Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3861 commits 1 branch 0 tags 494 MiB
Commit graph

229 commits

Author SHA1 Message Date
sukiliu
673b8f1014 Update avc error on ROM 7457955 
Bug: 191132545
Bug: 191133059
Test: PtsSELinuxTestCases
Change-Id: I6a8e7924819734e38c2b6f761eb738f3e4d21c32
 2021-06-15 23:23:43 +08:00
Adam Shih
d00aafac75 remove obsolete entries 
Bug: 190672147
Bug: 173969091
Bug: 171760921
Bug: 178331773
Bug: 178752616
Bug: 188752940
Bug: 184005231
Bug: 182086688
Bug: 177176899
Bug: 182953825
Bug: 176528557
Bug: 183935382
Test: boot and do bugreport with no relevant error showed up
Change-Id: I869db698e96d2d6cfd533b7fd24c8c88d39fd0eb
 2021-06-11 10:35:59 +08:00
Denny cy Lee
25373353a7 Sepolicy: Remove permission for fuel gauge 
Bug: 189811224
Test: manually, read success in enforcing mode
Change-Id: Ie56179980a9946010fb25683e3819cddbfb93cfb
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2021-06-11 09:39:53 +08:00
Rick Yiu
797b646234 gs101-sepolicy: Fix avc denial for sysfs_vendor_sched 
Fix mediaprovider_app and bluetooth

Bug: 190563839
Bug: 190563916
Test: build pass
Change-Id: I477325ee812d1362db4d5005e999cba989a44216
 2021-06-10 04:10:24 +00:00
Adam Shih
22fae537b5 Merge "organize EdgeTPU modules and sepolicy" into sc-dev 2021-06-10 02:53:28 +00:00
sukiliu
6ce3aa9d75 Update avc error on ROM 7440434 
Bug: b/190563838
Bug: b/190563916
Bug: b/190563896
Bug: b/190563897
Test: Test: PtsSELinuxTestCases
Change-Id: Idbd0bc0f9a4770b3f976196058a311820e6e3c11
 2021-06-09 16:07:32 +08:00
Rick Yiu
2332c6a43f Merge "gs101-sepolicy: Fix tracking_denials of sysfs_vendor_sched" into sc-dev 2021-06-09 03:02:37 +00:00
Adam Shih
e7ed46c52c organize EdgeTPU modules and sepolicy 
Bug: 190331327
Bug: 190331548
Bug: 189895600
Bug: 190331108
Bug: 182524105
Bug: 183935302
Test: build ROM and check if the modules and sepolicy are still there
Change-Id: I40391a239a16c4fe79d58fab209dcbd1a8f25ede
 2021-06-09 10:39:04 +08:00
Rick Yiu
a457b1d640 gs101-sepolicy: Fix tracking_denials of sysfs_vendor_sched 
Bug: 190368350
Test: build pass
Change-Id: Id742e8328f63c04e5448225975897d8f6adc1e13
 2021-06-09 01:34:50 +00:00
Adam Shih
86c45c70e6 Merge "modulize hal_neuralnetwork_armnn" into sc-dev 2021-06-08 23:03:04 +00:00
Denny cy Lee
1eb6bfcd3e Hardwareinfo: battery info porting 
Test: No read error in logcat
Bug: 171947164
Bug: 181915166
Bug: 181177926
Bug: 181914888
Bug: 188627513
Change-Id: Ibbed06cc7e6eb00c8611cdc8bc95356b17c7e043
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2021-06-08 15:34:31 +08:00
SHUCHI LILU
699d68a092 Merge "Update avc error on ROM 7432667" into sc-dev 2021-06-08 05:50:50 +00:00
sukiliu
bb8b462d7a Update avc error on ROM 7432667 
Bug: b/190337281
Bug: b/190337282
Bug: b/190336524
Bug: b/190337295
Bug: b/190337296
Bug: b/190337283
Bug: b/190336723
Bug: b/190336841
Bug: b/190337297
Bug: b/190336525
Test: PtsSELinuxTestCases
Change-Id: I2edda1bf554c0239953b8a31152a09045fb1f15a
 2021-06-08 12:48:06 +08:00
Adam Shih
02f93b6096 modulize hal_neuralnetwork_armnn 
Bug: 189895314
Bug: 171160755
Bug: 171670122
Bug: 180858476
Test: make sure all affected devices' armnn module has the right label
Change-Id: I6ca736f156497738167ba5eea5606a0e654611b9
 2021-06-08 11:17:22 +08:00
Long Ling
5afbe4584f Merge "sepolicy: gs101: display: fix dumpstate of displaycolor" into sc-dev 2021-06-07 16:36:32 +00:00
Long Ling
1064df0f26 sepolicy: gs101: display: fix dumpstate of displaycolor 
displaycolor service runs in HW Composer. This change allow displaycolor
to output to dumpstate via pipe fd.

