Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1723 commits 1 branch 0 tags 494 MiB
Commit graph

1723 commits

This branch
This branch
All branches
Author SHA1 Message Date
linpeter
7931384a9d atc context change am: 85d5a9a60a am: af647ece2f am: 39363f3e1a 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1951025

Change-Id: I35e7cfe6ec8a3b959dbae7f2aa7d9cbf4de219dd
 2022-01-21 22:47:46 +00:00
Treehugger Robot
b0ecddbd4e Merge "Allow TEE storageproxyd permissions needed for DSU handling" am: 05ca30173e am: 3cde81c794 am: 5dd5b0dd29 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1923363

Change-Id: I0190a5a7017d8cfa34932ecdbe9c85587408af85
 2022-01-21 22:47:37 +00:00
TeYuan Wang
5c9ca15d60 Label TMU as sysfs_thermal am: 32458cdc49 am: a76533f48b am: 27eae23a3f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1937119

Change-Id: I78fdf05253972c617a124165a6d880083e7c0310
 2022-01-21 22:47:28 +00:00
Yabin Cui
b48e33f29f Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f am: 1a59c0625f am: c581535e5c 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: I391bab4a982ec03d1904d59aa2376a3d3c816c40
 2022-01-21 22:47:19 +00:00
Jasmine Cha
0bfc811257 audio: add sepolicy for getting thermal event am: 2abecb1519 am: 54e84e9978 am: d57668f3cc 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: Idb58719a8511be2f750c8e4a11421d147801b57c
 2022-01-21 22:47:00 +00:00
Jasmine Cha
6a1155a468 [automerger skipped] audio: add permission to request health/sensor data am: a21b7f8800 am: cdcccbbd02 am: 8b5831f247 -s ours 
am skip reason: Merged-In I8e8a512cfbd6be814c98bac75ff6c0e5db028db2 with SHA-1 27a4afc1a9 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: Ib2f5a7ce0376aeedc3c2afb23862ee42e85cb493
 2022-01-21 22:46:31 +00:00
David Anderson
9e40c2e027 Fix sepolicy denial in update_engine. am: 2fe229352b am: e999b85d07 am: b7b8477e12 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: I8f97a3527ec13132ddbba7a0981619f55e0e0f9d
 2022-01-21 22:46:11 +00:00
Matt Buckley
69b607c877 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f am: 8670a782de am: 773506d408 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: Ie88713a1f13dc5e90f0bc928dc2312625bcca096
 2022-01-21 22:45:33 +00:00
Joel Galenson
651a6b8631 Include core policy OWNERS. am: b287da183e am: 453006460d am: 047d2a31ed 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: I7a1f6fb78088aca3c2c748106f8d4cb424c73c23
 2022-01-21 22:45:06 +00:00
Xin Li
1a9568121f [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours am: 01d5ec6d2a -s ours am: 4f9be8d5b2 -s ours 
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: Ic2096a0d1be12d0b8295af1bf852fb5df383c0bb
 2022-01-21 22:44:34 +00:00
chenpaul
cdab1fefb6 Remove wifi_logger related sepolicy settings am: 37d4cfa648 am: 9a9bf7fc09 am: ebc02c3437 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I036388f399ef567dc4eb32d1c4799e58eb8815af
 2022-01-21 22:43:56 +00:00
linpeter
39363f3e1a atc context change am: 85d5a9a60a am: af647ece2f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1951025

Change-Id: I3232bbc6eb0672acce9c8a90c603bee69e388a93
 2022-01-21 22:30:32 +00:00
Treehugger Robot
5dd5b0dd29 Merge "Allow TEE storageproxyd permissions needed for DSU handling" am: 05ca30173e am: 3cde81c794 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1923363

Change-Id: I5e75aabf2f88f5611f8c4406d7bb81de77d3800f
 2022-01-21 22:30:24 +00:00
TeYuan Wang
27eae23a3f Label TMU as sysfs_thermal am: 32458cdc49 am: a76533f48b 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1937119

