e0 Merge "Remove hal_uwb_default bug from bug_map" into udc-d1-dev am: a8fe91bc3c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22736521

Change-Id: Ibf78ae7f2c2d499f2f7a1a538dee1bfd856bd87c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 03:42:59 +00:00
Treehugger Robot
e2411c21e5 Merge "zuma: Allow GRIL Service to access radio_vendor_data_file" into udc-d1-dev am: c3a5e6769c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22756016

Change-Id: I3380b64ba2698e35632dabfa74ca15c9e3d1f8ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 03:38:54 +00:00
Wilson Sung
e4e854fcd9 Add Ims process label 
Bug: 260522282
Test: boot-to-home, no avc error
Change-Id: I8f3c7c64ecace4ca7ddd69275a093606a8492204
 2023-04-21 03:38:17 +00:00
Treehugger Robot
a8fe91bc3c Merge "Remove hal_uwb_default bug from bug_map" into udc-d1-dev 2023-04-21 03:08:00 +00:00
Treehugger Robot
c3a5e6769c Merge "zuma: Allow GRIL Service to access radio_vendor_data_file" into udc-d1-dev 2023-04-21 02:43:46 +00:00
Treehugger Robot
b9844f4b7b Merge "ril: dump radio hal from user build." into udc-d1-dev am: 0f96c2225e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22756017

Change-Id: I6beb5198003d07bad5be793dd314b22e318c9ae8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 02:34:19 +00:00
Treehugger Robot
0f96c2225e Merge "ril: dump radio hal from user build." into udc-d1-dev 2023-04-21 01:49:54 +00:00
Ankit Goyal
33999737a0 Merge "Mark video secure devices as default dmabuf heaps" into udc-d1-dev am: 2f30e8ca85 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22743596

Change-Id: Iae3c3b2e55eb6dd245beb941d2a935d695a0939c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 17:44:04 +00:00
Prasanna Prapancham
c1715483d1 add 8411 to logbuffer 
Test: Flash local build and collect bugreport
Bug: 277799048
Change-Id: I877a91999a2f17df5ea90d3d2257b93bfd67e8e6
Signed-off-by: Prasanna Prapancham <prapancham@google.com>
 2023-04-20 17:43:30 +00:00
Chung-Kai (Michael) Mei
508f8b54a9 Merge "Remove hal_power_default bug from bug_map" 2023-04-20 17:25:23 +00:00
Ankit Goyal
2f30e8ca85 Merge "Mark video secure devices as default dmabuf heaps" into udc-d1-dev 2023-04-20 17:03:32 +00:00
Bruno BELANYI
deec8fec9d Remove 'hal_neuralnetworks_armnn' '/data' access exception 
The mali driver has been configured not to look there anymore.

Bug: b/205779871
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I7bf68036522553a2919076fc6243a577086ffb3a
 2023-04-20 09:15:44 +00:00
Bruno BELANYI
2278f4d99c Merge changes from topic "armnn-sysprops" 
* changes:
  Remove 'hal_neuralnetworks_armnn' sysprop exceptions
  Add ArmNN config sysprops SELinux rules
 2023-04-20 08:14:04 +00:00
Chungkai Mei
8051a8759a Remove hal_power_default bug from bug_map 
SELinux errors are fixed and hence removing from bug map

Bug: 273638876
Test: Build and boot on device
Change-Id: I4ca6180ad286970d36ce204cd4c44e75962b26e0
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-04-20 07:47:15 +00:00
Wilson Sung
6669da5b31 Merge "Enforce odrefresh" into udc-d1-dev am: 40c682640f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22699043

Change-Id: Ib318c133136aa341627fc39da98a78d104c15578
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 04:49:40 +00:00
Wilson Sung
40c682640f Merge "Enforce odrefresh" into udc-d1-dev 2023-04-20 04:06:05 +00:00
Tim Lin
54bb68984a ril: dump radio hal from user build. 
Sync from ag/17155484

To get radio hal debug info on user build as we do on previous Pixels.

Bug: 278477468
Test: Trigger bugreport on USERDEBUG with dumpstate.unroot set
to true and check IRadio log

Change-Id: Ic9dd8357eb326d5c5f03b16408b7ba0a5e5f5818
(cherry picked from commit e08be6ab76327511002ebd343bda13a2fcc1434d)
 2023-04-20 03:40:59 +00:00
kadirpili
92636953cf zuma: Allow GRIL Service to access radio_vendor_data_file 
Bug: 274737512
Change-Id: I90c008172af7bd0d8b7bf2b214f422c4165f3769
(cherry picked from commit 5c31a6f55ac18dd941e50b455c38a37efa12354f)
 2023-04-20 03:37:22 +00:00
Wilson Sung
0d1a725348 Merge changes from topic "260522282" into udc-d1-dev am: f4a5867e2a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22746525

Change-Id: I8e0630c0d343ad857d7f67d7a743ef41708ecbcf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 03:26:37 +00:00
Wilson Sung
f4a5867e2a Merge changes from topic "260522282" into udc-d1-dev 
* changes:
  Revert^2 "Enforce priv_app"
  Label ims_remote_app and rcs_service_app
 2023-04-20 02:46:06 +00:00
Treehugger Robot
6dba4fa8b3 Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev am: b51385226b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22743594

Change-Id: I0529653e75ab3bbe0815a7b9eeef4f0a5db0849f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 21:12:32 +00:00
Treehugger Robot
b51385226b Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev 2023-04-19 20:02:33 +00:00
Ankit Goyal
ded9266dd4 Mark video secure devices as default dmabuf heaps 
Mali driver (and codec HAL as well) require direct access to video
secure dmabuf devices. Mali driver being an SP-HAL cannot explicitly
write blanket rules for all the scontext. So, we piggyback on
dmabuf_system_secure_heap_device to allow all scontext to be able to use
these device nodes.

This is just as secure as dmabuf_system_secure_heap_device in that case.
There is no additional security impact. An app can still use gralloc to
allocate buffers from these heaps and disallowing access to these heaps
to the intended users.

Fix: 278823239
Fix: 278513588
Fix: 275646321
Test: dEQP-VK.memory.allocation
Change-Id: I01a2730fc222efe94d4e48e7ee4c317aa65f0064
 2023-04-19 19:48:38 +00:00
Edmond Chung
57d920f582 Camera: Allow rw access to TEE devices 
This is to enable face authentication on P23 devices.

Bug: 278898746
Test: Build, face authentication
Change-Id: I75311770a9780e0d97a9240b589e4e4cd9e2dc56
 2023-04-19 11:18:14 -07:00
Wilson Sung
dc75da30a1 Revert^2 "Enforce priv_app" 
This reverts commit 61a95fc71a.

Fix: 260522282
Change-Id: I0d5dd994d3acacfee854ae27669358cfc2c249fc
 2023-04-20 00:14:18 +08:00
Wilson Sung
ab9b7f7609 Label ims_remote_app and rcs_service_app 
Bug: 260522282
Change-Id: I4bf27e30eda51794d2047da9ca17044632ec3786
 2023-04-20 00:13:52 +08:00
Wilson Sung
5394ad595e Remove untraceable rules 
avc: denied  { quotaget } for  comm="binder:1312_1" scontext=u:r:installd:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=0
Test: boot to home
Bug: 196916111
Bug: 264490035
Change-Id: Iec3dd7161bb788d81fe8034f3471ece0dfde7e0d
 2023-04-19 23:53:54 +08:00
Bruno BELANYI
ee5198a28b Remove 'hal_neuralnetworks_armnn' sysprop exceptions 
Bug: b/205202540
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I8d85820cf4534b3e7d93eae6f16c750c49929c4a
 2023-04-19 11:32:52 +00:00
Bruno BELANYI
aac79fd4d9 Add ArmNN config sysprops SELinux rules 
Bug: b/205202540
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I77b29468258520265e5f660452794aff068ca07d
 2023-04-19 11:32:48 +00:00
Rex Lin
814652dc6d Remove hal_uwb_default bug from bug_map 
SELinux errors are fixed and hence removing from bug map

Bug: 273639365
Test: Build and boot on device
Change-Id: I3a1ad3066840b507553b9365239673f6126b8ec6
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-04-19 14:54:11 +08:00
Wilson Sung
7ebc1ab0d5 Enforce installd 
Fix: 260522202
Fix: 264490035
Test: Boot-to-home, no avc error
Change-Id: I2ec5a2771c53dcc520a2ea229f093d354b5c80fd
 2023-04-19 12:41:35 +08:00
Alan Chen
37bbafbe50 Merge "Remove dontaudit for hal_radioext_default to service_manager." into udc-d1-dev am: c1f8b7a872 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22694673

Change-Id: I884961bf28e23827172fc99f0a7801069339041d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 03:38:33 +00:00
Alan Chen
c1f8b7a872 Merge "Remove dontaudit for hal_radioext_default to service_manager." into udc-d1-dev 2023-04-19 03:04:57 +00:00
Treehugger Robot
800ccb62a9 Merge "Enforce sepolicy for camera HAL." into udc-d1-dev am: 16f461a2cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22702266

Change-Id: Ie10e87182ba8bcce515b639c82addc5c8a5fada4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 23:43:23 +00:00
Treehugger Robot
16f461a2cf Merge "Enforce sepolicy for camera HAL." into udc-d1-dev 2023-04-18 23:18:00 +00:00
Dave Mankoff
73cb48bef6 Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev am: 633f19376e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22603639

Change-Id: I39974b746d4bddff960fcad6ff2ecb7047615360
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 18:30:03 +00:00
Jonglin Lee
2fb28513a0 Merge "Revert "Enforce priv_app"" into udc-d1-dev am: 8da235e022 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22714010

Change-Id: I4712310d5e88de3b4ebeef37c754f1995334c8e7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 18:25:09 +00:00
Dave Mankoff
633f19376e Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev 2023-04-18 17:50:42 +00:00
Jonglin Lee
8da235e022 Merge "Revert "Enforce priv_app"" into udc-d1-dev 2023-04-18 17:50:13 +00:00
Jonglin Lee
61a95fc71a Revert "Enforce priv_app" 
This reverts commit af0ad04c3c.

Reason for revert: RescueParty crash due to com.shannon.rcsservice crash

Bug: 278735899
Change-Id: I5bf91b077c23c63de728657bd9adb5623b708d95
 2023-04-18 17:41:27 +00:00
Alan Chen
63f54f0a3a Remove dontaudit for hal_radioext_default to service_manager. 
The fix has been merged in the topic of ag/21956466 so this dontaudit line can be removed.

Test: manual
Bug: b/275646098

Change-Id: I95c25ffc926e48e589b7636beca1bef9583861d0
 2023-04-18 17:47:09 +08:00
Krzysztof Kosiński
3f0d2fc09d Enforce sepolicy for camera HAL. 
Bug: 264489778
Test: GCA smoke test on Zuma device
Change-Id: Icaa7c94ab264d496840d33d970e5a87123b31c36
 2023-04-18 09:02:32 +00:00
Wilson Sung
c7104d20ea Enforce odrefresh 
Bug: 254378739
Test: boot-to-home, no avc error
Change-Id: I2bd8af071a7296d77f9c1d85647124cdc9835709
 2023-04-18 16:30:35 +08:00
Kah Xuan Lim
5307e11804 Merge "Modem ML: Grant access to modem ML data dir" into udc-d1-dev am: 6c2b1f2590 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573645

Change-Id: Iad41f25a9f8850a7126342c53dac4caf18c3e5c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 05:47:51 +00:00
Kah Xuan Lim
6c2b1f2590 Merge "Modem ML: Grant access to modem ML data dir" into udc-d1-dev 2023-04-18 05:15:21 +00:00
Treehugger Robot
8f087633f6 Merge "Enforce priv_app" into udc-d1-dev am: 4d7b687f9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22639490

Change-Id: I16e602f40c31fb56b2eb536f024844af955a1a4e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 17:29:48 +00:00
Treehugger Robot
4d7b687f9d Merge "Enforce priv_app" into udc-d1-dev 2023-04-17 16:56:56 +00:00
Dave Mankoff
78b9dcdb69 Give SystemUI access to necessary selinux properties. 
Other errors mentioned in the bugs are already absent.

Fixes: 269964574
Fixes: 272628396
Fixes: 272628174
Test: built and flash device. No selinux errors printed.
Change-Id: Ic285b1f5a2ce6973899011a7c6a596e807c3e933
 2023-04-17 14:28:59 +00:00
Bruno BELANYI
33c0bf3aad Merge "Move ARM runtime option SELinux rules out of 'legacy/'" into udc-d1-dev am: ac239dd97d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22627129

Change-Id: Id46dee4c6dfc14fc86748fc88dc5ef96a0b0f708
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:27:59 +00:00
Bruno BELANYI
905a545184 Merge "Use restricted vendor property for ARM runtime options" into udc-d1-dev am: d217ae19cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22627127

Change-Id: If670a7a869d2642c96d5f89b03dda2fce22f9519
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:27:20 +00:00
Jenny Ho
cddf77cdac Merge "sepolicy: fix charger_vendor permission denied" into udc-d1-dev am: 2e3228660e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22606969

Change-Id: Ifcf4b4a1f1654519eb756d658d0d1a14c5495e16
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:26:46 +00:00
Bruno BELANYI
ac239dd97d Merge "Move ARM runtime option SELinux rules out of 'legacy/'" into udc-d1-dev 2023-04-17 11:00:08 +00:00
Bruno BELANYI
d217ae19cb Merge "Use restricted vendor property for ARM runtime options" into udc-d1-dev 2023-04-17 10:59:23 +00:00
Jenny Ho
2e3228660e Merge "sepolicy: fix charger_vendor permission denied" into udc-d1-dev 2023-04-17 10:56:58 +00:00
Dinesh Yadav
56658f83ed Merge "Add se-policies for google_camera_app from pro" into udc-d1-dev am: 39b4b20545 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22414449

Change-Id: I1a7ccce3db7dee7e1b816af6a4703baa2f03ef3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 09:05:27 +00:00
Dinesh Yadav
39b4b20545 Merge "Add se-policies for google_camera_app from pro" into udc-d1-dev 2023-04-17 08:32:26 +00:00
Jenny Ho
6f201db16a sepolicy: fix charger_vendor permission denied 
type=1400 audit(1679973171.472:14): avc: denied { search } for comm="android.hardwar" name="vendor" dev="tmpfs" ino=2 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=0
type=1400 audit(1679973171.256:10): avc: denied { read } for comm="android.hardwar" name="stat" dev="sysfs" ino=67924 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0␍␊
type=1107 audit(1679973171.472:20): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.battery.defender.state pid=414 uid=1000 gid=1000 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=property_service permissive=0
type=1400 audit(1679973171.476:23): avc: denied { read } for comm="android.hardwar" name="u:object_r:vendor_battery_defender_prop:s0" dev="tmpfs" ino=356 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=file permissive=0
type=1400 audit(1679973171.472:21): avc: denied { write } for comm="android.hardwar" name="capacity" dev="sysfs" ino=74690 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=0
type=1400 audit(1679973171.476:32): avc: denied { read } for comm="android.hardwar" name="u:object_r:default_prop:s0" dev="tmpfs" ino=164 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
type=1400 audit(1681358719.792:6): avc:  denied  { search } for  comm="android.hardwar" name="/" dev="sda1" ino=3 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=0

Bug: 277898259
Change-Id: I055eaab6df7c4549cc3817aaec80b0f85ec3b475
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-04-17 07:24:32 +00:00
Treehugger Robot
e285b839db [automerger skipped] Merge "allow vendor_init to acces watermark_scale_factor" into udc-d1-dev am: cccb610bb4 -s ours 
am skip reason: Merged-In Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0 with SHA-1 2c2e198e61 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22624776

Change-Id: I1ece813be75b6e1efbd8232e337dd8ed83664f9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 03:41:53 +00:00
Martin Liu
761f9a44b8 [automerger skipped] allow vendor_init to acces watermark_scale_factor am: fe24903d2c -s ours 
am skip reason: Merged-In Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0 with SHA-1 2c2e198e61 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22624776

Change-Id: I622045022a29ceddf91d3a1a26fd4133571ef8ee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 03:41:51 +00:00
Treehugger Robot
cccb610bb4 Merge "allow vendor_init to acces watermark_scale_factor" into udc-d1-dev 2023-04-17 03:05:35 +00:00
Martin Liu
2c2e198e61 allow vendor_init to acces watermark_scale_factor 
Bug: 278075546
Test: boot
Change-Id: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-04-16 04:05:34 +00:00
Martin Liu
fe24903d2c allow vendor_init to acces watermark_scale_factor 
Bug: 278075546
Test: boot
Change-Id: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Merged-in: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-04-16 03:59:57 +00:00
Bruno BELANYI
cd905228d1 Move ARM runtime option SELinux rules out of 'legacy/' 
Addressing some review feedback on ag/22381542 about this folder being
removed in the future.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I8506da9b80fe060cd5093acafd58594e4db3341b
 2023-04-14 09:20:40 +00:00
Bruno BELANYI
1337c54005 Use restricted vendor property for ARM runtime options 
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I7f6f021378467484544cc3dbbe71a8e9e037cf98
 2023-04-14 08:33:48 +00:00
Treehugger Robot
224c260019 Merge "Enforce servicemanager" into udc-d1-dev am: 9ea22dde19 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22574729

Change-Id: If04b8697019e9388da37addb6f65f7d025a5becf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 04:35:17 +00:00
Dinesh Yadav
b8b2445251 Add se-policies for google_camera_app from pro 
- Found selinux violations on google_camera_app for these services which are fixed after these changes are included.

Bug: 264490031
Change-Id: Ib6f4a8a548425b0b98ed9b69edff6c973b9cbe3e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-04-14 03:59:03 +00:00
Treehugger Robot
9ea22dde19 Merge "Enforce servicemanager" into udc-d1-dev 2023-04-14 03:53:11 +00:00
TreeHugger Robot
065f1c5a75 Merge "Suppress bootanim behavior meant for Android Wear devices" into udc-d1-dev am: 89d4a4df13 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098965

Change-Id: I041686fffcd34b58026080c4e6538adfaf8a3407
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 03:46:21 +00:00
Treehugger Robot
bb79528e37 Merge changes Ie20be0af,Id9a80c47 into udc-d1-dev am: 2ac0374b22 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573649

Change-Id: Id5edbe1f2e6ef273387af77a257063a149150764
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 03:45:38 +00:00
Wilson Sung
af0ad04c3c Enforce priv_app 
Fix: 260366281
Fix: 260522282
Fix: 260768358
Fix: 260922442
Fix: 263185432
Fix: 264490074
Fix: 268572216
Change-Id: I2efbb1971c09506a7b1e0e5e0e3d22eda91018c1
 2023-04-14 03:34:46 +00:00
TreeHugger Robot
89d4a4df13 Merge "Suppress bootanim behavior meant for Android Wear devices" into udc-d1-dev 2023-04-14 03:19:53 +00:00
Treehugger Robot
2ac0374b22 Merge changes Ie20be0af,Id9a80c47 into udc-d1-dev 
* changes:
  Enforce rebalance_interrupts_vendor
  Enforce hwservicemanager
 2023-04-14 03:18:10 +00:00
Treehugger Robot
a04af8a730 Merge "Remove ofl_app selinux policy" into udc-d1-dev am: 224eebae32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22601630

Change-Id: I64cac9c1b589c2f5be6ac74b9339d6ee5f8af42a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 02:55:52 +00:00
Treehugger Robot
224eebae32 Merge "Remove ofl_app selinux policy" into udc-d1-dev 2023-04-14 02:11:22 +00:00
Treehugger Robot
e3fcb41f40 Merge "Update rules for android.hardware.secure_element-service.thales" into udc-d1-dev am: fde5823b6f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22601631

Change-Id: Ie60f65e8ee6f88a0f4f03fdb10c3caadf7865504
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 01:54:41 +00:00
Treehugger Robot
fde5823b6f Merge "Update rules for android.hardware.secure_element-service.thales" into udc-d1-dev 2023-04-14 01:21:56 +00:00
Ankit Goyal
d9655a4999 Add sepolicy for framebuffer-secure heap am: 9576cfaca7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21990547

Change-Id: I39b3df563b40fabb4ae836ecb196ca4ec3a20509
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 22:32:19 +00:00
Ankit Goyal
9576cfaca7 Add sepolicy for framebuffer-secure heap 
Bug: 245053092
Test: Secure video playback
Change-Id: I715ea5a4e9ee70ec2a022351b9e722a25bfb9f93
 2023-04-13 13:47:11 -07:00
Sayanna Chandula
e94b921ca4 Merge "thermal: enable pixelstats access to thermal metrics" into udc-d1-dev am: 34ff37262f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22559579

Change-Id: I3fb332012004c2e91b8bcc858dcfbdc12e5c8679
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:43:22 +00:00
Sayanna Chandula
34ff37262f Merge "thermal: enable pixelstats access to thermal metrics" into udc-d1-dev 2023-04-13 20:26:31 +00:00
Yixuan Wang
98bffc0a44 Merge "Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for chre" into udc-d1-dev am: 2c0e44805a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22613725

Change-Id: Ia79eb1e60a6fe53a2155874be0f83be644c1d9f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:18:36 +00:00
Yixuan Wang
2c0e44805a Merge "Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for chre" into udc-d1-dev 2023-04-13 19:38:38 +00:00
Joner Lin
0953a21581 Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev am: edd47032af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22271813

Change-Id: Ic19dd6a35e1288fc60400fc98825e3871129530d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 14:28:28 +00:00
Joner Lin
44155e103e Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev am: edd47032af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22271813

Change-Id: Ic8fa74d729ca69d7c051c19848b9a0113e23bac3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 14:26:11 +00:00
Joner Lin
edd47032af Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev 2023-04-13 13:57:32 +00:00
George
95d0a4b76f Update rules for android.hardware.secure_element-service.thales 
A new domain hal_secure_element_st54spi_aidl for AIDL HAL

Bug: 261566299
Test: run cts -m CtsOmapiTestCases
Test: atest VtsAidlHalNfcTargetTest
Change-Id: Id76a3f3337e2ee72031b39975eb010178855f36f
 2023-04-13 11:02:49 +00:00
Lily Lin
6f41705151 Remove ofl_app selinux policy 
OFLAgent is deprecated in ag/22504130. This CL is to remove ofl_app
selinux policy.

Bug: 224611871
Test: adb bugreport
Change-Id: I2264d79b8fe4084c3acd65db8f5384bb08216c5f
(cherry picked from commit 0fed5cc2b6cae6aebb411a58319474798d2fb25a)
 2023-04-13 10:49:13 +00:00
Yixuan Wang
1095231e38 Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for 
chre

[ 7.760870] type=1400 audit(1669944054.440:61): avc: denied { write } for comm="android.hardwar" name="chre" dev="tmpfs" ino=1099 scontext=u:r:hal_contexthub_default:s0 tcontext=u:object_r:chre_socket:s0 tclass=sock_file permissive=1
[ 12.519414] type=1400 audit(1669944059.196:138): avc: denied {connectto } for comm="android.hardwar" path="/dev/socket/chre"scontext=u:r:hal_contexthub_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1

Bug: 264489794
Bug: 261105224
Test: atest scanAvcDeniedLogRightAfterReboot
Change-Id: I7bf13913188deedc987f82e54626a18357ab84c5
 2023-04-13 06:43:41 +00:00
Wilson Sung
3df3008917 Suppress bootanim behavior meant for Android Wear devices 
Fix: 260522279
Test: boot-to-home and no bootanim avc error
Change-Id: I29d4168720887bc2f90d5f7ad20367887f9cae51
 2023-04-13 00:00:38 +00:00
Minchan Kim
2155fd3711 move vendor_cma_debugfs into gs-common am: a382f85f96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573601

Change-Id: I52c5fb3fe3a1d89d26fa547dd25cd57806cbfdc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 15:53:59 +00:00
Wilson Sung
5468e420e3 Enforce rebalance_interrupts_vendor 
Fix: 264489565
Test: boot-to-home
Change-Id: Ie20be0afe1a95b8cb512b57019539eb52948a155
 2023-04-12 22:58:13 +08:00
Wilson Sung
90f838f16f Enforce hwservicemanager 
Test: boot-to-home and no avc error
Fix: 264489781
Change-Id: Id9a80c478a2eae8472023f3bbcc514f30f5bfbab
 2023-04-12 22:32:46 +08:00
Wilson Sung
527f215d20 Enforce servicemanager 
Fix: 263429985
Fix: 264489962
Test: boot-to-home, no avc error
Change-Id: Ib3b0916bdbd09638f5b7b34f2d214690eed314ab
 2023-04-12 22:14:16 +08:00
Minchan Kim
a382f85f96 move vendor_cma_debugfs into gs-common 
The CMA dump is common feature for pixel devices so move
it to gs-common.

Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I46be7899939da3ae7e9323a0d3ee92f4b3759acf
Signed-off-by: Minchan Kim <minchan@google.com>
(cherry picked from commit afb8d91c5dd0df836c6c8a53963b44e23005efb7)
 2023-04-12 13:25:46 +00:00
Kah Xuan Lim
6e8c79e7db Modem ML: Grant access to modem ML data dir 
Bug: 229801544
Change-Id: Ia2e9c5a48ad935a49f3b8a9c6bceae3f4f833b4e
 2023-04-12 08:48:57 +00:00
Minchan Kim
11e5da54ef Merge "remove dump_cma" 2023-04-12 03:25:58 +00:00
Wilson Sung
bf1baa3448 Merge "Add recovery related policy" into udc-d1-dev am: 5bee37db26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22574699

Change-Id: Iafa23558e51dbc2608ff3158cd7b1259253f25cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 01:55:36 +00:00
Wilson Sung
5bee37db26 Merge "Add recovery related policy" into udc-d1-dev 2023-04-12 01:44:17 +00:00
Treehugger Robot
eefef62f70 Merge "Add btbcm wakelock node context" into udc-d1-dev am: bc7379022a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22572817

Change-Id: Ie49fcc84a41c924558050f7d4a283a915bc68b84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 01:40:12 +00:00
Minchan Kim
1b4fae5ce3 remove dump_cma 
We will introduce it into gs-common

Bug: 276901078
Change-Id: I56a0c67fb09563baacbabf738625bf748ab80378
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 01:22:08 +00:00
Treehugger Robot
bc7379022a Merge "Add btbcm wakelock node context" into udc-d1-dev 2023-04-12 00:32:46 +00:00
Wilson Sung
c2eedff70c Add recovery related policy 
Fix: 275143841
Fix: 264490092
Test: adb sideload and no avc error
Change-Id: I52003c9417560a6c5dab815a6929681710f0b0a4
 2023-04-12 03:46:54 +08:00
Wei Wang
87214b4c2c Merge "sepolicy: label bci and dsu max frequency" into udc-d1-dev am: 4cd8d2fef9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22497095

Change-Id: I27ceda44c1a2baeb2450c56cbfed0762b68274ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 17:05:18 +00:00
jonerlin
940b51e1e4 allow bthal to access vendor bluetooth folder 
Bug: 240636731
Test: enable vendor btsnoop property and check the vendor snoop log
Change-Id: Ib7c36e7398bdbe7abc2f3b2dba684f95a4ce90a8
 2023-04-11 17:01:40 +00:00
Wei Wang
4cd8d2fef9 Merge "sepolicy: label bci and dsu max frequency" into udc-d1-dev 2023-04-11 16:14:29 +00:00
Wilson Sung
2e19e54fe5 Add btbcm wakelock node context 
avc: denied { read } for name="wakeup178" dev="sysfs" ino=119871 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0

Bug: 277717252
Test: boot-to-home and no avc error
Change-Id: I82ed45ff6bf28c0cf2237098c54b6ead59c6c284
 2023-04-11 11:02:26 +00:00
Treehugger Robot
fb28384538 Merge "remove obsolete entries" into udc-d1-dev am: 32ec77111d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22563759

Change-Id: I2754b08406869ae6843b5bec4bf2cbe256de9657
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 04:36:46 +00:00
Wilson Sung
9e250f4a12 Allow update_engine to change slot am: 79b4b329f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22563758

Change-Id: I38ef79ff33c61540b5240e31a5b2309973c41185
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 04:36:20 +00:00
Treehugger Robot
32ec77111d Merge "remove obsolete entries" into udc-d1-dev 2023-04-11 04:23:40 +00:00
Adam Shih
e188582ba8 remove obsolete entries 
Bug: 264483390
Bug: 272166771
Bug: 264482983
Bug: 264600086
Bug: 264482983
Bug: 273638940
Test: adb bugreport
Change-Id: Ia89c409a20e6a4514c57389f82c57d8c265f1e81
 2023-04-11 11:23:17 +08:00
Wilson Sung
79b4b329f0 Allow update_engine to change slot 
Bug: 275143841
Change-Id: Id9e19ae74a32521ab083eff87e4e3e583f881bbb
 2023-04-11 11:03:12 +08:00
Ali K. Zadeh
1f56ec32b6 sepolicy: label bci and dsu max frequency 
Bug: 274005880
Test: powerhint is able to change the bci/dsu max frequency
Change-Id: I8d59450878ba8e349d7f797cc74f0f1cc00c6187
 2023-04-10 23:24:55 +00:00
Sayanna Chandula
0df51526da thermal: enable pixelstats access to thermal metrics 
Allow pixelstats daemon to access thermal metric nodes

Bug: 277625975
Test: Build and boot on device. Check DFS stats

Change-Id: I50d71d12f4f9d3a1b83a606ba6a7159c46ebec14
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2023-04-10 13:55:26 -07:00
Adam Shih
cfa00dfc88 enforce gmscore_app am: e5e6273048 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22548983

Change-Id: Ia16a967d75b19bbceaf83f7e7374fbabfab5ea12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-10 04:55:17 +00:00
Adam Shih
e5e6273048 enforce gmscore_app 
Bug: 259302023
Test: boot with no relevant errors
Change-Id: I61cb95224096dbc999bc3c8051a4e4c6ad700522
 2023-04-10 11:13:21 +08:00
Treehugger Robot
59030392be Merge "Revert "Revert "Enforce system ui app""" into udc-d1-dev am: 8da223020e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22527495

Change-Id: I32179cccc22c4b6963c9f7df8b9645d42e44e624
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-07 10:27:07 +00:00
Treehugger Robot
8da223020e Merge "Revert "Revert "Enforce system ui app""" into udc-d1-dev 2023-04-07 10:04:20 +00:00
Gina Ko
bb27434f22 Revert "Revert "Enforce system ui app"" 
This reverts commit eeeae0265a.

Reason for revert: b/274366326 was fixed

Change-Id: I9d9c4f4dd831aa80109cc53790f6b6491133fb42
 2023-04-07 08:46:00 +00:00
Wilson Sung
c5d73c373f update error on ROM 9900526 am: f2d0dbb66a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22525843

Change-Id: Ib30856b7e71a03fa949c1fd81cc9c6a051ac9073
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-07 08:26:17 +00:00
Wilson Sung
f2d0dbb66a update error on ROM 9900526 
Bug: 277155496
Bug: 277300017
Bug: 277300125
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I2a2f230589695b0240abb26909c94fd4cf2420bf
 2023-04-07 14:43:36 +08:00
Adam Shih
dea7ea0c6f comply with VTS requirements am: 22e1c0756a am: 7da5e7b6aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344148

Change-Id: I019acfcc549b09660adf3b0fadd3fdb28bc57241
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:35:58 +00:00
Adam Shih
e3c88c1277 comply with VTS requirements am: 22e1c0756a am: 46fd63b761 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344148

Change-Id: Ia94e551d31f068ed18f3e0bbc626eb544074e000
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:20:40 +00:00
Adam Shih
46fd63b761 comply with VTS requirements am: 22e1c0756a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344148

Change-Id: I02d1e5a2af5bb6d3009d2b7687dff6080f56724f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:08:17 +00:00
Adam Shih
7da5e7b6aa comply with VTS requirements am: 22e1c0756a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344148

Change-Id: I07f9f243f5157e406e34cdd97197e144f41197cb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:07:55 +00:00
Dinesh Yadav
0829947959 Merge "Allow google_camera_app to access edgetpu" into udc-d1-dev am: d9a75c1639 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286148

Change-Id: I46aa0db686e57dfcf9daaf7d302ec6754c86d630
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:06:08 +00:00
Dinesh Yadav
d9a75c1639 Merge "Allow google_camera_app to access edgetpu" into udc-d1-dev 2023-04-06 02:34:35 +00:00
Sayanna Chandula
bfef2f5cea Remove hal_thermal_default bug from bug_map am: 387145ed85 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22465501

Change-Id: Ie87df886d0451eb8aa9b3110b67fabaa11b28a76
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 00:22:02 +00:00
Sayanna Chandula
387145ed85 Remove hal_thermal_default bug from bug_map 
SELinux errors are fixed and hence removing from bug map

Bug: 272166987
Test: Build and boot on device

Change-Id: Ic0d314486a2ed6fbc1c4497b122827b17f5b9022
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2023-04-05 22:26:40 +00:00
Dinesh Yadav
478b11708f Allow google_camera_app to access edgetpu 
These permissions are needed by GCA-release & GCA-dogfood to access
edgetpu.

Bug: 264490031
Change-Id: Idd9dff906c86f9e83f1dc67698c23387e174d99c
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-04-04 06:11:47 +00:00
TreeHugger Robot
192019b3dc [automerger skipped] Merge "sepolicy: fix VTS failure for system suspend [RESTRICT AUTOMERGE]" into udc-d1-dev am: 8041addc24 -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22323886

Change-Id: I31e5f993af8aa0f0447b39a9e307bc08a08dbfda
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:53:22 +00:00
Darren Hsu
150006a5c5 [automerger skipped] sepolicy: fix VTS failure for system suspend [RESTRICT AUTOMERGE] am: bc15f1c8ee -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22323886

Change-Id: I7204f00718465596b3dee251f93273e699510094
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:53:21 +00:00
TreeHugger Robot
b99f943900 Merge "Add logd selinux allow permissions" into udc-d1-dev am: 4bb2e02b1c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22307864

Change-Id: I7f9a2c6d4af714625fb4d347c0988052d8f77852
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:17:02 +00:00
Adam Shih
22e1c0756a comply with VTS requirements 
Bug: 275142299
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default
Built pass on target-userdebug and aosp_target-userdebug

Change-Id: I6a114aa2aa92f7b06cfd5bbd1f73d34b5477b109
 2023-03-30 13:28:43 +08:00
TreeHugger Robot
8041addc24 Merge "sepolicy: fix VTS failure for system suspend [RESTRICT AUTOMERGE]" into udc-d1-dev 2023-03-30 01:52:41 +00:00
TreeHugger Robot
4bb2e02b1c Merge "Add logd selinux allow permissions" into udc-d1-dev 2023-03-30 01:44:29 +00:00
TreeHugger Robot
522e64b511 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-d1-dev am: 6cbdc36e1b -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22294472

Change-Id: I0fbb14762fd3b91b8223e9f366c00a80a9c16c31
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 16:52:08 +00:00
Adam Shih
5429ced32b [automerger skipped] Move pixel dumpstate to gs-common am: 036fb44a5d -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22294472

Change-Id: I59b9dce74ac2dca22869bbe927f75fa4cdc705fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 16:52:07 +00:00
TreeHugger Robot
6cbdc36e1b Merge "Move pixel dumpstate to gs-common" into udc-d1-dev 2023-03-29 16:06:45 +00:00
Darren Hsu
bc15f1c8ee sepolicy: fix VTS failure for system suspend [RESTRICT AUTOMERGE] 
Bug: 275143652
Test: run vts -m SuspendSepolicyTests
Change-Id: I7cb5fdb18e7b16d98961bfed11da21496e8fa026
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-29 18:46:56 +08:00
Donnie Pollitz
885a790f2d Add logd selinux allow permissions 
Bug: 261105354
Bug: 264489639
Test: Ran atest SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I377dbb3bbdecd6780c1bdfb3aab53ee3c754c163
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-29 09:24:47 +02:00
TreeHugger Robot
de4eba7c13 Merge "Update SELinux error" into udc-d1-dev am: 866b23080c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22328782

Change-Id: I03be4caa61b5a6f1d075cc3373df73ac1b58277b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 06:04:15 +00:00
TreeHugger Robot
866b23080c Merge "Update SELinux error" into udc-d1-dev 2023-03-29 05:35:51 +00:00
Wilson Sung
5227dfe6ab Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 275646098
Test: scanBugreport
Bug: 275646003
Test: scanAvcDeniedLogRightAfterReboot
Bug: 275645636
Change-Id: Iedd660e3937792d5ac58f384605300b39f6dfcb0
 2023-03-29 12:17:48 +08:00
Adam Shih
f69b2e8ea2 Merge "Revert "comply with VTS requirements"" into udc-dev am: 97c56013be am: 4c696710f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22328024

Change-Id: Ib367aa0cf7f745a9b1f7c186e7364402f3a6a109
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 03:39:30 +00:00
Adam Shih
6cd3c54b5c Merge "Revert "comply with VTS requirements"" into udc-dev am: 97c56013be am: b19966b929 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22328024

Change-Id: I3a4852f87c9e557f4b7275790c24013bf8412755
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 03:29:36 +00:00
TreeHugger Robot
b8afba5124 Merge "Keep name "dmabuf_system_secure_heap_device" for secure playback" into udc-d1-dev am: 83588e636f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22185170

Change-Id: I8ae4c6a6f1c4e63adddc3fcdea47143e0e5e22d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 03:27:57 +00:00
Adam Shih
4c696710f0 Merge "Revert "comply with VTS requirements"" into udc-dev am: 97c56013be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22328024

Change-Id: I203fbebe2e02e378bd452b7b7a49c33dbec8e079
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 03:12:09 +00:00
Adam Shih
b19966b929 Merge "Revert "comply with VTS requirements"" into udc-dev am: 97c56013be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22328024

Change-Id: Ic5841fefdd7576548fff66fc340259814e542df9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 03:12:09 +00:00
TreeHugger Robot
83588e636f Merge "Keep name "dmabuf_system_secure_heap_device" for secure playback" into udc-d1-dev 2023-03-29 02:56:22 +00:00
Adam Shih
97c56013be Merge "Revert "comply with VTS requirements"" into udc-dev 2023-03-29 02:49:09 +00:00
Adam Shih
a0b5162488 Revert "comply with VTS requirements" 
Revert submission 22302106-dumpstate aidl

Reason for revert: build failed on udc-d1-dev

Reverted changes: /q/submissionid:22302106-dumpstate+aidl

Change-Id: I6bd0ec81272827498ce36bee556fd89acc6b20ca
 2023-03-29 02:45:20 +00:00
Adam Shih
23df08855d Merge "comply with VTS requirements" into udc-dev am: 7cb203f3c2 am: a6e1f1d73a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22306662

Change-Id: Ic81ea0708a327ca91a9015f23f00eeb29eb136e3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 01:11:07 +00:00
Adam Shih
08f6892075 Merge "comply with VTS requirements" into udc-dev am: 7cb203f3c2 am: 026cb8d935 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22306662

Change-Id: I83f6834fbb0e0ce6341b55c7d5be42612b2baa84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:59:00 +00:00
TreeHugger Robot
a0beb1cf16 Merge "Allow bootctl to access trusty device" into udc-d1-dev am: 5d6157b523 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22307863

Change-Id: Icab0b0b06400d4b7c362813726b878d59a7d7f7c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:56:36 +00:00
Adam Shih
026cb8d935 Merge "comply with VTS requirements" into udc-dev am: 7cb203f3c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22306662

Change-Id: I03432b1457e7b251ac5f5f9d7e10e3b4485260cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:47:11 +00:00
Adam Shih
a6e1f1d73a Merge "comply with VTS requirements" into udc-dev am: 7cb203f3c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22306662

Change-Id: Idca826f6b8dbe93be52c40f3898d24e763d30f07
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:45:26 +00:00
TreeHugger Robot
5d6157b523 Merge "Allow bootctl to access trusty device" into udc-d1-dev 2023-03-29 00:00:55 +00:00
Adam Shih
7cb203f3c2 Merge "comply with VTS requirements" into udc-dev 2023-03-28 23:58:03 +00:00
Mingguang Xu
2adc8d37d1 Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c am: 203dd313e7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: I1033c49660ac5bec257a8d8865637689962ec493
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:42:42 +00:00
Mingguang Xu
afdff68774 Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c am: e283627fac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Id3525c06cc58f816eee7797145fbb301c4208ac7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:34:30 +00:00
Mingguang Xu
e283627fac Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Iac8bc11118a1c8f6f401f938039899f03bdeea95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:16:41 +00:00
Mingguang Xu
203dd313e7 Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Ib70d523bc36e1a789b003374207094f2eaf722d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:09:15 +00:00
Mingguang Xu
57e322c17c Merge "Add permissions to connect radioext to twoshay." into udc-dev 2023-03-28 23:03:46 +00:00
Feiyu Chen
65eaace67a Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 am: 719b7aae1f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: I6a52cb8f2237f500eeee0d74cfd587f31e2a500a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:47:43 +00:00
Feiyu Chen
67f06b0a3d Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 am: 02cc06b4ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: I7cd7a542c4d855dac45e34b698303e18847057f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:47:10 +00:00
Feiyu Chen
02cc06b4ab Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: Icf1b60bc90121ad358639abe52ea15b4b69bb652
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:19:09 +00:00
Feiyu Chen
719b7aae1f Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: Ia56751b481fd666dedec73f11ee2ee5ff7e4d088
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:18:37 +00:00
Feiyu Chen
2d34b0b1f6 Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev 2023-03-28 08:43:23 +00:00
Donnie Pollitz
74e0bf60c2 Allow bootctl to access trusty device 
Background:
* Boot Control needs to be able to blow AR fuses, which requires access
  to the OTP port on trusty.

Bug: 267714941
Test: AVC denial doesn't show up in log
Change-Id: I5635f2358b379ae0ffe882ca9ee162a455f554f0
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-28 09:58:16 +02:00
Jerry Huang
912984c964 Keep name "dmabuf_system_secure_heap_device" for secure playback 
Fixes the following denials:

03-13 14:31:22.796 W CodecLooper: type=1400 audit(0.0:284): avc: denied { read } for name="vstream-secure" dev="tmpfs" ino=865 scontext=u:r:untrusted_app_29:s0:c49,c257,c512,c768 tcontext=u:object_r:video_secure_heap_device:s0 tclass=chr_file permissive=0 app=com.google.android.exoplayer2.demo

03-13 14:31:22.796 I auditd  : type=1400 audit(0.0:281): avc: denied { read } for comm="CodecLooper" name="vstream-secure" dev="tmpfs" ino=865 scontext=u:r:untrusted_app_29:s0:c49,c257,c512,c768 tcontext=u:object_r:video_secure_heap_device:s0 tclass=chr_file permissive=0 app=com.google.android.exoplayer2.demo

03-14 15:01:48.069  1429  1429 W CodecLooper: type=1400 audit(0.0:1469): avc: denied { read } for name="vstream-secure" dev="tmpfs" ino=807 scontext=u:r:untrusted_app_32:s0:c65,c257,c512,c768 tcontext=u:object_r:video_secure_heap_device:s0 tclass=chr_file permissive=0 app=com.disney.disneyplus

Bug: 268197530
Test: secure playback
Change-Id: I09a24fcf03f1f66b4c85d3b3949f33ad0d0f8dac
 2023-03-28 15:04:43 +08:00
Boon Jun Soh
0a1cba518a Use tof sensor codenames 
Bug: 272224875
Test: Camera CTS + PTS + unittests
Change-Id: Iedd90e285364b28add7298bae7662efbac31474c
 2023-03-28 13:00:09 +08:00
Adam Shih
d4a7ff694a comply with VTS requirements 
Bug: 275142299
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default
Built pass on target-userdebug and aosp_target-userdebug

Change-Id: Ifd75afdf2365687eed9598f74dd4cf3241be2964
 2023-03-28 03:28:55 +00:00
RD Babiera
43d5907677 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 am: a82406ee28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: Ied2273b7d9bffe51d3b906d760aaa954180b3227
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:59:12 +00:00
RD Babiera
ed5d613e27 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 am: 865ef1e805 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: I35b47b485ac899b13a6ca98147cc7dd2c1beff12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:57:36 +00:00
RD Babiera
a82406ee28 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: I49798505d571f538127fc5d2b9474cce3992421c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:31:37 +00:00
RD Babiera
865ef1e805 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: Iedb29f8ec241721e91135decf31ad53c01033766
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:31:05 +00:00
RD Babiera
3616de2c26 Merge "Revert "comply with VTS requirements"" into udc-dev 2023-03-27 21:52:39 +00:00
RD Babiera
8720ececf1 Revert "comply with VTS requirements" 
Revert submission 22242215-dumpstate aidl

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_udc-d1-dev&target=aosp_husky-userdebug&lkgb=9826121&lkbb=9829863&fkbb=9826130, bug b/275279368.

Reverted changes: /q/submissionid:22242215-dumpstate+aidl

Change-Id: Ida32309c468074a5671c30aa28cf801c1695d786
 2023-03-27 20:58:33 +00:00
Adam Shih
036fb44a5d Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I10f98673ea507f841d9d3f33d737c4e73c1b5b19
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
(cherry picked from commit 8538fd33da)
 2023-03-27 17:57:22 +00:00
Wilson Sung
a25945ff17 Merge "Move OTA context out of legacy folder" into udc-d1-dev am: 98c7894070 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22242819

Change-Id: Ie1ea165a4183cb619dca8a669438beacfbde1009
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 14:47:06 +00:00
Wilson Sung
98c7894070 Merge "Move OTA context out of legacy folder" into udc-d1-dev 2023-03-27 14:27:28 +00:00
Wilson Sung
21226c4c24 Merge changes from topic "275143841" 
* changes:
  Merge "Move OTA context out of legacy folder" to master
  Move OTA context out of legacy folder
 2023-03-27 14:27:28 +00:00
Alan
afafafd8a4 Add permissions to connect radioext to twoshay. 
Connection through grilantennatuningservice binder call.

Test: manual
Bug: 258970389
Change-Id: I419b40042cce363428f72fa723adf89bcf269ef4
 2023-03-27 17:07:16 +08:00
Automerger Merge Worker
b6e575bbb2 Merge "Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 am: 08404c1181" 2023-03-27 06:52:04 +00:00
TreeHugger Robot
12221017f0 Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 am: 08404c1181 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I52343e61f01578236df06e1c0efba1546fbd1429
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:51:57 +00:00
TreeHugger Robot
495346b174 Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 am: 84aab225cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I9cb36c4f9964f2faed355e43c82c136e3672d6fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:51:51 +00:00
TreeHugger Robot
84aab225cf Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I0b9cf28cdfb549e2c3571e144f73f59d0004bc02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:27:52 +00:00
TreeHugger Robot
08404c1181 Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I989d12b888248ed584e108ab54b46023aa89d7a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:27:15 +00:00
TreeHugger Robot
c83e5be8d9 Merge "comply with VTS requirements" into udc-dev 2023-03-27 06:05:51 +00:00
Gina Ko
7a32ef8f12 Merge "Allow systemui to find cameraserver_service" into udc-d1-dev am: 5821d671f3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22270826

Change-Id: Id6c48fa93ffdf03e50925cec717fe971e6b63cb6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 05:57:43 +00:00
Gina Ko
5821d671f3 Merge "Allow systemui to find cameraserver_service" into udc-d1-dev 2023-03-27 05:32:14 +00:00
Neo Yu
69b786f1a1 Merge "Remove the bug of hal_radioext_default because the fix is merged." into udc-d1-dev am: e9aabf7e9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286082

Change-Id: I66001f37eb2bf0626f14fc3b92beb34ac77f6d00
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 04:46:22 +00:00
Neo Yu
e9aabf7e9e Merge "Remove the bug of hal_radioext_default because the fix is merged." into udc-d1-dev 2023-03-27 04:17:02 +00:00
Adam Shih
e124d5aea9 comply with VTS requirements 
Bug: 275036679
Bug: 275034315
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default

Change-Id: I1c89d7662351ffae5409c3f81b4360579fdc00ae
 2023-03-27 12:07:24 +08:00
Wilson Sung
c705e81227 Merge "Move OTA context out of legacy folder" to master 
Bug: 275143841
Test: OTA
Change-Id: I4774b7c48c075afc1b02d8c34fded212cd0efffb
 2023-03-27 11:46:05 +08:00
Wilson Sung
6acea9d647 Move OTA context out of legacy folder 
Bug: 275143841
Test: OTA
Change-Id: I4774b7c48c075afc1b02d8c34fded212cd0efffb
 2023-03-27 11:44:51 +08:00
Dinesh Yadav
81ad90854c Merge "Add certificate & label for GCA-ENG & GCA-Next" into udc-d1-dev am: 4a01ae23ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246482

Change-Id: Iee99f93a8a15d9f723d849f22565ce30ac552885
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:34:15 +00:00
Automerger Merge Worker
7f35172103 Merge "Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f am: bd22079636" 2023-03-27 03:33:59 +00:00
Neo Yu
d870375a14 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f am: bd22079636 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: Ib82e2caabcaea504cb673e1323795c728bbf3ead
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:33:56 +00:00
Neo Yu
879b137a93 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f am: 70749d1b96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: I5d6c405caddfb607f0ab094c82e6344b1579c042
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:33:53 +00:00
Dinesh Yadav
4a01ae23ad Merge "Add certificate & label for GCA-ENG & GCA-Next" into udc-d1-dev 2023-03-27 03:13:24 +00:00
Neo Yu
58ff635b67 Remove the bug of hal_radioext_default because the fix is merged. 
Bug: 274374768
Test: verify by test rom
Change-Id: Ia9665e5223997cf498f9320dfd0b1dbdacaae0b2
 2023-03-27 11:08:25 +08:00
Neo Yu
bd22079636 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: I0fb5f8c60d68f9b33af85531c2865db2a20c1c93
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:07:44 +00:00
Neo Yu
70749d1b96 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: I2d2a07056322f6971050e9299e17201b95773eaf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:07:31 +00:00
Neo Yu
5b1689534f Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev 2023-03-27 02:36:56 +00:00
Gina Ko
ce85639700 Allow systemui to find cameraserver_service 
avc:  denied  { find } for pid=2435 uid=10235 name=media.camera
scontext=u:r:systemui_app:s0:c235,c256,c512,c768
tcontext=u:object_r:cameraserver_service:s0 tclass=service_manager permissive=0

Bug: 272628174
Bug: 269964574
Bug: 274734888
Test: Manual. Able to turn on/off flashlight from QS.
Change-Id: Icedf70b06bd06eb5b819a00c9157b4f475e9a126
 2023-03-25 00:18:23 -07:00
feiyuchen
f0dc7907b0 Allow camera HAL to access edgetpu_app_service 
Today the EdgeTpu metrics logging library (used by EdgeTpu library used by camera HAL) has a dependency on edgetpu_app_service, in order to call its UserIsAuthorized API to know whether to log the metrics (We don't want to log metrics for 3P apps), see b/275016466.

