device_google_gs101

Author	SHA1	Message	Date
TreeHugger Robot	9a865e84c7	Merge "Allow fingerprint hal to access fingerprint device" into sc-dev	2021-03-19 02:19:59 +00:00
Kris Chen	10fda56cd1	Allow fingerprint hal to access fingerprint device Fixes the following avc denials: 03-18 10:57:10.612 947 947 I android.hardwar: type=1400 audit(0.0:8): avc: denied { open } for path="/dev/goodix_fp" dev="tmpfs" ino=482 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1 03-18 10:57:10.632 947 947 I android.hardwar: type=1400 audit(0.0:9): avc: denied { ioctl } for path="/dev/goodix_fp" dev="tmpfs" ino=482 ioctlcmd=0x6707 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1 03-18 10:57:13.672 947 947 I android.hardwar: type=1400 audit(0.0:14): avc: denied { ioctl } for path="/dev/goodix_fp" dev="tmpfs" ino=482 ioctlcmd=0x6706 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1 03-18 10:57:32.704 947 947 I HwBinder:947_1: type=1400 audit(0.0:26): avc: denied { ioctl } for path="/dev/goodix_fp" dev="tmpfs" ino=482 ioctlcmd=0x6705 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1 Bug: 171943101 Test: No above avc denials in logcat. Change-Id: I254a01a2c11fcaba9ad3f387862a8d0ddafffd38	2021-03-18 19:23:54 +08:00
iayara	adeaaead76	Add "libedgetpu_darwinn2.so" library duplicate to be used for external launch. This change is intended to keep naming consistency with previous Darwinn external launch. In the future, all "libedgetpu_darwinn2.so" instances should be replaced by "libedgetpu_util.so". Bug: 182303547 Change-Id: I99e83f5f2e317b195b2061c781cb23544e547c55	2021-03-17 23:47:07 +00:00
Wen Chang Liu	e72c30346f	Merge changes Ie0ed96d7,Id7f43fe1 into sc-dev * changes: Add sepolicy for BigOcean device Add sepolicy for MFC device	2021-03-12 05:41:08 +00:00
Sung-fang Tsai	1bcf7d412a	Merge "Mark lib_aion_buffer and related library as same_process_hal_file" into sc-dev	2021-03-12 04:18:59 +00:00
wenchangliu	f98706e87b	Add sepolicy for BigOcean device add /dev/bigocean to video_device avc: denied { read write } for name="bigocean" dev="tmpfs" ino=629 \ scontext=u:r:mediacodec:s0 tcontext=u:object_r:device:s0 \ tclass=chr_file permissive=1 avc: denied { open } for path="/dev/bigocean" dev="tmpfs" ino=629 \ scontext=u:r:mediacodec:s0 tcontext=u:object_r:device:s0 \ tclass=chr_file permissive=1 avc: denied { ioctl } for path="/dev/bigocean" dev="tmpfs" ino=629 \ ioctlcmd=0x4202 scontext=u:r:mediacodec:s0 tcontext=u:object_r:device:s0 \ tclass=chr_file permissive=1 avc: denied { ioctl } for comm=436F646563322E30204C6F6F706572 path="/dev/bigocean" \ dev="tmpfs" ino=629 ioctlcmd=0x4202 scontext=u:r:mediacodec:s0 \ tcontext=u:object_r:device:s0 tclass=chr_file permissive=1 Bug: 172173484 Test: Play AV1 clips in enforcing mode Change-Id: Ie0ed96d7bf4324bd38a9c42500f4f747f092bfd9	2021-03-12 10:54:10 +08:00
wenchangliu	b52121a259	Add sepolicy for MFC device - Add sysfs_video type for mfc device - Allow mediacode to access sysfs_video avc: denied { read } for name="name" dev="sysfs" ino=62278 \ scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \ tclass=file permissive=1 avc: denied { open } for path="/sys/devices/platform/mfc/video4linux/video7/name" \ dev="sysfs" ino=62278 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \ tclass=file permissive=1 avc: denied { getattr } for path="/sys/devices/platform/mfc/video4linux/video7/name" \ dev="sysfs" ino=62278 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \ tclass=file permissive=1 avc: denied { read } for name="name" dev="sysfs" ino=62230 \ scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \ tclass=file permissive=1 avc: denied { open } for path="/sys/devices/platform/mfc/video4linux/video6/name" \ dev="sysfs" ino=62230 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \ tclass=file permissive=1 avc: denied { getattr } for path="/sys/devices/platform/mfc/video4linux/video6/name" \ dev="sysfs" ino=62230 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \ tclass=file permissive=1 Bug: 172173484 Test: video playback / camera recording with enforcing mode Change-Id: Id7f43fe11c9ed089067f43a50d7f765df873d6c6	2021-03-12 10:51:41 +08:00
