Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2772 commits 1 branch 0 tags 494 MiB
Commit graph

2772 commits

This branch
This branch
All branches
Author SHA1 Message Date
Midas Chien
b3e1b0b41f Merge "Allow composer to read panel_idle_handle_exit sysfs node" into tm-dev am: 08c3646fc1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17005478

Change-Id: Ib0315b976910888fbb3e10afc9e47da982fd8058
 2022-03-04 07:22:58 +00:00
Midas Chien
2aef601024 Merge "Allow composer to read panel_idle_handle_exit sysfs node" into tm-dev am: 08c3646fc1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17005478

Change-Id: I46a7ce198c316d163fbb3b6dee4d1c5e8edf589e
 2022-03-04 07:21:52 +00:00
Midas Chien
08c3646fc1 Merge "Allow composer to read panel_idle_handle_exit sysfs node" into tm-dev 2022-03-04 06:55:05 +00:00
Tri Vo
03fef48542 Don't audit storageproxyd unlabeled access 
Test: m sepolicy
Bug: 197502330
Change-Id: I794dac85e475434aaf024027c43c98dde60bee27
 2022-03-03 13:12:17 -08:00
TreeHugger Robot
058dabbda9 Merge "Add sepolicy rules for fingerprint hal" into tm-dev am: c865c80379 am: bdc06d1db9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17033478

Change-Id: I4ec676163a69811a1b3a1c750d5b170e810219ee
 2022-03-02 03:19:34 +00:00
Robert Lee
7751e41ad2 Fix selinux error for aocd am: e5cf8beff3 am: 2e5b1c4e48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17033481

Change-Id: I5292b87afd5537bb66b5b1ec875606478341d536
 2022-03-02 03:19:02 +00:00
TreeHugger Robot
0a8e6fdf61 Merge "Add sepolicy rules for fingerprint hal" into tm-dev am: c865c80379 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17033478

Change-Id: Icb1194793de57e5b709caba326571268403f603d
 2022-03-02 02:58:36 +00:00
Robert Lee
c56fcea847 Fix selinux error for aocd am: e5cf8beff3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17033481

Change-Id: Iab67ca429892fa837fb604a37646da0f123abf4c
 2022-03-02 02:58:02 +00:00
TreeHugger Robot
bdc06d1db9 Merge "Add sepolicy rules for fingerprint hal" into tm-dev am: c865c80379 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17033478

Change-Id: I13cc04e4616c765209cae2ed2d6f4a99baa78673
 2022-03-02 02:57:14 +00:00
Robert Lee
2e5b1c4e48 Fix selinux error for aocd am: e5cf8beff3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17033481

Change-Id: I773cdab996c4dff3d14d736634cfc033bc7b4a1f
 2022-03-02 02:56:09 +00:00
TreeHugger Robot
c865c80379 Merge "Add sepolicy rules for fingerprint hal" into tm-dev 2022-03-02 02:40:58 +00:00
Robert Lee
e5cf8beff3 Fix selinux error for aocd 
allow write permission to fix following error
auditd  : type=1400 audit(0.0:4): avc: denied { write } for comm="aocd" name="aoc" dev="tmpfs" ino=497 scontext=u:r:aocd:s0 tcontext=u:object_r:aoc_device:s0 tclass=chr_file permissive=0

Bug: 198490099
Test: no avc deny when enable no_ap_restart
Change-Id: Ia72ee36137d78f969c28bf22647443cef45d186a
Signed-off-by: Robert Lee <lerobert@google.com>
 2022-03-01 09:13:46 +00:00
Kris Chen
e0c6120237 Add sepolicy rules for fingerprint hal 
Fix the following avc denial:
avc: denied { set } for property=vendor.gf.cali.state pid=1152 uid=1000 gid=1000 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 219372997
Bug: 220263520
Test: No above avc denial in logcat.
Change-Id: I93ace30c67e04bc836bfba050028a1f25af641d5
 2022-03-01 15:05:42 +08:00
Midas Chien
acd4220ac9 Allow composer to read panel_idle_handle_exit sysfs node 
Change panel_idle_exit_handle selinux type to sysfs_display to allow
composer to access it.

