Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1090 commits 1 branch 0 tags 494 MiB
Commit graph

1090 commits

This branch
This branch
All branches
Author SHA1 Message Date
Peter Csaszar
7ea6a44719 pixel-selinux: Add mlstrustedobject for SJTAG 
This CL adds the "mlstrustedobject" to types for files involved in the
SJTAG authentication flow, in order to address MLS-based AVC denials.

Bug: 189466122
Test: No more AVC denials when activating SJTAG in BetterBug
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: Ieb88653830ce95751eee5cf26c26fd6302067bce
 2021-06-02 12:23:01 -07:00
Aaron Ding
a260db294e pixel-selinux: add SJTAG policies am: 9f8d552411 am: 9a43bd9ead 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14795132

Change-Id: If999a72b561a4e3f0ebf9ce2ec1f082cb98adaa4
 2021-06-02 06:51:46 +00:00
Aaron Ding
15e36312cd remove sysfs_type from vendor_page_pinner_debugfs am: 2dbe515943 am: 2f3336940b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14782004

Change-Id: I21cad6d28945ae9cbb26e586d86ab1a02dbebb1e
 2021-06-02 06:51:41 +00:00
Aaron Ding
ae49d5d313 pixel-selinux: add SJTAG policies am: 9f8d552411 am: 86e17fa6a1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14795132

Change-Id: I0c1b46866c6813baac6e409924bc5928e3b85d86
 2021-06-02 06:48:58 +00:00
Aaron Ding
28493f84c5 remove sysfs_type from vendor_page_pinner_debugfs am: 2dbe515943 am: 59a7ae7afe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14782004

Change-Id: I46dbfe1f8d6830eed0d651a291d90f7a2279ae07
 2021-06-02 06:48:54 +00:00
Aaron Ding
86e17fa6a1 pixel-selinux: add SJTAG policies am: 9f8d552411 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14795132

Change-Id: I6ffbe3fc2053c12c4ef0138a9add21674955f2cb
 2021-06-02 06:28:53 +00:00
Aaron Ding
59a7ae7afe remove sysfs_type from vendor_page_pinner_debugfs am: 2dbe515943 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14782004

Change-Id: Ifad186cc34fef21b4686fe328ca904b62ae86357
 2021-06-02 06:28:49 +00:00
Aaron Ding
9a43bd9ead pixel-selinux: add SJTAG policies am: 9f8d552411 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14795132

Change-Id: Ia7c9bd89f0c958eeed16828186948a045044223a
 2021-06-02 06:23:03 +00:00
Aaron Ding
2f3336940b remove sysfs_type from vendor_page_pinner_debugfs am: 2dbe515943 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14782004

Change-Id: I12715f8c51af7decc14aedf173e3bb13c8f51c1d
 2021-06-02 06:22:59 +00:00
Rick Yiu
9e8bd699e9 gs101-sepolicy: Refine policy for sysfs_vendor_sched 
Chagne it to directory based.

Bug: 182509410
Test: device boot normally
Change-Id: I1cfaa95cf07e1e829e747eb99ed39ab64d3ddac1
 2021-06-02 04:52:45 +00:00
Aaron Ding
9f8d552411 pixel-selinux: add SJTAG policies 
This reverts commit b078284e5d.

Bug: 184768605
Change-Id: Ib0080e2ba3edf7fa654155fb4a7403d52ad2494a
 2021-06-02 10:25:51 +08:00
Aaron Ding
2dbe515943 remove sysfs_type from vendor_page_pinner_debugfs 
Bug: 186500818
Change-Id: If97126a3d46d96342faf89b9698218b6a480a84b
 2021-06-01 17:38:28 +08:00
David Chao
6026cf5181 Grant powerhal access to thermal_link_device and sysfs_thermal 
Bug: 188579571
Test: boot
Change-Id: I8e4675e2817fe3778236618e0dba76f1233e77e2
 2021-06-01 05:17:13 +00:00
Aaron Ding
da4f353e42 Revert "pixel-selinux: add SJTAG policies" am: b078284e5d am: 2d35ae6cb8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14528664

Change-Id: Ib6b5b24801f721891ab64e09259217ca9d3ab954
 2021-05-31 19:20:35 +00:00
Aaron Ding
2a1f5eb8b3 Revert "pixel-selinux: add SJTAG policies" am: b078284e5d am: 5825ee37e3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14528664

Change-Id: I3647845eba2262b9701d8c0a4c028473ba500a04
 2021-05-31 19:17:45 +00:00
Aaron Ding
5825ee37e3 Revert "pixel-selinux: add SJTAG policies" am: b078284e5d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14528664

Change-Id: I05c1e374972a89fe6d5dcd75f4c8fe41b383f3ff
 2021-05-31 18:46:59 +00:00
Aaron Ding
2d35ae6cb8 Revert "pixel-selinux: add SJTAG policies" am: b078284e5d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14528664

Change-Id: I819e31237595331138b5230a77d5f85dbd368bc0
 2021-05-31 18:43:52 +00:00
Aaron Ding
b078284e5d Revert "pixel-selinux: add SJTAG policies" 
This reverts commit bc525e1a49.