Bug: 189846843
Test: adb bugreport and check displaycolor dump in dumpstate_board.txt
Change-Id: I109db9374124caf9053a9fd7ba6159f83c372038
 2021-06-06 22:20:19 -07:00
TreeHugger Robot
29a5be5603 Merge "storage: update sepolicy for hardwareinfoservice" into sc-dev 2021-06-04 10:45:34 +00:00
jznpark
3d127f9224 [RCS] Add sepolicy for RCS as non-system app 
As shannon-rcs has been changed from system app
to non-system app, sepolicy has to be updated.

Bug: 186135775
Bug: 189707387
Test: sanity test
Signed-off-by: jznpark <jzn.park@samsung.com>
Change-Id: I32cce90611c619494136a6b1d01b3fb48330d169
 2021-06-03 13:30:26 -07:00
Chiawei Wang
9d5830ac19 pixelstats: fix permission errors 
1. sysfs_dma_heap erros are fixed by ag/13926718
2. debugfs_mgm error is fixed by ag/14683912

Bug: 188114896
Bug: 183338421
Bug: 188495492
Test: pts-tradefed run pts -m PtsSELinuxTest
      http://sponge2/6cbd0af0-5414-4f2c-aea0-99b4981360a4

Signed-off-by: Chiawei Wang <chiaweiwang@google.com>
Change-Id: Icd2fa4e7f168d15fd4cec3000bc0e7a33eab4d3e
 2021-06-03 02:52:33 +00:00
sukiliu
073a0f5ed1 Update avc error on ROM 7395282 
avc: denied { dac_override } for comm="rebalance_inter" capability=1 scontext=u:r:rebalance_interrupts_vendor:s0 tcontext=u:r:rebalance_interrupts_vendor:s0 tclass=capability permissive=0

Bug: 189275648
Test: PtsSELinuxTestCases
Change-Id: I637f1fcd901b8bf59096ba83c927b4d353f0405b
 2021-05-26 11:11:03 +08:00
Ocean Chen
b8aebc85e1 storage: update sepolicy for hardwareinfoservice 
avc: denied { search } for name="0:0:0:0" dev="sysfs" ino=57525 scontext=u:r:hardware_info_app:s0:c512,c768 avc: denied { search } for name="health_descriptor" dev="sysfs" ino=57017 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0 app=com.google.android.hardwareinfo
avc: denied { search } for name="health_descriptor" dev="sysfs" ino=57017 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=0 app=com.google.android.hardwareinfo

avc: denied { read } for name="vpd_pg80" dev="sysfs" ino=57559 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="model" dev="sysfs" ino=57534 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="vendor" dev="sysfs" ino=57533 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="rev" dev="sysfs" ino=57535 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="eol_info" dev="sysfs" ino=57020 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo
avc: denied { read } for name="life_time_estimation_a" dev="sysfs" ino=57021 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0 app=com.google.android.hardwareinfo

Bug: 188755652
Test: reboot then check hardwareinfo and avc denined log
Change-Id: Ia03ebdd6b0b46b4c9ace5fbf1fc47a455a55abcb
 2021-05-25 16:57:20 +08:00
sukiliu
ba92629794 Update avc error on ROM 7380236 
Bug: 188752787
Bug: 188752940
Test: PtsSELinuxTestCases
Change-Id: I5b674d4696ef470956301388f3d0fcc4883010c6
 2021-05-20 16:52:43 +08:00
Yu-Chi Cheng
e8ee41f9af Renamed edgetpu_service to edgetpu_app_service. 
edgetpu_service was splitted into two in previous change:
edgetpu_service and edgetpu_vendor_service, where the new
vendor service for vendor clients, and the old service keeps
serving app clients.

This change updated the SELinux policy to rename the edgetpu_service
into edgetpu_app_service to make the purpose clearer.

