Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3468 commits 1 branch 0 tags 494 MiB
Commit graph

196 commits

Author SHA1 Message Date
Adam Shih
479986a020 Update SELinux error 
Test: checkSensors
Bug: 240632824
Test: checkLockScreen
Bug: 240632824
Test: scanBugreport
Bug: 240632824
Change-Id: I4fee87636dc65765e4ab3e10e0b7080d7b4d44b2
 2022-07-29 10:18:10 +08:00
Kyle Lin
3014f97824 Merge "Remove dontaudit since read early_wakeup completed" 2022-07-28 02:51:37 +00:00
Stephane Lee
faec9385c4 Bug fixed in ag/19153533 
Bug: 238143381
Test: N/A
Change-Id: If527ea681abaa221e55533a3dab1371ecac7a3b2
 2022-07-22 16:55:24 -07:00
Jimmy Shiu
55d41f1a3e Remove dontaudit since read early_wakeup completed 
The display file node, early_wakeup, just for trigger the worker for
display and it doesn't have meaningful read function. But PowerHAL read
all nodes and try to dump their valuesi while triggering bugreport. As
the read operation has been completed, so we can remove the clause.

07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:8): avc: denied { dac_read_search } for capability=2 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:9): avc: denied { dac_override } for capability=1 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0

Bug: 221384860
Bug: 192617242
Bug: 171760921
Test: adb shell dumpsys android.hardware.power.IPower/default
Change-Id: If0018499cc19f79819ef69794d7672d5a53de74e
 2022-07-18 11:08:58 +08:00
Minchan Kim
86ef69850b Remove vendor_init.te from tracking_denials 
Since last error fixed, remove the vendor_init.te from tracking_denials.

Bug: 190337297
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I5178c864a70748c1dddf8c08baa8d653cd0225d9
 2022-07-15 05:10:55 +00:00
Adam Shih
32d987cd24 Update SELinux error 
Bug: 234547283
Change-Id: I50bd66a22755eefe7aa24ec1042e3b6cb627ad3d
 2022-07-15 00:30:47 +00:00
Adam Shih
74d2d8963f Update error on ROM 8820442 
Bug: 238825802
Test: testSysfsHealth
Change-Id: I607f78de19b18b258309f89669ded393dd74a2a7
 2022-07-13 11:01:28 +08:00
Adam Shih
c6186c2960 Update SELinux error 
Test: checkSensors
Bug: 238571420
Test: checkLockScreen
Bug: 238570971
Test: scanBugreport
Bug: 238571324
Change-Id: Ia6f2db6374d7ebe1a9c3f5b0bd8d152ed9d4a9a0
 2022-07-11 10:24:12 +08:00
Adam Shih
347e482d19 Update SELinux error 
Test: checkLockScreen
Bug: 238263438
Bug: 238263568
Change-Id: I694924ceb031abb749e4b92a715d3b7dc87088be
 2022-07-07 11:29:44 +08:00
Adam Shih
bc85d46045 ignore shell access on wlc 
Bug: 238038592
Test: boot
Change-Id: I09b67ca07d7f9573d77f64686fb818d4dc1753cc
 2022-07-06 14:44:41 +08:00
Adam Shih
a8aeb4a6c9 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238143262
Bug: 238143381
Change-Id: Ibe3ce917418d71b61aa6d085041a51dda5998c74
 2022-07-06 02:58:51 +00:00
Adam Shih
7835523aea Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238038592
Change-Id: Id248ba82c49fa09be28f7a0219eb42b0ecc9e358
 2022-07-05 11:17:25 +08:00
Adam Shih
d472e161ae mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 am: c68fe289e3 am: 5bf5ffc8d3 am: d8d5fd4374 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I75a4589877c5803c6facbb189bd36662c66d2274
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 06:29:36 +00:00
Adam Shih
5bf5ffc8d3 mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 am: c68fe289e3 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I2afec41baa838d8db9ab23d9d01def68249d99c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 05:44:54 +00:00
Adam Shih
c68fe289e3 mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I15a18379ff4969dcb043e2fae94cf6c9f13ac834
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 05:18:34 +00:00
Adam Shih
5889704eff mute update_engine probing mnt_vendor_file 
Bug: 187016910
Test: boot to home
Change-Id: I5f7141f817b543a1499ef5826177f3ac4945e857
 2022-06-14 02:58:58 +00:00
Krzysztof Kosiński
bdd4ecc51c gs101: Add dontaudit statements to camera HAL policy. am: fbcf66a04a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18817845

Change-Id: I6138022efbcdc8ce149123399d3a8277e69c64b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:04:38 +00:00
Krzysztof Kosiński
fbcf66a04a gs101: Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Fix: 178980085
Fix: 180567725
Fix: 218585004
Test: build & camera check on raven
Change-Id: I3f3a1f64d403182d4f592f1cacc6ef8d1418062d
(cherry picked from commit b71d24d62c)
 2022-06-09 20:53:05 +00:00
Adam Shih
7e5fd22585 remove obsolete entries am: 2bb24e91b3 am: 35653159b1 am: 6701e00896 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18800078