Bug: 202182467
Test: ls -Z to check selinux type
Test: composer can access it in enforce mode
Change-Id: I5ca811f9500dc452fe6832dd772376da51f675a8
 2022-02-25 23:07:09 +08:00
Edwin Wong
1407c2c46c Merge "whitechapel: sepolicy for Widevine AIDL HAL" into tm-dev am: 6b7fff8497 am: 511fa44942 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16952398

Change-Id: Ia16c7a2038f770433749016f9b848c77b4400cc3
 2022-02-23 17:47:34 +00:00
Edwin Wong
511fa44942 Merge "whitechapel: sepolicy for Widevine AIDL HAL" into tm-dev am: 6b7fff8497 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16952398

Change-Id: Ib242c34e2529238d776ec2bfaa3df9d262ae9bbd
 2022-02-23 17:18:39 +00:00
Edwin Wong
7fa281bef7 Merge changes from topic "gs101-drm-aidl-tm-dev" into tm-mainline-prod am: 04f5b072fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16952398

Change-Id: I49312e57c049080aa458630cde2eb0937b7f28f7
 2022-02-23 16:50:03 +00:00
Edwin Wong
6b7fff8497 Merge "whitechapel: sepolicy for Widevine AIDL HAL" into tm-dev 2022-02-23 01:08:19 +00:00
Edwin Wong
04f5b072fe Merge changes from topic "gs101-drm-aidl-tm-dev" into tm-mainline-prod 
* changes:
  [automerge] whitechapel: sepolicy for Widevine AIDL HAL 2p: cb04f5981f
  whitechapel: sepolicy for Widevine AIDL HAL
 2022-02-23 01:08:19 +00:00
Edwin Wong
e5b9a2dd37 Merge changes from topic "gs101-drm-aidl-tm-dev" 
* changes:
  [automerge] whitechapel: sepolicy for Widevine AIDL HAL 2p: cb04f5981f 2p: cd2ded60aa
  [automerge] whitechapel: sepolicy for Widevine AIDL HAL 2p: cb04f5981f
  whitechapel: sepolicy for Widevine AIDL HAL
 2022-02-23 01:08:19 +00:00
Aaron Tsai
dfd957cf04 [automerger skipped] Fix selinux error for system_app am: 05565c1f14 am: d2d83c8e2d am: 84bacff9ab am: e704af0ed7 am: 4aadbb9b12 -s ours 
am skip reason: Merged-In I73d45f3cf1fe0bd918bb4856ce554e81702e4ff9 with SHA-1 05565c1f14 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1992670

Change-Id: I2df36cd58685e606a240a79f401d6fb4d70235db
 2022-02-22 03:46:45 +00:00
Aaron Tsai
c308db7b79 Fix selinux error for system_app am: 05565c1f14 am: d2d83c8e2d am: 84bacff9ab am: e704af0ed7 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1992670

Change-Id: Ib123b407465af30ad4cabc2520f165651b856e48
 2022-02-22 02:50:12 +00:00
Aaron Tsai
4aadbb9b12 Fix selinux error for system_app am: 05565c1f14 am: d2d83c8e2d am: 84bacff9ab am: e704af0ed7 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1992670

Change-Id: If65e0ca5ffae9149ed910919734ab0c295e68b4e
 2022-02-22 02:48:51 +00:00
Aaron Tsai
e704af0ed7 Fix selinux error for system_app am: 05565c1f14 am: d2d83c8e2d am: 84bacff9ab 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1992670

Change-Id: I6e91791926ff7d840c7317fbf5d9656338960132
 2022-02-22 02:29:22 +00:00
Aaron Tsai
84bacff9ab Fix selinux error for system_app am: 05565c1f14 am: d2d83c8e2d 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1992670

Change-Id: Ibdbeeee937e4c856adfebad71a956a343b820dfa
 2022-02-22 01:56:28 +00:00
Aaron Tsai
d2d83c8e2d Fix selinux error for system_app am: 05565c1f14 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1992670

Change-Id: Ia3c6c0aae82c19a5d1c019cce2700c5e64c8bb11
 2022-02-22 01:35:41 +00:00
TreeHugger Robot
34d31c907b Merge "[automerge] Temporarily don't audit hal_fingerprint to fix avc denial 2p: 5e2e261148" 2022-02-21 16:17:54 +00:00
Shubham Dubey
7384b16034 [automerge] Temporarily don't audit hal_fingerprint to fix avc denial 2p: 5e2e261148 2p: 207c47f797 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16963324

