Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11403 commits 1 branch 0 tags 494 MiB
Commit graph

11403 commits

This branch
This branch
All branches
Author SHA1 Message Date
Aaron Tsai
06b410dc4a Fix avc denied for Silent Logging 
04-06 15:18:31.513  root     1     1 E init    : Do not have permissions to set 'persist.vendor.sys.silentlog.tcp' to 'On' in property file '/vendor/build.prop': SELinux permission check failed
04-06 15:20:17.988  root     1     1 W /system/bin/init: type=1107 audit(0.0:33): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.ap pid=8917 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:20:23.256  root     1     1 W /system/bin/init: type=1107 audit(0.0:38): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.cp pid=9025 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:20:51.340  root     1     1 W /system/bin/init: type=1107 audit(0.0:43): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog pid=9291 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:21:03.608  root     1     1 W /system/bin/init: type=1107 audit(0.0:54): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.tcp pid=9473 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'

04-06 20:17:08.060  1000  5754  5754 W Thread-3: type=1400 audit(0.0:21): avc: denied { write } for name="slog" dev="dm-7" ino=245 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=0
04-06 20:17:09.194  1000   398   398 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.oemservice::IOemService sid=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 pid=5754 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_vendor_oem_hwservice:s0 tclass=hwservice_manager permissive=0
04-06 21:07:18.376  7458  7458 I auditd  : type=1400 audit(0.0:20): avc: denied { call } for comm="y.silentlogging" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:r:dmd:s0 tclass=binder permissive=0

04-06 21:16:53.200  8873  8873 W Thread-4: type=1400 audit(0.0:85): avc: denied { create } for name="NNEXT_PROFILE.nprf" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0:c232,c259,c512,c768 tclass=file permissive=0


Bug: 184608648
Test: verified with the forrest ROM and error log gone
Change-Id: Id9cdf15478c751de92a9a84bcfdc8233d6e9d294
 2021-04-09 04:33:13 +00:00
TreeHugger Robot
b415e72482 Merge "init: allow to set tcpdump property" into sc-dev am: 83d6ee82fb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14124655

Change-Id: Ia3dd270c6ea9f90658f1657051c19a4732c4b38d
 2021-04-09 04:30:36 +00:00
Shinru Han
188be4a5e3 gps: remove lhd log in on-chip PVT mode 
bug: 183559343
Test: No lhd log in on-chip PVT mode
Change-Id: I4e46721650dd43e356555716150dc6dd1935ae04
 2021-04-09 04:08:56 +00:00
TreeHugger Robot
83d6ee82fb Merge "init: allow to set tcpdump property" into sc-dev 2021-04-09 03:54:18 +00:00
Tsung-Mao Fang
7dd7ceba38 Have a consistent permission configuration with other devices 
Change-Id: I346370bbc9e1fcddef7dc9c64a03954cddf97264
Test: Run presubmit
Fix: 184312606
(cherry picked from commit 967e140f534064ef6fbe01c7c65167a033c95ee7)
 2021-04-09 03:34:38 +00:00
Speth Chang
7d74437b07 Merge "allow camera to connect stats service" into sc-dev am: 6c4d851d28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14108661

Change-Id: I008cdb58623b13e644ad0f2d5e76261271b54dd8
 2021-04-09 03:21:05 +00:00
SalmaxChang
6dd6d9872e cbd: Grant to access slog file 
Bug: 184646743
Change-Id: I06ecfbc8b9276b3801725f0965b03b849eddbdfc
 2021-04-09 03:11:25 +00:00
Speth Chang
6c4d851d28 Merge "allow camera to connect stats service" into sc-dev 2021-04-09 03:01:14 +00:00
TreeHugger Robot
8f541049bc Merge "Create sepolicy for the fingerprint GHBM sysprop" into sc-dev am: 4a3f3550f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14105112

Change-Id: I627caec9927f15bc7f88af0ab298ad876a01f169
 2021-04-09 02:59:26 +00:00
jimsun
17f08b3cba gs101: fix grilservice context 
The app is no longer signed with the platform key.

