Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1457 commits 1 branch 0 tags 494 MiB
Commit graph

1457 commits

This branch
This branch
All branches
Author SHA1 Message Date
Bart Van Assche
07751567ad Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 am: ea25044059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I5d46eab501e1ce290570a69dde5450813eff0bf0
 2021-08-18 01:20:15 +00:00
Bart Van Assche
ea25044059 Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I0ca50d490ad5aa49bcc2f1c7db52f5b81a44dcd2
 2021-08-18 00:56:43 +00:00
Bart Van Assche
239bcceb78 Add the 'bdev_type' attribute to all block device types am: 37b5741301 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I19d709e960fe8ccf066bdbd20dc6817ee20e55d0
 2021-08-18 00:34:10 +00:00
Bart Van Assche
37b5741301 Add the 'bdev_type' attribute to all block device types 
The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9

The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947

The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.

Bug: 194450129
Bug: 196982345
Test: Built Android images that include this change and verified that neither init nor apexd triggers any SELinux access denied errors.
Change-Id: I6ce1127f199c5b33812f15fe280d86594d7d7ebf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-08-17 15:23:23 -07:00
Edmond Chung
eb1a9fd509 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 am: 36f756e44b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I27bc0b77a3438fcaf6cbdf209945f6c7a360771c
 2021-08-16 22:45:38 +00:00
Edmond Chung
4ee5ff59a0 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 am: 07fbe5b0d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I91b59573968bb3ad15f7785ac155809ae9a7cfdc
 2021-08-16 22:45:01 +00:00
Edmond Chung
ff5c485ddc Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: d5f9036c8e am: 9bde9324fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I90884f92df1e42fa5b60ad47e914ed1460b40c04
 2021-08-16 22:44:58 +00:00
Edmond Chung
07fbe5b0d8 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Ia7663a410cd3ffcbb554dc653c2470e53efa2f4b
 2021-08-16 22:32:00 +00:00
Edmond Chung
36f756e44b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Id66f403466d50ea3beb4663cc137e551a92e16f3
 2021-08-16 22:32:00 +00:00
Edmond Chung
9bde9324fe Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: d5f9036c8e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Ib347e1a8fbee1822542adf48a03f92dbdac3a302
 2021-08-16 22:31:40 +00:00
Edmond Chung
c45a1b5828 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I97f8f143230d13f64b34ee11c7a46cfcc5f2f3f9
 2021-08-16 22:17:00 +00:00
Edmond Chung
d5f9036c8e Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Icf58b2d5fef01a62ef5ec8c5009690224a15a939
 2021-08-16 22:16:13 +00:00
Edmond Chung
7e581b9a7b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev 2021-08-16 22:01:46 +00:00
Edmond Chung
6b30dbc54c gs101: Allow camera HAL to access interrupt handles 
This is to allow camera HAL to modify IRQ affinity for different use
cases.

Bug: 196058977
Test: Camera use cases
Change-Id: I498b0ac763b735d05299e1f4b09de14e131fd6e3
 2021-08-16 10:52:27 -07:00
Rick Yiu
6ce26f4ea0 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d am: 9c7ca5fdd3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I005a8c793d4d8919a1b8cb74528bb7063a7498cb
 2021-08-16 14:26:27 +00:00
Rick Yiu
c3a47b14d5 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d am: d2f6cfc831 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I64c32ca8b100ae5de316130875593ad6e1753744
 2021-08-16 14:26:05 +00:00
Rick Yiu
7b0fa572c3 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 7b8fe23d74 am: fa5d13d6e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: Ia05c12145187f2500010827b6e28ce5b56039511
 2021-08-16 14:25:57 +00:00
Rick Yiu
9c7ca5fdd3 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I59e7baee2e2c5a80d53b5a6f5c8712a2b09a36d3
 2021-08-16 14:11:45 +00:00
Rick Yiu
d2f6cfc831 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: Ie4daa316c73721aa8cb9d87d262ba754fd926356
 2021-08-16 14:11:43 +00:00
Rick Yiu
fa5d13d6e1 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 7b8fe23d74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I2837b12374957c35725af2f4aed49ada200810ff
 2021-08-16 14:11:31 +00:00
Rick Yiu
1f4c69a11d gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I54a069f83c389b69a73d9d4d64a34177ba652d1c
 2021-08-16 13:54:58 +00:00
Rick Yiu
7b8fe23d74 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I1870542193c2b06de1f1e53f38e84fb800a74839
 2021-08-16 13:54:01 +00:00
Rick Yiu
2ef3daba50 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials 
Use untrusted_app_all to cover all Use untrusted_app versions.

