Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
694 commits 1 branch 0 tags 494 MiB
Commit graph

694 commits

This branch
This branch
All branches
Author SHA1 Message Date
lucaslin
34278f05a0 Add sepolicy for dumpstate to access logs of tcpdump_logger 
Bug: 183467815
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I178aca40d94602994eef619f05a26ceb78eeff1f
 2021-05-04 10:30:22 +08:00
Ted Lin
69c8212a41 wlc fwupdate implementation 
Fix sepolicy problems.

Bug: 183465596
Test: logcat/dmesg grep wlc.
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: I834f4d83f822b8189a576ac198bae9a7d77a3e10
 2021-05-04 02:09:32 +00:00
Daniel Mentz
2fb432f08c Remove /vendor/lib/modules from file_contexts 
Vendor kernel modules were moved to /vendor_dlkm/lib/modules. Let's
remove the old directory /vendor/lib/modules from file_contexts.

Bug: 185184472
Bug: 186777291
Change-Id: I38f1b25cb2d73a804f1cdb113edc9b11f8e516f7
 2021-05-03 18:16:05 -07:00
Chris Kuiper
db03875ebe sepolicy: gs101: allow usf_reg_edit to run 
Provide necessary permissions to run usf_reg_edit from bugreport.

Bug: 187081112
Test: Run "adb bugreport <zip>" and verify it contains the output
      from "usf_reg_edit save -".
Change-Id: Iade132d93105d461d51273d19fe570d48cce46fe
 2021-05-03 16:34:58 -07:00
Daniel Mentz
a3c0b2ba9e Revert "remove wildcard on kernel modules" 
This reverts commit a346a7fa34.

Let's move back to wildcards for kernel modules. This better supports
kernel pre-submit testing and local kernel development where the script
build.sh from the kernel repo is used to create the vendor_dlkm parition
image.  With build.sh, the path to a .ko file includes the kernel
version as well as additional directory components like "extra/" that
describe where in the kernel source key the module is located. Example:

/vendor_dlkm/lib/modules/5.10.33-g2f01cf4c7282-dirty/extra/ftm5.ko

Bug: 185184472
Bug: 186777291
Change-Id: I32f85dae7ca60d9063ad6c63f21ffdaecbb66039
 2021-05-03 15:38:56 -07:00
SHUCHI LILU
626843c9fb Merge "Update avc error on ROM 7330059" into sc-dev am: 1d6ffc2305 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14408671

Change-Id: I0514008ad4d4f75f2dcf8ca368b98a8f63301fed
 2021-05-03 09:49:01 +00:00
SHUCHI LILU
1d6ffc2305 Merge "Update avc error on ROM 7330059" into sc-dev 2021-05-03 09:34:35 +00:00
TreeHugger Robot
332870ab49 Merge "update error on ROM 7331131" into sc-dev am: 4ae391d780 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14409678

Change-Id: I90edfa36d389d23e5fc918fe41272776d4a93cc1
 2021-05-03 09:07:54 +00:00
TreeHugger Robot
4ae391d780 Merge "update error on ROM 7331131" into sc-dev 2021-05-03 08:56:20 +00:00
lucaslin
4099f60681 Add sepolicy for tcpdump_logger to access wlan_logs folder 
tcpdump cannot be zipped into wlan logs when using tcpdump_logger
on-demand function is because tcpdump_logger doesn't have access
of wlan_logs folder.
Add related sepolicies to fix it.

Bug: 183467815
Test: 1. Set logger to wlan
      2. Enable tcpdump_logger on-demand
      3. Start logging
      4. Stop logging
      5. Pull wlan_logs
      6. Check if tcpdump.pcap is zipped into the zip file
Change-Id: Ib1b6c8cbd4512acdbe756d11bfe6f540e16c8db6
 2021-05-03 16:29:18 +08:00
TreeHugger Robot
7b44964c60 Merge "Add sepolicy for sensor HAL accessing AOC sysfs node." into sc-dev am: 2391c852bd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14327406

Change-Id: I51ac93ab8dd7edf5b07c302a5fb4f3b38a16fc9c
 2021-05-03 07:55:07 +00:00
Adam Shih
722b181dd3 update error on ROM 7331131 
Bug: 187016929
Bug: 187016930
Bug: 187016910
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I294a27fd272f73cc371a4a8dc9783ba5f60203ff
 2021-05-03 15:48:46 +08:00
Jenny Ho
4510c55091 set sepolicy for testing_battery_profile 
need run /vendor/bin/sh before setprop

