Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3443 commits 1 branch 0 tags 494 MiB
Commit graph

192 commits

Author SHA1 Message Date
Minchan Kim
86ef69850b Remove vendor_init.te from tracking_denials 
Since last error fixed, remove the vendor_init.te from tracking_denials.

Bug: 190337297
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I5178c864a70748c1dddf8c08baa8d653cd0225d9
 2022-07-15 05:10:55 +00:00
Adam Shih
32d987cd24 Update SELinux error 
Bug: 234547283
Change-Id: I50bd66a22755eefe7aa24ec1042e3b6cb627ad3d
 2022-07-15 00:30:47 +00:00
Adam Shih
74d2d8963f Update error on ROM 8820442 
Bug: 238825802
Test: testSysfsHealth
Change-Id: I607f78de19b18b258309f89669ded393dd74a2a7
 2022-07-13 11:01:28 +08:00
Adam Shih
c6186c2960 Update SELinux error 
Test: checkSensors
Bug: 238571420
Test: checkLockScreen
Bug: 238570971
Test: scanBugreport
Bug: 238571324
Change-Id: Ia6f2db6374d7ebe1a9c3f5b0bd8d152ed9d4a9a0
 2022-07-11 10:24:12 +08:00
Adam Shih
347e482d19 Update SELinux error 
Test: checkLockScreen
Bug: 238263438
Bug: 238263568
Change-Id: I694924ceb031abb749e4b92a715d3b7dc87088be
 2022-07-07 11:29:44 +08:00
Adam Shih
bc85d46045 ignore shell access on wlc 
Bug: 238038592
Test: boot
Change-Id: I09b67ca07d7f9573d77f64686fb818d4dc1753cc
 2022-07-06 14:44:41 +08:00
Adam Shih
a8aeb4a6c9 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238143262
Bug: 238143381
Change-Id: Ibe3ce917418d71b61aa6d085041a51dda5998c74
 2022-07-06 02:58:51 +00:00
Adam Shih
7835523aea Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238038592
Change-Id: Id248ba82c49fa09be28f7a0219eb42b0ecc9e358
 2022-07-05 11:17:25 +08:00
Adam Shih
d472e161ae mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 am: c68fe289e3 am: 5bf5ffc8d3 am: d8d5fd4374 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I75a4589877c5803c6facbb189bd36662c66d2274
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 06:29:36 +00:00
Adam Shih
5bf5ffc8d3 mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 am: c68fe289e3 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I2afec41baa838d8db9ab23d9d01def68249d99c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 05:44:54 +00:00
Adam Shih
c68fe289e3 mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I15a18379ff4969dcb043e2fae94cf6c9f13ac834
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 05:18:34 +00:00
Adam Shih
5889704eff mute update_engine probing mnt_vendor_file 
Bug: 187016910
Test: boot to home
Change-Id: I5f7141f817b543a1499ef5826177f3ac4945e857
 2022-06-14 02:58:58 +00:00
Krzysztof Kosiński
bdd4ecc51c gs101: Add dontaudit statements to camera HAL policy. am: fbcf66a04a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18817845

Change-Id: I6138022efbcdc8ce149123399d3a8277e69c64b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:04:38 +00:00
Krzysztof Kosiński
fbcf66a04a gs101: Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Fix: 178980085
Fix: 180567725
Fix: 218585004
Test: build & camera check on raven
Change-Id: I3f3a1f64d403182d4f592f1cacc6ef8d1418062d
(cherry picked from commit b71d24d62c)
 2022-06-09 20:53:05 +00:00
Adam Shih
7e5fd22585 remove obsolete entries am: 2bb24e91b3 am: 35653159b1 am: 6701e00896 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18800078

Change-Id: I078bf3ae04c1f83a944062684d3afaf7840150ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-09 06:22:30 +00:00
Adam Shih
249ef7bd07 remove obsolete sepolicy am: acf18a6f23 am: 60e41883e7 am: 9c49855f44 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18800077

Change-Id: I7eeef5fd9d5401b1e823c77857f3149ea5a840ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-09 05:56:19 +00:00
Adam Shih
d7f53f6018 remove obsolete entries 
Bug: 190337296
Bug: 228181404
Test: adb bugreport
Change-Id: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
Merged-In: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
 2022-06-09 12:06:04 +08:00
Adam Shih
2bb24e91b3 remove obsolete entries 
Bug: 190337296
Bug: 228181404
Test: adb bugreport
Change-Id: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
 2022-06-09 11:59:45 +08:00
Adam Shih
acf18a6f23 remove obsolete sepolicy 
Bug: 193474772
Bug: 193726003
Bug: 193009345
Bug: 190337283
Bug: 226717475
Test: boot with no relevant avc error shows up
Change-Id: I8af2693fb7726e49d9b6d1c13010840a0b581326
 2022-06-09 11:29:43 +08:00
Adam Shih
518c7910be remove obsolete sepolicy 
Bug: 193474772
Bug: 193726003
Bug: 193009345
Bug: 190337283
Bug: 226717475
Test: boot with no relevant avc error shows up

