Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1739 commits 1 branch 0 tags 494 MiB
Commit graph

1739 commits

This branch
This branch
All branches
Author SHA1 Message Date
sukiliu
c8a74f7fce Move oriole bug map to whitechapel folder am: 90ae782e26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14963698

Change-Id: I20a6b1f291236b26224ca0fe94196b2ca91bd548
 2021-06-15 06:16:50 +00:00
sukiliu
90ae782e26 Move oriole bug map to whitechapel folder 
Bug: 190563896
Bug: 190671898
Test: PtsSELinuxTestCases
Change-Id: I15f1a6d2ebab9c5794a79abccf3530eb4bfc8307
 2021-06-15 04:39:50 +00:00
TreeHugger Robot
14e0fab271 Merge "remove obsolete entries" into sc-dev am: 441bae6d1a am: d8aa5c7972 am: 8314b7f628 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14934444

Change-Id: If85b7eec532292b3fc903d916c4eed9a78ad90eb
 2021-06-15 02:21:44 +00:00
TreeHugger Robot
f51643c9fc Merge "remove obsolete entries" into sc-dev am: 441bae6d1a am: ebcba2c62d am: 67bd98cff1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14934444

Change-Id: I6bf028823b92899a70875850d2d3ce80376607da
 2021-06-15 02:21:01 +00:00
TreeHugger Robot
8314b7f628 Merge "remove obsolete entries" into sc-dev am: 441bae6d1a am: d8aa5c7972 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14934444

Change-Id: I808fa351bb12654bbaa66248d9f10e6ce62f16e8
 2021-06-15 02:08:19 +00:00
TreeHugger Robot
67bd98cff1 Merge "remove obsolete entries" into sc-dev am: 441bae6d1a am: ebcba2c62d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14934444

Change-Id: Iec8b071a423c5243b9c1d8322ebc9e5698b48f88
 2021-06-15 02:08:07 +00:00
TreeHugger Robot
ebcba2c62d Merge "remove obsolete entries" into sc-dev am: 441bae6d1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14934444

Change-Id: I4d47c91c175d8a10e0cec3e974e684f3c44b6c63
 2021-06-15 01:54:55 +00:00
TreeHugger Robot
d8aa5c7972 Merge "remove obsolete entries" into sc-dev am: 441bae6d1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14934444

Change-Id: I31f6c2733c5cb977a8625ba473d506bfa50dbcc9
 2021-06-15 01:54:09 +00:00
TreeHugger Robot
441bae6d1a Merge "remove obsolete entries" into sc-dev 2021-06-15 01:39:02 +00:00
Rick Yiu
57cccedd8b Merge "gs101-sepolicy: Fix avc denial for permissioncontroller_app" into sc-dev am: aa315a6082 am: 6976531ebe am: b7d809111c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14943962

Change-Id: I968771288ea94d176800d3301ddfdb0f508cb768
 2021-06-15 01:11:51 +00:00
Rick Yiu
62a23399e3 Merge "gs101-sepolicy: Fix avc denial for permissioncontroller_app" into sc-dev am: aa315a6082 am: 25ce780b9c am: cc502abf3a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14943962

Change-Id: I7bcbe9db7374589c95acbdeafed1f0d701ef6ecd
 2021-06-15 01:11:39 +00:00
Rick Yiu
b7d809111c Merge "gs101-sepolicy: Fix avc denial for permissioncontroller_app" into sc-dev am: aa315a6082 am: 6976531ebe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14943962

Change-Id: I42bcfc55c789fdecf0a92dcfd0b6d07e9583765c
 2021-06-15 00:58:01 +00:00
Rick Yiu
cc502abf3a Merge "gs101-sepolicy: Fix avc denial for permissioncontroller_app" into sc-dev am: aa315a6082 am: 25ce780b9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14943962

Change-Id: Id22713f2f247609bbc304bb36ae85616598a9d64
 2021-06-15 00:57:39 +00:00
Rick Yiu
25ce780b9c Merge "gs101-sepolicy: Fix avc denial for permissioncontroller_app" into sc-dev am: aa315a6082 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14943962

