Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2972 commits 1 branch 0 tags 494 MiB
Commit graph

2972 commits

This branch
This branch
All branches
Author SHA1 Message Date
KRIS CHEN
ef5cde63e6 Merge "Allow fingerprint hal to access dmabuf_system_heap_device" into sc-dev 2021-04-13 06:22:13 +00:00
Kris Chen
c14f02da5d Allow fingerprint hal to access dmabuf_system_heap_device 
Fixes the following avc denial:
android.hardwar: type=1400 audit(0.0:1207): avc: denied { read } for name="system" dev="tmpfs" ino=689 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=0

Bug: 171791180
Bug: 184034094
Test: Enroll and authenticate fingerprints.
Change-Id: Ie86143ac2484d8909b1070829ff20cf02572f17d
 2021-04-13 06:21:09 +00:00
Adam Shih
a071425509 Merge changes Ieac81e9d,I7c069770 into sc-dev 
* changes:
  dump hal_graphics_composer
  allow init to set readahead_size
 2021-04-13 05:56:39 +00:00
Adam Shih
440e15e109 Merge "update error on ROM 7278058" into sc-dev am: c8d0ba4326 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14160592

Change-Id: Ia9b2876f6ed9044c83522fab28281acf7bbb8917
 2021-04-13 05:17:36 +00:00
Jim Sun
0c1e46a6b3 Merge "gs101: fix grilservice context" into sc-dev am: 9e25f06368 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13880430

Change-Id: I5397c2ad98abbc2b5939f8a4f61dacdd4f24d191
 2021-04-13 05:17:20 +00:00
Adam Shih
c8d0ba4326 Merge "update error on ROM 7278058" into sc-dev 2021-04-13 05:10:03 +00:00
Jim Sun
9e25f06368 Merge "gs101: fix grilservice context" into sc-dev 2021-04-13 04:31:21 +00:00
Adam Shih
7e071d6cb2 dump hal_graphics_composer 
Bug: 179310854
Bug: 176868159
Bug: 177176812
Bug: 177389412
Bug: 177614642
Bug: 177778217
Bug: 177860841
Bug: 178752460
Bug: 179310909
Bug: 179437463
Bug: 180963481
Bug: 181177909
Bug: 174961421
Test: do bugreport with no relevant error logs
Change-Id: Ieac81e9d684044fbd649b4fec608f393627c34cb
 2021-04-13 11:59:13 +08:00
Adam Shih
7e60d3a032 allow init to set readahead_size 
Bug: 185186743
Test: boot with no error found during boot
Change-Id: I7c06977023a1125d0187b96103e94c355a9d17a2
 2021-04-13 11:17:31 +08:00
Adam Shih
06cc3ee882 update error on ROM 7278058 
Bug: 185186743
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I40066584800e1a40fbd75dc2d97ee44f9e6dde89
 2021-04-13 10:55:33 +08:00
SalmaxChang
6f1275582c logger_app: Grant to access new logger properties am: 2c1b29b494 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14140254

Change-Id: I7b4a9da5ba9d1ac3dc43469c11f360ca7e887d9d
 2021-04-13 02:18:43 +00:00
Sidath Senanayake
7c8d4d86e8 Fix Android GPU Inspector (AGI) support 
In order for AGI to work, it needs to dlopen the libgpudataproducer.so
shared object.

Bug: 185127179
Bug: 175593589
Change-Id: I9ad9c587f10e0fd6e27c4743c1d4cb85c896c41d
 2021-04-12 17:41:01 +01:00
Ted Lin
cd12670940 Allow to dump pps-dc 
Bug:185041587
Test: adb bugreport
Change-Id: Ia4adcc335b05f5f7d06625c274842e6a9f5d2637
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-04-12 18:27:20 +08:00
SalmaxChang
2c1b29b494 logger_app: Grant to access new logger properties 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:vendor_ssrdump_prop:s0" dev="tmpfs" ino=308 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_ssrdump_prop:s0 tclass=file permissive=1
avc: denied { set } for property=vendor.debug.ramdump.full pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_ramdump_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.logd.logpersistd.count pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:logpersistd_logging_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.vendor.ril.crash_handling_mode pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.logd.size pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:logd_prop:s0 tclass=property_service permissive=1

