From 0212befe1e4337c381290ca2a93238dd7f3b5639 Mon Sep 17 00:00:00 2001 From: Chi Zhang Date: Wed, 29 Nov 2023 16:32:37 -0800 Subject: [PATCH 01/20] Allow GRIL to get power stats. AVC log: SELinux : avc: denied { find } for pid=3147 uid=10219 name=android.hardware.power.stats.IPowerStats/default scontext=u:r:grilservice_app:s0:c219,c256,c512,c768 tcontext=u:object_r:hal_power_stats_service:s0 tclass=service_manager permissive=0 Bug: 286187143 Test: build and boot Change-Id: Iff51df55ad0011815b764b334801dedc6a6d1cbc --- whitechapel/vendor/google/grilservice_app.te | 1 + 1 file changed, 1 insertion(+) diff --git a/whitechapel/vendor/google/grilservice_app.te b/whitechapel/vendor/google/grilservice_app.te index c0ba5764..d22bc010 100644 --- a/whitechapel/vendor/google/grilservice_app.te +++ b/whitechapel/vendor/google/grilservice_app.te @@ -11,3 +11,4 @@ binder_call(grilservice_app, hal_bluetooth_btlinux) binder_call(grilservice_app, hal_radioext_default) binder_call(grilservice_app, hal_wifi_ext) binder_call(grilservice_app, hal_audiometricext_default) +hal_client_domain(grilservice_app, hal_power_stats) From 64e2ac2aa017386fca93f7e07b4d00de1b940e17 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Thu, 21 Dec 2023 07:37:17 +0000 Subject: [PATCH 02/20] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 317316478 Test: scanBugreport Bug: 316817111 Test: scanAvcDeniedLogRightAfterReboot Bug: 316817111 Change-Id: I0eaf3217d077d2465a2f4ac3f1e3b15b9236df4f --- tracking_denials/bug_map | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 671bcae6..6f1bdccf 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -3,6 +3,7 @@ dump_modem device chr_file b/305600375 dumpstate virtual_camera binder b/312894628 dumpstate virtual_camera process b/312894628 hal_power_default hal_power_default capability b/240632824 +hal_vibrator_default default_android_service service_manager b/317316478 incidentd debugfs_wakeup_sources file b/282626428 incidentd incidentd anon_inode b/282626428 kernel dm_device blk_file b/315907959 @@ -15,4 +16,5 @@ untrusted_app shell_test_data_file dir b/305600845 untrusted_app system_data_root_file dir b/305600845 untrusted_app userdebug_or_eng_prop file b/305600845 vendor_init default_prop file b/315104713 +vendor_init default_prop file b/316817111 vendor_init default_prop property_service b/315104713 From 52fc41b1c23b1a69f9bd2fd0c05679e30ba928cb Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Tue, 26 Dec 2023 03:34:50 +0000 Subject: [PATCH 03/20] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 317734923 Test: scanBugreport Bug: 317734418 Bug: 316817111 Test: scanAvcDeniedLogRightAfterReboot Bug: 317734489 Bug: 316817111 Change-Id: Ibc5c35c327cbb1fb4433c63a9073503037d9c8cf --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 6f1bdccf..772ede39 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -8,6 +8,7 @@ incidentd debugfs_wakeup_sources file b/282626428 incidentd incidentd anon_inode b/282626428 kernel dm_device blk_file b/315907959 kernel tmpfs chr_file b/315907959 +rfsd vendor_cbd_prop file b/317734418 rild default_prop file b/315720636 rild default_prop file b/315720725 surfaceflinger selinuxfs file b/313804340 From c4181c461d82d38d4e523bb33e42c604f962a37b Mon Sep 17 00:00:00 2001 From: timtmlin Date: Wed, 27 Dec 2023 15:44:23 +0800 Subject: [PATCH 04/20] Remove obsolete entries Bug: 315720636 Bug: 315720725 Test: make Change-Id: I485bbd472314199106a6f92f08796762cb440952 --- tracking_denials/bug_map | 2 -- 1 file changed, 2 deletions(-) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 772ede39..b6f2fc40 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -9,8 +9,6 @@ incidentd incidentd anon_inode b/282626428 kernel dm_device blk_file b/315907959 kernel tmpfs chr_file b/315907959 rfsd vendor_cbd_prop file b/317734418 -rild default_prop file b/315720636 -rild default_prop file b/315720725 surfaceflinger selinuxfs file b/313804340 untrusted_app nativetest_data_file dir b/305600845 untrusted_app shell_test_data_file dir b/305600845 From da91eed387356c29ecff7be4ea7e1aaf4efb92b8 Mon Sep 17 00:00:00 2001 From: wenchangliu Date: Fri, 5 Jan 2024 02:57:09 +0000 Subject: [PATCH 05/20] gs101: move mediacodec_samsung sepolicy to gs-common remove mediacodec_samsung sepolicy in legacy path since we will include it from gs-common. Bug: 318793681 Test: build pass, camera record, youtube Change-Id: Idc0e19348d1e113e95305279aebbbaf82c79d730 --- whitechapel/vendor/google/file.te | 4 ---- whitechapel/vendor/google/file_contexts | 2 -- whitechapel/vendor/google/genfs_contexts | 3 --- whitechapel/vendor/google/hal_camera_default.te | 2 +- whitechapel/vendor/google/mediacodec.te | 10 ---------- whitechapel/vendor/google/property.te | 1 - whitechapel/vendor/google/property_contexts | 5 ----- whitechapel/vendor/google/vndservice.te | 1 - whitechapel/vendor/google/vndservice_contexts | 1 - 9 files