This is not ideal, because strictly speaking, camera HAL doesn't need such dependency.

Still, this is fine and there is no security risk, because today even untrusted apps can call edgetpu_app_service: http://cs/android-internal/device/google/gs-common/edgetpu/sepolicy/untrusted_app_all.te;l=2;rcl=f4b62d12c171d4e294d8251e34197ab555c40673

Bug: 266084950
Test: Just mm
Change-Id: I6c0e4411370e4b300b9ceb3ad804688d873371cd
 2023-03-24 17:01:49 +00:00
Dinesh Yadav
84aa699ac8 Add certificate & label for GCA-ENG & GCA-Next 
This commit makes following changes:
- Add selinux policies for GCA-Eng & GCA-Next to access GXP device &
edgetpu services.
- Refactor code to push policies for Google Camera app from
legacy/whitechapel_pro/* to vendor/*

Tested:
- flashed both GCA-Eng & GCA-Next apps and observed no crashes due to gxp or edgetpu.
- scontext changed from "untrusted_app_32" to "debug_camera_app" in both cases.

Bug: 264490031
Change-Id: I51f69168eebd6c7e54e512b7abde8dd6bbe7c443
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-03-24 12:56:53 +00:00
Nicolas Geoffray
af3702bffd Remove old debug map entries. 
Bug: 264483352
Change-Id: Ie47107328f58dc4f1d4070e93c0cd09e88cee021
 2023-03-24 08:16:00 +00:00
Automerger Merge Worker
c9f1b9e1eb Merge changes from topic "am-d3a7fa5895ee4cec8bfdf44b308cc221" 
* changes:
  [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours am: d2ec06c722 -s ours
  [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours am: 24656c3354 -s ours
 2023-03-24 07:05:47 +00:00
Adam Shih
0253a82992 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours am: d2ec06c722 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Ibe3213924821184c0aaea408646a9fddf24fec28
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:36 +00:00
Adam Shih
a21760aee5 [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours am: 24656c3354 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Id56ab87ccba7c0554bcdf08f72d1989b3ba2204e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:35 +00:00
Adam Shih
6e634640d9 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours am: ebc5ee8dab -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: I9ac1838eccd3d571ca85855884e9542353d8e484
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:29 +00:00
Adam Shih
8ba9109c37 [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours am: 79ea18119e -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: If93f6a1a2ebba149bcb8f208a2d7bc84251876ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:27 +00:00
Adam Shih
ebc5ee8dab [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: I6d02ee84161d92b4b2723cf6b08ccc76bc51ab81
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:08 +00:00
Adam Shih
79ea18119e [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Ia5202a87a85fa610fc08f0b9ec8be23592c98585
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:07 +00:00
Adam Shih
d2ec06c722 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: I0318c2e1d5b68b41634d5a51528c0322718325da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:04 +00:00
Adam Shih
24656c3354 [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Iadaf733efce7927fe53d7228ccd8d088717cf45a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:03 +00:00
Adam Shih
2b921528f1 Merge "Move pixel dumpstate to gs-common" into udc-dev 2023-03-24 05:54:52 +00:00
TreeHugger Robot
36dba99911 Merge "Update SELinux error" into udc-d1-dev am: b5a5ffb5e7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236036

Change-Id: I9fefd92f37973c746ad518c6f5d74d993a310fec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 05:23:48 +00:00
Darren Hsu
fa57721d19 sepolicy: remove power stats from bug map am: 2965ba405c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236038

Change-Id: I4c17a46bc4749812b0a15f19e54c48edc42bd9c0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 05:23:35 +00:00
TreeHugger Robot
b5a5ffb5e7 Merge "Update SELinux error" into udc-d1-dev 2023-03-24 05:07:42 +00:00
Darren Hsu
2965ba405c sepolicy: remove power stats from bug map 
Bug: 272166847
Test: N/A
Change-Id: If920d18418f87f14a1826dbe061cef4632a9646f
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-24 11:43:42 +08:00
Wilson Sung
599f4f5382 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 275001641
Test: scanBugreport
Bug: 268566481
Test: scanAvcDeniedLogRightAfterReboot
Bug: 268566481
Change-Id: I5a7ea66483985b6ca99162666d155fef69d65360
 2023-03-24 11:11:17 +08:00
Automerger Merge Worker
5333bed98e Merge "Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 am: 4f15bf412d" 2023-03-24 03:09:25 +00:00
KRIS CHEN
30adddd3c0 Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 am: 4f15bf412d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: Ic65859abe754b1340d414fe471d74f959745e1ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 03:09:06 +00:00
KRIS CHEN
355457bf9d Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 am: 24b32ddd4c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: I0b1312780a03417859f9203ee8e1d34bca1ec2a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 03:09:02 +00:00
Adam Shih
8538fd33da Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I10f98673ea507f841d9d3f33d737c4e73c1b5b19
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
 2023-03-24 02:55:51 +00:00
KRIS CHEN
24b32ddd4c Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: I6fce057e9a6aef6d370bbf820818761fee8e615b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 02:41:38 +00:00
KRIS CHEN
4f15bf412d Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: Ic8a12d3e5a4d79ef5edbe17fc340c54760cf8998
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 02:41:26 +00:00
KRIS CHEN
dba88b81d3 Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev 2023-03-24 02:06:37 +00:00
Darren Hsu
1e254e01b3 Merge "Revert "Enforce system ui app"" into udc-d1-dev am: 128550da69 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22225579

Change-Id: Ica4b4787254f02f8c7fa361b238197918d1b4404
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 01:30:58 +00:00
Darren Hsu
128550da69 Merge "Revert "Enforce system ui app"" into udc-d1-dev 2023-03-24 00:48:36 +00:00
Dave Mankoff
eeeae0265a Revert "Enforce system ui app" 
This reverts commit ba953cdb9a.

Reason for revert: http://b/274366326#comment22. We can check this back in once we know what's going on.

Bug: 274366326
Bug: 264266705

Change-Id: I879cdec377e71af9142c82078bd3c022295c98c5
 2023-03-23 19:44:22 +00:00
neoyu
44ee5a2fb2 sepolicy: allow hal_radioext_default binder call with servicemanager 
avc: denied { call } for comm="binder:795_2" scontext=u:r:hal_radioext_default:s0 tcontext=u:r:servicemanager:s0 tclass=binder permissive=0

Bug: 274374768
Test: verify by test rom
Change-Id: I31cfbd234756fdc41663cec766f6b3bf23063bc7
 2023-03-24 02:30:44 +08:00
TreeHugger Robot
8aa4f265eb [automerger skipped] Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b am: e12572cc98 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 9844033c0a is already in history. Merged-In was found from reverted change.

Reverted change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: I90e20e3eb64f6fca00fd5818f923a9cc5fdf2a11
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 09:01:05 +00:00
Mark Chang
75f77b7bc6 Merge "Add IScreenProtectorDetectorService policy for systemui_app." into udc-d1-dev am: 3c027fdc6e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22197842

Change-Id: I084554e9af7107be6c13aace51cab06c4bf614b0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 09:00:24 +00:00
TreeHugger Robot
e646905a73 [automerger skipped] Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b am: 24536aa24c -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 9844033c0a is already in history. Merged-In was found from reverted change.

Reverted change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: I95db412852e139f1ddc4f3790d1ce65adcf87eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:59:54 +00:00
Mark Chang
3c027fdc6e Merge "Add IScreenProtectorDetectorService policy for systemui_app." into udc-d1-dev 2023-03-23 08:30:24 +00:00
TreeHugger Robot
e12572cc98 Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: Ie6930def51520969754a9f2235b02c8142b808aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:08:01 +00:00
TreeHugger Robot
24536aa24c Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: I3b6ed885d80985c85846b1ec6627c093ba94431f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:07:36 +00:00
TreeHugger Robot
48b6856587 Merge "sepolicy: label odpm paths for system suspend" into udc-d1-dev am: b76a3b6257 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22189946

Change-Id: I16131bd8b5cde5325378a6f22bca3042dd1fdf05
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 07:46:35 +00:00
Andy Hsu
88d801e092 Merge "Add SELinux policy to allow GCARelease and GCADogfood to access PowerHAL." into udc-d1-dev am: 93e86449e5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215364

Change-Id: Ic14bcd44370d4dc064537b2ac888677985d5cf12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 07:43:50 +00:00
TreeHugger Robot
3fae47e04b Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev 2023-03-23 07:24:01 +00:00
TreeHugger Robot
b76a3b6257 Merge "sepolicy: label odpm paths for system suspend" into udc-d1-dev 2023-03-23 07:19:55 +00:00
Andy Hsu
93e86449e5 Merge "Add SELinux policy to allow GCARelease and GCADogfood to access PowerHAL." into udc-d1-dev 2023-03-23 07:01:32 +00:00
Adam Shih
7a621bab25 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 am: cad969da74 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: I35b1da6dec44db016dc45bb659f5cff7e99dd935
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 06:48:47 +00:00
Andy Hsu
9c91ba1a2f Add SELinux policy to allow GCARelease and GCADogfood to access PowerHAL. 
Note that this only adds permission to GCARelease and GCADogfood, while GCANext and GCAEng are still untrusted app on zuma now and after this change GCANext and GCAEng will still be denied.

Bug: 264490031

Test: Portrait processing in GCARelease didn't get denial message when accessing PowerHAL after this change  (https://cnsviewer-static.corp.google.com/cns/md-d/home/pixel-camera-data-readers/acat/hwandy/ag/22215364?user=pixel-camera-data-readers).

Change-Id: Ia4a4c2f24215b9da9db7985cf67112997df355fa
 2023-03-23 06:41:13 +00:00
Adam Shih
095b07bfab [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 am: ac0bb620df -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 9844033c0a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: Id7f5cca3a18ffad1364468aab16c456cff2c2086
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 06:27:48 +00:00
Darren Hsu
8e028f0a03 sepolicy: label odpm paths for system suspend 
Bug: 272166423
Test: run singleCommand pts -m PtsSELinuxTestCases
Change-Id: I0295cc09cd8eb46b19edcec0d74440e497440423
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-23 14:13:43 +08:00
Wilson Sung
3e68836e43 Revert "Move pixel dumpstate to gs-common" 
Revert submission 22188471-dumpstate aidl

Reason for revert: Build break

Reverted changes: /q/submissionid:22188471-dumpstate+aidl
Bug: 274858145

Change-Id: I757111541257eecd4936572376fe42a4c866a1d6
 2023-03-23 05:58:12 +00:00
Adam Shih
ac0bb620df Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: I254abc02ecf38455c75258888fd3b9c948cbcee5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 05:53:01 +00:00
Adam Shih
cad969da74 Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: I58ded180038a8aa507095d31a069547b7f02efea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 05:52:55 +00:00
Adam Shih
0c17644417 Merge "Move pixel dumpstate to gs-common" into udc-dev 2023-03-23 04:39:46 +00:00
TreeHugger Robot
9cd5fd2ec8 Merge "Enforce bootdevice_sysdev" into udc-d1-dev am: 0b1499354d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22185173

Change-Id: I0765dc38aa14480ba01e067290629b2be5d392a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 04:19:31 +00:00
TreeHugger Robot
943e5e1ba8 Merge "Enforce systesm_app" into udc-d1-dev am: 75b82f7092 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22185176

Change-Id: I5792118ba1f994613c334c8ecd056c896598d116
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 04:17:55 +00:00
TreeHugger Robot
ee84f470bf Merge "Update SELinux error" into udc-d1-dev am: a8dfe1fd3c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22185174

Change-Id: I0d15f92b5a035915d37de6a750f53d3c5351af64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 04:16:47 +00:00
Miranda Kephart
04ac3ce7f5 Fix screenshot shutter sound on P23 devices am: 8cc50336c8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22200827

Change-Id: I1bc148a562bc22bdab4be3984f1394ecf0da364f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 04:13:55 +00:00
TreeHugger Robot
0b1499354d Merge "Enforce bootdevice_sysdev" into udc-d1-dev 2023-03-23 03:36:47 +00:00
TreeHugger Robot
75b82f7092 Merge "Enforce systesm_app" into udc-d1-dev 2023-03-23 03:32:48 +00:00
TreeHugger Robot
a8dfe1fd3c Merge "Update SELinux error" into udc-d1-dev 2023-03-23 03:27:12 +00:00
Adam Shih
4154c957c5 Merge "Move pixel dumpstate to gs-common" 2023-03-23 02:29:30 +00:00
Miranda Kephart
8cc50336c8 Fix screenshot shutter sound on P23 devices 
SystemUI didn't have permission to access media server or the audio
server. Looks like both are required (and sufficient).

Bug: 273688513
Bug: 272628174
Fix: 273688513
Test: manual; take a screenshot with ringer on and verify it
makes a sound

Change-Id: Ibbe54db8cbf78ed199cb329804221709a2822242
 2023-03-22 18:40:47 +00:00
Welly Hsu
7f8e10c54a Remove euiccpixel_app dontaudit from gmscore_app am: a133586e4e am: cccbbb12e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188469

Change-Id: Ibf39c45ff3c91e32fa257587bf5f73708cce421e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 15:15:50 +00:00
Welly Hsu
a6c5340c93 Remove euiccpixel_app dontaudit from gmscore_app am: a133586e4e am: e0adad9eb0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188469

Change-Id: I738eb4c90dbefcbe3fc78aba980b96206ee9ddb5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 15:15:22 +00:00
Welly Hsu
cccbbb12e4 Remove euiccpixel_app dontaudit from gmscore_app am: a133586e4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188469

Change-Id: If322b434699549b08e6a081207662a4ca4717e85
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 14:47:47 +00:00
Welly Hsu
e0adad9eb0 Remove euiccpixel_app dontaudit from gmscore_app am: a133586e4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188469

Change-Id: I48f0e1eb633c44a4c6445c6423d10e500be6f6c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 14:41:23 +00:00
Mark Chang
9e2ce3d5c0 Add IScreenProtectorDetectorService policy for systemui_app. 
Bug: 260302317
Test: system ui app successfully started.
Change-Id: Ibbeab03e738fbbd4103bb5bf4e9f6bbd2998cd29
Signed-off-by: Mark Chang <changmark@google.com>
 2023-03-22 11:53:18 +00:00
Wilson Sung
6bf3029916 Enforce systesm_app 
Fix: 260768379
Fix: 260922048
Fix: 264490076
Test: boot-to-home, no related avc error
Change-Id: If9ead09340f5d810ec549f4c83015f3301f1113c
 2023-03-22 16:01:09 +08:00
Wilson Sung
a1739828f2 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 274727372
Bug: 274727542
Test: scanBugreport
Bug: 274727542
Bug: 268566481
Test: scanAvcDeniedLogRightAfterReboot
Bug: 274727542
Bug: 268566481
Change-Id: Ie846f2f7146e52c4e094d9fd7cfa1fa68e3e21df
 2023-03-22 15:38:52 +08:00
Wilson Sung
503ae703df Enforce bootdevice_sysdev 
Fix: 264489743
Test: boot-to-home and no avc errors
Change-Id: I14648c8d7b1b334c3d02971ffbf20b1f9b5a9354
 2023-03-22 15:35:45 +08:00
TreeHugger Robot
ab7303cbfd Merge "[SELinux] remove uwb remaining tracking denials" into udc-d1-dev am: a112b65748 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188470

Change-Id: Ie921139dc13515d60f00eec16150035c53d13596
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 06:14:17 +00:00
TreeHugger Robot
a112b65748 Merge "[SELinux] remove uwb remaining tracking denials" into udc-d1-dev 2023-03-22 05:30:57 +00:00
Welly Hsu
a133586e4e Remove euiccpixel_app dontaudit from gmscore_app 
bug: 265383359
Change-Id: I6ee7d37187725408e0f443a40affe4c4e50dac91
 2023-03-22 13:27:32 +08:00
Adam Shih
ee45cfea78 Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
 2023-03-22 05:06:27 +00:00
Adam Shih
9844033c0a Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
 2023-03-22 13:05:44 +08:00
TreeHugger Robot
7cd8b7fd2f Merge "change device type for /dev/stmvl53l1_ranging" into udc-d1-dev am: 03d439f0e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22167058

Change-Id: I40aab624c447d94be30d25ea2b256f289c576f7e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 03:09:42 +00:00
Rex Lin
e95656d6fc [SELinux] remove uwb remaining tracking denials 
- hal_uwb_vendor_default
- uwb_vendor_app

Bug: 264489190
Bug: 264489787
Test: remove denials and no avc lob observed and ranging works
Change-Id: I5fd7f5b6bed8f819b2d5812c882ac596f1f1871b
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-03-22 11:07:51 +08:00
TreeHugger Robot
03d439f0e1 Merge "change device type for /dev/stmvl53l1_ranging" into udc-d1-dev 2023-03-22 02:36:37 +00:00
Nicole Lee
fd92d51b74 Move logger_app dontaudit items out of tracking_denials am: aa4b374120 am: 0a273483f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22173747

Change-Id: I9cf9c181a2365565495ffffe6271ab2f327de600
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 00:56:45 +00:00
Nicole Lee
838c8d7fca Move logger_app dontaudit items out of tracking_denials am: aa4b374120 am: f23893994b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22173747

Change-Id: I1ae9674d9d1b566cb8b2711f766aa3536bb5974f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 00:17:36 +00:00
Nicole Lee
f23893994b Move logger_app dontaudit items out of tracking_denials am: aa4b374120 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22173747

Change-Id: If3e54f3595eac5942175b29250ca6888471876ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 00:17:23 +00:00
Wilson Sung
0a18e71a97 Enforce untrusted_app am: e85dc12d69 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22184422

Change-Id: I7504170b28c2869fb8ce72ec544584ae7f9eb918
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 00:16:49 +00:00
Nicole Lee
0a273483f4 Move logger_app dontaudit items out of tracking_denials am: aa4b374120 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22173747

Change-Id: I768ae20c3bd1048692bf926b9ce65cb7f27ca4e0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 00:15:57 +00:00
Wilson Sung
e85dc12d69 Enforce untrusted_app 
Fix: 264489681
Test: boot-to-home and no untrusted_app avc error
Change-Id: Ic7a0fac4893265b4abde55d0a65372419fc09392
 2023-03-22 01:38:31 +08:00
Joerg Wagner
fcfd90a13e [automerger skipped] Merge "Update Mali DDK to r40 : Additional SELinux settings" into udc-d1-dev am: 6351914802 -s ours 
am skip reason: Merged-In I785106b6d2d05e21bf60fcd6da3d716b32e1bc1d with SHA-1 6834d6f59f is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21750299

Change-Id: I3beea5355b52767877126c8804b93fe52a34a502
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 15:09:40 +00:00
Jörg Wagner
7dab59708f [automerger skipped] Update Mali DDK to r40 : Additional SELinux settings am: d8c6712f5b -s ours 
am skip reason: Merged-In I785106b6d2d05e21bf60fcd6da3d716b32e1bc1d with SHA-1 6834d6f59f is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21750299

Change-Id: Ied37dcf7f91f68826bfa28807ef1886a03bc5086
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 15:09:39 +00:00
Joerg Wagner
6351914802 Merge "Update Mali DDK to r40 : Additional SELinux settings" into udc-d1-dev 2023-03-21 14:36:16 +00:00
Kris Chen
0ea531896c Allow fingerprint hal to read sysfs_leds 
Fix the following avc denials:
avc: denied { search } for name="backlight" dev="sysfs" ino=79316
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=dir permissive=1

avc: denied { read } for name="state" dev="sysfs" ino=79365
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=file permissive=1

Bug: 271072126
Test: Authenticate fingerprint.
Change-Id: Ibefbcefc005ab2cec7c417f197fd134b154ed9a1
 2023-03-21 12:18:59 +00:00
JimiChen
ee1df407be change device type for /dev/stmvl53l1_ranging 
It was a rls_device. Move to lwis_device now.

Bug: 274552433
Test: launch GCA
Change-Id: Id920583cc06b09063de85b160c12a5c3a5468c11
 2023-03-21 20:00:00 +08:00
Nicole Lee
aa4b374120 Move logger_app dontaudit items out of tracking_denials 
Bug: 269383459
Test: Open Pixel Logger and check logs
Change-Id: Id5b89a7eeaa5b06539113d4c86c64d6022080949
 2023-03-21 10:11:58 +00:00
TreeHugger Robot
d5ac6d9962 Merge "Allow regmap debugfs permission" into udc-d1-dev am: 504b4cc2eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133445

Change-Id: I483874eb28c4db9377ce3d7b616262d81d4e70ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 08:27:11 +00:00
Donnie Pollitz
b21ac1be87 Merge "Removing audit for system_suspend tee" into udc-d1-dev am: 4ce51ebfba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22160088

Change-Id: Icf7daf3980b75f38676632d2dad62b7c4390c27c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 08:26:45 +00:00
TreeHugger Robot
504b4cc2eb Merge "Allow regmap debugfs permission" into udc-d1-dev 2023-03-21 08:00:49 +00:00
Donnie Pollitz
4ce51ebfba Merge "Removing audit for system_suspend tee" into udc-d1-dev 2023-03-21 07:55:13 +00:00
Robert Lee
78603ddb7e Allow regmap debugfs permission 
auditd  : type=1400 audit(0.0:7): avc: denied { search } for comm="kworker/u18:1" name="regmap" dev="debugfs" ino=1049 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_regmap_debugfs:s0 tclass=dir permissive=0

Bug: 273891639
Test: builds
Change-Id: I9700d34e4d8a9d96d904fe5119a8bf4601bf8ea6
Signed-off-by: Robert Lee <lerobert@google.com>
 2023-03-21 14:17:00 +08:00
TreeHugger Robot
2ecbb84226 Merge "Allow systemui find radio_service" into udc-d1-dev am: 7ca4d7ceb7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22161791

Change-Id: I281b02bfe57536093f3fd1821ad6b2d31e2a7ba0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 03:35:10 +00:00
TreeHugger Robot
7ca4d7ceb7 Merge "Allow systemui find radio_service" into udc-d1-dev 2023-03-21 03:19:59 +00:00
Chung-Kai (Michael) Mei
d39247b7cc [automerger skipped] Merge "genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE]" into udc-d1-dev am: 4766cf456b -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133469

Change-Id: Iccf548638503bd9883d5bfe3c83587b77caf2792
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 03:18:41 +00:00
Chungkai Mei
d3d6dc3c17 [automerger skipped] genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE] am: 5bedd6391a -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133469

Change-Id: I949c40074671b51f5cbc2f6806fce7dbca93a77a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 03:18:38 +00:00
Chung-Kai (Michael) Mei
4766cf456b Merge "genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE]" into udc-d1-dev 2023-03-21 02:31:55 +00:00
Darren Hsu
ba74fadb54 dumpstate: Suppress avc denial for power stats am: 0198a5224a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22119720

Change-Id: Ic216d075f84190d5d2c66cd2c7e46efc65d40989
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 02:20:37 +00:00
Wilson Sung
aa45dde84e Allow systemui find radio_service 
avc:  denied  { find } for pid=1810 uid=10231 name=phone scontext=u:r:systemui_app:s0:c231,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=0

Bug: 272628174
Bug: 272628396
Bug: 273674238
Test: boot-to-home and sim icon showed up
Change-Id: Ia7f84f53f131d868d356fd6d358188748c723757
 2023-03-21 02:13:46 +00:00
Chungkai Mei
5bedd6391a genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE] 
correct path for i2c devices

Test: without avc denial when booting
Bug: 240641235
Change-Id: Iabb7bdac51c2877a9b254bb287361c58f16a353f
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-03-21 01:17:40 +00:00
Donnie Pollitz
8034369bdd Removing audit for system_suspend tee 
Background:
* wakelock_use(tee) was added in previous CL: http://go/ag/21082565

Bug: 263305203
Test: Ran SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I6e8a6796ef5a7156b89ba89c74430f368727e2b8
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-20 11:26:10 +01:00
TreeHugger Robot
353d475c50 Merge "Update SELinux error" into udc-d1-dev am: d5ec3f993f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22155391

Change-Id: I9799ad1d8ffecc7d945b8c55455d3287191a7ef3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 07:15:41 +00:00
Darren Hsu
0198a5224a dumpstate: Suppress avc denial for power stats 
Bug: 273639264
Test: presubmit test
Change-Id: I0b1d8b7516dc9bdfae6b8bca644b6ab52b971615
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-20 15:09:41 +08:00
TreeHugger Robot
d5ec3f993f Merge "Update SELinux error" into udc-d1-dev 2023-03-20 06:34:25 +00:00
TreeHugger Robot
120feae613 Merge "Remove insmod obsolete denials" into udc-d1-dev am: 155e0a8f36 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22155392

Change-Id: I6d427fc6d2fee9ff76ecb1f20e43bb87268022ee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 06:01:36 +00:00
TreeHugger Robot
155e0a8f36 Merge "Remove insmod obsolete denials" into udc-d1-dev 2023-03-20 05:25:02 +00:00
Welly Hsu
3e9dfc011a Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e am: 7884ddda0b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: I7904d64315b40ac30fa087ceff97efeeb3840153
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 05:05:12 +00:00
Welly Hsu
7d03b1841e Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e am: a8df97fe32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: I6992f0c4bb70f9e3044fa80f8aed487fcfc1ae89
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 05:03:13 +00:00
Welly Hsu
a8df97fe32 Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: I1e3fdf46b8d29354b2b231457edd9b2e90126474
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 04:30:27 +00:00
Welly Hsu
7884ddda0b Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: Ief757562cd3634388481d299e822229455476788
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 04:30:24 +00:00
Wilson Sung
f19431da02 Remove insmod obsolete denials 
Fix: 260522378
Fix: 272166723
Change-Id: I70956498f66643d0abc2496d3bdcd140e7ab8f7e
 2023-03-20 12:07:21 +08:00
Wilson Sung
2eed10acc4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 274374768
Bug: 274374722
Test: scanBugreport
Bug: 274374769
Bug: 274374768
Bug: 274374992
Bug: 274374722
Bug: 268566481
Bug: 273639264
Test: scanAvcDeniedLogRightAfterReboot
Bug: 274374768
Bug: 274374722
Bug: 268566481
Change-Id: I4ebac8c48937557b8d8544ecfe4da3ac71ecf64e
 2023-03-20 12:05:59 +08:00
Welly Hsu
97b397fc5e Move euiccpixel_app dontaudit items out of tracking_denials 
bug: 265286368
bug: 269218505
Change-Id: I7dec7ad23ee48cf719d6e7442e60ddcc13c02a8f
 2023-03-20 10:13:05 +08:00
TreeHugger Robot
164cd42a0d Merge "[SELinux] remove hal_uwb_default tracking denials" into udc-d1-dev am: 14c05d48e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22101146

Change-Id: Ic21ef826ea07b4341a6f0a3cc984bbade54ec0cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 02:08:46 +00:00
TreeHugger Robot
14c05d48e9 Merge "[SELinux] remove hal_uwb_default tracking denials" into udc-d1-dev 2023-03-20 01:41:49 +00:00
Mahesh Kallelil
4127a32c5f Merge "Update selinux-policy for ModemService." into udc-d1-dev am: 6636bd227b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22113396

Change-Id: Icab142ac5838ec1a7024125e695a207b464dcfc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:12:13 +00:00
Mahesh Kallelil
6636bd227b Merge "Update selinux-policy for ModemService." into udc-d1-dev 2023-03-16 22:43:34 +00:00
Jayachandran C
6e45deae41 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b am: a7ec5ac379 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I3da5debafb7cfd31122b639cb234b0798eab595e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 21:23:44 +00:00
Jayachandran C
db9264e266 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b am: f99fed1f87 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: Ia54b94c99a1124dcd782a79f30eacbb31beca35a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 21:17:16 +00:00
Jayachandran C
a7ec5ac379 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I676634d568c0de4a029dc4609ceda2c38f56fce9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:20:07 +00:00
Jayachandran C
f99fed1f87 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I6b1ef7b352b69b4988ac6a6d29f8918b5fb3ed84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:19:53 +00:00
Jayachandran C
3cda1dd51b Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev 2023-03-16 19:51:49 +00:00
Donnie Pollitz
8ab28ee02f Merge "Remove hal_bootctl_default audits" into udc-d1-dev am: e8682690b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21804341

Change-Id: I725ac9f6fe40d4997738dfead624d1cc24753225
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 12:27:16 +00:00
TreeHugger Robot
eccb7ad20b Merge "allow vendor init to set vendor_camera_prop" into udc-d1-dev am: 1605d7979d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22113945

Change-Id: Ibdab8601f0d98e2b11640b5434ff49c87953d05b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 12:26:53 +00:00
Donnie Pollitz
e8682690b2 Merge "Remove hal_bootctl_default audits" into udc-d1-dev 2023-03-16 12:03:04 +00:00
TreeHugger Robot
1605d7979d Merge "allow vendor init to set vendor_camera_prop" into udc-d1-dev 2023-03-16 11:57:14 +00:00
Rex Lin
a41dd62c1b [SELinux] remove hal_uwb_default tracking denials 
Bug: 267260951
Bug: 264489750
Bug: 273639365
Test: http://ab/I19700010140844408
Change-Id: Ife918a080a4b0c716a46c78730965b5d7eb3f757
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-03-16 14:51:12 +08:00
Mahesh Kallelil
df7ece2441 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I8361e53f4e6aa82e6dc78e94af71ee26c06fb2f5
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:35:51 +00:00
Speth Chang
3add5fbcec allow vendor init to set vendor_camera_prop 
03-16 10:29:21.324     1     1 W /system/bin/init:
type=1107 audit(0.0:5): uid=0 auid=4294967295 ses=4294967295
subj=u:r:init:s0 msg='avc: denied { set } for
property=vendor.camera.multicam.enable_p23_multicam pid=1
uid=0 gid=0 scontext=u:r:vendor_init:s0
tcontext=u:object_r:vendor_camera_prop:s0
tclass=property_service permissive=0' bug=b/267714573

Bug: 273854225
Test: check log, GCA
Change-Id: I1c5fdff3b9978c494be9f513e1770f26804ca132
 2023-03-16 13:18:17 +08:00
Ken Yang
8c52169f18 Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 am: 3ffebb1ce8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: I6692234b169c305dd548e557fa3d67b4d17f5304
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 04:28:57 +00:00
Ken Yang
83b44caa1c Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 am: 7c2b9b482e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: I48a36edef89a45b5ac50d209b38784cdc381da77
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 04:08:38 +00:00
Ken Yang
7c2b9b482e Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: If63f0cc156d98db3ec2eb5ca4749a60e0b76a32c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:54:38 +00:00
Ken Yang
3ffebb1ce8 Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: Ibfc2d7bcfc8fb713f2f73f8f181e010bf706f3c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:54:20 +00:00
Wilson Sung
f22692cf2f Merge "Remove obsolete denials" into udc-d1-dev am: 1efd7ed479 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098963

Change-Id: I5ef264e899c434a9d6d39f70af1854cec7c1accc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:51:17 +00:00
Wilson Sung
1efd7ed479 Merge "Remove obsolete denials" into udc-d1-dev 2023-03-16 03:25:49 +00:00
Wilson Sung
7eaf780e42 Remove obsolete denials 
Bug: 261933310
Test: take the bugreport and no incidentd avc error
Change-Id: I84274ed4c3b8c3d373a353f879cd7001b26c1703
 2023-03-16 03:25:22 +00:00
TreeHugger Robot
18acd8cd02 Merge changes I7b641636,Iecbf6ff7 into udc-d1-dev am: 320064782b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085771

Change-Id: I211dc0a0b0fcd8031d68d833b751cbad21eef8b1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:52 +00:00
Kris Chen
8f286ce919 enforce trusty_apploader am: b2f238ff01 am: 94dbd3352f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I2592d49f2fa61270225dccef2033c0528716986d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:43 +00:00
Kris Chen
0c4c497f9e enforce trusty_apploader am: b2f238ff01 am: b8419230f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: Icb5a11c030f0d9ca2b4edfd37c902618f5819f57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:14 +00:00
Ken Yang
d9d0c0e471 Merge "SELinux: Remove charger_vendor.te" into udc-dev 2023-03-16 03:11:31 +00:00
TreeHugger Robot
320064782b Merge changes I7b641636,Iecbf6ff7 into udc-d1-dev 
* changes:
  usb: remove bug number in bug_map
  usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission
 2023-03-16 03:07:04 +00:00
Kris Chen
b8419230f2 enforce trusty_apploader am: b2f238ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I8f4e7f64b44b4c98a3ba8f75cd254f87548325da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:41:47 +00:00
Kris Chen
94dbd3352f enforce trusty_apploader am: b2f238ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I4661f365aac362da5c78070fd50d44c8198362c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:41:42 +00:00
Neo Yu
7c362daebe Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 am: c3675e5a3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I41bad4281c4ad8b4c75e6dbcf863abd48baa026e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:07:47 +00:00
Tom Huang
f58b83f480 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb am: a926b7b0f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I4dd5d95cc7b11824c4499d32386b19031ee1abc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:07:18 +00:00
Kris Chen
b2f238ff01 enforce trusty_apploader 
Bug: 264489569
Test: Boot
Change-Id: I75f73d76f535a5755a164725c606872561461487
 2023-03-16 02:06:43 +00:00
TreeHugger Robot
ae3571ee44 Merge "Remove hal_cas_default dontaudit" into udc-d1-dev am: 793698a58d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085769

Change-Id: I23841ed54392b89f3c1a1b17ce7d3d9e1c8d4fcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:06:36 +00:00
TreeHugger Robot
e338ca0f98 Merge "Enforce vendor_init" into udc-d1-dev am: 8570030518 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22100402

Change-Id: Id6e5d06dd06328a1291de963469255ed64dc99f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:05:55 +00:00
Neo Yu
541c29655d Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 am: 2ffe76d869 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I840d8d3f11742cb5eafd77416ee268dbaf25c241
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:55 +00:00
Wilson Sung
4142cecd1a Enforce init am: c0c4ee3a9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098964

Change-Id: Ia79d840d91cd48928db76e7514bf62c850fa980b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:47 +00:00
Tom Huang
b21bb0e25f Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb am: eada700f48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I03006441769b7712368cbe6fa2b1185c27c1c790
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:38 +00:00
Neo Yu
c3675e5a3d Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: Ib4ef07b70d69f11f1389da85176d10d791ef5929
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:55 +00:00
Neo Yu
2ffe76d869 Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I571cd2c89363b29d579483b6300731f6aa0ca89a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:48 +00:00
Tom Huang
a926b7b0f0 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: Id18125fdfeff9c271c7b0f9a67463b4da103367f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:39 +00:00
Tom Huang
eada700f48 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I522dad9cb4eb77983e5fb1783d43852950315b37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:32 +00:00
Neo Yu
ba6c42df00 Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev 2023-03-16 01:25:37 +00:00
Tom Huang
c200250bfb Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev 2023-03-16 00:56:49 +00:00
TreeHugger Robot
793698a58d Merge "Remove hal_cas_default dontaudit" into udc-d1-dev 2023-03-16 00:55:54 +00:00
TreeHugger Robot
8570030518 Merge "Enforce vendor_init" into udc-d1-dev 2023-03-16 00:55:17 +00:00
Alice Sheng
c3288bb774 Merge "Add sepolicy for RA9530 nodes." 2023-03-15 17:57:24 +00:00
Wilson Sung
9781434612 Enforce vendor_init 
Fix: 264490095
Test: boot-to-home
Change-Id: I612896a0da7e9e2fd60772cbbd4b439e4824d7bc
 2023-03-16 00:23:53 +08:00
Wilson Sung
c0c4ee3a9b Enforce init 
Fix: 264489678
Test: boot-to-home and no init avc error
Change-Id: I580f6d9af0874a1165c43a77008b43fab5d0091f
 2023-03-16 00:06:35 +08:00
Ken Yang
8ff0eed309 SELinux: Remove charger_vendor.te 
Bug: 264489675
Change-Id: I9ed521778291ea712ec4ef7f312ae890be3402e7
Signed-off-by: Ken Yang <yangken@google.com>
 2023-03-15 15:34:23 +00:00
neoyu
4701e96275 remove tracking_denials for hal_radioext_default.te 
The SELinux error has been fixed and this file could be removed.

Bug: 269813076
Test: build pass
Change-Id: I2dfcc00575a277ed7f020a9df8193a5f069d2ed9
 2023-03-15 21:30:53 +08:00
Donnie Pollitz
bef163efd5 Remove hal_bootctl_default audits 
* As of ToT, this denial is no longer occurring, removing don't audit.

Bug: 267843310
Test: Ran `adb shell dmesg | grep avc ; adb logcat -d | grep avc`

Change-Id: Id40709e436b9b21ad664148e25bed4eab1aff4ff
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-15 12:44:11 +00:00
Chien Kun Niu
8783417f2f usb: remove bug number in bug_map 
Bug: 272166827
Test: Presubmit build Pass
Change-Id: I7b641636d52995dc9c098af6e7397702f0dcf4ab
 2023-03-15 19:19:44 +08:00
Chien Kun Niu
28cc58257f usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission 
Allow hal_usb_gadget_imple sysfs_batteryinfo r_dir_perms and rw_file_perms

[    8.237410] [  T379] type=1400 audit(1678784127.396:4): avc: denied { search } for comm="HwBinder:762_1" name="power_supply" dev="sysfs" ino=73783 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
[    8.237556] [  T379] type=1400 audit(1678784127.396:5): avc: denied { read } for comm="HwBinder:762_1" name="usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237584] [  T379] type=1400 audit(1678784127.396:6): avc: denied { open } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237603] [  T379] type=1400 audit(1678784127.396:7): avc: denied { getattr } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug: 272166827
Test: Check avc denied log
Change-Id: Iecbf6ff712924b60ce186b75a76cf25f3b48e72d
 2023-03-15 19:17:14 +08:00
Wilson Sung
8141ff4e3e Remove hal_cas_default dontaudit 
Fix: 267260716
Test: take bugreport and no related avc error
Change-Id: If7a7b7f0395ef3a82d2f837ca2732e08f363e87c
 2023-03-15 19:02:58 +08:00
Jayachandran C
8d1a560bf9 Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling 
This CL fixes the following denials
auditd  : avc:  denied  { find } for interface=vendor.google.whitechapel.audio.audioext::IAudioExt sid=u:r:radio:s0 pid=2676 scontext=u:r:radio:s0 tcontext=u:object_r:hal_audio_ext_hwservice:s0 tclass=hwservice_manager permissive=0
auditd  : type=1400 audit(0.0:2983): avc: denied { call } for comm="binder:2617_3" scontext=u:r:radio:s0 tcontext=u:r:hal_audio_default:s0 tclass=binder permissive=0

Bug: 267802258
Test: Live network testing and verified the AudioExt HAL message

Change-Id: Iffa2bcc9b8fa56c383cb765b7cbdf1ff667376c5
 2023-03-15 08:22:09 +00:00
TreeHugger Robot
6b71ff0ee7 Merge "Enforce isolated_app and untrusted_app" into udc-d1-dev am: b6d212049b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22090887

Change-Id: I32ec107a0f0ca3baeff4306fb4977e55c615bf1c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:44:13 +00:00
TreeHugger Robot
b6d212049b Merge "Enforce isolated_app and untrusted_app" into udc-d1-dev 2023-03-15 06:03:04 +00:00
kuanyuhuang
605235f79c BT: remove tracking denials hal_bluetooth_btlinux 
Local build with deleting tracking_denials/hal_bluetooth_btlinux.te
and adb shell getenforce ==> Enforcing.
Tested by BT funtions(playing music, share contacts, transfer file) and
no Bluetooth avc: denied logs.

Bug: 264489608
Test: local build
Change-Id: I1ba1868419d47b087ce96054a63a06b25484e0f5
 2023-03-15 05:13:53 +00:00
Wilson Sung
863007e89d Update SELinux error am: 389ddb027e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085787

Change-Id: I822ea9a885cb86293384fe631a3b6ed4367e4d23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 05:12:42 +00:00
Wilson Sung
63a66ef59e Enforce isolated_app and untrusted_app 
Fix: 264489642
Fix: 264972745
Fix: 267261265
Test: boot-to-home and no related avc error
Change-Id: I4770a076f6a5159db6ffea0661b52b449df9c55a
 2023-03-15 12:24:43 +08:00
Wilson Sung
389ddb027e Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 273638876
Test: scanBugreport
Bug: 273639365
Bug: 273143844
Bug: 273639264
Bug: 273638940
Bug: 273638876
Test: scanAvcDeniedLogRightAfterReboot
Bug: 273638876
Bug: 268566481
Change-Id: I2229a7c7e29dad303f7ef60c8d7f770b6a77a044
 2023-03-15 11:38:05 +08:00
TreeHugger Robot
e83033d9f1 Merge "sepolicy: label dsu and bci" into udc-d1-dev am: 35b10634bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981985

Change-Id: I0eb26b8dc03fdef37e8ff4e80d4024ce0485dfab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:15:50 +00:00
Quinn Yan
12f97aa2f6 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de am: e825edbf28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: Ifbe4b7d4486f14469060d1b3d0cf4f76988056aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:13:52 +00:00
Dai Li
1a103b9a37 Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 am: 518a025694 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: Id357ed344f5d115745069a499a2b8a57d0151d21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:09:00 +00:00
Quinn Yan
542f3553c7 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de am: b1ebacbd43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I17f0e8c9a9d98a0b67a2c3dbdd4fa9c7be427626
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:02:33 +00:00
TreeHugger Robot
35b10634bf Merge "sepolicy: label dsu and bci" into udc-d1-dev 2023-03-15 02:28:38 +00:00
Quinn Yan
b1ebacbd43 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I22986f34b83c07bd53539b092d0388180a69afc5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:57:35 +00:00
Quinn Yan
e825edbf28 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I3a6e12bb4e7f9e81deb4b0cf9c1d59102370efef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:42:42 +00:00
Quinn Yan
fe4ffed5de Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev 2023-03-15 01:26:24 +00:00
Dai Li
518a025694 Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: I32b240372f25f8ae7546daa98acadd09b96562c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:22:27 +00:00
Dai Li
878380aba8 Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 am: 679670bfbc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: Iaaea913a24b30a69160c62d0fb400c6a2a3a1eeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 00:57:38 +00:00
Dai Li
679670bfbc Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: Ib3af1ba8af7afd636a1ef74765c82dac81d8ed8a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 00:18:38 +00:00
qinyiyan
1f30d7d1f9 Remove the tracking_denials for edgetpu project. 
Fix the wrong sysfs directory for edgetpu.

Test: No avc denails seen with the selinx=enforcing
Bug: 264489387,264489676
Change-Id: I5d4d249a0b906e3e5d765ed8830fd915db8aa66e
 2023-03-14 17:01:19 -07:00
Dai Li
b66e27f987 Merge "dma-heap: add dsp heap" into udc-dev 2023-03-14 23:31:53 +00:00
TreeHugger Robot
163c2ece35 Merge "Enforce pixel_stats" into udc-d1-dev am: 15a45ce32f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21989811

Change-Id: Ic9d353fb5e10ff41a3a6d1bdebb88ff6618b7748
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 07:45:19 +00:00
Wilson Sung
9cbc46ceb0 Update SELinux error am: a37fd0cd9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21974566

Change-Id: I56079dd1e972f03fad83ab85a325b631fd897633
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 07:44:38 +00:00
TreeHugger Robot
15a45ce32f Merge "Enforce pixel_stats" into udc-d1-dev 2023-03-14 07:18:22 +00:00
Wilson Sung
9a5bb820a7 Merge "Enforce system ui app" into udc-d1-dev am: 9f8b8971db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982250

Change-Id: I42e84eabf5b33302f1233668a048ac984c42810c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 06:14:12 +00:00
Wilson Sung
a37fd0cd9d Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 272628396
Test: scanBugreport
Bug: 272628762
Test: scanAvcDeniedLogRightAfterReboot
Bug: 272628396
Bug: 267714573
Change-Id: Ice1b62f4092a00af2f9112efa84859465fa5061d
 2023-03-14 13:46:46 +08:00
Wilson Sung
9f8b8971db Merge "Enforce system ui app" into udc-d1-dev 2023-03-14 05:44:27 +00:00
Wilson Sung
95eea9a04b Enforce pixel_stats 
Fix: 264483357
Fix: 264483319
Fix: 264483568
Fix: 264489783
Test: boot-to-home and no pixel_stats avc error
Change-Id: I0b68fa3853c65056d7da78a436a3d38888af8f19
 2023-03-14 13:40:49 +08:00
TreeHugger Robot
07073bad72 Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 am: abf3c1a7db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: I837bbee567e305a649f2cd71c2b69a7b8d3b241e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:26:07 +00:00
TreeHugger Robot
a828092dcc Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 am: d5554312e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: I8edf39c4bec2c95ad532d074066303e80935086f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:24:35 +00:00
Enzo Liao
bd1c609093 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 am: ab46c1cab0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Ib13ebc9aea6c3cd85abfe3ff6c21bada30d507a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:22:39 +00:00
Enzo Liao
49817f7cd4 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 am: 40dce15c10 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Ia834d46eacf58109f82a3a5013a5fd8e9147f18b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:20:44 +00:00
TreeHugger Robot
abf3c1a7db Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: Ib5ccad7396fa6bb59228ce1e8da1389736e59131
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:48:34 +00:00
Enzo Liao
ab46c1cab0 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Id296bffea97617defd8547a28e65ca72795521f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:48:14 +00:00
TreeHugger Robot
d5554312e8 Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: I61bb2409787130b12d75e539f369bb73a5690ea6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:48:12 +00:00
Enzo Liao
40dce15c10 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Ia65c61152f4631dc9ffeb6675d05dbc562781a40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:47:21 +00:00
TreeHugger Robot
27c8c4c1e0 Merge "label systemui sub apps" into udc-dev 2023-03-14 04:29:20 +00:00
Sayanna Chandula
eabd922aeb Merge "thermal: remove tracking denials for hal_thermal" into udc-d1-dev am: 8f8acbb026 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21995148

Change-Id: I267c9dc9ff4678eeb620bb9879b7236e435e6bc5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:26:25 +00:00
Enzo Liao
6eb86755a6 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev 2023-03-14 04:04:41 +00:00
Sayanna Chandula
8f8acbb026 Merge "thermal: remove tracking denials for hal_thermal" into udc-d1-dev 2023-03-14 03:51:09 +00:00
Kyle Lin
ed9bcae5ba sepolicy: label dsu and bci 
Bug: 272750446
Bug: 269809407
Bug: 258100337
Test: build and boot
Change-Id: Ica7902851c307fcf71d3ad09befdff6bdcc7a72c
 2023-03-14 11:48:23 +08:00
Adam Shih
4e5621a2e5 label systemui sub apps 
Bug: 270518075
Test: screenshot > press sharing button
Change-Id: I10c59809afc3e897775e7cfccde9e2432bb78163
 2023-03-14 11:07:12 +08:00
TreeHugger Robot
45e658f6e1 Merge "enforce hal_dumpstate_default" into udc-dev am: 3906f53197 am: 0a1bd7a594 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982724

Change-Id: I6acfb21b2a77b9a2a9b95006871bb30c55806bec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 03:01:32 +00:00
TreeHugger Robot
2895c98fd0 Merge "Enforce hal_sensors_default" into udc-d1-dev am: fcffe3c099 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982248

Change-Id: I594e096021dd01fec7e7f07a0b54f7e6beadf167
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 02:57:39 +00:00
TreeHugger Robot
7aa7b8a466 Merge "enforce hal_dumpstate_default" into udc-dev am: 3906f53197 am: 25c992012f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982724

Change-Id: Ie6369d6b97ce496991ee23a615555594260c8f86
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 02:35:42 +00:00
Sayanna Chandula
d610423377 thermal: remove tracking denials for hal_thermal 
Bug: 264490033
Test: Test thermal service after flashing the build

Change-Id: Ifb0fa5272a89527d8cba4a2292737f3af941f95a
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2023-03-14 02:27:37 +00:00
TreeHugger Robot
fcffe3c099 Merge "Enforce hal_sensors_default" into udc-d1-dev 2023-03-14 02:25:33 +00:00
TreeHugger Robot
549c1624dc Merge "Enforce chre" into udc-d1-dev am: c86e5b15e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982247

Change-Id: Ia05df45c5d8750474bce28e816f3a8286396271f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 02:15:59 +00:00
TreeHugger Robot
0a1bd7a594 Merge "enforce hal_dumpstate_default" into udc-dev am: 3906f53197 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982724

Change-Id: Ifcb7fcbc7daa8bff5480f2a8524c0663208208fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 01:57:05 +00:00
TreeHugger Robot
25c992012f Merge "enforce hal_dumpstate_default" into udc-dev am: 3906f53197 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982724

Change-Id: I3249dd6a9df32bfa09f83f11e76755ae9d74873c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 01:55:34 +00:00
TreeHugger Robot
3906f53197 Merge "enforce hal_dumpstate_default" into udc-dev 2023-03-14 01:10:42 +00:00
TreeHugger Robot
c86e5b15e4 Merge "Enforce chre" into udc-d1-dev 2023-03-14 01:09:29 +00:00
Ziyi Cui
6cf71e83ce Merge "zuma-sepolicy: pixelstats: enable pixelstats access to perf-metrics" into udc-d1-dev am: 1682d9c973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21979898

Change-Id: I840dbb857e44a312e10a9c6204e8b65270809ed1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 18:30:53 +00:00
Ziyi Cui
1682d9c973 Merge "zuma-sepolicy: pixelstats: enable pixelstats access to perf-metrics" into udc-d1-dev 2023-03-13 17:44:01 +00:00
Adam Shih
5b10e525cd enforce dumpstate am: ea9c12efb3 am: 5aba3f2375 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982725

Change-Id: Ic940d1c3ebfd699f42c59a0023ae109b4fcea69b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 08:33:41 +00:00
Adam Shih
036ea5d621 enforce dumpstate am: ea9c12efb3 am: 7356735963 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982725

Change-Id: I6e3ff25ad09a9c15c214f4bfb6474833469eb5fb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 08:32:53 +00:00
Wilson Sung
1371c7c6a9 Enforce chre 
Fix: 264489633
Change-Id: Ib4c7a217dce35f1d923a3ba5c012b11508b19c5b
 2023-03-13 08:10:57 +00:00
Adam Shih
7356735963 enforce dumpstate am: ea9c12efb3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982725

Change-Id: I6853bb4cd85f1651e32e15e01f1c4abc9384b505
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 08:00:07 +00:00
Adam Shih
5aba3f2375 enforce dumpstate am: ea9c12efb3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982725

Change-Id: I05fda6e5ea279f2500bfed93250416e002de8f07
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 07:59:47 +00:00
Wilson Sung
ba953cdb9a Enforce system ui app 
Bug: 264266705
Change-Id: Ice811ba94f065a56db47b390847b4f15798a50f5
 2023-03-13 14:56:42 +08:00
Wilson Sung
ffeed9d629 Enforce hal_sensors_default 
Bug: 264489637
Change-Id: I6f0384a0bf4ae5c3ac6d1ebe5b865ea43b86c3c2
 2023-03-13 14:54:20 +08:00
TreeHugger Robot
30ea475538 Merge "[SELinux] Fix hal_uwb_default dev access errors" into udc-d1-dev am: eecb5380e3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981863

