Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3861 commits 1 branch 0 tags 494 MiB
Commit graph

1434 commits

Author SHA1 Message Date
Namkyu Kim
4055c31faf sepolicy: gs101: support tetheroffload hal version 1.y 
Support both 1.0 and 1.1.

Bug: 186539538
Test: run vts -m VtsHalTetheroffloadControlV1_0TargetTest
      run vts -m VtsHalTetheroffloadControlV1_1TargetTest

Signed-off-by: Namkyu Kim <namkyu78.kim@samsung.com>
Change-Id: I76a26dcd22e1c8985d470a39b9aeae618f459d00
 2021-07-16 04:05:21 +00:00
Stephane Lee
91fde6a7ca Merge "odpm: Rename the odpm_config sepolicies to be more consistent" into sc-dev am: ea6996bc52 am: b37fe8c071 am: 3d97807081 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15289584

Change-Id: I6df2b194f1d1a3ee4a6d64d611ab0086eaa5d3b1
 2021-07-16 02:44:55 +00:00
Stephane Lee
b37fe8c071 Merge "odpm: Rename the odpm_config sepolicies to be more consistent" into sc-dev am: ea6996bc52 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15289584

Change-Id: I587aad68aafb8b4229fd76f2a35d94ccc4a51987
 2021-07-16 02:11:29 +00:00
Stephane Lee
ea6996bc52 Merge "odpm: Rename the odpm_config sepolicies to be more consistent" into sc-dev 2021-07-16 01:55:33 +00:00
Wenhao Wang
5c009fb96f Add wakelock access for storageproxyd 
The storageproxyd needs a wakelock around the sequence of UFS commands

Bug: 193456223
Test: Trusty storage tests
Change-Id: I1efe3144c8bcc17c056fc3b9b796e080f77991d5
 2021-07-15 17:10:31 -07:00
Andrew LeCain
d8d8580281 sepolicy allow fingerprint hal to read mfg_data 
declares new device context for mfg_data_block_device
give fp HAL permission to read/write/open
give fp HAL permission to search block_device dir

Bug: 189135413
Test: sideload calibration in enforcing mode.
Change-Id: I19e0cd13fc452b42c3f35772c4bafd433dbcc8b1
 2021-07-15 10:58:53 -07:00
TreeHugger Robot
897136d89c Merge "Set sepolicy for shell script of disabling contaminant detection" into sc-dev am: f0dd8e2957 am: 18ba5fc434 am: 34c83c5bdd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15269315

Change-Id: I8519eba1ede02cd42389422240913d3d297a8fdb
 2021-07-15 17:09:47 +00:00
TreeHugger Robot
18ba5fc434 Merge "Set sepolicy for shell script of disabling contaminant detection" into sc-dev am: f0dd8e2957 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15269315

Change-Id: I6c76bc3520f86a8aa85172a38fbfe8ebec6d934c
 2021-07-15 16:32:23 +00:00
TreeHugger Robot
f0dd8e2957 Merge "Set sepolicy for shell script of disabling contaminant detection" into sc-dev 2021-07-15 16:17:40 +00:00
Darren Hsu
3050ed8ed9 Set sepolicy for shell script of disabling contaminant detection 
The avc denials are listed in b/192208389#comment10.

Bug: 192208389
Test: Manually tested
Change-Id: Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2021-07-15 11:11:11 +08:00
Stephane Lee
c7342a7824 odpm: Rename the odpm_config sepolicies to be more consistent 
Test: Ensure that there are no sepolicy errors on odpm_config
Bug: 192674986
Change-Id: I3043a544511c8c3051e1bd10e9f6b668b251cf5f
 2021-07-14 16:11:51 -07:00
TreeHugger Robot
9c4a36902f Merge "Add create perm for tee" into sc-dev am: e7aab2cbdd am: 67dfb20473 am: 10086de148 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15276267