changed, 1 insertion(+), 28 deletions(-) diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te index 965c876e..9e7f1fab 100644 --- a/whitechapel/vendor/google/file.te +++ b/whitechapel/vendor/google/file.te @@ -1,7 +1,6 @@ # Exynos Data Files #type vendor_data_file, file_type, data_file_type; type vendor_cbd_boot_file, file_type, data_file_type; -type vendor_media_data_file, file_type, data_file_type; # Exynos Log Files type vendor_log_file, file_type, data_file_type; @@ -134,9 +133,6 @@ type sysfs_memory, sysfs_type, fs_type; # bcmdhd (Broadcom FullMAC wireless cards support) type sysfs_bcmdhd, sysfs_type, fs_type; -# Video -type sysfs_video, sysfs_type, fs_type; - # UWB vendor type uwb_vendor_data_file, file_type, data_file_type, app_data_file_type; type persist_uwb_file, file_type, vendor_persist_type; diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 7c3b828d..0d3d8a2f 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -224,9 +224,7 @@ /dev/lwis-votf u:object_r:lwis_device:s0 # VIDEO -/vendor/bin/hw/samsung\.hardware\.media\.c2@1\.0-service u:object_r:mediacodec_exec:s0 /vendor/bin/hw/google\.hardware\.media\.c2@1\.0-service u:object_r:mediacodec_exec:s0 -/data/vendor/media(/.*)? u:object_r:vendor_media_data_file:s0 # IMS VoWiFi /data/vendor/misc(/.*)? u:object_r:vendor_misc_data_file:s0 diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 95852d7b..2adf1f01 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -308,9 +308,6 @@ genfscon sysfs /devices/platform/debugcore/sscoredump/sscd_debugcore/report_coun genfscon sysfs /devices/platform/mfc-core/sscoredump/sscd_mfc-core/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0 genfscon sysfs /devices/platform/wlan/sscoredump/sscd_wlan/report_count u:object_r:sysfs_sscoredump_subsystem_report_count:s0 -# mediacodec -genfscon sysfs /devices/platform/mfc/video4linux/video u:object_r:sysfs_video:s0 - # SJTAG genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0 genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_r:sysfs_sjtag:s0 diff --git a/whitechapel/vendor/google/hal_camera_default.te b/whitechapel/vendor/google/hal_camera_default.te index 07789692..8e0a8616 100644 --- a/whitechapel/vendor/google/hal_camera_default.te +++ b/whitechapel/vendor/google/hal_camera_default.te @@ -72,7 +72,7 @@ binder_call(hal_camera_default, system_server); # Allow Binder calls to ECO service, needed by Entropy-Aware Filtering allow hal_camera_default eco_service:service_manager find; -binder_call(hal_camera_default, mediacodec); +binder_call(hal_camera_default, mediacodec_samsung); # Allow camera HAL to query preferred camera frequencies from the radio HAL # extensions to avoid interference with cellular antennas. diff --git a/whitechapel/vendor/google/mediacodec.te b/whitechapel/vendor/google/mediacodec.te index 0c22d5bf..13d8ab85 100644 --- a/whitechapel/vendor/google/mediacodec.te +++ b/whitechapel/vendor/google/mediacodec.te @@ -1,11 +1 @@ -userdebug_or_eng(` - set_prop(mediacodec, vendor_codec2_debug_prop) - allow mediacodec vendor_media_data_file:dir rw_dir_perms; - allow mediacodec vendor_media_data_file:file create_file_perms; -') - -add_service(mediacodec, eco_service) -allow mediacodec hal_camera_default:binder call; -allow mediacodec sysfs_video:file r_file_perms; -allow mediacodec sysfs_video:dir r_dir_perms; allow mediacodec dmabuf_system_secure_heap_device:chr_file r_file_perms; diff --git a/whitechapel/vendor/google/property.te b/whitechapel/vendor/google/property.te index 934e13a9..98da3e39 100644 --- a/whitechapel/vendor/google/property.te +++ b/whitechapel/vendor/google/property.te @@ -14,7 +14,6 @@ vendor_internal_prop(vendor_persist_config_default_prop) vendor_internal_prop(vendor_sys_default_prop) vendor_internal_prop(vendor_ro_sys_default_prop) vendor_internal_prop(vendor_persist_sys_default_prop) -vendor_internal_prop(vendor_codec2_debug_prop) vendor_internal_prop(vendor_display_prop) vendor_internal_prop(vendor_camera_prop) vendor_internal_prop(vendor_camera_fatp_prop) diff --git a/whitechapel/vendor/google/property_contexts b/whitechapel/vendor/google/property_contexts index 4c01239d..c9187a3f 100644 --- a/whitechapel/vendor/google/property_contexts +++ b/whitechapel/vendor/google/property_contexts @@ -15,11 +15,6 @@ persist.vendor.sys.crash_rcu u:object_r:vendor_ramdump_prop:s0 vendor.debug.ssrdump. u:object_r:vendor_ssrdump_prop:s0 persist.vendor.sys.ssr. u:object_r:vendor_ssrdump_prop:s0 -# for codec2 -vendor.debug.c2.level u:object_r:vendor_codec2_debug_prop:s0 -vendor.debug.c2.dump u:object_r:vendor_codec2_debug_prop:s0 -vendor.debug.c2.dump.opt u:object_r:vendor_codec2_debug_prop:s0 - # USB HAL persist.vendor.usb. u:object_r:vendor_usb_config_prop:s0 vendor.usb. u:object_r:vendor_usb_config_prop:s0 diff --git a/whitechapel/vendor/google/vndservice.te b/whitechapel/vendor/google/vndservice.te index 06ef0b2d..12a48194 