Change-Id: I8cc34c5a70f8304e81defa9dff34de6a271c7852
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 06:29:11 +00:00
Adam Shih
ea9c12efb3 enforce dumpstate 
Bug: 264489270
Test: adb bugreport
Change-Id: Idb3c29ff306b825dba9422dca5f1ec1a1d65d8f4
 2023-03-13 06:26:34 +00:00
TreeHugger Robot
eecb5380e3 Merge "[SELinux] Fix hal_uwb_default dev access errors" into udc-d1-dev 2023-03-13 06:17:37 +00:00
TreeHugger Robot
7c794805b7 Merge "enforce incidentd" into udc-dev am: 5488c59d9a am: 468d72e588 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981862

Change-Id: Ib5691b6de676ff2cb35b8c6f48927342f5725caa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 06:13:25 +00:00
Jasmine Cha
903312bfef audio: move set property in vendor_init to gs-common am: 684d922d59 am: e91c3cff4c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21974564

Change-Id: I63f05902af2d88d439326136beafd51d77d4e4b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 06:12:50 +00:00
TreeHugger Robot
7c2bce5823 Merge "enforce incidentd" into udc-dev am: 5488c59d9a am: 908501be50 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981862

Change-Id: Ic5fd2ef5bff18f7b8c749309461bcc1a8d0fbe17
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 06:12:18 +00:00
Jasmine Cha
df03bc9034 audio: move set property in vendor_init to gs-common am: 684d922d59 am: 777ee2e945 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21974564

Change-Id: I30cbbba5405c2efeb193173cfece67e9b280000c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 06:11:52 +00:00
Adam Shih
46d5345bc9 enforce hal_dumpstate_default 
Bug: 266035810
Test: adb bugreport
Change-Id: Iec0d9b7d5d9327dd7ca96ab7f4c1a26c3fde6a3e
 2023-03-13 14:10:45 +08:00
TreeHugger Robot
908501be50 Merge "enforce incidentd" into udc-dev am: 5488c59d9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981862

Change-Id: Ic5339c6d2f2948e8c60f314a3fde1c39a67134e8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 05:56:31 +00:00
TreeHugger Robot
468d72e588 Merge "enforce incidentd" into udc-dev am: 5488c59d9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981862

Change-Id: I8ce8e3f3ae9b4aaf4f6ffe71c8f3fd3d65eb679e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 05:56:27 +00:00
TreeHugger Robot
5488c59d9a Merge "enforce incidentd" into udc-dev 2023-03-13 05:40:12 +00:00
Jasmine Cha
e91c3cff4c audio: move set property in vendor_init to gs-common am: 684d922d59 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21974564

Change-Id: Ia7ba15f5d0f80b8b8ec30d4ffe8ae998668a3df6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 05:38:15 +00:00
Jasmine Cha
777ee2e945 audio: move set property in vendor_init to gs-common am: 684d922d59 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21974564

Change-Id: I7df21f6988b4a2546eb3099b9b60c7828666e3b6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 05:38:09 +00:00
Rex Lin
e7616e3934 [SELinux] Fix hal_uwb_default dev access errors 
Allow hal_uwb_default to access /dev/uci

Bug: 263048994
Test: http://ab/I86600010139623509
Change-Id: I6324044822f74d1f0d14cc9c6d057dce0dfcc9ee
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-03-13 05:16:30 +00:00
Wilson Sung
4bdc1c25c6 Merge changes I9868bdfd,I1085decf into udc-d1-dev am: 6b9e3f74b6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947244

Change-Id: I96b2f88eabdc5ad1666ece7e8ae1e802579e95a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-13 05:00:45 +00:00
Wilson Sung
6b9e3f74b6 Merge changes I9868bdfd,I1085decf into udc-d1-dev 
* changes:
  Enforce insmod-sh
  Allow insmod-sh lockdown in userdebug
 2023-03-13 04:26:34 +00:00
Adam Shih
bbbc3e3926 enforce incidentd 
Bug: 264490034
Bug: 259302023
Test: adb bugreport
Change-Id: Ie77eded2b6bdd5bd993e500cf8d8d481e5fe7a57
 2023-03-13 11:52:29 +08:00
Jasmine Cha
684d922d59 audio: move set property in vendor_init to gs-common 
Bug: 259161622
Test: build pass

Change-Id: I4232a7e33c75c2dc7475e0888da7019d59de52d1
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-13 10:53:58 +08:00
Ziyi Cui
3e6ba1f4e3 zuma-sepolicy: pixelstats: enable pixelstats access to perf-metrics 
enable pixelstats access to sysfs path
Bug: 246799997
Test: Verified the existence of atom and correctness of atom stats
Change-Id: I874f7ff06b91b028cd6bbffd682429763c264d9f
Signed-off-by: Ziyi Cui <ziyic@google.com>
 2023-03-12 23:02:24 +00:00
Jeremy DeHaan
df48ca07fd Merge "Allow HWC to access panel model" into udc-dev am: 3a29cc604b am: 83126173b7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21776404

Change-Id: I3f06b70a593af904e0c31fed7f33c412d3a50b14
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 20:06:24 +00:00
Jeremy DeHaan
09e286f1ca Merge "Allow HWC to access panel model" into udc-dev am: 3a29cc604b am: dbe0ec8114 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21776404

Change-Id: Iff8da61c479f876d643a06bee39eeeae3b9c640b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 19:13:19 +00:00
Jeremy DeHaan
dbe0ec8114 Merge "Allow HWC to access panel model" into udc-dev am: 3a29cc604b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21776404

Change-Id: I11fcf68d1418505e99c243bb1657d6e818c1e0bd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 18:18:39 +00:00
Jeremy DeHaan
83126173b7 Merge "Allow HWC to access panel model" into udc-dev am: 3a29cc604b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21776404

Change-Id: I4c16dc7e470a1f07fafd29996502bdba66dd88ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 18:18:27 +00:00
Jeremy DeHaan
3a29cc604b Merge "Allow HWC to access panel model" into udc-dev 2023-03-10 17:48:34 +00:00
Wilson Sung
0d8ede8308 Enforce insmod-sh 
Fix: 264490091
Test: Boot-to-home without insmod-sh avc error
Change-Id: I9868bdfd8fad7ac37c8d1104fb1fab10a7e8f79a
 2023-03-10 16:25:24 +08:00
Wilson Sung
eae6bfb835 Allow insmod-sh lockdown in userdebug 
Bug: 272166723
Change-Id: I1085decf2a00597992a95996b1a2875be08ba1f1
 2023-03-10 16:23:39 +08:00
Enzo Liao
3f905ee1d0 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma. 
It needs to access a file pushed by hosts of test suites (details: http://go/pd-client-for-lab#heading=h.wtp07hbqvwgx)

Bug: 234359369
Design: http://go/pd-client-for-lab
Test: manual (http://b/271555983#comment3)
Change-Id: Id97d9c2d07197478ab8d6fcd1e9370dc794ff7d1
 2023-03-10 15:37:15 +08:00
Wilson Sung
8705c515e3 Update SELinux error am: 028c3dd417 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947619

Change-Id: I1a741000b3429a26d8622328ab1c147dde9aac98
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 04:34:32 +00:00
Enzo Liao
f88e9fc5bd Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." 2023-03-10 03:07:31 +00:00
Wilson Sung
028c3dd417 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 272628174
Change-Id: Ief58f990c70fc7a9a6fa1f18ce22c1c5847acaf9
 2023-03-10 10:56:44 +08:00
Jasmine Cha
dbc882f47e Merge "audio: move sepolicy about audio to gs-common" into udc-dev am: 6431ec8cfa am: cf7b251dc2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912482

Change-Id: I03e24554dd063ec68265c6f8113bd1bc060515b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:39:26 +00:00
Jasmine Cha
c65b325672 Merge "audio: move sepolicy about audio to gs-common" into udc-dev am: 6431ec8cfa am: 3e639ffa42 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912482

Change-Id: I63b941f03a068e510c76efa040f7886748480340
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:22:29 +00:00
Jasmine Cha
3e639ffa42 Merge "audio: move sepolicy about audio to gs-common" into udc-dev am: 6431ec8cfa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912482

Change-Id: Ic05e1165722a12b41d51f4339ed817383412219f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:19:45 +00:00
Jasmine Cha
cf7b251dc2 Merge "audio: move sepolicy about audio to gs-common" into udc-dev am: 6431ec8cfa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912482

Change-Id: I28ac6516a9fb56d4e431f6160ccf44dfef6baa1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:18:12 +00:00
Jasmine Cha
6431ec8cfa Merge "audio: move sepolicy about audio to gs-common" into udc-dev 2023-03-10 02:06:05 +00:00
Wilson Sung
ed2ae24f2e Add insmod-sh policy am: aa90037844 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21932219

Change-Id: I018f0ed4c0054d672d4af432381fea76d5a28975
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 00:54:44 +00:00
Alice Sheng
726291157f Add sepolicy for RA9530 nodes. 
Bug: 270440233
Test: No selinux denials related to wireless
Change-Id: I790052270a20c3324c7b9a9f674dc48a7d003c6f
 2023-03-09 14:34:13 -08:00
Wilson Sung
aa90037844 Add insmod-sh policy 
Fix: 260366066
Change-Id: I0874c1f476b47a9ad3cee344986404958c96fd25
 2023-03-10 02:04:36 +08:00
Darren Hsu
df453ea221 Merge "sepolicy: label more paths for sysfs_odpm" into udc-dev am: 3867f2f21f am: 055b52e584 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912561

Change-Id: I759cc445f88549e2cc006314c73e91afed09d68e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 08:29:06 +00:00
Darren Hsu
080b747bcd Merge "sepolicy: label more paths for sysfs_odpm" into udc-dev am: 3867f2f21f am: 2caf9aa778 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912561

Change-Id: I6c058342009fbeed632fbc03a519ce7fa77bcc43
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 08:26:58 +00:00
Darren Hsu
055b52e584 Merge "sepolicy: label more paths for sysfs_odpm" into udc-dev am: 3867f2f21f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912561

Change-Id: I2e1cde774f763e3f30b0e50484824483d5319c08
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 07:54:54 +00:00
Darren Hsu
2caf9aa778 Merge "sepolicy: label more paths for sysfs_odpm" into udc-dev am: 3867f2f21f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912561

Change-Id: Icebd907a6ea7f3e42799ee168fcc87b781d63e15
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 07:54:34 +00:00
Wilson Sung
e7a7783e9b Merge "Add system_ui required policy" into udc-d1-dev am: 2492786d15 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912560

Change-Id: I0c121dc88f19bde54ef2380c9523613d9403ceda
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 07:31:36 +00:00
Darren Hsu
3867f2f21f Merge "sepolicy: label more paths for sysfs_odpm" into udc-dev 2023-03-09 07:20:30 +00:00
Wilson Sung
2492786d15 Merge "Add system_ui required policy" into udc-d1-dev 2023-03-09 07:05:32 +00:00
Wilson Sung
8c535e410a Add system_ui required policy 
Bug: 264266705
Bug: 268572197
Bug: 269813282
Change-Id: I8d782a5879dd531c29328517f67245913808ae93
 2023-03-09 12:57:39 +08:00
KRIS CHEN
3d408c2b96 Merge "Allow fingerprint hal to access display hibernation node" into udc-dev am: 92c67c8422 am: f9fe08e2a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21896646

Change-Id: I16cf8697d5117fb70fbda22b92ff3f605b56ff01
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 04:52:35 +00:00
KRIS CHEN
88da4d5f3e Merge "Allow fingerprint hal to access display hibernation node" into udc-dev am: 92c67c8422 am: 4309d80318 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21896646

Change-Id: I2f633d4cc5d4792b8689e46a488d767c0e07532a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 04:51:37 +00:00
KRIS CHEN
f9fe08e2a5 Merge "Allow fingerprint hal to access display hibernation node" into udc-dev am: 92c67c8422 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21896646

Change-Id: I51f3c085ba4861bffdc25f4849f53e73ccd91e66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 04:21:31 +00:00
KRIS CHEN
4309d80318 Merge "Allow fingerprint hal to access display hibernation node" into udc-dev am: 92c67c8422 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21896646

Change-Id: I232a8e1d378731c0a42d42b9450fee002efd15bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-09 04:21:05 +00:00
KRIS CHEN
92c67c8422 Merge "Allow fingerprint hal to access display hibernation node" into udc-dev 2023-03-09 03:53:46 +00:00
Jasmine Cha
d4de162a4f audio: move sepolicy about audio to gs-common 
Bug: 259161622
Test: build pass and check with audio ext hidl/aidl

Change-Id: I5f537f18b33c84f30dae349880f8d00a22883b0b
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-09 10:09:29 +08:00
Darren Hsu
f3e948a640 sepolicy: label more paths for sysfs_odpm 
Bug: 272164439
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Iec1be5189d21ff6b2bdfe5056b526f01dc2b35e4
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-09 08:35:42 +08:00
Dai Li
f2200cdfa1 dma-heap: add dsp heap 
Add dsp heap to zuma

Bug: 258813006
Change-Id: I953d1abb7cee15d041db1535df79c91cd25830f7
 2023-03-08 20:43:53 +00:00
Kris Chen
cc2458e456 Allow fingerprint hal to access display hibernation node 
Fix the following avc denial:
avc: denied { write } for name="hibernation" dev="sysfs" ino=75339
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs:s0
tclass=file permissive=0

Bug: 256947811
Bug: 251239489
Bug: 267271482
Test: Perform udfps osc compensation.
Change-Id: I2cfb1353770734a19e7fcf1a10eb2fc7bf84a4f5
 2023-03-08 09:10:24 +00:00
Chih Wei Chang
3cbd870026 Merge "Revert "Add system_ui required policy"" into udc-d1-dev am: 455363e7c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21896643

Change-Id: Ia30af03db81c0f30dce86968791945b1ed523267
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-08 08:57:52 +00:00
Chih Wei Chang
455363e7c0 Merge "Revert "Add system_ui required policy"" into udc-d1-dev 2023-03-08 08:17:46 +00:00
Chih Wei Chang
9966805569 Revert "Add system_ui required policy" 
This reverts commit 5488482211.

Bug: 272204013

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_udc-d1-dev&target=aosp_shiba-userdebug&lkgb=9707521&lkbb=9708227&fkbb=9708227, bug 272204013

Change-Id: Ia2d74374325d594d9dbd1e5ba8b1510f8d432e4d
 2023-03-08 08:11:30 +00:00
Wilson Sung
3e6b9d6153 Merge "Add system_ui required policy" into udc-d1-dev am: ee80374f9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21853742

Change-Id: I07b3321df4a2efe88485513d7538cd19500f3744
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-08 07:15:57 +00:00
Wilson Sung
ee80374f9d Merge "Add system_ui required policy" into udc-d1-dev 2023-03-08 06:40:42 +00:00
Yang Qi
c0f85a7634 [automerger skipped] Add CccDkTimeSyncService for Digital Key Support for Zuma am: d8c17a3814 am: c8d64fb72f -s ours 
am skip reason: Merged-In I0195bfe5f8eed70556891ddfeae81c486373ddbb with SHA-1 d8c17a3814 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21809919

Change-Id: I0d54a2a58de6fdac1e80f23d7107bc8a5224bd75
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-08 06:21:06 +00:00
Yang Qi
fbd745125e [automerger skipped] Add CccDkTimeSyncService for Digital Key Support for Zuma am: d8c17a3814 am: 74f6e30f4d -s ours 
am skip reason: Merged-In I0195bfe5f8eed70556891ddfeae81c486373ddbb with SHA-1 a6c8402aa9 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21809919

Change-Id: I5a41e6ff02562fefc5d9ccc26029ce38f148336d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-08 06:20:14 +00:00
Yang Qi
74f6e30f4d Add CccDkTimeSyncService for Digital Key Support for Zuma am: d8c17a3814 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21809919

Change-Id: I9ff02f6617948c0b4bd659279e6158dc79a69793
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-08 05:50:25 +00:00
Yang Qi
c8d64fb72f Add CccDkTimeSyncService for Digital Key Support for Zuma am: d8c17a3814 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21809919

Change-Id: I456973e22f9297a3d39805703f7fcb52be2f791e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-08 05:50:25 +00:00
Wilson Sung
f03c56a086 Update SELinux error am: a5be4a940e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21853751

Change-Id: Ie1ee4bf683cb17306268608f9ba9371894d7b032
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-08 05:09:55 +00:00
Wilson Sung
a5be4a940e Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 272166423
Bug: 272166664
Bug: 272166847
Bug: 272166722
Bug: 272166827
Bug: 272166723
Test: scanBugreport
Bug: 272166423
Bug: 267714573
Bug: 272166771
Bug: 272166847
Bug: 272166722
Bug: 272166827
Bug: 272166723
Bug: 272166737
Test: scanAvcDeniedLogRightAfterReboot
Bug: 272166723
Bug: 272166787
Bug: 272166423
Bug: 267714573
Bug: 272166847
Bug: 272166987
Bug: 272166827
Change-Id: If02d479d3606b63bd43bb94c93b2108c4fafe96d
 2023-03-08 11:19:02 +08:00
Wilson Sung
5488482211 Add system_ui required policy 
Bug: 264266705
Bug: 268572197
Bug: 269813282
Change-Id: I6457f4a675d32578188c01ae581442300ac56a5b
 2023-03-08 10:58:39 +08:00
Yang Qi
5c390da06d Merge "Add CccDkTimeSyncService for Digital Key Support for Zuma" 2023-03-07 19:16:08 +00:00
Shashank Sharma
fc691db8ea Remove firmware as same_process_hal_file am: 3d765451c5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21811774

Change-Id: I6ee5fe565f3f65203ea5f2c887b80240f975063d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 17:12:23 +00:00
Shashank Sharma
3d765451c5 Remove firmware as same_process_hal_file 
Bug: 260522245
Bug: 262794429

Change-Id: I7d49ee7c76fbf2cdf87a2a7de4a406c356f50444
 2023-03-07 05:01:16 +00:00
Yang Qi
d8c17a3814 Add CccDkTimeSyncService for Digital Key Support for Zuma 
Test: Build and Run
Bug: 270511447
Merged-In: I0195bfe5f8eed70556891ddfeae81c486373ddbb
Change-Id: I0195bfe5f8eed70556891ddfeae81c486373ddbb
 2023-03-07 02:52:34 +00:00
Adam Shih
e0b47b4a7b Merge "move camera dump to gs-common" into udc-dev am: 5dd0fffa9a am: d1bce36c49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21784301

Change-Id: Ic0ba7e6d0349c18f005daf4cfd9d5a0bf7c853a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 00:40:19 +00:00
Adam Shih
a5a9f978f7 Merge "move camera dump to gs-common" into udc-dev am: 5dd0fffa9a am: 8507994334 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21784301

Change-Id: Ib647273dc6ccefd134c5c9c53c2259274de30d4c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 00:39:47 +00:00
Adam Shih
d1bce36c49 Merge "move camera dump to gs-common" into udc-dev am: 5dd0fffa9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21784301

Change-Id: I40cce627880f57be080685502693c0d73dc53cac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 00:04:42 +00:00
Adam Shih
8507994334 Merge "move camera dump to gs-common" into udc-dev am: 5dd0fffa9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21784301

Change-Id: Ica2271c905170be9c1a2809630708c81ef42e240
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-07 00:03:59 +00:00
Adam Shih
c3332b65f1 Move common display dump to gs-common am: 51bd259bbf am: 8e2e4dc222 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21644566

Change-Id: I2e67be5adb6409f786fb82a3ba65136b8fa620a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 23:47:57 +00:00
Adam Shih
952b486aaf Move common display dump to gs-common am: 51bd259bbf am: ba72e77586 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21644566

Change-Id: I2288201c1655cee48eb4b47c0022eafe56d8c9e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 23:45:44 +00:00
Adam Shih
5dd0fffa9a Merge "move camera dump to gs-common" into udc-dev 2023-03-06 23:29:45 +00:00
Adam Shih
8e2e4dc222 Move common display dump to gs-common am: 51bd259bbf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21644566

Change-Id: I31f0efd65637b205164c9ee767f23cd24893cd09
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 23:11:09 +00:00
Adam Shih
ba72e77586 Move common display dump to gs-common am: 51bd259bbf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21644566

Change-Id: I3d8ae6e5579e9006f1a9663e0f9213668dc5420b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 23:09:17 +00:00
Yang Qi
a6c8402aa9 Add CccDkTimeSyncService for Digital Key Support for Zuma 
Test: Build and Run
Bug: 270511447
Change-Id: I0195bfe5f8eed70556891ddfeae81c486373ddbb
 2023-03-06 22:49:15 +00:00
Adam Shih
51bd259bbf Move common display dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I71ad4e2e08ba19c36dc633732ce39e8086a94d6e
 2023-03-06 06:33:53 +00:00
Adam Shih
7b84f2fc56 move camera dump to gs-common 
Bug: 240530709
Test: adb bugreport
Create empty files starting with the following prefix
/data/vendor/camera/profiler/session-ended-
/data/vendor/camera/profiler/high-drop-rate-
/data/vendor/camera/profiler/watchdog-
/data/vendor/camera/profiler/camera-ended-
and do adb bugreport and make sure they end up in dumpstate_board.bin

Change-Id: I90e6d5142e7d512dafa6b8712d7fb252327359a5
 2023-03-06 02:34:48 +00:00
TreeHugger Robot
7997f45f97 Merge "logger_app: allow logger_app to access vendor_usb_config_prop" into udc-d1-dev am: 26e0b7b7fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21741739

Change-Id: I3db10152eecc6182413db03bbfdb68b7af4efc46
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-06 02:29:28 +00:00
TreeHugger Robot
26e0b7b7fc Merge "logger_app: allow logger_app to access vendor_usb_config_prop" into udc-d1-dev 2023-03-06 01:49:33 +00:00
TreeHugger Robot
0edfa6a943 Merge "Allow hal_thermal_default to read iio/odpm sysfs nodes" into udc-dev am: 4eab0326df am: 8e2035cc18 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552481

Change-Id: I22b1ecf13a7b668603508e3ea23fa6ceb2c47306
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-04 06:38:38 +00:00
Jeremy DeHaan
f33a422c17 Allow HWC to access panel model 
Bug: 217472351
Change-Id: I2831eb402d15ceb0962325ce827a1ca3cca00109
Signed-off-by: Jeremy DeHaan <jdehaan@google.com>
 2023-03-03 13:48:53 -08:00
TreeHugger Robot
f344cb000a Merge "Allow hal_thermal_default to read iio/odpm sysfs nodes" into udc-dev am: 4eab0326df am: 7790b93e01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552481

Change-Id: I9c2fd984191deb9421cef4b96ddbaa807f1cf4eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 19:47:23 +00:00
TreeHugger Robot
8e2035cc18 Merge "Allow hal_thermal_default to read iio/odpm sysfs nodes" into udc-dev am: 4eab0326df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552481

Change-Id: I9f39b65bc479a4fc0541404062330137a9fcb63c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 19:22:05 +00:00
TreeHugger Robot
7790b93e01 Merge "Allow hal_thermal_default to read iio/odpm sysfs nodes" into udc-dev am: 4eab0326df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552481

Change-Id: Ia5de4f3db98e744b2ba8cbe63165bdef3e22628c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 18:41:00 +00:00
Donnie Pollitz
1829701bc8 sepolicy: Fix hal_confirmationui_default avc denials am: e31ad0b306 am: 105d3b4aa2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504841

Change-Id: I45b899e18c746b897a3cfa168a5736bcac076c24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 18:06:35 +00:00
Donnie Pollitz
c24ebe57c1 sepolicy: Fix hal_confirmationui_default avc denials am: e31ad0b306 am: 8958b2e84b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504841

Change-Id: If4f7afa3407b7a124ee55d95ac5a3e774a9842a7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 17:53:42 +00:00
Dinesh Yadav
ea868cc5bf Merge "Make gxp_device an mlstrustedobject" into udc-d1-dev am: 85829f2265 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21701040

Change-Id: I28e061683cfd0bed9cd17ebf907cd3d45429bf84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 17:32:58 +00:00
Donnie Pollitz
8958b2e84b sepolicy: Fix hal_confirmationui_default avc denials am: e31ad0b306 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504841

Change-Id: I55b973823df7b0ad935ab38c0c22c63c0c1674cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 17:27:10 +00:00
Donnie Pollitz
105d3b4aa2 sepolicy: Fix hal_confirmationui_default avc denials am: e31ad0b306 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504841

Change-Id: Ida4600755a38935ec2506a0c245a1f0e5d0556a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-03 17:04:52 +00:00
Jörg Wagner
d8c6712f5b Update Mali DDK to r40 : Additional SELinux settings 
Expose DDK's dynamic configuration options through the Android Sysprop
interface, following recommendations from Arm's Android Integration
Manual.

Bug: 261718474

(cherry picked from commit 6834d6f59f)
Merged-In: I785106b6d2d05e21bf60fcd6da3d716b32e1bc1d
Change-Id: I0469e2f24abe7a9458305d5752ae655cf4f42547
 2023-03-03 15:23:39 +00:00
Nicole Lee
bc1beba926 logger_app: allow logger_app to access vendor_usb_config_prop 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=397 scontext=u:r:logger_app:s0:c13,c257,c512,c768 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=0 app=com.android.pixellogger

Bug:270579027
Test: Enable debug port by Pixel Logger
Change-Id: I0274a25142d671b03966e56a2ffd9926683e4991
 2023-03-03 12:55:29 +00:00
TreeHugger Robot
4eab0326df Merge "Allow hal_thermal_default to read iio/odpm sysfs nodes" into udc-dev 2023-03-03 12:01:40 +00:00
Dinesh Yadav
85829f2265 Merge "Make gxp_device an mlstrustedobject" into udc-d1-dev 2023-03-03 03:12:15 +00:00
Dinesh Yadav
01c5409eb8 Make gxp_device an mlstrustedobject 
This is needed as google_camera_app needs write access to gxp.

Test: Tested with private build "P51261040" with Tot google3 gca-dogfood app & found no selinux violations.

Bug: 264139000
Change-Id: Ic1a262cc40578ebd2305efe851e54cf857bd02c1
 2023-03-02 15:41:37 +00:00
Nicolas Geoffray
fc21747ab4 Merge "Allow ssr_detector_app directory/file creation in system_app_data_file." 2023-03-02 15:39:10 +00:00
Nicolas Geoffray
311722d720 Allow ssr_detector_app directory/file creation in system_app_data_file. 
Bug: 260557058
Bug: 264483352
Test: m
Change-Id: Ia9a2b1fbf14ae018580ab0abe515dd180610bad4
 2023-03-02 14:10:36 +00:00
Ernie Hsu
f13709f4c2 Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev am: 899ad9c1ab am: d46fdc0b46 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21553180

Change-Id: I946d41a8fd932db6f44eeb1fc5b6092db67e6b66
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 10:11:38 +00:00
Ernie Hsu
11bbec30bc Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev am: 899ad9c1ab am: fbbc198801 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21553180

Change-Id: I5e45ca88e24d8b4b67dd65326cece156cf38905d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 10:10:31 +00:00
Ernie Hsu
d46fdc0b46 Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev am: 899ad9c1ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21553180

Change-Id: I00c2445ce1210da89bb8d60a8e151f43ef389473
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 09:19:42 +00:00
Ernie Hsu
fbbc198801 Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev am: 899ad9c1ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21553180

Change-Id: I90171c56ccbb152a1cf7fbca77bb1d56311bebaa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 09:19:35 +00:00
Donnie Pollitz
e31ad0b306 sepolicy: Fix hal_confirmationui_default avc denials 
* Allow for dumpstate

Bug: 261933368
Bug: 264489634
Test: Ran com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: Id70d2a920172e649e4497f4ea1a4ecad33963edc
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-02 09:08:16 +00:00
Ernie Hsu
899ad9c1ab Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev 2023-03-02 08:38:54 +00:00
Hiroshi Akiyama
3e2845abf7 [automerger skipped] Update sepolicy for BCL IRQ durations to dumpstate am: c0587fbf36 -s ours 
am skip reason: Merged-In Icd524bd32ed41c3de72f0e1b13428d76e871d203 with SHA-1 a13ce6baf4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21695208

Change-Id: If74ec57479b0702d5f6e16c761cdb5d1c1ca22ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 07:46:43 +00:00
Hiroshi Akiyama
c0587fbf36 Update sepolicy for BCL IRQ durations to dumpstate 
Bug: 269752322
Test: adb bugreport
Change-Id: Icd524bd32ed41c3de72f0e1b13428d76e871d203
Signed-off-by: Hiroshi Akiyama <hiroshiakiyama@google.com>
Merged-In: Icd524bd32ed41c3de72f0e1b13428d76e871d203
 2023-03-02 06:03:23 +00:00
Wilson Sung
ca89cde996 Add sensor boot-to-home required policy am: d0105abe01 am: 8fa2055112 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552482

Change-Id: I9ed4cf02461f03cb42462b5dce3bbab20a2f18c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 05:07:53 +00:00
Wilson Sung
27f0beff37 Add sensor boot-to-home required policy am: d0105abe01 am: 819a8ad315 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552482

Change-Id: I8b050d6e9eeedb653acf0bd1995479acd0b9a964
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 05:06:39 +00:00
Wilson Sung
819a8ad315 Add sensor boot-to-home required policy am: d0105abe01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552482

Change-Id: Ia81ba6db8dd706968fc627379a7ca1ec0273af79
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 04:30:49 +00:00
Wilson Sung
8fa2055112 Add sensor boot-to-home required policy am: d0105abe01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552482

Change-Id: I95c23468276681b97969e2fe6376e914aed2fe1f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 04:30:49 +00:00
Hiroshi Akiyama
b45a7465cf Merge "Update sepolicy for BCL IRQ durations to dumpstate" 2023-03-02 04:21:56 +00:00
Hiroshi Akiyama
a13ce6baf4 Update sepolicy for BCL IRQ durations to dumpstate 
Bug: 269752322
Test: adb bugreport
Change-Id: Icd524bd32ed41c3de72f0e1b13428d76e871d203
Signed-off-by: Hiroshi Akiyama <hiroshiakiyama@google.com>
 2023-03-02 03:04:08 +00:00
Wilson Sung
4e36ecc334 Merge "Add sensor boot-to-home required policy" to master 
Test: boot-to-home
Fix: 261105336
Change-Id: I2a12d4cf87b00d8dc117ced7062a97016d75275c
 2023-03-02 10:42:55 +08:00
Wilson Sung
d0105abe01 Add sensor boot-to-home required policy 
Test: boot-to-home
Fix: 261105336
Change-Id: I772ff7a294cc5d2448361c164d4e671a41c92c8d
 2023-03-02 02:39:15 +00:00
Wilson Sung
fc8f4f8f24 Allow hal_thermal_default to read iio/odpm sysfs nodes 
Bug: 260366399
Bug: 261651187
Bug: 264204525
Change-Id: I7358b7740f6c30bd7b05e29e931a4c11226c6253
 2023-03-01 16:21:33 +00:00
Ernie Hsu
4d90089d25 move mediacodec_samsung build config and sepolicy to gs-common 
Bug: 263444717
Test: build pass, camera record, youtube
Change-Id: I8fa4d79495b3971429b977a63aed811ef8d62ddb
 2023-03-01 10:12:22 +00:00
Kenny Root
0f36fcebb2 Merge "Add GSA logs policy" 2023-03-01 05:51:40 +00:00
Richard Chang
68ed00878b Merge "sepolicy: update init.te for zram device" into udc-dev am: 3c52a9ab3b am: 2f31611036 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21578379

Change-Id: If5dcd916cd78b538f5d5e9a68f8a76fdd03e5175
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 05:16:38 +00:00
Richard Chang
fb7193c798 Merge "sepolicy: update init.te for zram device" into udc-dev am: 3c52a9ab3b am: 92ec39e932 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21578379

Change-Id: Icf93e34b300bfd10e00afd6e58317b07a246290c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 05:15:53 +00:00
Armelle Laine
ab3b587970 Merge "Define selinux properties for /dev/block/by-name/trusty_persist" into udc-dev am: d38c507ef6 am: 0da9e2ff96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21617065

Change-Id: I3054c7f5b73b57c4d5ce1b28afe410730ceec71f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 05:15:31 +00:00
Armelle Laine
2c30225d68 Merge "Define selinux properties for /dev/block/by-name/trusty_persist" into udc-dev am: d38c507ef6 am: 39a9021703 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21617065

Change-Id: Ifd00df6d99b890a24a73d50dab3b9b42c740c856
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 05:15:14 +00:00
Richard Chang
92ec39e932 Merge "sepolicy: update init.te for zram device" into udc-dev am: 3c52a9ab3b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21578379

Change-Id: I066aaa3efd492aea906ac778be9ff8c3e696850d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 04:40:53 +00:00
Richard Chang
2f31611036 Merge "sepolicy: update init.te for zram device" into udc-dev am: 3c52a9ab3b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21578379

Change-Id: I128719b2f9e1af2a649913faabcca8dc3e94e749
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 04:40:50 +00:00
Armelle Laine
39a9021703 Merge "Define selinux properties for /dev/block/by-name/trusty_persist" into udc-dev am: d38c507ef6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21617065

Change-Id: I7774f4fba285cd3a8b65c9c78245da5ee39d9c61
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 04:40:29 +00:00
Armelle Laine
0da9e2ff96 Merge "Define selinux properties for /dev/block/by-name/trusty_persist" into udc-dev am: d38c507ef6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21617065

Change-Id: I66c16c9377b4af6c924adfee4b983acff7993e0e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 04:39:44 +00:00
Richard Chang
3c52a9ab3b Merge "sepolicy: update init.te for zram device" into udc-dev 2023-03-01 04:28:58 +00:00
Armelle Laine
d38c507ef6 Merge "Define selinux properties for /dev/block/by-name/trusty_persist" into udc-dev 2023-03-01 03:41:09 +00:00
Kenny Root
076591d107 Add GSA logs policy 
This adds a label to the sysfs files for GSA logs to allow dumpstate to
read them during a bugreport.

Bug: 271125313
Test: adb shell dumpstate
Change-Id: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
 2023-02-28 18:33:23 -08:00
Richard Chang
ee8c7c2df2 sepolicy: update init.te for zram device 
Bug: 269221861
Bug: 270633329
Test: Boot
Change-Id: I050e9a72006dcd0b71ba1232e38e5f96bce4c967
 2023-03-01 02:04:24 +00:00
TreeHugger Robot
63f78e7b2e Merge "Update bug_map" into udc-dev am: 627e6c1648 am: 312d50fd92 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21649588

Change-Id: I1ea8df25e7cdd1a0e9283b01c51693caefb82893
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 01:54:20 +00:00
TreeHugger Robot
9986e1ef13 Merge "Update bug_map" into udc-dev am: 627e6c1648 am: 81390587ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21649588

Change-Id: Iafb1c4276f8d1aa8a9e01090b44f76de8aade0db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 01:50:18 +00:00
TreeHugger Robot
81390587ae Merge "Update bug_map" into udc-dev am: 627e6c1648 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21649588

Change-Id: I6c9b8ad61f3ebc5cfab067016b0029b111bc4625
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 00:54:48 +00:00
TreeHugger Robot
312d50fd92 Merge "Update bug_map" into udc-dev am: 627e6c1648 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21649588

Change-Id: Ie65327b364ad73df29b337d2de4ad8df51fbfb08
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 00:54:30 +00:00
TreeHugger Robot
627e6c1648 Merge "Update bug_map" into udc-dev 2023-02-28 23:56:31 +00:00
Jonglin Lee
3c0dd54d80 Add perfmon policies am: 167eba3ad9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21649593

Change-Id: Ibb15e72ed9d9bd5abbf5659bc3b7e925ec88d029
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-28 21:47:09 +00:00
Jonglin Lee
167eba3ad9 Add perfmon policies 
Add perfmon policies to fix hotplug issues.

Bug: 271024526
Bug: 271007431
Change-Id: I974bd99224b983454c6af47f4a08a4fe20699834
Signed-off-by: Jonglin Lee <jonglin@google.com>
 2023-02-28 10:19:26 -08:00
Xu Han
fe5bb58212 Update bug_map 
Bug: 264483024
Test: Build.
Change-Id: I9a1574b5997d9ac5d26100254c7e20b81930df50
 2023-02-28 09:34:58 -08:00
Cody Heiner
46a2c2df5e Allow twoshay → systemui_app binder call for zuma devices (2) am: dc0b4fc9e9 am: 2d46df5e9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21591811

Change-Id: Iad3100b2d8e84db8e3a42db04205cc0cc7dd9fc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-27 23:21:23 +00:00
Cody Heiner
09693b450a Allow twoshay → systemui_app binder call for zuma devices (2) am: dc0b4fc9e9 am: 609c49485d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21591811

Change-Id: Ice0eb43e04ded0cf95309f5a9e4353413cbbdbb7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-27 23:21:06 +00:00
Cody Heiner
2d46df5e9a Allow twoshay → systemui_app binder call for zuma devices (2) am: dc0b4fc9e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21591811

Change-Id: I520655872e8d74b3cadc9f89f795173f5d3874e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-27 22:49:53 +00:00
Cody Heiner
609c49485d Allow twoshay → systemui_app binder call for zuma devices (2) am: dc0b4fc9e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21591811

Change-Id: I04b8ce8cb19be7c8634c78fb7e73e308eba9081d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-27 22:46:45 +00:00
Armelle Laine
d27961dc1b Define selinux properties for /dev/block/by-name/trusty_persist 
Bug: 247013568
Test: - Verify that this change is a NOP for devices with TDP already
        created on top of the legacy f2fs partition /mnt/vendor/persist/ss
      - Verify that this change creates a valid symlink on a manually
        migrated block device
Change-Id: I226f365c6afbb5fa91ec1c9c1943f8dddac8183a
 2023-02-27 22:42:08 +00:00
Armelle Laine
1731179cf1 Merge "Define selinux properties for /dev/block/by-name/trusty_persist" 2023-02-27 20:07:35 +00:00
Cody Heiner
dc0b4fc9e9 Allow twoshay → systemui_app binder call for zuma devices (2) 
Splitting system_app (b/264266705) caused the avc denial below,
causing b/269981541. This change allows the denied binder call
and fixes the bug.

Denial message:
avc: denied { call } for scontext=u:r:twoshay:s0 tcontext=u:r:systemui_app:s0:c230,c256,c512,c768 tclass=binder permissive=0

Note: this is a re-submit of ag/21529713, after sorting out the
SEPolicy issues described in b/270444888.

Test: flash P23 and Bluejay devices with this change plus ag/21591673,
  run `adb shell device_config put twoshay_native test_flag_name test_flag_value`,
  → TouchContextService.java logs corresponding property changed message.

Bug: 270444888

Change-Id: I40d70cf19930eb334ba3250d58a0cbc39b50764b
 2023-02-24 18:19:09 -08:00
Wilson Sung
f69013330b Add SSR property access and remove obsolete denials am: 546b787a40 am: d5f419a6d4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552480

Change-Id: Iae1162526f5642964bd0f881306a2e767b7d0706
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 12:53:22 +00:00
Wilson Sung
d5f419a6d4 Add SSR property access and remove obsolete denials am: 546b787a40 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21552480

Change-Id: I4f6a1cfab59730efc3002351d7c66313651657e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 12:20:23 +00:00
Wilson Sung
b264162687 Merge "Add SSR property access and remove obsolete denials" 
Bug: 268572164
Change-Id: I4285b0558dd2ff3bb8d4f54dfa1690828f65129a
 2023-02-24 18:42:48 +08:00
Wilson Sung
546b787a40 Add SSR property access and remove obsolete denials 
Bug: 268572164
Change-Id: I5756510b2eb2696aade93dd6b15a111f5dca58ef
 2023-02-24 10:33:45 +00:00
Amy Hsu
c80e8b8a07 Merge "Revise sepolicy because of refactor HbmSvManager" into udc-dev am: ae4c77ebda am: 0089c57d7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503754

Change-Id: I26f9fba860b8e8c4ac3f789b2e706b756597baa0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 09:33:09 +00:00
Amy Hsu
64432e87a4 Merge "Revise sepolicy because of refactor HbmSvManager" into udc-dev am: ae4c77ebda 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503754

Change-Id: Ia8f236afbb9e940d0cb28662d03719671f2b2c31
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 08:59:54 +00:00
Amy Hsu
0089c57d7d Merge "Revise sepolicy because of refactor HbmSvManager" into udc-dev am: ae4c77ebda 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503754

Change-Id: I39e6bc8af10f8a5025168ec84ef41cf0aabb22dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 08:59:26 +00:00
Amy Hsu
ae4c77ebda Merge "Revise sepolicy because of refactor HbmSvManager" into udc-dev 2023-02-24 08:14:49 +00:00
Suki Liu
3f5195c678 Merge "Update SELinux error" into udc-dev am: e476047167 am: e0d1b24d12 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21571001

Change-Id: I37da08eb4c399eae6e44e9be684e1c97bb6d4e16
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 06:41:16 +00:00
Adam Shih
57a6a7f897 Merge "Move HWC dump to gs-common" into udc-dev am: 9675dc064a am: fcf2a4aa78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533829

Change-Id: Idec0beb597167cbc8c35c7442e8f4c3b6896f6c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 06:35:53 +00:00
Suki Liu
e0d1b24d12 Merge "Update SELinux error" into udc-dev am: e476047167 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21571001

Change-Id: I7624d1a1234dccbc7cc741878879e8a2ff8828ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 06:15:39 +00:00
Adam Shih
fcf2a4aa78 Merge "Move HWC dump to gs-common" into udc-dev am: 9675dc064a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533829

Change-Id: Iebdf3ee606db9a0d74d3d2b631e7dc21984b054b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 05:41:10 +00:00
Suki Liu
41b9c8d4ce Merge "Update SELinux error" into udc-dev am: e476047167 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21571001

Change-Id: I33b65ed85d563132a531b27a757df04ca2f58137
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 05:40:50 +00:00
Suki Liu
e476047167 Merge "Update SELinux error" into udc-dev 2023-02-24 04:59:32 +00:00
Adam Shih
965fa5a7dc Merge "Move HWC dump to gs-common" into udc-dev am: 9675dc064a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533829

Change-Id: I04fc66b217b2cf30d035b50f60aef655ccd02dcf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-24 04:05:26 +00:00
Adam Shih
9675dc064a Merge "Move HWC dump to gs-common" into udc-dev 2023-02-24 03:17:38 +00:00
Amy Hsu
c186dbd6db Revise sepolicy because of refactor HbmSvManager 
1. Set sepolicy correctly, make it the same as gs201.
2. Rename hbmsvmanager to pixeldisplayservice due to refactor.
3. Add arm_mali_platform_service for pixeldisplayservcice

Bug: 241498235
Bug: 262794939
Bug: 263185136
Bug: 264489797
Test: Verify LBE and shadow compensation functions.
      Make sure there is no avc denied.
Change-Id: I2a4bb5d6b863edc00b789fd6df8d46f90164d9f2
 2023-02-24 02:06:35 +00:00
sukiliu
362a8ac82c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 270633329
Change-Id: Ia7af3ec3ee9c8b80e22a8eb55fd61d58b6c73980
 2023-02-24 09:59:58 +08:00
TreeHugger Robot
53a1a9dbf7 Merge "Partially revert commit e70b98af09fad85f66736f6d2313b97e8b2db1e1." into udc-dev am: 3d1d5e0b15 am: d716668597 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21546042

Change-Id: I8aedd5804fbdab372225c26cedbb812c4de5582d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 18:10:48 +00:00
TreeHugger Robot
d716668597 Merge "Partially revert commit e70b98af09fad85f66736f6d2313b97e8b2db1e1." into udc-dev am: 3d1d5e0b15 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21546042

Change-Id: Iff0271baa6f339ab24cb81d3d928fa71cfe14640
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 16:45:01 +00:00
TreeHugger Robot
a0af1bfb89 Merge "Partially revert commit e70b98af09fad85f66736f6d2313b97e8b2db1e1." into udc-dev am: 3d1d5e0b15 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21546042

Change-Id: I18305418bd4ff9003d3e8d85adc314d298ace405
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 16:44:45 +00:00
TreeHugger Robot
3d1d5e0b15 Merge "Partially revert commit e70b98af09fad85f66736f6d2313b97e8b2db1e1." into udc-dev 2023-02-23 16:13:11 +00:00
Jörg Wagner
aa24e4e805 Merge "Update Mali DDK to r40 : Additional SELinux settings" 2023-02-23 13:18:05 +00:00
Richard Chang
d9d12a2df5 Merge "sepolicy: clean up tracking_denials for zram" into udc-dev am: d207b85ab3 am: d90c71c987 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21549121

Change-Id: If407d7034030e13fc19b381cb2f39c81417a2874
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 09:04:14 +00:00
Richard Chang
f27096658d Merge "sepolicy: clean up tracking_denials for zram" into udc-dev am: d207b85ab3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21549121

Change-Id: I7e57e4e321919521a1461f3011e028dc2e965143
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 08:31:06 +00:00
Richard Chang
d90c71c987 Merge "sepolicy: clean up tracking_denials for zram" into udc-dev am: d207b85ab3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21549121

Change-Id: Ifb6a1d623d7c42d7a69a24ae7f8dc815cf0d2630
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 08:28:32 +00:00
Richard Chang
d207b85ab3 Merge "sepolicy: clean up tracking_denials for zram" into udc-dev 2023-02-23 07:37:28 +00:00
Wilson Sung
e8e8037ecd Add chre policy am: fb2e376d26 am: a4ccb38798 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533834

Change-Id: I936fba49e515417b3b74a5bdd44d006b65f300dd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 06:03:37 +00:00
Wilson Sung
f6813e983b Remove camera dontaudit am: 6f141a6526 am: 640d478d5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503759

Change-Id: I15e25c6faac9aaca4d1028367cc9740ddbf786b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 06:03:35 +00:00
Ian Kasprzak
1b1fe4d3cc Partially revert commit e70b98af09. 
Remove twoshay references, with commit 9019c55645
reverted it references a non-existent file.

Bug: b/270434708
Test: Verified with go/abtd build

Reason for revert: b/270434708 - Breaks git_udc-d1-dev-plus-aosp-without-vendor builds.

Change-Id: I5705d214218107226ae3dd4959406f3ec05afa90
 2023-02-23 05:45:07 +00:00
Wilson Sung
a4ccb38798 Add chre policy am: fb2e376d26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533834

Change-Id: Iff4cde7901e7d05627e7f9f7c0d27fc457bba4dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:14:46 +00:00
Wilson Sung
640d478d5a Remove camera dontaudit am: 6f141a6526 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503759

Change-Id: I29c37dc676b4754cc1ce9f4c2620e52d278c36a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:14:45 +00:00
Wilson Sung
540f2a5803 Add chre policy am: fb2e376d26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533834

Change-Id: Ief4f5dbb715527d079a7a5b75dd97ca552d957b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:09:58 +00:00
Wilson Sung
d6127ccff7 Remove camera dontaudit am: 6f141a6526 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503759

Change-Id: I821bf958fcfb873e4ed4b413038a9cb456160602
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:09:56 +00:00
Richard Chang
e6f6cca02a sepolicy: clean up tracking_denials for zram 
The zram SELinux errors didn't exist in recent build
(9633105, 9642683).
Remove the record in tracking_denials/init.te.

Bug: 269221861
Test: Check log
Change-Id: I4057aaf960aef885d4d894ae5dc51f93e71afd83
 2023-02-23 03:57:57 +00:00
Wilson Sung
fb2e376d26 Add chre policy 
Bug: 260522435
Bug: 261105224
Test: boot-to-home
Change-Id: Icd8f1ad497357bbbcb9e34509c736f3976ff0ac7
 2023-02-23 11:05:15 +08:00
Wilson Sung
6f141a6526 Remove camera dontaudit 
Bug: 267843409
Bug: 268226491
Change-Id: Idce5518072fc266b45c2fbc5269915b19ceb19e8
 2023-02-23 11:04:47 +08:00
Ian Kasprzak
5bb246f13c Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev am: e3af6770ab am: 271f7404bc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21540614

Change-Id: I4d2749018bb251c764fa37e7d56088dea9164dc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 01:47:16 +00:00
Ian Kasprzak
271f7404bc Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev am: e3af6770ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21540614

Change-Id: Icd890d614ecec5e1b5688735fcbb8e0a49e6599f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 00:57:14 +00:00
Ian Kasprzak
ef751422ca Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev am: e3af6770ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21540614

Change-Id: I42ebdcee19667f1cce20aa704792ba5e45957dcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 00:53:50 +00:00
Ian Kasprzak
e3af6770ab Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev 2023-02-22 22:28:43 +00:00
Ian Kasprzak
cbf2b3fdb2 Revert "Allow twoshay → systemui_app binder call for zuma devices" 
This reverts commit 9019c55645.

Reason for revert: b/270434708 - Breaks git_udc-d1-dev-plus-aosp-without-vendor builds.