Change-Id: I078bf3ae04c1f83a944062684d3afaf7840150ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-09 06:22:30 +00:00
Adam Shih
249ef7bd07 remove obsolete sepolicy am: acf18a6f23 am: 60e41883e7 am: 9c49855f44 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18800077

Change-Id: I7eeef5fd9d5401b1e823c77857f3149ea5a840ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-09 05:56:19 +00:00
Adam Shih
d7f53f6018 remove obsolete entries 
Bug: 190337296
Bug: 228181404
Test: adb bugreport
Change-Id: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
Merged-In: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
 2022-06-09 12:06:04 +08:00
Adam Shih
2bb24e91b3 remove obsolete entries 
Bug: 190337296
Bug: 228181404
Test: adb bugreport
Change-Id: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
 2022-06-09 11:59:45 +08:00
Adam Shih
acf18a6f23 remove obsolete sepolicy 
Bug: 193474772
Bug: 193726003
Bug: 193009345
Bug: 190337283
Bug: 226717475
Test: boot with no relevant avc error shows up
Change-Id: I8af2693fb7726e49d9b6d1c13010840a0b581326
 2022-06-09 11:29:43 +08:00
Adam Shih
518c7910be remove obsolete sepolicy 
Bug: 193474772
Bug: 193726003
Bug: 193009345
Bug: 190337283
Bug: 226717475
Test: boot with no relevant avc error shows up

Change-Id: I8af2693fb7726e49d9b6d1c13010840a0b581326
Merged-In: I8af2693fb7726e49d9b6d1c13010840a0b581326
 2022-06-09 11:05:03 +08:00
Suki Liu
13e8467fc0 Merge "Update avc error on ROM 8595544" 2022-05-17 02:11:01 +00:00
Orion Hodson
3893757352 Remove incidentd denial for apex_info_file am: 400d4fb7f4 am: 4fa31df30e am: 71f450f955 am: 32a87f289f am: ea2f827fd7 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2098049

Change-Id: I621c4e5397c7af9676abc2ca0f35d6939b9cc6a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-16 20:28:50 +00:00
Orion Hodson
71f450f955 Remove incidentd denial for apex_info_file am: 400d4fb7f4 am: 4fa31df30e 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2098049

Change-Id: I7dc2d9dc20e060c9c2db2b9f98bd1292e0677033
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-16 16:59:14 +00:00
Orion Hodson
400d4fb7f4 Remove incidentd denial for apex_info_file 
Underlying issue addressed by https://r.android.com/1849822 which
gives incidentd r_file_perms for apex_info_file:file.

Fix: 187015816
Test: atest incidentd_test; adb logcat | grep denied
Change-Id: I90b57a5f01c97c8488c10692208080557a863051
 2022-05-16 14:45:53 +01:00
sukiliu
101a021277 Update avc error on ROM 8595544 
Bug: 232714489
Bug: 231821875
Test: PtsSELinuxTestCases
Change-Id: I4dd2c51dd237b19a110b24cb7ac8e1cb2284f99c
 2022-05-16 12:00:57 +08:00
Krzysztof Kosiński
b71d24d62c gs101: Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Fix: 178980085
Fix: 180567725
Test: build & camera check on raven
Change-Id: I3f3a1f64d403182d4f592f1cacc6ef8d1418062d
 2022-05-10 05:34:51 +00:00
chungkai
384218408f sepolicy: ignore avc denial 
dont audit since it's debugfs

Bug: 228181404
Test: forrest with boot test
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I7f2a85e2a405c78c9d8d11e9c2fdfdc5e87f7931
 2022-04-06 09:21:24 +00:00
sukiliu
ed3ac0623b Update avc error on ROM 8386107 
Bug: 226717475
Test: PtsSELinuxTestCases
Change-Id: Ia366a4ad0f193858960b7c5df34096bd2d4eada5
 2022-03-31 15:48:04 +08:00
sukiliu
037f9cda4e Update avc error on ROM 8276520 
Bug: 223502652
Bug: 223330933
Test: PtsSELinuxTestCases
Change-Id: Ib8c14c4928410ee5ed4626e95e2882b89341ee9a
 2022-03-09 14:16:33 +08:00
Kris Chen
e0c6120237 Add sepolicy rules for fingerprint hal 
Fix the following avc denial:
avc: denied { set } for property=vendor.gf.cali.state pid=1152 uid=1000 gid=1000 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 219372997
Bug: 220263520
Test: No above avc denial in logcat.
Change-Id: I93ace30c67e04bc836bfba050028a1f25af641d5
 2022-03-01 15:05:42 +08:00
Shubham Dubey
5e2e261148 Temporarily don't audit hal_fingerprint to fix avc denial 
Fix: 220263520