Bug: 178744858
Change-Id: I42629335e82565fbf305be242098870aef6ea317
 2021-04-12 15:08:30 +08:00
Jenny Ho
2d617d57ef Merge "Fix avc denied for maxfg_base/flip and wireless dump" into sc-dev am: 3b6d7aeb94 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14139366

Change-Id: I6ecd5edf52d62b58fe8aeeed700f2501fe2ec0e7
 2021-04-12 04:39:22 +00:00
Jenny Ho
3b6d7aeb94 Merge "Fix avc denied for maxfg_base/flip and wireless dump" into sc-dev 2021-04-12 04:05:09 +00:00
Andy Chou
72aaa16452 Merge "Remove sepolicy of Wirecutter" into sc-dev am: deaf447bc6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14136827

Change-Id: I3a6bfb4d8f39ca7e4319eb14fd234e2ab1bfa806
 2021-04-12 02:27:42 +00:00
Erik Staats
7e5ceecdf6 Add policy for USF low latency transport gralloc usage. am: 1082e886c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14144079

Change-Id: I32cc4ea5c2f396ddb1b3b288d5531116bf185baf
 2021-04-12 02:27:27 +00:00
Andy Chou
deaf447bc6 Merge "Remove sepolicy of Wirecutter" into sc-dev 2021-04-12 02:06:48 +00:00
Erik Staats
1082e886c0 Add policy for USF low latency transport gralloc usage. 
Bug: 183233052
Test: Verified regular and direct report sampling on Raven with shared
 memory transport enabled.
Test: See details in testing done comment in
 https://googleplex-android-review.git.corp.google.com/14144079 .
Change-Id: Ia852a4a9ca6e8eacb0fb465884d17f95445a6822
 2021-04-12 01:33:52 +00:00
millerliang
b67548e8cf Fix avc denied in MMAP audio exclusive mode am: b4bab832f9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14063265

Change-Id: Ib5a43be93cfcff6ec0a4f2a6e10db267f7c2047c
 2021-04-09 14:36:47 +00:00
millerliang
b4bab832f9 Fix avc denied in MMAP audio exclusive mode 
04-01 15:26:30.936 16390 16390 I auditd  : type=1400 audit(0.0:55): avc:
denied { read } for comm="HwBinder:16390_" name="aaudio_playback_heap"
dev="tmpfs" ino=400 scontext=u:r:hal_audio_default:s0
tcontext=u:object_r:dmabuf_heap_device:s0 tclass=chr_file permissive=1

Bug: 165737390
Test: Build and use OboeTester to run MMAP audio
Change-Id: I22201dfd4a3f579b52d4cfbc86fc6148dc481cb0
 2021-04-09 20:43:54 +08:00
Jenny Ho
b94e7586ce Fix avc denied for maxfg_base/flip and wireless dump 
Bug: 184780667
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ice4102cf541dc80c85beb05ad5c523a4306a77bc
 2021-04-09 18:24:32 +08:00
andychou
b370d9d2c3 Remove sepolicy of Wirecutter 
Bug: 184886787
Test: build pass
Change-Id: Ibe539d31dc70cc4ea478f074ef4bf75d918bcb67
 2021-04-09 17:06:51 +08:00
TreeHugger Robot
95d168126d Merge "Fix avc denied for Silent Logging" into sc-dev am: 60a2a6c09b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14103373

Change-Id: I77f2d19f407e8b0e0bcda835885b50218da6ad1c
 2021-04-09 06:53:47 +00:00
TreeHugger Robot
60a2a6c09b Merge "Fix avc denied for Silent Logging" into sc-dev 2021-04-09 06:20:41 +00:00
TreeHugger Robot
70ba745b79 Merge "cbd: Grant to access slog file" into sc-dev am: 5c9b9d882f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14119811