Bug: 162313924
Test: verify gril service function works normally
Change-Id: I9bf0494e65cafca9432665be199c30508d36417e
 2021-04-09 02:48:30 +00:00
SalmaxChang
5feb916e47 init: allow to set tcpdump property 
init: Unable to set property 'persist.vendor.tcpdump.log.alwayson' from uid:10273 gid:10273 pid:7074: SELinux permission check failed

Bug: 184411489

Change-Id: If449e0d883fa4cbf8dd5ac3a6a84d205e7ac1f31
 2021-04-09 10:47:56 +08:00
Nick Sanders
d59ea41ac8 gs101-sepolicy: Allow platform_app to call uwb 
This is to fix below avc denial:
  SELinux : avc: denied { find } for pid=10783 uid=10294 name=uwb
  scontext=u:r:platform_app:s0:c512,c768
  tcontext=u:object_r:uwb_service:s0 tclass=service_manager permissive=0

Bug: 184286788
Test: Run Qorvo app without failure
Change-Id: I9673a3eef3f0b0bedb50ef2a5c336d8bfe7620e7
 2021-04-09 02:21:20 +00:00
TreeHugger Robot
4a3f3550f5 Merge "Create sepolicy for the fingerprint GHBM sysprop" into sc-dev 2021-04-09 02:11:57 +00:00
Ilya Matyukhin
b9e10feefb Create sepolicy for the fingerprint GHBM sysprop 
Bug: 184761756
Bug: 183728349
Test: adb logcat | grep "avc: denied"
Change-Id: I5209bdf859e86a83ac3fa29ecf8bfd8d5b6d88ce
 2021-04-08 23:21:22 +00:00
Jack Nudelman
4208bf3074 Update CbrsNetworkMonitor package name. 
Bug: 184313658
Test: make
Change-Id: I474401de47892c97c3fcf4a5471773cd0474e1ef
 2021-04-08 15:46:15 -07:00
TreeHugger Robot
5d9cf2c7ee Merge "Give hal_dumpstate_default read access to slog files" into sc-dev am: f15b8edbd1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14127725

Change-Id: I523ad11883f342ac65d868a04cbb498d6cfb4609
 2021-04-08 22:10:28 +00:00
TreeHugger Robot
f15b8edbd1 Merge "Give hal_dumpstate_default read access to slog files" into sc-dev 2021-04-08 21:40:31 +00:00
Eddie Tashjian
ce90dbfb57 Merge "Add TCP dump permissions." into sc-dev am: 5bbdd82a4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14119567

Change-Id: I7ca93885708d1ca028aa6addc56da126a0635a87
 2021-04-08 18:38:47 +00:00
Eddie Tashjian
5bbdd82a4e Merge "Add TCP dump permissions." into sc-dev 2021-04-08 18:25:30 +00:00
Craig Dooley
784e50d1f1 Add the aoc persist folder am: 2762231fdf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101/+/14117035

Change-Id: I354ea117f57afa9bb1730193cee01438f07837db
 2021-04-08 18:11:31 +00:00
Craig Dooley
cf558dbf33 Merge "Fix SELinux errors with aocd" into sc-dev am: cd888e847f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14105108

Change-Id: Ie4bbc58c3471209486cf380fb6f5ed209bda789c
 2021-04-08 18:11:31 +00:00
Craig Dooley
cd888e847f Merge "Fix SELinux errors with aocd" into sc-dev 2021-04-08 17:27:56 +00:00
Craig Dooley
2762231fdf Add the aoc persist folder 
Bug: 184173298
Change-Id: Ia66797e2220ef4ba728b2eb21e123b36566adf1c
 2021-04-08 17:27:55 +00:00
Chris Fries
1d379dfbc9 Give hal_dumpstate_default read access to slog files 
Bug: 184821900

Bugreports require access to "silent log" files.

cp      : type=1400 audit(0.0:20): avc: denied { getattr } for path="/data/vendor/radio/logs/always-on/sbuff_20210408191538.sdm" dev="dm-11" ino=9075 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_slog_file:s0 tclass=file permissive=0

Change-Id: Iacc4778d1242f304e9519180437ceb0f0e9d350d
 2021-04-08 16:27:29 +00:00
Roger Wang
fed6658c2a Enable wakeup packet mask and marker config am: a0342c45ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101/+/14124688