100644 --- a/whitechapel/vendor/google/vndservice.te +++ b/whitechapel/vendor/google/vndservice.te @@ -1,2 +1 @@ type vendor_surfaceflinger_vndservice, vndservice_manager_type; -type eco_service, vndservice_manager_type; diff --git a/whitechapel/vendor/google/vndservice_contexts b/whitechapel/vendor/google/vndservice_contexts index 6ddcabfe..4f9f5a70 100644 --- a/whitechapel/vendor/google/vndservice_contexts +++ b/whitechapel/vendor/google/vndservice_contexts @@ -1,2 +1 @@ Exynos.HWCService u:object_r:vendor_surfaceflinger_vndservice:s0 -media.ecoservice u:object_r:eco_service:s0 From 6073bb0ff8a11984113b53222cc8f0d493818ac9 Mon Sep 17 00:00:00 2001 From: Ken Yang Date: Wed, 10 Jan 2024 06:13:47 +0000 Subject: [PATCH 06/20] selinux: label wakeup for BMS I2C 0x36, 0x69 Bug: 319035561 Change-Id: Ib339ce27cc89a02825be51f1bf49fe727ac9fb67 Signed-off-by: Ken Yang --- whitechapel/vendor/google/genfs_contexts | 2 ++ 1 file changed, 2 insertions(+) diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 2adf1f01..4315d412 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -47,6 +47,7 @@ genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-0050/eeprom genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0036/power_supply/maxfg/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0036/power_supply/maxfg_base/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0036/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0057/chg_stats u:object_r:sysfs_pca:s0 genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/uwb/power_stats u:object_r:sysfs_power_stats:s0 @@ -101,6 +102,7 @@ genfscon sysfs /devices/platform/10d40000.spi/spi_master/spi11/spi11.0/wakeup genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0057/power_supply/pca9468-mains/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0069/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/power_supply/tcpm-source-psy-i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 From ea7ccea15c633ab83d86144037c2027654b4ad99 Mon Sep 17 00:00:00 2001 From: Mahesh Kallelil Date: Thu, 11 Jan 2024 09:19:57 -0800 Subject: [PATCH 07/20] Fix SELinux error in dump_modem The cpif logbuffer did not have the right context and was missing as part of the bugreport. Test: Tested bugreport on device Bug: 305600375 Change-Id: I2101037d0044e706969f2582e29f923ae029458b Signed-off-by: Mahesh Kallelil --- tracking_denials/bug_map | 1 - whitechapel/vendor/google/file_contexts | 1 + 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index b6f2fc40..17fcff7d 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,5 +1,4 @@ chre vendor_data_file dir b/301948771 -dump_modem device chr_file b/305600375 dumpstate virtual_camera binder b/312894628 dumpstate virtual_camera process b/312894628 hal_power_default hal_power_default capability b/240632824 diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 7c3b828d..51eefaed 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -105,6 +105,7 @@ /dev/logbuffer_pca9468 u:object_r:logbuffer_device:s0 /dev/logbuffer_cpm u:object_r:logbuffer_device:s0 /dev/logbuffer_bd u:object_r:logbuffer_device:s0 +/dev/logbuffer_cpif u:object_r:logbuffer_device:s0 /dev/logbuffer_maxfg_monitor u:object_r:logbuffer_device:s0 /dev/logbuffer_maxfg_base_monitor u:object_r:logbuffer_device:s0 From 29021574e6feb35426a13f9419ec695ac5dc8d27 Mon Sep 17 00:00:00 2001 From: Kyle Tso Date: Mon, 15 Jan 2024 15:45:52 +0800 Subject: [PATCH 08/20] Correct the path of tcpm wakelock Bug: 315190967 Change-Id: I01f8da9e0467f34cd0229bf9c5370d062ca78130 Signed-off-by: Kyle Tso --- whitechapel/vendor/google/genfs_contexts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 95852d7b..cccc3ec8 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -104,7 +104,7 @@ genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0069/power_supply/main-c genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/power_supply/tcpm-source-psy-i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/power_supply/tcpm-source-psy-8-0025/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/power_supply/tcpm-source-psy-i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/wakeup u:object_r:sysfs_wakeup:s0 From 3116a34269cc40bda840e44dc8fc9e0c67ec6ceb Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Mon, 22 Jan 2024 17:42:00 +0000 Subject: [PATCH 09/20] Update SELinux error Test: SELinuxUncheckedDenialBootTest Test: scanBugreport Bug: 321730881 Bug: 316817111 Test: scanAvcDeniedLogRightAfterReboot Bug: 316817111 Change-Id: I6f7abbb5402fd991d174a79a81c2d5e6c41c71d8 --- tracking_denials/bug_map | 1 + 1 file changed, 1 insertion(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 17fcff7d..a93b45b7 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -9,6 +9,7 @@ kernel dm_device blk_file b/315907959 kernel tmpfs chr_file b/315907959 rfsd vendor_cbd_prop file b/317734418 surfaceflinger selinuxfs file