Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge tm-qpr-dev-plus-aosp-without-vendor@9129937

Browse source 
Bug: 248070379
Merged-In: Icc3762cef7f9766d845f1e1a56af1315fc97163b
Change-Id: Ic16e04d8670d4e1607d8c64c39cd6376aceed1ba
This commit is contained in:
Xin Li 2022-10-06 12:00:25 -07:00
commit b36d9e6b41
16 changed files with 52 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

4
edgetpu/hal_neuralnetworks_darwinn.te
View file

@ -47,3 +47,7 @@ allow hal_neuralnetworks_darwinn sysfs_edgetpu:file r_file_perms;
# Allows the NNAPI HAL to access the edgetpu_app_service # Allows the NNAPI HAL to access the edgetpu_app_service
allow hal_neuralnetworks_darwinn edgetpu_app_service:service_manager find; allow hal_neuralnetworks_darwinn edgetpu_app_service:service_manager find;
binder_call(hal_neuralnetworks_darwinn, edgetpu_app_server); binder_call(hal_neuralnetworks_darwinn, edgetpu_app_server);
# Allow NNAPI HAL to send trace packets to Perfetto with SELinux enabled
# under userdebug builds.
userdebug_or_eng(`perfetto_producer(hal_neuralnetworks_darwinn)')

5
telephony/user/file.te
View file

@ -1,5 +0,0 @@
# Radio
type radio_vendor_data_file, file_type, data_file_type;
userdebug_or_eng(`
typeattribute radio_vendor_data_file mlstrustedobject;
')

2
telephony/user/file_contexts
View file

@ -1,5 +1,3 @@
# ECC List # ECC List
/vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0 /vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0
# Radio files.
/data/vendor/radio(/.*)? u:object_r:radio_vendor_data_file:s0

5
tracking_denials/hal_camera_default.te
View file

@ -1,5 +0,0 @@
# b/178980085
dontaudit hal_camera_default system_data_file:dir { search };
# b/180567725
dontaudit hal_camera_default traced:unix_stream_socket { connectto };
dontaudit hal_camera_default traced_producer_socket:sock_file { write };

4
usf/file.te
View file

@ -10,3 +10,7 @@ type persist_sensor_reg_file, file_type, vendor_persist_type;
# end with "data_file". # end with "data_file".
type sensor_reg_data_file, file_type, data_file_type; type sensor_reg_data_file, file_type, data_file_type;
# Declare the sensor debug data file type. By convention, data file types
# end with "data_file".
type sensor_debug_data_file, file_type, data_file_type;

2
usf/file_contexts
View file

@ -8,3 +8,5 @@
# Sensor registry data files. # Sensor registry data files.
/data/vendor/sensors/registry(/.*)? u:object_r:sensor_reg_data_file:s0 /data/vendor/sensors/registry(/.*)? u:object_r:sensor_reg_data_file:s0
# Sensor debug data files.
/data/vendor/sensors/debug(/.*)? u:object_r:sensor_debug_data_file:s0

6
usf/sensor_hal.te
View file

@ -12,6 +12,12 @@ r_dir_file(hal_sensors_default, persist_camera_file)
allow hal_sensors_default sensor_reg_data_file:dir rw_dir_perms; allow hal_sensors_default sensor_reg_data_file:dir rw_dir_perms;
allow hal_sensors_default sensor_reg_data_file:file create_file_perms; allow hal_sensors_default sensor_reg_data_file:file create_file_perms;
userdebug_or_eng(`
# Allow creation and writing of sensor debug data files.
allow hal_sensors_default sensor_debug_data_file:dir rw_dir_perms;
allow hal_sensors_default sensor_debug_data_file:file create_file_perms;
')
# Allow access to the AoC communication driver. # Allow access to the AoC communication driver.
allow hal_sensors_default aoc_device:chr_file rw_file_perms; allow hal_sensors_default aoc_device:chr_file rw_file_perms;

6
whitechapel/vendor/google/file.te vendored
View file

@ -212,3 +212,9 @@ type sysfs_trusty, sysfs_type, fs_type;
# BootControl # BootControl
type sysfs_bootctl, sysfs_type, fs_type; type sysfs_bootctl, sysfs_type, fs_type;
# Radio
type radio_vendor_data_file, file_type, data_file_type;
userdebug_or_eng(`
typeattribute radio_vendor_data_file mlstrustedobject;
')

