Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2923 commits 1 branch 0 tags 494 MiB
Commit graph

2923 commits

This branch
This branch
All branches
Author SHA1 Message Date
Lucas Wei
0278f60839 Merge "votable: update SEpolicy error" into tm-qpr-dev 2022-10-24 09:07:24 +00:00
Lucas Wei
4a487ac890 Merge "sepolicy: fix odpm avc denials" into tm-qpr-dev 2022-10-24 09:07:24 +00:00
Sam Ou
0127869bfd sepolicy: fix odpm avc denials 
add wakeup permissions for odpm driver
since we update acc_data based on alarmtimer

Bug: 250813284
Change-Id: Id7f70d02475a03e53a206dde3b8efa584cacef85
Merged-In: Id7f70d02475a03e53a206dde3b8efa584cacef85
Signed-off-by: Sam Ou <samou@google.com>
Signed-off-by: Lucas Wei <lucaswei@google.com>
 2022-10-24 05:03:01 +00:00
Lucas Wei
91960cb2d7 votable: update SEpolicy error 
Bug: 247905787
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: Ia6dfb7796ab46b0ac339b98465ccd91624b655ed
Merged-In: Ia6dfb7796ab46b0ac339b98465ccd91624b655ed
 2022-10-23 15:25:20 +00:00
Chungjui Fan
8d802db37a sepolicy: gs101: allow fastbootd to access gsc device node 
avc:  denied  { getattr } for  pid=469 comm="fastbootd"
path="/dev/gsc0" dev="tmpfs" ino=470 scontext=u:r:fastbootd:s0
tcontext=u:object_r:citadel_device:s0
tclass=chr_file permissive=0

Bug: 248301125

Change-Id: Ic1aec8874636437b9b8d795b46fae72fa8533302
Signed-off-by: Chungjui Fan <chungjuifan@google.com>
 2022-10-17 12:26:10 +00:00
Jinting Lin
d255ed1576 Merge "Allows modem_svc to read the logging related properties" into tm-qpr-dev 2022-09-22 14:30:32 +00:00
Eden Su
c3c4aa626b Merge changes from topic "gs101_network_access" into tm-qpr-dev 
* changes:
  Sepolicy: add permission to allow create, connect udp socket
  sepolicy: gs101: allowed permissions required for network access
 2022-09-20 00:34:18 +00:00
jintinglin
9a4545eafa Allows modem_svc to read the logging related properties 
avc: denied { read } for comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=347 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 243039758
Change-Id: I80a6971a2c3e09320e780d1eff24e040cd8b3541
 2022-09-19 05:31:09 +00:00
Hana Kim
060b562310 Sepolicy: add permission to allow create, connect udp socket 
Bug: 226412527
Test: The tester verified IMS didn't crash and no avc denied log
Signed-off-by: Hana Kim <hanaa.kim@samsung.com>
Change-Id: Id9ba79ba87010326c53b6aec408e5cdb291122a6
Merged-In: Id9ba79ba87010326c53b6aec408e5cdb291122a6
 2022-09-19 04:58:00 +00:00
Jinhee Kim
908a8fcf14 sepolicy: gs101: allowed permissions required for network access 
avc: denied { write } for comm="Thread-102" name="dnsproxyd" dev="tmpfs" ino=1022 scontext=u:r:vendor_ims_app:s0:c251,c256,c512,c768 tcontext=u:object_r:dnsproxyd_socket:s0 tclass=sock_file permissive=0 app=com.shannon.imsservice
avc: denied { node_bind } for comm="Thread-102" src=50174 scontext=u:r:vendor_ims_app:s0:c251,c256,c512,c768 tcontext=u:object_r:node:s0 tclass=udp_socket permissive=0 app=com.shannon.imsservice

