Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3468 commits 1 branch 0 tags 494 MiB
Commit graph

3468 commits

This branch
This branch
All branches
Author SHA1 Message Date
Adam Shih
d28724fdb1 update error on ROM 7230950 
Bug: 183560076
Bug: 183560282
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I329cd3f1e4c5eed986c21724bf42730bed46ab3b
 2021-03-24 10:03:35 +08:00
TreeHugger Robot
3a05b06511 Merge "Fix denials for ril_config_service_app" into sc-dev am: 835a255138 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13960264

Change-Id: I5494cde9c8f7b4c04220d19e5b614a7560407445
 2021-03-24 01:35:47 +00:00
TreeHugger Robot
13b3e58059 Merge "Allow Exoplayer access to the vstream-secure heap for secure playback" into sc-dev am: d70813575b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13974361

Change-Id: I5b7c199261a4f46f3ab6ca6caa019a41889cf7cc
 2021-03-24 01:23:22 +00:00
Adam Shih
77f6de6ea6 work around for uwb 
Bug: 171943668
Test: dw3000 kthread and uwb service came up fine
Change-Id: I4288e07b9b9a2741bfe64b35bd4681ffe4a66039
 2021-03-24 00:41:27 +00:00
TreeHugger Robot
835a255138 Merge "Fix denials for ril_config_service_app" into sc-dev 2021-03-24 00:41:22 +00:00
TreeHugger Robot
d70813575b Merge "Allow Exoplayer access to the vstream-secure heap for secure playback" into sc-dev 2021-03-24 00:26:19 +00:00
Christine Franks
697b71b400 Merge "Add uhid access for exo" into sc-dev am: 28ab0ae8c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13933043

Change-Id: Idb4c0e31fa115cc5ff381ed17872f8dce21a2590
 2021-03-23 22:33:21 +00:00
labib
a0c5ec2305 Add se-policy for new GRIL service and RadioExt hal APIs 
Bug: 172294179
Change-Id: Ief4c7ec7959676126f35037006016e1454a34f5e
 2021-03-24 06:16:03 +08:00
Christine Franks
28ab0ae8c3 Merge "Add uhid access for exo" into sc-dev 2021-03-23 21:57:15 +00:00
Hridya Valsaraju
fb862c0888 Allow Exoplayer access to the vstream-secure heap for secure playback 
Fixes the following denials:

avc: denied { read } for name="vstream-secure" dev="tmpfs"
ino=736 scontext=u:r:untrusted_app_25:s0:c512,c768
tcontext=u:object_r:dmabuf_heap_device:s0 tclass=chr_file permissive=0
app=com.google.android.exoplayer.demo
avc: denied { read } for name="vstream-secure" dev="tmpfs" ino=736
scontext=u:r:untrusted_app_25:s0:c512,c768
tcontext=u:object_r:dmabuf_heap_device:s0
tclass=chr_file permissive=0 app=com.google.android.exoplayer.demo
avc: denied { read } for name="vstream-secure" dev="tmpfs" ino=736
scontext=u:r:untrusted_app_25:s0:c512,c768
tcontext=u:object_r:dmabuf_heap_device:s0
tclass=chr_file permissive=0 app=com.google.android.exoplayer.demo

Bug: 178865267
Test: no more denials
Change-Id: I6612bd56c49558b13e2ae72cfbf3552715729e7a
Signed-off-by: Hridya Valsaraju <hridya@google.com>
 2021-03-23 14:37:01 -07:00
Greg Kaiser
d10bc2029c Merge "Revert "Add se-policy for new GRIL service and RadioExt hal APIs"" into sc-dev am: 9ec1be4eb9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13974086

Change-Id: Ie04f0e9e1d4df1d225a53da99d6b8b9a81710659
 2021-03-23 19:49:49 +00:00
Greg Kaiser
9ec1be4eb9 Merge "Revert "Add se-policy for new GRIL service and RadioExt hal APIs"" into sc-dev 2021-03-23 19:12:13 +00:00
LABIB MD RASHID
97bfa35d4f Revert "Add se-policy for new GRIL service and RadioExt hal APIs" 
Revert "BT SAR client implementation for GRIL"

Revert submission 13944227-gril-bt-sar

Reason for revert: TreeHugger builds failing due to changes requiring se-linux permissions for GRIL. Need to add permissions for more devices before attempting this change again.

