Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2895 commits 1 branch 0 tags 325 MiB
Commit graph

60 commits

Author SHA1 Message Date
Michael Bestas
22322941ea
gs-common: Remove userdebug/eng configuration 
Change-Id: Ie1e8b6bbebdfac97f8bc382e41c70cc8a32caf07
 2025-06-23 19:29:31 +03:00
Michael Bestas
dc28234ecd
gs-common: Update init scripts from BP2A 
Change-Id: Ibb8d3715ec6cb9ebb5d89e116374d468dfcad826
 2025-06-23 19:29:30 +03:00
Michael Bestas
50929e081f aml_tz6_351400020 (13155446,com.google.android.go.tzdata6,com.google.android.tzdata6) 
-----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ9i73wAKCRDorT+BmrEO
 eCi5AKCHAzJVFdsm++eJGXcPb6LbaKIGTQCcDiWODLyLOWCK64nt7tfCwTgUFCE=
 =3OQU
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN SSH SIGNATURE-----
 U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgPpdpjxPACTIhnlvYz0GM4BR7FJ
 +rYv3jMbfxNKD3JvcAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
 AAAAQGzx1CwS4pcfih6dNJzdvsHLng+4M9qD8N/OatGRRJF0ck6x3Qwifdp45ItOlU7d0T
 52HZvmRrb/FCpQQR9Z/QE=
 -----END SSH SIGNATURE-----

Merge tag 'aml_tz6_351400020' into staging/lineage-23.0_merge-aml_tz6_351400020

aml_tz6_351400020 (13155446,com.google.android.go.tzdata6,com.google.android.tzdata6)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ9i73wAKCRDorT+BmrEO
# eCi5AKCHAzJVFdsm++eJGXcPb6LbaKIGTQCcDiWODLyLOWCK64nt7tfCwTgUFCE=
# =3OQU
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Mar 18 02:18:39 2025 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [ultimate]

# By Jaegeuk Kim (6) and others
# Via Android (Google) Code Review (55) and others
* tag 'aml_tz6_351400020': (74 commits)
  Fix comment
  Adjust the version set in manifest xml and matrix xml
  Add astd sepolicy to gs-common for P26 factory builds
  Allow tachyon service to make binder calls to gca
  display: add drm_atomic_state to debug-build bugreport
  init.pixel-perf.rc: Setup default rampup multiplier and util_est
  Allow write for restorecon
  Dump F2FS disk_map and UFS phy version
  Fix UFS err_stats
  Fix selinux permission denials
  move common init perf settings to gs_common
  Revert "Set up access control rule for aocxd"
  16KB: Move CopyEfsTest to device/google/gs-common
  Revert^2 "Add Bluetooth extension HAL - CCO"
  gs-common: wlc: add tx update permission for hal_googlebattery
  Revert "Add Bluetooth extension HAL - CCO"
  storage: fix userdata_exp.ai partition selinux error
  Revert "move common init perf settings to gs_common"
  insmod-sh: Allow writing to kmsg
  RamdumpService: Fix the SELinux errors from introducing Firebase Analytics.
  ...

 Conflicts:
	display/dump_pixel_display.mk

Change-Id: Iaa05ef7e62a7b8320f320ad4db482998863fe136
 2025-06-23 05:14:52 +03:00
Michael Bestas
afe59287ff Android 15.0.0 Release 21 (BP1A.250305.020) 
-----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ8fKCAAKCRDorT+BmrEO
 eMs3AJ95J96e0Kv/3dVWOrkTI5HXZjn+7QCfT8gs70sr9lbjAIKOoMKAueJM8y0=
 =K75U
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN SSH SIGNATURE-----
 U1NIU0lHAAAAAQAAADMAAAALc3NoLWVkMjU1MTkAAAAgPpdpjxPACTIhnlvYz0GM4BR7FJ
 +rYv3jMbfxNKD3JvcAAAADZ2l0AAAAAAAAAAZzaGE1MTIAAABTAAAAC3NzaC1lZDI1NTE5
 AAAAQIRhGQGF/72GaYamROts4zqtuErZfylD49Os+O2IaHyRthj2oyNc/vzf6y6vE1EYic
 QnXbtRPS7ocAjwTM2oGgY=
 -----END SSH SIGNATURE-----

Merge tag 'android-15.0.0_r21' into staging/lineage-22.2_merge-android-15.0.0_r21

Android 15.0.0 Release 21 (BP1A.250305.020)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ8fKCAAKCRDorT+BmrEO
# eMs3AJ95J96e0Kv/3dVWOrkTI5HXZjn+7QCfT8gs70sr9lbjAIKOoMKAueJM8y0=
# =K75U
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed Mar  5 05:50:32 2025 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [ultimate]

