Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3861 commits 1 branch 0 tags 494 MiB
Commit graph

17 commits

Author SHA1 Message Date
Estefany Torres
7b5ed95fdd Add rules for letting logger app send the command to ril 
08-31 23:40:57.354   458   458 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c252,c256,c512,c768 pid=2901 scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
09-01 00:08:19.600  2881  2881 W oid.pixellogger: type=1400 audit(0.0:10): avc: denied { call } for scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.android.pixellogger

Bug: 241412942
Test: tested in C10 with pixel logger change
Change-Id: Idcd693790d654d0a9b7aba46a41764d65867a61c
 2022-09-09 17:35:19 +00:00
chungkai
de44d766e4 sched: move sysfs to procfs 
Modify name from sysfs_vendor_sched to proc_vendor_sched

Test: without avc denial
Bug: 216207007
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ic113b2d8ee1d3ae1ced9985636b17ef1e7657a84
 2022-03-29 09:43:32 +00:00
Rick Yiu
4075287498 gs101-sepolicy: Fix avc denials 
Fix below and other potential denials

11-21 10:10:43.984  3417  3417 I auditd  : type=1400 audit(0.0:4): avc: denied { write } for comm=4173796E635461736B202332 path="/sys/kernel/vendor_sched/set_task_group_fg" dev="sysfs" ino=44511 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=file permissive=0 app=com.google.android.pixel.setupwizard

11-21 10:10:44.840  3976  3976 I auditd  : type=1400 audit(0.0:10): avc: denied { write } for comm="StallDetector-1" path="/sys/kernel/vendor_sched/set_task_group_fg" dev="sysfs" ino=44511 scontext=u:r:untrusted_app_30:s0:c170,c256,c512,c768 tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=file permissive=0 app=com.google.android.inputmethod.latin

11-21 18:10:51.280  5595  5595 I auditd  : type=1400 audit(0.0:102): avc: denied { write } for comm="SharedPreferenc" path="/sys/kernel/vendor_sched/set_task_group_fg" dev="sysfs" ino=44511 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=file permissive=0 app=com.google.android.gms

Bug: 206970384
Test: make selinux_policy pass
Change-Id: I7c981ef0516dc5be93ec825768de57c15786b4bd
 2021-11-25 14:26:35 +00:00
Rick Yiu
a457b1d640 gs101-sepolicy: Fix tracking_denials of sysfs_vendor_sched 
Bug: 190368350
Test: build pass
Change-Id: Id742e8328f63c04e5448225975897d8f6adc1e13
 2021-06-09 01:34:50 +00:00
SalmaxChang
b486ddedc5 logger_app: Fix avc error 
avc: denied { search } for name="ramdump" dev="dm-7" ino=316 scontext=u:r:logger_app:s0:c17,c257,c512,c768 tcontext=u:object_r:ramdump_vendor_data_file:s0 tclass=dir permissive=0
avc: denied { search } for name="ssrdump" dev="dm-11" ino=292 scontext=u:r:logger_app:s0:c23,c257,c512,c768 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=0

Bug: 188601292
Bug: 188611595

Change-Id: If6b204bf0d5c502cf09c9fe70bcd572cfe2db016
 2021-05-19 07:39:36 +00:00
jintinglin
3be06b2ec9 logger_app: Fix avc errors 
avc: denied { read } for name="level" dev="sysfs" ino=57112 scontext=u:r:logger_app:s0:c29,c257,c512,c768 tcontext=u:object_r:sysfs_sscoredump_level:s0 tclass=file permissive=0 app=com.android.pixellogger

Bug: 187909426
Change-Id: I2037b1d2613736c8e1789bc96bfd4be0168444e0
 2021-05-18 18:46:00 +08:00
SalmaxChang
ab97657410 logger_app: Fix avc errors 
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=141 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger
Access denied finding property "viewroot.profile_rendering"
Access denied finding property "ro.input.resampling"
Access denied finding property "persist.input.velocitytracker.strategy"

avc: denied { read } for comm="oid.pixellogger" name="u:object_r:usb_control_prop:s0" dev="tmpfs" ino=281 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:usb_control_prop:s0 tclass=file permissive=0 app=com.android.pixellogger