Change-Id: I8af2693fb7726e49d9b6d1c13010840a0b581326
Merged-In: I8af2693fb7726e49d9b6d1c13010840a0b581326
 2022-06-09 11:05:03 +08:00
Suki Liu
13e8467fc0 Merge "Update avc error on ROM 8595544" 2022-05-17 02:11:01 +00:00
Orion Hodson
3893757352 Remove incidentd denial for apex_info_file am: 400d4fb7f4 am: 4fa31df30e am: 71f450f955 am: 32a87f289f am: ea2f827fd7 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2098049

Change-Id: I621c4e5397c7af9676abc2ca0f35d6939b9cc6a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-16 20:28:50 +00:00
Orion Hodson
71f450f955 Remove incidentd denial for apex_info_file am: 400d4fb7f4 am: 4fa31df30e 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2098049

Change-Id: I7dc2d9dc20e060c9c2db2b9f98bd1292e0677033
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-16 16:59:14 +00:00
Orion Hodson
400d4fb7f4 Remove incidentd denial for apex_info_file 
Underlying issue addressed by https://r.android.com/1849822 which
gives incidentd r_file_perms for apex_info_file:file.

Fix: 187015816
Test: atest incidentd_test; adb logcat | grep denied
Change-Id: I90b57a5f01c97c8488c10692208080557a863051
 2022-05-16 14:45:53 +01:00
sukiliu
101a021277 Update avc error on ROM 8595544 
Bug: 232714489
Bug: 231821875
Test: PtsSELinuxTestCases
Change-Id: I4dd2c51dd237b19a110b24cb7ac8e1cb2284f99c
 2022-05-16 12:00:57 +08:00
Krzysztof Kosiński
b71d24d62c gs101: Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Fix: 178980085
Fix: 180567725
Test: build & camera check on raven
Change-Id: I3f3a1f64d403182d4f592f1cacc6ef8d1418062d
 2022-05-10 05:34:51 +00:00
chungkai
384218408f sepolicy: ignore avc denial 
dont audit since it's debugfs

Bug: 228181404
Test: forrest with boot test
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I7f2a85e2a405c78c9d8d11e9c2fdfdc5e87f7931
 2022-04-06 09:21:24 +00:00
sukiliu
ed3ac0623b Update avc error on ROM 8386107 
Bug: 226717475
Test: PtsSELinuxTestCases
Change-Id: Ia366a4ad0f193858960b7c5df34096bd2d4eada5
 2022-03-31 15:48:04 +08:00
sukiliu
037f9cda4e Update avc error on ROM 8276520 
Bug: 223502652
Bug: 223330933
Test: PtsSELinuxTestCases
Change-Id: Ib8c14c4928410ee5ed4626e95e2882b89341ee9a
 2022-03-09 14:16:33 +08:00
Kris Chen
e0c6120237 Add sepolicy rules for fingerprint hal 
Fix the following avc denial:
avc: denied { set } for property=vendor.gf.cali.state pid=1152 uid=1000 gid=1000 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 219372997
Bug: 220263520
Test: No above avc denial in logcat.
Change-Id: I93ace30c67e04bc836bfba050028a1f25af641d5
 2022-03-01 15:05:42 +08:00
Shubham Dubey
5e2e261148 Temporarily don't audit hal_fingerprint to fix avc denial 
Fix: 220263520

Change-Id: Ic06981fdc071c5027e6ccd137c1a2d19b9366c98
 2022-02-21 13:07:23 +00:00
Philip Quinn
b834b1d008 Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-26 02:06:20 +00:00
Philip Quinn
d5ac0ac3ce Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-09-28 20:11:33 +00:00
Adam Shih
22ed933f97 label extcon files 
Bug: 199987074
Test: boot with no relevant errors
Change-Id: Idd26d8675c332043b1066e3eba1706527254eb03
 2021-09-16 10:02:11 +08:00
sukiliu
2d2d6999d2 Update avc error on ROM 7733084 
avc: denied { read } for comm="android.ui" name="extcon0" dev="sysfs" ino=72527 scontext=u:r:system_server:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0

Bug: 199987074
Test: PtsSELinuxTestCases
Change-Id: I1d160b06b4b0bba9402ae3de5f564d6f893505c1
 2021-09-15 14:41:46 +08:00
qinyiyan
ee4e7f45ce Revert the unnecessary sepolicy rules for hal_neuralnetworks_darwinn. 
Bug: 194241380
Test: flashed forrest build and ran PtsSELinuxTestCases
Change-Id: Ie2f0572a368f09e522bc2cdfdf9da1859c1c44e7
 2021-07-30 23:36:06 +00:00
Michael Eastwood
30bd5e8ed6 Allow hal_dumpstate_default to access vendor_camera_debug_prop 
Bug: 193365129
Test: atest com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: I43e389d46e8116844bb9ca4259e5ea28e86c50f4
 2021-07-27 17:22:47 -07:00
sukiliu
411aa59779 Update avc error on ROM 7566803 
avc: denied { read } for name="platform:1cc40000.sysmmu--platform:1ce00000.abrolhos" dev="sysfs" ino=21006 scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0