Change-Id: Iab5bf42754760dedbe26dd684c373ba9ec3af70b
 2023-02-22 22:28:33 +00:00
Wilson Sung
11f7df1638 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev am: 2dc224c7b9 am: b41fd56de0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532246

Change-Id: Ia5f365e32eab587d4121fc7b6a05b7913f721991
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 06:33:16 +00:00
Wilson Sung
8f6a517f41 Merge "Remove touch_context_service to avoid compile error" into udc-dev am: dfd3296451 am: 0e5858d50e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532245

Change-Id: I15971b1ec0fd8ddf4a74284a0ad2c6959914ce10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 06:31:20 +00:00
Adam Shih
90d9b97221 Move HWC dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I616f0af4d9ba466d62d87e7fc912c8c3201f7f65
 2023-02-22 13:55:50 +08:00
Wilson Sung
b41fd56de0 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev am: 2dc224c7b9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532246

Change-Id: I82eda4ee49a78b35b91c0ad8f3e81e2b525c73dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:23:46 +00:00
Wilson Sung
0e5858d50e Merge "Remove touch_context_service to avoid compile error" into udc-dev am: dfd3296451 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532245

Change-Id: I1de205b76e27cab0040e1054568a4020562e1a57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:22:30 +00:00
Wilson Sung
e148d76c21 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev am: 2dc224c7b9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532246

Change-Id: Ia9f0aaa2adb046417417119b6517d3af854d760c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:20:07 +00:00
Wilson Sung
54928d8c4e Merge "Remove touch_context_service to avoid compile error" into udc-dev am: dfd3296451 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532245

Change-Id: Ifa8f7f79c4c9c1e741913367d7128983008fd693
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:18:00 +00:00
Cody Heiner
7229048556 Allow twoshay → systemui_app binder call for zuma devices am: 9019c55645 am: baf09b5ab9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21529713

Change-Id: Id247eb47d54b270e994d7316685303e59d77fbc8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:14:01 +00:00
Wilson Sung
2dc224c7b9 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev 2023-02-22 04:49:33 +00:00
Wilson Sung
dfd3296451 Merge "Remove touch_context_service to avoid compile error" into udc-dev 2023-02-22 04:32:18 +00:00
Armelle Laine
75ec1c9470 Define selinux properties for /dev/block/by-name/trusty_persist 
Bug: 247013568
Test: - Verify that this change is a NOP for devices with TDP already
        created on top of the legacy f2fs partition /mnt/vendor/persist/ss
      - Verify that this change creates a valid symlink on a manually
        migrated block device
Change-Id: I226f365c6afbb5fa91ec1c9c1943f8dddac8183a
 2023-02-22 04:28:08 +00:00
Cody Heiner
e4c5aedc21 Allow twoshay → systemui_app binder call for zuma devices am: 9019c55645 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21529713

Change-Id: I100420439bdb38eac30b6fdb11b1aa668b687227
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 04:04:01 +00:00
Cody Heiner
baf09b5ab9 Allow twoshay → systemui_app binder call for zuma devices am: 9019c55645 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21529713

Change-Id: Id48b48c9e374dab6bf58b50bde30ea9f2387a56e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 04:04:00 +00:00
Wilson Sung
ca241fa76c Add hal_bootctl_default write permission to devinfo_block_device 
Bug: 270236357
Change-Id: I40219dbd726ddebb277e592353bd9f0b249dd01f
 2023-02-22 11:23:32 +08:00
Wilson Sung
328cbaaa41 Remove touch_context_service to avoid compile error 
Bug: 270157082
Change-Id: I1d5d573ddb1d7323e7c66386928074fd06cfc484
 2023-02-22 11:16:15 +08:00
Wilson Sung
e6485106b6 Add hal_bootctl related policy am: bab5b72f86 am: 393e31b676 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508207

Change-Id: I3a060c0fe0d6d4a2e2b516e443b792ce54c186d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:36:44 +00:00
Wilson Sung
bfab4be3c4 Enforce kernel domain am: da09093d88 am: 06d8b16f05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503757

Change-Id: I0012c8c383b097d56cecc624f82cacdfe5deb877
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:36:43 +00:00
Wilson Sung
9a8e9b5918 Temporary allow kernel access same_process_hal am: 9457e5260e am: 45c7bbe3cd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503756

Change-Id: Ie3d5523b61c829f6ac1c6b895bf83668ff651830
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:36:41 +00:00
Wilson Sung
6c52227cd4 Remove vendor_fw_file related dontaudit am: 86931fb2ea am: fa379e036e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503752

Change-Id: I178aa114c7f7cd901798eaaca661c7c31100542a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:27:02 +00:00
Cody Heiner
9019c55645 Allow twoshay → systemui_app binder call for zuma devices 
Splitting system_app (b/264266705) caused the avc denial below,
causing b/269981541. This change allows the denied binder call
and fixes the bug.

Denial message:
avc: denied { call } for scontext=u:r:twoshay:s0 tcontext=u:r:systemui_app:s0:c230,c256,c512,c768 tclass=binder permissive=0

Test: flash P23 device with ag/21526491 along with this change
  → twoshay runs normally.

Fixes: 269981541
Change-Id: Ib3cf6f44b6288ed5c7c773e2ad670d2fd0aeee96
 2023-02-21 23:58:05 +00:00
Wilson Sung
0e7828c0a5 Add hal_bootctl related policy am: bab5b72f86 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508207

Change-Id: Ibcb404bff2c8d72121d4aa8e9d1ee13932d4b471
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:06:50 +00:00
Wilson Sung
722ee868e6 Enforce kernel domain am: da09093d88 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503757

Change-Id: I311c9b36ff69366af3d90e9c4ee6cc64768de951
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:06:48 +00:00
Wilson Sung
0747bf2abc Temporary allow kernel access same_process_hal am: 9457e5260e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503756

Change-Id: I6f8eac71b9743b82e7cae48a53675b9db4080f01
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:06:47 +00:00
Wilson Sung
393e31b676 Add hal_bootctl related policy am: bab5b72f86 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508207

Change-Id: Ic3ea1d971850ee209d9cfc61ba448ff62bbde5f5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:04:44 +00:00
Wilson Sung
06d8b16f05 Enforce kernel domain am: da09093d88 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503757

Change-Id: I1afd59c7608813cf9d3b0a24cf1425bab3a12695
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:04:43 +00:00
Wilson Sung
45c7bbe3cd Temporary allow kernel access same_process_hal am: 9457e5260e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503756

Change-Id: I75ddf39c43d69ea538d4a267145512ca710b22f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:04:42 +00:00
Wilson Sung
f5b16f4093 Remove vendor_fw_file related dontaudit am: 86931fb2ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503752

Change-Id: I88027931977acd7f0d6df4e5c6a43f427fd54ef6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:01:45 +00:00
Wilson Sung
fa379e036e Remove vendor_fw_file related dontaudit am: 86931fb2ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503752

Change-Id: I7a2f5722366ee38887ecdd5d5a43db0bfd8ccd26
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:00:36 +00:00
Wilson Sung
bab5b72f86 Add hal_bootctl related policy 
Bug: 260522436
Bug: 264489609
Bug: 264483787
Change-Id: Iaa22899bb21ff41c1fa259830e5f49623ff8429b
 2023-02-21 19:59:04 +08:00
Wilson Sung
da09093d88 Enforce kernel domain 
Bug: 264490052
Test: boot-to-home
Change-Id: I383b689b5c26c08d66307b677e36b28f2ab6f7dd
 2023-02-21 19:29:15 +08:00
Wilson Sung
9457e5260e Temporary allow kernel access same_process_hal 
Add the access to unblock user build boot-to-home

Bug: 260522245
Change-Id: I98f77b2de4961120be9c6073afc18e12e2637e81
 2023-02-21 19:28:25 +08:00
Wilson Sung
86931fb2ea Remove vendor_fw_file related dontaudit 
Bug: 262794429
Bug: 261933155
Change-Id: I62b4037835a462b46b82df4059cdebf679c295b2
 2023-02-21 15:00:58 +08:00
leochuang
407036361c Update SELinux error am: 6747816919 am: 62d244482e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504315

Change-Id: Ie93d259107be8337eae48d9e97ea0af5138679d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 05:44:53 +00:00
leochuang
62d244482e Update SELinux error am: 6747816919 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504315

Change-Id: I7c2a39a18128af2c47bef09340738028fea686cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 04:32:47 +00:00
leochuang
f1eebd6ddf Update SELinux error am: 6747816919 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504315

Change-Id: I3374070e0d2b6c30addfd6f8e33f44be0fbbcb64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 04:30:51 +00:00
leochuang
6747816919 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 269964558
Bug: 267714573
Bug: 269964574
Bug: 269812912
Change-Id: I61a274c01c6921b9b7e3df8814cf83f43bba342a
 2023-02-21 02:16:40 +00:00
Wilson Sung
5b57683191 [automerger skipped] Revert "Revert "Update error on ROM 9624328"" am: e70b98af09 am: 19d86dcfc0 -s ours 
am skip reason: Merged-In I25b0f417af3e741719f959aed79e7e330687e117 with SHA-1 e70b98af09 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508208

Change-Id: I24ac53854687eca475273299e30dd1628c35609d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 00:21:15 +00:00
Ken Yang
76dbfec0be [automerger skipped] WLC: cleanup the unused hal_wlc policies am: 58a6a1e772 am: 024703040d -s ours 
am skip reason: Merged-In I90b9e442082b8e03e76ce63aaee56e5882933449 with SHA-1 58a6a1e772 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508214

Change-Id: I8599f729c13302272f2e255261b09a7ba03620ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 00:20:50 +00:00
Ken Yang
d07cc77fe5 [automerger skipped] WLC: cleanup WLC trakcing_denials am: 670b22c2c7 am: c43be3da60 -s ours 
am skip reason: Merged-In I2b3fda7b1b84ff4407eee4017df351f9f1d3bb51 with SHA-1 670b22c2c7 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508213

Change-Id: Ie7e75c3f4ec4fae2986b5cc9ee6b1f7fcdedd50a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 00:20:49 +00:00
Kah Xuan Lim
218fd53e24 [automerger skipped] modem_svc_sit: grant modem property access am: 4e270f1615 am: c7adfd1151 -s ours 
am skip reason: Merged-In Id5e66d94eb14c6979d3b93d54fd73634444cdea1 with SHA-1 4e270f1615 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508212

Change-Id: I22ef0f4a48a327abd4428f15c7dd1618b1ced577
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 00:20:38 +00:00
Wilson Sung
10d51509d6 [automerger skipped] allow bootctl to read devinfo am: 931ea0d342 am: 3bf76884bb -s ours 
am skip reason: Merged-In I41d2763ffe40d7465a11cc86612fed9f92905eff with SHA-1 931ea0d342 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508211

Change-Id: Ic1852041e0d578db96cf48c0e5e0a108a5ac1a3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 00:20:11 +00:00
Wilson Sung
c0f75d7921 [automerger skipped] Remove proc_vendor_sched obsolete denials am: 676c7a674c am: d952aae49a -s ours 
am skip reason: Merged-In I308df50eefe611a0a87afc9a21387465487cc6ea with SHA-1 676c7a674c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508210

Change-Id: I888010b9169a85259c48cfc8cefe5a8c9ad96547
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 00:20:09 +00:00
Nicole Lee
7ee114dd54 [automerger skipped] logger_app: don't audit default_prop and fix errors am: 7706be6c71 am: cf40697979 -s ours 
am skip reason: Merged-In I8999372d243286586eb53602e167fa111d39a00f with SHA-1 7706be6c71 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508209

Change-Id: I0e43c6f77ce597138d47fad193dc14d2d29da7cb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 00:20:08 +00:00
Wilson Sung
19d86dcfc0 Revert "Revert "Update error on ROM 9624328"" am: e70b98af09 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508208

Change-Id: I99c6e1a5473691fbca41957b934b270f8493e2cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:12:59 +00:00
Ken Yang
024703040d WLC: cleanup the unused hal_wlc policies am: 58a6a1e772 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508214

Change-Id: I8aafb32f9a5c0bcd8f74e382a2f893fa71433b7d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:12:41 +00:00
Ken Yang
c43be3da60 WLC: cleanup WLC trakcing_denials am: 670b22c2c7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508213

Change-Id: Iff19425d747d5c03e4e10ae284523ef659b29200
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:12:35 +00:00
Kah Xuan Lim
c7adfd1151 modem_svc_sit: grant modem property access am: 4e270f1615 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508212

Change-Id: Iad92808f73b22345e16d7ca602e57d25f01d42a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:11:57 +00:00
Wilson Sung
3bf76884bb allow bootctl to read devinfo am: 931ea0d342 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508211

Change-Id: Iba6993ef61237c11fa1a1c2eb493e339f32f16f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:11:00 +00:00
Wilson Sung
d952aae49a Remove proc_vendor_sched obsolete denials am: 676c7a674c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508210

Change-Id: Ib6e4ec093a81dd47ce32d3a110cd525fd9a5afb9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:10:58 +00:00
Nicole Lee
cf40697979 logger_app: don't audit default_prop and fix errors am: 7706be6c71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508209

Change-Id: I10e07e96719038edaa420519e4e705cff9e9da49
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:10:55 +00:00
Wilson Sung
7ebe356b25 [automerger skipped] Revert "Revert "Update error on ROM 9624328"" am: e70b98af09 -s ours 
am skip reason: Merged-In I25b0f417af3e741719f959aed79e7e330687e117 with SHA-1 47570e0ed6 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508208

Change-Id: I648005a9da414a45147f1b96a1b9713c6ac7701a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:09:44 +00:00
Ken Yang
09c84f9c05 [automerger skipped] WLC: cleanup the unused hal_wlc policies am: 58a6a1e772 -s ours 
am skip reason: Merged-In I90b9e442082b8e03e76ce63aaee56e5882933449 with SHA-1 6f9844d137 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508214

Change-Id: If4a61aec985ac1afae878b8c55b6d7f4b0fce2d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:09:33 +00:00
Ken Yang
b916e536c6 [automerger skipped] WLC: cleanup WLC trakcing_denials am: 670b22c2c7 -s ours 
am skip reason: Merged-In I2b3fda7b1b84ff4407eee4017df351f9f1d3bb51 with SHA-1 da69d2a494 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508213

Change-Id: Ia10406b389c96373271971825f431283aaead828
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:09:32 +00:00
Kah Xuan Lim
ac962b6c02 [automerger skipped] modem_svc_sit: grant modem property access am: 4e270f1615 -s ours 
am skip reason: Merged-In Id5e66d94eb14c6979d3b93d54fd73634444cdea1 with SHA-1 77ce224141 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508212

Change-Id: Ide9a301546fbe8123e79635bcb9948975ed1fb53
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:09:07 +00:00
Wilson Sung
c58e5f5b99 [automerger skipped] allow bootctl to read devinfo am: 931ea0d342 -s ours 
am skip reason: Merged-In I41d2763ffe40d7465a11cc86612fed9f92905eff with SHA-1 967da5da4f is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508211

Change-Id: I214b208e67770556f95b68b4831ba9257a3334f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:08:21 +00:00
Wilson Sung
794fc587fb [automerger skipped] Remove proc_vendor_sched obsolete denials am: 676c7a674c -s ours 
am skip reason: Merged-In I308df50eefe611a0a87afc9a21387465487cc6ea with SHA-1 6545bc156a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508210

Change-Id: I9651a19016960762493b45e73ae36fb87c4e10a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:08:19 +00:00
Nicole Lee
eed60fbd0b [automerger skipped] logger_app: don't audit default_prop and fix errors am: 7706be6c71 -s ours 
am skip reason: Merged-In I8999372d243286586eb53602e167fa111d39a00f with SHA-1 ef1d13d86d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508209

Change-Id: I2225951e84dbc4e43035a9c9835ae266df103e6b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 23:08:17 +00:00
Wilson Sung
e70b98af09 Revert "Revert "Update error on ROM 9624328"" 
This reverts commit d8572861e3.

Remove hal_googlebattery related denied

Bug: 269813282
Bug: 269813059
Bug: 268566481
Bug: 269812912
Merged-In: I25b0f417af3e741719f959aed79e7e330687e117
Change-Id: I25b0f417af3e741719f959aed79e7e330687e117
 2023-02-20 11:06:17 +00:00
Ken Yang
58a6a1e772 WLC: cleanup the unused hal_wlc policies 
Bug: 264489562
Bug: 262455719
Bug: 260366297
Bug: 260363384
Signed-off-by: Ken Yang <yangken@google.com>
(cherry picked from commit 6f9844d137)
Merged-In: I90b9e442082b8e03e76ce63aaee56e5882933449
Change-Id: I90b9e442082b8e03e76ce63aaee56e5882933449
 2023-02-20 11:05:53 +00:00
Ken Yang
670b22c2c7 WLC: cleanup WLC trakcing_denials 
Bug: 268566583
Signed-off-by: Ken Yang <yangken@google.com>
(cherry picked from commit da69d2a494)
Merged-In: I2b3fda7b1b84ff4407eee4017df351f9f1d3bb51
Change-Id: I2b3fda7b1b84ff4407eee4017df351f9f1d3bb51
 2023-02-20 11:05:25 +00:00
Kah Xuan Lim
4e270f1615 modem_svc_sit: grant modem property access 
Log message gotten before adding the policy:
avc: denied { connectto } for comm="modem_svc_sit" path="/dev/socket/property_service" scontext=u:r:modem_svc_sit:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1

Bug: 247669574
(cherry picked from commit 77ce224141)
Merged-In: Id5e66d94eb14c6979d3b93d54fd73634444cdea1
Change-Id: Id5e66d94eb14c6979d3b93d54fd73634444cdea1
 2023-02-20 11:04:11 +00:00
Wilson Sung
931ea0d342 allow bootctl to read devinfo 
Bug: 260522436
(cherry picked from commit 967da5da4f)
Merged-In: I41d2763ffe40d7465a11cc86612fed9f92905eff
Change-Id: I41d2763ffe40d7465a11cc86612fed9f92905eff
 2023-02-20 11:02:28 +00:00
Wilson Sung
676c7a674c Remove proc_vendor_sched obsolete denials 
Bug: 264490054
(cherry picked from commit 6545bc156a)
Change-Id: I308df50eefe611a0a87afc9a21387465487cc6ea
Merged-In: I308df50eefe611a0a87afc9a21387465487cc6ea
 2023-02-20 11:01:42 +00:00
Nicole Lee
7706be6c71 logger_app: don't audit default_prop and fix errors 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:default_prop:s0" dev="tmpfs" ino=153 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger
avc: denied { search } for name="ssrdump" dev="dm-44" ino=377 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=0 app=com.android.pixellogger
avc: denied { search } for name="coredump" dev="dm-44" ino=378 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:sscoredump_vendor_data_coredump_file:s0 tclass=dir permissive=0 app=com.android.pixellogger

Bug: 264489961
Bug: 269383459
Test: Make sure no avc denied for logger_app when using Pixel Logger
(cherry picked from commit ef1d13d86d)
Change-Id: I8999372d243286586eb53602e167fa111d39a00f
Merged-In: I8999372d243286586eb53602e167fa111d39a00f
 2023-02-20 11:00:59 +00:00
TreeHugger Robot
9adfa9a961 Merge "Revert "Revert "Update error on ROM 9624328""" 2023-02-20 08:00:15 +00:00
Sean.JS Tsai
6f7bde4d0e Merge "Revert "Update error on ROM 9624328"" into udc-dev am: 8838f4e286 am: f0e29936a5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21502536

Change-Id: Ie75b3d535e6dbe6d5dbad91fa69df58e61c25b27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 07:55:14 +00:00
Wilson Sung
47570e0ed6 Revert "Revert "Update error on ROM 9624328"" 
This reverts commit d8572861e3.

Remove hal_googlebattery related denied

Bug: 269813282
Bug: 269813059
Bug: 268566481
Bug: 269812912
Change-Id: I25b0f417af3e741719f959aed79e7e330687e117
 2023-02-20 15:07:14 +08:00
Sean.JS Tsai
f0e29936a5 Merge "Revert "Update error on ROM 9624328"" into udc-dev am: 8838f4e286 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21502536

Change-Id: I564275400b71dd3f2859b4a4cf7b4bcce56e0969
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 06:46:09 +00:00
Sean.JS Tsai
5c6a9053e5 Merge "Revert "Update error on ROM 9624328"" into udc-dev am: 8838f4e286 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21502536

Change-Id: I6be9c22256297c1417b6f9f4c361ba1e818b540f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 06:44:47 +00:00
Sean.JS Tsai
8838f4e286 Merge "Revert "Update error on ROM 9624328"" into udc-dev 2023-02-20 05:59:29 +00:00
TreeHugger Robot
0d91c28418 Merge "Update error on ROM 9624328" into udc-dev am: ea203448fd am: f5aeedf6fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21482714

Change-Id: Ia337af931a821f03c8c72f491113eea8e7bf043f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 05:23:43 +00:00
Sean.JS Tsai
d8572861e3 Revert "Update error on ROM 9624328" 
This reverts commit cf747f40d6.

Reason for revert: <b/269976373>

Change-Id: I1bee9c1da2571ab753c2193491ebc71b288b66b2
 2023-02-20 04:29:33 +00:00
Ken Yang
dd3eaa4dce Merge "WLC: cleanup the unused hal_wlc policies" 2023-02-20 04:21:11 +00:00
Ken Yang
91045cea32 Merge "WLC: cleanup WLC trakcing_denials" 2023-02-20 04:20:59 +00:00
TreeHugger Robot
f5aeedf6fc Merge "Update error on ROM 9624328" into udc-dev am: ea203448fd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21482714

Change-Id: I4c579890ef5ee1c6427b3b699223d3d9cea138be
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 04:16:13 +00:00
TreeHugger Robot
864bf07d5c Merge "Update error on ROM 9624328" into udc-dev am: ea203448fd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21482714

Change-Id: If0e5d0b805f5cf467d0ec8c66310919df9acd088
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-20 04:13:24 +00:00
TreeHugger Robot
ea203448fd Merge "Update error on ROM 9624328" into udc-dev 2023-02-20 03:28:27 +00:00
sukiliu
cf747f40d6 Update error on ROM 9624328 
Bug: 269813282
Bug: 269813059
Bug: 268566481
Bug: 269812912
Test: SELinuxUncheckedDenialBootTest
Change-Id: Id8cbfb7c55f2acdc3102b20cdbd2702b594992ba
 2023-02-20 10:28:33 +08:00
Ken Yang
6f9844d137 WLC: cleanup the unused hal_wlc policies 
Bug: 264489562
Bug: 262455719
Bug: 260366297
Bug: 260363384
Change-Id: I90b9e442082b8e03e76ce63aaee56e5882933449
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-20 00:58:13 +00:00
Ken Yang
da69d2a494 WLC: cleanup WLC trakcing_denials 
Bug: 268566583
Change-Id: I2b3fda7b1b84ff4407eee4017df351f9f1d3bb51
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-20 00:42:35 +00:00
TreeHugger Robot
d19076e7ff Merge "hal_health_default: allow to access persist.vendor.shutdown.*" into udc-dev am: c012a8a10a am: dfd3d8e7c5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21475626

Change-Id: I7beb6ec7071cba88880bf0f1c8ce17ec0a54fb0b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 16:01:39 +00:00
TreeHugger Robot
dfd3d8e7c5 Merge "hal_health_default: allow to access persist.vendor.shutdown.*" into udc-dev am: c012a8a10a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21475626

Change-Id: Ice2cb63d7abc67b3185532be682db8841d018c1a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 14:51:17 +00:00
TreeHugger Robot
213f91ad98 Merge "hal_health_default: allow to access persist.vendor.shutdown.*" into udc-dev am: c012a8a10a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21475626

Change-Id: I897ae56dfb2a8fb577cc1ca3340a9feecab8c15b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 14:49:15 +00:00
TreeHugger Robot
c012a8a10a Merge "hal_health_default: allow to access persist.vendor.shutdown.*" into udc-dev 2023-02-18 13:46:15 +00:00
Kuen-Han Tsai
f939579c6e SEPolicy: remove tracking denials for hal_usb am: d0ac5bffa3 am: e4af4e0824 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21486210

Change-Id: I3d48ca424b1490004894b0809d6b9c03f3a17532
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 06:04:38 +00:00
Kuen-Han Tsai
e4af4e0824 SEPolicy: remove tracking denials for hal_usb am: d0ac5bffa3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21486210

Change-Id: I639171077e99d6e17698e7a1905712ab7d4446a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 04:54:12 +00:00
Kuen-Han Tsai
f0173dff8a SEPolicy: remove tracking denials for hal_usb am: d0ac5bffa3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21486210

Change-Id: I949f460625696b1de5b5a89caeef9b59869b9e1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 04:48:21 +00:00
neoyu
9ae44843ad Fix avc denied for hal_radioext_default am: c0da946f48 am: 4ff3dbefcd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21475628

Change-Id: Ia082d38a7ea7079fd0f7d2cd86b3d7c3d847d10d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 03:27:40 +00:00
Kuen-Han Tsai
d0ac5bffa3 SEPolicy: remove tracking denials for hal_usb 
Remove tracking denials since there is no avc denials related to hal_usb
found in the bug report.

Bug: 264483531
Bug: 264483531
Bug: 264482981
Bug: 264600052
Bug: 264482981
Bug: 264600052
Bug: 261651112
Test: Capture bugreport and check any denials related to hal_usb
Change-Id: I535c94c1112fc51f80b80c99562b43afee32ddd6
 2023-02-18 02:41:51 +00:00
neoyu
4ff3dbefcd Fix avc denied for hal_radioext_default am: c0da946f48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21475628

Change-Id: I1cbdf50e1f0dc138076cf70b8229885f60482c60
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 02:23:12 +00:00
neoyu
e4e8a1df0f Fix avc denied for hal_radioext_default am: c0da946f48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21475628

Change-Id: Id91591d00b8ba8a606dfc9938d82a89fb861756a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 02:21:37 +00:00
neoyu
c0da946f48 Fix avc denied for hal_radioext_default 
avc: denied { call } for comm="HwBinder:782_1" scontext=u:r:hal_radioext_default:s0 tcontext=u:r:hal_bluetooth_btlinux:s0 tclass=binder permissive=0

Bug: 269684065
Test: manual
Change-Id: I5ebf280feafabf4688718197c79bd6c4cac6e8fe
 2023-02-17 08:39:47 +00:00
Ken Tsou
10e84d8327 hal_health_default: allow to access persist.vendor.shutdown.* 
msg='avc: denied { set } for property=persist.vendor.shutdown.voltage_avg pid=908 uid=1000 gid=1000 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 266181615
Change-Id: Ia87610f0363bbfbe4fe446244b44818c273841f4
Signed-off-by: Ken Tsou <kentsou@google.com>
 2023-02-17 07:00:37 +00:00
Kah Xuan Lim
77ce224141 modem_svc_sit: grant modem property access 
Log message gotten before adding the policy:
avc: denied { connectto } for comm="modem_svc_sit" path="/dev/socket/property_service" scontext=u:r:modem_svc_sit:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1

Bug: 247669574
Change-Id: Id5e66d94eb14c6979d3b93d54fd73634444cdea1
 2023-02-17 06:24:53 +00:00
Wilson Sung
967da5da4f allow bootctl to read devinfo 
Bug: 260522436
Change-Id: I41d2763ffe40d7465a11cc86612fed9f92905eff
 2023-02-17 03:06:49 +00:00
Wilson Sung
6545bc156a Remove proc_vendor_sched obsolete denials 
Bug: 264490054
Change-Id: I308df50eefe611a0a87afc9a21387465487cc6ea
 2023-02-17 03:06:26 +00:00
Nicole Lee
ef1d13d86d logger_app: don't audit default_prop and fix errors 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:default_prop:s0" dev="tmpfs" ino=153 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger
avc: denied { search } for name="ssrdump" dev="dm-44" ino=377 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=0 app=com.android.pixellogger
avc: denied { search } for name="coredump" dev="dm-44" ino=378 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:sscoredump_vendor_data_coredump_file:s0 tclass=dir permissive=0 app=com.android.pixellogger

Bug: 264489961
Bug: 269383459
Test: Make sure no avc denied for logger_app when using Pixel Logger
Change-Id: I8999372d243286586eb53602e167fa111d39a00f
 2023-02-16 10:59:51 +00:00
Wilson Sung
3432cc6b0b Enforce system_server and remove obsolete denials 
Bug: 261519050
Bug: 262455682
Bug: 264489786
Test: boot to home and avc gone
Change-Id: I0a51e029a85af0a77faebfdcfe0b4dc26b71cca6
 2023-02-16 05:35:19 +00:00
Wilson Sung
c43a6186bf Add app_domain to con_monitor_app 
Bug: 261782930
Bug: 264490077
Test: boot to home and avc gone
Change-Id: I86a0793c93549172ee60397b9735ddcfe0d20bac
 2023-02-16 13:00:39 +08:00
TreeHugger Robot
061a2d7f82 Merge "Remove shell related denied" 2023-02-16 04:01:25 +00:00
Jayachandran C
b85f29bb54 Merge "Revert "Add selinux rules for platform_apps to access vendor_ims_app udp socket for read/write of RTP packets."" 2023-02-16 02:59:18 +00:00
Jayachandran C
75fc4f2051 Merge "Allow radio to access IMS stack's socket for sending/receiving RTP packets and aoc_device for codec encoding/decoding" 2023-02-16 02:59:18 +00:00
Wilson Sung
ae2403dca7 Remove shell related denied 
Bug: 260366321
Bug: 264489784
Change-Id: I21c5011358862ea911a3240aa0ff650d503514e9
 2023-02-16 02:21:56 +00:00
Neo Yu
a5eb63a4ca Merge "Fix avc denied for hal_radioext_default" 2023-02-16 00:34:33 +00:00
Jayachandran C
f54ab444ac Allow radio to access IMS stack's socket for sending/receiving RTP packets and aoc_device for codec encoding/decoding 
This fixes the follow denials

Vendor ImsStack denials
================
type=1400 audit(0.0:9): avc: denied { read write } for comm="pool-28-thread-" path="socket:[109431]" dev="sockfs" ino=109431 scontext=u:r:radio:s0 tcontext=u:r:vendor_ims_app:s0:c7,c257,c512,c768 tclass=udp_socket permissive=0 app=com.shannon.imsservice

AOC denials
===========
type=1400 audit(0.0:11): avc: denied { write } for name="acd-audio_rtp_tx" dev="tmpfs" ino=1185 scontext=u:r:radio:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
type=1400 audit(0.0:12): avc: denied { read } for name="acd-audio_rtp_rx" dev="tmpfs" ino=1186 scontext=u:r:radio:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0

Bug: 259178236
Test: Manually verified on the device with AOC

Change-Id: I000c0c72d8a37ab5680caddd499977db66939bfa
 2023-02-15 22:20:56 +00:00
Jayachandran C
8a51382598 Revert "Add selinux rules for platform_apps to access vendor_ims_app udp socket for read/write of RTP packets." 
This reverts commit ebe77e31f4.

Reason for revert: Re-worked as part of ag/21259162
Bug: 259178236

Change-Id: I0494e71339c335b2efc2f23d4087f19184cfd1b5
 2023-02-15 21:31:26 +00:00
Jörg Wagner
6834d6f59f Update Mali DDK to r40 : Additional SELinux settings 
Expose DDK's dynamic configuration options through the Android Sysprop
interface, following recommendations from Arm's Android Integration
Manual.

Bug: 261718474
Change-Id: I785106b6d2d05e21bf60fcd6da3d716b32e1bc1d
 2023-02-15 14:19:50 +00:00
neoyu
8a9b4fde21 Fix avc denied for hal_radioext_default 
avc:  denied  { find } for interface=hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance sid=u:r:hal_radioext_default:s0 pid=792 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:hal_bluetooth_coexistence_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 269048898
Bug: 269045233
Test: manual
Change-Id: Ie5c926a8c22859d1ca2655b1bd91f36201f48285
 2023-02-15 17:58:39 +08:00
Wilson Sung
4ea1dcff3a Fix zram avc denied 
Bug: 260522041
Bug: 264490055
Test: boot to home and avc errors gone
Change-Id: I37532bb66c8f00f4307187e12bdab811c007b614
 2023-02-15 08:23:49 +00:00
TreeHugger Robot
386ec7e920 Merge "Remove logger_app in bug_map" 2023-02-15 07:05:52 +00:00
Adam Shih
650b20d27f Merge "create cma dump" 2023-02-15 06:28:52 +00:00
Welly Hsu
5a441a9ca3 Merge "Remove unnecessary dontaudit for context euiccpixel_app" 2023-02-15 05:27:41 +00:00
Wilson Sung
83151d7383 Merge "Enforce bootanim and platform_app" 2023-02-15 05:19:59 +00:00
Adam Shih
c80283456e Merge "move devfreq dump to gs-common" 2023-02-15 04:54:22 +00:00
Adam Shih
a438fce84f create cma dump 
Bug: 240530709
Test: adb bugreport
Change-Id: I1a97098d73106a16c0be675a5d8f58183d5f9531
 2023-02-15 12:41:31 +08:00
Adam Shih
efa506d012 move devfreq dump to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: Ica18fa60ed1da44eb587ffe59370e87b393e69fb
 2023-02-15 11:11:44 +08:00
Wilson Sung
c1a0ef2fe6 Enforce bootanim and platform_app 
Bug: 264489606
Bug: 264490036
Change-Id: I16ed01bbb93ae2b5d5d6609ffd1f2bc0e3dc39ca
 2023-02-15 10:36:08 +08:00
Shashank Sharma
7cd2e4b765 Merge "arm_mali_platform_service: register gpu selinux service" 2023-02-15 02:11:19 +00:00
Welly Hsu
0b3bc92066 Remove unnecessary dontaudit for context euiccpixel_app 
bug: 260522203
bug: 260922442
bug: 262455954
bug: 260522040
bug: 260768358
bug: 261933311

Test:
1. m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
2. eSIM OS version check & OS upgrade successfully without avc error

Change-Id: I6e0771a5794a42af5e187e35881e6de06e01fff0
 2023-02-15 02:08:27 +00:00
George Chang
378fc6f5cf Merge "Remove dontaudit for secure_element" 2023-02-15 00:33:49 +00:00
Shashank Sharma
7cbda60f3e arm_mali_platform_service: register gpu selinux service 
Fix avc denied issues.

Bug: 261105374
Bug: 260768402
Bug: 260922162
Bug: 261105092
Bug: 264483754
Test: No AVC denied logs after reboot.
Change-Id: I6448b3e0df9b5deeb953498fa623810eadb3ff67
 2023-02-14 23:34:14 +00:00
TreeHugger Robot
996a7ad4ff Merge "storage: remove init tracking_denials rule" 2023-02-14 22:51:57 +00:00
TreeHugger Robot
bf60294e77 Merge "Map AIDL Gatekeeper to same policy as HIDL version" 2023-02-14 18:55:51 +00:00
Enzo Liao
4df0d58596 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma. 
It needs to access a file pushed by hosts of test suites (details: http://go/pd-client-for-lab#heading=h.wtp07hbqvwgx)

Bug: 234359369
Design: http://go/pd-client-for-lab
Test: Manual
Change-Id: Ib82aec1b6eeacbf1b1595009f68827cb9b5c22ba
 2023-02-14 22:08:30 +08:00
Dinesh Yadav
dec248fa9a Merge "Remove b/264321380 from bug map" 2023-02-14 11:33:11 +00:00
Nicole Lee
95bf6d4b20 Remove logger_app in bug_map 
Bug: 264600084
Bug: 264600053
Change-Id: I5aa4dc83806c001e2cd3808cb998c39e4e3bd524
 2023-02-14 09:29:29 +00:00
Randall Huang
eafa9d0fbe Merge "storage: remove dumpstate tracking_denial rule" 2023-02-14 08:35:13 +00:00
TreeHugger Robot
dd28add0e4 Merge "Revert "Revert "update error on ROM 9588633""" 2023-02-14 08:06:21 +00:00
Ken Yang
a99d9c1150 Merge "Remove hal_vibrator_default in bug_map" 2023-02-14 08:02:14 +00:00
Randall Huang
f6600b7f72 storage: remove init tracking_denials rule 
Bug: 262794360
Test: boot to home
Change-Id: Iaea58cc0a1a572a651f7cb01d9b4ba19ff515269
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-14 15:51:57 +08:00
Adam Shih
ce1a20ee01 Merge "Move memory dump to gs-common" 2023-02-14 07:22:11 +00:00
Randall Huang
da5df9cd20 storage: remove dumpstate tracking_denial rule 
Bug: 261933169
Test: no scsi avc denial when generating bugreport
Change-Id: Iecf98c248a2ad28d05095b7c91b8695dd92486be
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-14 07:13:54 +00:00
Wilson Sung
cc76d0f05b Revert "Revert "update error on ROM 9588633"" 
This reverts commit 9290d7c45b.
Add hal_googlebattery related denied to bug_map

Bug: 268566583
Bug: 268572197
Bug: 268572164
Change-Id: Iabfcfb28f69c118707fb64c34e2882ea0a49a776
 2023-02-14 15:05:12 +08:00
Ken Yang
8893d42439 Remove hal_vibrator_default in bug_map 
Remove hal_vibrator_default in bug_map due to my incorrect rebase

Bug: 264483356
Change-Id: I25310ad9f6d2c16d90f20969cbfc792f34584c93
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-14 06:56:52 +00:00
Dinesh Yadav
1dbaa50d8c Remove b/264321380 from bug map 
This bug was created to track the selinux violations caused when
camera hal tried to access gxp. This has been resolved by ag/21003929

Bug: 264321380
Change-Id: I33458cb7a1a657aba8be62362b62be52d881420f
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-02-14 05:49:34 +00:00
TreeHugger Robot
439199228b Merge "Storage: remove hal_health_storage tracking denials rules" 2023-02-14 04:14:24 +00:00
Randall Huang
ccd8416356 Merge changes from topic "264483567" 
* changes:
  storage: fix idle-maint avc denials.
  storage: remove vold tracking_denials rules
 2023-02-14 03:07:06 +00:00
Randall Huang
938e0732dd storage: fix idle-maint avc denials. 
Bug: 264483567
Test: run idle-maint run
Change-Id: If4e67ce574de8be2709ebdf9ed2d09ad952ac206
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-14 09:29:59 +08:00
Doug Zobel
b844ec7548 Merge "Move sysfs_pcie type definition to gs-common" 2023-02-13 16:15:21 +00:00
George
39733f8622 Remove dontaudit for secure_element 
SELinuxUncheckedDenialBootTest
scanAvcDeniedLogRightAfterReboot
no avc denials for secure_element

Bug: 264490093
Bug: 262794969
Bug: 261651095
Bug: 260922187
Bug: 260768672
Test: manually check dumpsys secure_element
Test: run cts -m CtsOmapiTestCases
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: Ic06f9d0bf61bc8f30e0f285403a99e2c73384418
 2023-02-13 12:36:51 +00:00
Randall Huang
eb3e643acd Storage: remove hal_health_storage tracking denials rules 
Bug: 264490032
Test: boot to home
Change-Id: I825b33ba513e135754a969a108d13096a326745a
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-13 17:14:36 +08:00
Ray Chi
cf818217df Fix avc denied for USB property 
Bug: 268572164
Test: reboot device and no related logs
Change-Id: I473d0ee022e9a9edc076ef479e2343d11b9ef63d
 2023-02-13 17:03:02 +08:00
Randall Huang
2c859d0485 storage: remove vold tracking_denials rules 
Bug: 264483567
Test: boot to home
Change-Id: Iad702bf293ea374174034239c81ea3499c837cf0
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-13 16:58:39 +08:00
Ken Yang
c6bd3ad477 Merge "WLC: Add hal_wireless_charger policies for systemui" 2023-02-13 08:13:26 +00:00
Adam Shih
176bdd647d Move memory dump to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: Ie860adb97d7bcebf87cd4280e1d5601163d06074
 2023-02-13 14:58:08 +08:00
George Chang
806fda64ba Merge "Update sepolicy for streset and stpreprocess" 2023-02-13 04:05:57 +00:00
Andrew Chant
f861570a64 Merge "Revert "update error on ROM 9588633"" 2023-02-11 01:33:03 +00:00
Andrew Chant
9290d7c45b Revert "update error on ROM 9588633" 
This reverts commit 8c2f12f39d.

Reason for revert: Broke the zuma build
Bug: 268566583

device/google/zuma-sepolicy/tracking_denials/systemui_app.te:6:ERROR 'unknown type hal_googlebattery' at token ';' on line 100380:
dontaudit systemui_app hal_googlebattery:binder { call };
dontaudit systemui_app default_android_service:service_manager { find };
checkpolicy:  error(s) encountered while parsing configuration

Change-Id: I1286020227bdd73c14833489613237f82573d02f
 2023-02-11 01:27:19 +00:00
Doug Zobel
bfd738a84d Move sysfs_pcie type definition to gs-common 
SELinux type declaration 'sysfs_pcie' moved to gs-common
for the PCIe dumpstate script.

Test: adb logcat "pixelstats-vendor:D *:S"
Bug: 266561593
Change-Id: Ieae65d9d3f5dbf80f60c1787a384f1aa3adef77c
Signed-off-by: Doug Zobel <zobel@google.com>
 2023-02-10 07:37:32 -06:00
George
baa51816de Update sepolicy for streset and stpreprocess 
Allow hal_secure_element_st54spi to access nfc device
Allow hal_nfc_default to set se property
Allow vendor_init to set nfc/se property

Bug: 267838462
Test: manually trigger eSE reset without avc error
Change-Id: I0ad6a0432f4fb158186874b318b5832dddce47e6
 2023-02-10 21:01:20 +08:00
Wilson Sung
e338667584 vendor_init: Add getattr to sg 
Bug: 260522244
Change-Id: I9f447ecb635280048ca0d785f00b6c851a9dedf3
 2023-02-10 18:35:47 +08:00
Wilson Sung
6cf7ce5cc0 Allow vendor_init chown gvotables 
Bug: 267736435
Bug: 260366195
Change-Id: I0a27a7fb3719d57449fb3d7f4c4d746d09419a75
 2023-02-10 18:34:51 +08:00
Wilson Sung
594dee4dc4 Allow vendor_init create link for bootdevice_sysdev 
Bug: 263185566
Change-Id: I3a041c8dbd33c538d3971b793c64e4ea7c310190
 2023-02-10 16:24:06 +08:00
Ken Yang
b2585e3a2e WLC: Add hal_wireless_charger policies for systemui 
Bug: 268457480
Change-Id: Iadb44efc736cd6bb3c3dfe5283d5fd2a7ce3cf34
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-10 04:40:44 +00:00
Wilson Sung
8c2f12f39d update error on ROM 9588633 
Bug: 268566583
Bug: 268572197
Bug: 268572164
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I6eba194f27258a0c2acbcb739c3a69dfa7b77b56
 2023-02-10 11:57:07 +08:00
Tom Huang
dfe1f3799b Merge "Add BT hal sepolicy for allowing accessing AoC device node" 2023-02-10 02:23:42 +00:00
Wilson Sung
3c27af4e58 Fix avc error from systemui 
Bug: 264266705
Change-Id: Iabc41ea7901ea99646147b133b96dd0297fd376d
 2023-02-10 02:40:36 +08:00
kuanyuhuang
3ce317ca5f Add BT hal sepolicy for allowing accessing AoC device node 
Allow BT hal to access device and aoc_device.

Test: manual and check avc log
Bug: 265587172
Change-Id: I62e9fb3f0278af7e0365f88bb3723cb47a266b81
 2023-02-09 09:34:10 +00:00
TreeHugger Robot
c7edca28e2 Merge changes Ia32c4b01,I4746bca6 
* changes:
  Permissive systemui during bringup stage
  label SystemUI app
 2023-02-09 07:05:46 +00:00
More Kuo
459ad4638f Merge "Bluetooth: remove dontaudit for hal_bluetooth_btlinux" 2023-02-09 04:38:39 +00:00
Welly Hsu
782f4c6e6b Merge "Update ofl_app selinux policy" 2023-02-09 03:47:53 +00:00
Wilson Sung
5af20ce7a5 Permissive systemui during bringup stage 
Bug: 264266705
Change-Id: Ia32c4b016aad4f47c437e62069e55990297dad82
 2023-02-09 11:44:09 +08:00
Wilson Sung
f88300dc69 label SystemUI app 
Bug: 264266705
Bug: 262794428
Change-Id: I4746bca6291d57ee36c0565d15ee5320380e1bc0
 2023-02-09 11:33:54 +08:00
Adam Shih
e4e0bd775f Merge "migrate power section to its own script" 2023-02-09 02:51:48 +00:00
TreeHugger Robot
f43519dad8 Merge "dontaudit kernel search allow debugfs" 2023-02-09 02:12:22 +00:00
Carter Hsu
f60b740692 Merge "audio: allow the default setting of the audio persistent property" 2023-02-09 01:58:16 +00:00
Carter Hsu
9d327a161a audio: allow the default setting of the audio persistent property 
Bug: 267694116
Test: Verified on the test build
Change-Id: I0ee81de2744656b6637868953948804d4e71dc7c
Signed-off-by: Carter Hsu <carterhsu@google.com>
 2023-02-09 08:39:42 +08:00
Karuna Ramkumar
f7449ca763 Merge "zuma: Allow HWC to access graphics allocator hal" 2023-02-08 19:05:58 +00:00
David Drysdale
b385a8a253 Map AIDL Gatekeeper to same policy as HIDL version 
Bug: 268342724
Test: VtsHalGatekeeperTargetTest
Change-Id: I2857f6dabad71d13971829c89fa7055b50793ea7
 2023-02-08 18:43:03 +00:00
Welly Hsu
b8e66572cc Update ofl_app selinux policy 
bug: 264489564

test: Use ofl_app (OFLBasicAgent app) will not face avc error
Change-Id: I55061f6b067e054ec605cd6a196406e48c1271e6
 2023-02-08 17:39:34 +08:00
TreeHugger Robot
f61bc3e16a Merge "WLC: Fix hal_wireless_charger sepolicies" 2023-02-08 09:16:22 +00:00
Ken Yang
c3048691a9 WLC: Fix hal_wireless_charger sepolicies 
Bug: 264483390
Bug: 264483533
Bug: 264483152
Bug: 263429589
Change-Id: If06e0b0c429e78e71f7be2d6418ccab0ab115414
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-08 08:14:36 +00:00
Adam Shih
4f442e5055 migrate power section to its own script 
Bug: 240530709
Test: adb bugreport
Change-Id: Id7a761d61757efe55e8642553eccc84864b4a721
 2023-02-08 15:40:18 +08:00
Wilson Sung
da49f90167 Allow vendor_init to set slog properties 
Bug: 267843409
Change-Id: Ib98b7127bb4381ce5dfb5522b3652637a533f593
 2023-02-08 15:32:26 +08:00
Wilson Sung
adfddd8d3b Allow vendor_init to set modem vendor_logger_prop 
Bug: 267843409
Change-Id: I47d1e4aec04dfcf1223e4e4d828d7da5af243e9c
 2023-02-08 15:31:54 +08:00
Wilson Sung
3c6fa1dfb5 Allow vendor_init to set vendor_logger_prop 
Bug: 267843409
Change-Id: I99a52a5d0d24f604cf3f0872d4066e1de5256e2f
 2023-02-08 15:31:36 +08:00
TreeHugger Robot
4550d66a63 Merge "Remove vibrator bug_map toward u:object_r:aac_drc_prop:s0" 2023-02-08 07:18:39 +00:00
TreeHugger Robot
35a2c3cd6d Merge "Remove hal_vibrator_default and vendor_init tracking_denials" 2023-02-08 07:08:27 +00:00
TreeHugger Robot
25d69cfbed Merge "Allow kernel to access firmware and zram" 2023-02-08 07:00:41 +00:00
More Kuo
565218ed0b Bluetooth: remove dontaudit for hal_bluetooth_btlinux 
Bug: 261363679
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I14429cc9e8cfd971ece59083022a03a9b6de0ede
 2023-02-08 14:24:54 +08:00
Tai Kuo
9824759e4f Remove vibrator bug_map toward u:object_r:aac_drc_prop:s0 
u:object_r:aac_drc_prop:s0 is harmless and does not affect vibrator HAL
dumpsys.

Bug: 264483356
Test: adb shell dumpsys android.hardware.vibrator.IVibrator/default
Change-Id: Id638d7074c1a83141b6db5b2ecea0148721ded88
 2023-02-08 14:20:16 +08:00
Tai Kuo
cecd829f6f Remove hal_vibrator_default and vendor_init tracking_denials 
Build P23 CS40l26 project from
hardware/google/pixel/vibrator/cs40l26/device.mk and use the sepolicy
from hardware/google/pixel-sepolicy/vibrator/cs40l26 and
hardware/google/pixel-sepolicy/vibrator/common.

Bug: 267843409
Fix: 260366169
Fix: 264490051
Test: HAL init properly
Test: dumpsys android.hardware.vibrator.IVibrator/default
Test: m atest && atest-dev \
  com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Test: m atest && atest-dev \
  com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: I4448bbdb03b0a06080d5bccf2708c86c10d4fb26
 2023-02-08 14:11:27 +08:00
TreeHugger Robot
d33ee1d1d3 Merge "Remove dontaudit vendor_init to set ssr properties" 2023-02-08 05:52:44 +00:00
TreeHugger Robot
c1888e24fc Merge "Allow vendor_init to modify proc_sched" 2023-02-08 05:26:30 +00:00
TreeHugger Robot
a2e09c9e25 Merge "vendor_init: Add getattr to modem_img" 2023-02-08 05:22:20 +00:00
Wilson Sung
ac3c24c4f2 dontaudit kernel search allow debugfs 
Bug: 261650972
Change-Id: I39b0feb01c592c7beb30d7aa1610c39a75bb3481
 2023-02-08 13:21:48 +08:00
TreeHugger Robot
bd9251a800 Merge "Allow vendor_init to modify read_ahead_kb" 2023-02-08 05:20:57 +00:00
TreeHugger Robot
728de48e51 Merge "Add extcon related contexts" 2023-02-08 05:16:56 +00:00
Wilson Sung
5f27d9f524 Merge "Remove usb obsolete denials" 2023-02-08 05:15:48 +00:00
Wilson Sung
65575203b2 Remove usb obsolete denials 
Bug: 261651009
Change-Id: I59f376d504e82e39feef1d96bfe3ec636dcf6ca0
 2023-02-08 05:15:20 +00:00
Wilson Sung
856d2c480e Allow kernel to access firmware and zram 
Bug: 260522245
Change-Id: I964ac1e30e0181f4d6edc71f2e066b7bd515186b
 2023-02-08 05:08:04 +00:00
TreeHugger Robot
9cce214473 Merge "Add required sepolicy rules for Camera function" 2023-02-08 05:00:08 +00:00
Wilson Sung
fd39573ce5 Remove dontaudit vendor_init to set ssr properties 
Bug: 267843409
Change-Id: I74a222e90b3dd0e2dad91632b73fcad1211a7974
 2023-02-08 12:44:56 +08:00
Wilson Sung
5dbc57e7ae Allow vendor_init to modify proc_sched 
Bug: 263185566
Change-Id: I4a333ffd423e88af81e4c244cc7140ebd826a170
 2023-02-08 12:28:31 +08:00
Wilson Sung
df495af425 vendor_init: Add getattr to modem_img 
Bug: 63185566
Change-Id: I29fd72ba5e1482d629bc28edfd7782c6f24fe68f
 2023-02-08 12:26:10 +08:00
Wilson Sung
926deec5d4 Allow vendor_init to modify read_ahead_kb 
Bug: 264489786
Change-Id: I26d5682b3b056c8c8e00fc08581c96dcbaa27ef9
 2023-02-08 04:07:22 +00:00
Wilson Sung
cb79685556 Add extcon related contexts 
Bug: 260366030
Change-Id: I9b15741820ad284e50593b5467407b773ae15ec8
 2023-02-08 12:06:31 +08:00
Karuna Ramkumar
15da9ccf58 zuma: Allow HWC to access graphics allocator hal 
Bug: 268268619
Change-Id: Iac85dc60b5201ab85fbf74bf3af6722ac31c5b94
 2023-02-07 20:06:30 -08:00
TreeHugger Robot
4e02d08f95 Merge "[SELinux] Fix hal_uwb_default dumpstate errors" 2023-02-08 01:43:53 +00:00
George Lee
0322b923b7 Remove tracking denial for system_boot_reason 
Bug: 263525155
Test: Local boot
Change-Id: Iab1411871a66c60a604ee8b0fce0505a88973792
Signed-off-by: George Lee <geolee@google.com>
 2023-02-07 17:07:19 +00:00
Wilson Sung
5f48d4f516 Add required sepolicy rules for Camera function 
Bug: 263184920
Bug: 263305107
Change-Id: Idadf878564333a931b90da2415efe109e75e222a
 2023-02-07 21:20:12 +08:00
Rex Lin
f1f25dc94f [SELinux] Fix hal_uwb_default dumpstate errors 
Bug: 263048994
Test: http://ab/I62800010129138096
Change-Id: I4fc3dedb8e35e4d7520acded58d66f5206565afb
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-02-07 08:17:54 +00:00
Ernie Hsu
0e1559162e Merge "Fix sepolicy for mediacodec_google and mediacodec_samsung" 2023-02-07 07:57:52 +00:00
TreeHugger Robot
9f95eb9cd1 Merge "Update error on ROM 9558720" 2023-02-07 06:06:39 +00:00
Ernie Hsu
f7adc840df Fix sepolicy for mediacodec_google and mediacodec_samsung 
mediacodec_google and mediacodec_samsung could be audited

Test: atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
      No fail associated with mediacodec_google and mediacodec_samsung
Bug: 262794938
Bug: 262794428
Bug: 262793919
Change-Id: I0ebac8c5c25ae89ecc8907f0f141f5ec1d8aaa0b
 2023-02-07 05:48:58 +00:00
TreeHugger Robot
90730e60fd Merge "sepolicy: label required wakeup nodes for system suspend" 2023-02-07 04:20:28 +00:00
sukiliu
341afe161d Update error on ROM 9558720 
Bug: 267843291
Bug: 267843408
Bug: 267843310
Bug: 267843409
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4d8f448d9019232222f2e8385bb2f4b3cf5f5336
 2023-02-07 11:29:45 +08:00
TreeHugger Robot
0d013cb30e Merge "Fix denials for radio service to access files under /data/venodr/radio" 2023-02-07 03:08:30 +00:00
Darren Hsu
1934546586 sepolicy: label required wakeup nodes for system suspend 
Bug: 260366031
Bug: 264204215
Test: run singleCommand pts -m PtsSELinuxTestCases
Change-Id: Icf8c4669156a0017655981fda8619ce0a75dce4d
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-02-07 10:12:30 +08:00
Timmy Li
5533264ba9 Merge "Add UW cornerfolk to file_contexts" 2023-02-07 02:09:54 +00:00
timmyli
d784c55c20 Add UW cornerfolk to file_contexts 
Device needs access to cornerfolk. Evidence log in comments.