Change-Id: I05f2347a9bef7e8b124ad1ac1b60c4c68497d07b
 2021-07-14 02:20:13 +00:00
TreeHugger Robot
67dfb20473 Merge "Add create perm for tee" into sc-dev am: e7aab2cbdd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15276267

Change-Id: Id0970b0bfb90adb33206450bd88b823d8742fc47
 2021-07-14 01:21:36 +00:00
TreeHugger Robot
e7aab2cbdd Merge "Add create perm for tee" into sc-dev 2021-07-14 01:01:53 +00:00
Wenhao Wang
c60e44c29e Add create perm for tee 
The storageproxyd needs to create persist/ss from scratch.
So we add the create perm.

Bug: 193489307
Test: Trusty storage tests
Change-Id: Ida1c07acac26494ae6bba0392fb2da0425803608
 2021-07-13 16:26:17 -07:00
Stephane Lee
5dc5be5967 Add DC Charging to server configurable parameters; ensure the sysfs node is writable am: 2046513eb7 am: ec44f8bfd2 am: c00638f5e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15180033

Change-Id: Ic925a8f33ea373982cdbfb08d31b83d5b9009be3
 2021-07-13 09:19:43 +00:00
Stephane Lee
ec44f8bfd2 Add DC Charging to server configurable parameters; ensure the sysfs node is writable am: 2046513eb7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15180033

Change-Id: I3cd66320c887223d53506cb2ce741a1e04c02afd
 2021-07-13 08:47:59 +00:00
Stephane Lee
2046513eb7 Add DC Charging to server configurable parameters; ensure the sysfs node is writable 
hal_googlebattery will be writing to:
/sys/devices/platform/google,cpm/dc_ctl

Test: Ensure there are no errors on logcat | grep google_battery@
Bug: 183772980

Change-Id: Id4490d6de161eefe63c36c01d497696b16c6292d
 2021-07-12 13:27:54 -07:00
Salmax Chang
4fd7927c2d Merge "init: change overlayfs_file rule to dontaudit" into sc-dev am: 3582ffbdbf am: 75e43acd87 am: 85d2b46a46 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15243218

Change-Id: I05776596bfa9f02c5abc3207ee6dada0a3342f4f
 2021-07-12 03:19:48 +00:00
Salmax Chang
75e43acd87 Merge "init: change overlayfs_file rule to dontaudit" into sc-dev am: 3582ffbdbf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15243218

Change-Id: Ie4fbc4fdc55beb1e3cabb65f9454fccde8b1aa2d
 2021-07-12 02:55:35 +00:00
SalmaxChang
12370586c9 init: change overlayfs_file rule to dontaudit 
Workaround for modem_img being unlabeled after disable-verity.

Bug: 193113005

Change-Id: I64b528d9952849ff73bcd583211d33c3b220438d
 2021-07-09 23:27:30 +08:00
Meng Wang
2aea7ba571 Merge "[RCS] Update sepolicy for RCS" into sc-dev am: 1c6e5c01eb am: 7fb6fd8f29 am: 425c6cddc6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15185251

Change-Id: I770d52819732ca4f910043917581d7ab29265867
 2021-07-08 18:07:26 +00:00
Meng Wang
7fb6fd8f29 Merge "[RCS] Update sepolicy for RCS" into sc-dev am: 1c6e5c01eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15185251

Change-Id: Id84850bf689dd9b060fa3ef12dcb31937f84eab7
 2021-07-08 17:29:20 +00:00
Meng Wang
1c6e5c01eb Merge "[RCS] Update sepolicy for RCS" into sc-dev 2021-07-08 17:14:51 +00:00
TreeHugger Robot
efcfe382f4 Merge "[3A Coordinator] Enable to property_set for log.tag. prefix" into sc-dev am: 95756a2c79 am: b2b7ac7cdb am: a9d707557e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15223178

