Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3861 commits 1 branch 0 tags 494 MiB
Commit graph

1434 commits

Author SHA1 Message Date
Albert Wang
77db706d9b Merge "Expand the xHCI wakeup path for suspend_control" 2022-05-03 07:14:40 +00:00
Asad Ali
98e8bf3e45 Allow chre to communicate with fwk_stats_service. am: c6ea8d1656 am: bc040f306d 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2077138

Change-Id: Ieb41d6bd22ee5500269261652993f0866ac795bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-02 22:06:22 +00:00
Asad Ali
bc040f306d Allow chre to communicate with fwk_stats_service. am: c6ea8d1656 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2077138

Change-Id: I54420bcfe55250683a2afd25a85242cdf5056e5c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-02 21:33:11 +00:00
Will McVicker
12b3700a38 genfs_contexts: add raw i2c-s2mpg10mfd and i2c-s2mpg11mfd nodes 
This adds the [067]-001f and [178]-002f raw i2c numberings to the
sepolicy for the P21-mainline driver which doesn't use the i2c vendor
hook to rename these numberings. This is required for the thermal hal to
work.

Bug: 231155356
Signed-off-by: Will McVicker <willmcvicker@google.com>
Change-Id: I8e4bbbd0768e63e708f46eb42bddb5fc28b29caa
 2022-05-02 10:12:15 -07:00
Asad Ali
7bfcc6f4e5 Allow chre to communicate with fwk_stats_service. 
Bug: 230788686
Test: Logged atoms using CHRE + log atom extension.
Change-Id: I0683a224d61cdc8c927360ebad3de115ed431e1a
(cherry picked from commit c6ea8d1656)
 2022-04-29 17:00:27 +00:00
Asad Ali
c6ea8d1656 Allow chre to communicate with fwk_stats_service. 
Bug: 230788686
Test: Logged atoms using CHRE + log atom extension.
Change-Id: I0683a224d61cdc8c927360ebad3de115ed431e1a
 2022-04-28 22:27:57 +00:00
Asad Ali
a9528564c0 Merge "Update SELinux to allow CHRE to talk to the Wifi HAL" am: a022023a90 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2077149

Change-Id: I196d9c8349e352c630b11441bf3280d456a75118
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-28 07:51:24 +00:00
Asad Ali
a022023a90 Merge "Update SELinux to allow CHRE to talk to the Wifi HAL" 2022-04-28 07:05:14 +00:00
Albert Wang
ee1758317e Expand the xHCI wakeup path for suspend_control 
Error log:
Error opening kernel wakelock stats for: wakeup132 (../../devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.auto/usb2/2-1/wakeup/wakeup132): Permission denied
avc: denied { read } for name="wakeup132" dev="sysfs" ino=3607558 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0

Bug: 209745132
Test: test build to verify sepolicy log
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I6c70272a79059f7ca4e3b0e525bbc09625e25135
 2022-04-28 06:41:24 +00:00
Kris Chen
c6eea8a657 Allow hal_fingerprint_default to access hal_pixel_display_service 
Fix the following avc denial:
avc: denied  { find } for pid=1158 uid=1000 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=0
avc: denied { call } for scontext=u:r:hal_fingerprint_default:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder permissive=0

Bug: 229716695
Bug: 224573604
Test: build and test fingerprint on device.
Change-Id: Id24e65213221048d6dfdeae6ed2bcb7b762a0f75
 2022-04-28 03:08:47 +00:00
Wei Wang
615f85c22d allow udfps hal to access trusty 
Bug: 229350721
Bug: 230492593
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ib1abe0e0318689528a6658f3597f1c11ad9fa1c3
 2022-04-27 20:20:43 +00:00
Treehugger Robot
fd65b31055 Merge "android.hardware.usb.IUsb AIDL migration" am: c49520d66e 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2044871

Change-Id: Ib0ea1d39f90456062a1d18ac86ff8c6140cb29eb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 17:39:58 +00:00
Treehugger Robot
c49520d66e Merge "android.hardware.usb.IUsb AIDL migration" 2022-04-27 16:21:29 +00:00
Jenny Ho
15036785cf sepolicy: allow access debugfs charger register dump 
[  438.549652] type=1400 audit(1651035282.616:8): avc: denied { read } for comm="dumpstate@1.1-s" name="registers" dev="debugfs" ino=31549 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
[  438.550252] type=1400 audit(1651035282.616:9): avc: denied { read } for comm="dumpstate@1.1-s" name="registers" dev="debugfs" ino=31532 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0

Bug: 230360103
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: I102a159ca23a65d99a52cac3d011f5ce535a37e7
 2022-04-27 10:09:48 +00:00
Anthony Stange
8c311f981b Update SELinux to allow CHRE to talk to the Wifi HAL 
Bug: 206614765
Test: Run locally
Change-Id: I73bcf96ed1cab0a101e5f84852a1d82258b9c690
Merged-In: I73bcf96ed1cab0a101e5f84852a1d82258b9c690
 2022-04-27 06:13:14 +00:00
Edmond Chung
a287bef991 Camera: add setsched capability. am: 99b4aebb6a 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2076040

Change-Id: I2b276fc1165bcd66d9075566d50f0971e1447811
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 20:19:27 +00:00
Wei Wang
5e9a38799a Merge "Grant trusty to power hal" into tm-dev 2022-04-26 16:47:14 +00:00
Edmond Chung
99b4aebb6a Camera: add setsched capability. 
The camera HAL needs to configure schedule policies for
performance optimizations.

