Evolution-X-Tensor/device_google_comet
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
88 commits 1 branch 0 tags 503 MiB
Commit graph

88 commits

This branch
This branch
All branches
Author SHA1 Message Date
Xin Li
e2b4313a99 [automerger skipped] Merge 24Q4 into AOSP main am: 45d6088fab -s ours 
am skip reason: Merged-In Iaba56ff4025b5403a148bde6daad5f29c9c7f5b3 with SHA-1 8dc3a904d6 is already in history

Original change: https://android-review.googlesource.com/c/device/google/comet-sepolicy/+/3413720

Change-Id: Ie8ca23defcb9a2902e7004312133e88688cb44d4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-12-13 19:06:41 -08:00
Xin Li
45d6088fab Merge 24Q4 into AOSP main 
Bug: 370570306
Merged-In: Iaba56ff4025b5403a148bde6daad5f29c9c7f5b3
Change-Id: I1aadba6c2174f3e6fd58b3eb122943abccd38454
 2024-12-13 11:15:08 -08:00
Xin Li
b7825bed0d Merge 24Q4 (ab/12406339) into aosp-main-future 
Bug: 370570306
Merged-In: Iaba56ff4025b5403a148bde6daad5f29c9c7f5b3
Change-Id: Ic80f142e92aa29df52425edf23a3ea050bd1953b
 2024-11-06 10:31:18 -08:00
attis
8dc3a904d6 Label sysfs node power_mode as sysfs_display. 
Label power_mode to sysfs_panel to let it be allowed in dumpstate.

avc log:
08-26 13:08:28.376 12321 12321 W dump_second_dis: type=1400 audit(0.0:13): avc:  denied  { read } for  name="power_mode" dev="sysfs" ino=83663 scontext=u:r:dump_second_display:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Test: ls -Z, adb bugreport.
Flag: EXEMPT bugfix
Bug: 358505990
Change-Id: Iaba56ff4025b5403a148bde6daad5f29c9c7f5b3
Signed-off-by: attis <attis@google.com>
 2024-08-26 12:13:25 +00:00
Spade Lee
00dfece0e4 sepolicy: add permission for dump_power 
avc:  denied  { read } for  name="maxfg_history" dev="tmpfs" ino=1144 scontext=u:r:dump_power:s0 tcontext=u:object_r:battery_history_device:s0 tclass=chr_file permissive=0

Bug: 353418158
Test: atest-dev com.google.android.selinux.pts.SELinuxTest#scanBugreport => PASS
Flag: EXEMPT bugfix
Change-Id: Ie14081f5614c0667e47b474f11198cd633971326
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-07-18 10:13:51 +00:00
Kiwon Park
52ec1e039e [automerger skipped] Merge "Revert^2 "Allow vendor_init to set setupwizard prop"" into 24D1-dev am: 1599ea8a9a -s ours 
am skip reason: Merged-In I7a46078fb68b61b608296c1a1c509dd5cedfd1e2 with SHA-1 2eea667ffc is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/27828776

Change-Id: I3e7d7ba95b126967f770f64d620b2b25476cd83b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-15 00:31:10 +00:00
Achigo Liu
21ef149c3d [automerger skipped] Revert^2 "Allow vendor_init to set setupwizard prop" am: d6b057332c -s ours 
am skip reason: Merged-In I7a46078fb68b61b608296c1a1c509dd5cedfd1e2 with SHA-1 2eea667ffc is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/27828776

Change-Id: Ib99f61481e252717be21045adea4841e7ad94b27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-15 00:31:07 +00:00
Kiwon Park
1599ea8a9a Merge "Revert^2 "Allow vendor_init to set setupwizard prop"" into 24D1-dev 2024-06-15 00:24:49 +00:00
Kiwon Park
c402c9159a Merge "Revert^2 "Allow vendor_init to set setupwizard prop"" into main 2024-06-14 00:06:27 +00:00
Achigo Liu
d6b057332c Revert^2 "Allow vendor_init to set setupwizard prop" 
dd5d44c6f6

Change-Id: Id32f5409e88e377f96c0e774a13bbb2cec246bfa
Merged-In: I7a46078fb68b61b608296c1a1c509dd5cedfd1e2
 2024-06-13 17:37:37 +00:00
Kiwon Park
2eea667ffc Revert^2 "Allow vendor_init to set setupwizard prop" 
This reverts commit 28599c27ff.