Bug: 188463446
Test: Oriole + GCA
Change-Id: I3a133319edc84fc02ef211934d0542575580da14
 2021-05-17 15:38:24 -07:00
sukiliu
53c9a79002 Update avc error on ROM 7358093 
Bug: 188114822
Bug: 188114896
Test: PtsSELinuxTestCases
Change-Id: Ic5e865a921d0db981acfd936e1599a0ab220b975
 2021-05-14 14:23:22 +08:00
sukiliu
99853e483b Update avc error on ROM 7349999 
avc: denied { call } for scontext=u:r:dumpstate:s0 tcontext=u:r:twoshay:s0 tclass=binder permissive=0

Bug: 187795940
Test: PtsSELinuxTestCases
Change-Id: Ib85ee1d52915b292295b21df8df48c18761c088e
 2021-05-11 17:24:08 +08:00
Tai Kuo
8e3aaa30ff Remove dumpstate AVC denials dontaudit for twoshay 
Bug: 187014717
Test: pts-tradefed run pts -m PtsSELinuxTest -t \
  com.google.android.selinux.pts.SELinuxTest#scanBugreport
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: Ic697ffe8f6ee15fb9d9330173a3c92aeca61de67
 2021-05-07 14:56:22 +08:00
Aaron Tsai
6a9a85cd07 Fix avc denied for shannon-ims 
04-01 19:10:22.956 10272  2327  2327 W Binder:2327_4: type=1400 audit(0.0:8): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_ims_app:s0:c16,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.shannon.imsservice
04-01 19:10:22.960 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.wfc_avail_ovr0"
04-01 19:10:22.981 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.vt_avail_ovr0"
04-01 19:10:22.982 10272  2327  4980 E libc    : Access denied finding property "persist.dbg.volte_avail_ovr0"

Bug: 183935382
Bug: 184858478
Test: verified with the forrest ROM and error log goneFix
Change-Id: I0754c6be7f74ed73533e9570c7d1916320ab2897
 2021-05-06 09:04:03 +00:00
SHUCHI LILU
1d6ffc2305 Merge "Update avc error on ROM 7330059" into sc-dev 2021-05-03 09:34:35 +00:00
Adam Shih
722b181dd3 update error on ROM 7331131 
Bug: 187016929
Bug: 187016930
Bug: 187016910
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I294a27fd272f73cc371a4a8dc9783ba5f60203ff
 2021-05-03 15:48:46 +08:00
sukiliu
58238158ab Update avc error on ROM 7330059 
Bug: 187014717
Bug: 187015705
Bug: 187015816
Test: PtsSELinuxTestCases
Change-Id: I2d79fee24d18865090cd350485daea4e66bb5184
 2021-05-03 15:25:20 +08:00
Krzysztof Kosiński
de973d797a Mark GS101 camera HAL as using Binder. 
The service implements a public API, so it will communicate over
Binder in both the framework domain and the vendor domain.

Bug: 186067463
Test: boot on oriole & check logs
Change-Id: If5bee474f79b7d14f65351580544c0dcb701d604
 2021-04-22 13:50:42 -07:00
Michael Ayoubi
134a3882cc Merge "gs101: Remove kernel.te after UWB fixes" into sc-dev 2021-04-22 15:11:23 +00:00
Michael Ayoubi
d17f3bad0f gs101: Remove kernel.te after UWB fixes 
tracking_denials/kernel.te is no longer needed after fixes from b/182954062.

Bug: 171943668
Test: Add dw3000 module back into build
      Compile and test image on Raven
      Confirm no avc denial logs are seen and that the dw3000 driver
      loads successfully.
Signed-off-by: Michael Ayoubi <mayoubi@google.com>
Change-Id: I9a8510ed3852c053319a3395871728048a57ecb5
 2021-04-22 05:38:21 +00:00
sukiliu
89e016d436 Update avc error on ROM 7302474 
avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=0

Bug: 186067463
Test: PTS SELinuxTest
Change-Id: I2792875a195fa3ca75d6fa57537f81e7dbeb5bac
 2021-04-22 11:21:10 +08:00
Aaron Tsai
90ead0f9cb Update tracking error for Silent Logging tool 
04-06 20:16:59.772  1000  5754  5754 W RenderThread: type=1400 audit(0.0:17): avc: denied { write } for name="code_cache" dev="dm-7" ino=4477 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
[   65.233590] type=1400 audit(1618796326.840:4): avc: denied { getattr } for comm="y.silentlogging" path="/data/user/0/com.samsung.slsi.telephony.silentlogging" dev="dm-11" ino=6338 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
[   65.280798] type=1400 audit(1618796326.888:6): avc: denied { search } for comm="y.silentlogging" name="com.samsung.slsi.telephony.silentlogging" dev="dm-11" ino=6338 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0

