Commit graph

3410 commits

Author SHA1 Message Date
Marco Nelissen
a9004241c2 Allow logd to read the Trusty log am: 7df1fa1574 am: 983f5f2d96 am: 6072583f8a
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1971381

Change-Id: I599f4256ea82b4917eceafeced56aef1214de588
2022-02-04 02:15:43 +00:00
Marco Nelissen
6072583f8a Allow logd to read the Trusty log am: 7df1fa1574 am: 983f5f2d96
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1971381

Change-Id: I3ef810bd7a3ecddf60a0b13f1262abce14a5ece1
2022-02-04 01:59:53 +00:00
Marco Nelissen
983f5f2d96 Allow logd to read the Trusty log am: 7df1fa1574
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1971381

Change-Id: Ic66382bd03df28287fc3817c6f66a414d69637b3
2022-02-04 01:43:42 +00:00
Marco Nelissen
7df1fa1574 Allow logd to read the Trusty log
Bug: 190050919
Test: build
Change-Id: I8a42cd90b1581272f4dafc37d6eb29a98e1fa2e3
2022-02-03 10:37:13 -08:00
Marco Nelissen
64fe59aba5 Merge "Allow logd to read the Trusty log" 2022-02-01 21:37:54 +00:00
Marco Nelissen
a2d6a19bcd Allow logd to read the Trusty log
Bug: 190050919
Test: build
Change-Id: I8a42cd90b1581272f4dafc37d6eb29a98e1fa2e3
2022-02-01 21:37:36 +00:00
Ankit Goyal
ec2a9fb8fc Rename vulkan library to be platform agnostic
Bug: 174232579
Test: Boots to home
Change-Id: I39d633e79896d7196ca7011dd7e017950248e2d8
2022-01-26 20:36:29 -08:00
Stephen Crane
e48d11c26c [automerged blank] Allow TEE storageproxyd permissions needed for DSU handling 2p: b9beafc9fa
Blank merge reason: Change-Id I86055dd5601f8c2899d28f29bdfcb4dcb9b90d1b with SHA-1 3f9a11fa0b is in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16727208

Bug: 203719297
Change-Id: I337cd189a9a8ffa6d58f0e1284e09884f8fb86f5
2022-01-26 22:12:29 +00:00
Stephen Crane
b9beafc9fa Allow TEE storageproxyd permissions needed for DSU handling
Allows the vendor TEE access to GSI metadata files (which are publicly
readable). Storageproxyd needs access to this metadata to determine if a
GSI image is currently booted. Also allows the TEE domain to make new
directories in its data path.

Includes the fixed directory creation permission change from
Ifcc3e5f82b68a506ff99469d2f3df6ab1440b42a.

Test: access /metadata/gsi/dsu/booted from storageproxyd
Bug: 203719297
Merged-In: I86055dd5601f8c2899d28f29bdfcb4dcb9b90d1b
Merged-In: Ifcc3e5f82b68a506ff99469d2f3df6ab1440b42a
Change-Id: I86055dd5601f8c2899d28f29bdfcb4dcb9b90d1b
(cherry picked from commit b69ac35ff0)
2022-01-26 14:00:44 -08:00
Treehugger Robot
2fa102876a Merge "Allow storageproxyd to create directories in its data location" am: 423a9a467b am: 0e4789159c am: 26f020fc70 am: 35d7efaf11
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1960462

Change-Id: I1e789353fb2ce05e05f097ab48b2bb2054887efe
2022-01-26 21:49:48 +00:00
Treehugger Robot
35d7efaf11 Merge "Allow storageproxyd to create directories in its data location" am: 423a9a467b am: 0e4789159c am: 26f020fc70
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1960462

Change-Id: I91b0e8f0033c4736516f9341a5b6166f14f7894f
2022-01-26 21:26:26 +00:00
Treehugger Robot
26f020fc70 Merge "Allow storageproxyd to create directories in its data location" am: 423a9a467b am: 0e4789159c
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1960462

Change-Id: Ie20d1e1d6037a42acba87ab92007657f4f6be83d
2022-01-26 21:07:28 +00:00
Treehugger Robot
0e4789159c Merge "Allow storageproxyd to create directories in its data location" am: 423a9a467b
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1960462

Change-Id: I021cffca681495143a279470e73e194cd5faf635
2022-01-26 20:44:17 +00:00
Treehugger Robot
423a9a467b Merge "Allow storageproxyd to create directories in its data location" 2022-01-26 20:29:27 +00:00
Junkyu Kang
b9ad182d4a Add persist.vendor.gps to sepolicy
Bug: 196002632
Test: PixelLogger can modify persist.vendor.gps.*
Change-Id: I3fdaf564eacec340003eed0b5845a2c08922362c
2022-01-26 08:02:27 +00:00
Stephen Crane
45850f812e Allow storageproxyd to create directories in its data location
storageproxyd already has rw_dir_perms for tee_data_file from
vendor/tee.te in platform. We need create_dir_perms to make the
"alternate/" directory for handling DSU correctly.