Change-Id: I650d55d67695915a882182dc094d0bd65bd3cdef
 2021-07-08 07:31:43 +00:00
TreeHugger Robot
a9d707557e Merge "[3A Coordinator] Enable to property_set for log.tag. prefix" into sc-dev am: 95756a2c79 am: b2b7ac7cdb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15223178

Change-Id: If5ff68c7d802c9f6d73bb1b4cafd1a3720228356
 2021-07-08 07:14:53 +00:00
TreeHugger Robot
3d080673a4 Merge "[3A Coordinator] Enable to property_set for log.tag. prefix" into sc-dev am: 95756a2c79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15223178

Change-Id: I31a476f1d9db6714eb7a229639da600ed70c4877
 2021-07-08 07:00:51 +00:00
KRIS CHEN
e12716715f Merge "Add sepolicy rules for fingerprint hal" into sc-dev am: ba9051de47 am: 4108dc59c6 am: eb8ba8ed48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15223175

Change-Id: Icf35e412b863e85ee907b144dec12a6bd560c935
 2021-07-08 02:47:39 +00:00
KRIS CHEN
4108dc59c6 Merge "Add sepolicy rules for fingerprint hal" into sc-dev am: ba9051de47 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15223175

Change-Id: I610ada122ff075bff8ef9e446fa91ceac293bf09
 2021-07-08 02:22:04 +00:00
Bo-Yuan Ye
20dd1ef66c [3A Coordinator] Enable to property_set for log.tag. prefix 
major changes:
        1. add log_tag_prop for hal_camera_default

Test: go/p21-camera-test-checklist
Bug: 191923902
Change-Id: I767c235666c6761af6d21178d829a0f7cb8d42c8
 2021-07-08 10:15:23 +08:00
KRIS CHEN
ba9051de47 Merge "Add sepolicy rules for fingerprint hal" into sc-dev 2021-07-08 02:05:03 +00:00
Myung-jong Kim
99e75b6ab9 [RCS] Update sepolicy for RCS 
Fix seapp_contexts sepolicy for shannon-rcs, where
:shannonrcsservice process exceptions are not handled

Bug: 190581528
Signed-off-by: Myung-jong Kim <mj610.kim@samsung.com>
Change-Id: I15cbf103cea70f6db878305a8fca6b35aa521f9b
 2021-07-07 10:57:12 -07:00
Maciej Zenczykowski
b181dcf9f5 Merge "add sepolicy for set_usb_irq.sh" into sc-dev am: 9b270f0fc5 am: cb63eaae07 am: fec4ea662f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15219696

Change-Id: I59ef2ad246ce2e059837c1aa6932a13286e5369c
 2021-07-07 17:01:11 +00:00
Kris Chen
a5c9028ced Add sepolicy rules for fingerprint hal 
Fix following avc denial:
servicemanager: type=1400 audit(0.0:8): avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_fingerprint_default:s0 tclass=binder permissive=0

Bug: 192040144
Test: No above avc denial in logcat.
Change-Id: I1b93474cac4ccb24736bc97665a7ca533ef0a7d3
 2021-07-08 00:59:49 +08:00
Maciej Zenczykowski
fec4ea662f Merge "add sepolicy for set_usb_irq.sh" into sc-dev am: 9b270f0fc5 am: cb63eaae07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15219696

Change-Id: I5698d2394de8dc8d2afcd91f2ad7d8945c432aab
 2021-07-07 16:48:04 +00:00
Maciej Zenczykowski
1886ddd1af Merge "add sepolicy for set_usb_irq.sh" into sc-dev am: 9b270f0fc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15219696

Change-Id: I02f1d2dd5a9837c90a67db03f83cb9d8e7e6708a
 2021-07-07 16:36:33 +00:00
Maciej Zenczykowski
9b270f0fc5 Merge "add sepolicy for set_usb_irq.sh" into sc-dev 2021-07-07 16:23:13 +00:00
Maciej Żenczykowski
714075eba7 add sepolicy for set_usb_irq.sh 
Bug: 185092876
Test: TreeHugger, booted on oriole, enabled/disabled tethering
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: I7361a4390197e04b27eaf153a696e3f800f79b55
 2021-07-07 16:22:33 +00:00
Randall Huang
e7313f6a03 Fix overlayfs avc denied am: d328008234 am: decd3637ef am: 86a1fff3a1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15211714