Bug: 194241380
Test: PtsSELinuxTestCases
Change-Id: If7ee99a36bca88fffc37c12dc306e0453afb1395
 2021-07-21 09:36:05 +08:00
sukiliu
06ea8d9432 Update avc error on ROM 7550575 
Bug: 193726003
Bug: 193633303
Bug: 193548421
Test: PtsSELinuxTestCases
Change-Id: Id6cb13602eb9a69f7815a0301a5708577c663bd2
 2021-07-15 09:33:58 +08:00
TreeHugger Robot
0afce44985 Merge "Revert "Update avc error on ROM 7526917"" into sc-dev 2021-07-13 17:03:43 +00:00
Michael Ayoubi
04d9f1ac13 Revert "Update avc error on ROM 7526917" 
This reverts commit 81a8e5b4ce.

Reason for revert: <Qorvo Version P2-S4(ag/15139489) which caused these errors got reverted from sc-dev in ag/15224151. It will now go into master>

Bug: 192924316
Change-Id: I772053cf512ba555a5fa657d39f957ac51f013c1
 2021-07-13 17:03:26 +00:00
Adam Shih
9d7e88c27e suppress error for ag/15263334 
Bug: 193474772
Test: boot with no relevant error found
Change-Id: Ia3f49fbf9e623c6b81d6c595e19e275f64521dfe
 2021-07-13 09:57:18 +08:00
sukiliu
a06677ce7a Update avc error on ROM 7539530 
avc: denied { read } for name="u:object_r:vendor_camera_debug_prop:s0" dev="tmpfs" ino=300 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_camera_debug_prop:s0 tclass=file permissive=0
avc: denied { read } for comm="dumpstate@1.1-s" name="u:object_r:vendor_camera_debug_prop:s0" dev="tmpfs" ino=300 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_camera_debug_prop:s0 tclass=file permissive=0

Bug: 193365129
Test: PtsSELinuxTestCases
Change-Id: I1d0258ec4ce2abbf8f899add86be2076c0c72be0
 2021-07-12 09:49:17 +08:00
SHUCHI LILU
54780f7ae3 Merge "Update avc error on ROM 7527858" into sc-dev 2021-07-08 02:53:28 +00:00
KRIS CHEN
ba9051de47 Merge "Add sepolicy rules for fingerprint hal" into sc-dev 2021-07-08 02:05:03 +00:00
Kris Chen
a5c9028ced Add sepolicy rules for fingerprint hal 
Fix following avc denial:
servicemanager: type=1400 audit(0.0:8): avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_fingerprint_default:s0 tclass=binder permissive=0

Bug: 192040144
Test: No above avc denial in logcat.
Change-Id: I1b93474cac4ccb24736bc97665a7ca533ef0a7d3
 2021-07-08 00:59:49 +08:00
sukiliu
a2d9731099 Update avc error on ROM 7527858 
avc:  denied  { find } for pid=2874 uid=1083 name=isub scontext=u:r:uwb_vendor_app:s0:c59,c260,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=0

Bug: 193009345
Bug: 192924316
Test: PtsSELinuxTestCases
Change-Id: I694c1a98ab57123c44717d2af5e57cfc486f76a1
 2021-07-07 20:01:18 +08:00
SHUCHI LILU
72bc4971df Merge "Update avc error on ROM 7526917" into sc-dev 2021-07-07 07:33:25 +00:00
sukiliu
81a8e5b4ce Update avc error on ROM 7526917 
Bug: 192980495
Bug: 192980564
Bug: 192924316
Test: PtsSELinuxTestCases
Change-Id: If1042973df8d8eac24065e50e64d5a60c5a4dc49
 2021-07-07 10:57:30 +08:00
Randall Huang
d328008234 Fix overlayfs avc denied 
avc: denied { rename } for comm="init" name="#b" dev="dm-6" ino=52
scontext=u:r:init:s0 tcontext=u:object_r:overlayfs_file:s0
tclass=file permissive=1

avc: denied { unlink } for comm="init" name="#b" dev="dm-6" ino=53
scontext=u:r:init:s0 tcontext=u:object_r:overlayfs_file:s0
tclass=chr_file permissive=1

Bug: 192617244
Test: boot & adb remount
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: I740ff317520439034d2bf6e0659b1418bf6dac5c
 2021-07-06 18:19:04 +08:00