# By timmyli (6) and others
# Via Android (Google) Code Review (65) and others
* tag 'android-15.0.0_r21': (87 commits)
  Revert "Add amm experiment."
  Reduce the trace instance irq_gia_google's buffer size
  Remove code that just re-enables IRQ and GIA events
  Add amm experiment.
  storage: add missing bug_map
  Add apf experiment.
  modem_svc: add modem_svc_sit to solve sepolicy conflicts arising from different device versions
  modem_svc: move shared_modem_platform related sepolicy to gs-common
  Add Intelligence rc
  Always include camera calibration tools in debug builds.
  Add kswapd experiment.
  Add Proc Vendor Sched Sepolicy Fix
  Add recovery support for perf experiments.
  Revert "Allow tachyon service to make binder calls to GCA"
  Allow tachyon service to make binder calls to GCA
  Add libg3a logging initrc files.
  Rename aocx.IAoc to aocx.IAoc/default to support stable AIDL
  dump_chip_info: dump more tables from chip-info driver
  Introduce interrupts module for debug and trace
  Revert^2 "gs-common: Move cpufreq perf settings to gs-common"
  ...

 Conflicts:
	aoc/aoc.mk
	camera/lyric.mk

Change-Id: Ifd45cd3aa7799789ded7db2b0f24207c39367067
 2025-03-09 10:58:51 +02:00
Jaegeuk Kim
9409c3382e Fix comment 
Bug: 378120929
Flag: build.RELEASE_PIXEL_VENDOR_INTELLIGENCE_AID
Change-Id: I20b1fb2eb21d0db63c69d9eb30e89b0a824540f8
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2025-02-05 20:13:18 -08:00
Jaegeuk Kim
b1072785ba Allow write for restorecon 
[ 8345.125689] type=1400 audit(1737841652.160:245): avc:  denied  { write } for  comm="kworker/u16:2" path="/dev/block/sda34" dev="tmpfs" ino=1060 scontext=u:r:kernel:s0 tcontext=u:object_r:userdata_exp_block_device:s0 tclass=blk_file permissive=0

Bug: 361093433
Flag: EXEMPT bugfix
Change-Id: Ia03cddd6eebe9b8875bdbd1a8eb3a67f51269032
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2025-01-25 16:27:47 -08:00
Jaegeuk Kim
7bd70d06d7 Dump F2FS disk_map and UFS phy version 
[   91.358748] type=1400 audit(1737771651.492:274): avc:  denied  { search } for  comm="dump_storage" name="f2fs" dev="proc" ino=4026532053 scontext=u:r:dump_storage:s0 tcontext=u:object_r:proc_f2fs:s0 tclass=dir permissive=0
[   49.564560] type=1400 audit(1737778106.496:153): avc:  denied  { read } for  comm="dump_storage" name="f2fs" dev="proc" ino=4026532053 scontext=u:r:dump_storage:s0 tcontext=u:object_r:proc_f2fs:s0 tclass=dir permissive=0
[   91.358930] type=1400 audit(1737771651.492:275): avc:  denied  { read } for  comm="dump_storage" name="phy_version" dev="sysfs" ino=109125 scontext=u:r:dump_storage:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[   91.359249] type=1400 audit(1737771651.492:276): avc:  denied  { read } for  comm="dump_storage" name="phy_release_date" dev="sysfs" ino=109126 scontext=u:r:dump_storage:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 392193452
Flag: EXEMPT bugfix
Change-Id: I8e174e378064a94681f74a88ee13b4461527076a
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2025-01-24 20:28:24 -08:00
Jaegeuk Kim
6151bff500 Fix UFS err_stats 
Bug: 392193452
Change-Id: I159f5bcfb8de1b33f46ba860b4436d1dfc6907f2
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2025-01-24 20:21:06 -08:00
Jaegeuk Kim
f329ce7a91 Fix selinux permission denials 
[    9.280675] type=1400 audit(1737659534.344:11): avc:  denied  { mounton } for  comm="init" path="/data/vendor/intelligence" dev="dm-59" ino=490 scontext=u:r:init:s0 tcontext=u:object_r:intelligence_data_file:s0 tclass=dir permissive=0