Pat Tjin	854db479bb	Merge "Move wireless charger HAL to 1.3" into sc-dev	2021-03-11 19:57:54 +00:00
Sung-fang Tsai	82376e2d49	Mark lib_aion_buffer and related library as same_process_hal_file To allow access by Google Camera App, which needs this for vendor-specific buffer management functionality to enable zero-copy camera RAW->GPU buffer handling. Test: GCA works with forrest build P20546991. Bug: 159839616 Change-Id: I71bdcd12f17013881d7a5da2f11e444f0d3b4f94	2021-03-11 12:02:04 +00:00
TreeHugger Robot	ef6e91692a	Merge changes I68aace66,Idf510e4a into sc-dev * changes: gs101-sepolicy: Add twoshay permissions Add touch procfs and sysfs sepolicy	2021-03-11 09:16:51 +00:00
yihsiangpeng	cc8429cc0d	Move wireless charger HAL to 1.3 Bug: 179464598 Signed-off-by: yihsiangpeng <yihsiangpeng@google.com> Change-Id: I73d1d811f2483bbe80e7d4aea1f6e9f143bc2836	2021-03-11 14:47:49 +08:00
Tai Kuo	8cac55487b	gs101-sepolicy: Add twoshay permissions Add twoshay and touch input context library permissions Bug: 173330899 Bug: 173330981 Test: check boot-time twoshay startup and no denials. Signed-off-by: Steve Pfetsch <spfetsch@google.com> Change-Id: I68aace66f49c2af1ebfd4bde7082039f9caf3f64 Signed-off-by: Tai Kuo <taikuo@google.com>	2021-03-10 22:23:49 +08:00
Adam Shih	58b3344c7a	label kernel modules and grant bt permission Bug: 182320300 Bug: 182320258 Test: boot to home and connect to bluetooth headset under enforcing mode Change-Id: I6f6e8359d03eb4205268d56a1fcd50ce1445f442	2021-03-10 10:36:45 +08:00
Taehwan Kim	7d77820127	Add missing permission to dmabuf_video_system_heap Bug: 153786620 Bug: 182086551 Bug: 182086552 Bug: 182086686 Bug: 182086482 Bug: 182086481 Bug: 182086550 Test: atest VtsHalMediaC2V1_0TargetVideoDecTest Signed-off-by: Taehwan Kim <t_h.kim@samsung.com> Change-Id: I2bc6057d16bbcc32ef8891f89c0440618d174982	2021-03-09 02:19:06 +00:00
SalmaxChang	4d87bc0f2a	cbd: Fix avc errors avc: denied { write } for comm="cbd" name="ssrdump" dev="dm-9" ino=284 scontext=u:r:cbd:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir avc: denied { add_name } for comm="cbd" name="crashinfo_modem_2021-03-02_10-57-06.txt" scontext=u:r:cbd:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir avc: denied { write } for comm="sh" name="image" dev="dm-9" ino=231 scontext=u:r:cbd:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir avc: denied { read } for comm="cbd" name="u:object_r:radio_prop:s0" dev="tmpfs" ino=206 scontext=u:r:cbd:s0 tcontext=u:object_r:radio_prop:s0 tclass=file avc: denied { search } for comm="cbd" name="/" dev="sda15" ino=2 scontext=u:r:cbd:s0 tcontext=u:object_r:persist_file:s0 tclass=dir avc: denied { syslog_read } for comm="cbd" scontext=u:r:cbd:s0 tcontext=u:r:kernel:s0 tclass=system Bug: 179198083 Bug: 178331928 Bug: 171267363 Change-Id: I8a89e360e6d614ad76ed2eb78467fcbedf1ea0ce	2021-03-08 06:00:45 +00:00
Robin Peng	5009efa776	Move slider-sepolicy into gs101-sepolicy from: 71e609c24c97fc8d44843af30527cbeb90d5dcdf Bug: 167996145 Change-Id: Ie00e7e0983a3ca695bbd5140c929d07a80144301	2021-03-06 16:15:39 +08:00

16 commits