Bug: 267696227
Test: log check
Change-Id: If6bd49b76038673ad12fc6a1e7abd10b4cd3407e
 2023-02-07 02:09:46 +00:00
TreeHugger Robot
30036eeebc Merge "Remove dontaudit for nfc" 2023-02-07 02:08:28 +00:00
TreeHugger Robot
161099cfe2 Merge "Remove dontaudit for st54spi" 2023-02-07 02:08:21 +00:00
TreeHugger Robot
cdc2d14883 Merge "sepolicy: label ODPM device nodes for hal_power_stats" 2023-02-07 02:05:46 +00:00
Darren Hsu
9964fd2901 sepolicy: label ODPM device nodes for hal_power_stats 
Bug: 268002261
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I1dfd7760c4a958e0b31258a8379f3c68eb054f35
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-02-06 21:44:17 +08:00
Donnie Pollitz
1fd0c782b4 sepolicy: Fix trusty_metricsd avc denials 
* Suez data collection missing

Bug: 264489526
Test: ran com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I667e35c68139a3368655cab4ea40acb529bb65ef
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-02-06 08:57:31 +00:00
Donnie Pollitz
1df4e2dde8 sepolicy: Fix trusty_apploader avc denials 
* File permissions missing

Bug: 263305034
Test: ran com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot

Change-Id: I5d0a56a4c31c66610414341118c4089d2c11f3e9
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-02-06 08:57:22 +00:00
George
aa76e6db12 Remove dontaudit for st54spi 
SELinuxUncheckedDenialBootTest
scanAvcDeniedLogRightAfterReboot
no avc denials for st54spi

Bug: 264489677
Test: manually check dumpsys secure_element
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I587caa423d3e1d23d9666fb732c0cc350934538f
 2023-02-06 07:27:12 +00:00
Jenny Ho
6f15645932 Merge "Add permission for logbuffer_bd" 2023-02-06 03:53:19 +00:00
Hongbo Zeng
a82ea96b40 Fix denials for radio service to access files under /data/venodr/radio 
Bug: 263792405
Test: get PASS result with go/ril-config-service-test and the original
      denial logs in https://b/263792405#comment17 are gone
Change-Id: Id6d64bb3e159b083e1a1b4c8e728e992fb9b1502
 2023-02-06 03:47:01 +00:00
Jenny Ho
4e6cfb143d Add permission for logbuffer_bd 
Bug: 242679204
Change-Id: I7376f10dc183bac805c89d6905e70a7b92694471
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-02-05 14:06:06 +08:00
Jenny Ho
31f750da2b sepolicy: add sepolicy for disable.battery.defender 
[    7.536208] type=1107 audit(1671575809.144:22): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.battery.defender.disable pid=381 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=property_service permissive=1'

Bug: 263305106
Change-Id: Ia7adfe7f128c6390128447b9363ecd3615694fb1
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-02-05 13:09:28 +08:00
Ken Yang
af9057e7fb WLC: Add required sysfs_wlc sepolicies 
The sysfs_wlc is still required for certain services like
hal_health_default. Add these sepolicies to pass the tests.

Bug: 267171670
Change-Id: If2b5b007f4a24e91b2be83bb20676eb449b9415f
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-05 01:00:01 +00:00
George
40b805af57 Remove dontaudit for nfc 
SELinuxUncheckedDenialBootTest
scanAvcDeniedLogRightAfterReboot
no avc denials for nfc

Bug: 263185547
Bug: 264490053
Test: atest NfcNciInstrumentationTests
Test: atest NfcNciUnitTests
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: Idc9eced1ae7248cf0883a5e42db2c5e55cb65c3b
 2023-02-04 22:37:34 +08:00
Welly Hsu
a8526b30e0 Merge "Remove dontaudit in euiccpixel for SELinuxUncheckedDenialBootTest and scanAvcDeniedLogRightAfterReboot" 2023-02-04 05:55:56 +00:00
Joseph Jang
114b7b8f09 Merge "citadel: Remove citadel.te for sepolicy testing" 2023-02-03 02:08:12 +00:00
Cyan_Hsieh
79bd040d55 Add gcf partition to OTA domain 
This allows the OTA mechanism to write to the bootloader slot to
perform the actual OTA

Bug: 263218204
Change-Id: Iec3f3aa73344f4e9a305bc3c1c3f2db7624aca93
 2023-02-02 18:08:51 +08:00
TreeHugger Robot
075f213ece Merge "hal_graphics_composer_default: fix sepolicy denials" 2023-02-02 06:11:49 +00:00
TreeHugger Robot
e9d7a18f5d Merge "selinux: fix mitigation_vendor_file access" 2023-02-02 04:40:09 +00:00
Nicole Lee
7c21f689ea Merge "logger_app: allow logger_app to access vendor_slog_file" 2023-02-02 04:11:39 +00:00
Nicole Lee
704656a367 Merge "logger_app: allow logger_app to access vendor_rild_prop" 2023-02-02 04:11:28 +00:00
Nicole Lee
34f87b6396 Merge "logger_app: allow logger_app to access sysfs_sscoredump_level and vendor_ramdump_prop" 2023-02-02 04:11:18 +00:00
Nicole Lee
5bdbf4194b Merge "logger_app: allow logger_app to access logd_prop" 2023-02-02 04:11:03 +00:00
Nicole Lee
20dedc5cc6 Merge "logger_app: allow logger_app to access logpersistd_logging_prop" 2023-02-02 04:10:50 +00:00
TreeHugger Robot
de674e9f3b Merge "logger_app: allow logger_app to access vendor_audio_prop" 2023-02-02 04:09:35 +00:00
Nicole Lee
140780f8a4 Merge "logger_app: allow logger_app to access vendor_wifi_sniffer_prop" 2023-02-02 03:06:45 +00:00
Nicole Lee
3d78ff1a51 Merge "logger_app: allow logger_app to access vendor_tcpdump_log_prop" 2023-02-02 03:06:33 +00:00
Nicole Lee
1c8be3059d Merge "logger_app: allow access vendor_gps_file, vendor_gps_prop, vendor_logger_prop" 2023-02-02 03:06:23 +00:00
Nicole Lee
227fa788cc Merge "logger_app: allow logger_app access vendor_modem_prop" 2023-02-02 03:06:14 +00:00
Nicole Lee
89a469803c Merge "logger_app: allow logger_app to access vendor_ssrdump_prop" 2023-02-02 03:06:05 +00:00
Nicole Lee
3a825a5184 Merge "logger_app: allow logger_app to access radio files" 2023-02-02 03:05:50 +00:00
George Lee
574ebbacf8 selinux: fix mitigation_vendor_file access 
Bug: 266118091
Test: Local test to confirm error doesn't show up
Change-Id: Ie9e55230211f20efc7bba448bfc335799d0e1d56
Signed-off-by: George Lee <geolee@google.com>
 2023-02-01 17:55:12 +00:00
Doug Zobel
b0394ebf56 Merge "Add sepolicy for PCIe link statistics" 2023-02-01 15:04:04 +00:00
Safayat Ullah
7ce9680b98 hal_graphics_composer_default: fix sepolicy denials 
Bug: 263184738
Bug: 264489746
Test: There is no AVC denied log after reboot
Change-Id: I3c5bbc55f0a676d8906ec061e3c999995d02dd3f
 2023-02-01 14:34:36 +00:00
Doug Zobel
7ea927f332 Add sepolicy for PCIe link statistics 
PCIe link statistics collected by dumpstate and pixelstats.

Test: adb logcat "pixelstats-vendor:D *:S"
Bug: 266689144
Change-Id: I9b7eef9a9e14c1be9e9e9feb3c608f7067e6fade
Signed-off-by: Doug Zobel <zobel@google.com>
 2023-02-01 07:23:15 -06:00
Donnie Pollitz
eea50ca2bc Merge "sepolicy: Fix tee avc denials" 2023-02-01 09:46:16 +00:00
Welly Hsu
74b12d8455 Remove dontaudit in euiccpixel for SELinuxUncheckedDenialBootTest and scanAvcDeniedLogRightAfterReboot 
Issue: after introducing selinux rules in b/265286368
the dontaudit rules can be removed

bug: 260522413
bug: 262451641
bug: 261651113
bug: 260922186
bug: 261516808
bug: 260769064
bug: 265384119
bug: 264489745

Test: confirm SELinuxUncheckedDenialBootTest and
scanAvcDeniedLogRightAfterReboot tests can pass and no avc denials for euiccpixel

Change-Id: I07ae97d47bbb14c15da92611160b6a2a6af22a60
 2023-02-01 16:34:17 +08:00
Long Ling
9f67cbb03b Merge "Set context for sysfs file refresh_rate" 2023-02-01 02:37:48 +00:00
Nicole Lee
9c413c12e7 logger_app: allow logger_app to access vendor_slog_file 
Bug: 264489961
Test: Confirm no selinux denial for vendor_slog_file
Change-Id: Idc5386336a196f39703f6d33e3a7a8491e860ea0
 2023-01-31 16:38:48 +00:00
Nicole Lee
98e068e135 logger_app: allow logger_app to access vendor_rild_prop 
Bug: 264489961
Test: Confirm no selinux denial for vendor_rild_prop
Change-Id: I07bb59cba17f11a6cfdaf40e92f6cd663d8ad903
 2023-01-31 16:38:39 +00:00
Nicole Lee
e396b80465 logger_app: allow logger_app to access sysfs_sscoredump_level and vendor_ramdump_prop 
Bug: 264489961
Test: Confirm no selinux denial for sysfs_sscoredump_level and vendor_ramdump_prop
Change-Id: I6c7e87d15505dd9cd80f571ab67925b7ec722ef6
 2023-01-31 16:38:31 +00:00
Nicole Lee
cbb6754e58 logger_app: allow logger_app to access logd_prop 
Bug: 264489961
Test: Confirm no selinux denial for logd_prop
Change-Id: I6db7b19dd9cf864768ba2442d39d9fcde16a71fe
 2023-01-31 16:38:23 +00:00
Nicole Lee
bed125ec04 logger_app: allow logger_app to access logpersistd_logging_prop 
Bug: 264489961
Test: Confirm no selinux denial for logpersistd_logging_prop
Change-Id: Ia8836e058bb3e471d388f9055252e6c3c42227ac
 2023-01-31 16:38:14 +00:00
Nicole Lee
998e7618b9 logger_app: allow logger_app to access vendor_audio_prop 
Bug: 264489961
Test: Confirm no selinux denial for vendor_audio_prop
Change-Id: I02b53cf4d39adf1bc69004502a21b130c925d6bc
 2023-01-31 16:38:05 +00:00
Nicole Lee
64a8ed9b7b logger_app: allow logger_app to access vendor_wifi_sniffer_prop 
Bug: 264489961
Test: Confirm no selinux denial for vendor_wifi_sniffer_prop
Change-Id: Id6a5afed299c3ac869897015629d190640f40d8f
 2023-01-31 16:37:54 +00:00
Nicole Lee
eb05f7d02f logger_app: allow logger_app to access vendor_tcpdump_log_prop 
Bug: 264489961
Test: Confirm no selinux denial for vendor_tcpdump_log_prop
Change-Id: I2c4e7e0d395f570f93a26dd0328982487426ac84
 2023-01-31 16:36:24 +00:00
Nicole Lee
cddb6ad619 logger_app: allow access vendor_gps_file, vendor_gps_prop, vendor_logger_prop 
Bug: 261519049
Bug: 261783031
Bug: 261933367

Test: Confirm no selinux denial for these 3 tcontexts
Change-Id: I6f919e193693f7521778321f677214ea9f3b4d84
 2023-01-31 16:32:41 +00:00
Nicole Lee
b713236048 logger_app: allow logger_app access vendor_modem_prop 
Bug: 260522268
Bug: 264600053

Test: Confirm no selinux denial for tcontext vendor_modem_prop
Change-Id: Ic4ed0cdd7fa33c1dd4c812528b26b4a19cf6537b
 2023-01-31 16:32:32 +00:00
Nicole Lee
e6975cb6e5 logger_app: allow logger_app to access vendor_ssrdump_prop 
Bug: 260366439

Test: Confirm no selinux denial for tcontext vendor_ssrdump_prop
Change-Id: I74009bdd3d8b0fa691a2d0132655dc08fcd50977
 2023-01-31 16:32:24 +00:00
Nicole Lee
30e96b25ce logger_app: allow logger_app to access radio files 
Bug: 260366439
Bug: 260522268
Bug: 260769144
Bug: 261519049
Bug: 264600084

Test: Confirm no selinux denial for tcontext radio_vendor_data_file
Change-Id: I2a917d78e685aad5608e64f4d076cc50cdb064cc
 2023-01-31 16:32:16 +00:00
sukiliu
383189e5f2 Update error on ROM 9541712 
Bug: 267260951
Bug: 267261048
Bug: 267260619
Bug: 267260716
Bug: 267261305
Bug: 267261163
Bug: 267260675
Bug: 267261265
Bug: 267260717
Test: scanBugreport
Change-Id: I293fe1bc19f5f2d8f320d4e9feea051fc623ef8d
 2023-01-31 14:18:11 +08:00
Joseph Jang
245e4205d1 citadel: Remove citadel.te for sepolicy testing 
Test: VtsHalWeaverTargetTest
      VtsAidlSharedSecretTargetTest
      VtsHalIdentityTargetTest
      VtsHalRemotelyProvisionedComponentTargetTest
      VtsAidlKeyMintTargetTest
Bug: 264489777
Change-Id: I787aef6a0a924706ba2afccefff770408bb78294
 2023-01-31 05:21:49 +00:00
Long Ling
ab6c98702b Set context for sysfs file refresh_rate 
Bug: 263821118
Change-Id: Id8865c4499b6af103a7acd1fbbe6da0724cb83b3
 2023-01-26 18:51:53 -08:00
TreeHugger Robot
1746a6cc59 Merge "Add rule for secure_element AIDL" 2023-01-27 02:00:45 +00:00
Donnie Pollitz
34fe057526 sepolicy: Fix tee avc denials 
tee policies were missing

Bug: 263304957
Bug: 263429986
Bug: 264489524
Test: boot and scanAvcDeniedLogRightAfterReboot passed

Change-Id: Ia3191496be005dbbbe331a14f7d45adace34b3fc
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-01-24 15:22:57 +01:00
Grace Chen
82ae431064 Merge "Fix selinux denials on hal_secure_element_uicc" 2023-01-24 02:10:51 +00:00
Grace Chen
e881d9d401 Fix selinux denials on hal_secure_element_uicc 
Bug: 264489780
Test: Confirm no more selinux denials
Change-Id: Ib159acaf8701d0ac7e3325addd7baca6a41f0cee
 2023-01-23 15:36:04 -08:00
Grace Chen
c93ba80fc4 Add rule for secure_element AIDL 
Add secureelement aidl

b/261565407

Change-Id: I79f35e8231d9eae81b90528269410c169bb1a035
 2023-01-23 18:46:01 +00:00
Dinesh Yadav
3de9d17052 Merge "Allow camera HAL and GCA to access GXP device." 2023-01-18 07:33:32 +00:00
TreeHugger Robot
30fe55378d Merge "Fix avc denied and remove tracking_denials for hal_usb_gadget_impl" 2023-01-17 06:07:41 +00:00
Ernie Hsu
87aa440b72 Merge "Remove tracking_denials for media related module" 2023-01-17 05:51:00 +00:00
Chung-Kai (Michael) Mei
ee6c28322a Merge "sepolicy: fix avc denial" 2023-01-17 04:53:35 +00:00
Chungkai Mei
cc0f6a604d sepolicy: fix avc denial 
fix avc denial

Test: boot passed and no avc log after boot
Bug: 264483355
Change-Id: Idd9ef9ca7c988141bffd2d9d7e561efe8066cba4
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-01-17 04:53:13 +00:00
Ray Chi
6baa4fa226 Fix avc denied and remove tracking_denials for hal_usb_gadget_impl 
Bug: 264946043
Test: no avc denied for hal_usb_gadget_impl
Change-Id: Ib52e6d089a0e3e73c619f35849af0aed478c1f65
 2023-01-17 04:37:49 +00:00
Ernie Hsu
c2a4092ee6 Remove tracking_denials for media related module 
All bugs in modified te files were already fixed

Bug: 264490072
Bug: 264489679
Bug: 264490012
Bug: 264489523
Test: test video recording/playback under enforcing mode
Change-Id: Iac7dc597f58dcc5f7bd936ddb607aa7158467a34
 2023-01-17 03:45:37 +00:00
Dinesh Yadav
b068bb3f64 Allow camera HAL and GCA to access GXP device. 
The camera HAL and Google Camera App
need selinux permission to run workloads on Aurora DSP. This
change adds the selinux rules too allow these clients to
access the GXP device in order to execute workloads on DSP.

Bug: 264321380
Test: Verified that the camera HAL service and GCA app is able to access the GXP device.
Change-Id: I125650b4841b4cbdc50077a0d80b113b02699de8
 2023-01-17 03:21:04 +00:00
TreeHugger Robot
ef4c754dc4 Merge "Fix avc denied and remove tracking_denials for hal_usb_impl" 2023-01-16 09:55:32 +00:00
Dinesh Yadav
1ac5ca8485 Merge "Add SEPolicy settings for android logging/tracing service for GXP" 2023-01-16 08:05:51 +00:00
Ray Chi
0801e5e421 Fix avc denied and remove tracking_denials for hal_usb_impl 
Fix avc denial for hal_usb_impl.

Bug: 263048760
Test: no avc denied for hal_usb_impl
Change-Id: Iaeea9d1f99f715c0f856a3a9f9fcd2e8d371f3d3
 2023-01-16 15:40:48 +08:00
Chungkai Mei
171bfb004b sepolicy: fix avc denial 
fix avc denial

Test: bott passed and no avc log after boot
Bug: 260769063
Bug: 261105028
Bug: 260366126
Bug: 261650934
Bug: 262178497
Bug: 262315567
Bug: 262633072
Change-Id: I926d535fe6871726b5cd0602e436f6b5a3a9e736
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-01-16 02:55:37 +00:00
sukiliu
3b97d74811 Update error on ROM 9492984 
Bug: 265587172
Test: SELinuxUncheckedDenialBootTest
Change-Id: I69402149121da5bbb0f2f89ca59c3ca458945d50
 2023-01-16 09:36:14 +08:00
Ken Yang
c4d610a86b Merge "WLC: Cleanup the sysfs_wlc policies" 2023-01-13 14:41:32 +00:00
TreeHugger Robot
71b801e2b7 Merge "Update error on ROM 9486762" 2023-01-13 09:14:49 +00:00
Welly Hsu
1f350465ce Merge "Fix euiccpixel_app SELinux error for eSIM firmware upgrade" 2023-01-13 07:46:40 +00:00
sukiliu
305330ef84 Update error on ROM 9486762 
Bug: 265384119
Bug: 265383359
Bug: 265383532
Test: SELinuxUncheckedDenialBootTest
Change-Id: I78bf39772c8f2a6b5c403ed5b113a34ff7d9dab0
 2023-01-13 15:33:02 +08:00
Leo Liou
af6131d348 Merge "zuma: add sepolicy for ufs_firmware_update process" 2023-01-13 03:21:07 +00:00
Leo Liou
30f3c17252 zuma: add sepolicy for ufs_firmware_update process 
Allow the script to access the specified partition and sysfs.

Bug: 224464892
Test: full build and test ffu flow
Change-Id: I27f0d4d97f15a7c108e6ae1b8c12fda2c69c303a
Signed-off-by: Leo Liou <leoliou@google.com>
 2023-01-13 08:19:27 +08:00
Jaegeuk Kim
0cf7210eb1 Allow mkfs/fsck for vendor partitons 
Change-Id: I425c56edf9b12f1b86994f58100ecc9a8e1b58b2
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2023-01-12 09:42:16 -08:00
Welly Hsu
48ef4308be Fix euiccpixel_app SELinux error for eSIM firmware upgrade 
bug: 265286368

Test: generate test build and confirm no avc error happens
Change-Id: I2f457157d92cb48dfe328ba1520c3e598bd6d6b6
 2023-01-13 01:17:19 +08:00
Suki Liu
8b58ce3b69 Merge "Update error on ROM 9481402" 2023-01-12 11:41:23 +00:00
TreeHugger Robot
7544c3c104 Merge "Wifi: Add sepolicy files for wifi_sniffer service" 2023-01-12 05:55:41 +00:00
kensun
fb69c41387 Wifi: Add sepolicy files for wifi_sniffer service 
Bug: 237465412
Test: Manual Test
Change-Id: I558b7f401c8d0da0f7f5b376165b42e1073a7900
 2023-01-12 05:47:03 +00:00
sukiliu
26aa4fa6e2 Update error on ROM 9481402 
Bug: 265220235
Test: SELinuxUncheckedDenialBootTest
Change-Id: I784b50120a7f4dd3c9ee8c0837f0ddfd8210da2a
 2023-01-12 10:47:54 +08:00
Xu Han
e8f6804674 Merge "Fix permission regarding camera HAL, raidoExt and rlsservice" 2023-01-11 23:06:17 +00:00
Dinesh Yadav
7056027e71 Add SEPolicy settings for android logging/tracing service for GXP 
Test:
Checked that no "avc" violations were caused by gxp_logging after selinux has been enforced.

Bug: 264489388
Change-Id: I967b7b6d57c70804bed5c4ae94ff7b62ece23de3
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-01-11 13:54:47 +00:00
Hasini Gunasinghe
ab3f430aae Merge "[Port ag/20645453] Map Rust KeyMint to same SELinux policy as C++" 2023-01-10 19:52:48 +00:00
Ken Yang
2dda40afef WLC: Cleanup the sysfs_wlc policies 
The sepolicy must be self-contained without including wirelss_charger to
avoid build break in AOSP

Bug: 263830018
Change-Id: Iff235b0c006474b59af853a19d01ba57c3dfe451
Signed-off-by: Ken Yang <yangken@google.com>
 2023-01-10 16:03:22 +00:00
sukiliu
fdb950e96d Update error on ROM 9471410 
Bug: 264600171
Bug: 264972626
Bug: 264972745
Bug: 264972759
Test: scanBugreport
Change-Id: Ibe3bd94ce6c9c62bb6b2733cc025d0ccd9c478c5
 2023-01-10 16:12:05 +08:00
TreeHugger Robot
029f002a34 Merge "Allow dmabuf heap access to graphics allocator" 2023-01-10 01:52:35 +00:00
Hasini Gunasinghe
76c4f20434 [Port ag/20645453] Map Rust KeyMint to same SELinux policy as C++ 
Allow the Rust and C++ implementations of the KeyMint HAL service to be
toggled easily, by mapping them to the same SELinux policy.

Bug: 197891150
Bug: 225036046
Test: VtsAidlKeyMintTargetTest
Change-Id: Ic43985f32aaabb2560ef0b02573a1e587e24fc6a
 2023-01-10 01:19:17 +00:00
Ankit Goyal
344fb91207 Allow dmabuf heap access to graphics allocator 
There is no change in dmabuf heaps from pro, so these use the exact same
SEpolicy rules

Fix: 264489636
Test: Boots to home (with SELinux enforced)
Test: VtsHalGraphicsMapperV4_0TargetTest
Change-Id: I58ec8d9558fa76b805c0882cbbb20bfd08aead13
 2023-01-09 16:16:28 -08:00
George Lee
394b28b7b1 selinux: Enable lpf_power for sys_odpm 
Bug: 264929465
Test: Confirm selinux error no longer exist
Change-Id: Ibd7bfccac0d942507f3f1a9e2bf667ed1a54a9e6
Signed-off-by: George Lee <geolee@google.com>
 2023-01-09 14:54:57 -08:00
Suki Liu
67584383ca Merge "Update error on ROM 9467820" 2023-01-09 13:01:06 +00:00
Miller Liang
89bdcc93cc Merge "audio:fix AAudio API access denial" 2023-01-09 12:36:34 +00:00
millerliang
8889eb6496 audio:fix AAudio API access denial 
This commit adds the sepolicy file for AAudio API

I auditd  : type=1400 audit(0.0:113):
avc: denied { map } for comm="binder:900_7" path="/dev/snd/pcmC0D0p"
dev="tmpfs" ino=1191 scontext=u:r:audioserver:s0
tcontext=u:object_r:audio_device:s0 tclass=chr_file permissive=1

Bug: 264484544
Test: test_steal_exclusive -c0
Test: Check no avc_deny on audioserver
Change-Id: I9efde74c74722b1b32c1d800a4cbceea8a850bfa
 2023-01-09 14:55:32 +08:00
sukiliu
acd718f65a Update error on ROM 9467820 
Bug: 264831112
Test: SELinuxUncheckedDenialBootTest
Change-Id: I3f3ca17d3620cf3b1c6c21fc996143be25622b48
 2023-01-09 14:55:19 +08:00
Cheng Chang
67ff25f88c Merge "allow system_server binder call gpsd" 2023-01-09 06:04:41 +00:00
Neo Yu
c13eb657f9 Merge "Remove rild.te because all issues about rild are fixed." 2023-01-09 03:57:40 +00:00
KRIS CHEN
3d15476ae0 Merge "Remove tracking_denials/hal_fingerprint_default.te" 2023-01-09 03:20:16 +00:00
Kris Chen
9be7a3368a Remove tracking_denials/hal_fingerprint_default.te 
Bug: 264489559
Test: test fingerprint under enforcing mode
Change-Id: Ifd8637cba54264a1906e444b25d735c81f7037f0
 2023-01-09 03:19:57 +00:00
Cheng Chang
e83f8dcee8 allow system_server binder call gpsd 
01-05 17:56:17.416 hidl_ssvc_poll: type=1400 audit(0.0:467): avc: denied { call } for scontext=u:r:system_server:s0 tcontext=u:r:gpsd:s0 tclass=binder permissive=1

Bug: 264508279
Test: flash test build and check avc denied logs are goned
Change-Id: I6f3f27de7466cb594c192cd8339009ca6633ec6d
 2023-01-09 03:19:43 +00:00
neoyu
f2ed76a124 Remove rild.te because all issues about rild are fixed. 
Bug: 264490075
Test: build pass
Change-Id: I37e6caedb9903faa1f1f974d596753223fde0f5f
 2023-01-09 10:54:14 +08:00
Aaron Tsai
6d11fe20d0 Merge "Fix avc denied for rild" 2023-01-09 02:21:17 +00:00
TreeHugger Robot
09ba144bc6 Merge "sepolicy: remove tracking denials for hal_power_stats" 2023-01-09 01:58:14 +00:00
Aaron Tsai
93dd7a2935 Fix avc denied for rild 
original log: [  158.669951] type=1400 audit(1671200951.308:888): avc: denied { write } for comm="dumpstate" path="pipe:[227853]" dev="pipefs" ino=227853 scontext=u:r:rild:s0 tcontext=u:r:dumpstate:s0 tclass=fifo_file permissive=1
original log: [  174.593792] type=1400 audit(1671063328.232:1003): avc: denied { use } for comm="dumpstate" path="pipe:[235312]" dev="pipefs" ino=235312 scontext=u:r:rild:s0 tcontext=u:r:dumpstate:s0 tclass=fd permissive=1

Bug: 263049190
Bug: 262633094
Test: manual test and check log
Change-Id: I56b26c8dc820e00ef659844cceff45edded4d677
 2023-01-07 14:05:10 +00:00
TreeHugger Robot
f4841acd83 Merge "Wifi: Add sepolicy files for hal_wifi_ext service" 2023-01-07 07:38:08 +00:00
Darren Hsu
8eed3af1eb sepolicy: remove tracking denials for hal_power_stats 
Bug: 264489189
Test: Captured bugreport and make sure there is no any avc denails
Test: related to hal_power_stats
Change-Id: Id83022ebaca5a507873bee57363a54baf4a27310
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-01-07 15:04:35 +08:00
Randall Huang
a3c890ba1e Merge "sepolicy: remove vold tracking_denials." 2023-01-07 03:07:09 +00:00
Xu Han
b8ab0fed91 Fix permission regarding camera HAL, raidoExt and rlsservice 
Bug: 264483024
Bug: 264489641
Bug: 263185565
Test: selinux log
Change-Id: Ieb174aef18c218efdcb357245c7d5ac4953a949c
 2023-01-06 11:56:55 -08:00
Xu Han
ffdcbabbab Merge "Allow camera HAL to call radioExt HAL for desense" 2023-01-06 17:31:02 +00:00
Suki Liu
8f3cb77d1c Merge "Update error on ROM 9460470" 2023-01-06 08:31:23 +00:00
kensun
0f5b5efdd1 Wifi: Add sepolicy files for hal_wifi_ext service 
This commit adds the sepolicy related files for hal_wifi_ext service.

[   27.714476] type=1400 audit(1670979557.360:29): avc: denied { call } for comm="binder:942_1" scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c215,c256,c512,c768 tclass=binder permissive=1
12-14 08:59:17.360   942   942 I binder:942_1: type=1400 audit(0.0:29): avc: denied { call } for scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c215,c256,c512,c768 tclass=binder permissive=1

Bug: 262455388
Test: Check no avc_deny on hal_wifi_ext
Change-Id: Ibc48225845b0cd10bbe88527449016daa9ef9eff
 2023-01-06 08:06:57 +00:00
Randall Huang
55133b1c0c sepolicy: remove vold tracking_denials. 
Move platform-specific vold rule to common folder.

Bug: 264483567
Bug: 264483569
Bug: 264489799
Test: run atest
Change-Id: Idad799d9f536ca18a0c3b5e7eb9d0bc182015e64
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-01-06 14:04:21 +08:00
sukiliu
18257ad81e Update error on ROM 9460470 
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264606212
Bug: 264600084
Bug: 264483754
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4a281b360783032132179fd9f9b314d0a65d233a
 2023-01-06 10:46:28 +08:00
Adam Shih
9fbe949e7c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264600052
Bug: 264600084
Bug: 264483754
Test: scanBugreport
Bug: 264600171
Bug: 264600086
Bug: 264600053
Bug: 264599934
Change-Id: Idd111c69fbcebadf941f2a7cb6e0af7c8e24711d
 2023-01-06 09:32:22 +08:00
Xu Han
525acba924 Allow camera HAL to call radioExt HAL for desense 
Bug: 264204392
Test: selinux log
Change-Id: Iee7f45a649444cc6c95b8094f001645e85eb83ba
 2023-01-05 18:54:59 +00:00
Adam Shih
16452851f3 dispatch domains to owner via bugs 
Bug: 264484544
Bug: 264489606
Bug: 264489743
Bug: 264489675
Bug: 264489633
Bug: 264489777
Bug: 264489520
Bug: 264489270
Bug: 264489387
Bug: 264489745
Bug: 264489957
Bug: 264489521
Bug: 264490031
Bug: 264489388
Bug: 264489608
Bug: 264489609
Bug: 264489778
Bug: 264489634
Bug: 264489794
Bug: 264489795
Bug: 264489559
Bug: 264489636
Bug: 264489746
Bug: 264490032
Bug: 264489188
Bug: 264489676
Bug: 264489779
Bug: 264489189
Bug: 264489677
Bug: 264489780
Bug: 264489637
Bug: 264490033
Bug: 264489390
Bug: 264489561
Bug: 264489750
Bug: 264489190
Bug: 264490051
Bug: 264489958
Bug: 264489610
Bug: 264489562
Bug: 264489797
Bug: 264489781
Bug: 264490034
Bug: 264489678
Bug: 264490091
Bug: 264490035
Bug: 264490011
Bug: 264490052
Bug: 264489639
Bug: 264489961
Bug: 264490072
Bug: 264490012
Bug: 264489523
Bug: 264489679
Bug: 264490053
Bug: 264489564
Bug: 264489783
Bug: 264490036
Bug: 264490074
Bug: 264490054
Bug: 264489565
Bug: 264490092
Bug: 264490075
Bug: 264489641
Bug: 264490093
Bug: 264489962
Bug: 264489784
Bug: 264489567
Bug: 264490076
Bug: 264489786
Bug: 264490014
Bug: 264489524
Bug: 264490055
Bug: 264489569
Bug: 264489526
Bug: 264489642
Bug: 264489681
Bug: 264489963
Bug: 264489787
Bug: 264490095
Bug: 264489799
Bug: 264490077
Test: boot to home in enforcing mode
Change-Id: I784ee1653800119308c22c85652764a99ca076e4
 2023-01-05 13:15:51 +08:00
Adam Shih
c858342332 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 264483752
Bug: 264483024
Bug: 264483531
Bug: 264483532
Bug: 264483567
Bug: 264483670
Bug: 264483151
Bug: 264483152
Bug: 264483352
Bug: 264483568
Bug: 264483753
Bug: 264482981
Bug: 264483754
Bug: 264483456
Bug: 264483787
Test: scanBugreport
Bug: 264483390
Bug: 264482983
Bug: 264483355
Bug: 264483356
Bug: 264483533
Bug: 264483319
Bug: 264483569
Test: scanAvcDeniedLogRightAfterReboot
Bug: 264321380
Bug: 264483357
Change-Id: I39f2a98bbbc8e416b86dd06cc99984acbab97baa
 2023-01-05 11:04:42 +08:00
TreeHugger Robot
10a6384587 Merge "label GPU as same_process_hal" 2023-01-04 06:21:24 +00:00
TreeHugger Robot
e9a315b81a Merge "set necessary domains to permissive" 2023-01-04 05:06:08 +00:00
Adam Shih
92f2edf487 label GPU as same_process_hal 
Bug: 261933250
Bug: 261933249
Bug: 261933226
Bug: 261933097
Bug: 261933428
Bug: 261933227
Bug: 260768740
Bug: 260922185
Test: boot to home under enforcing mode
Change-Id: Ied95ce0c1f851785e0848f7af788969f27e45101
 2023-01-04 12:10:27 +08:00
Adam Shih
97748d82a9 set necessary domains to permissive 
Bug: 254378739
Test: enforce and boot to home
Change-Id: I1dc8f400971e0926dbb2c5c0ac6f0ef99250e067
 2023-01-04 11:57:28 +08:00
Adam Shih
00b1421a56 Update error on ROM 9451592 
Bug: 264321380
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ibdf5acaa5898a728aac202902a1577d05f7d1f25
 2023-01-04 10:23:28 +08:00
TreeHugger Robot
bd992ad2b4 Merge "Sepolicy: Pixelstats: Battery history sepolicy" 2023-01-04 02:19:54 +00:00
TreeHugger Robot
af402f7187 Merge "Update error on ROM 9449178" 2023-01-03 03:06:21 +00:00
TreeHugger Robot
9bb06f3d46 Merge "modem_svc_sit: Grant permission to read vendor_fw_file" 2023-01-03 02:50:17 +00:00
Adam Shih
ef8da88fdc Update error on ROM 9449178 
Bug: 264204392
Bug: 264204525
Bug: 264204023
Bug: 264204215
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ice60ef7f25f549a990e3c6f006ed528b0b0beedf
 2023-01-03 10:03:13 +08:00
Wasb Liu
cefb0a621f hal_health_default: updated sepolicy 
Add necessary sepolicy.

Bug: 260366438
Bug: 261933135
Bug: 262178574
Bug: 262794970
Test: no avc denied for hal_health_default
Change-Id: I47043f64931c191063a0b3d5807ef814fa8b787f
Signed-off-by: Wasb Liu <wasbliu@google.com>
 2022-12-29 09:47:23 +00:00
Darren Hsu
3ea4ff4944 sepolicy: Allow hal_power_stats to access required sysfs 
Bug: 260366519
Bug: 260768935
Bug: 260922184
Bug: 261105152
Bug: 261363958
Bug: 261519183
Bug: 261651283
Bug: 261783107
Test: Captured bugreport and make sure there is no any avc denails
Test: related to hal_power_stats
Change-Id: Ic214dc1d8ea920b1bb8f700cd8b75918af3ab046
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-12-29 14:33:17 +08:00
Kris Chen
4963317cad zuma: fingerprint: fix SELinux denails 
Bug: 261105164
Test: boot with no relevant error on p23 device
Change-Id: I8d897693685591a042c5febfeca0121375749b8e
 2022-12-23 17:43:50 +08:00
Kadyr Narmamatov
3fc1ab6583 modem_svc_sit: Grant permission to read vendor_fw_file 
Bug: 260371849
Change-Id: Ia1bb3483c0d1dfcc1fc34b625f8b0eddf099cafb
 2022-12-23 04:11:01 +00:00
Timmy Li
a6fd3e2122 Merge "Add hal_camera_default se linux file for zuma" 2022-12-23 03:47:09 +00:00
TreeHugger Robot
42fb73dfeb Merge "Move the sepolicy setting of als_table to the new file." 2022-12-23 02:25:58 +00:00
Adam Shih
d045e5ac5e Update error on ROM 9431928 
Bug: 263525155
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ie309aafff8d3772f19c28e3d3b049b642bd2c221
 2022-12-23 08:19:30 +08:00
Chia-Ching Yu
0dfdbed76e Move the sepolicy setting of als_table to the new file. 
Bug: 261111968
Test: There is no als_table avc denied log after reboot.

Change-Id: I41f9472e6a17dd7fce021d916e3e626a81fe79cf
 2022-12-23 07:05:57 +08:00
timmyli
8d061f7ebc Add hal_camera_default se linux file for zuma 
Add hal_camera_default.te for zuma. Move referenced contexts and
settings to new zuma-sepolicy folders. Add hal_camera_default type declaration
to file.te

Bug: 261651093, 260366029, 263185135
Test: Build and test for hal_camera_default denials
Change-Id: Id0246f9ca8fd399853894e9e41548976ab44ccd0
 2022-12-22 21:41:11 +00:00
Dennycy
79210088c5 Sepolicy: Pixelstats: Battery history sepolicy 
avc: denied { read } for comm="pixelstats-vend" name="battery_history"
dev="tmpfs" ino=845 scontext=u:r:pixelstats_vendor:s0 tcontext=u
:object_r:battery_history_device:s0 tclass=chr_file permissive=1

Bug: 260366322
Test: No more battery_history sepolicy found
Change-Id: Ic5d351ed0e42d08b24b5fd0af2d9ebd155086bc9
Signed-off-by: Dennycy <dennycylee@google.com>
 2022-12-22 09:21:56 +00:00
Ernie Hsu
0faf3d2c7b Merge "mediacodec_samsung: add sepolicy for mfc codec" 2022-12-22 05:25:29 +00:00
Ernie Hsu
bb7586ac03 mediacodec_samsung: add sepolicy for mfc codec 
Add necessary sepolicy. Log and reason are added in review comment
move sysfs out from legacy setting

Bug: 262633502
Bug: 263049105
Bug: 262794577
Bug: 262794578
Bug: 262794634
Test: video playback
      SELinuxTest#scanBugreport
      SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I240f3fc4672a0d3133699f76a808573e172d23f2
 2022-12-22 03:46:04 +00:00
Adam Shih
b3894c8262 Update error on ROM 9428849 
Bug: 263429589
Bug: 263429985
Bug: 263429986
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: I7387105916c4cb8ca9c6a6ab0e6d58f6c8d24d0b
 2022-12-22 10:02:41 +08:00
Kah Xuan Lim
77becc2a8f Merge "Modem ML: create selinux rules" 2022-12-21 10:04:58 +00:00
Chung-Kai (Michael) Mei
839546d2e3 Merge "Revert "Fix avc denials for powerhal"" 2022-12-21 08:39:31 +00:00
Chung-Kai (Michael) Mei
21426ea726 Revert "Fix avc denials for powerhal" 
This reverts commit 92e550d83f.

Reason for revert: here's duplicated setting

Change-Id: I4188deee0010c5dd10501fd9b36ae3876c412322
 2022-12-21 08:37:50 +00:00
Ken Yang
de0b57a913 Merge "WLC: Remove sysfs_wlc sepolicy" 2022-12-21 08:36:15 +00:00
TreeHugger Robot
aed7870cb2 Merge "Fix avc denials for powerhal" 2022-12-21 07:20:07 +00:00
TreeHugger Robot
e9868935cf Merge "mediacodec_google: updated sepolicy" 2022-12-21 04:58:31 +00:00
Chungkai Mei
92e550d83f Fix avc denials for powerhal 
Test: bott passed and no avc log after boot
Bug: 260769063
Bug: 261105028
Bug: 260366126
Bug: 261650934
Bug: 262178497
Bug: 262315567
Bug: 262633072
Change-Id: I84e5cdaeb8016bd3f5506a242ee8e3a58052ab07
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2022-12-21 02:46:39 +00:00
TreeHugger Robot
f22f38b970 Merge "Update error on ROM 9423786" 2022-12-21 02:40:11 +00:00
Taylor Nelms
9f72e56d46 Merge "Modify permissions to allow dumpstate process to access decon_counters node" 2022-12-21 01:41:40 +00:00
Adam Shih
f0d101b3e7 Update error on ROM 9423786 
Bug: 263304957
Bug: 263305034
Bug: 263305106
Bug: 263305225
Bug: 263305107
Bug: 263305203
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Iea85cf823b04f73d58ffab84f4b06dce39e80fc9
 2022-12-21 08:44:19 +08:00
Kah Xuan Lim
6ea5e4634a Modem ML: create selinux rules 
Bug: 262338662
Change-Id: I899a03a36b542bbf6b9e4b936f279f2d6b4a4c7b
 2022-12-20 08:39:35 +00:00
Sateshk Kumar Chinnappan
293813afed Merge "Add selinux rules for platform_apps to access vendor_ims_app udp socket for read/write of RTP packets." 2022-12-20 04:01:42 +00:00
Ruofei Ma
fd79c76365 mediacodec_google: updated sepolicy 
Add necessary sepolicy.

Bug: 262633230
Test: no avc denied for mediacodec_google

Change-Id: I0b2a8a12d9d9a6484cf899fabdf213b8c9a279e9
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2022-12-19 19:37:52 -08:00
TreeHugger Robot
2b5846fc4a Merge "restart domains" 2022-12-20 03:28:07 +00:00
Adam Shih
169b9143fb restart domains 
Bug: 254378739
Test: boot to home
Change-Id: I7d077b7c5edfb3bee07a05fda05e5076e515c7bf
 2022-12-20 08:50:43 +08:00
Adam Shih
2682fc7fc4 update error on ROM 9420981 
Bug: 263185135
Bug: 263184738
Bug: 263185136
Bug: 263185161
Bug: 263185431
Bug: 263185547
Bug: 263185432
Bug: 263185565
Bug: 263184920
Bug: 263185566
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ia305204ccda294f7ad38edb669c85907485e4db3
 2022-12-20 08:38:41 +08:00
Sateshk Kumar Chinnappan
ebe77e31f4 Add selinux rules for platform_apps to access vendor_ims_app udp socket for read/write of RTP packets. 
This addresses the following SE policy denial
11-11 20:51:49.388000  2167  2167 I auditd  : type=1400 audit(0.0:11): avc: denied { read write } for comm="nnon.imsservice" path="socket:[111836]" dev="sockfs" ino=111836 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:r:vendor_ims_app:s0:c228,c256,c512,c768 tclass=udp_socket permissive=0 app=com.shannon.imsservice

Bug: 262320328
Test: Manual
Change-Id: I450f1faebd6c6a67e9f904c880360e75bad3cb40
 2022-12-19 19:26:14 +00:00
Ken Yang
0656a4f24d WLC: Remove sysfs_wlc sepolicy 
Bug: 237600973
Change-Id: If0416877447c9f588d69f498f6219297392f4e55
Signed-off-by: Ken Yang <yangken@google.com>
 2022-12-19 06:17:39 +00:00
Adam Shih
be72019a1c restart domains 
Bug: 254378739
Test: boot to home
Change-Id: I6faa55132d52896c5138eb4dcff2bde3557dcf90
 2022-12-19 11:01:25 +08:00
Adam Shih
56d34babe5 Update error on ROM 9412813 
Bug: 263049190
Bug: 263048776
Bug: 263048760
Bug: 263048994
Bug: 263049105
Test: scanBugreport
Change-Id: Iae0d5926b61b901ef92a6658ba72ff6e81133ed5
 2022-12-19 10:11:42 +08:00
Taylor Nelms
e7f915c920 Modify permissions to allow dumpstate process to access decon_counters node 
Bug: 240346564
Test: Build for P23 device with "user" build, check bugreport for decon_counters content
Change-Id: Iac569b53880f903aa6496cb24bdadc6e38975171
Signed-off-by: Taylor Nelms <tknelms@google.com>
 2022-12-16 16:50:49 +00:00
Adam Shih
81112ab63a Update error on ROM 9409984 
Bug: 262794634
Bug: 262793919
Bug: 262794428
Bug: 262794938
Bug: 262794359
Bug: 262794939
Bug: 262793920
Bug: 262794577
Bug: 262794578
Bug: 262794969
Bug: 262794970
Bug: 262794360
Bug: 262794429
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Iaa3d4e54ccee70f48a322df6d229d3cae1ba1df6
 2022-12-16 09:41:47 +08:00
TreeHugger Robot
3406af9012 Merge "Add BrownoutDetected Events - zuma sepolicy" 2022-12-15 05:29:35 +00:00
TreeHugger Robot
1c85fa9544 Merge "Update error on ROM 9406001" 2022-12-15 04:15:56 +00:00
Adam Shih
dc479f78a5 Merge "restart domains" 2022-12-15 03:15:49 +00:00
Adam Shih
f877ad1b19 Update error on ROM 9406001 
Bug: 262633248
Bug: 262633072
Bug: 262633230
Bug: 262633502
Bug: 262633094
Test: scanBugreport
Change-Id: I74904ba4ae79264bb1623bb16d9f5f8369a39b9f
 2022-12-15 09:38:07 +08:00
Adam Shih
419fa5774c create an empty dump file for wlan 
Bug: 261784587
Test: adb bugreport
Change-Id: I6a0e65e4624348f5f34cb618150a6978996dcdc9
 2022-12-14 13:33:33 +08:00
Adam Shih
ce44423468 restart domains 
Bug: 254378739
Test: boot to home
Change-Id: I427f1647d5a0a95e750fd59419575cdb7553111e
 2022-12-14 11:27:03 +08:00
TreeHugger Robot
6b40c66a4a Merge changes Ie67dbbda,Ib07c7a0e 
* changes:
  restart domains
  update error on ROM 9401969
 2022-12-14 03:06:08 +00:00
Adam Shih
4b9a4886f1 restart domains 
Bug: 254378739
Test: boot to home
Change-Id: Ie67dbbdad041d84cddbabf62e98b0a8f2b1eadf2
 2022-12-14 09:19:54 +08:00
Adam Shih
6e9a08deab update error on ROM 9401969 
Bug: 262455571
Bug: 262451641
Bug: 262455755
Bug: 262455388
Bug: 262455719
Bug: 262455954
Bug: 262455682
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ib07c7a0ea36c75871a527dfba4e2841675e34e6f
 2022-12-14 09:12:20 +08:00
TreeHugger Robot
5b081814bd Merge "restart domains" 2022-12-13 07:15:58 +00:00
Adam Shih
126d6a4771 restart domains 
Bug: 254378739
Test: boot to home
Change-Id: Ib6b0d9415b286fc7025df009a3bf7f1105ae4860
 2022-12-13 13:38:35 +08:00
George Lee
b17a5fc383 Add BrownoutDetected Events - zuma sepolicy 
Brownout Detection is detected during the boot sequence.  If the
previous shutdown resulted in a reboot reason that has *ocp* or *uvlo*
in it, the shutdown was due to brownout.  Mitigation Logger should have
logged the device state during the brownout.  This event metric is to
surface the logged data.

Bug: 250009365
Test: Confirm triggering of events
Ignore-AOSP-First: to detect brownout.
Change-Id: I54e354372935e339f685fc8f5541a0568053ae08
Signed-off-by: George Lee <geolee@google.com>
 2022-12-12 21:20:58 -08:00
TreeHugger Robot
1c9b746ee7 Merge "Update error on ROM 9394459" 2022-12-13 03:38:59 +00:00
Adam Shih
87d1f92ee9 Update error on ROM 9394459 
Bug: 262315567
Test: scanBugreport
Change-Id: I0474a4ad026300836e533f795db5030ff1f44e59
 2022-12-13 02:00:20 +00:00
Lopy Cheng
7b281b63f2 hal_graphics_composer_default: add sepolicy for display 
Fix avc denied issues.