Bug: 391452461
Flag: EXEMPT bugfix
Change-Id: I355c61bd2c5bb5af6d463cf84a3fc80093b16550
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2025-01-23 17:15:16 -08:00
Randall Huang
6cda4c1c19 storage: fix userdata_exp.ai partition selinux error 
avc:  denied  { write } for  comm="init" name="sda34" dev="tmpfs" ino=1296 scontext=u:r:init:s0 tcontext=u:object_r:userdata_exp_block_device:s0 tclass=blk_file permissive=1

Bug: 361093433
Test: boot without issue
Change-Id: I0c74eb19172f39c44fc2ca61ba0bb8e38c808556
Signed-off-by: Randall Huang <huangrandall@google.com>
 2025-01-21 08:58:19 +08:00
Jaegeuk Kim
787e3b81dd Mount rw to get restorecon_recursive working 
Bug: 378120929
Test: Boot and check selabel in /data/vendor/intelligence
Flag: EXEMPT bugfix
Change-Id: I0d3d391629248f7014c28b5f74bb95b50626c99d
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2025-01-07 16:42:24 -08:00
Michael Bestas
4460098bc5 Android 15.0.0 Release 6 (AP4A.241205.013) 
-----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ1IssQAKCRDorT+BmrEO
 eIS/AJ9ojetnDXDlslBpaDU7nNPVrNv+WgCeMKWKeHmJn6acS37FiZBS9+jvpec=
 =JvPS
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCgA1FiEEHrBYPudH862glXQBzJUERRm+ZmkFAmdY7O4XHG1rYmVzdGFz
 QGxpbmVhZ2Vvcy5vcmcACgkQzJUERRm+ZmnGCw//XCwIcPsFqQSwygK76wo5ZsCO
 Mex6U5SdmtBecQ2VmIZKofe4/HIog9Wne3GFE6Xjj1bZHxtp/W4uURp6BQ8LuqA5
 zqhkzc/Ijz6W+8wJ7n4k+V+N33N9ZYrbxQdqmBbMzLO0kOv86vC0HbKHLLgvT5d4
 yYTe3TmGUMXTysky8+Y5YJoIHXqy847ohsOg7yzo9wtEzNZpDXLjDCfp4H8Gei8c
 RIw/g+P2WwXGEntlXMtt6lajLF5m2GOtGLL5S+IrtoskpISC6jOmnD+WDwG8VJRW
 dts4yqRtB47uz53sLE618zOXE/Tz3Akppq73bJ9I5dk3qHCx7NBVy5HLFE8O6rJL
 KVjMj88sMShd4wMbHEy+Sh0jVlcKXuxFJeU0MZ0bqoM5/MDDZXQvJDOOQK7noQHS
 RGnsXFwgZnLZEW375FJv4T8S19logSJqAYEkjSdrzU3oIUZqNgFHqQcGDLC8ukOc
 79PbK53RvmzyEedYonH7Zn/ImGwmJxlyVey5jFX+O1S9RsVD4AyrgT1dn3s0KniK
 1UiPi7sHBsL2yE4rp63UEysFZU9uj2gy3xf4PxBi97LV7mLUfE2YqsDwOrII82Ao
 xjyEKTxSMADdwHHI15yf52eNRCf3eBakL54TbZZJ184FZYeTGvOpvc5yCuiITqm9
 RauADk94HVdaaMJXyk4=
 =l74W
 -----END PGP SIGNATURE-----

Merge tag 'android-15.0.0_r6' into staging/lineage-22.0_merge-android-15.0.0_r6

Android 15.0.0 Release 6 (AP4A.241205.013)

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZ1IssQAKCRDorT+BmrEO
# eIS/AJ9ojetnDXDlslBpaDU7nNPVrNv+WgCeMKWKeHmJn6acS37FiZBS9+jvpec=
# =JvPS
# -----END PGP SIGNATURE-----
# gpg: Signature made Fri Dec  6 00:44:01 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2483 signatures in the past
#      3 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By Randall Huang (12) and others
# Via Android (Google) Code Review (58) and others
* tag 'android-15.0.0_r6': (91 commits)
  gsc: Change the criteria for building GSC targets
  sepolicy: remove irregular policy
  Revert^2 "Allow devices that use HIDL to find AIDL radio_ext_service"
  Revert "Allow devices that use HIDL to find AIDL radio_ext_service"
  gs-common: add rules for euiccpixel_app
  audio: allow set_prop for vendor_audio_prop_restricted
  Allow devices that use HIDL to find AIDL radio_ext_service
  Add sepolicy for NNAPI HAL to access hal_graphics_allocator_service, This is required for AHardwareBuffer allocation.
  storage: fix ota selinux error
  Storage: add sepolicy for recovery mode
  Add sepolicy for gcam app
  check_current_prebuilt: Symlink current prebuilt folder to android root
  shamp: Update shared_modem_platform HAL version to 3
  dumpstate: gsa: Add GSA logs to dumpstate
  storage: fix vendor_init avc denied
  storage: fix vold avc denied
  storage: fix adb bugreport and refactor the existing rules
  storage: fix PowerStats avc denied
  storage: move sepolicy to common folder
  shamp: Update shared_modem_platform HAL version to 2
  ...