Change-Id: I07d124191b6dd6e4a29834b1a62122cd787779af
 2022-02-21 13:07:41 +00:00
Presubmit Automerger Backend
207c47f797 [automerge] Temporarily don't audit hal_fingerprint to fix avc denial 2p: 5e2e261148 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16963324

Change-Id: I7bec529ed0e22e9f7cee5d3d10312f2ed782082c
 2022-02-21 13:07:35 +00:00
Presubmit Automerger Backend
aa76244476 [automerge] Temporarily don't audit hal_fingerprint to fix avc denial 2p: 5e2e261148 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16963324

Change-Id: Ibb2d6ae298945f1d3478a896a2ae796359d3c535
 2022-02-21 13:07:35 +00:00
Shubham Dubey
5e2e261148 Temporarily don't audit hal_fingerprint to fix avc denial 
Fix: 220263520

Change-Id: Ic06981fdc071c5027e6ccd137c1a2d19b9366c98
 2022-02-21 13:07:23 +00:00
Aaron Tsai
05565c1f14 Fix selinux error for system_app 
01-26 05:04:53.364   440   440 I auditd  : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:system_app:s0 pid=3063 scontext=u:r:system_app:s0 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 216531913
Test: verified with the forrest ROM and error log gone

Change-Id: I73d45f3cf1fe0bd918bb4856ce554e81702e4ff9
Merged-In: I73d45f3cf1fe0bd918bb4856ce554e81702e4ff9
 2022-02-21 12:16:45 +08:00
Robert Shih
2427a4eb35 [automerge] whitechapel: sepolicy for Widevine AIDL HAL 2p: cb04f5981f 2p: cd2ded60aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16952398

Bug: 219538389
Change-Id: I1ac033f48b132f61e16d8f55bfaa265ddf9f1dea
 2022-02-20 20:39:14 +00:00
Robert Shih
cd2ded60aa [automerge] whitechapel: sepolicy for Widevine AIDL HAL 2p: cb04f5981f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16952398

Bug: 219538389
Change-Id: Ic0d398eb11da8a88e7c2f504a1131bc388008f3c
 2022-02-20 20:39:03 +00:00
Robert Shih
cb04f5981f whitechapel: sepolicy for Widevine AIDL HAL 
Bug: 219538389
Test: atest GtsMediaTestCases
Change-Id: I431554dcbef014f8235f048ee062a218a2131f9c
 2022-02-20 12:35:22 -08:00
Junkyu Kang
1b3242e008 [automerger skipped] Add persist.vendor.gps to sepolicy am: 9244051b35 am: a5b052c132 am: 86d20c2552 -s ours am: 07f17be3f3 -s ours am: 4e4ffaf6bc -s ours 
am skip reason: Merged-In I3fdaf564eacec340003eed0b5845a2c08922362c with SHA-1 b9ad182d4a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1989989

Change-Id: I5ba0f0673c4b634ade8f81990812df02f3810b2d
 2022-02-18 08:29:19 +00:00
Junkyu Kang
19479f5721 [automerger skipped] Add persist.vendor.gps to sepolicy am: 9244051b35 am: a5b052c132 am: 86d20c2552 -s ours am: 07f17be3f3 -s ours 
am skip reason: Merged-In I3fdaf564eacec340003eed0b5845a2c08922362c with SHA-1 b9ad182d4a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1989989

Change-Id: I152a68c9e339e0ac5101f684a4f540c5f4d504c4
 2022-02-18 07:58:51 +00:00
Junkyu Kang
4e4ffaf6bc [automerger skipped] Add persist.vendor.gps to sepolicy am: 9244051b35 am: a5b052c132 am: 86d20c2552 -s ours am: 07f17be3f3 -s ours 
am skip reason: Merged-In I3fdaf564eacec340003eed0b5845a2c08922362c with SHA-1 b9ad182d4a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1989989

Change-Id: I3c19666a52df166e21dde1d58d77381d0fccd7ce
 2022-02-18 07:57:31 +00:00
Junkyu Kang
07f17be3f3 [automerger skipped] Add persist.vendor.gps to sepolicy am: 9244051b35 am: a5b052c132 am: 86d20c2552 -s ours 
am skip reason: Merged-In I3fdaf564eacec340003eed0b5845a2c08922362c with SHA-1 b9ad182d4a is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1989989

Change-Id: I6f04e1a3b94eda3ddc3ace332aaebaa0da1e9501
 2022-02-18 07:37:40 +00:00
Junkyu Kang
86d20c2552 Add persist.vendor.gps to sepolicy am: 9244051b35 am: a5b052c132 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1989989