Test: m dist, flash, and test DSU
Bug: 203719297
Change-Id: Ifcc3e5f82b68a506ff99469d2f3df6ab1440b42a
2022-01-25 17:54:22 -08:00
TeYuan Wang
9afdb48a85 Move thermal netlink socket sepolicy rules to pixel sepolicy am: 66f1d74123 am: 8cb5857dac am: 0fe33df6c0 am: e925f85169
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1958926

Change-Id: I77230680556c9029ca702c6b73c56119221689e8
2022-01-25 12:22:55 +00:00
TeYuan Wang
e925f85169 Move thermal netlink socket sepolicy rules to pixel sepolicy am: 66f1d74123 am: 8cb5857dac am: 0fe33df6c0
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1958926

Change-Id: I86642d387feb6f99939ffb52341e26ba4faef082
2022-01-25 12:05:36 +00:00
TeYuan Wang
0fe33df6c0 Move thermal netlink socket sepolicy rules to pixel sepolicy am: 66f1d74123 am: 8cb5857dac
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1958926

Change-Id: I08f70c5940c8d7f8d40fb97791b762a935ac5dfa
2022-01-25 11:47:21 +00:00
TeYuan Wang
8cb5857dac Move thermal netlink socket sepolicy rules to pixel sepolicy am: 66f1d74123
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1958926

Change-Id: I5b35f6bb9f7a5ff6ab3abaeac370384125c60abf
2022-01-25 10:39:06 +00:00
TeYuan Wang
66f1d74123 Move thermal netlink socket sepolicy rules to pixel sepolicy
Bug: 213257759
Test: verified genlink function with emul_temp under enforcing mode
Change-Id: I8f5518e5f866ed0813be1e6630c6a9aefaf06e63
2022-01-25 11:59:06 +08:00
linpeter
da28bad8c4 atc context change am: 85d5a9a60a am: af647ece2f am: 39363f3e1a am: 7931384a9d
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1951025

Change-Id: I45ea9c111e1a512ca7efc88e22bb06b888f67464
2022-01-24 05:05:59 +00:00
Treehugger Robot
2bb6f148c1 Merge "Allow TEE storageproxyd permissions needed for DSU handling" am: 05ca30173e am: 3cde81c794 am: 5dd5b0dd29 am: b0ecddbd4e
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1923363

Change-Id: Ic0087e6e3aef8a61f2c0b44fd48a8953e66e1868
2022-01-24 05:05:48 +00:00
Kame(TeYuan) Wang
1be9b0a5de Merge "Label TMU as sysfs_thermal am: 32458cdc49 am: a76533f48b am: 27eae23a3f am: 5c9ca15d60" 2022-01-24 05:04:06 +00:00
TreeHugger Robot
b41839bdf3 Merge "camera_hal: allow changing kthread priority" 2022-01-24 03:17:11 +00:00
TeYuan Wang
287cad81ea Label TMU as sysfs_thermal am: 32458cdc49 am: a76533f48b am: 27eae23a3f am: 5c9ca15d60
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1937119

Change-Id: Ie7426fcefe1ba3bf7fd53af5454811724e6d1a90
2022-01-24 02:45:55 +00:00
TreeHugger Robot
8b1083c037 Merge "Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f am: 1a59c0625f am: c581535e5c am: b48e33f29f" 2022-01-22 23:29:11 +00:00
TreeHugger Robot
1b02510fce Merge "Remove redundant rule in system_server.te" 2022-01-22 08:01:05 +00:00
Yabin Cui
826a3540e7 Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f am: 1a59c0625f am: c581535e5c am: b48e33f29f
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: I75cfc6940977bf431c9a8fee12497caf865ce3ff
2022-01-22 04:25:25 +00:00
Jasmine Cha
eec7d4b172 audio: add sepolicy for getting thermal event am: 2abecb1519 am: 54e84e9978 am: d57668f3cc am: 0bfc811257
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: I83d62090ef9a78a3bac0c0cdccd550eb56b82dc5
2022-01-22 03:41:43 +00:00
Jasmine Cha
1d2ef17567 [automerger skipped] audio: add permission to request health/sensor data am: a21b7f8800 am: cdcccbbd02 am: 8b5831f247 -s ours am: 6a1155a468 -s ours
am skip reason: Merged-In I8e8a512cfbd6be814c98bac75ff6c0e5db028db2 with SHA-1 27a4afc1a9 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: I6f6bad706ef467b367b2bb5f35c5a57e3b567ba6
2022-01-22 03:41:34 +00:00
David Anderson
91a8be13ab Fix sepolicy denial in update_engine. am: 2fe229352b am: e999b85d07 am: b7b8477e12 am: 9e40c2e027
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: I4594ba648036aebef661cf047f0e2d9502b8bb7e
2022-01-22 03:41:26 +00:00
Matt Buckley
a383da1ca5 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f am: 8670a782de am: 773506d408 am: 69b607c877
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: I709b6089cb2b8a241c4989e979deb6457cedee17
2022-01-22 03:41:05 +00:00
Joel Galenson
bc2cfc98d1 Include core policy OWNERS. am: b287da183e am: 453006460d am: 047d2a31ed am: 651a6b8631
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: I27340143806bbbbda06dbc6b85d153ad4e0226b8
2022-01-22 03:40:58 +00:00
Xin Li
907d844300 [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours am: 01d5ec6d2a -s ours am: 4f9be8d5b2 -s ours am: 1a9568121f -s ours
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: Ibc384627f45f9806fdb442fad4bf0d77fc7af634
2022-01-22 03:40:44 +00:00
chenpaul
2206ea75ff [automerger skipped] Remove wifi_logger related sepolicy settings am: 37d4cfa648 am: 9a9bf7fc09 am: ebc02c3437 am: cdab1fefb6 -s ours
am skip reason: skipped by user chenpaul