b/313804340 +system_server pm_archiving_enabled_prop file b/321730881 untrusted_app nativetest_data_file dir b/305600845 untrusted_app shell_test_data_file dir b/305600845 untrusted_app system_data_root_file dir b/305600845 From 7ea71a9c1c1a23485166dbc7fcdb639fdac28bfd Mon Sep 17 00:00:00 2001 From: Darren Hsu Date: Mon, 29 Jan 2024 11:49:04 +0800 Subject: [PATCH 10/20] sepolicy: allow hal_power_stats to read sysfs_display avc: denied { read } for name="available_disp_stats" dev="sysfs" ino=76162 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 Bug: 321848496 Test: dumpsys android.hardware.power.stats.IPowerStats/default Change-Id: I869e80af8994408e7eef279b6a5eb59d6d2c406b Signed-off-by: Darren Hsu --- whitechapel/vendor/google/genfs_contexts | 4 ++++ whitechapel/vendor/google/hal_power_stats_default.te | 1 + 2 files changed, 5 insertions(+) diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 6c56a4e0..644251ca 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -156,6 +156,8 @@ genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.au genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby u:object_r:sysfs_gps:s0 # Display +genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/available_disp_stats u:object_r:sysfs_display:s0 +genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/available_disp_stats u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/gamma u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/gamma u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/min_vrefresh u:object_r:sysfs_display:s0 @@ -168,6 +170,8 @@ genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_idle genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_idle u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0 +genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/time_in_state u:object_r:sysfs_display:s0 +genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/time_in_state u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c2d0000.drmdsim/hs_clock u:object_r:sysfs_display:s0 genfscon sysfs /devices/platform/1c300000.drmdecon/counters u:object_r:sysfs_display:s0 diff --git a/whitechapel/vendor/google/hal_power_stats_default.te b/whitechapel/vendor/google/hal_power_stats_default.te index 13a0487f..90a78492 100644 --- a/whitechapel/vendor/google/hal_power_stats_default.te +++ b/whitechapel/vendor/google/hal_power_stats_default.te @@ -17,6 +17,7 @@ binder_call(hal_power_stats_default, citadeld) r_dir_file(hal_power_stats_default, sysfs_aoc) r_dir_file(hal_power_stats_default, sysfs_aoc_dumpstate) r_dir_file(hal_power_stats_default, sysfs_cpu) +r_dir_file(hal_power_stats_default, sysfs_display) r_dir_file(hal_power_stats_default, sysfs_leds) r_dir_file(hal_power_stats_default, sysfs_acpm_stats) r_dir_file(hal_power_stats_default, sysfs_wifi) From 16de970cd01f124a6725d5f6679e2058a089a9b2 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Wed, 31 Jan 2024 02:59:05 +0000 Subject: [PATCH 11/20] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 323086679 Test: scanBugreport Bug: 323087054 Bug: 316817111 Test: scanAvcDeniedLogRightAfterReboot Bug: 323086660 Bug: 316817111 Change-Id: I03dc82e832048e9a165b738bea1903ed37b2231c --- tracking_denials/bug_map | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index a93b45b7..7d1687e6 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -10,6 +10,9 @@ kernel tmpfs chr_file b/315907959 rfsd vendor_cbd_prop file b/317734418 surfaceflinger selinuxfs file b/313804340 system_server pm_archiving_enabled_prop file b/321730881 +system_suspend sysfs dir b/323086660 +system_suspend sysfs dir b/323086679 +system_suspend sysfs dir b/323087054 untrusted_app nativetest_data_file dir b/305600845 untrusted_app shell_test_data_file dir b/305600845 untrusted_app system_data_root_file dir b/305600845 From e2e71d0850f1efd7546cc9f17da51f0a29b32d41 Mon Sep 17 00:00:00 2001 From: Andrea Zilio Date: Wed, 31 Jan 2024 15:24:11 +0000 Subject: [PATCH 12/20] Removed SE Linux error bugmap entry, as we have fixed this property usage. Change-Id: I1093c7c7b7633a734d1108fa6e05c010dd1af4c6 Bug: 321730881 --- tracking_denials/bug_map | 1 - 1 file changed, 1 deletion(-) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 7d1687e6..3b92d112 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -9,7 +9,6 @@ kernel dm_device blk_file b/315907959 kernel tmpfs chr_file b/315907959 rfsd vendor_cbd_prop file b/317734418 surfaceflinger selinuxfs file b/313804340 -system_server pm_archiving_enabled_prop file b/321730881 system_suspend sysfs dir b/323086660 system_suspend sysfs dir b/323086679 system_suspend sysfs dir b/323087054 From 3a53df7d7accb8b17cbb9c4dc4a156347a799d4a Mon Sep 17 00:00:00 2001 From: Jacky Liu Date: Fri, 2 Feb 2024 12:41:35 +0800 Subject: [PATCH 13/20] Update i2c device paths Update i2c device paths with static bus numbers. Bug: 323447554 Test: Boot to home