 Conflicts:
	camera/lyric.mk
	storage/init.storage.rc

Change-Id: I5ed6cff3b54261c949ec6ba60b32820b264b4ec2
 2024-12-11 03:37:46 +02:00
Jaegeuk Kim
9e1cdbc471 storage: add missing bug_map 
The warning is WAI, so make a correct report.

[   11.777638] [  T374] type=1400 audit(1733512828.220:561): avc:  denied  { open } for  comm="getprop" path="/dev/__properties__/u:object_r:vendor_intelligence_prop:s0" dev="tmpfs" ino=436 scontext=u:r:shell:s0 tcontext=u:object_r:vendor_intelligence_prop:s0 tclass=file permissive=1

w/

[   10.560345] [  T376] type=1400 audit(1733515761.004:342): avc:  denied  { open } for  comm="getprop" path="/dev/__properties__/u:object_r:vendor_intelligence_prop:s0" dev="tmpfs" ino=436 scontext=u:r:shell:s0 tcontext=u:object_r:vendor_intelligence_prop:s0 tclass=file permissive=1 bug=b/378120929

Bug: 378120929
Flag: EXEMPT bugfix
Change-Id: Ia158d71c43e6006ee86a227b5a083bc27230ef71
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2024-12-06 12:16:14 -08:00
Jaegeuk Kim
3bcf1e5891 Add Intelligence rc 
By persist.vendor.intelligence,

 # on  -> mount(ok)    -> on
 # off -> write_zeroes -> remove -> rm(ok) -> disable
 # on  -> mount(fail)  -> remove -> rm(ok) -> disable

For SEpolicy,

type=1400 audit(1731445557.444:32): avc:  denied  { read } for  comm="kworker/u16:3" path="/dev/block/sda33" dev="tmpfs" ino=1050 scontext=u:r:kernel:s0 tcontext=u:object_r:userdata_exp_block_device:s0 tclass=blk_file permissive=1

type=1400 audit(1731445557.476:33): avc:  denied  { execute_no_trans } for  comm="storage_intelli" path="/vendor/bin/toolbox" dev="dm-11" ino=368 scontext=u:r:storage_intelligence:s0 tcontext=u:object_r:vendor_toolbox_exec:s0 tclass=file permissive=1

type=1400 audit(1731448933.292:16): avc:  denied  { search } for  comm="dd" name="block" dev="tmpfs" ino=12 scontext=u:r:storage_intelligence:s0 tcontext=u:object_r:block_device:s0 tclass=dir permissive=1

type=1400 audit(1731461590.844:16): avc:  denied  { write } for  comm="dd" name="sda33" dev="tmpfs" ino=1052 scontext=u:r:storage_intelligence:s0 tcontext=u:object_r:userdata_exp_block_device:s0 tclass=blk_file permissive=1
type=1400 audit(1731461590.844:17): avc:  denied  { open } for  comm="dd" path="/dev/block/sda33" dev="tmpfs" ino=1052 scontext=u:r:storage_intelligence:s0 tcontext=u:object_r:userdata_exp_block_device:s0 tclass=blk_file permissive=1

Bug: 378120929
Flag: build.RELEASE_PIXEL_VENDOR_INTELLIGENCE_AID
Change-Id: If9d2f067e29b6c574d3b827ea509fec92c6d8028
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2024-12-05 19:31:26 -08:00
Daniel Lee
350e262415 storage: turn off writebooster flags upon init 
Enabling writebooster capability for Pixel UFS (pa/2994670)
enabled the following flags in Android Common Kernel:

  - wb_flush_en
  - wb_flush_during_h8
  - wb_enable

This patch disables these writebooster-related flags to restore the
intended behavior for Pixel devices. This overrides the default Android
Common Kernel behavior.

While 'wb_flush_en' and 'wb_enable' have corresponding sysfs entries
('enable_wb_buf_flush' and 'wb_on') for toggling,
'wb_flush_during_h8' currently lacks this functionality in the Android
Common Kernel. Pixel provides the 'manual_gc' sysfs entry as a
workaround. Setting 'manual_gc' to 0 disables 'wb_flush_during_h8'.