Bug: 260769163
Bug: 261105029
Bug: 261933075
Bug: 261933169
Bug: 262178623
Test:
There is no AVC denied log after reboot

Change-Id: I291877a0f70f25a43f49a96a2b280be925bb98c5
 2022-12-12 16:12:18 +08:00
Adam Shih
a0e1ac65e8 Update error on ROM 9393090 
Bug: 262178702
Bug: 262178623
Bug: 262178574
Bug: 262178575
Bug: 262178497
Bug: 261933250
Test: scanBugreport
Change-Id: I71e6f3bada4824135725d4861d779e60c3c95706
 2022-12-12 04:25:16 +00:00
TreeHugger Robot
4ba1e2ea9a Merge "Update error on ROM 9385014" 2022-12-10 04:06:07 +00:00
Adam Shih
714677d599 Update error on ROM 9385014 
Bug: 261933169
Bug: 261933097
Bug: 261933428
Bug: 261933367
Bug: 261933249
Bug: 261933075
Bug: 261933155
Bug: 261933368
Bug: 261933226
Bug: 261933135
Bug: 261933310
Bug: 261933250
Bug: 261933227
Bug: 261933171
Bug: 261933311
Bug: 261933251
Test: scanBugreport
Change-Id: I8331a8595358a6ca09813306015137a11ed71d38
 2022-12-09 12:07:31 +08:00
George Chang
b5887a9853 Update permissions for st54spi and st33spi 
Remove st33spi and update st54spi rules

Bug: 261519145
Bug: 261519169
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I37736275204ad7bea98ce225121e71545260187c
 2022-12-08 15:08:17 +00:00
Adam Shih
1774ec056b restart domain 
Bug: 254378739
Test: boot to home
Change-Id: I776bf6fa66605a4c3a888f2362b79fa1e0ec122a
 2022-12-08 09:55:57 +08:00
Adam Shih
43a2adc630 update error on ROM 9381955 
Bug: 261783158
Bug: 261783107
Bug: 261783031
Bug: 261782930
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ia70ad5b6d7d67f244ffab1874ff255659251da0b
 2022-12-08 09:45:04 +08:00
Cyan Hsieh
fe97b2df7a Revert "restart domain" 
This reverts commit be714f6fa3.

Reason for revert: build breakage

Change-Id: I02a16de23cd657bc0cc9494b03f840d0060ac9d1
 2022-12-07 04:41:58 +00:00
Adam Shih
be714f6fa3 restart domain 
Bug: 254378739
Test: boot to home
Change-Id: I63a3e22ccbee16dd3f186e76fa698d2e7454c057
 2022-12-07 09:48:15 +08:00
Adam Shih
226ad03850 update error on ROM 9377107 
Bug: 261651113
Bug: 261651093
Bug: 261650934
Bug: 261651283
Bug: 261651325
Bug: 261651187
Bug: 261651110
Bug: 261651326
Bug: 261651112
Bug: 261650972
Bug: 261651095
Bug: 261651131
Bug: 261651009
Bug: 261650953
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I560c6fe5901fda018ff3f640d04954d245635db4
 2022-12-07 09:35:16 +08:00
TreeHugger Robot
8ddedfa7fa Merge "restart domains" 2022-12-06 08:35:59 +00:00
Jenny Ho
a74ca48b0e Merge "add permission for dump logbuffer" 2022-12-06 07:31:50 +00:00
Jenny Ho
ed45434f01 add permission for dump logbuffer 
Bug: 260756283
Change-Id: If4d885cc53bbb2a4796d638c5f23fbf17a494436
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2022-12-06 10:50:21 +08:00
Adam Shih
21f4111616 restart domains 
Bug: 254378739
Test: boot to home
Change-Id: If7264f1a5cdaace0558dbeda986d9c899dd6ac08
 2022-12-06 10:34:32 +08:00
Adam Shih
3a3a4e3111 update error on ROM 9372160 
Bug: 261518779
Bug: 261516808
Bug: 261519183
Bug: 261519145
Bug: 261519049
Bug: 261519169
Bug: 261519050
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ib42e6f3cb730a8e8cd45cfe164b6dc9eb1e41940
 2022-12-06 10:17:31 +08:00
TreeHugger Robot
7c94c8c83f Merge "restart deomains" 2022-12-05 06:02:58 +00:00
TreeHugger Robot
4437e6fdf4 Merge "update error on ROM 9367865" 2022-12-05 05:57:14 +00:00
Adam Shih
d6f91bdd8c restart deomains 
Bug: 254378739
Test: boot to home
Change-Id: I0ba59f5781d50ac4e9d8f501792a74187eda864e
 2022-12-05 12:33:05 +08:00
Adam Shih
cbdc1d8382 update error on ROM 9367865 
Bug: 261364077
Bug: 261363679
Bug: 261363958
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I99b80c85ca12b9657b231475506044812eb415fc
 2022-12-05 12:26:20 +08:00
Kenny Root
cc4dfa8c8b Add GSA BL1 partition to OTA domain 
This allows the OTA mechanism to write to the bootloader slot to
perform the actual OTA

Test: reboot and check partition label with ls -lZ
Bug: 259190970
Change-Id: I5433adbacfc6e16e61aac2e797f03f63b0deb29f
Signed-off-by: Kenny Root <kroot@google.com>
 2022-12-04 18:36:10 -08:00
Adam Shih
eedcbe920d fix missing declaration 
Bug: 254378739
Test: build pass
Change-Id: Ifb823de88007108a158fe747d1ed1f42547c2120
 2022-12-05 09:05:06 +08:00
Adam Shih
d4f59d3275 retire pixel-sepolicy 
Bug: 254378739
Test: boot with power stats launched
Change-Id: I5fa1b4617000490de6cdf79699014e076a34d816
 2022-12-02 10:19:13 +08:00
Adam Shih
6d88af1c59 update error on ROM 9359906 
Bug: 261105374
Bug: 261105238
Bug: 261105224
Bug: 261105182
Bug: 261105164
Bug: 261105029
Bug: 261105028
Bug: 261105152
Bug: 261105336
Bug: 261105354
Bug: 261105092
Bug: 261105356
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I66bbcedd4a0566f27561017bc7dcdca81a5ab67a
 2022-12-02 09:37:25 +08:00
George Chang
f40edb1ad5 Fix hal_nfc_default selinux denial 
Allow hal_nfc_default to access vendor_nfc_prop

Bug: 260769165
Bug: 260921340
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I53ff6262ac3210ee166df6d87c0fa587aa594b86
 2022-12-01 05:58:50 +00:00
Adam Shih
b9a2444b1b update error on ROM 
Bug: 260922186
Bug: 260921736
Bug: 260921579
Bug: 260921340
Bug: 260922184
Bug: 260922162
Bug: 260922442
Bug: 260922187
Bug: 260922048
Bug: 260922185
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I062c00075e09874ede185ab1f114aa1ade16991b
 2022-12-01 08:47:12 +08:00
Adam Shih
f1bdfb4013 restart other domains 
Bug: 254378739
Test: boot to home
Change-Id: Iddd16a969514e9e74f20793a1b7a02d328d6afbf
 2022-11-30 07:59:05 +08:00
Adam Shih
f5fc404dca update error on ROM 9344284 
Bug: 260769064
Bug: 260769163
Bug: 260768359
Bug: 260769165
Bug: 260769063
Bug: 260768935
Bug: 260769144
Bug: 260768402
Bug: 260768358
Bug: 260768672
Bug: 260768379
Bug: 260768740
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I2a4f4bffc251e43ed139b8e910a4195b141033f7
 2022-11-30 07:57:53 +08:00
timmyli
46ec476bbc Fix rlsservice selinux denial 
Allow rlsservice to access vendor_camera_prop

Bug: 260366344
Test: Compiles. Removing rlsservice.te and running specified unit test
does not reproduce bug.

Change-Id: I5b79c2c86ff3f35d1123e5e1b2a1a942f825af5e
 2022-11-29 04:14:04 +00:00
Adam Shih
96d88b3f98 move touch settings to gs-common 
Bug: 256521567
Test: adb bugreport
Change-Id: I881f27b45a412794cb2ea65147e2bf7b8cc708dd
 2022-11-28 12:46:26 +08:00
Adam Shih
b718e7685c restart HALs 
Bug: 254378739
Test: boot to home
Change-Id: Ib88e410c9b7011231a98f096e8cda8ba7332008d
 2022-11-28 10:07:26 +08:00
Adam Shih
ec17f1a125 update error on ROM 9336524 
Bug: 260522279
Bug: 260522435
Bug: 260522413
Bug: 260522434
Bug: 260522436
Bug: 260522378
Bug: 260522202
Bug: 260522245
Bug: 260522268
Bug: 260522282
Bug: 260522040
Bug: 260522041
Bug: 260522244
Bug: 260522203
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ib61f9c376c1351e1619621c79506396f6c291eed
 2022-11-28 09:51:25 +08:00
Adam Shih
8282a5abd2 restart a number of domains 
Bug: 254378739
Test: boot to home
Change-Id: I2390670d7d885d0e63fd6d1b4a1c9996ac3b6ee5
 2022-11-25 14:03:00 +08:00
Adam Shih
d48baf4a6b update error on ROM 9321621 
Bug: 260366279
Bug: 260365725
Bug: 260366029
Bug: 260366438
Bug: 260366177
Bug: 260366126
Bug: 260366519
Bug: 260366399
Bug: 260366065
Bug: 260366169
Bug: 260366297
Bug: 260366066
Bug: 260366439
Bug: 260366322
Bug: 260366281
Bug: 260366398
Bug: 260366278
Bug: 260366344
Bug: 260366321
Bug: 260363384
Bug: 260366030
Bug: 260366031
Bug: 260366195
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I2ef4a0dc4a2ff373151feb11e1d52e9931d7c0a2
 2022-11-25 11:42:44 +08:00
Cheng Chang
3e8c0c0495 Merge "gps: nstandby path depend on platform" 2022-11-24 06:54:15 +00:00
Cheng Chang
426a96bf54 gps: nstandby path depend on platform 
Bug: 259353063
Test: no avc denied about nstandby
Change-Id: I9713139d425be50a689130f735b37f04eb573107
 2022-11-24 02:21:37 +00:00
Stephen Crane
d5f4298494 Merge "Allow Trusty storageproxy property" 2022-11-23 18:45:57 +00:00
Adam Shih
ed05e53cd7 remove permissions that are not relevant to boot 
Bug: 254378739
Test: boot to home with no relevant error
Change-Id: Ie1bd477aeaf5fc38ce9d5160a7512cdfa17df9e3
 2022-11-23 13:45:50 +08:00
Adam Shih
99c109ba73 suppress spamming log 
Bug: 254378739
Test: Boot with less logs
Change-Id: Ibd6d6304c7b730a38c065718f5d9f0bdb86500ad
 2022-11-23 11:07:06 +08:00
Adam Shih
efa62674d4 remove obsolete files 
Bug: 254378739
Test: boot with no relevant error
Change-Id: I74d3c0f5fa898af75c7760aaba62e4e3a9857f83
 2022-11-23 11:06:51 +08:00
Stephen Crane
c5ac946a7a Allow Trusty storageproxy property 
Allows the Trusty storageproxyd to set ro.vendor.trusty.storage.fs_ready
when the data filesystems are ready for use, and allows vendor init to
query and wait on this property.

Test: build, flash, test app loading
Bug: 258018785
Change-Id: I5fe83524d74a6f5017011553c6d5ad0e3831751c
 2022-11-22 23:27:44 +00:00
Adam Shih
cc516c150a review proc_vendor_sched 
Bug: 254378739
Test: boot with no relevant error
Change-Id: If7d7334896f544c7d91b123513ebe437a35373ad
 2022-11-21 15:05:49 +08:00
Adam Shih
fcdad37b1b restart hal_power_default 
Bug: 254378739
Test: build pass
Change-Id: I86d598a437877ffd65d22b9fe73ffc16d31ea405
 2022-11-21 14:39:18 +08:00
TreeHugger Robot
393e46397f Merge changes I31ee3a76,Ic5954b5d,Ibdcea873 
* changes:
  review partition related operation
  review partitions
  review fsck and relevant partitions
 2022-11-21 04:46:33 +00:00
Adam Shih
91f7e4c62e review partition related operation 
Bug: 254378739
Test: boot with no relevant avc error
Change-Id: I31ee3a7654e759fb19d90fa9ec05d493660c3741
 2022-11-21 11:17:10 +08:00
Adam Shih
8cc9ed0404 review partitions 
Bug: 254378739
Test: boot with relevant files labled correctly
Change-Id: Ic5954b5de7976e1864dc77254b547d6c97f9e564
 2022-11-21 10:31:06 +08:00
Adam Shih
c37b0484af review fsck and relevant partitions 
Bug: 254378739
Test: boot with no relevant error
Change-Id: Ibdcea873e830c534101aaea0f12a1717748dcb48
 2022-11-21 10:16:19 +08:00
Adam Shih
f1e1ee50c2 remove panther's touch setting 
Bug: 256521567
Test: adb bugreport
Change-Id: Ia4019d1c3b7db0ae278cb0133c1530857eac364c
 2022-11-18 13:39:07 +08:00
Adam Shih
381ae2dddb restart device dependent HALs 
Bug: 254378739
Test: build pass
Change-Id: I06061867773dd20989923b3ce81b58a457f8a929
 2022-11-18 11:19:34 +08:00
Adam Shih
926118c0bd remove logger_app to start over 
Bug: 254378739
Test: build pass
Change-Id: Iec521b367fcdf48b38c81ee834f5805bd6e28bc8
 2022-11-18 11:12:40 +08:00
Adam Shih
8003246da8 remove pixelstats_vendor 
It has different implementation from gs201
Bug: 254378739
Test: build pass

Change-Id: I3aa23e902ecbb1004ebf2567c55c8a1ba910212c
 2022-11-18 09:57:07 +08:00
TreeHugger Robot
aac354caf1 Merge "radio: Add new radio device" 2022-11-17 07:57:23 +00:00
Adam Shih
3e8c9ba007 Merge "use syna setting from gs-common" 2022-11-17 07:09:28 +00:00
Salmax Chang
f87c27197c radio: Add new radio device 
Add "/dev/oem_test" into radio device label list.

Bug: 258744063
Change-Id: If5e7d555f4b0584f87956c9354ebf1d3efd9f73f
 2022-11-17 14:37:02 +08:00
Adam Shih
ac48178051 Merge "review cat_engine_service_app" 2022-11-17 02:59:15 +00:00
Adam Shih
9d8a25a6d1 use syna setting from gs-common 
Bug: 256521567
Test: adb bugreport
Change-Id: I4ef0a4d7cc8ee900394f3b68e48b4ff58891d1e2
 2022-11-17 10:29:22 +08:00
TreeHugger Robot
55658a9f55 Merge "remove raven setting" 2022-11-16 07:42:25 +00:00
Adam Shih
1b9d3e9092 review cat_engine_service_app 
Bug: 254378739
Test: build pass
Change-Id: I98710837319528a577af205b51de710baa742e1d
 2022-11-16 14:15:33 +08:00
TreeHugger Robot
cebbeb21ac Merge "improve dumpstate performance to 72 seconds" 2022-11-16 05:26:48 +00:00
TreeHugger Robot
649a0e22b9 Merge changes I1317f3ec,I5c727517 
* changes:
  remove obsolete code
  review radio
 2022-11-16 04:37:05 +00:00
Adam Shih
5adddd397a improve dumpstate performance to 72 seconds 
Bug: 259302023
Test: adb bugreport
Change-Id: I6e777e532ab09a54cec59fdb4f51c451db6f85de
 2022-11-16 11:45:43 +08:00
Adam Shih
f60c6d57b0 remove obsolete code 
The Hal is not on P23 device
Bug: 254378739
Test: build pass

Change-Id: I1317f3ece6454d89c9b88326aadc9cd50a56cb53
 2022-11-16 10:33:09 +08:00
Adam Shih
76cecacbe3 review radio 
Bug: 254378739
Test: boot to home
Change-Id: I5c7275170840cb58eb44373d2737bd7914514761
 2022-11-16 10:24:25 +08:00
Adam Shih
433f95cd25 catch up gs201's setting 
Bug: 254378739
Test: build pass
Change-Id: I12248518b5d30730f09bd5e7da2e47e1dd819889
 2022-11-11 05:45:20 +00:00
Adam Shih
1445ec804c Merge "move sensors dump to gs-common" 2022-11-11 05:35:25 +00:00
Adam Shih
1d234c6bec move sensors dump to gs-common 
Bug: 250475720
Test: adb bugreport
Change-Id: Iba58fed59d1c5a4f7767813c587d050efcf7a631
 2022-11-11 11:54:23 +08:00
Adam Shih
d8e8b3899c review hal_radioext_default 
Bug: 254378739
Test: boot with hal_radioext_default launched
Change-Id: Idd913e9418cc5ffbe0ade236639608c2bd313599
 2022-11-10 14:29:03 +08:00
Adam Shih
90dff9f56d review init.radio.sh 
Bug: 254378739
Test: boot with the script running
Change-Id: I76d58d9d15e5275a45a37292a1db2598e5e24e52
 2022-11-10 11:46:42 +08:00
Adam Shih
9db49d02d4 review bipchmgr 
Bug: 254378739
Test: boot with bipchmgr launched
Change-Id: I3d09a8dad088815c60aefc349e7a2d8b178e61fd
 2022-11-10 11:44:00 +08:00
Adam Shih
d806a9ed5d review vcd 
Bug: 254378739
Test: boot with vcd launched
Change-Id: I9e6fc1efab3f39c4d7f75490860acf901599a87a
 2022-11-10 11:41:18 +08:00
Adam Shih
4e54746992 Merge "remove edgeTPU folder" 2022-11-10 03:19:29 +00:00
Rick Chen
59ef653909 Allow CHRE to use EPOLLWAKEUP 
Bug: 238666865
Test: Compile pass.
Change-Id: I22f27fb03826d5298e866140dac91cec823e318b
Signed-off-by: Rick Chen <rickctchen@google.com>
 2022-11-09 18:32:02 +08:00
Adam Shih
fc41e82939 remove edgeTPU folder 
Bug: 258114806
Test: build pass
Change-Id: Ic9eb7f671ef3ede2da40e0ec40b0bb0646240924
 2022-11-09 12:39:09 +08:00
Adam Shih
d55543c288 isolate samsung modem related sepolicy 
Bug: 254378739
Test: boot with relevant binary launched
Change-Id: Ia18fce855bee17b93d97d1aa29a40d834a81fe09
 2022-11-09 10:41:21 +08:00
Adam Shih
b604d839ed remove raven setting 
Bug: 256521567
Test: device does not have the file
Change-Id: I64540c0eab12a71ab233a6d95883bd47c9265178
 2022-11-08 10:32:33 +08:00
Adam Shih
a91e557579 review the rest of slsi apps 
Bug: 254378739
Test: build pass
Change-Id: Icdea2a58f0b77cc78de7fd831aa7a54ddff2b0d3
 2022-11-07 13:44:27 +08:00
Adam Shih
fb3623ca3d review vendor_engineermode_app 
Bug: 254378739
Test: build pass
Change-Id: I6dcbe756227cd41280f1d1b83ff7e807680259e2
 2022-11-07 13:20:52 +08:00
TreeHugger Robot
19126e2dda Merge "restart hal_health_default" 2022-11-07 03:26:11 +00:00
Adam Shih
5944db2199 restart hal_health_default 
Bug: 254378739
Test: boot with the HAL started
Change-Id: I3143011c46e540424e340cbc36a818449395ec69
 2022-11-07 02:19:16 +00:00
Adam Shih
4c8e49f158 review sced 
Bug: 254378739
Test: build pass with sced correctly labeled
Change-Id: Ie59a048c5996d03d0641c824f6526618c260795e
 2022-11-07 10:02:18 +08:00
Adam Shih
61f75374b8 review vendor_telephony_silentlogging_app 
Bug: 254378739
Test: build pass
Change-Id: If8234278e2198fe42ae9a986631df8a04ce119f5
 2022-11-07 10:02:18 +08:00
Adam Shih
33be9e501d review vendor_telephony_debug_app 
Bug: 254378739
Test: build pass
Change-Id: I2b692fe3bfb6827ca65b79a6d5e0203df5e73af5
 2022-11-04 12:36:51 +08:00
Adam Shih
e08ac87755 review vendor_silentlogging_remote_app 
Bug: 254378739
Test: build pass
Change-Id: Ia56316249a7a00cff93447475b5ed5d88e4d9c11
 2022-11-04 12:35:31 +08:00
Adam Shih
534a8634f7 review IMS apps 
Bug: 254378739
Test:
Use command to check if the app is around:
$ adb shell ps -Z| grep shannon
u:r:vendor_qualifiednetworks_app:s0:c225,c256,c512,c768 u0_a225 2250 822 14569200 102584 do_epoll_wait 0 S com.shannon.qualifiednetworksservice
u:r:vendor_rcs_app:s0:c212,c256,c512,c768 u0_a212 2495 822 14627492 110156 do_epoll_wait   0 S com.shannon.rcsservice
u:r:vendor_ims_app:s0:c224,c256,c512,c768 u0_a224 2499 822 14886680 112228 do_epoll_wait   0 S com.shannon.imsservice

Change-Id: Ic68c05d3b4d60d921a85eb2de065f8e0d7c57f43
 2022-11-04 09:53:30 +08:00
Adam Shih
faf456f4ab review vendor_qualifiednetworks_app 
Bug: 254378739
Test:

$ adb shell ps -Z| grep shannon
u:r:vendor_qualifiednetworks_app:s0:c225,c256,c512,c768 u0_a225 2250 822 14569200 102584 do_epoll_wait 0 S com.shannon.qualifiednetworksservice

Change-Id: I83a20d9c461a071c0d46750b32fb787806c005f1
 2022-11-04 09:46:59 +08:00
Adam Shih
f6a685f60a Merge changes I937d70c7,Ia3315daa 
* changes:
  remove missing app
  review vendor_ims_app
 2022-11-03 09:25:31 +00:00
Adam Shih
b5c15037e0 remove missing app 
Bug: 254378739
Test: no such app after boot
adb shell ps -Z

Change-Id: I937d70c749bbbb118f233a56eed136c535b18e96
 2022-11-03 13:16:23 +08:00
Adam Shih
6d17ee11a8 review vendor_ims_app 
Bug: 254378739
Test: boot with ims app labeled
adb shell ps -Z

Change-Id: Ia3315daa3c49e73e05039d97386a981aa5d6859d
 2022-11-03 13:14:27 +08:00
Adam Shih
8221a79c0b review grilservice_app 
Bug: 254378739
Test:
$ adb shell ps -Z| grep gril
u:r:grilservice_app:s0:c202,c256,c512,c768 u0_a202 1995 829 14518964 91276 0               0 S com.google.android.grilservice

Change-Id: Ie1d22e30cb548b0d82275d9e76fc4810b9fbe289
 2022-11-02 11:01:52 +08:00
Adam Shih
5e2579cc53 review oemrilservice_app 
Bug: 254378739
Test: boot with the app labeled correctly
adb shell ps -Z| grep oem
u:r:oemrilservice_app:s0:c231,c256,c512,c768 u0_a231 2105 829 14654604 92840 0             0 S com.samsung.slsi.telephony.oemril

Change-Id: I22b839a9547646e811925abfc5ed3b122928123c
 2022-11-02 10:57:00 +08:00
Adam Shih
62b41afb1e review rild 
Bug: 254378739
Test: boot with rild launched
Change-Id: I90a800bb6b15732cc2fcfdafc5174f8c874b55ef
 2022-11-02 10:53:58 +08:00
Gabriel Biren
7b9dd04005 Merge "Update zuma sepolicy to allow the wifi_ext AIDL service." 2022-11-01 23:19:52 +00:00
Adam Shih
b571e6349c remove duplicated gps setting 
Bug: 254758553
Test: build pass
Change-Id: I21c08f138f066f4c3baa7fa0c37ed821e3d03363
 2022-11-01 10:54:35 +08:00
George Lee
9e250fe85e Merge "bcl: Add Mitigation Logger - Del zuma-sepolicy" 2022-10-31 14:17:57 +00:00
Adam Shih
81a354fc88 move brcm gps solution to gs-common 
Bug: 254758553
Test: google map can locate on pixel
Change-Id: I0ffbf5da277d71e04cd3aec1e8ef366b00309a83
 2022-10-28 14:00:27 +08:00
George Lee
5a11307aac bcl: Add Mitigation Logger - Del zuma-sepolicy 
Mitigation Logger logs battery related information for 1 second when it
is triggered by under voltage or over current interrupts.  Information
collected is to help debug system brownout.

Bug: 228383769
Test: Boot and Test
Change-Id: I83f1d8da286b53c0ae072db7ad1ce62900e5837d
Signed-off-by: George Lee <geolee@google.com>
 2022-10-28 05:26:16 +00:00
Adam Shih
53ee1c09b9 review cbd 
Bug: 254378739
Test: boot with cbd launched
Change-Id: I9c89c0fc3b40957bc60dd7854788d49e498fc0cd
 2022-10-28 11:59:23 +08:00
Adam Shih
2f2b04a36e review modem_svc_sit 
Bug: 254378739
Test: boot with modem_svc_sit running
Change-Id: Iee1a831f12ca5c2df54181f0807f1d284072cf7f
 2022-10-28 11:12:56 +08:00
Adam Shih
92aa199be5 label all wakeup nodes 
Bug: 254378739
Test: boot with no system_suspend error on sysfs
Change-Id: I03b663678f543967e70089e3513cfec9335a1a40
 2022-10-27 14:12:09 +08:00
Adam Shih
1889b6d85f review modem_diagnostic_app 
Bug: 254378739
Test: build pass
Change-Id: Ia2a07987a0e60e882074df1b8514139bdd6cd95c
 2022-10-27 13:46:20 +08:00
TreeHugger Robot
6f44317b90 Merge changes I3402c89b,Ia0e63e7f,I28581c15 
* changes:
  review dmd and modem_logging_control
  review cbrs_setup_app
  review ssr_detector_app
 2022-10-27 02:32:55 +00:00
Gabriel Biren
9c7e1c9f63 Update zuma sepolicy to allow the wifi_ext AIDL service. 
Changes should be similar to aosp/2262723.

Bug: 205044134
Test: m + Pre-submit tests
Change-Id: I458896f8e82be51dde466d7970a2f307d8f9c94d
 2022-10-26 23:20:45 +00:00
Salmax Chang
3d7deb5028 cbd, rfsd: remove the super permissions 
Remove the setuid, chown and setgid rules.

Bug: 255494528
Change-Id: I47d4295d2f95ec45d9566ce9badd345dc34c80ac
 2022-10-25 17:14:45 +08:00
Adam Shih
f652d07d61 review dmd and modem_logging_control 
Bug: 254378739
Test: boot with both of them launched
Change-Id: I3402c89be55bb8258d0ceb8475cef9fb913d2604
 2022-10-24 14:30:52 +08:00
Adam Shih
0fb88a6e5c review cbrs_setup_app 
Bug: 254378739
Test: boot with the app correctly labeled

Change-Id: Ia0e63e7fc1a6b68ad1a7012e65b063f08f05470d
 2022-10-24 14:14:12 +08:00
Adam Shih
aff9f380d3 review ssr_detector_app 
Bug: 254378739
Test: boot with ssr app correctly labeled
Change-Id: I28581c15cf0f7ecb01cbd11c747ad338b157e1c8
 2022-10-24 14:12:27 +08:00
Adam Shih
cbbbe57599 review rfsd 
Bug: 254378739
Test: boot with rfsd launched
Change-Id: I15446c8fb84de588ba09325414a1cbabbdaa9c58
 2022-10-24 11:54:10 +08:00
Adam Shih
9c81dc8d56 isolate legacy sepolicy to start reviewing while letting others work 
Bug: 254378739
Test: boot, camera, google map, play youtube
Change-Id: If8ee7c64c0f7534a7e918f36a0e785b0ee9cd11f
 2022-10-24 11:40:47 +08:00
Adam Shih
522689438e remove obsolete entry 
Bug: 254378739
Test: build pass
Change-Id: I53d82c4e3eb0b2b33b5bbb6448b787599611e0ae
 2022-10-21 10:16:22 +08:00
Adam Shih
7c2d42f608 move aoc settings to gs-common 
Bug: 248426917
Test: boot with aoc launched
Change-Id: Ifde50720cd8144bdc484b138d85bcf40575fe0ac
 2022-10-20 11:25:09 +08:00
Adam Shih
2078e51ece Merge "remove reused code" 2022-10-19 11:22:26 +00:00
Adam Shih
db9cb6f731 remove reused code 
Bug: 244504232
Test: adb bugreport
Change-Id: Ia310bbbb166c2b3f281153bb81c1240908529cc5
 2022-10-19 14:55:17 +08:00
Krzysztof Kosiński
efcbb14f05 Use generic wildcard for vendor libprotobuf. 
The suffix changes on each upgrade and the newest release uses
a two-part version number instead of a three-part one. Use a regex
that will match any suffix.

Bug: 203713560
Test: presubmit, log check
Change-Id: I12409ae179ec939a2c1f6e7342378abc4c27c207
 2022-10-14 13:58:51 +00:00
timmyli
b4c703e375 Add main camera. Add hal_camera_default 
hal_camera_default was missing from sepolicy.
Also add main camera to se policy.

Bug: 253469536, 253261569, 248108864
Test: Compiles, manual test to see no access denied logs
Change-Id: Ia68dd6d883413e5510b8ba79cff24204d70efb84
 2022-10-13 20:11:26 +00:00
weichinweng
ef2333ceef Add acd-com.google.usf.non_wake_up file to AoC file context. 
Bug: 195077076
Bug: 253178766
Test: ls -lZ dev/acd-com.google.usf.non_wake_up
Change-Id: I01e26cca3300eb284b22106367bc651ee3815581
 2022-10-12 08:56:15 +00:00
Roger Fang
b6ee86eeed sepolicy: add permission for AMS rate of pixelstats-vend 
pixelstats-vend: type=1400 audit(0.0:524): avc: denied { open } for
    path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs"
    ino=87602 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0
    tclass=file permissive=1
    pixelstats-vend: type=1400 audit(0.0:525): avc: denied { getattr }
    for path="/sys/devices/platform/audiometrics/ams_rate_read_once"
    dev="sysfs" ino=87602 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:
    sysfs:s0 tclass=file permissive=1

Bug: 245057559
Test: maually test passed.

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: I6cb477b3eecbb04fe1259f94e18e033cc152a671
 2022-10-03 17:56:01 +08:00
Vova Sharaienko
cf1387dd92 Merge "hal_health_default: updated sepolicy" 2022-09-30 04:42:40 +00:00
Vova Sharaienko
f6826e0904 hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 249827340
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I45512225f11a0e3b06721f40e2355924188f703f
 2022-09-29 23:34:29 +00:00
Denny cylee
c59e2b8aa0 sepolicy: add files to power_supply label 
avc: denied { read } for name="resistance_id"
dev="sysfs" ino=57006 scontext=u:r:hardware_info_app:s0:c512,c768
tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
app=com.google.android.hardwareinfo

avc: denied { open } for
path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0036/power_supply/maxfg/resistance_id"
dev="sysfs" ino=57006 scontext=u:r:hardware_info_app:s0:c512,c768
tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
app=com.google.android.hardwareinfo

avc: denied { read } for name="serial_number"
dev="sysfs" ino=69725 scontext=u:r:hardware_info_app:s0:c512,c768
tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
app=com.google.android.hardwareinfo

Bug: 248391895
Test: check log

Signed-off-by: Denny cylee <dennycylee@google.com>
Change-Id: I1044cde13e11f85dbf57255edc462be1010f93e4
 2022-09-28 08:11:01 +00:00
TreeHugger Robot
8bc677159f Merge "update display path" 2022-09-21 08:58:10 +00:00
JJ Lee
192b97cad9 dumpstate: corrected sysfs paths for aoc 
Bug: 247448885
Test: build pass
Change-Id: I793f5964820ff4b945abf5dcd04216e7c60b18ca
Signed-off-by: JJ Lee <leejj@google.com>
 2022-09-19 14:37:02 +00:00
JJ Lee
25a5093c9b sepolicy: add nodes for aoc memory votes stats 
Bug: 247024476
Test: build pass, not blocking bugreport
Change-Id: Id4bba34927e730a62187b85d045e2872f57fdd04
Signed-off-by: JJ Lee <leejj@google.com>
 2022-09-19 15:13:13 +08:00
Ted Lin
3b708f64fd Remove the tracking denials code. 
Bug: 213817227
Test: Check the bugreport
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: Iad27cc07585b12455c9bc3b1f01de61c0ce92e3e
 2022-09-16 15:45:45 +08:00
Shiyong Li
2d80a80b22 update display path 
Bug: 246809481
Signed-off-by: Shiyong Li <shiyongli@google.com>
Change-Id: I34a13a88abc4324ac0738948d4270e8a535cd918
 2022-09-14 19:06:35 +00:00
Dinesh Yadav
ff460182ee Merge "Add SEPolicy for gxp_logging" 2022-09-13 05:04:27 +00:00
Dinesh Yadav
bab8aa16e8 Add SEPolicy for gxp_logging 
This commit adds the SEPolicy for gxp_logging service

Bug: 245903377
Change-Id: I1b9bde7327b131c768ea8a91bc6bfb52f219044b
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2022-09-13 03:13:15 +00:00
Adam Shih
4c3622d25a Merge "use gs-common insert module script" 2022-09-12 05:40:56 +00:00
Jeffrey Carlyle
55c282ab71 Merge "dck: allow st54spi devivce to be accessed by recovery and fastbootd" 2022-09-08 21:58:56 +00:00
Adam Shih
0ddf6e577f use gs-common insert module script 
Bug: 243763292
Test: boot to home
Change-Id: Idbac83716d0eaca0b9806db901aea68bffd32f4b
 2022-09-08 09:57:29 +08:00
TreeHugger Robot
5a314cab17 Merge "Add SE policies for HWC logs" 2022-09-07 12:28:32 +00:00
Jeffrey Carlyle
48422cd1ff dck: allow st54spi devivce to be accessed by recovery and fastbootd 
This is needed so that Digital Car Keys can be cleared from the ST54
during a user data wipe.

Bug: 203234558
Test: data wipe in Android recovery mode on raven
Test: data wipe in Android recovery mode on c10
Test: data wipe in user mode fastbootd mode on raven
Test: data wipe in user mode fastbootd mode on c10
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
Change-Id: I5e1e8248ba188a68dd3c97795958e74e233701b9
 2022-09-01 22:49:44 -07:00
Adam Shih
d13d0aaf56 Move dauntless settings to gs-common 
Bug: 242479757
Test: build pass on all Gchip devices
Change-Id: I4b6c011015f6b94b5329650eb82ec5b95bbe2040
 2022-08-30 13:32:02 +08:00
Taehwan Kim
8d9dc3aa30 sepolicy: supports Codec2 HIDL 1.2 
Bug: 238360304
Test: Build PASS
Signed-off-by: Taehwan Kim <t_h.kim@samsung.com>
Change-Id: Id02e834bc4c19b09fac6c71199e2b0d62ddb4fd6
 2022-08-22 05:31:08 +00:00
Wiwit Rifa'i
dee1f2e57d Add SE policies for HWC logs 
Bug: 230361290
Change-Id: Ibca7f791bc4950bb6c1e4fd7ed5cbe5a98b48a5e
 2022-08-16 14:02:21 +08:00
TreeHugger Robot
d8b62a3663 Merge "fix avc error for fg_model/registers" 2022-08-06 02:30:14 +00:00
TreeHugger Robot
4ba5c9ddf4 Merge "sepolicy:allow tof driver to communicate with lwis" 2022-08-03 06:56:32 +00:00
TreeHugger Robot
1d57ee38c7 Merge "HwInfo: Move hardware info sepolicy to pixel common" 2022-08-03 02:57:30 +00:00
Bruce Po
de8bc09743 Allow aocd to access acd-offload nodes 
For T6 3-ch hotword feature, aocd daemon will access two new file nodes
(b/235648212), which will be used for transmitting audio to/from AOC.

BUG: 240744178
Change-Id: I98500d03e88052824af91c81ddeb9ed20f616969
 2022-07-30 00:24:30 +00:00
Denny cy Lee
e286313bbd HwInfo: Move hardware info sepolicy to pixel common 
Bug: 215271971
Test: no sepolicy for hardware info
Change-Id: If1b556c07a9a908b1a3edd8a551ff80cbc290b18
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2022-07-29 02:56:01 +00:00
Tri Vo
82967d3579 Merge "tee: Remove tracking_denials/tee.te" 2022-07-27 17:24:21 +00:00
TreeHugger Robot
9be3188259 Merge "Remove vendor_service." 2022-07-27 11:12:43 +00:00
Jenny Ho
782f4952ff fix avc error for fg_model/registers 
remove tracking with fix http://ag/19446314

Bug: 226271913
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: I745654dea17f87df0956f3a326d0c0346fd59ec6
 2022-07-27 06:16:43 +00:00
Nick Chung
1b68580017 sepolicy:allow tof driver to communicate with lwis 
Bug: 236828170
Test: build pass
Change-Id: I4300e025d987795e8fab3f0c1a3cb604e066b44c
 2022-07-27 04:52:06 +00:00
Steven Moreland
5d26e2ecc1 Remove vendor_service. 
We want to avoid associating types with where they can be used.

Bug: 237115222
Test: build
Change-Id: I6795d960aa2a3b3832be8e0f6a11cb0fc3337982
 2022-07-27 00:01:46 +00:00
Tri Vo
6aa0b46766 tee: Remove tracking_denials/tee.te 
Bug: 215649571
Bug: 205904330
Test: n/a
Change-Id: I8bdc6448420bb6a01093b315e99d420b4e5e040f
 2022-07-26 13:26:00 -07:00
George Chang
e53e44b561 Update nfc from hidl to aidl service 
Bug: 240125555
Test: build pass
Change-Id: Icfe2d117e0058d3dd8552defc27d5d20baaf9910
 2022-07-26 06:39:49 +00:00
Cheng Chang
38e5c8d796 gps: change SEPolicy for sysfs node 
Test: gps group has r/w permission
Bug: 238583504
Signed-off-by: Cheng Chang <chengcha@google.com>
Change-Id: I679999bdbb3cbcb0ffe9b49f4aa00d8714674da9
 2022-07-20 06:51:48 +00:00
Robin Peng
dbd71b58f5 init-insmod-sh: fix avc error 
avc: denied { set } for property=vendor.all.modules.ready pid=1238 uid=0 gid=0 scontext=u:r:init-insmod-sh:s0 tcontext=u:object_r:vendor_ready_prop:s0 tclass=property_service permissive=0

Bug: 238853979
Signed-off-by: Robin Peng <robinpeng@google.com>
Change-Id: I92aa94db50884ea6d499fad785ef49853d831f56
 2022-07-18 04:55:14 +00:00
qinyiyan
7efce53e84 Fix build breakage. Remove debug_camera_app.te as it's not defined. 
ERROR 'unknown type debug_camera_app' at token ';' on line 83026:
        allow debug_camera_app edgetpu_app_service:service_manager find;

bug: 238929529
Test: make selinux_policy -j128
Change-Id: Ia8a21d02bff5c2f0c62e333b6b800678a80a2c51
 2022-07-13 17:18:37 -07:00
qinyiyan
b11f8d2103 Add edgetpu contexts and sepolicies. 
bug: 236041918
Change-Id: Ie3d2833c3c297dad7304dca307778d2f6a155180
 2022-07-12 15:24:20 -07:00
TreeHugger Robot
6de977c9ba Merge "HwInfo: remove -sepolicy/tracking_denials/hardware_info_app.te" 2022-07-06 01:24:09 +00:00
Ruofei Ma
f85ab24233 Merge "Add bigwave sepolicy" 2022-07-05 22:25:05 +00:00
Ruofei Ma
1afbff1320 Add bigwave sepolicy 
Bug: 195687338

Change-Id: I8dae1b62b0516e173381893af3c90ae24b6b9b87
 2022-07-05 22:24:35 +00:00
Denny cy Lee
d05407421d HwInfo: remove -sepolicy/tracking_denials/hardware_info_app.te 
Bug: 208909060
Test: not avc log for hardware_info_app
Signed-off-by: Denny cy Lee <dennycylee@google.com>
Change-Id: I0678da7b9495e87130553fd967fc26015c3161e4
 2022-07-04 03:18:06 +00:00
Hyunki00.koo
47c4e6c965 edgetpu/file_contexts 
Signed-off-by: Hyunki00.koo <hyunki00.koo@samsung.com>
Change-Id: I6dfa880a0d4ceb80a54de24e3817b6c880fea7ba
 2022-06-30 19:59:41 -07:00
Jaegeuk Kim
c36c283704 Update ufs path 
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I8ea66435e131c7718ea5d2740fa8165d452f68f9
 2022-06-24 00:03:00 -07:00
Nucca Chen
7ad5cc4d73 Remove clatd tracking_denial 
Bug: 210363983
Change-Id: I5ee6763d73a82cc4ffe21270544eb68810be626c
Test: boot with no relevant error log
 2022-06-13 07:19:36 +00:00
Jaegeuk Kim
28cec159fb Allow sysfs_devices_block to f2fs-tools 
The fsck.f2fs checks the sysfs entries of block devices to get disk
information. Note that, the block device entries are device-specific.

1. fsck.f2fs
avc: denied { search } for comm="fsck.f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="fsck.f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda7/partition" dev="sysfs" ino=60672 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

2. mkfs.f2fs
avc: denied { search } for comm="make_f2fs" name="0:0:0:0" dev="sysfs" ino=59803 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0
avc: denied { getattr } for comm="make_f2fs" path="/sys/devices/platform/14700000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda8/partition" dev="sysfs" ino=61046 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 172377740
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: I409feec84565f965baa96b06a5b08bcfc1a8db02
 2022-05-24 17:46:40 -07:00
Jason Macnak
d14bd06f34 Remove sysfs_gpu type definition 
... as it has moved to system/sepolicy.

Bug: b/161819018
Test: presubmit
Change-Id: I107f92617bea56590b5af351341cc1c3b2844360
 2022-04-19 18:03:57 +08:00
Aaron Ding
7b5994afd8 Create device Ripcurrent on Zuma platform 
s/cloudripper/ripcurrent
s/gs201/zuma
s/pantah/ripcurrent

Bug: 229340586
Change-Id: If94759d6d555f3f9c8ee80331a31ef85082f03c7
Signed-off-by: Aaron Ding <aaronding@google.com>
 2022-04-19 14:11:17 +08:00
Aaron Ding
e47b3d9991 Branch zuma from gs201 
Branch zuma from gs201 sha1 63751751aa91275b083797278d638078b3a0bf7a

cp/pantah/ripcurrent
cp/gs201/zuma

Bug: 229340586
Change-Id: Ie692d8dbbf0fc4d3b376dc9fe3e930bd3955a88e
Signed-off-by: Aaron Ding <aaronding@google.com>
 2022-04-19 14:10:58 +08:00
Bill Rassieur
e4a3061192 Initial empty repository 2022-03-15 09:21:45 -07:00
218 changed files with 4027 additions and 37 deletions
Expand all files Collapse all files

1
.gitupstream Normal file
View File

@@ -0,0 +1 @@
https://android.googlesource.com/device/google/zuma

8
BoardConfig-common.mk
View File

@@ -174,7 +174,6 @@ BOARD_AVB_INIT_BOOT_ROLLBACK_INDEX_LOCATION := 4
TARGET_USERIMAGES_USE_EXT4 := true
TARGET_USERIMAGES_USE_F2FS := true
BOARD_USERDATAIMAGE_PARTITION_SIZE := 11796480000
BOARD_USERDATAIMAGE_FILE_SYSTEM_TYPE := f2fs
PRODUCT_FS_COMPRESSION := 1
BOARD_FLASH_BLOCK_SIZE := 4096
BOARD_MOUNT_SDCARD_RW := true
@@ -238,7 +237,7 @@ BOARD_USES_GENERIC_AUDIO := true
$(call soong_config_set,aoc_audio_func,ext_hidl,true)
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
$(call soong_config_set,aoc_audio_func,dump_usecase_data,true)
$(call soong_config_set,aoc_audio_func,hal_socket_control,true)
$(call soong_config_set,aoc_audio_func,record_tuning_keys,true)
@@ -412,7 +411,7 @@ BOARD_SYSTEM_KERNEL_MODULES := $(addprefix $(KERNEL_MODULE_DIR)/, $(notdir $(BOA
# Using BUILD_COPY_HEADERS
BUILD_BROKEN_USES_BUILD_COPY_HEADERS := true
include device/google/zuma-sepolicy/zuma-sepolicy.mk
include device/google/zuma/sepolicy/zuma-sepolicy.mk
# Battery options
BOARD_KERNEL_CMDLINE += at24.write_timeout=100
@@ -425,3 +424,6 @@ BOARD_PVMFWIMAGE_PARTITION_SIZE := 0x00100000
# pick up library for cleaning digital car keys on factory reset
-include vendor/google_devices/gs-common/proprietary/BoardConfigVendor.mk
include device/google/zuma/BoardConfigLineage.mk
include device/google/zuma/BoardConfigEvolution.mk

9
BoardConfigEvolution.mk Normal file
View File

@@ -0,0 +1,9 @@
#
# Copyright (C) 2024 The Evolution X Project
#
# SPDX-License-Identifier: Apache-2.0
#
DISABLE_ARTIFACT_PATH_REQUIREMENTS := true
SPOOF_FIRST_API_LEVEL_32 := true

40
BoardConfigLineage.mk Normal file
View File

@@ -0,0 +1,40 @@
#
# Copyright (C) 2023 The LineageOS Project
#
# SPDX-License-Identifier: Apache-2.0
#
# Lineage Health
TARGET_HEALTH_CHARGING_CONTROL_SUPPORTS_DEADLINE := true
TARGET_HEALTH_CHARGING_CONTROL_SUPPORTS_TOGGLE := false
# Manifests
DEVICE_FRAMEWORK_COMPATIBILITY_MATRIX_FILE += vendor/lineage/config/device_framework_matrix.xml
DEVICE_MANIFEST_FILE += \
device/google/zuma/android.hardware.security.rkp-service.citadel.xml \
device/google/zuma/manifest_radio_ds.xml
# Partitions
AB_OTA_PARTITIONS += \
vendor \
vendor_dlkm
BOARD_VENDORIMAGE_FILE_SYSTEM_TYPE := ext4
BOARD_VENDOR_DLKMIMAGE_FILE_SYSTEM_TYPE := ext4
TARGET_COPY_OUT_VENDOR_DLKM := vendor_dlkm
# Enable chain partition for vendor.
BOARD_AVB_VBMETA_VENDOR := vendor
BOARD_AVB_VBMETA_VENDOR_KEY_PATH := external/avb/test/data/testkey_rsa2048.pem
BOARD_AVB_VBMETA_VENDOR_ALGORITHM := SHA256_RSA2048
BOARD_AVB_VBMETA_VENDOR_ROLLBACK_INDEX := $(PLATFORM_SECURITY_PATCH_TIMESTAMP)
BOARD_AVB_VBMETA_VENDOR_ROLLBACK_INDEX_LOCATION := 3
AB_OTA_PARTITIONS += \
vbmeta_vendor
# Reserve space for gapps install
-include vendor/lineage/config/BoardConfigReservedSize.mk
# Verified Boot
BOARD_AVB_MAKE_VBMETA_IMAGE_ARGS += --flags 3

33
allowlist_com.google.android.as.xml Normal file
View File

@@ -0,0 +1,33 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (C) 2022 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<config>
<!-- Specify the explicit set of other applications that AI services are allowed to
interact with, including the providers that back the implementation of the APIs
provided by the package. -->
<allow-association target="com.google.android.as" allowed="com.android.bluetooth" />
<allow-association target="com.google.android.as" allowed="com.android.bluetooth.services" />
<allow-association target="com.google.android.as" allowed="com.android.providers.contacts" />
<allow-association target="com.google.android.as" allowed="com.android.providers.media" />
<allow-association target="com.google.android.as" allowed="com.android.providers.telephony" />
<allow-association target="com.google.android.as" allowed="com.android.systemui" />
<!-- AI services can bind to its open-source network component. -->
<allow-association target="com.google.android.as" allowed="com.google.android.as.oss" />
<!-- AI services open-source network component can only bind back to the core package. -->
<allow-association target="com.google.android.as.oss" allowed="com.google.android.as" />
<!-- AI services open-source network component can bind to AI Core. -->
<allow-association target="com.google.android.as.oss" allowed="com.google.android.aicore" />
</config>

7
android.hardware.security.rkp-service.citadel.xml Normal file
View File

@@ -0,0 +1,7 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.security.keymint</name>
<version>3</version>
<fqname>IRemotelyProvisionedComponent/strongbox</fqname>
</hal>
</manifest>

3
aosp_common.mk
View File

@@ -46,6 +46,3 @@ $(call inherit-product, $(SRC_TARGET_DIR)/product/telephony_vendor.mk)
# TODO: fix
# PRODUCT_RESTRICT_VENDOR_FILES := all
# b/189477034: Bypass build time check on uses_libs until vendor fixes all their apps
PRODUCT_BROKEN_VERIFY_USES_LIBRARIES := true

2
conf/init.recovery.device.rc
View File

@@ -3,7 +3,7 @@ on init
setprop sys.usb.controller "11210000.dwc3"
setprop sys.usb.configfs 1
on init && property:ro.debuggable=1 && property:ro.boot.mode=recovery
on init && property:ro.build.type=eng && property:ro.boot.mode=recovery
start recovery-console
service recovery-console /system/bin/sh

4
conf/init.zuma.rc
View File

@@ -707,8 +707,8 @@ service abox /vendor/bin/main_abox 17c50000.abox
group audioserver
seclabel u:r:abox:s0
# on userdebug and eng builds, enable kgdb on the serial console
on property:ro.debuggable=1
# on eng builds, enable kgdb on the serial console
on property:ro.build.type=eng
write /sys/module/kgdboc/parameters/kgdboc ttyFIQ1
write /sys/module/fiq_debugger/parameters/kgdb_enable 1

