From e0d8d912ec34ff10f0f9167d738932b53a79de44 Mon Sep 17 00:00:00 2001 From: attis Date: Mon, 26 Aug 2024 10:54:48 +0800 Subject: [PATCH 1/4] Label sysfs node power_mode as sysfs_display. Label power_mode to sysfs_panel to let it be allowed in dumpstate. avc log: 08-26 11:59:55.044 14700 14700 W dump_display: type=1400 audit(0.0:25): avc: denied { read } for name="power_mode" dev="sysfs" ino=83218 scontext=u:r:dump_display:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/340722772 Test: ls -Z, adb bugreport. Flag: EXEMPT bugfix Bug: 358505990 Change-Id: Ia31964903b62f72237ae18cf07a2cef0138adeea Signed-off-by: attis --- whitechapel/vendor/google/genfs_contexts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 7261590f..1e3d8bf0 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -152,6 +152,8 @@ genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_need_ genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/time_in_state u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/time_in_state u:object_r:sysfs_display:s0 +genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/power_mode u:object_r:sysfs_display:s0 +genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/power_mode u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2d0000.drmdsim/hs_clock u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c300000.drmdecon/counters u:object_r:sysfs_display:s0 From f323bc8dc7d36a0a352f8965f7ca605017b6d5e0 Mon Sep 17 00:00:00 2001 From: Randall Huang Date: Mon, 2 Sep 2024 14:46:32 +0800 Subject: [PATCH 2/4] Storage: label ufs firmware upgrade script Bug: 361093041 Test: local build Change-Id: I0f1c9222f16351bde2ef9dd478a5e0c143e49e5a Signed-off-by: Randall Huang --- whitechapel/vendor/google/device.te | 4 ++++ whitechapel/vendor/google/file.te | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/whitechapel/vendor/google/device.te b/whitechapel/vendor/google/device.te index 4662a075..1399788a 100644 --- a/whitechapel/vendor/google/device.te +++ b/whitechapel/vendor/google/device.te @@ -39,3 +39,7 @@ type st33spi_device, dev_type; # GPS type vendor_gnss_device, dev_type; + +# Storage firmware upgrade +type ufs_internal_block_device, dev_type; + diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te index 16c40446..ed633c69 100644 --- a/whitechapel/vendor/google/file.te +++ b/whitechapel/vendor/google/file.te @@ -75,6 +75,10 @@ type proc_f2fs, proc_type, fs_type; type bootdevice_sysdev, dev_type; +# Storage firmware upgrade +type ufs_firmware_update, domain; +type ufs_firmware_update_exec, vendor_file_type, exec_type, file_type; + # ZRam type per_boot_file, file_type, data_file_type, core_data_file_type; From edf14e100ec320f9fcf0ab346c2ef065c5d069ad Mon Sep 17 00:00:00 2001 From: Randall Huang Date: Wed, 4 Sep 2024 00:02:23 +0800 Subject: [PATCH 3/4] storage: move storage related device type to common folder Bug: 364225000 Test: forrest build Change-Id: I779edca2e5cecfb34ede65dccf93f207a3dbcf2f Signed-off-by: Randall Huang --- whitechapel/vendor/google/device.te | 6 ------ whitechapel/vendor/google/file.te | 5 +---- 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/whitechapel/vendor/google/device.te b/whitechapel/vendor/google/device.te index 1399788a..1e1f25db 100644 --- a/whitechapel/vendor/google/device.te +++ b/whitechapel/vendor/google/device.te @@ -1,8 +1,5 @@ # Block Devices -type efs_block_device, dev_type; type modem_block_device, dev_type; -type modem_userdata_block_device, dev_type; -type persist_block_device, dev_type; type mfg_data_block_device, dev_type; # Exynos devices @@ -40,6 +37,3 @@ type st33spi_device, dev_type; # GPS type vendor_gnss_device, dev_type; -# Storage firmware upgrade -type ufs_internal_block_device, dev_type; - diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te index ed633c69..db4d0570 100644 --- a/whitechapel/vendor/google/file.te +++ b/whitechapel/vendor/google/file.te @@ -75,10 +75,6 @@ type proc_f2fs, proc_type, fs_type; type bootdevice_sysdev, dev_type; -# Storage firmware upgrade -type ufs_firmware_update, domain; -type ufs_firmware_update_exec, vendor_file_type, exec_type, file_type; - # ZRam type per_boot_file, file_type, data_file_type, core_data_file_type; @@ -165,3 +161,4 @@ type sysfs_bootctl, sysfs_type, fs_type; # WLC type sysfs_wlc, sysfs_type, fs_type; + From d3d5235b50256e7fadeab0067839e5d9e707c20e Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Wed, 4 Sep 2024 03:26:56 +0000 Subject: [PATCH 4/4] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 364446534 Flag: EXEMPT sepolicy bugFix Change-Id: I694b656e436ef9365ee1bbbac81f155dbf70ce60 --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index a81c684d..e499aaa4 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,4 +1,5 @@ +battery_mitigation sysfs file b/364446534 chre vendor_data_file dir b/301948771 dump_display sysfs file b/340722772 hal_power_default hal_power_default capability b/240632824