04-06 21:07:23.576  7458  7458 I auditd  : type=1400 audit(0.0:64): avc: denied { create } for comm="RenderThread" name="com.android.skia.shaders_cache" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=0
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:524): avc: denied { read } for name="SHARED_PREF.xml" dev="dm-7" ino=16734 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:525): avc: denied { read } for name="com.samsung.slsi.telephony.silentlogging_preferences.xml" dev="dm-7" ino=17227 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:526): avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.telephony.silentlogging/shared_prefs/com.samsung.slsi.telephony.silentlogging_preferences.xml" dev="dm-7" ino=17227 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:527): avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.telephony.silentlogging/shared_prefs/SHARED_PREF.xml" dev="dm-7" ino=16734 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1

04-06 12:02:03.460  1000  9117  9117 W si.sysdebugmode: type=1400 audit(0.0:35): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-06 12:02:03.465  1000  9117  9117 W libc    : Access denied finding property "persist.input.velocitytracker.strategy"

04-13 15:01:12.636  1000  8718  8718 W y.silentlogging: type=1400 audit(0.0:60): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=131 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-13 15:01:12.638  1000  8718  8718 W libc    : Access denied finding property "ro.input.resampling"

04-13 15:01:12.724  1000  8718  8718 W y.silentlogging: type=1400 audit(0.0:61): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=131 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-13 15:01:12.726  1000  8718  8718 W libc    : Access denied finding property "viewroot.profile_rendering"


Bug: 184921478
Test: manual
Change-Id: Ia842b3dcfd8ec2ad30acc065f9caceafdc0458cd
 2021-04-21 06:59:01 +00:00
Wenhao Wang
a16b1668be Merge "Fix selinux for RPMB daemon" into sc-dev 2021-04-20 17:20:50 +00:00
Adam Shih
93b498ea78 remove obsolete entry 
Bug: 182531832
Test: do bugreport with no dumpstate related error
Change-Id: I3f19f82f37b11221f4816d958797336da23b14b4
 2021-04-20 14:42:55 +08:00
Wenhao Wang
f5277482c1 Fix selinux for RPMB daemon 
Secure persistent storage has been moved to persist root.
The corresponding pathes on SELinux policy has to be updated.

Bug: 173971240
Bug: 173032298
Test: Trusty storage tests
Change-Id: I0e7756f3b4d5c6be705a87e1d7d80247df1ec4bb
 2021-04-20 13:01:23 +08:00
Adam Shih
59a1c3f04a update error on ROM 7293525 
Bug: 185723618
Bug: 185723492
Bug: 185723694
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I5cc12384aca5dcc2658b914e5c7783f2e1e70b5d
 2021-04-19 09:52:55 +08:00
Chris Lu
86582e6ce0 display: remove dontaudit for hal_memtrack_default 
Bug: 181913683
Test: make pts -j60 pts-tradefed run pts -m PtsSELinuxTest -t
com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot

Change-Id: I72963aed5aff9bcbf2de16b11b16033ca594d7f0
 2021-04-15 10:12:01 +08:00
Aaron Tsai
204dc05aa4 Fix avc denied for Silent Logging 
04-08 23:18:20.684   920   920 I HwBinder:920_1: type=1400 audit(0.0:486): avc: denied { call } for scontext=u:r:sced:s0 tcontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tclass=binder permissive=1
04-08 22:51:36.312  1000  6890  6890 I Thread-2: type=1400 audit(0.0:1390): avc: denied { call } for scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:r:sced:s0 tclass=binder permissive=1

04-08 23:18:20.684  7099  7099 I auditd  : type=1400 audit(0.0:487): avc: denied { execute } for comm="HwBinder:920_1" name="sh" dev="dm-0" ino=464 scontext=u:r:sced:s0 tcontext=u:object_r:shell_exec:s0 tclass=file permissive=1
04-08 23:18:20.684  7099  7099 I auditd  : type=1400 audit(0.0:488): avc: denied { read open } for comm="HwBinder:920_1" path="/system/bin/sh" dev="overlay" ino=464 scontext=u:r:sced:s0 tcontext=u:object_r:shell_exec:s0 tclass=file permissive=1