Bug: 180511460
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: I3dbaa984407c82662dea537da671745851035fa2
 2021-05-03 15:47:14 +08:00
TreeHugger Robot
2391c852bd Merge "Add sepolicy for sensor HAL accessing AOC sysfs node." into sc-dev 2021-05-03 07:42:00 +00:00
sukiliu
58238158ab Update avc error on ROM 7330059 
Bug: 187014717
Bug: 187015705
Bug: 187015816
Test: PtsSELinuxTestCases
Change-Id: I2d79fee24d18865090cd350485daea4e66bb5184
 2021-05-03 15:25:20 +08:00
Eddie Lan
0727a341dd Merge "Add sepolicy for fpc AIDL HAL" into sc-dev am: 2d4071ca8c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14282485

Change-Id: I05395504ff6d04b5a7fa0707084872525fcec39c
 2021-05-03 04:02:39 +00:00
Eddie Lan
2d4071ca8c Merge "Add sepolicy for fpc AIDL HAL" into sc-dev 2021-05-03 03:48:40 +00:00
TreeHugger Robot
fdbbf28fa0 Merge "Provide fastbootd permissions to invoke the set_active command" into sc-dev am: 1256869c5c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14391698

Change-Id: I496ba2c956296cc09ef3115fafe5d6c1af589b5e
 2021-05-03 03:31:35 +00:00
TreeHugger Robot
1256869c5c Merge "Provide fastbootd permissions to invoke the set_active command" into sc-dev 2021-05-03 03:19:23 +00:00
Hridya Valsaraju
1711a2d5c7 Provide fastbootd permissions to invoke the set_active command 
These permissions fix the following denials:
[   66.641731][   T59] audit: type=1400 audit(1619815760.952:17): avc:
denied  { open } for  pid=360 comm="fastbootd" path="/dev/block/sdd1"
dev="tmpfs" ino=416 scontext=u:r:fastbootd:s0
tcontext=u:object_r:devinfo_block_device:s0 tclass=blk_file permissive=1
[   66.664509][   T59] audit: type=1400 audit(1619815760.952:18): avc:
denied  { write } for  pid=360 comm="fastbootd" name="sdd1" dev="tmpfs"
ino=416 scontext=u:r:fastbootd:s0
tcontext=u:object_r:devinfo_block_device:s0 tclass=blk_file permissive=1
[   66.686431][   T59] audit: type=1400 audit(1619815760.952:19): avc:
denied  { read write } for  pid=360 comm="fastbootd"
name="boot_lun_enabled" dev="sysfs" ino=57569 scontext=u:r:fastbootd:s0
tcontext=u:object_r:sysfs_ota:s0 tclass=file permissive=1
[   66.708623][   T59] audit: type=1400 audit(1619815760.952:20): avc:
denied  { open } for  pid=360 comm="fastbootd"
path="/sys/devices/platform/14700000.ufs/pixel/boot_lun_enabled"
dev="sysfs" ino=57569 scontext=u:r:fastbootd:s0
tcontext=u:object_r:sysfs_ota:s0 tclass=file permissive=1
[   56.680861][   T59] audit: type=1400 audit(1619806507.020:10): avc:
denied  { read write } for  pid=357 comm="fastbootd" name="sda"
dev="tmpfs" ino=476 scontext=u:r:fastbootd:s0
tcontext=u:object_r:sda_block_device:s0 tclass=blk_file permissive=0

Test: fastboot set_active
Bug: 185955438
Change-Id: I9339b2a5f2a00c9e1768f479fdeac2e1f27f04bc
 2021-04-30 14:37:58 -07:00
TreeHugger Robot
0d8edba50f Merge "Remove platform certification from imsservice" into sc-dev am: 6a5cfd86f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14343989

Change-Id: Ib5bd0d2f54aa7d4133bdfe5ab2ffaf16936716f4
 2021-04-30 17:14:29 +00:00
TreeHugger Robot
6a5cfd86f5 Merge "Remove platform certification from imsservice" into sc-dev 2021-04-30 16:55:56 +00:00
TreeHugger Robot
2d1988d06d Merge "Update gs101 sepolicy for contexthub HAL" into sc-dev am: ff7948fc48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14354723