46
device.mk
View File

@@ -102,7 +102,7 @@ PRODUCT_DEFAULT_PROPERTY_OVERRIDES += \
PRODUCT_SOONG_NAMESPACES += \
vendor/samsung_slsi/telephony/$(BOARD_USES_SHARED_VENDOR_TELEPHONY)
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
#Set IKE logs to verbose for WFC
PRODUCT_PROPERTY_OVERRIDES += log.tag.IKE=VERBOSE
@@ -121,7 +121,7 @@ PRODUCT_PROPERTY_OVERRIDES += log.tag.ShannonQNS-HC=DEBUG
include device/google/zuma/modem/userdebug.mk
endif
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
# b/36703476: Set default log size to 1M
PRODUCT_PROPERTY_OVERRIDES += \
ro.logd.size=1M
@@ -350,7 +350,7 @@ PRODUCT_COPY_FILES += \
PRODUCT_COPY_FILES += \
device/google/zuma/conf/init.zuma.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/hw/init.zuma.rc
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_COPY_FILES += \
device/google/zuma/conf/init.debug.rc:$(TARGET_COPY_OUT_VENDOR)/etc/init/init.debug.rc
PRODUCT_COPY_FILES += \
@@ -391,7 +391,7 @@ PRODUCT_PACKAGES += \
# CHRE
## Tools
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += \
chre_power_test_client \
chre_test_client \
@@ -420,7 +420,7 @@ PRODUCT_PACKAGES += \
checkpoint_gc
# Vendor verbose logging default property
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.verbose_logging_enabled=true
else
@@ -442,7 +442,7 @@ PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.sys.modem.logging.enable=true
# Enable silent CP crash handling
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.ril.crash_handling_mode=1
else
@@ -492,7 +492,7 @@ PRODUCT_COPY_FILES += \
frameworks/native/data/etc/android.software.midi.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.software.midi.xml
# default usb debug functions
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PROPERTY_OVERRIDES += \
persist.vendor.usb.usbradio.config=dm
endif
@@ -588,7 +588,6 @@ $(call soong_config_set,google3a_config,soc,zuma)
# WiFi
PRODUCT_PACKAGES += \
android.hardware.wifi-service \
wificond \
libwpa_client
@@ -596,11 +595,13 @@ PRODUCT_PACKAGES += \
PRODUCT_PACKAGES += \
ConnectivityOverlay
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
f2fs_io \
check_f2fs \
f2fs.fibmap \
dump.f2fs
endif
# Storage health HAL
PRODUCT_PACKAGES += \
@@ -614,8 +615,7 @@ include device/google/gs-common/battery_mitigation/bcl.mk
# Enable project quotas and casefolding for emulated storage without sdcardfs
$(call inherit-product, $(SRC_TARGET_DIR)/product/emulated_storage.mk)
$(call inherit-product, $(SRC_TARGET_DIR)/product/virtual_ab_ota/android_t_baseline.mk)
PRODUCT_VIRTUAL_AB_COMPRESSION_METHOD := lz4
$(call inherit-product, $(SRC_TARGET_DIR)/product/virtual_ab_ota/launch_with_vendor_ramdisk.mk)
# Enforce generic ramdisk allow list
$(call inherit-product, $(SRC_TARGET_DIR)/product/generic_ramdisk.mk)
@@ -625,8 +625,10 @@ ifeq (,$(filter true, $(BOARD_WITHOUT_DTLS)))
include device/google/gs-common/dauntless/gsc.mk
endif
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
WvInstallKeybox
endif
# Copy Camera HFD Setfiles
#PRODUCT_COPY_FILES += \
@@ -671,7 +673,7 @@ PRODUCT_PROPERTY_OVERRIDES += \
debug.slsi_platform=1 \
debug.hwc.winupdate=1
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += displaycolor_service
endif
@@ -747,7 +749,7 @@ PRODUCT_PACKAGES += wpa_supplicant.conf
WIFI_PRIV_CMD_UPDATE_MBO_CELL_STATUS := enabled
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += wpa_cli
PRODUCT_PACKAGES += hostapd_cli
endif
@@ -826,11 +828,13 @@ $(call inherit-product, system/core/trusty/trusty-storage.mk)
$(call inherit-product, system/core/trusty/trusty-base.mk)
# Trusty unit test tool and code coverage tool
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
trusty-ut-ctrl \
tipc-test \
trusty_stats_test \
trusty-coverage-controller \
trusty-coverage-controller
endif
include device/google/gs101/confirmationui/confirmationui.mk
@@ -851,7 +855,7 @@ PRODUCT_PROPERTY_OVERRIDES += \
ro.frp.pst=/dev/block/by-name/frp
# System props to enable Bluetooth Quality Report (BQR) feature
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PRODUCT_PROPERTIES += \
persist.bluetooth.bqr.event_mask?=262174 \
persist.bluetooth.bqr.min_interval_ms=500
@@ -891,8 +895,8 @@ PRODUCT_PACKAGES += \
PRODUCT_PACKAGES += \
Iwlan
#Iwlan test app for userdebug/eng builds
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
#Iwlan test app for eng builds
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += \
IwlanTestApp
endif
@@ -957,7 +961,7 @@ PRODUCT_PACKAGES += modem_svc_sit
PRODUCT_PACKAGES += modem_ml_svc_sit
# modem ML models configs
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_COPY_FILES += \
device/google/zuma/modem_ml/modem_ml_models_userdebug.conf:$(TARGET_COPY_OUT_VENDOR)/etc/modem_ml_models.conf
else
@@ -1006,11 +1010,13 @@ PRODUCT_PACKAGES += \
endif
# Vibrator Diag
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += \
diag-vibrator \
diag-vibrator-cs40l25a \
diag-vibrator-drv2624 \
$(NULL)
endif
PRODUCT_PACKAGES += \
android.hardware.health-service.zuma \
@@ -1049,7 +1055,7 @@ PRODUCT_PACKAGES += vndservicemanager
PRODUCT_PACKAGES += vndservice
## TinyTools, debug tool and cs35l41 speaker calibration tool for Audio
ifneq (,$(filter userdebug eng, $(TARGET_BUILD_VARIANT)))
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES += \
tinyplay \
tinycap \
@@ -1152,7 +1158,9 @@ USES_RADIOEXT_V1_6 = true
include hardware/google/pixel/wifi_ext/device.mk
# Battery Stats Viewer
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += BatteryStatsViewer
endif
# Install product specific framework compatibility matrix
# (TODO: b/169535506) This includes the FCM for system_ext and product partition.
@@ -1175,7 +1183,9 @@ PRODUCT_PROPERTY_OVERRIDES += \
include hardware/google/pixel/HardwareInfo/HardwareInfo.mk
# UFS: the script is used to select the corresponding firmware to run FFU.
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += ufs_firmware_update.sh
endif
# RIL extension service
ifeq (,$(filter aosp_% factory_%,$(TARGET_PRODUCT)))

2
dumpstate/item.mk
View File

@@ -1,4 +1,6 @@
PRODUCT_PACKAGES += dump_wlan.sh \
dump_power
ifneq (,$(filter eng, $(TARGET_BUILD_VARIANT)))
PRODUCT_PACKAGES_DEBUG += dump_gsa.sh
endif

6
evolution.dependencies Normal file
View File

@@ -0,0 +1,6 @@
[
{
"repository": "device_google_gs101",
"target_path": "device/google/gs101"
}
]

8
evolution_common.mk Normal file
View File

@@ -0,0 +1,8 @@
#
# Copyright (C) 2024 The Evolution X Project
#
# SPDX-License-Identifier: Apache-2.0
#
# PixelParts
include packages/apps/PixelParts/device.mk

34
lineage_common.mk Normal file
View File

@@ -0,0 +1,34 @@
#
# Copyright (C) 2023 The LineageOS Project
#
# SPDX-License-Identifier: Apache-2.0
#
# Overlays
DEVICE_PACKAGE_OVERLAYS += device/google/zuma/overlay-lineage
# AiAi Config
PRODUCT_COPY_FILES += \
device/google/zuma/allowlist_com.google.android.as.xml:$(TARGET_COPY_OUT_PRODUCT)/etc/sysconfig/allowlist_com.google.android.as.xml
# Camera
PRODUCT_PRODUCT_PROPERTIES += \
ro.vendor.camera.extensions.package=com.google.android.apps.camera.services \
ro.vendor.camera.extensions.service=com.google.android.apps.camera.services.extensions.service.PixelExtensions
# Google Assistant
PRODUCT_PRODUCT_PROPERTIES += ro.opa.eligible_device=true
# Lineage Health
include hardware/google/pixel/lineage_health/device.mk
# Linker config
PRODUCT_VENDOR_LINKER_CONFIG_FRAGMENTS += \
device/google/zuma/linker.config.json
# Parts
PRODUCT_PACKAGES += \
GoogleParts
# Touch
include hardware/google/pixel/touch/device.mk

5
linker.config.json Normal file
View File

@@ -0,0 +1,5 @@
{
"provideLibs": [
"liboemcrypto.so"
]
}

58
manifest_radio_ds.xml Normal file
View File

@@ -0,0 +1,58 @@
<manifest version="1.0" type="device">
<hal format="aidl">
<name>android.hardware.radio.config</name>
<version>2</version>
<fqname>IRadioConfig/default</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.data</name>
<version>2</version>
<fqname>IRadioData/slot1</fqname>
<fqname>IRadioData/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.messaging</name>
<version>2</version>
<fqname>IRadioMessaging/slot1</fqname>
<fqname>IRadioMessaging/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.modem</name>
<version>2</version>
<fqname>IRadioModem/slot1</fqname>
<fqname>IRadioModem/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.network</name>
<version>2</version>
<fqname>IRadioNetwork/slot1</fqname>
<fqname>IRadioNetwork/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.sap</name>
<fqname>ISap/slot1</fqname>
<fqname>ISap/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.sim</name>
<version>2</version>
<fqname>IRadioSim/slot1</fqname>
<fqname>IRadioSim/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.radio.voice</name>
<version>2</version>
<fqname>IRadioVoice/slot1</fqname>
<fqname>IRadioVoice/slot2</fqname>
</hal>
<hal format="aidl">
<name>android.hardware.secure_element</name>
<fqname>ISecureElement/SIM1</fqname>
<fqname>ISecureElement/SIM2</fqname>
</hal>
<hal format="hidl">
<name>vendor.samsung_slsi.telephony.hardware.radioExternal</name>
<transport>hwbinder</transport>
<fqname>@1.1::IOemSlsiRadioExternal/rilExternal</fqname>
</hal>
</manifest>

64
overlay-lineage/frameworks/base/core/res/res/values/config.xml Normal file
View File

@@ -0,0 +1,64 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/*
** Copyright 2021, The LineageOS Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<string-array name="config_nightDisplayColorTemperatureCoefficients">
<!-- R a-coefficient --> <item>0.0</item>
<!-- R b-coefficient --> <item>0.0</item>
<!-- R y-intercept --> <item>1.0</item>
<!-- G a-coefficient --> <item>-0.000000014365268757</item>
<!-- G b-coefficient --> <item>0.000255092801250106</item>
<!-- G y-intercept --> <item>-0.064156942434907716</item>
<!-- B a-coefficient --> <item>-0.000000000910931179</item>
<!-- B b-coefficient --> <item>0.000207598323269139</item>
<!-- B y-intercept --> <item>-0.349361641294833436</item>
</string-array>
<!-- List of comma separated package names for which we the system will not show crash, ANR,
etc. dialogs. -->
<string translatable="false" name="config_appsNotReportingCrashes">com.google.android.euicc</string>
<!-- Flag indicating whether we should enable the adaptive sleep.-->
<bool name="config_adaptive_sleep_available">true</bool>
<!-- The component name for the default system attention service.
This service must be trusted, as it can be activated without explicit consent of the user.
See android.attention.AttentionManagerService.
-->
<string name="config_defaultAttentionService" translatable="false">com.google.android.as/com.google.android.apps.miphone.aiai.attention.service.AiAiAttentionService</string>
<!-- Live Captions -->
<string name="config_defaultSystemCaptionsManagerService">com.google.android.as/com.google.android.apps.miphone.aiai.captions.SystemCaptionsManagerService</string>
<!-- Recents text and image selection for Pixel Launcher (not supported by Launcher3) -->
<string name="config_defaultContentSuggestionsService" translatable="false">com.google.android.as/com.google.android.apps.miphone.aiai.app.AiAiContentSuggestionsService</string>
<!-- Launcher app suggestions -->
<string name="config_defaultAppPredictionService" translatable="false">com.google.android.as/com.google.android.apps.miphone.aiai.app.AiAiPredictionService</string>
<!-- Make AiAi the default role holder for System Intelligence -->
<string name="config_systemAmbientAudioIntelligence">com.google.android.as</string>
<string name="config_systemAudioIntelligence">com.google.android.as</string>
<string name="config_systemNotificationIntelligence">com.google.android.as</string>
<string name="config_systemTextIntelligence">com.google.android.as</string>
<string name="config_systemUiIntelligence">com.google.android.as</string>
<string name="config_systemVisualIntelligence">com.google.android.as</string>
</resources>

24
overlay-lineage/frameworks/base/packages/SettingsProvider/res/values/defaults.xml Normal file
View File

@@ -0,0 +1,24 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/**
* Copyright 2021, The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-->
<resources>
<!-- Default screen brightness, from 0 to 255. 102 is 40%. -->
<integer name="def_screen_brightness">82</integer>
<!-- Set the automatic brightness mode on by default -->
<bool name="def_screen_brightness_automatic_mode">true</bool>
</resources>

34
overlay-lineage/frameworks/base/packages/SystemUI/res/values/config.xml Normal file
View File

@@ -0,0 +1,34 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/*
** Copyright 2009, The Android Open Source Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<!-- These resources are around just to allow their values to be customized
for different hardware and product builds. -->
<resources>
<!-- Should we vibrate on an icon animation of the shelf. This should only be active if the
vibrator is capable of subtle vibrations -->
<bool name="config_vibrateOnIconAnimation">true</bool>
<!-- Whether to show a warning notification when device's skin temperature is high. -->
<integer name="config_showTemperatureWarning">1</integer>
<!-- Whether to show a alarm dialog when device's usb port is overheating. -->
<integer name="config_showUsbPortAlarm">1</integer>
</resources>

29
overlay-lineage/lineage-sdk/lineage/res/res/values/config.xml Normal file
View File

@@ -0,0 +1,29 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
/*
** Copyright 2019, The LineageOS Project
**
** Licensed under the Apache License, Version 2.0 (the "License");
** you may not use this file except in compliance with the License.
** You may obtain a copy of the License at
**
** http://www.apache.org/licenses/LICENSE-2.0
**
** Unless required by applicable law or agreed to in writing, software
** distributed under the License is distributed on an "AS IS" BASIS,
** WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
** See the License for the specific language governing permissions and
** limitations under the License.
*/
-->
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<!-- Defines the actions shown in advanced reboot submenu -->
<string-array name="config_restartActionsList">
<item>restart</item>
<item>restart_systemui</item>
<item>restart_recovery</item>
<item>restart_fastboot</item>
<item>restart_bootloader</item>
</string-array>
</resources>

20
overlay-lineage/packages/apps/Dialer/java/com/android/dialer/callrecord/res/values/config.xml Normal file
View File

@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
Copyright (C) 2021 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources>
<bool name="call_recording_enabled">true</bool>
<integer name="call_recording_audio_source">4</integer>
</resources>

39
overlay-lineage/packages/apps/Settings/res/values/config.xml Normal file
View File

@@ -0,0 +1,39 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright (C) 2007 The Android Open Source Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources xmlns:xliff="urn:oasis:names:tc:xliff:document:1.2">
<!-- The number of vibration intensity levels supported by the device.
Note that this should correspond to the ability to vary the vibration amplitude, with
enough dynamic range to have at least as many distinct intensity levels as defined here.
Supported values are 1, 2, 3. If '1', the settings app will use a toggle for the settings,
otherwise a slider. If '3', the settings app maps intensities directly to the levels
supported by the Vibrator HAL APIs. If '2', then the levels will be mapped to
VIBRATION_INTENSITY_LOW and VIBRATION_INTENSITY_HIGH, which gives the most range for
scaling vibrations. The medium intensity will be skipped.
The default intensity values are configured at
frameworks/base/core/res/res/values/config.xml's config_default[type]VibrationIntensity.
Make sure that each default intensity value is consistent with the supported levels set
here. If this settings supports only 2 levels, for example, then the default intensity
should be either LOW (1) or HIGH (3).
-->
<integer name="config_vibration_supported_intensity_levels">3</integer>
<!-- Whether to show the Preference for Adaptive connectivity -->
<bool name="config_show_adaptive_connectivity">true</bool>
</resources>

20
overlay-lineage/packages/apps/Settings/res/values/lineage_config.xml Normal file
View File

@@ -0,0 +1,20 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (C) 2020-2024 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources>
<!-- Show battery cycle count -->
<bool name="config_show_battery_cycle_count" translatable="false">true</bool>
</resources>

146
overlay-lineage/packages/apps/SimpleDeviceConfig/res/values/config.xml Normal file
View File

@@ -0,0 +1,146 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (C) 2020 The Proton AOSP Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<resources>
<string-array name="configs_device">
<!-- ConnectivityThermalPowerManager 5G modem monitoring rules -->
<item>connectivity_thermal_power_manager/apply_action_time_seconds=10</item>
<item>connectivity_thermal_power_manager/atm_power_threshold_mw=800</item>
<item>connectivity_thermal_power_manager/cellular_thermal_adaptive_thermal_status_adaptive_action_list=</item>
<item>connectivity_thermal_power_manager/criteria_4_enabled=true</item>
<item>connectivity_thermal_power_manager/wifi_disconnected_time_seconds=180</item>
<item>connectivity_thermal_power_manager/wifi_internet_driven_endc_product_carrier_id_set=shiba,husky,akita,komodo,tokay,caiman,comet@1,1989,2023,2576,2067,2071,2073,2577,2522,2075,2578,2083,2433,1949</item>
<!-- Live Caption (Pixel 2017 + OEM) -->
<item>device_personalization_services/Captions__allow_box_x_axis_movement=true</item>
<item>device_personalization_services/Captions__allow_use_public_speech_recognition=true</item>
<item>device_personalization_services/Captions__allow_voip_call_without_audio_recording=false</item>
<item>device_personalization_services/Captions__available_for_download=en-US;en-GB;en-CA;en-IE;en-AU;en-SG;en-IN;fr-FR;fr-CA;fr-BE;fr-CH;it-IT;it-CH;de-DE;de-AT;de-BE;de-CH;ja-JP;es-ES;es-US;cmn-Hant-TW;hi-IN</item>
<item>device_personalization_services/Captions__disable_prod=false</item>
<!-- <item>device_personalization_services/Captions__enable=false</item> -->
<item>device_personalization_services/Captions__enable_adaptive_box_width=true</item>
<item>device_personalization_services/Captions__enable_augmented_modality=true</item>
<item>device_personalization_services/Captions__enable_augmented_modality_input=true</item>
<item>device_personalization_services/Captions__enable_augmented_modality_language_detection=true</item>
<item>device_personalization_services/Captions__enable_augmented_music=true</item>
<!-- <item>device_personalization_services/Captions__enable_clearcut_logging=true</item> -->
<item>device_personalization_services/Captions__enable_drag_and_double_tap_to_resize=false</item>
<item>device_personalization_services/Captions__enable_language_detection=true</item>
<item>device_personalization_services/Captions__enable_new_model_version_advanced_2023=true</item>
<item>device_personalization_services/Captions__enable_one_caption_experiment=false</item>
<item>device_personalization_services/Captions__enable_punctuations=true</item>
<item>device_personalization_services/Captions__enable_setting_page=false</item>
<item>device_personalization_services/Captions__enable_text_transform=true</item>
<item>device_personalization_services/Captions__enable_westworld_logging=false</item>
<item>device_personalization_services/Captions__enable_zero_day=false</item>
<item>device_personalization_services/Captions__manifest_url_template=https://storage.googleapis.com/captions/%{NAMESPACE}_%{VERSION}_manifest.json</item>
<item>device_personalization_services/Captions__model_version_v1=20190613</item>
<item>device_personalization_services/Captions__model_version_v1_2=20200112</item>
<item>device_personalization_services/Captions__new_model_version=20210623</item>
<item>device_personalization_services/Captions__new_model_version_advanced_2023=20230808</item>
<item>device_personalization_services/Captions__speech_threshold=0.2</item>
<item>device_personalization_services/Captions__supported_languages=en-US;fr-FR;it-IT;de-DE;ja-JP;es-ES;cmn-Hant-TW;hi-IN</item>
<item>device_personalization_services/Captions__surface_sound_events=true</item>
<item>device_personalization_services/Captions__text_transform_augmented_input=true</item>
<item>device_personalization_services/Captions__visibility_playing_duration_millis=5000</item>
<item>device_personalization_services/Captions__visibility_stopped_duration_millis=1500</item>
<!-- Now Playing (Pixel 2017) -->
<item>device_personalization_services/NowPlaying__ambient_music_apk_music_detector_min_score=0.45</item>
<item>device_personalization_services/NowPlaying__ambient_music_get_model_state_cooldown_seconds_cloud_search=9</item>
<item>device_personalization_services/NowPlaying__ambient_music_index_manifest_17_09_02=3082:https://storage.googleapis.com/music-iq-db/updatable_db_v3/20240421-030101/manifest.json</item>
<item>device_personalization_services/NowPlaying__ambient_music_matcher_match_threshold_17_09_02=1.0E-6</item>
<item>device_personalization_services/NowPlaying__ambient_music_on_demand_enabled=true</item>
<item>device_personalization_services/NowPlaying__ambient_music_on_demand_music_confidence=0.48</item>
<item>device_personalization_services/NowPlaying__cloud_api_allowed=true</item>
<item>device_personalization_services/NowPlaying__dsp_model_checksum_enabled=true</item>
<!-- <item>device_personalization_services/NowPlaying__enable_usage_fa=true</item> -->
<item>device_personalization_services/NowPlaying__favorites_enabled=true</item>
<item>device_personalization_services/NowPlaying__feature_users_count_enabled=true</item>
<!-- <item>device_personalization_services/NowPlaying__federated_analytics_allowed=true</item> -->
<item>device_personalization_services/NowPlaying__handle_ambient_music_results_with_history=true</item>
<item>device_personalization_services/NowPlaying__min_training_interval_millis=86400000</item>
<item>device_personalization_services/NowPlaying__nnfp_v3_model_enabled=true</item>
<item>device_personalization_services/NowPlaying__on_demand_enable_eager_prompt=true</item>
<item>device_personalization_services/NowPlaying__on_demand_fingerprinter_being_setup_warning=true</item>
<item>device_personalization_services/NowPlaying__on_demand_hide_if_fingerprinter_install_not_confirmed=true</item>
<item>device_personalization_services/NowPlaying__on_demand_min_supported_aga_version=12.35.17</item>
<item>device_personalization_services/NowPlaying__on_demand_retry_fingerprinter_install=true</item>
<item>device_personalization_services/NowPlaying__youtube_export_enabled=true</item>
<!-- Adaptive Sound (Pixel 2020) -->
<item>device_personalization_services/AdaptiveAudio__enable_adaptive_audio=true</item>
<item>device_personalization_services/AdaptiveAudio__show_promo_notification=false</item>
<item>device_personalization_services/AdaptiveAudio__use_silence_detector_state_bug_fix=true</item>
<!-- Screen attention (Pixel 2019) -->
<item>device_personalization_services/Attention__accel_sensor_enabled=false</item>
<item>device_personalization_services/Attention__accel_sensor_threshold_mss=0.2</item>
<item>device_personalization_services/Attention__enabled=true</item>
<item>device_personalization_services/Attention__margin_horizontal_px=1000</item>
<item>device_personalization_services/Attention__margin_vertical_px=1000</item>
<item>device_personalization_services/Attention__proximity_sensor_enabled=false</item>
<!-- Translation -->
<item>device_personalization_services/Translate__app_blocklist=com.google.android.talk</item>
<item>device_personalization_services/Translate__blue_chip_translate_enabled=true</item>
<item>device_personalization_services/Translate__characterset_lang_detection_enabled=true</item>
<item>device_personalization_services/Translate__chat_translate_languages=de,en,es,fr,it,ja,hi,zh,ru,pl,pt,ko,th,tr,nl,zh_Hant,sv,da,vi,ar,fa,no,bn,fil</item>
<item>device_personalization_services/Translate__copy_to_translate_enabled=true</item>
<item>device_personalization_services/Translate__differentiate_simplified_and_traditional_chinese=true</item>
<item>device_personalization_services/Translate__disable_translate_without_system_animation=false</item>
<item>device_personalization_services/Translate__enable_chronicle_migration=true</item>
<item>device_personalization_services/Translate__enable_default_langid_model=true</item>
<item>device_personalization_services/Translate__enable_dictionary_langid_detection=true</item>
<item>device_personalization_services/Translate__enable_opmv4_service=true</item>
<item>device_personalization_services/Translate__enable_setup_wizard_dialog_v2=false</item>
<item>device_personalization_services/Translate__enable_spa_setting=false</item>
<item>device_personalization_services/Translate__interpreter_source_languages=de,en,ja,es,fr,it</item>
<item>device_personalization_services/Translate__interpreter_target_languages=de,en,ja,es,fr,it</item>
<item>device_personalization_services/Translate__replace_auto_translate_copied_text_enabled=true</item>
<item>device_personalization_services/Translate__text_to_text_language_list=vi,ja,fa,ro,nl,mr,mt,ar,ms,it,eo,is,et,es,iw,zh,uk,af,id,ur,mk,cy,hi,el,be,pt,lt,hr,lv,hu,ht,te,de,bg,th,bn,tl,pl,tr,kn,sv,gl,ko,sw,cs,da,ta,gu,ka,sl,ca,sk,ga,sq,no,fi,ru,fr,en,zh_Hant,fil</item>
<item>device_personalization_services/Translate__translation_service_enabled=true</item>
<item>device_personalization_services/Translate__translator_expiration_enabled=true</item>
<item>device_personalization_services/Translate__use_translate_kit_streaming_api=true</item>
<!-- Recents text selection (for Pixel Launcher users) -->
<item>device_personalization_services/Overview__enable_barcode_detection=false</item>
<item>device_personalization_services/Overview__enable_image_search=false</item>
<item>device_personalization_services/Overview__enable_image_selection=true</item>
<item>device_personalization_services/Overview__enable_japanese_ocr=true</item>
<item>device_personalization_services/Overview__enable_lens_r_overview_long_press=true</item>
<item>device_personalization_services/Overview__enable_lens_r_overview_select_mode=true</item>
<item>device_personalization_services/Overview__enable_lens_r_overview_translate_action=false</item>
<item>device_personalization_services/Overview__enable_overview=true</item>
<item>device_personalization_services/Overview__enable_pir_clearcut_logging=true</item>
<item>device_personalization_services/Overview__enable_pir_westworld_logging=true</item>
<item>device_personalization_services/Overview__enable_proactive_hints=false</item>
<item>device_personalization_services/Overview__enable_superpacks_pir_protocol=true</item>
<item>device_personalization_services/Overview__min_lens_agsa_app_version=301084649</item>
<!-- Disable federated learning -->
<item>device_personalization_services/OverviewFederatedAnalytics__enable_fa=false</item>
<item>device_personalization_services/OverviewFederatedAnalytics__enable_min_training_interval=false</item>
<item>device_personalization_services/OverviewFederatedAnalytics__enable_non_synthetic_logs=false</item>
<!-- Disable unused AiAi features -->
<item>device_personalization_services/Autofill__enable=false</item>
<item>device_personalization_services/Autofill__enable_fa=false</item>
<item>device_personalization_services/Fedex__enable_fedex=false</item>
<item>device_personalization_services/Logging__enable_aiai_clearcut_logging=false</item>
<item>device_personalization_services/NotificationAssistant__enable_service=false</item>
<item>device_personalization_services/VisualCortex__enable=false</item>
</string-array>
</resources>

27
overlay-lineage/packages/services/Telephony/res/values/config.xml Normal file
View File

@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<!-- Copyright 2021, The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<!-- Phone app resources that may need to be customized
for different hardware or product builds. -->
<resources>
<!-- The package name for the platform carrier config app, bundled with system image. -->
<string name="platform_carrier_config_package" translatable="false">com.google.android.carrier</string>
<!-- The package names which can request thermal mitigation. -->
<string-array name="thermal_mitigation_allowlisted_packages" translatable="false">
<item>com.google.android.connectivitythermalpowermanager</item>
</string-array>
</resources>

10
overlay/frameworks/base/core/res/res/values/config.xml
View File

@@ -117,11 +117,6 @@
<!-- Height of the status bar -->
<dimen name="status_bar_height_portrait">28dp</dimen>
<!-- Height of area above QQS where battery/time go (equal to status bar height if > 48dp) -->
<dimen name="quick_qs_offset_height">171px</dimen>
<!-- Total height of QQS (quick_qs_offset_height + 128dp) -->
<dimen name="quick_qs_total_height">177dp</dimen>
<!-- Shutdown if the battery temperature exceeds (this value * 0.1) Celsius. -->
<integer name="config_shutdownBatteryTemperature">600</integer>
@@ -243,12 +238,9 @@
<item>"/system/framework/framework.jar"</item>
<item>"/system/framework/services.jar"</item>
<item>"/system/bin/surfaceflinger"</item>
<item>"/system_ext/priv-app/SystemUIGoogle/SystemUIGoogle.apk"</item>
<item>"/system_ext/priv-app/SystemUI/SystemUI.apk"</item>
</string-array>
<!-- Should the pinner service pin the Camera application? -->
<bool name="config_pinnerCameraApp">true</bool>
<!-- Should the pinner service pin the Home application? -->
<bool name="config_pinnerHomeApp">true</bool>

23
parts/Android.bp Normal file
View File

@@ -0,0 +1,23 @@
//
// Copyright (C) 2021 The LineageOS Project
//
// SPDX-License-Identifier: Apache-2.0
//
android_app {
name: "GoogleParts",
srcs: ["src/**/*.java"],
certificate: "platform",
platform_apis: true,
privileged: true,
system_ext_specific: true,
static_libs: [
"org.lineageos.settings.resources",
],
optimize: {
proguard_flags_files: ["proguard.flags"],
},
}

48
parts/AndroidManifest.xml Normal file
View File

@@ -0,0 +1,48 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
Copyright (C) 2021 The LineageOS Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="org.lineageos.settings"
android:versionCode="1"
android:versionName="1.0"
android:sharedUserId="android.uid.system">
<queries>
<package android:name="com.google.android.gms" />
<package android:name="com.google.android.gsf" />
<package android:name="com.google.android.euicc" />
<package android:name="com.google.euiccpixel" />
</queries>
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-sdk
android:minSdkVersion="30"
android:targetSdkVersion="30"/>
<application
android:label="@string/device_settings_app_name"
android:persistent="true">
<receiver android:name=".BootCompletedReceiver">
<intent-filter>
<action android:name="android.intent.action.BOOT_COMPLETED" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</receiver>
</application>
</manifest>

3
parts/proguard.flags Normal file
View File

@@ -0,0 +1,3 @@
-keep class org.lineageos.settings.* {
*;
}

32
parts/src/org/lineageos/settings/BootCompletedReceiver.java Normal file
View File

@@ -0,0 +1,32 @@
/*
* Copyright (C) 2021 The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.lineageos.settings;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.util.Log;
public class BootCompletedReceiver extends BroadcastReceiver {
private static final String TAG = "GoogleParts";
@Override
public void onReceive(final Context context, Intent intent) {
Log.d(TAG, "Received boot completed intent");
EuiccDisabler.enableOrDisableEuicc(context);
}
}

71
parts/src/org/lineageos/settings/EuiccDisabler.java Normal file
View File

@@ -0,0 +1,71 @@
/*
* Copyright (C) 2021 The LineageOS Project
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package org.lineageos.settings;
import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.util.Log;
class EuiccDisabler {
private static final String TAG = "GoogleParts";
private static final String[] EUICC_DEPENDENCIES = new String[]{
"com.google.android.gms",
"com.google.android.gsf"
};
private static final String[] EUICC_PACKAGES = new String[]{
"com.google.android.euicc",
"com.google.euiccpixel"
};
private static boolean isInstalledAndEnabled(PackageManager pm, String pkgName) {
try {
PackageInfo info = pm.getPackageInfo(pkgName, 0);
Log.d(TAG, "package " + pkgName + " installed, " +
"enabled = " + info.applicationInfo.enabled);
return info.applicationInfo.enabled;
} catch (PackageManager.NameNotFoundException e) {
Log.d(TAG, "package " + pkgName + " is not installed");
return false;
}
}
private static boolean shouldDisable(PackageManager pm) {
for (String dep : EUICC_DEPENDENCIES) {
if (!isInstalledAndEnabled(pm, dep)) {
// Disable if any of the dependencies are disabled
return true;
}
}
return false;
}
public static void enableOrDisableEuicc(Context context) {
PackageManager pm = context.getPackageManager();
boolean disable = shouldDisable(pm);
int flag = disable
? PackageManager.COMPONENT_ENABLED_STATE_DISABLED
: PackageManager.COMPONENT_ENABLED_STATE_ENABLED;
for (String pkg : EUICC_PACKAGES) {
try {
pm.setApplicationEnabledSetting(pkg, flag, 0);
} catch (IllegalArgumentException e) {
Log.d(TAG, "package " + pkg + " is not present");
}
}
}
}

1
sepolicy/.gitupstream Normal file
View File

@@ -0,0 +1 @@
https://android.googlesource.com/device/google/zuma-sepolicy

4
sepolicy/OWNERS Normal file
View File

@@ -0,0 +1,4 @@
include device/google/gs-common:/sepolicy/OWNERS
adamshih@google.com

2
sepolicy/legacy/system_ext/private/property_contexts Normal file
View File

@@ -0,0 +1,2 @@
# Fingerprint (UDFPS) GHBM/LHBM toggle
persist.fingerprint.ghbm u:object_r:fingerprint_ghbm_prop:s0 exact bool

2
sepolicy/legacy/system_ext/public/property.te Normal file
View File

@@ -0,0 +1,2 @@
# Fingerprint (UDFPS) GHBM/LHBM toggle
system_vendor_config_prop(fingerprint_ghbm_prop)

1
sepolicy/legacy/whitechapel_pro/attributes Normal file
View File

@@ -0,0 +1 @@
attribute vendor_persist_type;

33
sepolicy/legacy/whitechapel_pro/certs/EuiccSupportPixel.x509.pem Normal file
View File

@@ -0,0 +1,33 @@
-----BEGIN CERTIFICATE-----
MIIFxjCCA66gAwIBAgIURH+ESClecwsP2Et2gQ1RAHxabWcwDQYJKoZIhvcNAQEL
BQAwdDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcT
DU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMuMRAwDgYDVQQLEwdB
bmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMB4XDTE5MDIyODE5MjIxNloXDTQ5MDIy
ODE5MjIxNlowdDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAU
BgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMuMRAwDgYD
VQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMIICIjANBgkqhkiG9w0BAQEF
AAOCAg8AMIICCgKCAgEA5AVOe4SKiCOnR4DQ2V3sIo5LNpGtmdzZ54MnHIrsSX8n
43xtCTpfQWDWnDZFCIHSmR8KAOQ0BNxL8ajtr66gU6tFzD5Vlistwl9P9uUlYWgG
aeyEoOUqtiN2HtsJDpcCLYKOz6oH2c5NeruDp5n/Z49xpXXXLgoOTlsoS65tsTcW
FrcSuuOE40UyFJ+Rwhh1EiXGPvT99gaXNnDq5WIsPNNe39jV7f01lZs/g5iUn4dV
A/DxLMam/CQh7qQkh6qWkDL8koQ21N9xEZYTR8qvGvgz3Zd1yfT0P1HsgJaPXK5F
qb2vLV1NP8KoYIlB2KqadCn+HJjIgH8UIbB+R8o6KuWCYzLb5vPs87HkXG5/Y+GB
7HrCIC+6a8BJ4UUyjUkg/HtBd7GlEixZKLtbcJ3erdfL7uigjCJEqAYDXr2Zes31
898ePcl3YQO5/rHobB7f4w3iF/TwIAAyRRlOceoskCEa/vCbmb7I8HQIJthSNedW
cBiKUneohCtfLT3qS0JUVZewiFRMOVD8mwcZFr4o/UfVslEe8DpBp0WXs/83OeEJ
dtfRc861jdOJ7EIyfDmBX91iWgLCBgv6aXtMvP7CwgZV7y+C+WbbsjYTYSjsNVSA
1uexVPozsSkIjxote0aAiu6+b8LAq9bq2c6Yc6MoldgBqlfcwvFzlKqlm966q6UC
AwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUuH5K2ov/9L++x+8UhrCD
hNdJm6EwHwYDVR0jBBgwFoAUuH5K2ov/9L++x+8UhrCDhNdJm6EwDQYJKoZIhvcN
AQELBQADggIBAIV1Wx+iwchzxx+ggbWlmJx+oPya2axvj8cgbLGujxI+nmtY2b7U
vzazggubioxJJW7rzemLMDwfKPlfiZkIeQmBe2YJhHiwIPaRAB2juZTfQARsEkd4
qYvcIDui6PbbgitLWOh3lYNDcVe/c8+EwbJuNNSqjPwIZvj2lodTQNI7uUy1ff5h
ytHsznObr/rh+MeJlKKY56JL6VEzsD694iVFxJ7f4FXK5Y0pjqYmGj1krcfMFoxH
PAmj57yf3VVzeGKx5re+5WIMe5K0RZB9IWxfvx1DsxXvzVeaHYW/c6VF7TVT/RUV
+iLtst+1A1RJbeXDu3uLHxPAC44WUb3FQOUKPRP2cIul70ifJSbvu+qLuyfgwltX
yYIeQMSrUw4WK6NMNYaIPgEq1BX4rLUlKxlH4xaNwT5ZCWLTRdWozYP5FFSMdQhh
Ob1Ki81wKmr1f9EkXoW9eGRZBj3tAg90k0qltel30eLpW6gmnNg+la84nyaXfBF3
vQAbaAuW5D3TAMWR/Wl6nHoPItdrXHkyMRvQkzx2ezKz61ZP3uDfEZvMLXR0lle8
s6pTZB3GLS4mY9LFQdDwPlc1xk8yEcdnUAZs+9U6zZF1+FKSgb3UNy81g2DHUMp0
FCBXTy+kLm0LQVYU91kLd+fTkmgkWl4xSyXeV5g3FFuiv9ahl7//vvCG
-----END CERTIFICATE-----

29
sepolicy/legacy/whitechapel_pro/certs/com_qorvo_uwb.x509.pem Normal file
View File

@@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIFyTCCA7GgAwIBAgIVANWkcWcmZf4abdvo9BViyvCckwRrMA0GCSqGSIb3DQEBCwUAMHQxCzAJ
BgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRQw
EgYDVQQKEwtHb29nbGUgSW5jLjEQMA4GA1UECxMHQW5kcm9pZDEQMA4GA1UEAxMHQW5kcm9pZDAg
Fw0yMTA1MDQwNTAyMDhaGA8yMDUxMDUwNDA1MDIwOFowdDELMAkGA1UEBhMCVVMxEzARBgNVBAgT
CkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMu
MRAwDgYDVQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMIICIjANBgkqhkiG9w0BAQEFAAOC
Ag8AMIICCgKCAgEAs41Lur5ric6Q5biv8m8gDzTJfGausbkJ0QRNXUOE2m5BaAs9YOoE1FRalYld
6VxySfDLpiSanE0O21Gk9QMRNZmN7Aybci79uyWF7zTPrP1yNTC0UJZu1ke5OzOtp5rLGSDRuFP2
oF/momrDT9w51ucDLGkhCr5a97O78yQRiN16MPrRjiB5/pTlt+d95auF5ZNnfshs5/z95Aw8HD/M
T2KjzeF6xANhkLL3pcaPN3CjSxFuj0o6W4R2rIezaw7yBvKlg2UtVaHMvPoEvrQTffCOL9PZeKWR
xwqKWwOWcG0mJNMYX9czOHS72UOfYEpAL5rqlrFslDG+oAm3Jt39aZwyJXIu6RutXDqzlPYE+vXY
K8bSUeLtBKklJA2VzfldIhjg8/+LNbLDjTYIGZqQjEbf25ACru9coeo49sTCepFAdW0eb+6wPlI9
xuK0DW1YEKP0yJRPsvM7beCwWIMZnT/dqITb5ALQI2lQ7Mfy6Oc5q5DB5eichP7wccpfPG5sls8e
q071Jx7SUFwqgXRlyrkTzsq+VachUGFs+4E43HeFLDsKdAuvnLBnxwpI33DwNzEVDnf4UVqc/mbg
tkLlTuYheqHnyJSJU6rzqXEe8vCjQwc5nz0MrQ0JHBTIEJ35y3tlQLzd8Km+NO2nspMDZA0fRO/V
Xaqr5ZftECU3fGUCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUk38scNBtcZ9dICGl
jytNyyMgaikwHwYDVR0jBBgwFoAUk38scNBtcZ9dICGljytNyyMgaikwDQYJKoZIhvcNAQELBQAD
ggIBAAthh8JaDOEFLUWXv7JhDWy/bsIg23p7adOui8ubWmE4843v2ZF874F09mHavP6oXfq69Ppq
H0K8+u8+vDunPLFutxSIvy+VCGq17T99LRE0d9aj11TNflanlONzt8qoBcWy7MEofqlxXkxx9upR
lUO89ASqyCr7r7UbWSjSGJlSapMParMXRSzRhOJCEdfvyfAMqTYMoekRnytcqR3ujUIXktALqkZe
WmVwJE+psstvPRSgDS3YR5j+B61u2GNBYie4x3Fwn0tcT5ioRlOGxptAUNtB/c7dEMYeYyeMw/rg
SGwzC3l3cQrJIObsPJGY7T9B6e8njP2ssytrM7ExjdB9nboIFifgBpQxNYhQpT5JyRM+yj7tDTm6
GdUzsxE6YgXxOazquIiF+K0RAprVj8Ztlz53VbHEubgFrc0zjc+KMNdGD7NvpP7Td4SNkb6hDLgO
CP43SgdjpCdqeEpgZhJVYDZ2C9LXmDjAmcIDWHYt+/WX7NEEURgeuSNJtMgS+/TxI1SAUkSFPsmJ
qoQUXywQJBJ8fZZv5dNXFr0C5GDql/Rjb7S2jB6ROcGr1wKEIakrFz0VFMhZetCogPZiwSN3IaET
/ZJZg+O+eckcZTIhPO7o7l+4uuIh+8o7TOy4qDJiX4hI3rpYLJr2nTNypsU8OWjqJTqKxGbJWzG5
Vtjc
-----END CERTIFICATE-----

3
sepolicy/legacy/whitechapel_pro/device.te Normal file
View File

@@ -0,0 +1,3 @@
type vendor_toe_device, dev_type;
type lwis_device, dev_type;
type rls_device, dev_type;

25
sepolicy/legacy/whitechapel_pro/file.te Normal file
View File

@@ -0,0 +1,25 @@
# Data
type updated_wifi_firmware_data_file, file_type, data_file_type;
type vendor_misc_data_file, file_type, data_file_type;
type per_boot_file, file_type, data_file_type, core_data_file_type;
type powerstats_vendor_data_file, file_type, data_file_type;
# sysfs
type bootdevice_sysdev, dev_type;
type sysfs_wifi, sysfs_type, fs_type;
type sysfs_bcmdhd, sysfs_type, fs_type;
type sysfs_chargelevel, sysfs_type, fs_type;
type sysfs_camera, sysfs_type, fs_type;
# persist
type persist_ss_file, file_type, vendor_persist_type;
# Storage Health HAL
type proc_f2fs, proc_type, fs_type;
# Vendor tools
type vendor_dumpsys, vendor_file_type, file_type;
# USB-C throttling stats
type sysfs_usbc_throttling_stats, sysfs_type, fs_type;

44
sepolicy/legacy/whitechapel_pro/file_contexts Normal file
View File

@@ -0,0 +1,44 @@
# Binaries
/vendor/bin/dumpsys u:object_r:vendor_dumpsys:s0
/vendor/bin/hw/android\.hardware\.gatekeeper-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0
/vendor/bin/hw/android\.hardware\.gatekeeper@1\.0-service\.trusty u:object_r:hal_gatekeeper_default_exec:s0
/vendor/bin/hw/android\.hardware\.nfc-service\.st u:object_r:hal_nfc_default_exec:s0
# Vendor libraries
/vendor/lib(64)?/libdrm\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libion_google\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/arm\.graphics-V1-ndk\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libOpenCL-pixel\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libOpenCL\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/lib_aion_buffer\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libGralloc4Wrapper\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/pixel-power-ext-V1-ndk\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/android\.frameworks\.stats-V1-ndk\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/vendor-pixelatoms-cpp\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libprotobuf-cpp-lite-(\d+\.){2,3}so u:object_r:same_process_hal_file:s0
# Graphics
/vendor/lib(64)?/hw/vulkan\.mali\.so u:object_r:same_process_hal_file:s0
/vendor/lib(64)?/libgpudataproducer\.so u:object_r:same_process_hal_file:s0
# Devices
/dev/ttySAC0 u:object_r:tty_device:s0
/dev/bigwave u:object_r:video_device:s0
/dev/watchdog0 u:object_r:watchdog_device:s0
/dev/dri/card0 u:object_r:graphics_device:s0
/dev/fimg2d u:object_r:graphics_device:s0
/dev/g2d u:object_r:graphics_device:s0
/dev/dit2 u:object_r:vendor_toe_device:s0
/dev/sg1 u:object_r:sg_device:s0
/dev/st21nfc u:object_r:nfc_device:s0
/dev/sys/block/bootdevice(/.*)? u:object_r:bootdevice_sysdev:s0
/dev/socket/chre u:object_r:chre_socket:s0
# Data
/data/vendor/ss(/.*)? u:object_r:tee_data_file:s0
/data/nfc(/.*)? u:object_r:nfc_data_file:s0
/data/vendor/firmware/wifi(/.*)? u:object_r:updated_wifi_firmware_data_file:s0
/data/vendor/misc(/.*)? u:object_r:vendor_misc_data_file:s0
/data/per_boot(/.*)? u:object_r:per_boot_file:s0
/dev/battery_history u:object_r:battery_history_device:s0
/data/vendor/powerstats(/.*)? u:object_r:powerstats_vendor_data_file:s0

76
sepolicy/legacy/whitechapel_pro/genfs_contexts Normal file
View File

@@ -0,0 +1,76 @@
genfscon sysfs /devices/soc0/machine u:object_r:sysfs_soc:s0
genfscon sysfs /devices/soc0/revision u:object_r:sysfs_soc:s0
# tracefs
genfscon tracefs /events/dmabuf_heap/dma_heap_stat u:object_r:debugfs_tracing:s0
# WiFi
genfscon sysfs /wifi u:object_r:sysfs_wifi:s0
# Broadcom
genfscon sysfs /module/bcmdhd4389 u:object_r:sysfs_bcmdhd:s0
# GPU
genfscon sysfs /devices/platform/28000000.mali/hint_min_freq u:object_r:sysfs_gpu:s0
genfscon sysfs /devices/platform/28000000.mali/power_policy u:object_r:sysfs_gpu:s0
# Fabric
genfscon sysfs /devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/min_freq u:object_r:sysfs_fabric:s0
genfscon sysfs /devices/platform/17000020.devfreq_int/devfreq/17000020.devfreq_int/min_freq u:object_r:sysfs_fabric:s0
genfscon sysfs /devices/platform/17000010.devfreq_mif/devfreq/17000010.devfreq_mif/interactive/target_load u:object_r:sysfs_fabric:s0
# sscoredump (per device)
genfscon sysfs /devices/platform/aoc/sscoredump/sscd_aoc/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/bigocean/sscoredump/sscd_bigocean/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/debugcore/sscoredump/sscd_debugcore/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/mfc-core/sscoredump/sscd_mfc-core/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
genfscon sysfs /devices/platform/wlan/sscoredump/sscd_wlan/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0
# Storage
genfscon proc /fs/f2fs u:object_r:proc_f2fs:s0
genfscon proc /sys/vm/swappiness u:object_r:proc_dirty:s0
# Haptics
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-6/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/i2c-cs40l26a u:object_r:sysfs_vibrator:s0
# Thermal
genfscon sysfs /devices/platform/100a0000.LITTLE u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100a0000.MID u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100a0000.BIG u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100a0000.ISP u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100b0000.G3D u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100b0000.TPU u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/platform/100b0000.AUR u:object_r:sysfs_thermal:s0
genfscon sysfs /module/gs_thermal/parameters/tmu_reg_dump_state u:object_r:sysfs_thermal:s0
genfscon sysfs /module/gs_thermal/parameters/tmu_reg_dump_current_temp u:object_r:sysfs_thermal:s0
genfscon sysfs /module/gs_thermal/parameters/tmu_top_reg_dump_rise_thres u:object_r:sysfs_thermal:s0
genfscon sysfs /module/gs_thermal/parameters/tmu_top_reg_dump_fall_thres u:object_r:sysfs_thermal:s0
genfscon sysfs /module/gs_thermal/parameters/tmu_sub_reg_dump_rise_thres u:object_r:sysfs_thermal:s0
genfscon sysfs /module/gs_thermal/parameters/tmu_sub_reg_dump_fall_thres u:object_r:sysfs_thermal:s0
genfscon sysfs /thermal_zone14/mode u:object_r:sysfs_thermal:s0
# Camera
genfscon sysfs /devices/platform/17000030.devfreq_intcam/devfreq/17000030.devfreq_intcam/min_freq u:object_r:sysfs_camera:s0
genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/max_freq u:object_r:sysfs_camera:s0
genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/min_freq u:object_r:sysfs_camera:s0
# USB-C throttling stats
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/cleared_time u:object_r:sysfs_usbc_throttling_stats:s0
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/hysteresis_time u:object_r:sysfs_usbc_throttling_stats:s0
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/trip_time u:object_r:sysfs_usbc_throttling_stats:s0
# Coresight ETM
genfscon sysfs /devices/platform/2b840000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2b940000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2ba40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bb40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bc40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bd40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2be40000.etm u:object_r:sysfs_devices_cs_etm:s0
genfscon sysfs /devices/platform/2bf40000.etm u:object_r:sysfs_devices_cs_etm:s0

2
sepolicy/legacy/whitechapel_pro/hal_input_processor_default.te Normal file
View File

@@ -0,0 +1,2 @@
# allow InputProcessor HAL to read the display resolution system property
get_prop(hal_input_processor_default, vendor_display_prop)

5
sepolicy/legacy/whitechapel_pro/keys.conf Normal file
View File

@@ -0,0 +1,5 @@
[@UWB]
ALL : device/google/zuma/sepolicy/legacy/whitechapel_pro/certs/com_qorvo_uwb.x509.pem
[@EUICCSUPPORTPIXEL]
ALL : device/google/zuma/sepolicy/legacy/whitechapel_pro/certs/EuiccSupportPixel.x509.pem