04-08 22:51:36.312  1000  8554  8554 I HwBinder:908_1: type=1400 audit(0.0:1391): avc: denied { execute_no_trans } for path="/vendor/bin/sh" dev="overlay" ino=377 scontext=u:r:sced:s0 tcontext=u:object_r:vendor_shell_exec:s0 tclass=file permissive=1
04-08 22:51:36.324  1000   908   908 I HwBinder:908_1: type=1400 audit(0.0:1392): avc: denied { search } for name="slog" dev="dm-7" ino=245 scontext=u:r:sced:s0 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=1
04-08 22:51:36.324  1000   908   908 I HwBinder:908_1: type=1400 audit(0.0:1393): avc: denied { write } for name="slog" dev="dm-7" ino=245 scontext=u:r:sced:s0 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=1
04-08 22:51:36.324  1000   908   908 I HwBinder:908_1: type=1400 audit(0.0:1394): avc: denied { add_name } for name="tcplog_20210408225136.pcap" scontext=u:r:sced:s0 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=1
04-08 22:52:24.720  1000   908   908 I HwBinder:908_1: type=1400 audit(0.0:1427): avc: denied { create } for name="tcplog_20210408225224.pcap" scontext=u:r:sced:s0 tcontext=u:object_r:vendor_slog_file:s0 tclass=file permissive=1

04-08 23:18:23.160  7099  7099 I auditd  : type=1400 audit(0.0:505): avc: denied { getopt } for comm="tcpdump" scontext=u:r:sced:s0 tcontext=u:r:sced:s0 tclass=packet_socket permissive=1
04-08 23:18:23.160  7099  7099 I tcpdump : type=1400 audit(0.0:505): avc: denied { getopt } for scontext=u:r:sced:s0 tcontext=u:r:sced:s0 tclass=packet_socket permissive=1
04-08 23:18:23.160  7099  7099 I auditd  : type=1400 audit(0.0:506): avc: denied { setopt } for comm="tcpdump" scontext=u:r:sced:s0 tcontext=u:r:sced:s0 tclass=packet_socket permissive=1
04-08 23:18:23.160  7099  7099 I tcpdump : type=1400 audit(0.0:506): avc: denied { setopt } for scontext=u:r:sced:s0 tcontext=u:r:sced:s0 tclass=packet_socket permissive=1

04-08 23:58:53.664  8514  8514 I auditd  : type=1400 audit(0.0:500): avc: denied { getattr } for comm="sh" path="/system/bin/tcpdump" dev="overlay" ino=502 scontext=u:r:sced:s0 tcontext=u:object_r:tcpdump_exec:s0 tclass=file permissive=1
04-08 23:58:53.664  8514  8514 I auditd  : type=1400 audit(0.0:501): avc: denied { execute } for comm="sh" name="tcpdump" dev="dm-0" ino=502 scontext=u:r:sced:s0 tcontext=u:object_r:tcpdump_exec:s0 tclass=file permissive=1
04-08 23:58:53.664  8514  8514 I auditd  : type=1400 audit(0.0:502): avc: denied { read open } for comm="sh" path="/system/bin/tcpdump" dev="overlay" ino=502 scontext=u:r:sced:s0 tcontext=u:object_r:tcpdump_exec:s0 tclass=file permissive=1
04-08 23:58:53.668  8514  8514 I auditd  : type=1400 audit(0.0:503): avc: denied { execute_no_trans } for comm="sh" path="/system/bin/tcpdump" dev="overlay" ino=502 scontext=u:r:sced:s0 tcontext=u:object_r:tcpdump_exec:s0 tclass=file permissive=1
04-08 23:58:53.668  8514  8514 I auditd  : type=1400 audit(0.0:504): avc: denied { map } for comm="tcpdump" path="/system/bin/tcpdump" dev="overlay" ino=502 scontext=u:r:sced:s0 tcontext=u:object_r:tcpdump_exec:s0 tclass=file permissive=1