Change-Id: I5cacdd36f93461bc19564fdcebf21755338b223f
 2021-04-08 15:48:57 +00:00
Cliff Wu
816fefcd34 Merge "[Bug] Change the sepolicy name for exo_camera_injection" into sc-dev am: ec6bd9449b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14112451

Change-Id: Ice4fe2982eeef2ef8c6f45eebcf4df4305e9bfa0
 2021-04-08 14:41:08 +00:00
Cliff Wu
ec6bd9449b Merge "[Bug] Change the sepolicy name for exo_camera_injection" into sc-dev 2021-04-08 14:09:47 +00:00
Roger Wang
a0342c45ce Enable wakeup packet mask and marker config 
In this commit, we enable wakeup packet mask
and marker config. Then, connectivity can do
the proper accounting of the Wakeup statistics
which will be included in the bugreport.

BUG: 184807534
Test: adb shell dumpsys connmetrics
```
WakeupStats(wlan0, 1022s, total: 6, root: 0, system: 1, apps: 5, non-apps: 0, no uid: 0, l2 unicast/multicast/broadcast: 6/0/0, ethertype 0x800: 6, ipNxtHdr 6: 6)
WakeupEvent(19:45:36.879, wlan0, uid: 1010151, eth=0x800, dstHw=10:7b:44:3c:30:88, ipNxtHdr=6, srcIp=216.58.200.42, dstIp=192.168.50.51, srcPort=443, dstPort=49572)
WakeupEvent(19:47:36.741, wlan0, uid: 1010151, eth=0x800, dstHw=10:7b:44:3c:30:88, ipNxtHdr=6, srcIp=172.217.24.8, dstIp=192.168.50.51, srcPort=443, dstPort=53436)
WakeupEvent(19:49:25.241, wlan0, uid: 10151, eth=0x800, dstHw=10:7b:44:3c:30:88, ipNxtHdr=6, srcIp=74.125.204.188, dstIp=192.168.50.51, srcPort=5228, dstPort=38444)
//...
```

Change-Id: Ifabc2edd5425794d9e0af200eaec8baad44d6689
 2021-04-08 20:07:47 +08:00
Craig Dooley
3d4d9159c9 Fix SELinux errors with aocd 
Add inotify support for /dev
Fix the aoc vendor property

Bug: 184173298
Change-Id: I40a71edd56b2d51f848085c43ae1d10a4c2c0c4b
 2021-04-08 03:59:23 +00:00
Speth Chang
1c64cd89a2 allow camera to connect stats service 
Bug: 177076189
Test: build pass
Change-Id: I1132e8a6794d09306b70fe902fc82fbdb7bf9bb4
 2021-04-08 11:48:08 +08:00
Eddie Tashjian
b2fb9cdace Add TCP dump permissions. 
Copy selinux policy for tcp dump binary from previous Pixel to support
TCP logging on P21 through PixelLogger.

Bug: 184777243
Test: Check PixelLogger TCP dump works.
Change-Id: Id958c8a3e6375a7aae569d6fc94deb9f8072b57b
 2021-04-08 03:13:55 +00:00
Chase Wu
dfd9b4376d Merge "update label missing vibrator sys nodes for dual part" into sc-dev am: 682e3a348f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14033446

Change-Id: I2c8db9943b6d619194718226a2efc9a563902fe4
 2021-04-08 02:41:21 +00:00
Mat Bevilacqua
8c46fe8986 Merge "Fix selinux permissions errors for UwbService" into sc-dev am: b58243632d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14096432

Change-Id: Iffdeac5d97da71c279e83d61db670b71a7ec6b36
 2021-04-08 02:37:23 +00:00
Chase Wu
682e3a348f Merge "update label missing vibrator sys nodes for dual part" into sc-dev 2021-04-08 02:24:28 +00:00
Mat Bevilacqua
b58243632d Merge "Fix selinux permissions errors for UwbService" into sc-dev 2021-04-08 02:09:57 +00:00
TreeHugger Robot
034ecec70b Merge "whitechapel: add permission for pixellogger set audio property" into sc-dev am: 34e0106672 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14100415