Reverted Changes:
I556657928:Add se-policy for new GRIL service and RadioExt ha...
I96cf9176a:BT SAR client implementation for GRIL

Change-Id: Ib800962d07d305a5a42ee40f019535f663beacd1
 2021-03-23 19:00:57 +00:00
TreeHugger Robot
f87d5740f6 Merge "Add se-policy for new GRIL service and RadioExt hal APIs" into sc-dev am: 25e39f7d37 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13944227

Change-Id: If101de29d62c1fa07ba39c501c9954fbc2510630
 2021-03-23 16:30:55 +00:00
TreeHugger Robot
25e39f7d37 Merge "Add se-policy for new GRIL service and RadioExt hal APIs" into sc-dev 2021-03-23 16:02:35 +00:00
TreeHugger Robot
fcf368d2dd Merge "modem_svc_sit: Fix avc errors" into sc-dev am: 3bf9cddeb7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13960255

Change-Id: Icf37a2009e9fe585e703d0492686643100ba35a5
 2021-03-23 11:47:41 +00:00
TreeHugger Robot
6ba162f8c3 Merge "update error on ROM 7228492" into sc-dev am: 1cf98386f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13960254

Change-Id: I7609764ad40566346526f40be15310492598bca3
 2021-03-23 11:47:16 +00:00
TreeHugger Robot
3bf9cddeb7 Merge "modem_svc_sit: Fix avc errors" into sc-dev 2021-03-23 11:16:25 +00:00
TreeHugger Robot
1cf98386f6 Merge "update error on ROM 7228492" into sc-dev 2021-03-23 11:16:22 +00:00
Hongbo Zeng
4211025746 Fix denials for ril_config_service_app 
- RilConfigService is a common google project in vendor/google/tools,
  sync related rules from the previous project(ag/6697240, ag/7153946)
  to allow it to:
  (1) receive intents
  (2) update database files under /data/vendor/radio
  (3) update RIL properties
- Two new denials found in this project only:
  avc: denied { search } for name="data" dev="dm-7" ino=93
      scontext=u:r:ril_config_service_app:s0
      tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=1
  avc: denied { search } for name="0" dev="dm-7" ino=192
      scontext=u:r:ril_config_service_app:s0
      tcontext=u:object_r:user_profile_root_file:s0:c512,c768 tclass=dir permissive=1

Bug: 182715439
Test: apply these rules and check there is no denial for
      RilConfigService finally
Change-Id: Icfb0e121d0d11600bda900dff0511187518105ab
 2021-03-23 17:22:33 +08:00
labib
6516f369ff Add se-policy for new GRIL service and RadioExt hal APIs 
Bug: 172294179
Change-Id: I556657928caa441b3530bb371902d5f4ce0be257
 2021-03-23 09:20:18 +00:00
Adam Shih
b182a7166e permission required for adb sideload to work am: fd45b5ef27 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13960252

Change-Id: Ib93eae652d1e1c3cf636a3e53cd0593ade481c64
 2021-03-23 08:40:29 +00:00
SalmaxChang
b4fbecb9fb modem_svc_sit: Fix avc errors 
avc: denied { search } for comm="modem_svc_sit" name="vendor" dev="tmpfs" ino=2 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir
avc: denied { write open } for path="/mnt/vendor/modem_userdata/replay/dds.bin" dev="sda7" ino=14 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=file
avc: denied { remove_name } for name="dds.bin" dev="sda7" ino=14 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir

Bug: 183467321
Change-Id: Ic5b8fcf324bb0a8b0f6312b3ae755d73a53f0e9c
 2021-03-23 15:11:38 +08:00
Adam Shih
01376cbe06 update error on ROM 7228492 
Bug: 183467306
Bug: 183467321
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ia8473c1a4e1f56cc52bc765dea56e3bc497c7cc9
 2021-03-23 15:11:24 +08:00
Adam Shih
fd45b5ef27 permission required for adb sideload to work 
Bug: 183174452
Test: do adb sideload under enforcing mode
Change-Id: I2ba05b22729894d2677859fd33a6370f2ff9d409
 2021-03-23 14:23:44 +08:00
TreeHugger Robot
22ab0cc731 Merge "permissions required for OTA" into sc-dev am: 9c46632091 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13960245

Change-Id: I2b125c5603680ecbea34ceb6ef0ccf89533540aa
 2021-03-23 05:08:23 +00:00
TreeHugger Robot
9c46632091 Merge "permissions required for OTA" into sc-dev 2021-03-23 04:45:37 +00:00
Krzysztof Kosiński
f6fddb20ad Merge "Add lazy service binary to hal_camera_default domain." into sc-dev am: 61e515e4ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13957807

Change-Id: I10fa91098ff56ab9ef01409647f097ca484bc41f
 2021-03-23 02:09:47 +00:00
Adam Shih
7314a7b522 permissions required for OTA 
Bug: 183174452
Test: do OTA under enforcing mode
Change-Id: I0edf7703713e24351f57ef0e68096ca03c59e6f8
 2021-03-23 09:49:02 +08:00
Krzysztof Kosiński
61e515e4ce Merge "Add lazy service binary to hal_camera_default domain." into sc-dev 2021-03-23 01:31:50 +00:00
Krzysztof Kosiński
d02e73b966 Add lazy service binary to hal_camera_default domain. 
Avoids denial logs from init on service (re)start. See bug for
details.