Bug: 228632527
Test: adb logcat
Change-Id: Ifbf433c026549ca774a9521704d0b0b75c9e9f23
Merged-In: Ifbf433c026549ca774a9521704d0b0b75c9e9f23
Signed-off-by: Edmond Chung <edmondchung@google.com>
 2022-04-25 15:25:01 -07:00
Edmond Chung
2715a08a73 Camera: add setsched capability. 
The camera HAL needs to configure schedule policies for
performance optimizations.

Bug: 228632527
Test: GCA, adb logcat
Change-Id: Ifbf433c026549ca774a9521704d0b0b75c9e9f23
 2022-04-24 23:08:42 +00:00
Wei Wang
1291c3cec9 Grant trusty to power hal 
Bug: 229350721
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ia88d6cff1d21940e22ae5122dbfcf52de27ad700
 2022-04-24 04:30:03 +00:00
chungkai
11770d9dfe sepolicy: Remove tracking denials files and fix avc problems 
04-19 10:53:57.364 W binder:575_2: type=1400 audit(0.0:17):
avc: denied { read } for name="wakeup11" dev="sysfs" ino=59892
scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=dir
permissive=0

Bug: 229670628
Test: pass
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I6a83b77c4a4bb836e4014cf865cb720a360fd981
 2022-04-21 07:24:21 +00:00
Alistair Delva
f482ea00d9 Merge "Remove sysfs_gpu type definition" am: e48b455651 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1999630

Change-Id: I144bf39a8eb4c8fda36cfbceb03e7813faf31f3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 04:43:57 +00:00
Alistair Delva
e48b455651 Merge "Remove sysfs_gpu type definition" 2022-04-21 04:21:45 +00:00
Chung-Kai (Michael) Mei
1875f214c6 Merge "sepolicy: fix avc denials" into tm-dev 2022-04-20 02:21:49 +00:00
Jason Macnak
d02d83f5c0 Merge "Remove sysfs_gpu type definition" into tm-dev 2022-04-19 15:59:07 +00:00
chungkai
19073ba66c sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 229670628
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I6747e6d36731664d7f2fd88382c8a6189c936860
 2022-04-19 06:10:34 +00:00
Jason Macnak
f2be252260 Remove sysfs_gpu type definition 
... as it has moved to system/sepolicy.

Bug: b/161819018
Test: presubmit
Change-Id: I6fcafa87541ed0cbaf3ba74fa5ff4dbdebd533f7
Merged-In: I6fcafa87541ed0cbaf3ba74fa5ff4dbdebd533f7
 2022-04-18 22:45:55 +00:00
Chung-Kai (Michael) Mei
9309ec2609 Merge "genfs_contexts: fix path for i2c peripheral device" into tm-dev 2022-04-15 01:01:25 +00:00
Anthony Stange
0cfdc0266c Merge "Update SELinux to allow CHRE to talk to the Wifi HAL" into tm-dev 2022-04-14 15:23:23 +00:00
chungkai
953583844f genfs_contexts: fix path for i2c peripheral device 
paths are changed when we enable parallel module loading and
reorder the initializtaion of devices.

Test: without avc denial on R4/O6 when booting
Bug: 22754176
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ibcd5138170449e24115a0de5c3beda79914d1dc1
 2022-04-14 04:45:41 +00:00
Anthony Stange
613bdcdec8 Update SELinux to allow CHRE to talk to the Wifi HAL 
Bug: 206614765
Test: Run locally
Change-Id: I73bcf96ed1cab0a101e5f84852a1d82258b9c690
 2022-04-12 20:58:12 +00:00
TreeHugger Robot
4e91f5530e Merge "sepolicy: Add policy for persist.vendor.udfps" into tm-dev 2022-04-12 10:56:32 +00:00
Darren Hsu
acb5cc9e03 sepolicy: label charger wakeups for system suspend am: 3c11d8d1c5 am: 4df95c6d08 am: 9b9e2b4f3c 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2060630

Change-Id: Ib0aa15719df8e4e0e7eb673b389d4e0b6be99640
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 04:19:48 +00:00
Darren Hsu
4df95c6d08 sepolicy: label charger wakeups for system suspend am: 3c11d8d1c5 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2060630

Change-Id: I058cb3909d972cc5784e507fcb26b46196c33aa4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 03:39:39 +00:00
Badhri Jagan Sridharan
93b8189c2b Merge "Allow usb hal to read contaminantdisable property" into tm-dev 2022-04-11 22:22:28 +00:00
Darren Hsu
3c11d8d1c5 sepolicy: label charger wakeups for system suspend 
Bug: 226887726
Test: do bugreport without avc denials
Change-Id: I779b646846da90cdc710145e959644efc4733b3b
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-04-11 10:56:33 +08:00
Badhri Jagan Sridharan
8606aa8a51 Allow usb hal to read contaminantdisable property 
avc: denied { read } for comm="android.hardwar" name="u:object_r:vendor_usb_config_prop:s0"
dev="tmpfs" ino=367 scontext=u:r:hal_usb_impl:s0
tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=0