Change-Id: I417358ac866cb6c57fd339ba172abbf5840b2b99
 2021-04-08 01:57:35 +00:00
Adam Shih
3092cd1cb5 Merge "remove wildcard on kernel modules" into sc-dev am: bf832c3b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14108662

Change-Id: I14680d1c5dca483f44c8e95bccbb253cad26a050
 2021-04-08 01:57:23 +00:00
TreeHugger Robot
34e0106672 Merge "whitechapel: add permission for pixellogger set audio property" into sc-dev 2021-04-08 01:31:35 +00:00
Adam Shih
bf832c3b49 Merge "remove wildcard on kernel modules" into sc-dev 2021-04-08 01:10:56 +00:00
Eddie Tashjian
61b20db123 Merge "Fix modem logging configuration." into sc-dev am: aa9ecdc436 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14106552

Change-Id: I144856a3f19f521eabb2d5872f2ac189682db079
 2021-04-07 19:04:54 +00:00
Mat Bevilacqua
82d7164b5c Fix selinux permissions errors for UwbService 
Fixes gmscore access to UwbManager APIs, fixes UwbService access to UWB
HAL APIs, and fixes CTS UwbService presence test.

Bug: 184402100
Test: atest CtsUwbTestCases
Change-Id: I7450242f8b35570c3d5a676c5835b01f74995202
 2021-04-07 11:39:31 -07:00
Eddie Tashjian
aa9ecdc436 Merge "Fix modem logging configuration." into sc-dev 2021-04-07 16:56:47 +00:00
Yabin Cui
673d8457be Merge "Move vendor_kernel_modules to public." into sc-dev am: a4af5bb39c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14106320

Change-Id: Ic24db5a261a4e090f14342d59bbd53767ca9485e
 2021-04-07 16:35:56 +00:00
Yabin Cui
a4af5bb39c Merge "Move vendor_kernel_modules to public." into sc-dev 2021-04-07 16:14:32 +00:00
Cliff Wu
c0b806fd2d [Bug] Change the sepolicy name for exo_camera_injection 
- Change the sepolicy name from platfrom_app to exo_app.
- Selinux avc log:
E/SELinux: avc:  denied  { find } for interface=vendor.google.exo_camera_injection::IExoCameraInjection sid=u:r:exo_app:s0:c248,c256,c512,c768 pid=11479 scontext=u:r:exo_app:s0:c248,c256,c512,c768 tcontext=u:object_r:hal_exo_camera_injection_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 184736718
Test: Verified exo_camera_injection provider service use cases function as expected; no denials.
Change-Id: I08887b8b6020cb7b3fb3da77cea9a1f453655bea
 2021-04-07 15:17:44 +00:00
chenpaul
7376656ff4 logger_app: Remove Pixelize rule 
In original design, pixellogger was included in Pixelize mk file,
but the sepolicy are defined by the product specific te file.
These are not aligned and have dependency concern if add new sepolicy rule
in Pixelize te file.

This change remove the Pixelize rule from the device specifc te file.
And the Pixelize rule will be defined by
hardware/google/pixel-sepolicy/logger_app/logger_app.te

Bug: 159650456
Test: Pixel Logger is workable
Change-Id: If13e05b7979f7be02a728b40f8032b81f7c53e06
 2021-04-07 21:31:32 +08:00
Lisa Liu
57a6baa15a Remove odex/oat files from pinner list. am: 2968f7ed45 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101/+/14110246

Change-Id: I0ad1627d44936b7c14118eaab7feef76f6787e34
 2021-04-07 11:20:20 +00:00
chasewu
d57865ec05 update label missing vibrator sys nodes for dual part 
Bug: 184026143
Test: no Permission denied logs
Signed-off-by: chasewu <chasewu@google.com>
Change-Id: Id75f89f5d0f1568942ef787be295b2fa5b0ca2a2
 2021-04-07 09:35:32 +00:00
TreeHugger Robot
d0eb25628f Merge "audio: add support for aocdump to aceess audio state" into sc-dev am: dce254b11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14098530

Change-Id: I967334de2587971edd213d65f0a987b58b41c0fb
 2021-04-07 08:53:38 +00:00
TreeHugger Robot
dce254b11d Merge "audio: add support for aocdump to aceess audio state" into sc-dev 2021-04-07 08:39:49 +00:00