Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2438 commits 1 branch 0 tags 325 MiB
Commit graph

20 commits

Author SHA1 Message Date
Randall Huang
cacedb4ae8 storage: move sepolicy to common folder 
avc: denied { read } for comm="android.hardwar" name="specification_version" dev="sysfs" ino=56257 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 361093041
Test: local build
Change-Id: I90d29590908efc329a05bd8f5f3e145dac4982fc
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-05 10:48:44 +08:00
Randall Huang
6ec23c152f storage: move storage related device type to common folder 
Bug: 364225000
Test: forrest build
Change-Id: Ica102c5a1ec45560939ac32c3ec22e721659c3cf
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-04 10:43:47 +08:00
Randall Huang
0f4a0bb8a2 Storage: add selinux for ufs firmware upgrade event 
avc:  denied  { execute_no_trans } for  comm="ufs_firmware_up" path="/vendor/bin/toybox_vendor" dev="dm-11" ino=380 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:vendor_toolbox_exec:s0 tclass=file permissive=1
avc:  denied  { read } for  comm="cat" name="vendor" dev="sysfs" ino=63193 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { open } for  comm="cat" path="/sys/devices/platform/13200000.ufs/vendor" dev="sysfs" ino=63193 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { search } for  comm="dd" name="block" dev="tmpfs" ino=12 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:block_device:s0 tclass=dir permissive=1
avc:  denied  { write } for  comm="dd" name="sda12" dev="tmpfs" ino=1139 scontext=u:r:ufs_firmware_update:s0 tcontext=u:object_r:ufs_internal_block_device:s0 tclass=blk_file permissive=1

Bug: 361093041
Test: NA
Change-Id: I54445d4543a733baae85cd408b433033dd93ec6b
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-02 22:33:03 +00:00
Randall Huang
1ae1d53973 Merge "storage: fix idle-maint avc denials." into main 2024-08-29 02:51:57 +00:00
Randall Huang
df4a5f7b48 storage: allow mkfs/fsck for vendor partitons 
avc:  denied  { read } for  name="sda7" dev="tmpfs" ino=1173 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda7" dev="tmpfs" ino=1173 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { write } for  name="sda7" dev="tmpfs" ino=1173 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda7" dev="tmpfs" ino=1173 ioctlcmd=0x1268 scontext=u:r:fsck:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { read } for  name="sda5" dev="tmpfs" ino=1010 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda5" dev="tmpfs" ino=1010 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=100275 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
avc:  denied  { write } for  name="sda5" dev="tmpfs" ino=1010 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda5" dev="tmpfs" ino=1010 ioctlcmd=0x1268 scontext=u:r:fsck:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { search } for  name="0:0:0:0" dev="sysfs" ino=100048 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=1
avc:  denied  { getattr } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda5/partition" dev="sysfs" ino=101272 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  name="zoned" dev="sysfs" ino=100308 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { open } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=100308 scontext=u:r:fsck:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1

avc:  denied  { search } for  name="0:0:0:0" dev="sysfs" ino=100048 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=1
avc:  denied  { getattr } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda10/partition" dev="sysfs" ino=102003 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  name="zoned" dev="sysfs" ino=100308 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { open } for  path="/sys/devices/platform/3c400000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=100308 scontext=u:r:e2fs:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
avc:  denied  { read } for  name="sda5" dev="tmpfs" ino=1004 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda5" dev="tmpfs" ino=1004 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { write } for  name="sda5" dev="tmpfs" ino=1004 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda5" dev="tmpfs" ino=1004 ioctlcmd=0x1268 scontext=u:r:e2fs:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { read } for  name="sda7" dev="tmpfs" ino=1199 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { open } for  path="/dev/block/sda7" dev="tmpfs" ino=1199 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { write } for  name="sda7" dev="tmpfs" ino=1199 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
avc:  denied  { ioctl } for  path="/dev/block/sda7" dev="tmpfs" ino=1199 ioctlcmd=0x1268 scontext=u:r:e2fs:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1


