Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2773 commits 1 branch 0 tags 325 MiB
Commit graph

14 commits

Author SHA1 Message Date
Midas Chien
6a918f2bd3 allow power hal to access display files 
avc:  denied  { write } for  name="early_wakeup" dev="sysfs" ino=110609 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=1
avc:  denied  { open } for path="/sys/devices/platform/sswrp_dpu@ec00000/ee00000.dc9x00/early_wakeup" dev="sysfs" ino=110609 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_display:s0
 class=file permissive=1

Bug: 350981178
Test: PowerHAL can access early_wakeup node in enforcing mode
Flag: EXEMPT bugfix
Change-Id: Ic9d619e971059d9b496a9e5c146089a01f6a0431
 2025-01-05 20:22:27 -08:00
Richard Chang
cf29787f8d sepolicy: update init.te for zram device 
Sync patch from zuma: ag/21578379, but move to gs-common.

Avc denied log:
avc:  denied  { write } for  comm="init" name="zram0" dev="tmpfs" ino=1306 scontext=u:r:init:s0 tcontext=u:object_r:ram_device:s0 tclass=blk_file permissive=1

Verify on PBuilds:
https://android-build.corp.google.com/abtd/run/L32800030008398424/

Bug: 370643878
Test: Boot and check avc denied logs
Flag: EXEMPT sepolicy
Change-Id: I90ea0b248835fa51fe07cfa23e5f819fd8422c08
 2024-12-16 01:32:02 -08:00
Martin Liu
437d35e7cb allow power hal to access vendor_mm files 
I auditd  : type=1400 audit(0.0:79): avc:  denied  { write } for  comm="NodeLooperThrea" name="vendor_mm" dev="sysfs" ino=56518 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_vendor_mm:s0 tclass=dir permissive=0

Bug: 357995885
Test: check avc error
Flag: EXEMPT adding avc rule
Change-Id: I1261aa14f2cd912ede51edc2e1a547d2e182ca46
Signed-off-by: Martin Liu <liumartin@google.com>
 2024-12-12 13:38:20 +00:00
Piotr Klasa
2c41fdac32 Add Proc Vendor Sched Sepolicy Fix 
Bug: 361092565

Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Test: adb shell dmesg | grep proc_vendor_sched ; adb logcat -d | grep proc_vendor_sched

Evidences

12-02 19:31:34.952   279   279 W init    : type=1400 audit(0.0:7): avc:  denied  { associate } for  name="uclamp_min" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.956   279   279 W init    : type=1400 audit(0.0:8): avc:  denied  { associate } for  name="prefer_idle" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.956   279   279 W init    : type=1400 audit(0.0:9): avc:  denied  { associate } for  name="uclamp_min" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.956   279   279 W init    : type=1400 audit(0.0:10): avc:  denied  { associate } for  name="prefer_idle" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.956   279   279 W init    : type=1400 audit(0.0:11): avc:  denied  { associate } for  name="uclamp_min" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.956   279   279 W init    : type=1400 audit(0.0:12): avc:  denied  { associate } for  name="prefer_idle" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.960   279   279 W init    : type=1400 audit(0.0:13): avc:  denied  { associate } for  name="prefer_idle" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.960   279   279 W init    : type=1400 audit(0.0:14): avc:  denied  { associate } for  name="uclamp_min" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.960   279   279 W init    : type=1400 audit(0.0:15): avc:  denied  { associate } for  name="prefer_idle" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0
12-02 19:31:34.960   279   279 W init    : type=1400 audit(0.0:16): avc:  denied  { associate } for  name="uclamp_min" scontext=u:object_r:proc_vendor_sched:s0 tcontext=u:object_r:proc:s0 tclass=filesystem permissive=0

Flag: EXEMPT bugfix
Change-Id: Iad58e23abc1a7e27c3f5f4130e50d7e4aa0b6cf8
 2024-12-05 12:05:19 +01:00
Martin Liu
d6d4a779e5 Move compaction_proactiveness to vendor sepolicy 
Move compaction_proactiveness sepolicy from the system
to vendor since it breaks other vendors.

Bug: 361985704
Test: check knob value
Flag: NONE sepolicy doesn't support flag
Change-Id: I14cff8dfe4e143995b9011cd34a1e7d74613ae33
Signed-off-by: Martin Liu <liumartin@google.com>
 2024-08-30 07:21:16 +00:00
Richard Chang
1a4e01ef9e sepolicy: allow powerhal to access vendor_mm dir 
Error log:
auditd  : type=1400 audit(0.0:79): avc:  denied  { search } for  comm="NodeLooperThrea" name="vendor_mm" dev="sysfs" ino=56518 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_vendor_mm:s0 tclass=dir permissive=0

Bug: 322916612
Test: check avc logs
Flag: EXEMPT bugfix
Change-Id: I0fa6ba0a11551646d76b65ec764b25cd697d0364
 2024-07-15 06:39:22 +00:00
Midas Chien
cd14b2ad4d Dump bts information am: 15538c9845 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs-common/+/27232582

Change-Id: I07bcaf815b664ab36a17eb19bd5c1ae6238685e2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-15 02:16:45 +00:00
Midas Chien
15538c9845 Dump bts information 
Get BTS information when capturing bugreport.

Bug: 335422086
Test: capture bugreport
Change-Id: I5ae9be35a3fc3c975ccc843e9daee6d4e0ac130a
 2024-05-14 07:40:58 +00:00
Martin Liu
d400630a10 allow powerhal to access PA_KILL knobs am: 2522590c40 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs-common/+/27256041

Change-Id: I1e2ae9ee0b8e1744d3be313645c496947b76e7a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-10 02:00:29 +00:00
Martin Liu
2522590c40 allow powerhal to access PA_KILL knobs 
Bug: 322916612
Test: check avc logs
Change-Id: I637c6ad454b668f807b8d0eb4f66a83ca26dfa18
Signed-off-by: Martin Liu <liumartin@google.com>
 2024-05-08 08:37:21 +00:00
Martin Liu
3b2fde15ef Move compaction_proactiveness rule to system vendor init 
Bug: 330670954
Test: boot
Change-Id: I3cb505a76850c9c3b48d127ae93eb03aa3da33d9
Signed-off-by: Martin Liu <liumartin@google.com>
 2024-04-23 08:08:50 +00:00
Martin Liu
d7125c42db allow vendor init to access MM knob 
allow vendor init to access compaction_proactiveness
and percpu_pagelist_high_fraction

Bug: 332916849
Bug: 309409009
Test: boot
Change-Id: Idf83babc3f482ad4183c7287a808904c9608fc10
Signed-off-by: Martin Liu <liumartin@google.com>
 2024-04-18 07:09:59 +00:00
Qais Yousef
7b1dcc7981 sepolicy: Add sched_pelt_multiplier node to proc_sched 
Add a new genfs_contexts policy for performance that contains the new
label.

Bug: 290305186
Bug: 290189958
Signed-off-by: Qais Yousef <qyousef@google.com>
Change-Id: Ia60ce8f22594a667e722ad2db60afc0f357b571c
 2023-07-07 15:07:47 +00:00
Adam Shih
6965958295 add perf dump 
Bug: 240530709
Test: adb bugreport
Change-Id: Ie6b4ceb9dcc9daa199927fde56d720816145f344
 2023-02-10 13:30:18 +08:00