Reason for revert: Doesn't fix the issues in factory testing

Change-Id: I7a46078fb68b61b608296c1a1c509dd5cedfd1e2
 2024-06-13 17:37:24 +00:00
Zheng Pan
6c099c76c3 [automerger skipped] Add DP wakeup file permission am: 4dffc584be -s ours 
am skip reason: Merged-In I8f85b79aedc640d22982855a099b2448f93b29a3 with SHA-1 423a870ad4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/27813145

Change-Id: I87a5783c22460cdef54277500ee32ef8182d53aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-12 23:05:38 +00:00
Zheng Pan
423a870ad4 Add DP wakeup file permission 
Bug: 346660264
Test: None
Change-Id: I8f85b79aedc640d22982855a099b2448f93b29a3
 2024-06-12 20:34:06 +00:00
Zheng Pan
4dffc584be Add DP wakeup file permission 
Bug: 346660264
Test: None
Change-Id: I8f85b79aedc640d22982855a099b2448f93b29a3
Merged-In: I8f85b79aedc640d22982855a099b2448f93b29a3
 2024-06-12 20:25:37 +00:00
Kiwon Park
2db7d7d7d2 [automerger skipped] Revert "Allow vendor_init to set setupwizard prop" am: dd5d44c6f6 -s ours 
am skip reason: Merged-In I0ee3ff036b5d51b532c59e427ca2b3942b5377ee with SHA-1 28599c27ff is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/27717640

Change-Id: Id677de15926f92de09ba680e45218d502686767d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-11 00:27:38 +00:00
Kiwon Park
dd5d44c6f6 Revert "Allow vendor_init to set setupwizard prop" 
This reverts commit 432fb7298d.

Reason for revert: consolidating it in zumapro sepolicy: ag/27701196
Bug: 336903409
Change-Id: I0ee3ff036b5d51b532c59e427ca2b3942b5377ee
Merged-In: I0ee3ff036b5d51b532c59e427ca2b3942b5377ee
 2024-06-07 13:55:10 +00:00
Kiwon Park
28599c27ff Revert "Allow vendor_init to set setupwizard prop" 
This reverts commit 432fb7298d.

Reason for revert: consolidating it in zumapro sepolicy: ag/27701196

Bug: 336903409
Change-Id: I0ee3ff036b5d51b532c59e427ca2b3942b5377ee
 2024-06-07 13:53:30 +00:00
jimsun
86312b5986 Allow vendor_init to set setupwizard prop am: 432fb7298d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/27391555

Change-Id: Ib292998cbca4e4eb21e2458e8e786891f407bf37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-27 06:04:42 +00:00
jimsun
432fb7298d Allow vendor_init to set setupwizard prop 
05-16 17:07:33.099472  root   351   351 E init    : Unable to set property 'setupwizard.feature.provisioning_profile_mode' from uid:0 gid:0 pid:352: SELinux permission check failed
05-16 17:07:33.095723  root   352   352 W libc    : Unable to set property "setupwizard.feature.provisioning_profile_mode" to "true": error code: 0x18

Bug: 339918070
Test: manual
Change-Id: Ie1737d7632e11de9750305df4255da55b4a0c426
 2024-05-24 13:44:22 +08:00
Shiyong Li
b8838772c2 Merge "Add sepolicy for power_state node" into 24D1-dev am: f23f1fc4fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/27057167

Change-Id: Ibe8208dd8146eb1147829d55d4fbce296d400718
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-09 05:21:38 +00:00
Shiyong Li
f23f1fc4fa Merge "Add sepolicy for power_state node" into 24D1-dev 2024-05-09 05:16:16 +00:00
Frank Yu
9e42f59b99 Support register AntennaTuningService. am: 9667a21442 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/27083958

Change-Id: I9d76bb1dbf98c8874c82a2c0e4ccd27a49ffceae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-08 03:01:28 +00:00
Frank Yu
9667a21442 Support register AntennaTuningService. 
The devices uses RadioExt 1.7 should have grilservice_app register antennaTuningCallbacks.