Change-Id: I5d18bfc7ec389676856b19c0d78b88bafb185f85
 2021-04-30 16:52:14 +00:00
TreeHugger Robot
ff7948fc48 Merge "Update gs101 sepolicy for contexthub HAL" into sc-dev 2021-04-30 16:34:37 +00:00
TreeHugger Robot
61f2e4ad4a Merge "sepolicy:gs101: allow init-insmod-sh to access sysfs_leds nodes" into sc-dev am: c134ed985a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14357213

Change-Id: Ie77154a8220419986654f288ece820c1edc56606
 2021-04-29 23:07:37 +00:00
TreeHugger Robot
c134ed985a Merge "sepolicy:gs101: allow init-insmod-sh to access sysfs_leds nodes" into sc-dev 2021-04-29 22:48:22 +00:00
TreeHugger Robot
43c5bf6ed6 Merge "change persist.camera to persit.vendor.camera" into sc-dev am: 2c4b0fd96a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14356785

Change-Id: I8ece2241cea3bf27a1fa7294b29703f56030f27f
 2021-04-29 21:42:50 +00:00
Oleg Matcovschi
963848fdaa sepolicy:gs101: allow init-insmod-sh to access sysfs_leds nodes 
Bug: 186788772
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: I9cc44571eb5c8f52d6307bff9cb77f08712c5404
 2021-04-29 14:34:55 -07:00
TreeHugger Robot
2c4b0fd96a Merge "change persist.camera to persit.vendor.camera" into sc-dev 2021-04-29 21:26:12 +00:00
Lida Wang
bb7ae85a0d change persist.camera to persit.vendor.camera 
Bug: 186670529
Change-Id: I3a6d4202ec2b90cc0ce9cc9ba62d2cf2ce3a5c29
 2021-04-29 13:18:01 -07:00
Anthony Stange
836f25d64b Update gs101 sepolicy for contexthub HAL 
Bug: 168941570
Test: Load nanoapp via HAL
Change-Id: If133a3290e4fc02677523d737980ee5944885c36
 2021-04-29 16:59:36 +00:00
TreeHugger Robot
0071fe0bc0 Merge "Add sepolicy for sensor HAL to read lhbm" into sc-dev am: 7a4cd3a6e0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14299201

Change-Id: I9bb9d0d61ba1cf7525c0231e5177318501c5d0ae
 2021-04-29 16:31:59 +00:00
TreeHugger Robot
7a4cd3a6e0 Merge "Add sepolicy for sensor HAL to read lhbm" into sc-dev 2021-04-29 15:48:15 +00:00
Taesoon Park
b6f2b0bad9 Remove platform certification from imsservice 
The platform certification is removed form com.shannon.imsservice.
So, remove seinfo from com.shannon.imsservice item.

Bug: 186135657
Test: VoLTE and VoWiFi

Signed-off-by: Taesoon Park <ts89.park@samsung.com>
Change-Id: Ie493abfd7a146766ad819bb7a5240d9f1e2f1d0e
 2021-04-29 11:28:08 +08:00
Chia-Ching Yu
3f91d6417a Add sepolicy for sensor HAL to read lhbm 
04-23 08:54:18.000   742   742 I /vendor/bin/hw/android.hardware.sensors@2.0-service.multihal: type=1400 audit(0.0:23): avc: denied { read } for comm=504F5349582074696D6572203430 name="local_hbm_mode" dev="sysfs" ino=70515 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_lhbm:s0 tclass=file permissive=1

Bug: 181617640
Test: Forrest build with this patch(ab/P22167685).
      No local_hbm_mode related avc deined log.
Change-Id: Ibac3317cbca8652885310b1f5af8f4ea4d44a5c4
 2021-04-29 03:00:19 +00:00
TreeHugger Robot
c17392b08c Merge "Fix android.hardware.drm@1.4-service.clearkey label" into sc-dev am: 7ecd67743c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14340676