Bug: 377958570
Flag: EXEMPT bugfix
Test: check if all writebooster-realated flags are false upon init
Change-Id: I918bf6939de3e208b715f554a96ccbd053f68a18
Signed-off-by: Daniel Lee <chullee@google.com>
 2024-11-19 17:22:10 +00:00
Ocean Chen
594e90f573 Merge "Revert "storage: Defer blkio class configuration"" into main 2024-11-12 02:21:33 +00:00
Ocean Chen
3330640782 Revert "storage: Defer blkio class configuration" 
This patch change the I/O schedulor back to mq-deadline before boot completed.

Bug:374905027
Test: forrest run

This reverts commit 0af034bf9f.

Change-Id: Ie49fb8a62d6fdb8da112e83d5a8e3551b0072379
 2024-11-12 02:21:23 +00:00
Randall Huang
c3a0ad4d1c storage: adjust ufs error history design 
Bug: 359746077
Test: adb bugreport
Change-Id: I32d1cab81351285e1f9ea770169c8be2246f3df7
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-10-22 05:15:58 +00:00
Randall Huang
570dfe1ed4 storage: support new UFS error history algorithm 
Bug: 359746077
Test: adb bugreport
Change-Id: I52a7ae0f1f9b60349437c0b3b5de630dd41b5627
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-10-17 12:57:00 +08:00
Ocean Chen
0af034bf9f storage: Defer blkio class configuration 
Move blkio class configuration from on init to on property:sys.boot_completed=1.
This improves I/O balance between foreground and background processes during boot,
as many background processes compete for I/O resources at that time.
Deferring the configuration ensures a smoother user experience
by prioritizing foreground processes.

Bug: 364960533
Test: forrest build and test on felix
Change-Id: If15343d4d96d55032618a4611bf9fdf47105c974
 2024-10-07 14:48:56 +08:00
Michael Bestas
d26fdcfef2
Disable userdebug diagnostics 
Change-Id: Icbdc3a61ab7b27f2aa0a6a07181b96edd9ee191a
 2024-09-24 23:51:36 +03:00
Randall Huang
69c69b2609 storage: fix ota selinux error 
avc:  denied  { read write } for  pid=281 comm="update_engine_s" name="boot_lun_enabled" dev="sysfs" ino=99875 scontext=u:r:recovery:s0 tcontext=u:object_r:sysfs_ota:s0 tclass=file permissive=1
avc:  denied  { open } for  pid=281 comm="update_engine_s" path="/sys/devices/platform/3c400000.ufs/pixel/boot_lun_enabled" dev="sysfs" ino=99875 scontext=u:r:recovery:s0 tcontext=u:object_r:sysfs_ota:s0 tclass=file permissive=1

Bug: 361093433
Test: OTA sideload
Change-Id: I7c92346d7ab08597d612e798d2252768eed124a2
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-09 12:48:43 +08:00
Randall Huang
9b9bee2c1a Storage: add sepolicy for recovery mode 
avc:  denied  { search } for  pid=286 comm="fsck.f2fs" name="0:0:0:0" dev="sysfs" ino=100643 scontext=u:r:recovery:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=1
avc:  denied  { getattr } for  pid=286 comm="fsck.f2fs" path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda10/partition" dev="sysfs" ino=102318 scontext=u:r:recovery:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  pid=286 comm="fsck.f2fs" name="zoned" dev="sysfs" ino=101014 scontext=u:r:recovery:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { open } for  pid=286 comm="fsck.f2fs" path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=101014 scontext=u:r:recovery:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  pid=340 comm="fsck.f2fs" name="sda1" dev="tmpfs" ino=1060 scontext=u:r:fsck:s0 tcontext=u:object_r:persist_block_device:s0 tclass=blk_file permissive=0
avc:  denied  { read write } for  pid=340 comm="fsck.f2fs" name="sda1" dev="tmpfs" ino=1060 scontext=u:r:fsck:s0 tcontext=u:object_r:persist_block_device:s0 tclass=blk_file permissive=0

Bug: 361093433
Test: factory data reset
Change-Id: Idce44f75e8ef6f3e381fcdaa8c29831747ee0ecd
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-09 12:41:58 +08:00
Treehugger Robot
c1cdcbaeed Merge "storage: fix vold avc denied" into main 2024-09-05 09:42:34 +00:00
Randall Huang
0440e82770 storage: fix vendor_init avc denied 
avc:  denied  { write } for  comm="init" name="swappiness" dev="proc" ino=207356 scontext=u:r:vendor_init:s0 tcontext=u:object_r:proc_dirty:s0 tclass=file permissive=1