Change-Id: I5aacc4db4726f7608b2049bd2efb1d8732d3cdcf --- whitechapel/vendor/google/genfs_contexts | 143 ++++++++--------------- 1 file changed, 49 insertions(+), 94 deletions(-) diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 644251ca..582ba6e7 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -34,21 +34,17 @@ genfscon sysfs /devices/platform/google,dock/power_supply/dock genfscon sysfs /devices/platform/10d50000.hsi2c u:object_r:sysfs_batteryinfo:s0 # Slider -genfscon sysfs /devices/platform/10d10000.hsi2c/i2c-9/i2c-p9412 u:object_r:sysfs_wlc:s0 -genfscon sysfs /devices/platform/10d10000.hsi2c/i2c-9/i2c-p9412/power_supply u:object_r:sysfs_batteryinfo:s0 -genfscon sysfs /devices/platform/10d10000.hsi2c/i2c-9/9-003c u:object_r:sysfs_wlc:s0 -genfscon sysfs /devices/platform/10d10000.hsi2c/i2c-9/9-003c/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10d10000.hsi2c/i2c-0/0-003c u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10d10000.hsi2c/i2c-0/0-003c/power_supply u:object_r:sysfs_batteryinfo:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-p9412 u:object_r:sysfs_wlc:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-003c u:object_r:sysfs_wlc:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-p9412/power_supply u:object_r:sysfs_batteryinfo:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-003c/power_supply u:object_r:sysfs_batteryinfo:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-0050/eeprom u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-003c u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-003c/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0050/eeprom u:object_r:sysfs_batteryinfo:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0036/power_supply/maxfg/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0036/power_supply/maxfg_base/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0036/wakeup/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0057/chg_stats u:object_r:sysfs_pca:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0036/power_supply/maxfg/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0036/power_supply/maxfg_base/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0036/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0057/chg_stats u:object_r:sysfs_pca:s0 genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/uwb/power_stats u:object_r:sysfs_power_stats:s0 @@ -76,39 +72,26 @@ genfscon sysfs /devices/platform/10d30000.spi/spi_master/spi10/spi10.0/ieee80215 genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/gadget/net u:object_r:sysfs_net:s0 # Vibrator -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-005a u:object_r:sysfs_vibrator:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-cs40l25a-dual u:object_r:sysfs_vibrator:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-0042 u:object_r:sysfs_vibrator:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-cs40l25a u:object_r:sysfs_vibrator:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-cs40l26a u:object_r:sysfs_vibrator:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-0043 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-005a u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0042 u:object_r:sysfs_vibrator:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0043 u:object_r:sysfs_vibrator:s0 # Fingerprint genfscon sysfs /devices/platform/odm/odm:fp_fpc1020 u:object_r:sysfs_fingerprint:s0 # System_suspend -genfscon sysfs /devices/platform/10960000.hsi2c/i2c-6/i2c-st21nfc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10960000.hsi2c/i2c-6/6-0008/wakeup u:object_r:sysfs_wakeup:s0 - -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-cs40l25a/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-p9412/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/i2c-p9412/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-0043/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-003c/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-003c/wakeup u:object_r:sysfs_wakeup:s0 - +genfscon sysfs /devices/platform/10960000.hsi2c/i2c-7/7-0008/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0043/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-003c/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-003c/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d40000.spi/spi_master/spi11/spi11.0/wakeup u:object_r:sysfs_wakeup:s0 - -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0057/power_supply/pca9468-mains/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0069/wakeup/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/power_supply/tcpm-source-psy-i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/power_supply/tcpm-source-psy-i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0057/power_supply/pca9468-mains/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0069/power_supply/dc/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0069/wakeup/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/power_supply/tcpm-source-psy-12-0025/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.4.auto/wakeup