Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge changes Ieac81e9d,I7c069770 into sc-dev am: a071425509

Browse source 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14160597

Change-Id: Ib81459027e1949d2b1756e236b5d9ace46dc49e0
This commit is contained in:
Adam Shih 2021-04-13 06:53:10 +00:00 committed by Automerger Merge Worker
commit 77e7ed4983
6 changed files with 8 additions and 157 deletions
Download patch file Download diff file Expand all files Collapse all files

5
tracking_denials/dumpstate.te
View file

@ -1,5 +0,0 @@
# b/179310854
dontaudit dumpstate hal_neuralnetworks_armnn:process signal;
dontaudit dumpstate hal_power_stats_vendor_service:service_manager find;
dontaudit dumpstate vendor_dmabuf_debugfs:file { getattr open read };
dontaudit dumpstate vold:binder call;

139
tracking_denials/incidentd.te
View file

@ -1,139 +0,0 @@
# b/176868159
dontaudit incidentd apk_verity_prop:file getattr ;
dontaudit incidentd apk_verity_prop:file map ;
dontaudit incidentd apk_verity_prop:file getattr ;
dontaudit incidentd apk_verity_prop:file open ;
dontaudit incidentd apexd_prop:file map ;
dontaudit incidentd apexd_prop:file getattr ;
dontaudit incidentd apexd_prop:file getattr ;
dontaudit incidentd apexd_prop:file map ;
dontaudit incidentd apk_verity_prop:file open ;
dontaudit incidentd apk_verity_prop:file map ;
# b/177176812
dontaudit incidentd audio_config_prop:file open ;
dontaudit incidentd ab_update_gki_prop:file open ;
dontaudit incidentd ab_update_gki_prop:file map ;
dontaudit incidentd ab_update_gki_prop:file getattr ;
dontaudit incidentd audio_config_prop:file open ;
dontaudit incidentd aac_drc_prop:file map ;
dontaudit incidentd aac_drc_prop:file getattr ;
dontaudit incidentd aac_drc_prop:file open ;
dontaudit incidentd aac_drc_prop:file open ;
dontaudit incidentd ab_update_gki_prop:file map ;
dontaudit incidentd aac_drc_prop:file map ;
dontaudit incidentd ab_update_gki_prop:file getattr ;
dontaudit incidentd aac_drc_prop:file getattr ;
dontaudit incidentd ab_update_gki_prop:file open ;
# b/177389412
dontaudit incidentd audio_config_prop:file { getattr };
dontaudit incidentd audio_config_prop:file { getattr };
dontaudit incidentd audio_config_prop:file { map };
dontaudit incidentd bluetooth_a2dp_offload_prop:file { open };
dontaudit incidentd bluetooth_a2dp_offload_prop:file { map };
dontaudit incidentd nfc_service:service_manager { find };
dontaudit incidentd bluetooth_a2dp_offload_prop:file { map };
dontaudit incidentd bluetooth_a2dp_offload_prop:file { getattr };
dontaudit incidentd bluetooth_a2dp_offload_prop:file { open };
dontaudit incidentd audio_config_prop:file { map };
dontaudit incidentd bluetooth_a2dp_offload_prop:file { getattr };
# b/177614642
dontaudit incidentd bluetooth_audio_hal_prop:file { map };
dontaudit incidentd bluetooth_audio_hal_prop:file { open };
dontaudit incidentd bluetooth_prop:file { map };
dontaudit incidentd bluetooth_prop:file { getattr };
dontaudit incidentd bluetooth_prop:file { open };
dontaudit incidentd bluetooth_audio_hal_prop:file { map };
dontaudit incidentd bluetooth_audio_hal_prop:file { getattr };
dontaudit incidentd boottime_prop:file { open };
dontaudit incidentd bluetooth_prop:file { map };
dontaudit incidentd bluetooth_prop:file { getattr };
dontaudit incidentd bluetooth_prop:file { open };
dontaudit incidentd bluetooth_audio_hal_prop:file { open };
dontaudit incidentd bluetooth_audio_hal_prop:file { getattr };
dontaudit incidentd boottime_prop:file { open };
# b/177778217
dontaudit incidentd boottime_public_prop:file { getattr };
dontaudit incidentd boottime_prop:file { getattr };
dontaudit incidentd bpf_progs_loaded_prop:file { open };
dontaudit incidentd boottime_public_prop:file { map };
dontaudit incidentd boottime_public_prop:file { getattr };
dontaudit incidentd boottime_public_prop:file { open };
dontaudit incidentd boottime_prop:file { map };
dontaudit incidentd bpf_progs_loaded_prop:file { getattr };