Bug: 186612284
Change-Id: I15f00d9ed3cc0c0657c854292caad60e3f7a3011
 2021-05-06 03:57:01 +00:00
chenpaul
920b0e11a9 Add sepolicy for wlan logger and sniffer logger 
Bug: 186069127
Test: Sniffer logger can be start by Pixel Logger app
      wlan logger is workable.
Change-Id: I1e7a75a08de37668316b06e066c080e837d7896b
 2021-04-27 19:37:28 +08:00
Nicole Lee
b3dfc87e03 logger_app: Grant access to control usb debug port 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=325 scontext=u:r:logger_app:s0:c22,c257,c512,c768 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1 app=com.android.pixellogger
avc: denied { open } for comm="oid.pixellogger" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=325 scontext=u:r:logger_app:s0:c22,c257,c512,c768 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1 app=com.android.pixellogger
avc: denied { set } for property=vendor.usb.config pid=8892 uid=10278 gid=10278 scontext=u:r:logger_app:s0:c22,c257,c512,c768 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=1

Bug: 186365435
Change-Id: Ie7aef49eee1dd66a6ca6ca9a1a4f8d31cc793551
 2021-04-26 11:50:51 +08:00
SalmaxChang
3c692b942a Create vendor_logger_prop 
Bug: 178744858
Change-Id: I4abb6f73b068c5ed265979c3190bcc2feac76f94
 2021-04-16 06:06:36 +00:00
TreeHugger Robot
421bee976b Merge "logger_app: Remove Pixelize rule" into sc-dev 2021-04-13 11:54:20 +00:00
SalmaxChang
2c1b29b494 logger_app: Grant to access new logger properties 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:vendor_ssrdump_prop:s0" dev="tmpfs" ino=308 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_ssrdump_prop:s0 tclass=file permissive=1
avc: denied { set } for property=vendor.debug.ramdump.full pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_ramdump_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.logd.logpersistd.count pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:logpersistd_logging_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.vendor.ril.crash_handling_mode pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.logd.size pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:logd_prop:s0 tclass=property_service permissive=1

Bug: 178744858
Change-Id: I42629335e82565fbf305be242098870aef6ea317
 2021-04-12 15:08:30 +08:00
Eddie Tashjian
b2fb9cdace Add TCP dump permissions. 
Copy selinux policy for tcp dump binary from previous Pixel to support
TCP logging on P21 through PixelLogger.

Bug: 184777243
Test: Check PixelLogger TCP dump works.
Change-Id: Id958c8a3e6375a7aae569d6fc94deb9f8072b57b
 2021-04-08 03:13:55 +00:00
chenpaul
7376656ff4 logger_app: Remove Pixelize rule 
In original design, pixellogger was included in Pixelize mk file,
but the sepolicy are defined by the product specific te file.
These are not aligned and have dependency concern if add new sepolicy rule
in Pixelize te file.

This change remove the Pixelize rule from the device specifc te file.
And the Pixelize rule will be defined by
hardware/google/pixel-sepolicy/logger_app/logger_app.te

Bug: 159650456
Test: Pixel Logger is workable
Change-Id: If13e05b7979f7be02a728b40f8032b81f7c53e06
 2021-04-07 21:31:32 +08:00
yixuanjiang
7e8fca8041 whitechapel: add permission for pixellogger set audio property 
Bug: 184708066
Test: local test
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: I6a43959fc3565db8d2a1679ce722c11f58398794
 2021-04-07 07:06:53 +00:00
SalmaxChang
2797490192 Update vendor_modem_prop and add rules for mds 
Bug: 181185131
Change-Id: Ie709e08152d23428a687c949359316206843b9fa
 2021-03-18 04:48:19 +00:00
Robin Peng
5009efa776 Move slider-sepolicy into gs101-sepolicy 
from: 71e609c24c97fc8d44843af30527cbeb90d5dcdf

Bug: 167996145
Change-Id: Ie00e7e0983a3ca695bbd5140c929d07a80144301
 2021-03-06 16:15:39 +08:00