Bug: 242231557
Test: The tester verified IMS didn't crash and no avc denied log
Change-Id: Icc3762cef7f9766d845f1e1a56af1315fc97163b
Signed-off-by: Jinhee Kim <jinhee.k@samsung.com>
Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
Merged-In: Icc3762cef7f9766d845f1e1a56af1315fc97163b
 2022-09-16 08:51:52 +00:00
Estefany Torres
0ec93ed8cd Merge "Add rules for letting logger app send the command to ril" into tm-qpr-dev 2022-09-15 14:09:07 +00:00
TreeHugger Robot
75f908a8ed Merge "aoc: add audio property for pixellogger update control" into tm-qpr-dev 2022-09-14 01:48:40 +00:00
Estefany Torres
7b5ed95fdd Add rules for letting logger app send the command to ril 
08-31 23:40:57.354   458   458 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c252,c256,c512,c768 pid=2901 scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
09-01 00:08:19.600  2881  2881 W oid.pixellogger: type=1400 audit(0.0:10): avc: denied { call } for scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.android.pixellogger

Bug: 241412942
Test: tested in C10 with pixel logger change
Change-Id: Idcd693790d654d0a9b7aba46a41764d65867a61c
 2022-09-09 17:35:19 +00:00
JJ Lee
f07279785d sepolicy: add nodes for aoc memory votes stats 
Bug: 223674292
Test: build pass, not blocking bugreport
Change-Id: I4732c8b3271f553edc423ac115eb8a6afaebff37
Signed-off-by: JJ Lee <leejj@google.com>
 2022-09-07 11:45:18 +00:00
Roger Fang
a8eab1aaaf sepolicy: add permission for AMS rate of pixelstats-vend 
I pixelstats-vend: type=1400 audit(0.0:1025): avc: denied { read } for name="ams_rate_read_once" dev="sysfs" ino=79714 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
I pixelstats-vend: type=1400 audit(0.0:1026): avc: denied { open } for path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs" ino=79714 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:1027): avc: denied { getattr } for path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs" ino=79714 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 239508478
Test: Manually test passed

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: I5c47003bed664f2cd9b6fe3630a6445aca27d10d
 2022-08-30 04:36:41 +00:00
Robb Glasser
4b4afb2eea Give permissions to save usf stats and dump them in bugreports. 
Creating a mechanism to save some USF stat history to device and pipe it
to bugreports. Granting permissions so that this can work.

Bug: 242320914
Test: Stats save and are visible in a bugreport.
Change-Id: Ia1973800ed053f54da043d306e11c0a7b10132a7
 2022-08-24 22:39:16 +00:00
yixuanjiang
0bbfb98cac aoc: add audio property for pixellogger update control 
Bug: 241059471
Test: local verify
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: I13df2ea88b884756d3a872da545e877ed6b1e033
 2022-08-08 03:48:21 +00:00
Bruce Po
1673f21545 Allow aocd to access acd-offload nodes 
For 3-ch hotword feature, aocd daemon will access two new file nodes
(b/235648212), which will be used for transmitting audio to/from AOC.

BUG: 240744178
Change-Id: Ie0a9403d0dca06befdb807067adb9babc4f28bfc
 2022-08-02 06:29:42 +00:00
Roger Liao
5ea60d6348 Fix build break if BOARD_WITHOUT_RADIO 
Fix ERROR 'unknown type radio_vendor_data_file'

Bug: 235907512
Change-Id: I55e88c9364b42db262c057a2aa85816944c1c761
 2022-07-28 17:59:28 +08:00
matthuang
c96220c282 Add security context for com.google.usf.non_wake_up/wakeup. 
Bug: 195077076
Test: Confirm there is no avc denied log.
Change-Id: I8600283d9ff2ebcb45df95e5259484a60921fb1a
 2022-07-18 15:12:45 +08:00
SalmaxChang
2455329536 hal_dumpstate_default: fix avc error 
avc: denied { search } for comm="dumpstate@1.1-s" name="modem_stat" dev="dm-44" ino=341 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:modem_stat_data_file:s0 tclass=dir