u:object_r:sysfs_wakeup:s0 @@ -125,18 +108,11 @@ genfscon sysfs /devices/platform/19000000.aoc/com.google.usf/wakeup genfscon sysfs /devices/platform/19000000.aoc/com.google.usf.non_wake_up/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/19000000.aoc/usb_control/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/19000000.aoc/wakeup u:object_r:sysfs_wakeup:s0 - -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-rtc/rtc/rtc0/alarmtimer.0.auto/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-rtc/rtc/rtc0/alarmtimer.1.auto/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-rtc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-rtc/rtc/rtc0/alarmtimer.0.auto/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-rtc/rtc/rtc0/alarmtimer.1.auto/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-rtc/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/wakeup u:object_r:sysfs_wakeup:s0 - -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-rtc/rtc/rtc0/alarmtimer.0.auto/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-rtc/rtc/rtc0/alarmtimer.1.auto/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-rtc/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/cpif/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/google,battery/power_supply/battery/wakeup u:object_r:sysfs_wakeup:s0 @@ -185,44 +161,25 @@ genfscon sysfs /devices/platform/cp-tm1/cp_temp u genfscon sysfs /devices/platform/175b0000.serial/serial0/serial0-0/bluetooth/hci0/rfkill0/state u:object_r:sysfs_bluetooth_writable:s0 # ODPM +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-20/20-001f/s2mpg10-meter/s2mpg10-odpm/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/i2c-s2mpg10mfd/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-0/0-001f/s2mpg10-meter/s2mpg10-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 - -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/i2c-s2mpg11mfd/s2mpg11-meter/s2mpg11-odpm/wakeup u:object_r:sysfs_wakeup:s0 -genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-1/1-002f/s2mpg11-meter/s2mpg11-odpm/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device1/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/name u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/energy_value u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/sampling_rate u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/iio:device0/enabled_rails u:object_r:sysfs_odpm:s0 +genfscon sysfs /devices/platform/acpm_mfd_bus@17510000/i2c-21/21-002f/s2mpg11-meter/s2mpg11-odpm/wakeup u:object_r:sysfs_wakeup:s0 # bcl sysfs files genfscon sysfs /devices/virtual/pmic/mitigation u:object_r:sysfs_bcl:s0 @@ -276,15 +233,14 @@ genfscon sysfs /devices/platform/1c500000.mali/kprcs genfscon sysfs /devices/platform/1c500000.mali/power_policy u:object_r:sysfs_gpu:s0 # nvmem (Non Volatile Memory layer) -genfscon sysfs /devices/platform/10970000.hsi2c/i2c-7/7-0050/7-00500/nvmem u:object_r:sysfs_memory:s0 +genfscon sysfs /devices/platform/10970000.hsi2c/i2c-8/8-0050/8-00500/nvmem u:object_r:sysfs_memory:s0 # Broadcom genfscon sysfs /module/bcmdhd4389 u:object_r:sysfs_bcmdhd:s0 # Power Stats genfscon sysfs /devices/platform/cpif/modem/power_stats u:object_r:sysfs_power_stats:s0 -genfscon sysfs /devices/platform/10960000.hsi2c/i2c-6/i2c-st21nfc/power_stats u:object_r:sysfs_power_stats:s0 -genfscon sysfs /devices/platform/10960000.hsi2c/i2c-6/6-0008/power_stats u:object_r:sysfs_power_stats:s0 +genfscon sysfs /devices/platform/10960000.hsi2c/i2c-7/7-0008/power_stats u:object_r:sysfs_power_stats:s0 genfscon sysfs /devices/platform/11920000.pcie/power_stats u:object_r:sysfs_power_stats:s0 genfscon sysfs /devices/platform/14520000.pcie/power_stats u:object_r:sysfs_power_stats:s0 @@ -328,8 +284,7 @@ genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/hysteresis_time genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/trip_time u:object_r:sysfs_usbc_throttling_stats:s0 # Extcon -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/i2c-max77759tcpc/extcon u:object_r:sysfs_extcon:s0 -genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-8/8-0025/extcon u:object_r:sysfs_extcon:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/extcon u:object_r:sysfs_extcon:s0 # SecureElement genfscon sysfs /devices/platform/10950000.spi/spi_master/spi6/spi6.0/st33spi u:object_r:sysfs_st33spi:s0 From 3ad00c9539890fd9d99b69ef6f2ac631ff8a44bc Mon Sep 17 00:00:00 2001 From: Will McVicker Date: Fri, 16 Feb 2024 14:54:04 -0800 Subject: [PATCH 14/20] Update i2c sepolicy with new device names The new names fix uninformative kernel wakelock names. Bug: 315190967 Bug: 323447554 Change-Id: Iff6eccb677444357f867785f213dadd70fb649c1 --- whitechapel/vendor/google/genfs_contexts | 1 + 1 file changed, 1 insertion(+) diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 582ba6e7..efce278f 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -90,6 +90,7 @@ genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0069/power_supply/dc/w genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0069/power_supply/main-charger/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0069/wakeup/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/power_supply/tcpm-source-psy-12-0025/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/power_supply/tcpm-source-psy-i2c-max77759tcpc/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/power_supply/usb/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10d50000.hsi2c/i2c-12/12-0025/wakeup u:object_r:sysfs_wakeup:s0 From 7af07fe0e455d4fb18a60cfac24c8b2e6d2ee8a9 Mon Sep 17 00:00:00 2001 From: Peter Lin Date: Fri, 2 Feb 2024 01:03:20 +0000 Subject: [PATCH 15/20] add dsim wakeup labels Bug: 323086660 Bug: 321733124 test: ls sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/wakeup -Z Change-Id: Ic47c14713727de1639e456fb6b2f0fc7d9810dc6 --- tracking_denials/bug_map | 3 --- whitechapel/vendor/google/genfs_contexts | 3 +++ 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index 3b92d112..17fcff7d 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -9,9 +9,6 @@ kernel dm_device blk_file b/315907959 kernel tmpfs chr_file b/315907959 rfsd vendor_cbd_prop file b/317734418 surfaceflinger selinuxfs file b/313804340 -system_suspend sysfs dir b/323086660 -system_suspend sysfs dir b/323086679 -system_suspend sysfs dir b/323087054 untrusted_app nativetest_data_file dir b/305600845 untrusted_app shell_test_data_file dir b/305600845 untrusted_app system_data_root_file dir b/305600845 diff --git a/whitechapel/vendor/google/genfs_contexts b/whitechapel/vendor/google/genfs_contexts index 644251ca..70449f9b 100644 --- a/whitechapel/vendor/google/genfs_contexts +++ b/whitechapel/vendor/google/genfs_contexts @@ -148,6 +148,9 @@ genfscon sysfs /devices/platform/gpio_keys/wakeup genfscon sysfs /devices/platform/odm/odm:btbcm/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/sound-aoc/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/wakeup u:object_r:sysfs_wakeup:s0 + # Input genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.4.auto/usb2/2-1 u:object_r:sysfs_uhid:s0 genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.auto/usb2/2-1 u:object_r:sysfs_uhid:s0 From 40465c19883219645bd04f2ca2c772fa342b9fe8 Mon Sep 17 00:00:00 2001 From: Lei Ju Date: Sat, 17 Feb 2024 09:46:51 -0800 Subject: [PATCH 16/20] [gs101] Use common settings for Contexthub HAL The change also labeled files under /data/vendor/chre/ to grant required access. Test: compilation Bug: 248615564 Change-Id: I4db158853764987cf04dc7963ff79c680613f028 --- whitechapel/vendor/google/file.te | 1 + whitechapel/vendor/google/file_contexts | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/whitechapel/vendor/google/file.te b/whitechapel/vendor/google/file.te index 9e7f1fab..8c985555 100644 --- a/whitechapel/vendor/google/file.te +++ b/whitechapel/vendor/google/file.te @@ -49,6 +49,7 @@ type sysfs_nanoapp_cmd, sysfs_type, fs_type; type sysfs_fingerprint, sysfs_type, fs_type; # CHRE +type chre_data_file, file_type, data_file_type; type chre_socket, file_type; # BT diff --git a/whitechapel/vendor/google/file_contexts b/whitechapel/vendor/google/file_contexts index 0fb85403..40114760 100644 --- a/whitechapel/vendor/google/file_contexts +++ b/whitechapel/vendor/google/file_contexts @@ -235,9 +235,9 @@ /data/vendor/sensor(/.*)? u:object_r:sensor_vendor_data_file:s0 # Contexthub -/vendor/bin/hw/android\.hardware\.contexthub-service\.generic u:object_r:hal_contexthub_default_exec:s0 /(vendor|system/vendor)/bin/chre u:object_r:chre_exec:s0 /dev/socket/chre u:object_r:chre_socket:s0 +/data/vendor/chre(/.*)? u:object_r:chre_data_file:s0 # Modem logging /vendor/bin/modem_logging_control u:object_r:modem_logging_control_exec:s0 From dbac8fd52fbe391d0a27b35a803b212ecba8f278 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thi=C3=A9baud=20Weksteen?= Date: Wed, 21 Feb 2024 13:46:21 +1100 Subject: [PATCH 17/20] Remove persist.bootanim.color property definitions These now belong to the platform policy. Bug: 321088135 Test: build Change-Id: Iafe8da5e19a43807aed49e1984ef798de396e723 --- system_ext/private/property_contexts | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/system_ext/private/property_contexts b/system_ext/private/property_contexts index b8f09520..a8e90427 100644 --- a/system_ext/private/property_contexts +++ b/system_ext/private/property_contexts @@ -1,14 +1,8 @@ # Fingerprint (UDFPS) GHBM/LHBM toggle persist.fingerprint.ghbm u:object_r:fingerprint_ghbm_prop:s0 exact bool -# Boot animation dynamic colors -persist.bootanim.color1 u:object_r:bootanim_system_prop:s0 exact int -persist.bootanim.color2 u:object_r:bootanim_system_prop:s0 exact int -persist.bootanim.color3 u:object_r:bootanim_system_prop:s0 exact int -persist.bootanim.color4 u:object_r:bootanim_system_prop:s0 exact int - # Properties for euicc persist.modem.esim_profiles_exist u:object_r:esim_modem_prop:s0 exact string # Telephony -telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool \ No newline at end of file +telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool From 6f152690d9adcc3dff983b3bc6826bafecbab07a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Krzysztof=20Kosi=C5=84ski?