Change-Id: Ia792e85b0627e4134db6dc784bc3d3c7e3831ae3
 2021-04-09 05:54:29 +00:00
TreeHugger Robot
5c9b9d882f Merge "cbd: Grant to access slog file" into sc-dev 2021-04-09 05:15:34 +00:00
Aaron Tsai
06b410dc4a Fix avc denied for Silent Logging 
04-06 15:18:31.513  root     1     1 E init    : Do not have permissions to set 'persist.vendor.sys.silentlog.tcp' to 'On' in property file '/vendor/build.prop': SELinux permission check failed
04-06 15:20:17.988  root     1     1 W /system/bin/init: type=1107 audit(0.0:33): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.ap pid=8917 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:20:23.256  root     1     1 W /system/bin/init: type=1107 audit(0.0:38): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.cp pid=9025 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:20:51.340  root     1     1 W /system/bin/init: type=1107 audit(0.0:43): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog pid=9291 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:21:03.608  root     1     1 W /system/bin/init: type=1107 audit(0.0:54): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.tcp pid=9473 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'

04-06 20:17:08.060  1000  5754  5754 W Thread-3: type=1400 audit(0.0:21): avc: denied { write } for name="slog" dev="dm-7" ino=245 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=0
04-06 20:17:09.194  1000   398   398 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.oemservice::IOemService sid=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 pid=5754 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_vendor_oem_hwservice:s0 tclass=hwservice_manager permissive=0
04-06 21:07:18.376  7458  7458 I auditd  : type=1400 audit(0.0:20): avc: denied { call } for comm="y.silentlogging" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:r:dmd:s0 tclass=binder permissive=0

04-06 21:16:53.200  8873  8873 W Thread-4: type=1400 audit(0.0:85): avc: denied { create } for name="NNEXT_PROFILE.nprf" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0:c232,c259,c512,c768 tclass=file permissive=0


Bug: 184608648
Test: verified with the forrest ROM and error log gone
Change-Id: Id9cdf15478c751de92a9a84bcfdc8233d6e9d294
 2021-04-09 04:33:13 +00:00
TreeHugger Robot
b415e72482 Merge "init: allow to set tcpdump property" into sc-dev am: 83d6ee82fb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14124655

Change-Id: Ia3dd270c6ea9f90658f1657051c19a4732c4b38d
 2021-04-09 04:30:36 +00:00
TreeHugger Robot
83d6ee82fb Merge "init: allow to set tcpdump property" into sc-dev 2021-04-09 03:54:18 +00:00
Speth Chang
7d74437b07 Merge "allow camera to connect stats service" into sc-dev am: 6c4d851d28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14108661

Change-Id: I008cdb58623b13e644ad0f2d5e76261271b54dd8
 2021-04-09 03:21:05 +00:00
SalmaxChang
6dd6d9872e cbd: Grant to access slog file 
Bug: 184646743
Change-Id: I06ecfbc8b9276b3801725f0965b03b849eddbdfc
 2021-04-09 03:11:25 +00:00
Speth Chang
6c4d851d28 Merge "allow camera to connect stats service" into sc-dev 2021-04-09 03:01:14 +00:00
TreeHugger Robot
8f541049bc Merge "Create sepolicy for the fingerprint GHBM sysprop" into sc-dev am: 4a3f3550f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14105112

Change-Id: I627caec9927f15bc7f88af0ab298ad876a01f169
 2021-04-09 02:59:26 +00:00
jimsun
17f08b3cba gs101: fix grilservice context 
The app is no longer signed with the platform key.