Bug: 361093041
Test: local build
Change-Id: I595008f957c322aedbdf383c4e50c0e0ce30b9dc
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-05 08:42:30 +00:00
Randall Huang
24568c64d1 storage: fix vold avc denied 
[   33.709752][  T363] type=1400 audit(1725519791.892:729): avc:  denied  { read } for  comm="binder:369_6" name="/" dev="sda5" ino=3 scontext=u:r:vold:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
[   33.710804][  T363] type=1400 audit(1725519791.892:730): avc:  denied  { open } for  comm="binder:369_6" path="/mnt/vendor/efs" dev="sda5" ino=3 scontext=u:r:vold:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
[   33.711734][  T363] type=1400 audit(1725519791.892:731): avc:  denied  { ioctl } for  comm="binder:369_6" path="/mnt/vendor/efs" dev="sda5" ino=3 ioctlcmd=0x5879 scontext=u:r:vold:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
[   33.712732][  T363] type=1400 audit(1725519791.892:732): avc:  denied  { read } for  comm="binder:369_6" name="/" dev="sda7" ino=3 scontext=u:r:vold:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1
[   33.713612][  T363] type=1400 audit(1725519791.892:733): avc:  denied  { open } for  comm="binder:369_6" path="/mnt/vendor/modem_userdata" dev="sda7" ino=3 scontext=u:r:vold:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1
[   33.714833][  T363] type=1400 audit(1725519791.892:734): avc:  denied  { ioctl } for  comm="binder:369_6" path="/mnt/vendor/modem_userdata" dev="sda7" ino=3 ioctlcmd=0x5879 scontext=u:r:vold:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1

Bug: 361093041
Test: local build
Change-Id: I629f0303940f3f07ce3717cd0a2c8f975378f24b
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-05 08:42:25 +00:00
Randall Huang
bce5748b4f storage: fix adb bugreport and refactor the existing rules 
avc: denied { getattr } for comm="df" path="/mnt/vendor/persist" dev="sda15" ino=2 scontext=u:r:dumpstate:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
avc: denied { call } for comm="binder:10121_3" scontext=u:r:dumpstate:s0 tcontext=u:r:vold:s0 tclass=binder permissive=1
avc: denied { getattr } for comm="df" path="/mnt/vendor/efs" dev="sda5" ino=3 scontext=u:r:dumpstate:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
avc: denied { getattr } for comm="df" path="/mnt/vendor/modem_userdata" dev="sda7" ino=3 scontext=u:r:dumpstate:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1

Bug: 361093041
Test: local build
Change-Id: I5c6be63beebf66d64db7e495c28493ab35621054
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-05 16:39:22 +08:00
Randall Huang
9d99d1d598 storage: fix PowerStats avc denied 
avc:  denied  { search } for  name="ufs_stats" dev="sysfs" ino=99872 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=1
avc:  denied  { open } for  comm="android.hardwar" path="/sys/devices/platform/3c400000.ufs/host0/target000/0000/block/sda/stat" dev="sysfs" ino=100761 scontext=urhal_health_default
avc:  denied  { getattr } for  comm="android.hardwar" path="/sys/devices/platform/3c400000.ufs/host0/target000/0000/block/sda/stat" dev="sysfs" ino=100761 scontext=urhal_health_default
avc:  denied  { search } for  comm="android.hardwar" name="0000" dev="sysfs" ino=100578 scontext=urhal_health_defaults0 tcontext=uobject_r
avc:  denied  { read } for  comm="android.hardwar" name="stat" dev="sysfs" ino=100761 scontext=urhal_health_defaults0 tcontext=uobject_rsysfs_scsi_devices_0000s0 tclass=file permissive=1
avc:  denied  { search } for  comm="android.hardwar" name="0000" dev="sysfs" ino=100578 scontext=urhal_health_defaults0 tcontext=uobject_r
avc:  denied  { read } for  comm="android.hardwar" name="stat" dev="sysfs" ino=100761 scontext=urhal_health_defaults0 tcontext=uobject_rsysfs_scsi_devices_0000s0 tclass=file permissive=1