Bug: 196109806
Test: no untrusted_app denials for vendor_sched
Change-Id: Ic6426b26b8a05f8a0bc7e2a4a4a293b2988812d3
 2021-08-16 13:40:32 +00:00
Victor Liu
9d0c136cf6 allow uwb hal sys_nice access am: 39b5815a1e am: 9d2d70e09b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: I64e3b902d5a83a50d296439779dc252f159ba66d
 2021-08-13 23:39:35 +00:00
Victor Liu
2fdbcbea3e uwb: allow uwb to access the radio service am: 0c429efc07 am: e4ee9723f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15521660

Change-Id: Ie3cb7e9c74f07966c249bf67e50a80af810f6e38
 2021-08-13 23:34:11 +00:00
Victor Liu
ecceee1ddc allow uwb hal sys_nice access am: 39b5815a1e am: 21d74ff50f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: Ie7d5132a50e0d0f7e8db35d512a70ef6b932ab68
 2021-08-13 22:07:02 +00:00
Victor Liu
243649da79 uwb: allow uwb to access the radio service am: 0c429efc07 am: 19b1a2feef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15521660

Change-Id: I264015c73d5a4a61712726192c7ee3160704dc02
 2021-08-13 21:31:06 +00:00
Victor Liu
9d2d70e09b allow uwb hal sys_nice access am: 39b5815a1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: Ib8b61cc66bd2919360e05434f147f495fcacb156
 2021-08-13 02:41:53 +00:00
Victor Liu
21d74ff50f allow uwb hal sys_nice access am: 39b5815a1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: Ib6d841a96f4ce29a077ec11d10d411e985b110f0
 2021-08-13 02:41:52 +00:00
Victor Liu
39b5815a1e allow uwb hal sys_nice access 
hardware.qorvo.: type=1400 audit(0.0:9): avc: denied { sys_nice } for capability=23 scontext=u:r:hal_uwb_default:s0 tcontext=u:r:hal_uwb_default:s0 tclass=capability permissive=0
hardware.qorvo.: type=1400 audit(0.0:9): avc: denied { setsched } for scontext=u:r:hal_uwb_default:s0 tcontext=u:r:kernel:s0 tclass=process permissive=0

Bug: 196438549
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I742bae701cfcc7b4842cd63abbc8c275d82c8ba1
 2021-08-12 16:11:06 -07:00
Victor Liu
19b1a2feef uwb: allow uwb to access the radio service am: 0c429efc07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15521660

Change-Id: I9814b50afb037f6ac6405d3bcc16b3b10723fa3a
 2021-08-12 21:57:11 +00:00
Victor Liu
e4ee9723f4 uwb: allow uwb to access the radio service am: 0c429efc07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15521660

Change-Id: I4bc3d385c8895137bf62640c06592907ccd495b0
 2021-08-12 21:57:10 +00:00
Victor Liu
0c429efc07 uwb: allow uwb to access the radio service 
07-07 18:28:28.391   409   409 E SELinux : avc:  denied  { find } for pid=4609 uid=1083 name=isub scontext=u:r:uwb_vendor_app:s0:c59,c260,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=0