= Date: Fri, 23 Feb 2024 03:00:08 +0000 Subject: [PATCH 18/20] Allow camera to acquire wakelocks. This is already allowed on all other Google chips and used for a face auth latency optimization. Fix: 303391687 Test: check logs on raven Change-Id: I6f70b70d1cf4c055ce9f3e76c1fca0ae0c3e070d --- tracking_denials/hal_camera_default.te | 2 -- whitechapel/vendor/google/hal_camera_default.te | 3 +++ 2 files changed, 3 insertions(+), 2 deletions(-) delete mode 100644 tracking_denials/hal_camera_default.te diff --git a/tracking_denials/hal_camera_default.te b/tracking_denials/hal_camera_default.te deleted file mode 100644 index 56a42a37..00000000 --- a/tracking_denials/hal_camera_default.te +++ /dev/null @@ -1,2 +0,0 @@ -#b/303391687 -dontaudit hal_camera_default hal_system_suspend_service:service_manager find ; diff --git a/whitechapel/vendor/google/hal_camera_default.te b/whitechapel/vendor/google/hal_camera_default.te index 8e0a8616..b488860d 100644 --- a/whitechapel/vendor/google/hal_camera_default.te +++ b/whitechapel/vendor/google/hal_camera_default.te @@ -111,3 +111,6 @@ dontaudit hal_camera_default traced_producer_socket:sock_file { write }; # Allow access to always-on compute device node allow hal_camera_default aoc_device:chr_file rw_file_perms; + +# Allow the Camera HAL to acquire wakelocks for buffer pre-allocation purposes +wakelock_use(hal_camera_default) From 303a4dd99b15745c02afb565fa9a630e87a68f45 Mon Sep 17 00:00:00 2001 From: Rubin Xu Date: Fri, 23 Feb 2024 12:12:26 +0000 Subject: [PATCH 19/20] Revert "Remove persist.bootanim.color property definitions" Revert submission 26301396-bootanim_prop Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/quarterdeck/?branch=git_main&target=sdk_goog3_x86_64-trunk_staging-userdebug&lkgb=11487950&lkbb=11488141&fkbb=11488141 Bug: 326521604 Reverted changes: /q/submissionid:26301396-bootanim_prop Change-Id: Ic931ad1f4f7580cae73355ba3419a7c7422cd580 --- system_ext/private/property_contexts | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/system_ext/private/property_contexts b/system_ext/private/property_contexts index a8e90427..b8f09520 100644 --- a/system_ext/private/property_contexts +++ b/system_ext/private/property_contexts @@ -1,8 +1,14 @@ # Fingerprint (UDFPS) GHBM/LHBM toggle persist.fingerprint.ghbm u:object_r:fingerprint_ghbm_prop:s0 exact bool +# Boot animation dynamic colors +persist.bootanim.color1 u:object_r:bootanim_system_prop:s0 exact int +persist.bootanim.color2 u:object_r:bootanim_system_prop:s0 exact int +persist.bootanim.color3 u:object_r:bootanim_system_prop:s0 exact int +persist.bootanim.color4 u:object_r:bootanim_system_prop:s0 exact int + # Properties for euicc persist.modem.esim_profiles_exist u:object_r:esim_modem_prop:s0 exact string # Telephony -telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool +telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool \ No newline at end of file From f0447fb52d67313d5716bc25697d4afa8247d66b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Thi=C3=A9baud=20Weksteen?= Date: Sun, 25 Feb 2024 23:58:44 +0000 Subject: [PATCH 20/20] Revert^2 "Remove persist.bootanim.color property definitions" 303a4dd99b15745c02afb565fa9a630e87a68f45 Change-Id: I237450825ef2aaf4681265aede03091ca2d76484 --- system_ext/private/property_contexts | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/system_ext/private/property_contexts b/system_ext/private/property_contexts index b8f09520..a8e90427 100644 --- a/system_ext/private/property_contexts +++ b/system_ext/private/property_contexts @@ -1,14 +1,8 @@ # Fingerprint (UDFPS) GHBM/LHBM toggle persist.fingerprint.ghbm u:object_r:fingerprint_ghbm_prop:s0 exact bool -# Boot animation dynamic colors -persist.bootanim.color1 u:object_r:bootanim_system_prop:s0 exact int -persist.bootanim.color2 u:object_r:bootanim_system_prop:s0 exact int -persist.bootanim.color3 u:object_r:bootanim_system_prop:s0 exact int -persist.bootanim.color4 u:object_r:bootanim_system_prop:s0 exact int - # Properties for euicc persist.modem.esim_profiles_exist u:object_r:esim_modem_prop:s0 exact string # Telephony -telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool \ No newline at end of file +telephony.ril.silent_reset u:object_r:telephony_ril_prop:s0 exact bool