Change-Id: If015ce9946b16186eb8ed75c63ac8cfadde14266
 2021-06-15 00:41:32 +00:00
Rick Yiu
6976531ebe Merge "gs101-sepolicy: Fix avc denial for permissioncontroller_app" into sc-dev am: aa315a6082 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14943962

Change-Id: Ie3aebe5d9b8e6bae0f8e0df65f0bd6a5b8d0d178
 2021-06-15 00:40:39 +00:00
Rick Yiu
aa315a6082 Merge "gs101-sepolicy: Fix avc denial for permissioncontroller_app" into sc-dev 2021-06-15 00:28:52 +00:00
Armelle Laine
5bb07db1de add se-policy to /dev/trusty-log0 so it can be accessed by dumpstate hal 
reuse logbuffer_device group as dumpstate hal already has read perms
on this group.

Bug: 188285071
Test: adb bugreport to include a trusty section in dumpstate_board.txt
Change-Id: I623a5d450bdbe2ceef4fe460bf31bfe740d847b2
 2021-06-13 23:59:37 +00:00
Richard Hsu
7d405598c1 Merge "[BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service" into sc-dev am: 753e62f39c am: 4eb4b8c73c am: db24463bc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14555068

Change-Id: Ie3ad3239e8e24ddf34f1f24285bea923b032900d
 2021-06-13 06:57:03 +00:00
Richard Hsu
be99d7ed77 Merge "[BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service" into sc-dev am: 753e62f39c am: 64d8da84f2 am: 63e64193ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14555068

Change-Id: Ie26a3d35465e1f6f7e1875a8a46194d4bf4ad572
 2021-06-13 06:56:51 +00:00
Richard Hsu
db24463bc5 Merge "[BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service" into sc-dev am: 753e62f39c am: 4eb4b8c73c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14555068

Change-Id: I9e4fc6b9d1f7fb63e51b82c0aca4fd78340adfbe
 2021-06-13 06:40:41 +00:00
Richard Hsu
63e64193ea Merge "[BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service" into sc-dev am: 753e62f39c am: 64d8da84f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14555068

Change-Id: I064464c0e3dbdb8efebb3032dccfd70cb13177b1
 2021-06-13 06:40:20 +00:00
Richard Hsu
64d8da84f2 Merge "[BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service" into sc-dev am: 753e62f39c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14555068

Change-Id: Ie75eea82a16cd39cc56a015c96896a4fcd398138
 2021-06-13 06:24:40 +00:00
Richard Hsu
4eb4b8c73c Merge "[BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service" into sc-dev am: 753e62f39c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14555068

Change-Id: If0cd3732513d21503d31cd8f9f10756305c33c5c
 2021-06-13 06:23:48 +00:00
Richard Hsu
753e62f39c Merge "[BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service" into sc-dev 2021-06-13 06:11:41 +00:00
Jayachandran Chinnakkannu
b2cb30fdde Merge "Allow telephony to access the file descriptor of the priv_apps tcp_socket" into sc-dev am: 1c130a7e1d am: 26bcc88a9b am: c6218c4afe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14950196

Change-Id: I8d52fd72511f2e0c7abbdc78b71c1509fecba023
 2021-06-12 18:00:01 +00:00
Jayachandran Chinnakkannu
1a8c6c973d Merge "Allow telephony to access the file descriptor of the priv_apps tcp_socket" into sc-dev am: 1c130a7e1d am: 40c2dd6b2e am: 8d0bcc93e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14950196

Change-Id: I5981327ed69c12b9270f1cac988c85b2d93d6609
 2021-06-12 17:59:28 +00:00
Jayachandran Chinnakkannu
c6218c4afe Merge "Allow telephony to access the file descriptor of the priv_apps tcp_socket" into sc-dev am: 1c130a7e1d am: 26bcc88a9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14950196