Bug: 183441948
Test: Restarted the service
Change-Id: I9ee9b8099d2ffae4d6a115552800fa844c192132
 2021-03-22 16:25:57 -07:00
TreeHugger Robot
123411f826 Merge "allow bootctl to read devinfo" into sc-dev am: 8d9094345e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13946008

Change-Id: I079480b87535460a59f3eff2164e5f73f3b466d8
 2021-03-22 14:25:43 +00:00
TreeHugger Robot
b7322c9c6b Merge "update error on ROM 7225160" into sc-dev am: df64c08266 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13944228

Change-Id: I7f4fbec0c249cc02ceb8f853a1f309c1f5096dc0
 2021-03-22 13:56:52 +00:00
David Li
da5e908d0f Merge "audio: add /dev/acd-audio_dcdoff_ref for audio effect visualizer" into sc-dev am: 6dce033807 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13921067

Change-Id: I16da30f8f4d31bcfcd1697a33bdb976d903ae684
 2021-03-22 13:54:42 +00:00
TreeHugger Robot
8d9094345e Merge "allow bootctl to read devinfo" into sc-dev 2021-03-22 09:16:23 +00:00
Adam Shih
f05cdba220 allow bootctl to read devinfo 
Bug: 182705986
Test: boot with no relevant log found
Change-Id: I6d4c699fe1492f8fbcd5b8a9ba98da2fade57bd7
 2021-03-22 16:10:22 +08:00
TreeHugger Robot
df64c08266 Merge "update error on ROM 7225160" into sc-dev 2021-03-22 02:52:56 +00:00
David Li
6dce033807 Merge "audio: add /dev/acd-audio_dcdoff_ref for audio effect visualizer" into sc-dev 2021-03-22 02:07:33 +00:00
Adam Shih
38e55f2331 update error on ROM 7225160 
Bug: 183338483
Bug: 183338543
Bug: 183338421
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I16548c00f2a2c38b190664a5cc20ae67d04a8454
 2021-03-22 09:52:45 +08:00
Christine Franks
a334f079cc Add uhid access for exo 
This is required to write input events to /dev/uinput.

Bug: 182854143
Test: n/a
Change-Id: Icd9714a61be62d40d1b3e5e9d7dcb33ce5f0bf6b
 2021-03-19 23:31:08 +00:00
Alex Hong
b640326154 Add the sepolicy for UWB hal 
Bug: 182727934
Test: $ make selinux_policy
      Push SELinux modules and check the denials during boot
Change-Id: I630e6e353897a85d1b90c7d8a4250703a4c3a245
 2021-03-19 21:42:07 +08:00
TreeHugger Robot
8d7d184bcf Merge "remove workaround as vendor_init is ready" into sc-dev am: 9225f4e5d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13921069

Change-Id: Ia0d7bf18a52ff1069fc692e270eb79837290af2e
 2021-03-19 07:24:08 +00:00
TreeHugger Robot
9225f4e5d0 Merge "remove workaround as vendor_init is ready" into sc-dev 2021-03-19 06:43:54 +00:00
Adam Shih
42bd5867e8 Merge "label missing vibrator sys nodes" into sc-dev am: 3f6e2bba41 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13908553

Change-Id: I7f44920dd91712c201a8fc55d15ee89ab405dcbb
 2021-03-19 06:05:41 +00:00
Adam Shih
3f6e2bba41 Merge "label missing vibrator sys nodes" into sc-dev 2021-03-19 05:32:27 +00:00
TreeHugger Robot
78976ea7e1 Merge "Add sepolicy rules for fingerprint hal" into sc-dev am: fc6b81d188 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13918107

Change-Id: Ib09464497cc1b3c366ff2939b5885d565069d15d
 2021-03-19 05:01:34 +00:00
TreeHugger Robot
fc6b81d188 Merge "Add sepolicy rules for fingerprint hal" into sc-dev 2021-03-19 04:37:58 +00:00
TreeHugger Robot
c197961ab5 Merge "update error on ROM 7219510" into sc-dev am: 4eba688673 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13921068

Change-Id: Ia35cde269940c847ec6e064c845bad98c5c4d595
 2021-03-19 04:23:51 +00:00
TreeHugger Robot
a5cfd7aaab Merge "power: Add policy to access sysfs_bcl" into sc-dev am: 46b51cd204 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13876026

Change-Id: I829fe7b028908f791e72fd551b1d24bd92c880c3
 2021-03-19 04:23:17 +00:00
Adam Shih
ac6b1273e4 remove workaround as vendor_init is ready 
Bug: 171942789
Test: boot under enforcing ROM
Change-Id: If4bb070ecf2272dd927ceaeda1882d2fad62b4c3
 2021-03-19 11:58:39 +08:00