Change-Id: I968ae5379dbe36e54eb931712083f969ead85522
 2021-04-28 23:10:56 +00:00
TreeHugger Robot
7ecd67743c Merge "Fix android.hardware.drm@1.4-service.clearkey label" into sc-dev 2021-04-28 22:26:38 +00:00
Victor Liu
e8b972be35 Merge "uwb: allow uwb service to access nfc service" into sc-dev am: 247097a000 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14281933

Change-Id: Ie088c98ae196ebc9982808b0140494c30618eb03
 2021-04-28 21:19:21 +00:00
Victor Liu
247097a000 Merge "uwb: allow uwb service to access nfc service" into sc-dev 2021-04-28 20:49:50 +00:00
Chris Fries
2d2adb3e56 Fix android.hardware.drm@1.4-service.clearkey label 
Bug: 186617617
Change-Id: Icad8008686ef57d4b6c3fca27af41e2b2991f74f
 2021-04-28 14:40:02 -05:00
Roger Fang
5ef9766dc6 sepolicy: gs101: allows pixelstat to access audio metrics nodes am: 66634d4d20 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14255523

Change-Id: Ic367dfd6c1e4e43a43dd4327337faa4ca124685b
 2021-04-28 08:54:23 +00:00
Roger Fang
66634d4d20 sepolicy: gs101: allows pixelstat to access audio metrics nodes 
audio.service: type=1400 audit(0.0:30): avc: denied { read write } for name="amcs" dev="tmpfs" ino=739 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:amcs_device:s0 tclass=chr_file permissive=0

pixelstats-vend: type=1400 audit(0.0:9): avc: denied { read } for name="speaker_impedance" dev="sysfs" ino=67611 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

HwBinder:696_2: type=1400 audit(0.0:8): avc: denied { open } for path="/dev/amcs" dev="tmpfs" ino=766 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:amcs_device:s0 tclass=chr_file permissive=0

Bug: 171854614
Test: manually test, no avc: denied.
Change-Id: I82ebd22f167200ab3cf59e6525ef43c0be8f722a
 2021-04-28 10:52:06 +08:00
TreeHugger Robot
0df634be79 Merge "Add sepolicy for wlan logger and sniffer logger" into sc-dev am: d60ae7dfed 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14299186

Change-Id: Ifbb5f94a5658a0a61b2d16411752f7975ae63ef1
 2021-04-28 02:23:38 +00:00
TreeHugger Robot
7cef5be775 Merge "Grant powerhal access to sysfs_devfreq_dir" into sc-dev am: 68bbf709c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14329748

Change-Id: I195b2997f64f968f79306241a94b57c4d68b1b84
 2021-04-28 02:21:53 +00:00
TreeHugger Robot
d60ae7dfed Merge "Add sepolicy for wlan logger and sniffer logger" into sc-dev 2021-04-28 02:12:26 +00:00
TreeHugger Robot
68bbf709c2 Merge "Grant powerhal access to sysfs_devfreq_dir" into sc-dev 2021-04-28 02:03:58 +00:00
Jia-yi Chen
09d5fc647d Grant powerhal access to sysfs_devfreq_dir 
Bug: 186576303
Test: Boot & check logcat
Change-Id: Ia07991c3a8a7dfd8388a228fbdec1f28d2f5b4c3
 2021-04-27 16:16:02 -07:00
chiayupei
3fefc8a57b Add sepolicy for sensor HAL accessing AOC sysfs node. 
Bug: 177943509
Test: make selinux_policy -j128 and push to device.
      No hal_sensors_default related avc deined log while suez polling.

Signed-off-by: chiayupei <chiayupei@google.com>
Change-Id: Ie32eaccf551fcb9f2d7bc763c801891f637ccc1a
 2021-04-28 03:50:26 +08:00
chenpaul
920b0e11a9 Add sepolicy for wlan logger and sniffer logger 
Bug: 186069127
Test: Sniffer logger can be start by Pixel Logger app
      wlan logger is workable.
Change-Id: I1e7a75a08de37668316b06e066c080e837d7896b
 2021-04-27 19:37:28 +08:00
TreeHugger Robot
5c94d31dc9 Merge "update wakeup node" into sc-dev am: 27c30c1cc6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14319145

Change-Id: Ife4d984e68a5f6b29cd28d6c0a07c0f57e5d0205
 2021-04-27 10:13:09 +00:00