Bug: 162313924
Test: verify gril service function works normally
Change-Id: I9bf0494e65cafca9432665be199c30508d36417e
 2021-04-09 02:48:30 +00:00
SalmaxChang
5feb916e47 init: allow to set tcpdump property 
init: Unable to set property 'persist.vendor.tcpdump.log.alwayson' from uid:10273 gid:10273 pid:7074: SELinux permission check failed

Bug: 184411489

Change-Id: If449e0d883fa4cbf8dd5ac3a6a84d205e7ac1f31
 2021-04-09 10:47:56 +08:00
Nick Sanders
d59ea41ac8 gs101-sepolicy: Allow platform_app to call uwb 
This is to fix below avc denial:
  SELinux : avc: denied { find } for pid=10783 uid=10294 name=uwb
  scontext=u:r:platform_app:s0:c512,c768
  tcontext=u:object_r:uwb_service:s0 tclass=service_manager permissive=0

Bug: 184286788
Test: Run Qorvo app without failure
Change-Id: I9673a3eef3f0b0bedb50ef2a5c336d8bfe7620e7
 2021-04-09 02:21:20 +00:00
TreeHugger Robot
4a3f3550f5 Merge "Create sepolicy for the fingerprint GHBM sysprop" into sc-dev 2021-04-09 02:11:57 +00:00
Ilya Matyukhin
b9e10feefb Create sepolicy for the fingerprint GHBM sysprop 
Bug: 184761756
Bug: 183728349
Test: adb logcat | grep "avc: denied"
Change-Id: I5209bdf859e86a83ac3fa29ecf8bfd8d5b6d88ce
 2021-04-08 23:21:22 +00:00
TreeHugger Robot
5d9cf2c7ee Merge "Give hal_dumpstate_default read access to slog files" into sc-dev am: f15b8edbd1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14127725

Change-Id: I523ad11883f342ac65d868a04cbb498d6cfb4609
 2021-04-08 22:10:28 +00:00
TreeHugger Robot
f15b8edbd1 Merge "Give hal_dumpstate_default read access to slog files" into sc-dev 2021-04-08 21:40:31 +00:00
Eddie Tashjian
ce90dbfb57 Merge "Add TCP dump permissions." into sc-dev am: 5bbdd82a4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14119567

Change-Id: I7ca93885708d1ca028aa6addc56da126a0635a87
 2021-04-08 18:38:47 +00:00
Eddie Tashjian
5bbdd82a4e Merge "Add TCP dump permissions." into sc-dev 2021-04-08 18:25:30 +00:00
Craig Dooley
cf558dbf33 Merge "Fix SELinux errors with aocd" into sc-dev am: cd888e847f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14105108

Change-Id: Ie4bbc58c3471209486cf380fb6f5ed209bda789c
 2021-04-08 18:11:31 +00:00
Craig Dooley
cd888e847f Merge "Fix SELinux errors with aocd" into sc-dev 2021-04-08 17:27:56 +00:00
Chris Fries
1d379dfbc9 Give hal_dumpstate_default read access to slog files 
Bug: 184821900

Bugreports require access to "silent log" files.

cp      : type=1400 audit(0.0:20): avc: denied { getattr } for path="/data/vendor/radio/logs/always-on/sbuff_20210408191538.sdm" dev="dm-11" ino=9075 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_slog_file:s0 tclass=file permissive=0

Change-Id: Iacc4778d1242f304e9519180437ceb0f0e9d350d
 2021-04-08 16:27:29 +00:00
Cliff Wu
816fefcd34 Merge "[Bug] Change the sepolicy name for exo_camera_injection" into sc-dev am: ec6bd9449b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14112451

Change-Id: Ice4fe2982eeef2ef8c6f45eebcf4df4305e9bfa0
 2021-04-08 14:41:08 +00:00
Cliff Wu
ec6bd9449b Merge "[Bug] Change the sepolicy name for exo_camera_injection" into sc-dev 2021-04-08 14:09:47 +00:00
Craig Dooley
3d4d9159c9 Fix SELinux errors with aocd 
Add inotify support for /dev
Fix the aoc vendor property

Bug: 184173298
Change-Id: I40a71edd56b2d51f848085c43ae1d10a4c2c0c4b
 2021-04-08 03:59:23 +00:00