Bug: 361093041
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I94dadb9b9fc015fd1ecc39f9d62bc7209375a13a
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-05 04:10:53 +00:00
Randall Huang
cacedb4ae8 storage: move sepolicy to common folder 
avc: denied { read } for comm="android.hardwar" name="specification_version" dev="sysfs" ino=56257 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 361093041
Test: local build
Change-Id: I90d29590908efc329a05bd8f5f3e145dac4982fc
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-05 10:48:44 +08:00
Randall Huang
6ec23c152f storage: move storage related device type to common folder 
Bug: 364225000
Test: forrest build
Change-Id: Ica102c5a1ec45560939ac32c3ec22e721659c3cf
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-04 10:43:47 +08:00
Randall Huang
0f4a0bb8a2 Storage: add selinux for ufs firmware upgrade event 
avc:  denied  { execute_no_trans } for  comm="ufs_firmware_up" path="/vendor/bin/toybox_vendor" dev="dm-11" ino=380 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:vendor_toolbox_exec:s0 tclass=file permissive=1
avc:  denied  { read } for  comm="cat" name="vendor" dev="sysfs" ino=63193 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { open } for  comm="cat" path="/sys/devices/platform/13200000.ufs/vendor" dev="sysfs" ino=63193 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { search } for  comm="dd" name="block" dev="tmpfs" ino=12 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:block_device:s0 tclass=dir permissive=1
avc:  denied  { write } for  comm="dd" name="sda12" dev="tmpfs" ino=1139 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:ufs_internal_block_device:s0 tclass=blk_file permissive=1

Bug: 361093041
Test: NA
Change-Id: I54445d4543a733baae85cd408b433033dd93ec6b
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-02 22:33:03 +00:00
Randall Huang
1ae1d53973 Merge "storage: fix idle-maint avc denials." into main 2024-08-29 02:51:57 +00:00
Randall Huang
df4a5f7b48 storage: allow mkfs/fsck for vendor partitons 
avc:  denied  { read } for  name="sda7" dev="tmpfs" ino=1173 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda7" dev="tmpfs" ino=1173 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { write } for  name="sda7" dev="tmpfs" ino=1173 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda7" dev="tmpfs" ino=1173 ioctlcmd=0x1268 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { read } for  name="sda5" dev="tmpfs" ino=1010 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda5" dev="tmpfs" ino=1010 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=100275 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
avc:  denied  { write } for  name="sda5" dev="tmpfs" ino=1010 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda5" dev="tmpfs" ino=1010 ioctlcmd=0x1268 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { search } for  name="0:0:0:0" dev="sysfs" ino=100048 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=1
avc:  denied  { getattr } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda5/partition" dev="sysfs" ino=101272 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  name="zoned" dev="sysfs" ino=100308 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { open } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=100308 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1

avc:  denied  { search } for  name="0:0:0:0" dev="sysfs" ino=100048 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=1
avc:  denied  { getattr } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda10/partition" dev="sysfs" ino=102003 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  name="zoned" dev="sysfs" ino=100308 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { open } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=100308 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  name="sda5" dev="tmpfs" ino=1004 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda5" dev="tmpfs" ino=1004 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { write } for  name="sda5" dev="tmpfs" ino=1004 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda5" dev="tmpfs" ino=1004 ioctlcmd=0x1268 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { read } for  name="sda7" dev="tmpfs" ino=1199 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda7" dev="tmpfs" ino=1199 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { write } for  name="sda7" dev="tmpfs" ino=1199 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda7" dev="tmpfs" ino=1199 ioctlcmd=0x1268 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1


Bug: 361093041
Test: build pass
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0cf7210eb1b5ba1d22fb8dcb59f40cb74b98dd37)
Change-Id: I0d89d360e75335784116a4e4769d0b60699917eb
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-08-29 01:10:11 +00:00
Randall Huang
d6ba7fad68 storage: fix idle-maint avc denials. 
avc: denied { getattr } for path="/dev/block/sda5" dev="tmpfs" ino=1039 scontext=u:r:vold:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc: denied { getattr } for path="/dev/block/sda7" dev="tmpfs" ino=1199 scontext=u:r:vold:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1

Bug: 361093041
Test: run idle-maint run
Change-Id: Ie92ffa8b576c74e3a1cb127b265059ec76c14667
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-08-29 00:00:09 +00:00
Randall Huang
e4506b0159 storage: extend cmd_logging sepolicy to new ufshc 
Bug: 361093041
Test: check ls -Zl
Change-Id: Ia461f47562932a7dad1c114f7b3e11e5fa0d312c
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-08-26 09:53:10 +08:00
Bart Van Assche
1b0ca637f9 Merge "Make foreground and background I/O priority different" into main am: 56b74041e3 am: a24099e61b 
Original change: https://android-review.googlesource.com/c/device/google/gs-common/+/3132360

Change-Id: Id6da9d867acf8fb616f75992757f7bda6083d2d4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-19 00:22:02 +00:00
Bart Van Assche
56b74041e3 Merge "Make foreground and background I/O priority different" into main 2024-06-18 23:46:59 +00:00
Bart Van Assche
fbf228931c Make foreground and background I/O priority different 
Assign a higher I/O priority to foreground I/O compared to background
I/O to improve responsiveness of the foreground app.