Bug: 235963885
Change-Id: Ib9625eefc367738bcd6594884b1f3b5e3ab5be54
Merged-In: Ib9625eefc367738bcd6594884b1f3b5e3ab5be54
 2022-07-08 03:24:01 +00:00
TreeHugger Robot
59d6e09682 Merge "Add acd-com.google.usf.non_wake_up file to AoC file context." into tm-qpr-dev 2022-07-01 02:15:21 +00:00
SalmaxChang
a9157994c3 modem_svc: Fix avc error 
avc: denied { write } for comm="modem_svc_sit" name="modem_stat" dev="dm-42" ino=331 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 234844823
Change-Id: I51db41d73be317cc7fc84981ac5f04e254a360d0
Merged-In: I51db41d73be317cc7fc84981ac5f04e254a360d0
 2022-06-22 04:21:37 +00:00
TreeHugger Robot
263a6b0f8a Merge "allow rlsservice read vendor camera property" into tm-dev am: b20c0652ad am: 2948419ca7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18849046

Change-Id: Ia303c50a81833a4abe489682f9ce4755f5660a88
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:36:40 +00:00
TreeHugger Robot
2948419ca7 Merge "allow rlsservice read vendor camera property" into tm-dev am: b20c0652ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18849046

Change-Id: Ibe17ec9f6c2a396dc5f7b6e35e1b07b3b6b3356a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:19:33 +00:00
TreeHugger Robot
b20c0652ad Merge "allow rlsservice read vendor camera property" into tm-dev 2022-06-16 12:02:28 +00:00
matthuang
bf1333f881 Add acd-com.google.usf.non_wake_up file to AoC file context. 
Bug: 195077076
Test: ls -lZ dev/acd-com.google.usf.non_wake_up
Change-Id: If9add3528bde47a618bd884ce28121b6fa32754c
 2022-06-14 10:00:35 +00:00
JimiChen
143668225a allow rlsservice read vendor camera property 
Bug: 233020488
Test: no avc denied
Change-Id: I96dee4482d4c0ff5b7852db635dc100a7ea4874c
 2022-06-11 15:39:19 +08:00
Krzysztof Kosiński
fd0bf19589 gs101: Add dontaudit statements to camera HAL policy. am: fbcf66a04a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18817845

Change-Id: Ib4b8f284129e9c32dc5c4d4a145634f46ea346eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:04:37 +00:00
Krzysztof Kosiński
fbcf66a04a gs101: Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Fix: 178980085
Fix: 180567725
Fix: 218585004
Test: build & camera check on raven
Change-Id: I3f3a1f64d403182d4f592f1cacc6ef8d1418062d
(cherry picked from commit b71d24d62c)
 2022-06-09 20:53:05 +00:00
Jidong Sun
4f67f60276 gs101: Allow BootControl to access sysfs blow_ar am: f276625942 am: 1745c41b8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18740593

Change-Id: I8629636e059bf5c2a58c1c91dd10c9a1da7b2109
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 21:23:49 +00:00
Jidong Sun
1745c41b8a gs101: Allow BootControl to access sysfs blow_ar am: f276625942 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18740593

Change-Id: Idb48be108f2ebc98d802edf93e13d4359d164821
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-08 20:32:07 +00:00
Jidong Sun
f276625942 gs101: Allow BootControl to access sysfs blow_ar 
Bug: 232277507
Signed-off-by: Jidong Sun <jidong@google.com>
Change-Id: I120672722a5ab8b5cadf0dce6d872e00c9fae642
 2022-06-04 01:23:40 +00:00
George Chang
16cc944791 Merge "Update nfc from hidl to aidl service" into tm-qpr-dev 2022-06-01 06:19:39 +00:00
Kyle Tso
5cd6559689 Add logbuffer_pogo_transfer file_contexts am: 7347d18b73 am: caa8dc57b3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18400416