Bug: 227792357
Change-Id: Id4d5ef7c214f0c0f672db28991b9fbe0152530b7
 2022-04-07 17:21:15 -07:00
Chung-Kai (Michael) Mei
9a909d4058 Merge changes from topic "gs101_parallel_load_sepolicy" into tm-dev 
* changes:
  sepolicy: ignore avc denial
  genfs_contexts: fix path for i2c peripheral devices
 2022-04-07 09:33:26 +00:00
Siddharth Kapoor
9d3a25fb29 Merge "Revert "Move ODPM file rule to pixel sepolicy"" into tm-dev 2022-04-07 04:06:31 +00:00
Siddharth Kapoor
13f85a37f3 Revert "Move ODPM file rule to pixel sepolicy" 
Revert "Move ODPM file rule to pixel sepolicy"

Revert submission 17215583-odpm_sepolicy_refactor-tm-dev

Reason for revert: build failure tracked in b/228261711
Reverted Changes:
Ic9a89950a:Move ODPM file rule to pixel sepolicy
I24105669b:Move ODPM file rule to pixel sepolicy
I044a285ff:Move ODPM file rule to pixel sepolicy

Change-Id: I36abfddaa5903739f9c5bf65d3c1cd506db9e604
 2022-04-07 03:29:56 +00:00
chungkai
8a19d8be9c genfs_contexts: fix path for i2c peripheral devices 
paths are changed when we enable parallel module loading and
reorder the initializtaion of devices.

Test: without avc denial on Raven
Bug: 227541760
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I7d835205696fd727e9be24fcf010ed44bcd5d6ae
 2022-04-06 09:15:46 +00:00
Albert Wang
7839be7474 Add more xHCI wakeup path for suspend_control am: e60773b926 am: 092298b579 am: aed8848fb0 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2052478

Change-Id: I251a791b13d863de275ceffc3ba926db9a458c07
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 08:42:39 +00:00
Albert Wang
092298b579 Add more xHCI wakeup path for suspend_control am: e60773b926 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2052478

Change-Id: Ib07b92bf159c8b69dcdc7bc17e7f19a44aab20f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 08:00:41 +00:00
Sam Ou
de81154964 Merge "Move ODPM file rule to pixel sepolicy" into tm-dev 2022-04-06 02:09:38 +00:00
Albert Wang
e60773b926 Add more xHCI wakeup path for suspend_control 
To addressdd the xHCI wakeup nodes permission problem, add new nodes:
/devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.auto/usb2/wakeup
/devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.auto/usb3/wakeup

avc: denied { read } for name="wakeup175" dev="sysfs" ino=162091
scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0
android.system.suspend@1.0-service: Error opening kernel wakelock stats for: wakeup175
(../../devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.auto/usb2/wakeup/
wakeup175): Permission denied
avc: denied { read } for name="wakeup176" dev="sysfs" ino=162107
scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0
android.system.suspend@1.0-service: Error opening kernel wakelock stats for: wakeup176
(../../devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.auto/usb3/wakeup/
wakeup176): Permission denied

Bug: 226056256
Test: test build to verify sepolicy log
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I7f65597f91db5a16d4f9de4f6bb018bd5b50a965
 2022-04-01 09:43:40 +08:00
chungkai
de44d766e4 sched: move sysfs to procfs 
Modify name from sysfs_vendor_sched to proc_vendor_sched

Test: without avc denial
Bug: 216207007
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ic113b2d8ee1d3ae1ced9985636b17ef1e7657a84
 2022-03-29 09:43:32 +00:00
KRIS CHEN
572a8a3372 Merge "Allow hal_fingerprint_default to access sysfs_display" into tm-dev 2022-03-29 01:39:34 +00:00
Badhri Jagan Sridharan
a4b9ad439b android.hardware.usb.IUsb AIDL migration 
android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.

Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
Merged-In: Ia8c24610244856490c8271433710afb57d3da157
(cherry picked from commit 51735ba3ab)
 2022-03-28 17:01:45 +08:00
Darren Hsu
24b4d1b601 Allow hal_power_stats to read sysfs_aoc_dumpstate am: f11f53a3ae am: a0592e36d2 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2044864

Change-Id: I1ae4b99a9fa4fc95f96ee1f36dc500f453653ca7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 08:17:33 +00:00
Kris Chen
3df0d7812b Allow hal_fingerprint_default to access sysfs_display 
Fix the following avc denial:
avc: denied { read } for name="panel_name" dev="sysfs" ino=71133 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=0

Bug: 223687187
Test: build and test fingerprint on device.
Change-Id: Ic2b2cadb97f36643b79de6a8ebfe2232093fe7d7
 2022-03-25 14:53:53 +08:00