Change-Id: I05a6717e8e1368e248cec936ebaa0a8edf7dd1b3
 2021-06-12 17:45:19 +00:00
Jayachandran Chinnakkannu
8d0bcc93e1 Merge "Allow telephony to access the file descriptor of the priv_apps tcp_socket" into sc-dev am: 1c130a7e1d am: 40c2dd6b2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14950196

Change-Id: Ibdde5f144fff98c1bd52b08e57f2bb0909b45550
 2021-06-12 17:44:58 +00:00
Jayachandran Chinnakkannu
40c2dd6b2e Merge "Allow telephony to access the file descriptor of the priv_apps tcp_socket" into sc-dev am: 1c130a7e1d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14950196

Change-Id: Ic723bb2542a94bb3c86d315a89f415eb962f6c39
 2021-06-12 17:31:26 +00:00
Jayachandran Chinnakkannu
26bcc88a9b Merge "Allow telephony to access the file descriptor of the priv_apps tcp_socket" into sc-dev am: 1c130a7e1d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14950196

Change-Id: Id9b9f74bf5caf34af4aad329e0ea3b4ee544146f
 2021-06-12 17:30:37 +00:00
Jayachandran Chinnakkannu
1c130a7e1d Merge "Allow telephony to access the file descriptor of the priv_apps tcp_socket" into sc-dev 2021-06-12 17:19:33 +00:00
TreeHugger Robot
6d84ffcd26 Merge "qllow priv-app to access Pixel power HAL extension." into sc-dev am: 694694857a am: c5d2eaeccb am: 7bddc387cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692156

Change-Id: I4ac581e076d29dc6107c76969b8d155942450f54
 2021-06-12 11:01:11 +00:00
Kris Chen
4e3de80e9e Add sepolicy to let fingerprint access power service am: 7db400b679 am: 5991ab5ba7 am: 293194f612 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14665430

Change-Id: Ib0068381e4d66ed92bea00999b71d5aed19807c9
 2021-06-12 10:57:13 +00:00
TreeHugger Robot
922f9fe9f4 Merge "qllow priv-app to access Pixel power HAL extension." into sc-dev am: 694694857a am: a45a1ffc4d am: 35d0c523a6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692156

Change-Id: I7ec41dd15653e1692873ffa81b9a1559365077ce
 2021-06-12 10:52:58 +00:00
Kris Chen
65d63122cd Add sepolicy to let fingerprint access power service am: 7db400b679 am: 89a68b0fac am: 1c6b824cd7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14665430

Change-Id: Ib89db503fb1b0939c8bd937c9656a9f283efba16
 2021-06-12 10:52:48 +00:00
TreeHugger Robot
7bddc387cb Merge "qllow priv-app to access Pixel power HAL extension." into sc-dev am: 694694857a am: c5d2eaeccb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692156

Change-Id: I538a39764babaedab979782ca23cf8ad7531004b
 2021-06-12 10:41:47 +00:00
Kris Chen
293194f612 Add sepolicy to let fingerprint access power service am: 7db400b679 am: 5991ab5ba7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14665430

Change-Id: I24c9c4dbc29c21e382f76e47c28c57715b1e309f
 2021-06-12 10:41:38 +00:00
TreeHugger Robot
35d0c523a6 Merge "qllow priv-app to access Pixel power HAL extension." into sc-dev am: 694694857a am: a45a1ffc4d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692156

Change-Id: I034ae5e1c48a494405aaf915419af0c16cb628c2
 2021-06-12 10:41:11 +00:00
Kris Chen
1c6b824cd7 Add sepolicy to let fingerprint access power service am: 7db400b679 am: 89a68b0fac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14665430

Change-Id: I78e827879c32515678288eee944b0b9f5e66c8ad
 2021-06-12 10:41:01 +00:00
TreeHugger Robot
a45a1ffc4d Merge "qllow priv-app to access Pixel power HAL extension." into sc-dev am: 694694857a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692156