Change-Id: I181abe83407195830c74490f4f5ca9790f1925c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 01:25:51 +00:00
Kyle Tso
caa8dc57b3 Add logbuffer_pogo_transfer file_contexts am: 7347d18b73 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18400416

Change-Id: Ie065459ae6edfb07701cc5d53758f248f6e0ea3c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 00:53:51 +00:00
Kyle Tso
7347d18b73 Add logbuffer_pogo_transfer file_contexts 
Bug: 232556226
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: I1037d39f4187807e6aa9753339fae29e3bc89359
Merged-In: I1037d39f4187807e6aa9753339fae29e3bc89359
 2022-05-21 15:25:58 +00:00
Joner Lin
41026aeae6 Merge "Grant policy for BluetoothHal Extionsion feature" into tm-dev am: 5a222bc64e am: 9955721f73 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18349808

Change-Id: I513959f3ff0e5d1bcb81257538281e2b40f473af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 12:54:05 +00:00
Joner Lin
9955721f73 Merge "Grant policy for BluetoothHal Extionsion feature" into tm-dev am: 5a222bc64e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18349808

Change-Id: If769c5b2f24bbb04f842c65e1e71bf21e86c4078
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-20 12:20:46 +00:00
Joner Lin
5a222bc64e Merge "Grant policy for BluetoothHal Extionsion feature" into tm-dev 2022-05-20 05:06:32 +00:00
jonerlin
9f214e0453 Grant policy for BluetoothHal Extionsion feature 
Bug: 228943442
Test: Manually
Change-Id: I00b37c1f74ca9b904df2319d2c58d34228e9678b
 2022-05-19 09:59:56 +08:00
George Chang
d479f730b0 Update nfc from hidl to aidl service 
Bug: 216290344
Test: atest NfcNciInstrumentationTests
Test: atest VtsAidlHalNfcTargetTest
Merged-In: I288474f691670655516728fe0e164a3e5689875c
Change-Id: I288474f691670655516728fe0e164a3e5689875c
 2022-05-17 04:14:57 +00:00
TreeHugger Robot
a48761315f Merge "Allow mediacodec to access vendor_data_file" into tm-dev am: c0d38cbc9f am: ed1ec96363 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18186340

Change-Id: I294f324c4c26521cb7d8553e6127281826c30a1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:44 +00:00
TreeHugger Robot
ed1ec96363 Merge "Allow mediacodec to access vendor_data_file" into tm-dev am: c0d38cbc9f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18186340

Change-Id: Iffeee5071854c1f2af2cad5c7a5783421980b153
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:49:23 +00:00
TreeHugger Robot
c0d38cbc9f Merge "Allow mediacodec to access vendor_data_file" into tm-dev 2022-05-13 09:24:01 +00:00
Lily Lin
ca85474dbe Merge "Add selinux permissions to r/w sysfs st33spi_state" into tm-dev am: e910a12468 am: 5389123249 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17988448

Change-Id: I619b1afeebbe51d58ba0b60fbe3dc2ac3733bc23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-11 02:25:08 +00:00
Will McVicker
3dbfde7852 genfs_contexts: fix more i2c raw paths am: 9cbc9eceec am: 6c256f9fee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18192191

Change-Id: I4e9c3bf9cbe7e3d5d34fa0bda3d4260cc40cc479
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-11 02:25:02 +00:00
Lily Lin
5389123249 Merge "Add selinux permissions to r/w sysfs st33spi_state" into tm-dev am: e910a12468 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17988448

Change-Id: Ib4dd93e176fe6bf1ead64e4ed55999d4afa2fd59
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-11 01:58:06 +00:00
Will McVicker
6c256f9fee genfs_contexts: fix more i2c raw paths am: 9cbc9eceec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18192191

Change-Id: Ia370a2ce14f323d16f3e34a8e4d0ef9ff9fd12d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-11 01:57:53 +00:00
Lily Lin
e910a12468 Merge "Add selinux permissions to r/w sysfs st33spi_state" into tm-dev 2022-05-11 01:22:36 +00:00