30
sepolicy/legacy/whitechapel_pro/mac_permissions.xml Normal file
View File

@@ -0,0 +1,30 @@
<?xml version="1.0" encoding="utf-8"?>
<policy>
<!--
* A signature is a hex encoded X.509 certificate or a tag defined in
keys.conf and is required for each signer tag.
* A signer tag may contain a seinfo tag and multiple package stanzas.
* A default tag is allowed that can contain policy for all apps not signed with a
previously listed cert. It may not contain any inner package stanzas.
* Each signer/default/package tag is allowed to contain one seinfo tag. This tag
represents additional info that each app can use in setting a SELinux security
context on the eventual process.
* When a package is installed the following logic is used to determine what seinfo
value, if any, is assigned.
- All signatures used to sign the app are checked first.
- If a signer stanza has inner package stanzas, those stanza will be checked
to try and match the package name of the app. If the package name matches
then that seinfo tag is used. If no inner package matches then the outer
seinfo tag is assigned.
- The default tag is consulted last if needed.
-->
<!-- google apps key -->
<signer signature="@UWB" >
<seinfo value="uwb" />
</signer>
<signer signature="@EUICCSUPPORTPIXEL" >
<seinfo value="EuiccSupportPixel" />
</signer>
</policy>

14
sepolicy/legacy/whitechapel_pro/property.te Normal file
View File

@@ -0,0 +1,14 @@
vendor_internal_prop(vendor_nfc_prop)
vendor_internal_prop(vendor_secure_element_prop)
vendor_internal_prop(vendor_battery_profile_prop)
vendor_internal_prop(vendor_camera_prop)
vendor_internal_prop(vendor_camera_fatp_prop)
vendor_internal_prop(vendor_ro_sys_default_prop)
vendor_internal_prop(vendor_persist_sys_default_prop)
vendor_internal_prop(vendor_display_prop)
# UWB calibration
system_vendor_config_prop(vendor_uwb_calibration_prop)
# Trusty storage FS ready
vendor_internal_prop(vendor_trusty_storage_prop)

22
sepolicy/legacy/whitechapel_pro/property_contexts Normal file
View File

@@ -0,0 +1,22 @@
# test battery profile
persist.vendor.testing_battery_profile u:object_r:vendor_battery_profile_prop:s0
# NFC
persist.vendor.nfc. u:object_r:vendor_nfc_prop:s0
# SecureElement
persist.vendor.se. u:object_r:vendor_secure_element_prop:s0
# for display
ro.vendor.hwc.drm.device u:object_r:vendor_display_prop:s0
persist.vendor.display. u:object_r:vendor_display_prop:s0
# vendor default
ro.vendor.sys. u:object_r:vendor_ro_sys_default_prop:s0
persist.vendor.sys. u:object_r:vendor_persist_sys_default_prop:s0
#uwb
ro.vendor.uwb.calibration. u:object_r:vendor_uwb_calibration_prop:s0 exact string
# Trusty
ro.vendor.trusty.storage.fs_ready u:object_r:vendor_trusty_storage_prop:s0

1
sepolicy/legacy/whitechapel_pro/service.te Normal file
View File

@@ -0,0 +1 @@
type hal_uwb_vendor_service, service_manager_type, hal_service_type;

1
sepolicy/legacy/whitechapel_pro/service_contexts Normal file
View File

@@ -0,0 +1 @@
hardware.qorvo.uwb.IUwbVendor/default u:object_r:hal_uwb_vendor_service:s0

1
sepolicy/legacy/whitechapel_pro/vndservice.te Normal file
View File

@@ -0,0 +1 @@
type rls_service, vndservice_manager_type;

1
sepolicy/legacy/whitechapel_pro/vndservice_contexts Normal file
View File

@@ -0,0 +1 @@
rlsservice u:object_r:rls_service:s0

18
sepolicy/private/debug_camera_app.te Normal file
View File

@@ -0,0 +1,18 @@
typeattribute debug_camera_app coredomain;
userdebug_or_eng(`
app_domain(debug_camera_app)
net_domain(debug_camera_app)
allow debug_camera_app app_api_service:service_manager find;
allow debug_camera_app audioserver_service:service_manager find;
allow debug_camera_app cameraserver_service:service_manager find;
allow debug_camera_app mediaextractor_service:service_manager find;
allow debug_camera_app mediametrics_service:service_manager find;
allow debug_camera_app mediaserver_service:service_manager find;
# Allows GCA_Eng & GCA-Next to access the PowerHAL.
hal_client_domain(debug_camera_app, hal_power)
# Follow priv-app symlinks. This is used for dynamite functionality.
allow debug_camera_app privapp_data_file:lnk_file r_file_perms;
')

19
sepolicy/private/google_camera_app.te Normal file
View File

@@ -0,0 +1,19 @@
typeattribute google_camera_app coredomain;
app_domain(google_camera_app)
net_domain(google_camera_app)
allow google_camera_app app_api_service:service_manager find;
allow google_camera_app audioserver_service:service_manager find;
allow google_camera_app cameraserver_service:service_manager find;
allow google_camera_app mediaextractor_service:service_manager find;
allow google_camera_app mediametrics_service:service_manager find;
allow google_camera_app mediaserver_service:service_manager find;
# Allows GCA to access the PowerHAL.
hal_client_domain(google_camera_app, hal_power)
# Library code may try to access vendor properties, but should be denied
dontaudit google_camera_app vendor_default_prop:file { getattr map open };
# Follow priv-app symlinks. This is used for dynamite functionality.
allow google_camera_app privapp_data_file:lnk_file r_file_perms;

11
sepolicy/private/seapp_contexts Normal file
View File

@@ -0,0 +1,11 @@
# Google Camera
user=_app isPrivApp=true seinfo=google name=com.google.android.GoogleCamera domain=google_camera_app type=app_data_file levelFrom=all
# Google Camera Eng
user=_app seinfo=CameraEng name=com.google.android.GoogleCameraEng domain=debug_camera_app type=app_data_file levelFrom=all
# Also allow GoogleCameraNext, the fishfood version, the same access as GoogleCamera
user=_app seinfo=CameraFishfood name=com.google.android.apps.googlecamera.fishfood domain=google_camera_app type=app_data_file levelFrom=all
# Also label GoogleCameraNext, built with debug keys as debug_camera_app.
user=_app seinfo=CameraEng name=com.google.android.apps.googlecamera.fishfood domain=debug_camera_app type=app_data_file levelFrom=all

2
sepolicy/private/vendor_init.te Normal file
View File

@@ -0,0 +1,2 @@
# b/277300125
dontaudit vendor_init device_config_configuration_prop:property_service { set };

1
sepolicy/public/debug_camera_app.te Normal file
View File

@@ -0,0 +1 @@
type debug_camera_app, domain;

1
sepolicy/public/google_camera_app.te Normal file
View File

@@ -0,0 +1 @@
type google_camera_app, domain;

9
sepolicy/radio/bipchmgr.te Normal file
View File

@@ -0,0 +1,9 @@
type bipchmgr, domain;
type bipchmgr_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(bipchmgr)
get_prop(bipchmgr, hwservicemanager_prop);
allow bipchmgr hal_exynos_rild_hwservice:hwservice_manager find;
hwbinder_use(bipchmgr)
binder_call(bipchmgr, rild)

8
sepolicy/radio/cat_engine_service_app.te Normal file
View File

@@ -0,0 +1,8 @@
type cat_engine_service_app, domain;
userdebug_or_eng(`
app_domain(cat_engine_service_app)
get_prop(cat_engine_service_app, vendor_rild_prop)
allow cat_engine_service_app app_api_service:service_manager find;
allow cat_engine_service_app system_app_data_file:dir r_dir_perms;
')

60
sepolicy/radio/cbd.te Normal file
View File

@@ -0,0 +1,60 @@
type cbd, domain;
type cbd_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(cbd)
set_prop(cbd, vendor_modem_prop)
set_prop(cbd, vendor_cbd_prop)
set_prop(cbd, vendor_rild_prop)
allow cbd mnt_vendor_file:dir r_dir_perms;
allow cbd kmsg_device:chr_file rw_file_perms;
allow cbd vendor_shell_exec:file execute_no_trans;
allow cbd vendor_toolbox_exec:file execute_no_trans;
# Allow cbd to access modem block device
allow cbd block_device:dir search;
allow cbd modem_block_device:blk_file r_file_perms;
# Allow cbd to access sysfs chosen files
allow cbd sysfs_chosen:file r_file_perms;
allow cbd sysfs_chosen:dir r_dir_perms;
allow cbd radio_device:chr_file rw_file_perms;
allow cbd proc_cmdline:file r_file_perms;
allow cbd persist_modem_file:dir create_dir_perms;
allow cbd persist_modem_file:file create_file_perms;
allow cbd persist_file:dir search;
allow cbd radio_vendor_data_file:dir create_dir_perms;
allow cbd radio_vendor_data_file:file create_file_perms;
# Allow cbd to operate with modem EFS file/dir
allow cbd modem_efs_file:dir create_dir_perms;
allow cbd modem_efs_file:file create_file_perms;
# Allow cbd to operate with modem userdata file/dir
allow cbd modem_userdata_file:dir create_dir_perms;
allow cbd modem_userdata_file:file create_file_perms;
# Allow cbd to access modem image file/dir
allow cbd modem_img_file:dir r_dir_perms;
allow cbd modem_img_file:file r_file_perms;
allow cbd modem_img_file:lnk_file r_file_perms;
# Allow cbd to collect crash info
allow cbd sscoredump_vendor_data_crashinfo_file:dir create_dir_perms;
allow cbd sscoredump_vendor_data_crashinfo_file:file create_file_perms;
userdebug_or_eng(`
r_dir_file(cbd, vendor_slog_file)
allow cbd kernel:system syslog_read;
allow cbd sscoredump_vendor_data_coredump_file:dir create_dir_perms;
allow cbd sscoredump_vendor_data_coredump_file:file create_file_perms;
')

13
sepolicy/radio/cbrs_setup.te Normal file
View File

@@ -0,0 +1,13 @@
# GoogleCBRS app
type cbrs_setup_app, domain;
userdebug_or_eng(`
app_domain(cbrs_setup_app)
net_domain(cbrs_setup_app)
allow cbrs_setup_app app_api_service:service_manager find;
allow cbrs_setup_app cameraserver_service:service_manager find;
allow cbrs_setup_app radio_service:service_manager find;
set_prop(cbrs_setup_app, radio_prop)
set_prop(cbrs_setup_app, vendor_rild_prop)
')

29
sepolicy/radio/certs/com_google_mds.x509.pem Normal file
View File

@@ -0,0 +1,29 @@
-----BEGIN CERTIFICATE-----
MIIFxjCCA66gAwIBAgIUHaTgvNgfCuCnEGvjMtysCgoCclIwDQYJKoZIhvcNAQELBQAwdDELMAkG
A1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDAS
BgNVBAoTC0dvb2dsZSBJbmMuMRAwDgYDVQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMB4X
DTE5MDQyMjE0NTcwNVoXDTQ5MDQyMjE0NTcwNVowdDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
bGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxFDASBgNVBAoTC0dvb2dsZSBJbmMuMRAw
DgYDVQQLEwdBbmRyb2lkMRAwDgYDVQQDEwdBbmRyb2lkMIICIjANBgkqhkiG9w0BAQEFAAOCAg8A
MIICCgKCAgEAwrx6YQqIIvZEULv/1AAF8HR4t0kPnZsgGwoR3SrumpGCNRPjAN8yztJi6fdNZSLn
lj7giXZm16lDTWQ+/bKwuDof5adaRuE7nrf2oVTzRQ3Z1XFcw0400mQ0EHZYTBV6wgl9/K4zepIi
/149Vyy0ynkiB3kmZYCDS6VfOvHHyqxxuKlwF2ry0YILGo3PwaNDiONizpq2RtLNIYseyK6ow5QH
wHtL81n8bc3bIbwJjrKnCef2WDEy8ZaVMyLIYZwYZ3rw4MLQVF5Pqy93RKMfz7ZzJaERlwWsqz01
2Ae1QpP82MBQVMoAUhjFKO3XAlD1592nx1zNzf5kpwGhTEpSWrnVS3UUW3ISBactM/fihmjOot5S
UXidLa0W2FvJuLDn0XL7TnwLU8MOekesKKQQa17ESEGTpSlJP3nw/xccbaYAzXof6yRJ3iJnNsGG
2njAxC9XqxwaaV4PsomfFueqgx0u3wQsPWskTbRgLQK3z/V8+hoTxsrZ4VE23DZ3z4vz4CXn/1Iz
up7Gceun4cBqEYz+leVsc3ML28dsbOmoju910uOeCH28D6aDHRKzsGClj09bUeL/ZpStLEPA1AU+
Nju2Y7rQI1T0l7tWIhKq5W6pPPpZcePNNflLvF72gudEa5v/PQGjWmElXOEMmzpRhqZovaDbcpej
CWu11DeYtfkCAwEAAaNQME4wDAYDVR0TBAUwAwEB/zAdBgNVHQ4EFgQUEdfzOO0hHPuLPlpdLAtl
gtAUNckwHwYDVR0jBBgwFoAUEdfzOO0hHPuLPlpdLAtlgtAUNckwDQYJKoZIhvcNAQELBQADggIB
AHUv2QmPiuvFHmroIn0GztonAEKcHYENCKvC7nDGrj7MedD46Fn7mC1Nej2yuXM8KOkpjapjOA9o
4ggV75R28HDkHP3Ies1xK1TejPGekxfvvLP+RmWFJPiuKaVhwn78BM4IWSSqKA3vh/pZH+OqK8kO
HK1BpFkwvlyira025XGnCPWzBNij9pMqioUpGjz3Pp7cw2iPY1tTlcmYXsCns7AbZ9Z3YNav7Zx6
jku9aJRsdAtW3tfKi4rmuh0VAYVmlp4BmcVkmRKozYn8QKyB/PAhGbDAnIwDzoHsrFvwxpKwMJJs
JFVumvh9JrGq0YvY6R52DzA7+KvWkAMe22JXW70EhSZ8QD5t7WphZ683Hpjf5fWpWXcU/fUqkihi
HPy9ogiNlJ5hYaDMbkKyA2vzsagJorK4V1pXg3gk7D96MOE5wFSROd/WQit8W+4ApkF3DOIjyCEC
KHAZVkcp8nx//hs50GoirtUhLpj4PcYHUg6I2c+Gx/krSOQD/fxuC7PWxE5whIZRBaXIkHWALufR
e7eeFI9peEu/nvn/MjNXyVoUbuQ3Ja4QFt+Ku7+KU+numH8ajBCzaPeu6bxosVNXyiDAxDI+Tfuk
jn37lHw/TQ8athakHqhxg63+nwsbnkyd0S1qPG38ocHqLliPBVz8nntcmUR1PdeFZpvGGlD83sJV
-----END CERTIFICATE-----

4
sepolicy/radio/device.te Normal file
View File

@@ -0,0 +1,4 @@
type modem_block_device, dev_type;
type vendor_gnss_device, dev_type;
type modem_userdata_block_device, dev_type;
type efs_block_device, dev_type;

33
sepolicy/radio/dmd.te Normal file
View File

@@ -0,0 +1,33 @@
type dmd, domain;
type dmd_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(dmd)
# Grant to access serial device for external logging tool
allow dmd serial_device:chr_file rw_file_perms;
# Grant to access radio device
allow dmd radio_device:chr_file rw_file_perms;
# Grant to access slog dir/file
allow dmd vendor_slog_file:dir create_dir_perms;
allow dmd vendor_slog_file:file create_file_perms;
# Grant to access tcp socket
allow dmd node:tcp_socket node_bind;
allow dmd self:tcp_socket { create_socket_perms_no_ioctl listen accept bind };
# Grant to access log related properties
set_prop(dmd, vendor_diag_prop)
set_prop(dmd, vendor_slog_prop)
set_prop(dmd, vendor_modem_prop)
get_prop(dmd, vendor_persist_config_default_prop)
# Grant to access hwservice manager
get_prop(dmd, hwservicemanager_prop)
allow dmd hidl_base_hwservice:hwservice_manager add;
allow dmd hal_vendor_oem_hwservice:hwservice_manager { add find };
binder_call(dmd, hwservicemanager)
binder_call(dmd, modem_diagnostic_app)
binder_call(dmd, modem_logging_control)
binder_call(dmd, vendor_telephony_silentlogging_app)
binder_call(dmd, liboemservice_proxy_default)

41
sepolicy/radio/file.te Normal file
View File

@@ -0,0 +1,41 @@
# Data
type rild_vendor_data_file, file_type, data_file_type;
type vendor_gps_file, file_type, data_file_type;
type modem_ml_data_file, file_type, data_file_type;
type modem_stat_data_file, file_type, data_file_type;
type vendor_log_file, file_type, data_file_type;
type vendor_rfsd_log_file, file_type, data_file_type;
type vendor_slog_file, file_type, data_file_type;
userdebug_or_eng(`
typeattribute vendor_gps_file mlstrustedobject;
typeattribute vendor_slog_file mlstrustedobject;
')
# persist
type persist_modem_file, file_type, vendor_persist_type;
# Modem
type modem_efs_file, file_type;
type modem_userdata_file, file_type;
type sysfs_modem, sysfs_type, fs_type;
# Exynos Firmware
type vendor_fw_file, vendor_file_type, file_type;
# vendor extra images
type modem_img_file, contextmount_type, file_type, vendor_file_type;
allow modem_img_file self:filesystem associate;
type modem_config_file, file_type, vendor_file_type;
# sysfs
type sysfs_chosen, sysfs_type, fs_type;
type sysfs_sjtag, fs_type, sysfs_type;
userdebug_or_eng(`
typeattribute sysfs_sjtag mlstrustedobject;
')
# Vendor sched files
userdebug_or_eng(`
typeattribute proc_vendor_sched mlstrustedobject;
')

43
sepolicy/radio/file_contexts Normal file
View File

@@ -0,0 +1,43 @@
# Binaries
/vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0
/vendor/bin/bipchmgr u:object_r:bipchmgr_exec:s0
/vendor/bin/vcd u:object_r:vcd_exec:s0
/vendor/bin/dmd u:object_r:dmd_exec:s0
/vendor/bin/sced u:object_r:sced_exec:s0
/vendor/bin/rfsd u:object_r:rfsd_exec:s0
/vendor/bin/modem_logging_control u:object_r:modem_logging_control_exec:s0
/vendor/bin/modem_svc_sit u:object_r:modem_svc_sit_exec:s0
/vendor/bin/modem_ml_svc_sit u:object_r:modem_ml_svc_sit_exec:s0
/vendor/bin/cbd u:object_r:cbd_exec:s0
/vendor/bin/hw/rild_exynos u:object_r:rild_exec:s0
/vendor/bin/hw/vendor\.google\.radioext@1\.0-service u:object_r:hal_radioext_default_exec:s0
/vendor/bin/liboemservice_proxy_default u:object_r:liboemservice_proxy_default_exec:s0
# Config files
/vendor/etc/modem_ml_models\.conf u:object_r:modem_config_file:s0
# Data
/data/vendor/log/rfsd(/.*)? u:object_r:vendor_rfsd_log_file:s0
/data/vendor/log(/.*)? u:object_r:vendor_log_file:s0
/data/vendor/slog(/.*)? u:object_r:vendor_slog_file:s0
/data/vendor/modem_ml(/.*)? u:object_r:modem_ml_data_file:s0
/data/vendor/modem_stat(/.*)? u:object_r:modem_stat_data_file:s0
/data/vendor/rild(/.*)? u:object_r:rild_vendor_data_file:s0
# vendor extra images
/mnt/vendor/efs(/.*)? u:object_r:modem_efs_file:s0
/mnt/vendor/efs_backup(/.*)? u:object_r:modem_efs_file:s0
/mnt/vendor/modem_img(/.*)? u:object_r:modem_img_file:s0
/mnt/vendor/modem_userdata(/.*)? u:object_r:modem_userdata_file:s0
/mnt/vendor/persist/modem(/.*)? u:object_r:persist_modem_file:s0
# Devices
/dev/ttyGS[0-3] u:object_r:serial_device:s0
/dev/oem_ipc[0-7] u:object_r:radio_device:s0
/dev/oem_test u:object_r:radio_device:s0
/dev/umts_boot0 u:object_r:radio_device:s0
/dev/umts_ipc0 u:object_r:radio_device:s0
/dev/umts_ipc1 u:object_r:radio_device:s0
/dev/umts_rfs0 u:object_r:radio_device:s0
/dev/umts_dm0 u:object_r:radio_device:s0
/dev/umts_router u:object_r:radio_device:s0

4
sepolicy/radio/fsck.te Normal file
View File

@@ -0,0 +1,4 @@
allow fsck persist_block_device:blk_file rw_file_perms;
allow fsck efs_block_device:blk_file rw_file_perms;
allow fsck modem_userdata_block_device:blk_file rw_file_perms;

8
sepolicy/radio/genfs_contexts Normal file
View File

@@ -0,0 +1,8 @@
# SJTAG
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0
genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0
genfscon sysfs /firmware/devicetree/base/chosen u:object_r:sysfs_chosen:s0
# Modem
genfscon sysfs /devices/platform/cp-tm1/cp_temp u:object_r:sysfs_modem:s0

7
sepolicy/radio/gpsd.te Normal file
View File

@@ -0,0 +1,7 @@
type gpsd, domain;
type gpsd_exec, vendor_file_type, exec_type, file_type;
# Allow gpsd access PixelLogger unix socket in debug build only
userdebug_or_eng(`
typeattribute gpsd mlstrustedsubject;
allow gpsd logger_app:unix_stream_socket connectto;
')

19
sepolicy/radio/grilservice_app.te Normal file
View File

@@ -0,0 +1,19 @@
type grilservice_app, domain;
app_domain(grilservice_app)
allow grilservice_app app_api_service:service_manager find;
allow grilservice_app hal_bluetooth_coexistence_hwservice:hwservice_manager find;
allow grilservice_app hal_bluetooth_coexistence_service:service_manager find;
allow grilservice_app hal_radioext_hwservice:hwservice_manager find;
allow grilservice_app hal_wifi_ext_hwservice:hwservice_manager find;
allow grilservice_app hal_wifi_ext_service:service_manager find;
allow grilservice_app hal_audiometricext_hwservice:hwservice_manager find;
allow grilservice_app hal_exynos_rild_hwservice:hwservice_manager find;
allow grilservice_app radio_vendor_data_file:dir create_dir_perms;
allow grilservice_app radio_vendor_data_file:file create_file_perms;
binder_call(grilservice_app, hal_bluetooth_btlinux)
binder_call(grilservice_app, hal_radioext_default)
binder_call(grilservice_app, hal_wifi_ext)
binder_call(grilservice_app, hal_audiometricext_default)
binder_call(grilservice_app, rild)
hal_client_domain(grilservice_app, hal_power_stats)

28
sepolicy/radio/hal_radioext_default.te Normal file
View File

@@ -0,0 +1,28 @@
type hal_radioext_default, domain;
type hal_radioext_default_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(hal_radioext_default)
hwbinder_use(hal_radioext_default)
get_prop(hal_radioext_default, hwservicemanager_prop)
add_hwservice(hal_radioext_default, hal_radioext_hwservice)
binder_call(hal_radioext_default, servicemanager)
binder_call(hal_radioext_default, grilservice_app)
binder_call(hal_radioext_default, hal_bluetooth_btlinux)
# RW /dev/oem_ipc0
allow hal_radioext_default radio_device:chr_file rw_file_perms;
# RW MIPI Freq files
allow hal_radioext_default radio_vendor_data_file:dir create_dir_perms;
allow hal_radioext_default radio_vendor_data_file:file create_file_perms;
# Bluetooth
allow hal_radioext_default hal_bluetooth_coexistence_hwservice:hwservice_manager find;
allow hal_radioext_default hal_bluetooth_coexistence_service:service_manager find;
# Twoshay
binder_use(hal_radioext_default)
allow hal_radioext_default gril_antenna_tuning_service:service_manager find;
binder_call(hal_radioext_default, gril_antenna_tuning_service)
binder_call(hal_radioext_default, twoshay)

9
sepolicy/radio/hwservice.te Normal file
View File

@@ -0,0 +1,9 @@
# dmd servcie
type hal_vendor_oem_hwservice, hwservice_manager_type;
# GRIL service
type hal_radioext_hwservice, hwservice_manager_type;
# rild service
type hal_exynos_rild_hwservice, hwservice_manager_type;

8
sepolicy/radio/hwservice_contexts Normal file
View File

@@ -0,0 +1,8 @@
# dmd HAL
vendor.samsung_slsi.telephony.hardware.oemservice::IOemService u:object_r:hal_vendor_oem_hwservice:s0
# rild HAL
vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal u:object_r:hal_exynos_rild_hwservice:s0
# GRIL HAL
vendor.google.radioext::IRadioExt u:object_r:hal_radioext_hwservice:s0

1
sepolicy/radio/hwservicemanager.te Normal file
View File

@@ -0,0 +1 @@
binder_call(hwservicemanager, bipchmgr)

4
sepolicy/radio/init.te Normal file
View File

@@ -0,0 +1,4 @@
allow init modem_efs_file:dir mounton;
allow init modem_userdata_file:dir mounton;
allow init modem_img_file:dir mounton;
allow init modem_img_file:filesystem { getattr mount relabelfrom };

8
sepolicy/radio/init_radio.te Normal file
View File

@@ -0,0 +1,8 @@
type init_radio, domain;
type init_radio_exec, exec_type, vendor_file_type, file_type;
init_daemon_domain(init_radio);
allow init_radio vendor_toolbox_exec:file execute_no_trans;
allow init_radio radio_vendor_data_file:dir create_dir_perms;
allow init_radio radio_vendor_data_file:file create_file_perms;

3
sepolicy/radio/keys.conf Normal file
View File

@@ -0,0 +1,3 @@
[@MDS]
ALL : device/google/zuma/sepolicy/radio/certs/com_google_mds.x509.pem

34
sepolicy/radio/liboemservice_proxy.te Normal file
View File

@@ -0,0 +1,34 @@
type liboemservice_proxy_default, domain;
type liboemservice_proxy_default_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(liboemservice_proxy_default)
# Allow proxy to register as android service.
binder_use(liboemservice_proxy_default);
add_service(liboemservice_proxy_default, liboemservice_proxy_service);
get_prop(liboemservice_proxy_default, hwservicemanager_prop)
binder_call(liboemservice_proxy_default, hwservicemanager)
binder_call(liboemservice_proxy_default, dmd)
allow liboemservice_proxy_default hal_vendor_oem_hwservice:hwservice_manager find;
allow liboemservice_proxy_default radio_vendor_data_file:dir create_dir_perms;
allow liboemservice_proxy_default radio_vendor_data_file:file create_file_perms;
# Grant to access serial device for external logging tool
allow liboemservice_proxy_default serial_device:chr_file rw_file_perms;
# Grant to access radio device
allow liboemservice_proxy_default radio_device:chr_file rw_file_perms;
# Grant to access slog dir/file
allow liboemservice_proxy_default vendor_slog_file:dir create_dir_perms;
allow liboemservice_proxy_default vendor_slog_file:file create_file_perms;
# Grant to access tcp socket
allow liboemservice_proxy_default node:tcp_socket node_bind;
allow liboemservice_proxy_default self:tcp_socket { create_socket_perms_no_ioctl listen accept bind };
# Grant to access log related properties
set_prop(liboemservice_proxy_default, vendor_diag_prop)
set_prop(liboemservice_proxy_default, vendor_slog_prop)
set_prop(liboemservice_proxy_default, vendor_modem_prop)
get_prop(liboemservice_proxy_default, vendor_persist_config_default_prop)

30
sepolicy/radio/logger_app.te Normal file
View File

@@ -0,0 +1,30 @@
userdebug_or_eng(`
allow logger_app vendor_gps_file:file create_file_perms;
allow logger_app vendor_gps_file:dir create_dir_perms;
allow logger_app vendor_slog_file:file {r_file_perms unlink};
allow logger_app radio_vendor_data_file:file create_file_perms;
allow logger_app radio_vendor_data_file:dir create_dir_perms;
allow logger_app sysfs_sscoredump_level:file r_file_perms;
allow logger_app hal_exynos_rild_hwservice:hwservice_manager find;
binder_call(logger_app, rild)
r_dir_file(logger_app, sscoredump_vendor_data_coredump_file)
r_dir_file(logger_app, sscoredump_vendor_data_crashinfo_file)
set_prop(logger_app, vendor_audio_prop)
set_prop(logger_app, vendor_gps_prop)
set_prop(logger_app, vendor_logger_prop)
set_prop(logger_app, vendor_modem_prop)
set_prop(logger_app, vendor_ramdump_prop)
set_prop(logger_app, vendor_rild_prop)
set_prop(logger_app, vendor_ssrdump_prop)
set_prop(logger_app, vendor_tcpdump_log_prop)
set_prop(logger_app, vendor_usb_config_prop)
set_prop(logger_app, vendor_wifi_sniffer_prop)
set_prop(logger_app, logpersistd_logging_prop)
set_prop(logger_app, logd_prop)
# b/269383459 framework UI rendering properties
dontaudit logger_app default_prop:file { read };
')

27
sepolicy/radio/mac_permissions.xml Normal file
View File

@@ -0,0 +1,27 @@
<?xml version="1.0" encoding="utf-8"?>
<policy>
<!--
* A signature is a hex encoded X.509 certificate or a tag defined in
keys.conf and is required for each signer tag.
* A signer tag may contain a seinfo tag and multiple package stanzas.
* A default tag is allowed that can contain policy for all apps not signed with a
previously listed cert. It may not contain any inner package stanzas.
* Each signer/default/package tag is allowed to contain one seinfo tag. This tag
represents additional info that each app can use in setting a SELinux security
context on the eventual process.
* When a package is installed the following logic is used to determine what seinfo
value, if any, is assigned.
- All signatures used to sign the app are checked first.
- If a signer stanza has inner package stanzas, those stanza will be checked
to try and match the package name of the app. If the package name matches
then that seinfo tag is used. If no inner package matches then the outer
seinfo tag is assigned.
- The default tag is consulted last if needed.
-->
<!-- google apps key -->
<signer signature="@MDS" >
<seinfo value="mds" />
</signer>
</policy>

47
sepolicy/radio/modem_diagnostic_app.te Normal file
View File

@@ -0,0 +1,47 @@
type modem_diagnostic_app, domain;
app_domain(modem_diagnostic_app)
net_domain(modem_diagnostic_app)
allow modem_diagnostic_app app_api_service:service_manager find;
allow modem_diagnostic_app radio_service:service_manager find;
userdebug_or_eng(`
hal_client_domain(modem_diagnostic_app, hal_power_stats);
allow modem_diagnostic_app hal_exynos_rild_hwservice:hwservice_manager find;
binder_call(modem_diagnostic_app, rild)
binder_call(modem_diagnostic_app, dmd)
set_prop(modem_diagnostic_app, vendor_cbd_prop)
set_prop(modem_diagnostic_app, vendor_rild_prop)
set_prop(modem_diagnostic_app, vendor_modem_prop)
allow modem_diagnostic_app sysfs_chosen:dir r_dir_perms;
allow modem_diagnostic_app sysfs_chosen:file r_file_perms;
allow modem_diagnostic_app vendor_fw_file:file r_file_perms;
allow modem_diagnostic_app radio_vendor_data_file:dir create_dir_perms;
allow modem_diagnostic_app radio_vendor_data_file:file create_file_perms;
allow modem_diagnostic_app mnt_vendor_file:dir r_dir_perms;
allow modem_diagnostic_app mnt_vendor_file:file r_file_perms;
allow modem_diagnostic_app modem_img_file:dir r_dir_perms;
allow modem_diagnostic_app modem_img_file:file r_file_perms;
allow modem_diagnostic_app modem_img_file:lnk_file r_file_perms;
allow modem_diagnostic_app hal_vendor_oem_hwservice:hwservice_manager find;
allow modem_diagnostic_app sysfs_batteryinfo:file r_file_perms;
allow modem_diagnostic_app sysfs_batteryinfo:dir search;
dontaudit modem_diagnostic_app default_prop:file r_file_perms;
# Modem Log Mask Library Permissions
allow modem_diagnostic_app liboemservice_proxy_service:service_manager find;
binder_use(modem_diagnostic_app)
binder_call(modem_diagnostic_app, liboemservice_proxy_default)
')

17
sepolicy/radio/modem_logging_control.te Normal file
View File

@@ -0,0 +1,17 @@
type modem_logging_control, domain;
type modem_logging_control_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(modem_logging_control)
hwbinder_use(modem_logging_control)
binder_call(modem_logging_control, dmd)
allow modem_logging_control radio_device:chr_file rw_file_perms;
allow modem_logging_control hal_vendor_oem_hwservice:hwservice_manager find;
allow modem_logging_control radio_vendor_data_file:dir create_dir_perms;
allow modem_logging_control radio_vendor_data_file:file create_file_perms;
allow modem_logging_control vendor_slog_file:dir create_dir_perms;
allow modem_logging_control vendor_slog_file:file create_file_perms;
set_prop(modem_logging_control, vendor_modem_prop)
get_prop(modem_logging_control, hwservicemanager_prop)

26
sepolicy/radio/modem_ml_svc_sit.te Normal file
View File

@@ -0,0 +1,26 @@
type modem_ml_svc_sit, domain;
type modem_ml_svc_sit_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(modem_ml_svc_sit)
binder_use(modem_ml_svc_sit)
# Grant radio device access
allow modem_ml_svc_sit radio_device:chr_file rw_file_perms;
# Grant vendor radio and modem file/dir creation permission
allow modem_ml_svc_sit radio_vendor_data_file:dir create_dir_perms;
allow modem_ml_svc_sit radio_vendor_data_file:file create_file_perms;
# Grant modem ml data file/dir creation permission
allow modem_ml_svc_sit modem_ml_data_file:dir create_dir_perms;
allow modem_ml_svc_sit modem_ml_data_file:file create_file_perms;
# Grant modem ml models config files access
allow modem_ml_svc_sit modem_config_file:file r_file_perms;
# RIL property
get_prop(modem_ml_svc_sit, vendor_rild_prop)
# Access to NNAPI service
hal_client_domain(modem_ml_svc_sit, hal_neuralnetworks)
allow modem_ml_svc_sit edgetpu_nnapi_service:service_manager find;

38
sepolicy/radio/modem_svc_sit.te Normal file
View File

@@ -0,0 +1,38 @@
type modem_svc_sit, domain;
type modem_svc_sit_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(modem_svc_sit)
hwbinder_use(modem_svc_sit)
binder_call(modem_svc_sit, rild)
# Grant sysfs_modem access
allow modem_svc_sit sysfs_modem:file rw_file_perms;
# Grant radio device access
allow modem_svc_sit radio_device:chr_file rw_file_perms;
# Grant vendor radio and modem file/dir creation permission
allow modem_svc_sit radio_vendor_data_file:dir create_dir_perms;
allow modem_svc_sit radio_vendor_data_file:file create_file_perms;
allow modem_svc_sit modem_stat_data_file:dir create_dir_perms;
allow modem_svc_sit modem_stat_data_file:file create_file_perms;
allow modem_svc_sit vendor_fw_file:dir search;
allow modem_svc_sit vendor_fw_file:file r_file_perms;
allow modem_svc_sit mnt_vendor_file:dir search;
allow modem_svc_sit modem_userdata_file:dir create_dir_perms;
allow modem_svc_sit modem_userdata_file:file create_file_perms;
# RIL property
get_prop(modem_svc_sit, vendor_rild_prop)
# Modem property
set_prop(modem_svc_sit, vendor_modem_prop)
# hwservice permission
allow modem_svc_sit hal_exynos_rild_hwservice:hwservice_manager find;
get_prop(modem_svc_sit, hwservicemanager_prop)
# logging property
get_prop(modem_svc_sit, vendor_logger_prop)

9
sepolicy/radio/oemrilservice_app.te Normal file
View File

@@ -0,0 +1,9 @@
type oemrilservice_app, domain;
app_domain(oemrilservice_app)
allow oemrilservice_app app_api_service:service_manager find;
allow oemrilservice_app hal_exynos_rild_hwservice:hwservice_manager find;
allow oemrilservice_app radio_service:service_manager find;
binder_call(oemrilservice_app, rild)
set_prop(oemrilservice_app, vendor_rild_prop)

1
sepolicy/radio/private/radio.te Normal file
View File

@@ -0,0 +1 @@
add_service(radio, uce_service)

1
sepolicy/radio/private/service_contexts Normal file
View File

@@ -0,0 +1 @@
telephony.oem.oemrilhook u:object_r:radio_service:s0

17
sepolicy/radio/property.te Normal file
View File

@@ -0,0 +1,17 @@
# P23 vendor properties
vendor_internal_prop(vendor_carrier_prop)
vendor_internal_prop(vendor_cbd_prop)
vendor_internal_prop(vendor_slog_prop)
vendor_internal_prop(vendor_persist_config_default_prop)
vendor_internal_prop(vendor_diag_prop)
vendor_internal_prop(vendor_modem_prop)
vendor_internal_prop(vendor_rild_prop)
vendor_internal_prop(vendor_ssrdump_prop)
vendor_internal_prop(vendor_wifi_version)
vendor_internal_prop(vendor_imssvc_prop)
vendor_internal_prop(vendor_gps_prop)
vendor_internal_prop(vendor_tcpdump_log_prop)
# Telephony debug app
vendor_internal_prop(vendor_telephony_app_prop)

59
sepolicy/radio/property_contexts Normal file
View File

@@ -0,0 +1,59 @@
# for cbd
vendor.cbd. u:object_r:vendor_cbd_prop:s0
persist.vendor.cbd. u:object_r:vendor_cbd_prop:s0
# for ims service
persist.vendor.ims. u:object_r:vendor_imssvc_prop:s0
# for slog
vendor.sys.silentlog. u:object_r:vendor_slog_prop:s0
vendor.sys.exynos.slog. u:object_r:vendor_slog_prop:s0
persist.vendor.sys.silentlog u:object_r:vendor_slog_prop:s0
# for dmd
persist.vendor.sys.dm. u:object_r:vendor_diag_prop:s0
persist.vendor.sys.diag. u:object_r:vendor_diag_prop:s0
vendor.sys.dmd. u:object_r:vendor_diag_prop:s0
vendor.sys.diag. u:object_r:vendor_diag_prop:s0
persist.vendor.config. u:object_r:vendor_persist_config_default_prop:s0
# for logger app
vendor.pixellogger. u:object_r:vendor_logger_prop:s0
persist.vendor.pixellogger. u:object_r:vendor_logger_prop:s0
# Modem
persist.vendor.modem. u:object_r:vendor_modem_prop:s0
vendor.modem. u:object_r:vendor_modem_prop:s0
vendor.sys.modem. u:object_r:vendor_modem_prop:s0
vendor.sys.modem_reset u:object_r:vendor_modem_prop:s0
ro.vendor.sys.modem. u:object_r:vendor_modem_prop:s0
vendor.sys.exynos.modempath u:object_r:vendor_modem_prop:s0
persist.vendor.sys.modem. u:object_r:vendor_modem_prop:s0
# for rild
persist.vendor.ril. u:object_r:vendor_rild_prop:s0
vendor.ril. u:object_r:vendor_rild_prop:s0
vendor.radio. u:object_r:vendor_rild_prop:s0
vendor.sys.rild_reset u:object_r:vendor_rild_prop:s0
persist.vendor.radio. u:object_r:vendor_rild_prop:s0
ro.vendor.config.build_carrier u:object_r:vendor_carrier_prop:s0
# SSR Detector
vendor.debug.ssrdump. u:object_r:vendor_ssrdump_prop:s0
persist.vendor.sys.ssr. u:object_r:vendor_ssrdump_prop:s0
# WiFi
vendor.wlan.driver.version u:object_r:vendor_wifi_version:s0
vendor.wlan.firmware.version u:object_r:vendor_wifi_version:s0
# for vendor telephony debug app
vendor.config.debug. u:object_r:vendor_telephony_app_prop:s0
# for gps
vendor.gps. u:object_r:vendor_gps_prop:s0
persist.vendor.gps. u:object_r:vendor_gps_prop:s0
# Tcpdump_logger
persist.vendor.tcpdump.log.alwayson u:object_r:vendor_tcpdump_log_prop:s0
vendor.tcpdump. u:object_r:vendor_tcpdump_log_prop:s0

7
sepolicy/radio/radio.te Normal file
View File

@@ -0,0 +1,7 @@
set_prop(radio, telephony_ril_prop)
allow radio radio_vendor_data_file:dir rw_dir_perms;
allow radio radio_vendor_data_file:file create_file_perms;
allow radio vendor_ims_app:udp_socket { getattr read write setopt shutdown };
allow radio aoc_device:chr_file rw_file_perms;
allow radio hal_exynos_rild_hwservice:hwservice_manager find;

36
sepolicy/radio/rfsd.te Normal file
View File

@@ -0,0 +1,36 @@
type rfsd, domain;
type rfsd_exec, vendor_file_type, exec_type, file_type;
init_daemon_domain(rfsd)
# Allow to search block device and mnt dir for modem EFS partitions
allow rfsd mnt_vendor_file:dir search;
allow rfsd block_device:dir search;
# Allow to operate with modem EFS file/dir
allow rfsd modem_efs_file:dir create_dir_perms;
allow rfsd modem_efs_file:file create_file_perms;
allow rfsd radio_vendor_data_file:dir r_dir_perms;
allow rfsd radio_vendor_data_file:file r_file_perms;
r_dir_file(rfsd, vendor_fw_file)
# Allow to access rfsd log file/dir
allow rfsd vendor_log_file:dir search;
allow rfsd vendor_rfsd_log_file:dir create_dir_perms;
allow rfsd vendor_rfsd_log_file:file create_file_perms;
# Allow to read/write modem block device
allow rfsd modem_block_device:blk_file rw_file_perms;
# Allow to operate with radio device
allow rfsd radio_device:chr_file rw_file_perms;
# Allow to set rild and modem property
set_prop(rfsd, vendor_modem_prop)
set_prop(rfsd, vendor_rild_prop)
# Allow rfsd to access modem image file/dir
allow rfsd modem_img_file:dir r_dir_perms;
allow rfsd modem_img_file:file r_file_perms;
allow rfsd modem_img_file:lnk_file r_file_perms;

46
sepolicy/radio/rild.te Normal file
View File

@@ -0,0 +1,46 @@
set_prop(rild, vendor_rild_prop)
set_prop(rild, vendor_modem_prop)
get_prop(rild, vendor_persist_config_default_prop)
get_prop(rild, vendor_carrier_prop)
get_prop(rild, sota_prop)
get_prop(rild, system_boot_reason_prop)
set_prop(rild, telephony_ril_prop)
allow rild proc_net:file rw_file_perms;
allow rild radio_vendor_data_file:dir create_dir_perms;
allow rild radio_vendor_data_file:file create_file_perms;
allow rild rild_vendor_data_file:dir create_dir_perms;
allow rild rild_vendor_data_file:file create_file_perms;
allow rild vendor_fw_file:file r_file_perms;
allow rild mnt_vendor_file:dir r_dir_perms;
r_dir_file(rild, modem_img_file)
binder_call(rild, bipchmgr)
binder_call(rild, gpsd)
binder_call(rild, hal_audio_default)
binder_call(rild, modem_svc_sit)
binder_call(rild, vendor_ims_app)
binder_call(rild, vendor_rcs_app)
binder_call(rild, oemrilservice_app)
binder_call(rild, hal_secure_element_uicc)
binder_call(rild, grilservice_app)
binder_call(rild, vendor_engineermode_app)
binder_call(rild, vendor_telephony_debug_app)
binder_call(rild, logger_app)
crash_dump_fallback(rild)
# for hal service
add_hwservice(rild, hal_exynos_rild_hwservice)
# Allow rild to access files on modem img.
allow rild modem_img_file:dir r_dir_perms;
allow rild modem_img_file:file r_file_perms;
allow rild modem_img_file:lnk_file r_file_perms;
userdebug_or_eng(`
binder_call(rild, modem_diagnostic_app)
')

23
sepolicy/radio/sced.te Normal file
View File

@@ -0,0 +1,23 @@
type sced, domain;
type sced_exec, vendor_file_type, exec_type, file_type;
userdebug_or_eng(`
init_daemon_domain(sced)
typeattribute sced vendor_executes_system_violators;
hwbinder_use(sced)
binder_call(sced, dmd)
binder_call(sced, vendor_telephony_silentlogging_app)
get_prop(sced, hwservicemanager_prop)
allow sced self:packet_socket create_socket_perms_no_ioctl;
allow sced self:capability net_raw;
allow sced shell_exec:file rx_file_perms;
allow sced tcpdump_exec:file rx_file_perms;
allow sced vendor_shell_exec:file x_file_perms;
allow sced vendor_slog_file:dir create_dir_perms;
allow sced vendor_slog_file:file create_file_perms;
allow sced hidl_base_hwservice:hwservice_manager add;
allow sced hal_vendor_oem_hwservice:hwservice_manager { add find };
')

35
sepolicy/radio/seapp_contexts Normal file
View File

@@ -0,0 +1,35 @@
# Sub System Ramdump
user=system seinfo=platform name=com.google.SSRestartDetector domain=ssr_detector_app type=system_app_data_file levelFrom=user
# CBRS setup app
user=_app seinfo=platform name=com.google.googlecbrs domain=cbrs_setup_app type=app_data_file levelFrom=user
# Modem Diagnostic System
user=_app isPrivApp=true seinfo=mds name=com.google.mds domain=modem_diagnostic_app type=app_data_file levelFrom=user
user=_app isPrivApp=true seinfo=platform name=com.google.mds domain=modem_diagnostic_app type=app_data_file levelFrom=user
# grilservice
user=_app isPrivApp=true name=com.google.android.grilservice domain=grilservice_app levelFrom=all
# exynos apps
user=_app isPrivApp=true name=com.samsung.slsi.telephony.oemril domain=oemrilservice_app levelFrom=all
user=_app isPrivApp=true name=com.shannon.qualifiednetworksservice domain=vendor_qualifiednetworks_app levelFrom=all
user=_app isPrivApp=true name=com.shannon.rcsservice domain=vendor_rcs_app levelFrom=all
user=_app isPrivApp=true name=com.shannon.rcsservice:shannonrcsservice domain=vendor_rcs_service_app levelFrom=all
user=_app isPrivApp=true name=com.shannon.imsservice domain=vendor_ims_app levelFrom=all
user=_app isPrivApp=true name=.ShannonImsService domain=vendor_ims_app levelFrom=all
user=_app isPrivApp=true name=com.shannon.imsservice:remote domain=vendor_ims_remote_app levelFrom=all
# slsi logging apps
user=system seinfo=platform name=com.samsung.slsi.telephony.silentlogging domain=vendor_telephony_silentlogging_app levelFrom=all
user=system seinfo=platform name=com.samsung.slsi.telephony.silentlogging:remote domain=vendor_silentlogging_remote_app levelFrom=all
user=system seinfo=platform name=com.samsung.slsi.sysdebugmode domain=vendor_telephony_debug_app levelFrom=all
user=system seinfo=platform name=com.samsung.slsi.telephony.testmode domain=vendor_telephony_test_app levelFrom=all
# Samsung S.LSI engineer mode
user=_app seinfo=platform name=com.samsung.slsi.engineermode domain=vendor_engineermode_app levelFrom=all
# Domain for CatEngineService
user=system seinfo=platform name=com.google.android.CatEngine domain=cat_engine_service_app type=system_app_data_file levelFrom=all

2
sepolicy/radio/service.te Normal file
View File

@@ -0,0 +1,2 @@
# define liboemservice_proxy_service
type liboemservice_proxy_service, hal_service_type, service_manager_type;

2
sepolicy/radio/service_contexts Normal file
View File

@@ -0,0 +1,2 @@
# DMD oemservice aidl proxy
com.google.pixel.modem.logmasklibrary.ILiboemserviceProxy/default u:object_r:liboemservice_proxy_service:s0

24
sepolicy/radio/ssr_detector.te Normal file
View File

@@ -0,0 +1,24 @@
type ssr_detector_app, domain;
app_domain(ssr_detector_app)
allow ssr_detector_app app_api_service:service_manager find;
allow ssr_detector_app radio_service:service_manager find;
allow ssr_detector_app system_app_data_file:dir create_dir_perms;
allow ssr_detector_app system_app_data_file:file create_file_perms;
allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
userdebug_or_eng(`
allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
get_prop(ssr_detector_app, vendor_aoc_prop)
allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
allow ssr_detector_app proc_vendor_sched:dir search;
allow ssr_detector_app proc_vendor_sched:file rw_file_perms;
allow ssr_detector_app cgroup:file write;
')
get_prop(ssr_detector_app, vendor_ssrdump_prop)
get_prop(ssr_detector_app, vendor_wifi_version)

13
sepolicy/radio/vcd.te Normal file
View File

@@ -0,0 +1,13 @@
type vcd, domain;
type vcd_exec, vendor_file_type, exec_type, file_type;
userdebug_or_eng(`
init_daemon_domain(vcd)
get_prop(vcd, vendor_rild_prop);
get_prop(vcd, vendor_persist_config_default_prop);
allow vcd serial_device:chr_file rw_file_perms;
allow vcd radio_device:chr_file rw_file_perms;
allow vcd self:tcp_socket { create_socket_perms_no_ioctl listen accept };
allow vcd node:tcp_socket node_bind;
')

12
sepolicy/radio/vendor_engineermode_app.te Normal file
View File

@@ -0,0 +1,12 @@
type vendor_engineermode_app, domain;
app_domain(vendor_engineermode_app)
binder_call(vendor_engineermode_app, rild)
allow vendor_engineermode_app app_api_service:service_manager find;
allow vendor_engineermode_app hal_exynos_rild_hwservice:hwservice_manager find;
userdebug_or_eng(`
dontaudit vendor_engineermode_app default_prop:file r_file_perms;
')

20
sepolicy/radio/vendor_ims_app.te Normal file
View File

@@ -0,0 +1,20 @@
type vendor_ims_app, domain;
app_domain(vendor_ims_app)
net_domain(vendor_ims_app)
allow vendor_ims_app app_api_service:service_manager find;
allow vendor_ims_app audioserver_service:service_manager find;
allow vendor_ims_app hal_exynos_rild_hwservice:hwservice_manager find;
allow vendor_ims_app radio_service:service_manager find;
allow vendor_ims_app mediaserver_service:service_manager find;
allow vendor_ims_app cameraserver_service:service_manager find;
allow vendor_ims_app mediametrics_service:service_manager find;
allow vendor_ims_app self:udp_socket { create_socket_perms_no_ioctl };
binder_call(vendor_ims_app, rild)
set_prop(vendor_ims_app, vendor_rild_prop)
set_prop(vendor_ims_app, radio_prop)
get_prop(vendor_ims_app, vendor_imssvc_prop)

Some files were not shown because too many files have changed in this diff Show More