dontaudit incidentd bpf_progs_loaded_prop:file { open };
dontaudit incidentd boottime_public_prop:file { map };
dontaudit incidentd boottime_prop:file { getattr };
dontaudit incidentd boottime_prop:file { map };
dontaudit incidentd boottime_public_prop:file { open };
dontaudit incidentd bpf_progs_loaded_prop:file { getattr };
# b/177860841
dontaudit incidentd build_bootimage_prop:file { map };
dontaudit incidentd build_config_prop:file { getattr };
dontaudit incidentd build_config_prop:file { open };
dontaudit incidentd bpf_progs_loaded_prop:file { map };
dontaudit incidentd build_bootimage_prop:file { open };
dontaudit incidentd build_bootimage_prop:file { getattr };
dontaudit incidentd build_bootimage_prop:file { map };
dontaudit incidentd build_bootimage_prop:file { getattr };
dontaudit incidentd build_config_prop:file { getattr };
dontaudit incidentd build_config_prop:file { map };
dontaudit incidentd bpf_progs_loaded_prop:file { map };
dontaudit incidentd build_bootimage_prop:file { open };
dontaudit incidentd build_config_prop:file { open };
dontaudit incidentd build_config_prop:file { map };
# b/178752460
dontaudit incidentd camera_calibration_prop:file { open };
dontaudit incidentd charger_config_prop:file { getattr };
dontaudit incidentd charger_config_prop:file { open };
dontaudit incidentd camera_calibration_prop:file { map };
dontaudit incidentd camera_calibration_prop:file { getattr };
dontaudit incidentd charger_config_prop:file { getattr };
dontaudit incidentd camera_calibration_prop:file { open };
dontaudit incidentd camera_calibration_prop:file { getattr };
dontaudit incidentd camera_calibration_prop:file { map };
dontaudit incidentd charger_config_prop:file { open };
# b/179310909
dontaudit incidentd charger_status_prop:file { open };
dontaudit incidentd charger_prop:file { open };
dontaudit incidentd charger_prop:file { getattr };
dontaudit incidentd charger_prop:file { map };
dontaudit incidentd charger_status_prop:file { open };
dontaudit incidentd charger_status_prop:file { getattr };
dontaudit incidentd charger_status_prop:file { map };
dontaudit incidentd charger_config_prop:file { map };
dontaudit incidentd charger_status_prop:file { map };
dontaudit incidentd charger_status_prop:file { getattr };
dontaudit incidentd charger_config_prop:file { map };
dontaudit incidentd charger_prop:file { open };
dontaudit incidentd charger_prop:file { getattr };
dontaudit incidentd charger_prop:file { map };
# b/179437463
dontaudit incidentd cold_boot_done_prop:file { map };
dontaudit incidentd cold_boot_done_prop:file { getattr };
dontaudit incidentd cpu_variant_prop:file { map };
dontaudit incidentd cpu_variant_prop:file { getattr };
dontaudit incidentd cold_boot_done_prop:file { map };
dontaudit incidentd cpu_variant_prop:file { map };
dontaudit incidentd cpu_variant_prop:file { open };
dontaudit incidentd cold_boot_done_prop:file { getattr };
dontaudit incidentd cold_boot_done_prop:file { open };
dontaudit incidentd cold_boot_done_prop:file { open };
dontaudit incidentd cpu_variant_prop:file { open };
dontaudit incidentd cpu_variant_prop:file { getattr };
# b/180963481
dontaudit incidentd ctl_bootanim_prop:file { open };
dontaudit incidentd ctl_adbd_prop:file { open };
dontaudit incidentd ctl_adbd_prop:file { getattr };
dontaudit incidentd ctl_adbd_prop:file { map };
dontaudit incidentd ctl_apexd_prop:file { getattr };
dontaudit incidentd ctl_apexd_prop:file { map };
dontaudit incidentd ctl_adbd_prop:file { open };
dontaudit incidentd ctl_adbd_prop:file { getattr };
dontaudit incidentd ctl_adbd_prop:file { map };
dontaudit incidentd ctl_apexd_prop:file { open };
dontaudit incidentd ctl_apexd_prop:file { getattr };
dontaudit incidentd ctl_apexd_prop:file { map };
dontaudit incidentd ctl_bootanim_prop:file { open };
dontaudit incidentd ctl_apexd_prop:file { open };
# b/181177909
dontaudit incidentd property_type:file *;