04-08 23:58:53.680  8514  8514 I auditd  : type=1400 audit(0.0:505): avc: denied { create } for comm="tcpdump" scontext=u:r:sced:s0 tcontext=u:r:sced:s0 tclass=packet_socket permissive=1
04-08 23:58:53.680  8514  8514 I auditd  : type=1400 audit(0.0:506): avc: denied { net_raw } for comm="tcpdump" capability=13 scontext=u:r:sced:s0 tcontext=u:r:sced:s0 tclass=capability permissive=1
04-08 23:58:53.680  8514  8514 I auditd  : type=1400 audit(0.0:507): avc: denied { ioctl } for comm="tcpdump" path="socket:[96140]" dev="sockfs" ino=96140 ioctlcmd=0x8933 scontext=u:r:sced:s0 tcontext=u:r:sced:s0 tclass=packet_socket permissive=1

04-13 19:19:38.493  1000   403   403 I auditd  : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.oemservice::IOemService sid=u:r:sced:s0 pid=909 scontext=u:r:sced:s0 tcontext=u:object_r:hal_vendor_oem_hwservice:s0 tclass=hwservice_manager permissive=0
04-13 21:40:13.054   404   404 I auditd  : avc:  denied  { add } for interface=vendor.samsung_slsi.telephony.hardware.oemservice::IOemService sid=u:r:sced:s0 pid=911 scontext=u:r:sced:s0 tcontext=u:object_r:hal_vendor_oem_hwservice:s0 tclass=hwservice_manager permissive=1
04-13 21:40:13.055   404   404 I auditd  : avc:  denied  { add } for interface=android.hidl.base::IBase sid=u:r:sced:s0 pid=911 scontext=u:r:sced:s0 tcontext=u:object_r:hidl_base_hwservice:s0 tclass=hwservice_manager permissive=1


Bug: 184921478
Test: manual test
Change-Id: I39eb403272a8a4fba0728c9f8eab5ea23096a540
 2021-04-14 18:18:55 +08:00
Adam Shih
e541cce49b change assigned bug 
Bug: 182531832
Test: take bugreport and see no relevant log
Change-Id: I33911bf652c7d21eb2a153e6b6129162434be72f
 2021-04-13 15:08:13 +08:00
Adam Shih
7e071d6cb2 dump hal_graphics_composer 
Bug: 179310854
Bug: 176868159
Bug: 177176812
Bug: 177389412
Bug: 177614642
Bug: 177778217
Bug: 177860841
Bug: 178752460
Bug: 179310909
Bug: 179437463
Bug: 180963481
Bug: 181177909
Bug: 174961421
Test: do bugreport with no relevant error logs
Change-Id: Ieac81e9d684044fbd649b4fec608f393627c34cb
 2021-04-13 11:59:13 +08:00
Adam Shih
7e60d3a032 allow init to set readahead_size 
Bug: 185186743
Test: boot with no error found during boot
Change-Id: I7c06977023a1125d0187b96103e94c355a9d17a2
 2021-04-13 11:17:31 +08:00
Adam Shih
06cc3ee882 update error on ROM 7278058 
Bug: 185186743
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I40066584800e1a40fbd75dc2d97ee44f9e6dde89
 2021-04-13 10:55:33 +08:00
Craig Dooley
cd888e847f Merge "Fix SELinux errors with aocd" into sc-dev 2021-04-08 17:27:56 +00:00
Craig Dooley
3d4d9159c9 Fix SELinux errors with aocd 
Add inotify support for /dev
Fix the aoc vendor property

Bug: 184173298
Change-Id: I40a71edd56b2d51f848085c43ae1d10a4c2c0c4b
 2021-04-08 03:59:23 +00:00
Mat Bevilacqua
b58243632d Merge "Fix selinux permissions errors for UwbService" into sc-dev 2021-04-08 02:09:57 +00:00
Mat Bevilacqua
82d7164b5c Fix selinux permissions errors for UwbService 
Fixes gmscore access to UwbManager APIs, fixes UwbService access to UWB
HAL APIs, and fixes CTS UwbService presence test.

Bug: 184402100
Test: atest CtsUwbTestCases
Change-Id: I7450242f8b35570c3d5a676c5835b01f74995202
 2021-04-07 11:39:31 -07:00
Adam Shih
59ba0f97aa grant debugfs access to insmod under userdebug 
Bug: 182086611
Test: boot with the error gone
Change-Id: I555c12b4ccbb61266dc289aac577d0240bde4d28
 2021-04-07 11:56:49 +08:00