6
whitechapel/vendor/google/file_contexts vendored
View file

@ -285,7 +285,7 @@
/vendor/bin/hw/disable_contaminant_detection\.sh u:object_r:disable-contaminant-detection-sh_exec:s0 /vendor/bin/hw/disable_contaminant_detection\.sh u:object_r:disable-contaminant-detection-sh_exec:s0
# NFC # NFC
/(vendor|system/vendor)/bin/hw/android\.hardware\.nfc@1\.2-service\.st u:object_r:hal_nfc_default_exec:s0 /(vendor|system/vendor)/bin/hw/android\.hardware\.nfc-service\.st u:object_r:hal_nfc_default_exec:s0
/dev/st21nfc u:object_r:nfc_device:s0 /dev/st21nfc u:object_r:nfc_device:s0
/data/nfc(/.*)? u:object_r:nfc_data_file:s0 /data/nfc(/.*)? u:object_r:nfc_data_file:s0
@ -319,6 +319,8 @@
/dev/acd-debug u:object_r:aoc_device:s0 /dev/acd-debug u:object_r:aoc_device:s0
/dev/acd-audio_tap[0-9]* u:object_r:aoc_device:s0 /dev/acd-audio_tap[0-9]* u:object_r:aoc_device:s0
/dev/acd-audio_dcdoff_ref u:object_r:aoc_device:s0 /dev/acd-audio_dcdoff_ref u:object_r:aoc_device:s0
/dev/acd-audio_ap_offload_rx u:object_r:aoc_device:s0
/dev/acd-audio_ap_offload_tx u:object_r:aoc_device:s0
/dev/amcs u:object_r:amcs_device:s0 /dev/amcs u:object_r:amcs_device:s0
# AudioMetric # AudioMetric
@ -434,3 +436,5 @@
# Raw HID device # Raw HID device
/dev/hidraw[0-9]* u:object_r:hidraw_device:s0 /dev/hidraw[0-9]* u:object_r:hidraw_device:s0
# Radio files.
/data/vendor/radio(/.*)? u:object_r:radio_vendor_data_file:s0

4
whitechapel/vendor/google/genfs_contexts vendored
View file

@ -14,7 +14,8 @@ genfscon sysfs /devices/platform/19000000.aoc/control/audio_wakeup u:ob
genfscon sysfs /devices/platform/19000000.aoc/control/logging_wakeup u:object_r:sysfs_aoc_dumpstate:s0 genfscon sysfs /devices/platform/19000000.aoc/control/logging_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/hotword_wakeup u:object_r:sysfs_aoc_dumpstate:s0 genfscon sysfs /devices/platform/19000000.aoc/control/hotword_wakeup u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/memory_exception u:object_r:sysfs_aoc_dumpstate:s0 genfscon sysfs /devices/platform/19000000.aoc/control/memory_exception u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes u:object_r:sysfs_aoc_dumpstate:s0 genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes_a32 u:object_r:sysfs_aoc_dumpstate:s0
genfscon sysfs /devices/platform/19000000.aoc/control/memory_votes_ff1 u:object_r:sysfs_aoc_dumpstate:s0
# WiFi # WiFi
genfscon sysfs /wifi u:object_r:sysfs_wifi:s0 genfscon sysfs /wifi u:object_r:sysfs_wifi:s0
@ -486,6 +487,7 @@ genfscon sysfs /devices/platform/audiometrics/speaker_temp u:object_
genfscon sysfs /devices/platform/audiometrics/mic_broken_degrade u:object_r:sysfs_pixelstats:s0 genfscon sysfs /devices/platform/audiometrics/mic_broken_degrade u:object_r:sysfs_pixelstats:s0
genfscon sysfs /devices/platform/audiometrics/codec_crashed_counter u:object_r:sysfs_pixelstats:s0 genfscon sysfs /devices/platform/audiometrics/codec_crashed_counter u:object_r:sysfs_pixelstats:s0
genfscon sysfs /devices/platform/audiometrics/hwinfo_part_number u:object_r:sysfs_pixelstats:s0 genfscon sysfs /devices/platform/audiometrics/hwinfo_part_number u:object_r:sysfs_pixelstats:s0
genfscon sysfs /devices/platform/audiometrics/ams_rate_read_once u:object_r:sysfs_pixelstats:s0
# SJTAG # SJTAG
genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0 genfscon sysfs /devices/platform/sjtag_ap/interface u:object_r:sysfs_sjtag:s0