Change-Id: Ica3d0e3c016616052f18b880cd22e9da8ca1515e
 2022-01-21 22:30:16 +00:00
Yabin Cui
c581535e5c Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f am: 1a59c0625f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: If31d085e00b660262575ab11decb61b372597ceb
 2022-01-21 22:29:59 +00:00
Jasmine Cha
d57668f3cc audio: add sepolicy for getting thermal event am: 2abecb1519 am: 54e84e9978 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: Iddcd4b760301c761c273d53231147a6c1b0927da
 2022-01-21 22:29:29 +00:00
Jasmine Cha
8b5831f247 audio: add permission to request health/sensor data am: a21b7f8800 am: cdcccbbd02 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: I16f8196bfe5e3b49575b936ee6d2376e878aa9be
 2022-01-21 22:29:12 +00:00
David Anderson
b7b8477e12 Fix sepolicy denial in update_engine. am: 2fe229352b am: e999b85d07 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: I45ccf375ccb5b97f848a1db62de77271de5c0b86
 2022-01-21 22:28:55 +00:00
Matt Buckley
773506d408 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f am: 8670a782de 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: I2478a1ce77383d66cd7cb677406920b25bf165da
 2022-01-21 22:28:26 +00:00
Joel Galenson
047d2a31ed Include core policy OWNERS. am: b287da183e am: 453006460d 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: Ia079ef87912e57d704629f397bf6054a83f394bb
 2022-01-21 22:27:53 +00:00
Xin Li
4f9be8d5b2 [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours am: 01d5ec6d2a -s ours 
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: I716fc9fc6a34b69afcdfb0332b3870e19f536f1a
 2022-01-21 22:26:43 +00:00
chenpaul
ebc02c3437 Remove wifi_logger related sepolicy settings am: 37d4cfa648 am: 9a9bf7fc09 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I6402127385b8141c67e44d7f0c8e6d5625fbdc2e
 2022-01-21 22:25:47 +00:00
linpeter
af647ece2f atc context change am: 85d5a9a60a 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1951025

Change-Id: I04d30ff685f7ad74d9f5eff43ff360edf7cf0fd3
 2022-01-21 22:12:40 +00:00
Treehugger Robot
3cde81c794 Merge "Allow TEE storageproxyd permissions needed for DSU handling" am: 05ca30173e 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1923363

Change-Id: I38635cce32595befc29dc3319ba5dd48a5010023
 2022-01-21 22:12:31 +00:00
TeYuan Wang
a76533f48b Label TMU as sysfs_thermal am: 32458cdc49 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1937119

Change-Id: Idc76bdeb58cdff9eb83ae817d8ed01dee9253032
 2022-01-21 22:12:21 +00:00
Yabin Cui
1a59c0625f Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: I89a806d01292ec28a0b22bef7833fae566d1d941
 2022-01-21 22:12:12 +00:00
Jasmine Cha
54e84e9978 audio: add sepolicy for getting thermal event am: 2abecb1519 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: I7d33c5cf635907493462d49d8b3a2ceacc128f00
 2022-01-21 22:12:02 +00:00
Jasmine Cha
cdcccbbd02 audio: add permission to request health/sensor data am: a21b7f8800 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: I0ec1f8e2c389b199e0b0646397bdd40593b3c374
 2022-01-21 22:11:55 +00:00
David Anderson
e999b85d07 Fix sepolicy denial in update_engine. am: 2fe229352b 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: Ie42aaf3f8b972471ccf43fda689e32bc4b388bf8
 2022-01-21 22:11:24 +00:00
Matt Buckley
8670a782de Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: I20977b9d52ecd10ce3feac4111677e278cadd3c2
 2022-01-21 22:11:00 +00:00
Joel Galenson
453006460d Include core policy OWNERS. am: b287da183e 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: I91c6a5a9e6fde086d82b2def66207b938f18adae
 2022-01-21 22:10:13 +00:00
Xin Li
01d5ec6d2a [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours 
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: Icf501a9eaa676a0fbf49f2862e76fe482dfa6238
 2022-01-21 22:09:34 +00:00
chenpaul
9a9bf7fc09 Remove wifi_logger related sepolicy settings am: 37d4cfa648 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I4537982542fcf8f47e7b9fbaacf326db2cc12dc7
 2022-01-21 22:08:19 +00:00
Presubmit Automerger Backend
bb9f892d56 [automerge] Add vendor SELinux denial to allowlist 2p: ed2c8d78ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16672552

Bug: 215640468
Change-Id: Ie94576056af0683b0cb23b51ae8543ef14b2bca7
 2022-01-21 03:37:25 +00:00
eddielan
ed2c8d78ae Add vendor SELinux denial to allowlist 
Bug: 215640468
Test: Build Pass
Change-Id: I8c2aa5ce4c6cc229837f763c6a20a1c27e1978a6
 2022-01-21 03:37:16 +00:00
linpeter
85d5a9a60a atc context change 
Give atc nodes are changed to dqe0 form.