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I64902ea498f94e06d12a0342dd0d110f6e01a467
2022-01-22 03:40:02 +00:00
Badhri Jagan Sridharan
7dacac2b34 Merge "android.hardware.usb.IUsb AIDL migration" 2022-01-22 01:20:20 +00:00
Badhri Jagan Sridharan
472abdcd5d Remove redundant rule in system_server.te
hal_client_domain(system_server, hal_usb) covers
the needed rule.

Bug: 200993386
Test: Boot up target to check for selinux denials.
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: If9803a028babb38a6ed0ce5f87a5c7d1eec8e598
2022-01-21 17:08:50 -08:00
Badhri Jagan Sridharan
51735ba3ab android.hardware.usb.IUsb AIDL migration
android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.

Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
2022-01-21 17:07:56 -08:00
linpeter
7931384a9d atc context change am: 85d5a9a60a am: af647ece2f am: 39363f3e1a
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1951025

Change-Id: I35e7cfe6ec8a3b959dbae7f2aa7d9cbf4de219dd
2022-01-21 22:47:46 +00:00
Treehugger Robot
b0ecddbd4e Merge "Allow TEE storageproxyd permissions needed for DSU handling" am: 05ca30173e am: 3cde81c794 am: 5dd5b0dd29
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1923363

Change-Id: I0190a5a7017d8cfa34932ecdbe9c85587408af85
2022-01-21 22:47:37 +00:00
TeYuan Wang
5c9ca15d60 Label TMU as sysfs_thermal am: 32458cdc49 am: a76533f48b am: 27eae23a3f
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1937119

Change-Id: I78fdf05253972c617a124165a6d880083e7c0310
2022-01-21 22:47:28 +00:00
Yabin Cui
b48e33f29f Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f am: 1a59c0625f am: c581535e5c
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: I391bab4a982ec03d1904d59aa2376a3d3c816c40
2022-01-21 22:47:19 +00:00
Jasmine Cha
0bfc811257 audio: add sepolicy for getting thermal event am: 2abecb1519 am: 54e84e9978 am: d57668f3cc
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: Idb58719a8511be2f750c8e4a11421d147801b57c
2022-01-21 22:47:00 +00:00
Jasmine Cha
6a1155a468 [automerger skipped] audio: add permission to request health/sensor data am: a21b7f8800 am: cdcccbbd02 am: 8b5831f247 -s ours
am skip reason: Merged-In I8e8a512cfbd6be814c98bac75ff6c0e5db028db2 with SHA-1 27a4afc1a9 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: Ib2f5a7ce0376aeedc3c2afb23862ee42e85cb493
2022-01-21 22:46:31 +00:00
David Anderson
9e40c2e027 Fix sepolicy denial in update_engine. am: 2fe229352b am: e999b85d07 am: b7b8477e12
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: I8f97a3527ec13132ddbba7a0981619f55e0e0f9d
2022-01-21 22:46:11 +00:00
Matt Buckley
69b607c877 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f am: 8670a782de am: 773506d408
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: Ie88713a1f13dc5e90f0bc928dc2312625bcca096
2022-01-21 22:45:33 +00:00
Joel Galenson
651a6b8631 Include core policy OWNERS. am: b287da183e am: 453006460d am: 047d2a31ed
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: I7a1f6fb78088aca3c2c748106f8d4cb424c73c23
2022-01-21 22:45:06 +00:00
Xin Li
1a9568121f [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours am: 01d5ec6d2a -s ours am: 4f9be8d5b2 -s ours
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: Ic2096a0d1be12d0b8295af1bf852fb5df383c0bb
2022-01-21 22:44:34 +00:00
chenpaul
cdab1fefb6 Remove wifi_logger related sepolicy settings am: 37d4cfa648 am: 9a9bf7fc09 am: ebc02c3437
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I036388f399ef567dc4eb32d1c4799e58eb8815af
2022-01-21 22:43:56 +00:00