Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
2. Dump bugreport
3. Pull dumpstate_board.bin and chagne it to zip
4. Unzip dumpstate_board.zip and check if tcpdump files
are there.
Change-Id: Iea67de1e645592c6993a3ee6f2ca8e6bf3c6c949
Merged-In: Iea67de1e645592c6993a3ee6f2ca8e6bf3c6c949
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
2. Dump bugreport
3. Pull dumpstate_board.bin and chagne it to zip
4. Unzip dumpstate_board.zip and check if tcpdump files
are there.
Change-Id: I3d0cb388cf9b7c96d2856f46c0440b4017477480
The sepolicy must be self-contained without including wirelss_charger to
avoid build break in AOSP
Bug: 263830018
Change-Id: I4eee380ae61f83c5563ee8842a94fd1fb9e520ef
Signed-off-by: Ken Yang <yangken@google.com>
Bug: 215271971
Test: no sepolicy for hardware info
Signed-off-by: Denny cy Lee <dennycylee@google.com>
Change-Id: Ia7bfd171fe724848e9a6f0c1adab59402d2788a9
... as it has moved to system/sepolicy.
Bug: b/161819018
Test: presubmit
Change-Id: I6fcafa87541ed0cbaf3ba74fa5ff4dbdebd533f7
Merged-In: I6fcafa87541ed0cbaf3ba74fa5ff4dbdebd533f7
Stop using these attributes since these will be removed soon. This
commit reverts 37b5741301 ("Add the 'bdev_type' attribute to all block
device types").
Bug: 202520796
Test: Untested.
Change-Id: I00f10d1fd164b6ca01ecd5cffd2012acfc05eeca
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Add rules for sysfs_st33spi
Separate hal_secure_element_st54spi and st33spi form default
Bug: 193417907
Test: VtsHalSecureElementV1_2TargetTest,
VtsHalSecureElementV1_1TargetTest,
VtsHalSecureElementV1_0TargetTest,
CtsOmapiTestCases
Change-Id: I444af2e38fc120d173445bce48b7e4d381201a91
add permission to:
copy factory uwb calib files from persist to /data/vendor/uwb
convert copied file to proper format for uwb stack to consume
Bug: 195659525
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I3e5282477fd391b483e03242ce0b806bd447dc54
Merged-In: I3e5282477fd391b483e03242ce0b806bd447dc54
add permission to:
copy factory uwb calib files from persist to /data/vendor/uwb
convert copied file to proper format for uwb stack to consume
Bug: 195659525
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I3e5282477fd391b483e03242ce0b806bd447dc54
The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9
The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947
The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.
Bug: 194450129
Bug: 196982345
Test: Built Android images that include this change and verified that neither init nor apexd triggers any SELinux access denied errors.
Change-Id: I6ce1127f199c5b33812f15fe280d86594d7d7ebf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
Usb hal now pushes the Usb port overheat event through statsd.
Usb hal also accesses usbc-throttling stats to gather info.
Bug: 193615568
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: I4918458bc7a8a25d7655b66d1fe40eafc7ccb070
This change removes direct access to the LHBM sysfs node from SystemUI,
but allows SystemUI to make binder calls to the hardware composer (HWC),
which can be used to enable or disable LHBM.
Bug: 191132545
Bug: 190563896
Bug: 184768835
Test: no avc denials
Change-Id: I5417377ff096e869ad772e4fd2fb23f8c1fd4f1e
Bug: 190331327
Bug: 190331548
Bug: 189895600
Bug: 190331108
Bug: 182524105
Bug: 183935302
Test: build ROM and check if the modules and sepolicy are still there
Change-Id: I40391a239a16c4fe79d58fab209dcbd1a8f25ede
Test: 1. build selinux and push related files to phone
2. Use ls -Z "file" to check if selinux content of file is
expected
3. P21 camera checklist
Bug: 168654554
Change-Id: Ie757dd3e8adc151c6340e9ca662efbdf0ccb6110
This CL adds the "mlstrustedobject" to types for files involved in the
SJTAG authentication flow, in order to address MLS-based AVC denials.
Bug: 189466122
Test: No more AVC denials when activating SJTAG in BetterBug
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: Ieb88653830ce95751eee5cf26c26fd6302067bce
These are the SELinux policies for the sysfs files of the SJTAG
kernel interface. The files are in the following directories:
/sys/devices/platform/sjtag_ap/interface/
/sys/devices/platform/sjtag_gsa/interface/
Bug: 184768605
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I4ecf5cec5bbd08a44d7dbf88de5f3bc58b6c4fe5
Provide necessary sepolicy for dumpreport to access page_pinner
information in /sys/kernel/debug/page_pinner/{longterm_pinner,
alloc_contig_failed}
Bug: 187552095
Test: Run "adb bugreport <zip>" and verify it contains the output
from page_pinner.
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I2abc48f2a156718fd4bed3b51bdd285c6bf9f175
A few debugfs files are labelled as belonging to both debugfs_type and
sysfs_type. Hence, any client that is provided access to sysfs_type will
automatically be provided access to these files. This patch corrects the
labelling for these files to prevent this.
Test: build
Bug: 186500818
Change-Id: I364a73a960824cc9051610032179fd5caeca09de