The avc error log:

avc:  denied  { find } for pid=3441 uid=10273 name=com.google.input.algos.gril.IGrilAntennaTuningService/default scontext=u:r:grilservice_app:s0:c17,c257,c512,c768 tcontext=u:object_r:gril_antenna_tuning_service:s0 tclass=service_manager permissive=0

[   22.019071] type=1400 audit(1714448048.956:7): avc:  denied  { call } for  comm="pool-2-thread-1" scontext=u:r:grilservice_app:s0:c254,c256,c512,c768 tcontext=u:r:twoshay:s0 tclass=binder permissive=0 app=com.google.android.grilservice

Test: Manual. Without sepolicy error.
Bug: 321790599
Change-Id: Ie2cecaea493d37cd3009bcf9bab942a62212641f
 2024-05-03 07:10:01 +00:00
YiKai Peng
221e792107 selinux: move wlc 0x61 wakeup to zumapro 
Bug: 335557235
Test: v2/pixel-health-guard/device-boot-health-check-extra
Change-Id: I1ad5bf17dae71ec5e8b6756a8eadf26878afad22
Signed-off-by: YiKai Peng <kenpeng@google.com>
 2024-04-26 13:05:02 +00:00
Kevin Ying
203b4dd470 Add sepolicy for power_state node 
Bug: 329703995
Test: manual - used camera
Change-Id: I3764557b98334ec73ba94a691f0cbdbacb5c8400
Signed-off-by: Kevin Ying <kevinying@google.com>
 2024-04-24 19:09:45 +00:00
Cheng Chang
5d55f75794 sepolicy: Move the gnssif/wakeup to zumapro am: 229a44dbf9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/26795569

Change-Id: Id24c2213bfb14a60c6ca99081637202bcc1ba356
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-10 03:47:51 +00:00
Cheng Chang
229a44dbf9 sepolicy: Move the gnssif/wakeup to zumapro 
Bug: 329334328
Test: abtd device-boot-health-check-extra under b/329334328.
Test: boot and check the logcat avc.
Change-Id: Ieb02d6232186a3d0ee43b2b6c96b0db7ad4534f9
 2024-04-02 09:04:33 +00:00
derickhong
5767edc092 Allow HWC to access display refresh control am: 7cf67c1e9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/comet-sepolicy/+/26642567

Change-Id: I82410cc0b6667c86809615a53155527b0c383ebd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-22 04:03:41 +00:00
derickhong
7cf67c1e9a Allow HWC to access display refresh control 
Bug: 326869289
Test: adb shell dmesg | grep avc ; adb logcat -d | grep avc
Change-Id: I353139e97728486f2a8b6c5f593cddf51adb7804
 2024-03-20 07:39:32 +00:00
Mark Chang
c7eddf0a58 Merge "Add device specific entry back." into main 2024-03-05 05:31:46 +00:00
Derick Hong
9a45b19a5d Merge "Allow HWC to access display refresh control" into main 2024-03-05 03:05:10 +00:00
Mark Chang
c65c619458 Add device specific entry back. 
Bug: 325422902
Test: Manual, system booted without sepolicy denied error.

Change-Id: I2373f111c9b6abd064a1095b004caae3be525361
Signed-off-by: Mark Chang <changmark@google.com>
 2024-03-01 12:45:33 +00:00
Liana Kazanova
d6ab9d280a Revert "Add device specific entry back." 
Revert submission 26288713-twoshay-sepolicy-24

Reason for revert: DroidMonitor: Potential culprit for b/327235315 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.

Bug:327235315

Reverted changes: /q/submissionid:26288713-twoshay-sepolicy-24

Change-Id: I651bf3e08f3c97aad8627d4d471a4ee97e3b2d44
 2024-02-27 21:20:09 +00:00
derickhong
09458f6fc0 Allow HWC to access display refresh control 
Bug: 326869289
Test: adb shell dmesg | grep avc ; adb logcat -d | grep avc
Change-Id: I353139e97728486f2a8b6c5f593cddf51adb7804
 2024-02-27 16:19:22 +08:00
Mark Chang
d3fe6924aa Add device specific entry back. 
Bug: 325422902
Test: Manual, system booted without sepolicy denied error.
Change-Id: Ife1ceda42146f2021cf15015a25a8bf6f0a754b0
Signed-off-by: Mark Chang <changmark@google.com>
 2024-02-19 05:57:21 +00:00
Wayne Lin
13470b8cec gps: refine iGNSS build system - sepolicy 
Bug: 318310869
Bug: 315915958
Test: build pass and GPS function works
Change-Id: Ie98482de964c8478f94886cd1494c6362e2c86d9
 2024-01-28 23:37:03 +08:00
Darren Hsu
9b03fffd65 sepolicy: label required display paths for hal_power_stats 
Bug: 321871758
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ic7f4271730b851194eaf42d3752c834ae85831bc
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-01-25 17:22:47 +08:00
Kai Chang
20aa003baa Merge "fingerprint: Allow fps to access wakeup node" into main 2024-01-12 09:25:50 +00:00
eddielan
6b25e7527c fingerprint: Allow fps to access wakeup node 
01-12 08:01:43.652  1852  1852 W android.hardwar: type=1400 audit(0.0:38):
avc:  denied  { write } for  name="wakeup_enable" dev="sysfs" ino=97986
scontext=u:r:hal_fingerprint_capacitance:s0
tcontext=u:object_r:sysfs_wakeup:s0 tclass=file permissive=0