Bug: 192833779
Test: on device, no avc denied message
Change-Id: I4a6b778dce6f493093d3a05683473bb60e9cfa5c
 2021-08-10 22:47:35 +00:00
Siqi Lin
a77182f6d7 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e am: 505d9d692e am: c8836d9832 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: Id49e827dbe531c49a04406988a406ea56c9d8cd9
 2021-08-09 20:35:04 +00:00
Siqi Lin
142fb69223 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e am: 505d9d692e am: b8d0fd0524 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: I6520f674c942b505cffc597b649b628b68cb543b
 2021-08-09 20:34:32 +00:00
Siqi Lin
c5ba760b93 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e am: 1a27d3d66e am: 4ae3686490 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: I34c4308d929e5582bf499d424fcf8a2a050d9d55
 2021-08-09 20:34:24 +00:00
Siqi Lin
b8d0fd0524 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e am: 505d9d692e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: I53399fad7b0eff5eca806a42d359e403cab58305
 2021-08-09 20:20:19 +00:00
Siqi Lin
c8836d9832 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e am: 505d9d692e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: I16b13385bd0a66983999b3b2f4518c0a07387068
 2021-08-09 20:20:19 +00:00
Siqi Lin
4ae3686490 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e am: 1a27d3d66e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: I238779e171a5600af4c94e9d72fd38b1c71c23f7
 2021-08-09 20:20:00 +00:00
Siqi Lin
505d9d692e Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: I7c546f38519158fa1237e713bb1200e304a82650
 2021-08-09 20:05:08 +00:00
Siqi Lin
1a27d3d66e Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev am: df73384b2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15475450

Change-Id: I3f6115d79ff01ba2afb58704fd1fba63a0c3acab
 2021-08-09 20:03:56 +00:00
Siqi Lin
df73384b2e Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-dev 2021-08-09 19:52:02 +00:00
TreeHugger Robot
fc17b58a75 Merge "Add sepolicy to allow camera HAL to read display backlight" into sc-dev am: cfcf725081 am: 6727e33988 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15453996

Change-Id: I1b5491335981d38723d132ee178e107c9df354bb
 2021-08-06 14:33:17 +00:00
TreeHugger Robot
89a3d8f1e0 Merge "Add sepolicy to allow camera HAL to read display backlight" into sc-dev am: cfcf725081 am: f30a67df8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15453996

Change-Id: I1ce748fa2ccad6668f826e2ef2b2b54635f40cbc
 2021-08-06 14:32:57 +00:00
TreeHugger Robot
f30a67df8a Merge "Add sepolicy to allow camera HAL to read display backlight" into sc-dev am: cfcf725081 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15453996

Change-Id: I495b9411ea69f6aca5a201c3f6b4e8c464906a9f
 2021-08-06 14:17:49 +00:00
TreeHugger Robot
6727e33988 Merge "Add sepolicy to allow camera HAL to read display backlight" into sc-dev am: cfcf725081 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15453996

Change-Id: I98b62dffd1fa65bd69bff78b0a5fe11a841efdfb
 2021-08-06 14:16:48 +00:00
TreeHugger Robot
cfcf725081 Merge "Add sepolicy to allow camera HAL to read display backlight" into sc-dev 2021-08-06 14:04:38 +00:00
Siqi Lin
57d81aa6c1 sepolicy: gs101: allow dumpstate to access AoC stats 
Add AP wakeups from AoC DRAM exceptions to bugreports.

Bug: 186456919
Change-Id: I31df82addf1b5024b8e33c6284e5da1f473ac5d9
 2021-08-05 10:47:13 -07:00
Alice Yang
0d7ab6ea8b Add sepolicy to allow camera HAL to read display backlight 
Add sepolicy to allow camera HAL to read display backlight to use in
gabc algorithm.

Bug: 187917645
Test: build pass,  go/p21-camera-test-checklist
Change-Id: I628ee2dedd48dd1360d0818137ba9139ae194029
 2021-08-03 16:31:12 +00:00
Erik Staats
72af0dda60 Merge "Allow sensor HAL to read AoC dumpstate." into sc-dev am: 1b7ae244b0 am: 0bb21fc708 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15444398

Change-Id: Idc01ba0b18e3bb496a1be4a69e2d5d4dd2cf9989
 2021-08-03 16:05:10 +00:00