Change-Id: I0844fbc02141fc6efa77d0cd47d00fd56a15f3e2
 2022-02-18 07:12:19 +00:00
Junkyu Kang
a5b052c132 Add persist.vendor.gps to sepolicy am: 9244051b35 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1989989

Change-Id: Ibb1a3b4cca8fa3549eeef548d0939829413e8af1
 2022-02-18 06:50:19 +00:00
TreeHugger Robot
d95da03285 Merge "Add hal_usb_impl permission" 2022-02-17 16:42:12 +00:00
Midas Chien
943cb1278a Merge "Allow composer to read panel_idle sysfs node" 2022-02-17 09:17:44 +00:00
Junkyu Kang
9244051b35 Add persist.vendor.gps to sepolicy 
Bug: 196002632
Test: PixelLogger can modify persist.vendor.gps.*
Change-Id: I3fdaf564eacec340003eed0b5845a2c08922362c
Merged-In: I3fdaf564eacec340003eed0b5845a2c08922362c
 2022-02-17 08:55:49 +00:00
Midas Chien
32307ac30d Allow composer to read panel_idle sysfs node 
Change panel_idle selinux type to sysfs_display to allow composer can
read it.

Bug: 198808492
Bug: 219857957
Test: ls -Z to check selinux type
Test: make sure init(write) and composer(read) can access it
Change-Id: I77ae701a73a047b26b4ebb3c9d482c8cb9220999
 2022-02-16 16:28:06 +08:00
Junkyu Kang
26e6d6f2b6 Merge "Add persist.vendor.gps to sepolicy" 2022-02-16 08:16:05 +00:00
Ricky Niu
05eb29e217 Add hal_usb_impl permission 
Add hal_usb_impl get below permission

allow hal_usb_impl configfs:dir rw_dir_perms;
allow hal_usb_impl configfs:file create_file_perms;

avc denied
02-16 12:05:19.820   788   788 I android.hardwar: type=1400 audit(0.0:4882): avc: denied { search } for name="/" dev="configfs" ino=13419 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=1
02-16 12:05:19.820   788   788 I android.hardwar: type=1400 audit(0.0:4883): avc: denied { write } for name="g1" dev="configfs" ino=38003 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=1
02-16 12:05:19.820   788   788 I android.hardwar: type=1400 audit(0.0:4884): avc: denied { add_name } for name="UDC" scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=dir permissive=1
02-16 12:05:19.820   788   788 I android.hardwar: type=1400 audit(0.0:4885): avc: denied { create } for name="UDC" scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=file permissive=1
02-16 12:05:19.820   788   788 I android.hardwar: type=1400 audit(0.0:4886): avc: denied { write } for name="UDC" dev="configfs" ino=106988 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:configfs:s0 tclass=file permissive=1

Bug: 218997592
Signed-off-by: Ricky Niu <rickyniu@google.com>
Change-Id: I854479cef1a0b8ad518814fb9d20558cf52202e7
 2022-02-16 14:27:36 +08:00
Xin Li
78a2d63a45 [automerger skipped] Merge sc-v2-dev-plus-aosp-without-vendor@8084891 am: 81caef24ad -s ours am: 14abf01391 -s ours 
am skip reason: Merged-In Icecca9f69ee9b57d43aa2864864951bf66c4905f with SHA-1 ca06222472 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16844142

Change-Id: I1d3f3dc99e04d19b61696677a4bf1fd87a168fe4
 2022-02-14 18:21:12 +00:00
Xin Li
14abf01391 [automerger skipped] Merge sc-v2-dev-plus-aosp-without-vendor@8084891 am: 81caef24ad -s ours 
am skip reason: Merged-In Icecca9f69ee9b57d43aa2864864951bf66c4905f with SHA-1 ca06222472 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16844142

Change-Id: I12d27f867dd598e669aa86e1bec26c3aafbef4a3
 2022-02-14 18:03:48 +00:00
Xin Li
81caef24ad Merge sc-v2-dev-plus-aosp-without-vendor@8084891 
Bug: 214455710
Merged-In: Icecca9f69ee9b57d43aa2864864951bf66c4905f
Change-Id: Ibf8d551c16f8f941cfc8072a29ef5c57e8bef170
 2022-02-11 07:12:06 +00:00