The command below shows that this CL has the intended effect on a device
with kernel 5.10:

    $ adb shell 'cd /dev/blkio && grep -aH . blkio.prio.class background/blkio.prio.class'
    blkio.prio.class:none-to-rt
    background/blkio.prio.class:restrict-to-be

From a device with an Android 6.1 kernel:

    $ grep -aH . blkio.prio.class background/blkio.prio.class'
    blkio.prio.class:promote-to-rt
    background/blkio.prio.class:restrict-to-be

Bug: 347109476
Change-Id: I6f1ea6a89a8dfaa223e8d2a82917b4de2d7bf1cf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2024-06-14 14:29:23 -07:00
Jaegeuk Kim
85ff832530 Merge "Change rq_affinity of the zoned storage logical unit from one into two" into main 2024-06-01 02:22:49 +00:00
Bart Van Assche
41836d64ce Change rq_affinity of the zoned storage logical unit from one into two 
Bug: 335708738
Flag: EXEMPT This change only affects ZUFS devices
Change-Id: I3bb655856f0c27a42f26c6dd1a8fc53e7f6e1a00
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2024-05-30 12:59:57 -07:00
Jaegeuk Kim
24ee023597 Allow userdata_exp partitions 
Bug: 336319772
Change-Id: I7f878f29d356df3992fb49b9df8f8a900a6f12b8
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2024-05-22 13:31:39 -07:00
Daniel Lee
1a0943166d Fixed a typo in init.storage.rc 
"sys" -> "dev"

Change-Id: Ie7103a668cab027fb339762a7f4761b776b431f9
Signed-off-by: Daniel Lee <chullee@google.com>
 2024-04-24 12:33:55 -07:00
Jaegeuk Kim
8ce08dfc7e storage: tune f2fs to get max performance 
max_io_bytes : block will split out, so let's submit asap.

min_hot_blocks : don't mess up the logs per the chunk size.

Change-Id: I0795fea90c3aaee0ef6058fce7f4a3c31fc3fb42
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2024-04-23 16:07:15 -07:00
Qais Yousef
bebef42dbd init.storage.rc: Set rq_affinity to 2 
When rq_affinity is 1, it will default to servicing the softirq on the
same CPU that has serviced the interrupt.

By setting it to 2, completions are processed by the CPU core that
submitted the I/O.

Bug: 311655524
Signed-off-by: Qais Yousef <qyousef@google.com>
Change-Id: I21421f97f069083793fe2e2fa51739dac12eca1d
 2023-12-21 19:04:11 +00:00
Jaegeuk Kim
911292ecca Storage: clean up init.rc for storage 
Bug: 311655524
Change-Id: Ic08d6cd42f90c2c6b697077d63fea6a2454f1cc1
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2023-12-20 11:22:41 -08:00
Randall Huang
b2f0956771 Move sg_device related policy 
Bug: 312582937
Test: make selinux_policy
Change-Id: Ic71e4eb53e22b24651e76e2d480d34affa01460b
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-11-22 14:35:02 +08:00
Randall Huang
c299df119e storage: dump UFS error history when capturing bugreport 
Bug: 264001741
Test: capture bugreport
Change-Id: Ie910377c6378240188ff09b2a686efb02b2ac972
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-10-23 06:59:04 +00:00
Randall Huang
cd8e622678 storage: turn off pixel storage debugging code on user builds 
The debugging code introduces too much performance overhead for random I/O operations.
Only enable the debugging feature on non-user builds.

Bug: 284231590
Test: boot device
Change-Id: Idf6852060dfd3a250d92147a3ee0f1fe9e6140d4
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-08-07 23:37:06 +00:00
Randall Huang
a5949cd099 Storage: refactor dump_storage 
Bug: 287884851
Test: run bugreport
Change-Id: I126f363b741616690b8e5e3b8fe522da7cd5c2ca
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-08-02 10:21:03 +08:00
Randall Huang
f55b2ffc2e storage: add fastbootd sepolicy 
We need to format the /metadata partition in fastbootd mode.
This CL aims to include the necessary SELinux rules.

Bug: 264489957
Test: rom flashing
Change-Id: Ib94dbcb580c0a16395b48b8eeef6e431a637d235
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-04-20 09:08:07 +00:00