Bug: 361093041
Test: build pass
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0cf7210eb1b5ba1d22fb8dcb59f40cb74b98dd37)
Change-Id: I0d89d360e75335784116a4e4769d0b60699917eb
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-08-29 01:10:11 +00:00
Randall Huang
d6ba7fad68 storage: fix idle-maint avc denials. 
avc: denied { getattr } for path="/dev/block/sda5" dev="tmpfs" ino=1039 scontext=u:r:vold:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
avc: denied { getattr } for path="/dev/block/sda7" dev="tmpfs" ino=1199 scontext=u:r:vold:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1

Bug: 361093041
Test: run idle-maint run
Change-Id: Ie92ffa8b576c74e3a1cb127b265059ec76c14667
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-08-29 00:00:09 +00:00
Randall Huang
e4506b0159 storage: extend cmd_logging sepolicy to new ufshc 
Bug: 361093041
Test: check ls -Zl
Change-Id: Ia461f47562932a7dad1c114f7b3e11e5fa0d312c
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-08-26 09:53:10 +08:00
Jaegeuk Kim
24ee023597 Allow userdata_exp partitions 
Bug: 336319772
Change-Id: I7f878f29d356df3992fb49b9df8f8a900a6f12b8
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2024-05-22 13:31:39 -07:00
Randall Huang
b2f0956771 Move sg_device related policy 
Bug: 312582937
Test: make selinux_policy
Change-Id: Ic71e4eb53e22b24651e76e2d480d34affa01460b
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-11-22 14:35:02 +08:00
Randall Huang
c299df119e storage: dump UFS error history when capturing bugreport 
Bug: 264001741
Test: capture bugreport
Change-Id: Ie910377c6378240188ff09b2a686efb02b2ac972
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-10-23 06:59:04 +00:00
Randall Huang
cd8e622678 storage: turn off pixel storage debugging code on user builds 
The debugging code introduces too much performance overhead for random I/O operations.
Only enable the debugging feature on non-user builds.

Bug: 284231590
Test: boot device
Change-Id: Idf6852060dfd3a250d92147a3ee0f1fe9e6140d4
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-08-07 23:37:06 +00:00
Randall Huang
a5949cd099 Storage: refactor dump_storage 
Bug: 287884851
Test: run bugreport
Change-Id: I126f363b741616690b8e5e3b8fe522da7cd5c2ca
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-08-02 10:21:03 +08:00
Randall Huang
f55b2ffc2e storage: add fastbootd sepolicy 
We need to format the /metadata partition in fastbootd mode.
This CL aims to include the necessary SELinux rules.

Bug: 264489957
Test: rom flashing
Change-Id: Ib94dbcb580c0a16395b48b8eeef6e431a637d235
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-04-20 09:08:07 +00:00
Adam Shih
6b829b78a2 move dumpstate.te to sepolicy 
Bug: 261933169
Test: adb bugreport
Change-Id: Id0c35f4c3d2dcf58b011418b3fc61effc9c72f0f
 2023-03-16 10:10:32 +08:00
Randall Huang
0d862845c4 Storage: fix init avc denials 
Bug: 262794360
Test: boot to home
Change-Id: Ic99d1430f7d4a9a449598152f51327ac13d192f1
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-14 16:25:54 +08:00
TreeHugger Robot
36c8260f6f Merge "Storage: fix hal_health_storage_default selinux error" 2023-02-14 04:14:24 +00:00
Randall Huang
e20414a2d6 Storage: fix hal_health_storage_default selinux error 
Bug: 264490032
Test: atest VtsHalHealthStorageTargetTest
Change-Id: I953e9425f890863d2cdd10aed1efbdc1e31845c9
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-14 02:46:13 +00:00
Randall Huang
4e59f9be6e storage: fix vold selinux error 
Bug: 264483567
Test: boot to home
Change-Id: I015cf889fb84d6029aa1eb492949553f3ab528a9
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-02-14 00:44:01 +00:00
Adam Shih
708d25e824 move UFS dump to gs-common 
Bug: 248143736
Test: adb bugreport
Change-Id: I029389807c915713545766ad11671bc0715ec67f
 2022-09-28 13:16:25 +08:00
Adam Shih
262892227c dump f2fs in gs-common 
Bug: 248143736
Test: adb bugreport
Change-Id: Ifcd0b3aaa017d106530c58a1ce2b56d77af1b12d
 2022-09-23 14:01:11 +08:00