Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2535 commits 1 branch 0 tags 325 MiB
Commit graph

4 commits

Author SHA1 Message Date
Priyanka Advani (xWF)
d43a6e1c5a Revert^2 "Allow devices that use HIDL to find AIDL radio_ext_service" 
This reverts commit 1685969e60.

Reason for revert: Droidmonitor created revert due to b/367330939.

Change-Id: Idd70cf3d846fad1a25060ebfb6ae6a99599fd861
 2024-09-16 16:58:16 +00:00
Charlie Yang
1685969e60 Revert "Allow devices that use HIDL to find AIDL radio_ext_service" 
Revert submission 29238469-gril-selinux

Reason for revert: b/367183524 - build break

Reverted changes: /q/submissionid:29238469-gril-selinux

Change-Id: Ica10c6ee500389223256e328d182c9495a826b06
 2024-09-16 07:41:26 +00:00
cey
1331d97c92 Allow devices that use HIDL to find AIDL radio_ext_service 
Move the type to a common sepolicy so it can be shared.

avc:  denied  { find } for pid=6493 uid=10256 name=vendor.google.radio_ext.IRadioExt/default scontext=u:r:grilservice_app:s0:c0,c257,c512,c768 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0

NO_AVC_EVIDENCE_CHECK=default_android_service not supported

Bug: 365099058
Test: manual
Flag: EXEMPT mk file
Change-Id: I9c2471792c2a423e19f1472bd7923a5284f9127e
 2024-09-12 16:17:33 +08:00
Neo Yu
0ca7adab01 Separate GRIL sepolicy for AIDL and HIDL by folders 
Related avc error:

aidl part:
avc:  denied  { find } for pid=2019 uid=10269 name=vendor.google.radio_ext.IRadioExt/default scontext=u:r:grilservice_app:s0:c13,c257,c512,c768 tcontext=u:object_r:hal_aidl_radio_ext_service:s0 tclass=service_manager permissive=1

avc:  denied  { read write } for  comm="vendor.google.r" name="umts_boot0" dev="tmpfs" ino=1352 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:radio_device:s0 tclass=chr_file permissive=1

avc:  denied  { search } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1

avc:  denied  { read write } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

avc:  denied  { read write } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=1

avc:  denied  { create } for  name="radio" dev="dm-53" ino=379 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1

avc:  denied  { create } for  name="radio" dev="dm-53" ino=379 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1

avc:  denied  { find } for interface=hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance sid=u:r:hal_aidl_radio_ext:s0 pid=792 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:hal_bluetooth_coexistence_hwservice:s0 tclass=hwservice_manager permissive=1

avc:  denied  { find } for interface=hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance sid=u:r:hal_aidl_radio_ext:s0 pid=792 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:hal_bluetooth_coexistence_service:s0 tclass=service_manager permissive=1


hidl part:
avc:  denied  { read write } for  comm="vendor.google.r" name="umts_boot0" dev="tmpfs" ino=1352 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:radio_device:s0 tclass=chr_file permissive=1

avc:  denied  { create } for  name="radio" dev="dm-53" ino=379 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1

avc:  denied  { create } for  name="radio" dev="dm-53" ino=379 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1

avc:  denied  { search } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1

avc:  denied  { read write } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

avc:  denied  { read write } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=1

avc:  denied  { find } for interface=hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance sid=u:r:hal_radioext_default:s0 pid=792 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:hal_bluetooth_coexistence_hwservice:s0 tclass=hwservice_manager permissive=1

avc:  denied  { find } for interface=hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance sid=u:r:hal_radioext_default:s0 pid=792 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:hal_bluetooth_coexistence_service:s0 tclass=service_manager permissive=1

Bug: 363665676
Test: verify with test roms
Flag: EXEMPT sepolicy refactor
Change-Id: I0fb75f7f9c7339864ee303c0f1de3b218ceb81ed
 2024-09-04 16:54:15 +00:00