Change-Id: I5c0085680d4d5149e30ace21231f44d6a0d64c98
 2021-07-07 02:37:54 +00:00
Randall Huang
decd3637ef Fix overlayfs avc denied am: d328008234 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15211714

Change-Id: Iebb750cacabf23753ce15d8d075d1e11867cb34b
 2021-07-07 02:07:58 +00:00
Randall Huang
d328008234 Fix overlayfs avc denied 
avc: denied { rename } for comm="init" name="#b" dev="dm-6" ino=52
scontext=u:r:init:s0 tcontext=u:object_r:overlayfs_file:s0
tclass=file permissive=1

avc: denied { unlink } for comm="init" name="#b" dev="dm-6" ino=53
scontext=u:r:init:s0 tcontext=u:object_r:overlayfs_file:s0
tclass=chr_file permissive=1

Bug: 192617244
Test: boot & adb remount
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: I740ff317520439034d2bf6e0659b1418bf6dac5c
 2021-07-06 18:19:04 +08:00
TreeHugger Robot
e0de88e4dc Merge "Add system file of INT clock to sysfs_fabric group" into sc-dev am: 8318f84aef am: 658fee07c2 am: 34ab6a3951 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15152132

Change-Id: Ide59e16a43a606b1d432ac88c1be150a7bea420e
 2021-07-06 01:58:32 +00:00
TreeHugger Robot
658fee07c2 Merge "Add system file of INT clock to sysfs_fabric group" into sc-dev am: 8318f84aef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15152132

Change-Id: I81b56ac19c9b6305037ffda1c2fe72c0505ece6d
 2021-07-06 01:27:27 +00:00
TreeHugger Robot
8318f84aef Merge "Add system file of INT clock to sysfs_fabric group" into sc-dev 2021-07-06 01:12:21 +00:00
Yu(Swim) Chih Ren
3aa97b5012 Add system file of INT clock to sysfs_fabric group 
It is for power hal can access system file of INT clock

Bug: 168654554

Test: 1. Check file group of INT clock system file
      2. P21 Camera Test Checklist done

Change-Id: I1952c5d2ae39c338c9d2ccb8db49d1d119943c06
 2021-07-06 00:33:55 +00:00
David Chen
81cf2f8a10 Merge "Allow twoshay to access fwk_stats_service and system_server" 2021-07-05 08:18:22 +00:00
Miller Liang
a8d0ff23c5 Merge "Fix AAudio avc denied" into sc-dev am: a21c6081c9 am: 8fc8ba0691 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15197030

Change-Id: I453bfbfc9ee0e6f7f0467ad012076e9bb7b68a3e
 2021-07-05 02:57:23 +00:00
davidycchen
6e7338095b Allow twoshay to access fwk_stats_service and system_server 
avc:  denied  { find } for pid=813 uid=0
name=android.frameworks.stats.IStats/default scontext=u:r:twoshay:s0
tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager

avc: denied { call } for scontext=u:r:twoshay:s0
tcontext=u:r:system_server:s0 tclass=binder

Bug: 179334953
Test: Make selinux_policy and push related files to the device.

Signed-off-by: davidycchen <davidycchen@google.com>
Change-Id: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-07-05 10:50:53 +08:00
Miller Liang
96e42a92ec Merge "Fix AAudio avc denied" into sc-dev am: a21c6081c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15197030

Change-Id: Icac39dfd3374ba28563a6b4254086dda6d5a9e72
 2021-07-05 02:46:21 +00:00
Miller Liang
a21c6081c9 Merge "Fix AAudio avc denied" into sc-dev 2021-07-05 02:32:11 +00:00