Bug: 213133646
test: test: check avc denied
Change-Id: Ibbcb7538b7874912f8c7e19a77ae6dd32f097ab0
 2022-01-17 16:53:53 +08:00
Treehugger Robot
05ca30173e Merge "Allow TEE storageproxyd permissions needed for DSU handling" 2022-01-12 23:34:32 +00:00
YiHo Cheng
b4024884f1 Merge "thermal: Label tmu register dump sysfs" into sc-v2-dev am: e400db11ba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16569088

Change-Id: I3c9929f0ec857786766b892e415d4b58163797be
 2022-01-12 23:14:55 +00:00
YiHo Cheng
e400db11ba Merge "thermal: Label tmu register dump sysfs" into sc-v2-dev 2022-01-12 23:03:42 +00:00
TeYuan Wang
32458cdc49 Label TMU as sysfs_thermal 
Bug: 202805103
Test: switch thermal tj property and check thermal threshold
Change-Id: Id113b80f856e26412e2e07b9c9b4a61d519b194f
 2022-01-12 10:16:49 +08:00
Yabin Cui
9ee70a3d7f Merge "Add SOC specific ETM sysfs paths" 2022-01-11 19:40:23 +00:00
Jasmine Cha
2abecb1519 audio: add sepolicy for getting thermal event 
type=1400 audit(0.0:15): avc: denied { call } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

type=1400 audit(0.0:16): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

Bug: 204271308
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I900de2a2d8bf0753543ef4428374e782908e7aee
 2022-01-11 13:42:58 +08:00
Jasmine Cha
a21b7f8800 audio: add permission to request health/sensor data 
- Add audio hal into hal_health clients
- Allow audio hal to find fwk_sensor_hwservice
SELinux : avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1
SELinux : avc:  denied  { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1
audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1
audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1

Bug: 199382564
Bug: 199801586
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I8e8a512cfbd6be814c98bac75ff6c0e5db028db2
Merged-In: I8e8a512cfbd6be814c98bac75ff6c0e5db028db2
 2022-01-11 13:42:55 +08:00
YiHo Cheng
ca06222472 thermal: Label tmu register dump sysfs 
Allow dumpstate to access tmu register dump sysfs

[ 1155.422181] type=1400 audit(1641335196.892:8): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_reg_dump_state" dev="sysfs"
ino=68561
scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0
tclass=file permissive=0
[ 1155.423398] type=1400 audit(1641335196.892:9): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_reg_dump_current_temp" dev="sysfs"
ino
=68562 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.443740] type=1400 audit(1641335196.896:10): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_rise_thres"
dev="sysfs"
ino=68563 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.466064] type=1400 audit(1641335196.896:11): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_fall_thres"
dev="sysfs"
ino=68565 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.488251] type=1400 audit(1641335196.916:12): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_sub_reg_dump_rise_thres"
dev="sysfs" ino=68564 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.510614] type=1400 audit(1641335196.960:13): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_sub_reg_dump_fall_thres"
dev="sysfs"
ino=68566 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
o

Bug: 202736838
Test: check thermal section in dumpstate
Change-Id: Icecca9f69ee9b57d43aa2864864951bf66c4905f
 2022-01-11 08:42:45 +08:00
Yabin Cui
1459e9734a Add SOC specific ETM sysfs paths 
Bug: 213519191
Test: run profcollectd on oriole
Change-Id: Ib1ae7466c76362b8242f2bb8560bb8b1d80c4253
 2022-01-10 11:25:25 -08:00
Vinay Kalia
97addf8500 [DO NOT MERGE] Allow media codec to access power HAL am: 8337626f4a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16483773

Change-Id: I4ce0bb633c8d27e798c7a8e80e1d23eb06b3a2a0
 2022-01-10 06:13:59 +00:00
Vinay Kalia
8337626f4a [DO NOT MERGE] Allow media codec to access power HAL 
This commit fixes the following denials:

W /vendor/bin/hw/google.hardware.media.c2@1.0-service: type=1400 audit(0.0:276): avc: denied
{ call } for comm=436F646563322E30204C6F6F706572 scontext=u:r:mediacodec:s0
tcontext=u:r:servicemanager:s0 tclass=binder permissive=0

bug: 206687836
Test: Secure HFR AV1 video playback with resolution change.
Signed-off-by: Vinay Kalia <vinaykalia@google.com>
Change-Id: I79c20bda87af6066ae667a5176747378718a3a62
 2022-01-06 20:18:34 +00:00
David Anderson
2fe229352b Fix sepolicy denial in update_engine. 
pvmfw is an A/B partition but is not properly labeled and update_engine
gets a denial trying to write to it.

Bug: N/A
Test: m otapackage, apply OTA, check for denials
Change-Id: I55f41a8937384d3bcda5797b5df3f34257f7a114
 2021-12-28 21:52:12 -08:00
Matt Buckley
317166636f Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags 
For the hardware composer and surfaceflinger to coordinate on certain features, it is necessary for the hardware composer to be able to read the surface_flinger_native_boot_prop to know what should be enabled.

Bug: b/195990840
Test: None
Change-Id: Idc1599820026febecda84233d60982e7db7b14b5
 2021-12-28 19:08:06 +00:00
Joel Galenson
b287da183e Include core policy OWNERS. 
Test: None
Change-Id: I053d84eba7695fe125783b536421d43117b3f16d
 2021-12-21 07:27:03 -08:00