device_google_felix

Author	SHA1	Message	Date
Ken Yang	b6e7c3d0c7	WLC: Cleanup the sysfs_wlc policies Bug: 263830018 Change-Id: I534eda445241e3a907b11004cafb737f6ec63586 Signed-off-by: Ken Yang <yangken@google.com>	2023-01-06 19:24:38 +00:00
Wasb Liu	d6606b7439	sepolicy: add necessary sepolicy for dual battery am: `49cdfcb3c7` am: `6c46e922ab` Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20803963 Change-Id: I99ec363f789026842ff58ba39801f479ac41cf18 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-12-27 08:53:31 +00:00
Wasb Liu	49cdfcb3c7	sepolicy: add necessary sepolicy for dual battery 12-22 16:24:51.964 1000 865 865 I auditd : type=1400 audit(0.0:10): avc: denied { read } for comm="android.hardwar" name="logbuffer_maxfg_secondary" dev="tmpfs" ino=799 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 12-22 16:24:51.968 1000 865 865 I auditd : type=1400 audit(0.0:11): avc: denied { read } for comm="android.hardwar" name="logbuffer_maxfg_secondary_monitor" dev="tmpfs" ino=630 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 12-22 16:24:51.968 1000 865 865 I auditd : type=1400 audit(0.0:12): avc: denied { read } for comm="android.hardwar" name="logbuffer_dual_batt" dev="tmpfs" ino=1040 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 12-22 16:23:17.056 1000 522 522 I auditd : type=1400 audit(0.0:4): avc: denied { read } for comm="binder:522_1" name="wakeup65" dev="sysfs" ino=79686 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0 Bug: 263496320 Test: no dual batt related denied Change-Id: I021cd15d771524828a942fe1e4c63e3a24418ae8 Signed-off-by: Wasb Liu <wasbliu@google.com>	2022-12-23 09:21:05 +00:00
Mason Wang	3c82f575b9	Allow dumpstate to access touch vendor nodes[DO NOT MERGE] Fix following avc denial log: avc: denied { read } for name="driver_test" dev="proc" ino=4026535583 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { write } for name="driver_test" dev="proc" ino=4026535583 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { open } for path="/proc/fts/driver_test" dev="proc" ino=4026535583 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/appid" dev="sysfs" ino=110523 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/stm_fts_cmd" dev="sysfs" ino=110529 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { open } for path="/proc/fts_ext/driver_test" dev="proc" ino=4026535585 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { write } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { read } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { read } for name="appid" dev="sysfs" ino=108992 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/240632721 Bug: 226475119 Bug: 254164096 Test: There are no above avc denial logs. Change-Id: I0a136a7e259640e3e13ea66c945251cf26878b33	2022-11-24 15:35:16 +08:00
Nicole Lee	d6fe8df131	Revert "Allow dumpstate to access touch vendor nodes" This reverts commit `b1d4e8ab2f`. Reason for revert: DroidMonitor: Potential culprit for Bug 260019672 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted. Change-Id: I8c3bf9982eb9c163e73e75624fd3265ddaa1de95	2022-11-22 06:02:47 +00:00
Mason Wang	b1d4e8ab2f	Allow dumpstate to access touch vendor nodes Fix following avc denial log: avc: denied { write } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { read } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721 avc: denied { read } for name="driver_test" dev="proc" ino=4026535565 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0 bug=b/240632721 avc: denied { read } for name="appid" dev="sysfs" ino=108992 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/240632721 Bug: 226475119 Bug: 254164096 Test: There are no above avc denial logs. Change-Id: Ie01104ebfb94154584d9d466cb295095eb634f48	2022-10-28 12:44:25 +08:00
Darren Hsu	99f9cd6a45	sepolicy: add sysfs_wakeup labels for System Suspend Bug: 253980198 Test: run vts -m SuspendSepolicyTests Change-Id: Ie58c35b37ad0a904d0292d2be9092f82b02d514b Signed-off-by: Darren Hsu <darrenhsu@google.com>	2022-10-18 11:39:51 +08:00
Wasb Liu	2dcb7cc94f	Add sepolicy for dual_batt_gauge power supply 08-23 02:45:54.456 860 860 I auditd : type=1400 audit(0.0:4): avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs" ino=100372 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 Bug: 243491187 Test: reboot device and check the avc Signed-off-by: Wasb Liu <wasbliu@google.com> Change-Id: I7600c816e743fc91afaf66db00ba332229b21e28	2022-08-24 05:01:15 +00:00
Ted Lin	fd1cdb48b7	Sepolicy: fix the avc 07-29 08:18:53.464 876 876 I auditd : type=1400 audit(0.0:4): avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs" ino=78463 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 Bug: 240632860 Test: reboot device and check the avc Signed-off-by: Ted Lin <tedlin@google.com> Change-Id: Ibb1f93c2003e9229c1fd2b3bd14ee022fa6539cc	2022-08-03 09:18:35 +00:00
luofrank	f6c212c921	Add rules to allow Sensor HAL write access to als_table Sensor HAL needs write access to /sys/class/backlight/panel1-backlight/als_table. Bug: 238847421 Test: Refer to b/238847421#comment5. Change-Id: I21845b7772b3806f8796dab7e23b91fe3ae6c881	2022-07-25 09:50:17 +08:00
Chase Wu	eb0d700258	add sepolicy for both vibrator path Change the both driver path's sysfs to sysfs_vibrator Bug: 181615889 Test: adb shell ls -lZ /sys/bus/i2c/devices/i2c-cs40l26a/default/ Test: adb shell ls -lZ /sys/bus/i2c/devices/i2c-cs40l26a-dual/default/ Signed-off-by: Chase Wu <chasewu@google.com> Change-Id: I839d4b9406d140a326730873cb8cb86d13188fe2	2022-07-21 16:20:10 +08:00
linpeter	bc7b3c639c	Add file context for decon1 and dsim1 Bug: 232886745 test: check sysfs context Change-Id: Icb85a54fd4d5b949fde698ca7afeb97a0bd43408	2022-06-09 15:47:41 +08:00
Wasb Liu	1b1d98425f	Add sepolicy for P9222 WLC power_supply avc: denied { getattr } for comm="android.hardwar" path="/sys/devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/power_supply/wireless/capacity" dev="sysfs" ino=72303 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 Bug: 229820966 Test: build ok, wireless power_supply can be detected by healthd Signed-off-by: Wasb Liu <wasbliu@google.com> Change-Id: I3078a11d6398be626d2c419ebee7d9e33babe441	2022-04-29 16:40:45 +08:00

13 commits