Bug: 186500818
Change-Id: I0bab67d42530270a819598ac320a5946e5d7aa6d
Signed-off-by: Aaron Ding <aaronding@google.com>
 2021-06-01 01:21:14 +08:00
Vova Sharaienko
a4660c88a9 Merge "hal_health_default: updated sepolicy" into sc-dev am: ce4002966a am: 977bc88d0b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14738712

Change-Id: I75846a70a82ecd1762fb9dbd20117d8627d8998e
 2021-05-28 18:29:50 +00:00
Vova Sharaienko
d0fa6b0ab5 Merge "hal_health_default: updated sepolicy" into sc-dev am: ce4002966a am: e133184c45 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14738712

Change-Id: I9358a2cc6de91a13c46e868d8b80ae4cedc00758
 2021-05-28 18:19:43 +00:00
Vova Sharaienko
977bc88d0b Merge "hal_health_default: updated sepolicy" into sc-dev am: ce4002966a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14738712

Change-Id: I4ea468c2ebfdec8a35bfb02897f411bb8c814f22
 2021-05-28 18:06:52 +00:00
Vova Sharaienko
e133184c45 Merge "hal_health_default: updated sepolicy" into sc-dev am: ce4002966a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14738712

Change-Id: I19ce2ef9b6f771d35036dcd5fd8217bc8eb8219a
 2021-05-28 17:59:27 +00:00
Vova Sharaienko
ce4002966a Merge "hal_health_default: updated sepolicy" into sc-dev 2021-05-28 17:42:45 +00:00
Rick Yiu
25f9147d6e Merge "gs101-sepolicy: Allow dumping vendor groups values" into sc-dev am: 6c5779d0af am: 8b7354ea6c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692150

Change-Id: I3a8ec644efa86e0e059ff043edfcce44e7e871d1
 2021-05-28 02:09:45 +00:00
Rick Yiu
94af2e728b Merge "gs101-sepolicy: Allow dumping vendor groups values" into sc-dev am: 6c5779d0af am: 32838e85d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692150

Change-Id: I4723916265a0301e4cb5b0bfac9e71e5c86acbc2
 2021-05-28 02:06:23 +00:00
Rick Yiu
32838e85d8 Merge "gs101-sepolicy: Allow dumping vendor groups values" into sc-dev am: 6c5779d0af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692150

Change-Id: I1b2c4fb8582bf71543ea0c115f369dbb6f8abe9b
 2021-05-28 01:44:23 +00:00
Rick Yiu
8b7354ea6c Merge "gs101-sepolicy: Allow dumping vendor groups values" into sc-dev am: 6c5779d0af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14692150

Change-Id: I5cdb6420dd45a50867d20a3b1ec97b1989af7a53
 2021-05-28 01:40:56 +00:00
Rick Yiu
6c5779d0af Merge "gs101-sepolicy: Allow dumping vendor groups values" into sc-dev 2021-05-28 01:16:34 +00:00
Vova Sharaienko
144b6b06b3 hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 186578402
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I1bfd8dbca4a8a87387c5fc0cc47b9f09a6d07ea4
 2021-05-27 01:51:21 +00:00
Harpreet Eli Sangha
e952c414ec Add CccDkTimeSyncService 
Bug: 183676280
Test: Build and run example client.
Signed-off-by: Harpreet Eli Sangha <eliptus@google.com>
Change-Id: I862d5f3e8be3cf7d23489be374fabf26e29e0ca5
 2021-05-26 16:59:51 +00:00
TreeHugger Robot
61d2448998 Merge "Add sepolicy for Trusty keymint" into sc-dev am: 9e9c6a75da am: 51a593d480 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14414676

Change-Id: I74bd030d4720f08730ea6fe8bffbf3c314a07b5b
 2021-05-26 14:09:52 +00:00
TreeHugger Robot
2acb9f0f89 Merge "Add sepolicy for Trusty keymint" into sc-dev am: 9e9c6a75da am: 607ba868d5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14414676

Change-Id: I1a2b71b4577ffe4e3cafc69e64b9adc356fe9140
 2021-05-26 14:08:54 +00:00
TreeHugger Robot
607ba868d5 Merge "Add sepolicy for Trusty keymint" into sc-dev am: 9e9c6a75da 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14414676

Change-Id: I770a835945c9c73226bcbeaf06120cadb6af5cd0
 2021-05-26 13:46:37 +00:00
TreeHugger Robot
51a593d480 Merge "Add sepolicy for Trusty keymint" into sc-dev am: 9e9c6a75da 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14414676