Bug: 319578405
Test: Build pass & check on device
Change-Id: I31380020ac5fe61bb976954d03a9449bbe6c287d
 2024-01-12 08:20:52 +00:00
Wilson Sung
52692f5cc7 Label and sort wakeup nodes 
Bug: 318032188
Test: make sepolicy
Change-Id: I5477cee657942e1b2eb87f250adba4048c5b7696
 2024-01-08 17:06:23 +08:00
Wilson Sung
76a6fad054 Move fingerprint to each device sepolicy folder 
Bug: 312322769
Test: make sepolicy
Change-Id: I5f0032655f97e01cd18fdabb9d909e9e2295744d
 2023-12-19 03:51:26 +00:00
sashwinbalaji
05f2f5195b sepolicy: thermal: add init_thermal policies 
Bug: 315096213
Test: Build and verify for avc errors
Change-Id: Idf032c9ce1544253cebd82fda24bcd4582c95111
 2023-12-18 19:28:13 +08:00
Vincent Wang
6366ddba28 Add SEPoilcy for comet to access FingerprintHal from Settings 
Bug: 315927727
Test: Check SettingsGoogle could access FPHal via FingerprintExt
Change-Id: I462cb3847e424c1ccb7e8f06c2449b25308db96b
 2023-12-13 09:55:31 +00:00
Kamal Shafi
b66a9c1e64 sepolicy: migrate zumapro devices sepolicy 
- Move device specific sepolicy

Bug: 312869113
Test: build
Change-Id: I6f9228ba62d18cbcb6b8618b3ff7078b50daabbe
 2023-11-27 06:24:33 +00:00
Treehugger Robot
bb0a18f99c Merge "comet-sepolicy: Enable Lbe atc on secondary display" into main 2023-11-20 06:05:05 +00:00
Joe Huang
ca8e1ec77b Merge "Add sepolicy rules for gnss" into main 2023-11-03 02:39:12 +00:00
Joe Huang
d510a3608b Add sepolicy rules for gnss 
Bug: 303789385
Test: GPS test on normal & factory builds
Change-Id: I140d2ec76f11b68b2e0abac2cc9278a82048814d
 2023-11-02 17:41:32 +08:00
Jack Wu
018f7619cc Add sepolicy for dual_batt_gauge power supply 
10-30 04:38:39.556   814   814 I auditd  : type=1400 audit(0.0:13): avc:  denied  { getattr } for  comm="android.hardwar" path="/sys/devices/platform/google,dual_batt_gauge/power_supply/dualbatt/type" dev="sysfs" ino=77177 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
10-30 04:38:39.556   814   814 I auditd  : type=1400 audit(0.0:11): avc:  denied  { read } for  comm="android.hardwar" name="type" dev="sysfs" ino=77177 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
10-30 04:38:39.556   814   814 I auditd  : type=1400 audit(0.0:12): avc:  denied  { open } for  comm="android.hardwar" path="/sys/devices/platform/google,dual_batt_gauge/power_supply/dualbatt/type" dev="sysfs" ino=77177 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 308380763
Test: reboot device and check the avc
Change-Id: Ie39f9df23c4041ac442599d85279b69638a514d2
Signed-off-by: Jack Wu <wjack@google.com>
 2023-10-31 11:37:25 +08:00
Wilson Sung
57ed6e5523 Merge "Initial SEpolicy tracking_denials" into main 2023-10-26 05:36:20 +00:00
Wilson Sung
85bf9466c7 Initial SEpolicy tracking_denials 
Bug: 296187211
Change-Id: I277c8383945413e50c7335afac018dc579655e67
 2023-10-25 08:12:26 +00:00