8
whitechapel/vendor/google/hal_camera_default.te vendored
View file

@ -96,3 +96,11 @@ allow hal_camera_default proc_interrupts:file r_file_perms;
# Allow camera HAL to send trace packets to Perfetto # Allow camera HAL to send trace packets to Perfetto
userdebug_or_eng(`perfetto_producer(hal_camera_default)') userdebug_or_eng(`perfetto_producer(hal_camera_default)')
# Some file searches attempt to access system data and are denied.
# This is benign and can be ignored.
dontaudit hal_camera_default system_data_file:dir { search };
# google3 prebuilts attempt to connect to the wrong trace socket, ignore them.
dontaudit hal_camera_default traced:unix_stream_socket { connectto };
dontaudit hal_camera_default traced_producer_socket:sock_file { write };

4
whitechapel/vendor/google/hal_dumpstate_default.te vendored
View file

@ -35,6 +35,10 @@ allow hal_dumpstate_default vendor_log_file:dir search;
allow hal_dumpstate_default vendor_usf_stats:file execute_no_trans; allow hal_dumpstate_default vendor_usf_stats:file execute_no_trans;
allow hal_dumpstate_default vendor_usf_reg_edit:file execute_no_trans; allow hal_dumpstate_default vendor_usf_reg_edit:file execute_no_trans;
allow hal_dumpstate_default vendor_dumpsys:file execute_no_trans; allow hal_dumpstate_default vendor_dumpsys:file execute_no_trans;
userdebug_or_eng(`
allow hal_dumpstate_default sensor_debug_data_file:dir r_dir_perms;
allow hal_dumpstate_default sensor_debug_data_file:file r_file_perms;
')
allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:dir r_dir_perms; allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:file r_file_perms; allow hal_dumpstate_default sscoredump_vendor_data_crashinfo_file:file r_file_perms;

4
whitechapel/vendor/google/logger_app.te vendored
View file

@ -5,6 +5,10 @@ userdebug_or_eng(`
allow logger_app vendor_gps_file:file create_file_perms; allow logger_app vendor_gps_file:file create_file_perms;
allow logger_app vendor_gps_file:dir create_dir_perms; allow logger_app vendor_gps_file:dir create_dir_perms;
allow logger_app sysfs_sscoredump_level:file r_file_perms; allow logger_app sysfs_sscoredump_level:file r_file_perms;
allow logger_app hal_exynos_rild_hwservice:hwservice_manager find;
binder_call(logger_app, rild)
r_dir_file(logger_app, ramdump_vendor_data_file) r_dir_file(logger_app, ramdump_vendor_data_file)
r_dir_file(logger_app, sscoredump_vendor_data_coredump_file) r_dir_file(logger_app, sscoredump_vendor_data_coredump_file)
r_dir_file(logger_app, sscoredump_vendor_data_crashinfo_file) r_dir_file(logger_app, sscoredump_vendor_data_crashinfo_file)

3
whitechapel/vendor/google/modem_svc_sit.te vendored
View file

@ -27,3 +27,6 @@ get_prop(modem_svc_sit, vendor_rild_prop)
# hwservice permission # hwservice permission
allow modem_svc_sit hal_exynos_rild_hwservice:hwservice_manager find; allow modem_svc_sit hal_exynos_rild_hwservice:hwservice_manager find;
get_prop(modem_svc_sit, hwservicemanager_prop) get_prop(modem_svc_sit, hwservicemanager_prop)
# logging property
get_prop(modem_svc_sit, vendor_logger_prop)

2
whitechapel/vendor/google/property_contexts vendored
View file

@ -61,6 +61,8 @@ vendor.audiodump.log.ondemand u:object_r:vendor_audio_prop:s0
vendor.audiodump.log.config u:object_r:vendor_audio_prop:s0 vendor.audiodump.log.config u:object_r:vendor_audio_prop:s0
vendor.audiodump.output.dir u:object_r:vendor_audio_prop:s0 vendor.audiodump.output.dir u:object_r:vendor_audio_prop:s0
vendor.audiodump.encode.disable u:object_r:vendor_audio_prop:s0 vendor.audiodump.encode.disable u:object_r:vendor_audio_prop:s0
vendor.audiodump.log.cca.updated u:object_r:vendor_audio_prop:s0
vendor.audiodump.cca.config u:object_r:vendor_audio_prop:s0
# for display # for display

1
whitechapel/vendor/google/rild.te vendored
View file

@ -26,6 +26,7 @@ binder_call(rild, modem_svc_sit)
binder_call(rild, vendor_ims_app) binder_call(rild, vendor_ims_app)
binder_call(rild, vendor_rcs_app) binder_call(rild, vendor_rcs_app)
binder_call(rild, oemrilservice_app) binder_call(rild, oemrilservice_app)
binder_call(rild, logger_app)
# for hal service # for hal service
add_hwservice(rild, hal_exynos_rild_hwservice) add_hwservice(rild, hal_exynos_rild_hwservice)