Change-Id: Ic06981fdc071c5027e6ccd137c1a2d19b9366c98
 2022-02-21 13:07:23 +00:00
Philip Quinn
b834b1d008 Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-26 02:06:20 +00:00
Philip Quinn
d5ac0ac3ce Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-09-28 20:11:33 +00:00
Adam Shih
22ed933f97 label extcon files 
Bug: 199987074
Test: boot with no relevant errors
Change-Id: Idd26d8675c332043b1066e3eba1706527254eb03
 2021-09-16 10:02:11 +08:00
sukiliu
2d2d6999d2 Update avc error on ROM 7733084 
avc: denied { read } for comm="android.ui" name="extcon0" dev="sysfs" ino=72527 scontext=u:r:system_server:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0

Bug: 199987074
Test: PtsSELinuxTestCases
Change-Id: I1d160b06b4b0bba9402ae3de5f564d6f893505c1
 2021-09-15 14:41:46 +08:00
qinyiyan
ee4e7f45ce Revert the unnecessary sepolicy rules for hal_neuralnetworks_darwinn. 
Bug: 194241380
Test: flashed forrest build and ran PtsSELinuxTestCases
Change-Id: Ie2f0572a368f09e522bc2cdfdf9da1859c1c44e7
 2021-07-30 23:36:06 +00:00
Michael Eastwood
30bd5e8ed6 Allow hal_dumpstate_default to access vendor_camera_debug_prop 
Bug: 193365129
Test: atest com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: I43e389d46e8116844bb9ca4259e5ea28e86c50f4
 2021-07-27 17:22:47 -07:00
sukiliu
411aa59779 Update avc error on ROM 7566803 
avc: denied { read } for name="platform:1cc40000.sysmmu--platform:1ce00000.abrolhos" dev="sysfs" ino=21006 scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0

Bug: 194241380
Test: PtsSELinuxTestCases
Change-Id: If7ee99a36bca88fffc37c12dc306e0453afb1395
 2021-07-21 09:36:05 +08:00
sukiliu
06ea8d9432 Update avc error on ROM 7550575 
Bug: 193726003
Bug: 193633303
Bug: 193548421
Test: PtsSELinuxTestCases
Change-Id: Id6cb13602eb9a69f7815a0301a5708577c663bd2
 2021-07-15 09:33:58 +08:00
TreeHugger Robot
0afce44985 Merge "Revert "Update avc error on ROM 7526917"" into sc-dev 2021-07-13 17:03:43 +00:00
Michael Ayoubi
04d9f1ac13 Revert "Update avc error on ROM 7526917" 
This reverts commit 81a8e5b4ce.

Reason for revert: <Qorvo Version P2-S4(ag/15139489) which caused these errors got reverted from sc-dev in ag/15224151. It will now go into master>

Bug: 192924316
Change-Id: I772053cf512ba555a5fa657d39f957ac51f013c1
 2021-07-13 17:03:26 +00:00
Adam Shih
9d7e88c27e suppress error for ag/15263334 
Bug: 193474772
Test: boot with no relevant error found
Change-Id: Ia3f49fbf9e623c6b81d6c595e19e275f64521dfe
 2021-07-13 09:57:18 +08:00
sukiliu
a06677ce7a Update avc error on ROM 7539530 
avc: denied { read } for name="u:object_r:vendor_camera_debug_prop:s0" dev="tmpfs" ino=300 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_camera_debug_prop:s0 tclass=file permissive=0
avc: denied { read } for comm="dumpstate@1.1-s" name="u:object_r:vendor_camera_debug_prop:s0" dev="tmpfs" ino=300 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_camera_debug_prop:s0 tclass=file permissive=0

Bug: 193365129
Test: PtsSELinuxTestCases
Change-Id: I1d0258ec4ce2abbf8f899add86be2076c0c72be0
 2021-07-12 09:49:17 +08:00
SHUCHI LILU
54780f7ae3 Merge "Update avc error on ROM 7527858" into sc-dev 2021-07-08 02:53:28 +00:00
KRIS CHEN
ba9051de47 Merge "Add sepolicy rules for fingerprint hal" into sc-dev 2021-07-08 02:05:03 +00:00
Kris Chen
a5c9028ced Add sepolicy rules for fingerprint hal 
Fix following avc denial:
servicemanager: type=1400 audit(0.0:8): avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_fingerprint_default:s0 tclass=binder permissive=0

Bug: 192040144
Test: No above avc denial in logcat.
Change-Id: I1b93474cac4ccb24736bc97665a7ca533ef0a7d3
 2021-07-08 00:59:49 +08:00