8
tracking_denials/init.te
View file

@ -1,11 +1,3 @@
# b/180963348 # b/180963348
dontaudit init overlayfs_file:chr_file { unlink }; dontaudit init overlayfs_file:chr_file { unlink };
dontaudit init overlayfs_file:file { rename }; dontaudit init overlayfs_file:file { rename };
# b/182954138
dontaudit init vendor_file:file { execute };
dontaudit init vendor_file:file { execute };
dontaudit init sysfs:file { setattr };
dontaudit init sysfs:file { setattr };
# b/185186743
dontaudit init sysfs_scsi_devices_0000:file { write };
dontaudit init sysfs_scsi_devices_0000:file { write };

5
tracking_denials/update_engine.te
View file

@ -1,5 +0,0 @@
# b/174961421
dontaudit update_engine dumpstate:fifo_file write ;
dontaudit update_engine dumpstate:fifo_file write ;
dontaudit update_engine dumpstate:fd use ;
dontaudit update_engine dumpstate:fd use ;

7
whitechapel/vendor/google/dumpstate.te vendored
View file

@ -1,4 +1,9 @@
dump_hal(hal_telephony) dump_hal(hal_telephony)
dump_hal(hal_graphics_composer)
userdebug_or_eng(`
allow dumpstate vendor_dmabuf_debugfs:file r_file_perms;
')
allow dumpstate sysfs_scsi_devices_0000:file r_file_perms; allow dumpstate sysfs_scsi_devices_0000:file r_file_perms;
allow dumpstate persist_file:dir r_dir_perms; allow dumpstate persist_file:dir r_dir_perms;
@ -7,3 +12,5 @@ allow dumpstate modem_efs_file:dir getattr;
allow dumpstate modem_img_file:dir getattr; allow dumpstate modem_img_file:dir getattr;
allow dumpstate modem_userdata_file:dir getattr; allow dumpstate modem_userdata_file:dir getattr;
allow dumpstate fuse:dir search; allow dumpstate fuse:dir search;
dontaudit dumpstate vendor_dmabuf_debugfs:file r_file_perms;

1
whitechapel/vendor/google/init.te vendored
View file

@ -17,3 +17,4 @@ allow init modem_userdata_file:dir mounton;
allow init ram_device:blk_file w_file_perms; allow init ram_device:blk_file w_file_perms;
allow init per_boot_file:file ioctl; allow init per_boot_file:file ioctl;
allowxperm init per_boot_file:file ioctl { F2FS_IOC_SET_PIN_FILE }; allowxperm init per_boot_file:file ioctl { F2FS_IOC_SET_PIN_FILE };
allow init sysfs_scsi_devices_0000:file w_file_perms;