Change-Id: I2bc53103a317ac5e19642fb7bb8fe0586aab81dd
 2021-06-12 10:28:06 +00:00
Kris Chen
89a68b0fac Add sepolicy to let fingerprint access power service am: 7db400b679 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14665430

Change-Id: Ieb52fb6f5ee68d0155f9acacda9853757fed4200
 2021-06-12 10:27:55 +00:00
TreeHugger Robot
c5d2eaeccb Merge "qllow priv-app to access Pixel power HAL extension." into sc-dev am: 694694857a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692156

Change-Id: Idc40fc74a562912a8ee35b8db966c88421778949
 2021-06-12 10:27:15 +00:00
Kris Chen
5991ab5ba7 Add sepolicy to let fingerprint access power service am: 7db400b679 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14665430

Change-Id: Id2d4cb0874a39145561fc6deb825a25ec40162d8
 2021-06-12 10:27:04 +00:00
TreeHugger Robot
694694857a Merge "qllow priv-app to access Pixel power HAL extension." into sc-dev 2021-06-12 10:22:24 +00:00
Jayachandran C
5492a92a39 Allow telephony to access the file descriptor of the priv_apps tcp_socket 
The priv_apps could register for QOS notifications for its tcp_socket.
This change allows telephony to access the file descriptor for the
tcp_socket so it could double check the source and destination address
of the socket when the QOS indication is received from modem.

This addresses the following SE policy denial
auditd  : type=1400 audit(0.0:219): avc: denied { read write } for
comm="ConnectivitySer" path="socket:[98511]" dev="sockfs" ino=98511
scontext=u:r:radio:s0 tcontext=u:r:priv_app:s0:c512,c768 tclass=tcp_socket
permissive=0

Bug: 190580419
Test: Manual
Change-Id: I35d4e1fb06242eb5fcbcb36439a55c11166b149b
 2021-06-12 05:18:15 +00:00
Rick Yiu
ad47112c59 gs101-sepolicy: Fix avc denial for permissioncontroller_app 
Bug: 190671898
Test: build pass
Change-Id: I3ccfe958892cd27ebbcacc651847d4277d39855b
 2021-06-11 18:41:10 +08:00
Adam Shih
d0bb828434 remove vcd from user ROM 
Bug: 190331325
Test: build all ROM variants with only user ROM without vcd
Change-Id: If9dc555ee8582b605ccdf9d60c3a9c89cd6634d8
 2021-06-11 11:46:22 +08:00
Richard Hsu
8c979899cc [BugFix] SEPolicy for libedgetpu_darwinn2.so logging to stats service 
In order to access the darwinn metrics library from the google camera
app (product partition), we need to create an SELinux exception for
the related shared library (in vendor) it uses. This CL adds the same_process_hal_file tag to allow this exception.

Bug: 190661153, 151063663

Test: App can load the .so and not crash after this change.
Before: No permission to access namespace.
(https://paste.googleplex.com/6602755121610752)
After: GCA doesn't crash on load.

Change-Id: I8671732184bbbe283c94d1acd3bb1ff397fe651c
 2021-06-10 19:36:35 -07:00
Adam Shih
d00aafac75 remove obsolete entries 
Bug: 190672147
Bug: 173969091
Bug: 171760921
Bug: 178331773
Bug: 178752616
Bug: 188752940
Bug: 184005231
Bug: 182086688
Bug: 177176899
Bug: 182953825
Bug: 176528557
Bug: 183935382
Test: boot and do bugreport with no relevant error showed up
Change-Id: I869db698e96d2d6cfd533b7fd24c8c88d39fd0eb
 2021-06-11 10:35:59 +08:00
Kris Chen
7db400b679 Add sepolicy to let fingerprint access power service 
Fix the following avc denial:
SELinux : avc:  denied  { find } for pid=1055 uid=1000 name=android.hardware.power.IPower/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=0

Bug: 185893477
Test: Observe from systrace that the CPU frequency is boosted when
      running fingerprint algorithm.
Change-Id: I245058b912ec2af3555154934dbe722b445181a9
 2021-06-10 21:31:06 +00:00