Change-Id: I5e2c27949cd69819a9aa12da921494adefa16606
 2021-05-26 13:44:53 +00:00
TreeHugger Robot
9e9c6a75da Merge "Add sepolicy for Trusty keymint" into sc-dev 2021-05-26 13:23:20 +00:00
sukiliu
498d13f245 Update avc error on ROM 7395282 am: 073a0f5ed1 am: 826d258fcf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14717075

Change-Id: I96c0146d4c54620b6967f5494cac1d46450de195
 2021-05-26 05:14:25 +00:00
sukiliu
af73c8c528 Update avc error on ROM 7395282 am: 073a0f5ed1 am: 248d61e87a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14717075

Change-Id: I38be92b164e8d52e1413f31466c07e9999f02609
 2021-05-26 05:12:26 +00:00
sukiliu
248d61e87a Update avc error on ROM 7395282 am: 073a0f5ed1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14717075

Change-Id: I40f8e723d005fad45b4ba480fbc456cb34360910
 2021-05-26 04:56:37 +00:00
sukiliu
826d258fcf Update avc error on ROM 7395282 am: 073a0f5ed1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14717075

Change-Id: Ifa05ac25bfcf263c9cac8584420b17bb84fce60c
 2021-05-26 04:54:42 +00:00
sukiliu
073a0f5ed1 Update avc error on ROM 7395282 
avc: denied { dac_override } for comm="rebalance_inter" capability=1 scontext=u:r:rebalance_interrupts_vendor:s0 tcontext=u:r:rebalance_interrupts_vendor:s0 tclass=capability permissive=0

Bug: 189275648
Test: PtsSELinuxTestCases
Change-Id: I637f1fcd901b8bf59096ba83c927b4d353f0405b
 2021-05-26 11:11:03 +08:00
Shawn Willden
c5fdb59287 Add sepolicy for Trusty keymint 
Bug: 177729159
Test: VtsAidlKeyMintTargetTest on P21
Change-Id: I993faa2a829d3ad4f1b920ff59ba4fd5ef8e7db7
 2021-05-25 16:37:29 -06:00
TreeHugger Robot
0578de6766 Merge "Allow mediacodec to access the vframe-secure DMA-BUF heap" into sc-dev am: 477e19f032 am: a85442bd10 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14704012

Change-Id: Id12fcf0e304c0bf06261ec1032a7b12577e6b4b8
 2021-05-25 19:30:55 +00:00
TreeHugger Robot
efe8194fe0 Merge "Allow mediacodec to access the vframe-secure DMA-BUF heap" into sc-dev am: 477e19f032 am: 1e8934b03c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14704012

Change-Id: I728c697e49d26bc6d69d207d65599ca3e9a058c9
 2021-05-25 19:29:59 +00:00
TreeHugger Robot
1e8934b03c Merge "Allow mediacodec to access the vframe-secure DMA-BUF heap" into sc-dev am: 477e19f032 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14704012

Change-Id: Id748c228fb796c76ccc01d3b19f829928c185adf
 2021-05-25 19:07:26 +00:00
TreeHugger Robot
a85442bd10 Merge "Allow mediacodec to access the vframe-secure DMA-BUF heap" into sc-dev am: 477e19f032 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14704012

Change-Id: Ib1fe025493a3021d69bf7f79c8809098933ba1b8
 2021-05-25 19:05:23 +00:00
TreeHugger Robot
477e19f032 Merge "Allow mediacodec to access the vframe-secure DMA-BUF heap" into sc-dev 2021-05-25 18:45:37 +00:00
TreeHugger Robot
be0ea48cef Merge "dumpstate: add sepolicy for hal_dumpstate to access sysfs_display" into sc-dev am: 57eefb5b13 am: cb80570b92 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14608138

Change-Id: Ifa1536ee09f4cd8b3c048001798d5a2b6368bd70
 2021-05-25 11:58:29 +00:00
TreeHugger Robot
667ba8cb19 Merge "dumpstate: add sepolicy for hal_dumpstate to access sysfs_display" into sc-dev am: 57eefb5b13 am: eeb41949c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14608138

Change-Id: I87d15c071e3de40b367badbe185db35cc14bb332
 2021-05-25 11:51:11 +00:00
TreeHugger Robot
cb80570b92 Merge "dumpstate: add sepolicy for hal_dumpstate to access sysfs_display" into sc-dev am: 57eefb5b13 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14608138

Change-Id: I594759be23e922d975f395da8a1d363925dc30ca
 2021-05-25 11:50:55 +00:00
TreeHugger Robot
eeb41949c2 Merge "dumpstate: add sepolicy for hal_dumpstate to access sysfs_display" into sc-dev am: 57eefb5b13 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14608138

Change-Id: I7a32e0b2bcef407665e75e58d0af2db52c08323b
 2021-05-25 11:49:35 +00:00