Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2766 commits 1 branch 0 tags 494 MiB
Commit graph

2766 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sam Ou
5529a1f44b Merge "Move ODPM file rule to pixel sepolicy" into tm-dev am: de81154964 am: 0f7d68a9b1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17215583

Change-Id: I2c343dd3160802f3b415785305df8922a03f69d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 02:59:43 +00:00
Sam Ou
0f7d68a9b1 Merge "Move ODPM file rule to pixel sepolicy" into tm-dev am: de81154964 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17215583

Change-Id: I5043f68a22d8887a0105613bf848edf7655b776c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 02:38:48 +00:00
Sam Ou
de81154964 Merge "Move ODPM file rule to pixel sepolicy" into tm-dev 2022-04-06 02:09:38 +00:00
Xin Li
2ee23c3894 [automerger skipped] Merge Android 12 QPR3 ab/8391262 am: 815b133c28 -s ours am: 4295b8c5bb -s ours am: 6c7329e78a -s ours am: f43a918617 -s ours 
am skip reason: Merged-In I1ae4b99a9fa4fc95f96ee1f36dc500f453653ca7 with SHA-1 24b4d1b601 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17543362

Change-Id: I6c38baa51c6733424393b0e1d0a17722d2330bcb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-03 09:08:53 +00:00
Xin Li
f43a918617 [automerger skipped] Merge Android 12 QPR3 ab/8391262 am: 815b133c28 -s ours am: 4295b8c5bb -s ours am: 6c7329e78a -s ours 
am skip reason: Merged-In I1ae4b99a9fa4fc95f96ee1f36dc500f453653ca7 with SHA-1 24b4d1b601 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17543362

Change-Id: I2b05cb9279ab108de85891cbe7136c228ac04203
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-03 08:31:00 +00:00
Xin Li
6c7329e78a [automerger skipped] Merge Android 12 QPR3 ab/8391262 am: 815b133c28 -s ours am: 4295b8c5bb -s ours 
am skip reason: Merged-In I1ae4b99a9fa4fc95f96ee1f36dc500f453653ca7 with SHA-1 24b4d1b601 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17543362

Change-Id: Iccd31c0bb403d722d24d093730327b024e4342ec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-03 07:43:50 +00:00
Xin Li
4295b8c5bb [automerger skipped] Merge Android 12 QPR3 ab/8391262 am: 815b133c28 -s ours 
am skip reason: Merged-In I1ae4b99a9fa4fc95f96ee1f36dc500f453653ca7 with SHA-1 24b4d1b601 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17543362

Change-Id: I3183293f6ba3e1858233ce35170f935f3b03c1ff
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-03 07:11:50 +00:00
Xin Li
815b133c28 Merge Android 12 QPR3 ab/8391262 
Bug: 226662282
Merged-In: I1ae4b99a9fa4fc95f96ee1f36dc500f453653ca7
Change-Id: Iccdf8b6a16f1d7a9ae0c9fd8cab14c5c55c6e64a
 2022-04-01 20:32:12 +00:00
sukiliu
8b54c6753c Update avc error on ROM 8386107 am: ed3ac0623b am: d7abffceca 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17517644

Change-Id: Ic650313da25833cee20c6b069d5485109df2ba5b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 02:04:26 +00:00
sukiliu
d7abffceca Update avc error on ROM 8386107 am: ed3ac0623b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/17517644

Change-Id: Ic4e6b3a1a98a25ade5cc21f8d47cde370037ef95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 01:34:47 +00:00
sukiliu
ed3ac0623b Update avc error on ROM 8386107 
Bug: 226717475
Test: PtsSELinuxTestCases
Change-Id: Ia366a4ad0f193858960b7c5df34096bd2d4eada5
 2022-03-31 15:48:04 +08:00
chungkai
de44d766e4 sched: move sysfs to procfs 
Modify name from sysfs_vendor_sched to proc_vendor_sched

Test: without avc denial
Bug: 216207007
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ic113b2d8ee1d3ae1ced9985636b17ef1e7657a84
 2022-03-29 09:43:32 +00:00
KRIS CHEN
572a8a3372 Merge "Allow hal_fingerprint_default to access sysfs_display" into tm-dev 2022-03-29 01:39:34 +00:00
Darren Hsu
2650d53059 Allow hal_power_stats to read sysfs_aoc_dumpstate am: f11f53a3ae am: a0592e36d2 am: 24b4d1b601 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2044864

Change-Id: Iacfa20c771905827c1299527dc2c66646ae18506
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 08:41:17 +00:00
Darren Hsu
24b4d1b601 Allow hal_power_stats to read sysfs_aoc_dumpstate am: f11f53a3ae am: a0592e36d2 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2044864

Change-Id: I1ae4b99a9fa4fc95f96ee1f36dc500f453653ca7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 08:17:33 +00:00
Darren Hsu
a0592e36d2 Allow hal_power_stats to read sysfs_aoc_dumpstate am: f11f53a3ae 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2044864

Change-Id: I3b5f155658676081c3248e67ee512c1ce301ab07
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-03-28 07:51:38 +00:00
Chris Kuiper
dfcef044a2 Merge "Allow Sensor HAL access to display sysfs panel_name file." into tm-dev 2022-03-25 16:49:40 +00:00
Kris Chen
3df0d7812b Allow hal_fingerprint_default to access sysfs_display 
Fix the following avc denial:
avc: denied { read } for name="panel_name" dev="sysfs" ino=71133 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=0

Bug: 223687187
Test: build and test fingerprint on device.
Change-Id: Ic2b2cadb97f36643b79de6a8ebfe2232093fe7d7
 2022-03-25 14:53:53 +08:00
Darren Hsu
f11f53a3ae Allow hal_power_stats to read sysfs_aoc_dumpstate 
avc: denied { read } for comm="android.hardwar" name="restart_count"
dev="sysfs" ino=72823 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs_aoc_dumpstate:s0 tclass=file permissive=0

Bug: 226173008
Test: check bugreport without avc denials
Change-Id: Ife3a7e00a1ffbcbed7fd8b744f2ac8910931a5fb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-25 11:19:20 +08:00
Chris Kuiper
28ddd3bf9f Allow Sensor HAL access to display sysfs panel_name file. 
Bug: 208926536
Test: Accessed the display sysfs from sensor HAL correctly.
Change-Id: Ide86813de20a1240f8ac55322b017329f30b296e
 2022-03-24 17:55:43 -07:00
Darren Hsu
22def09e8a Allow hal_power_stats to read sysfs_aoc_dumpstate 
avc: denied { read } for comm="android.hardwar" name="restart_count"
dev="sysfs" ino=72823 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs_aoc_dumpstate:s0 tclass=file permissive=0

Bug: 226173008
Test: check bugreport without avc denials
Change-Id: Iccd8e4475ba6055d07aedc43de72bd39e6674469
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-24 14:53:24 +08:00
Stephane Lee
282c77a88f Fix off-mode (charger) sepolicy for the health interface am: 84a06151a3 am: c35357078d am: 620e6038e2 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2039624

Change-Id: I1da177501cfa887962e7a8133e4b568db9624025
 2022-03-24 05:14:06 +00:00
Jack Wu
6abc9f674c [automerger skipped] sepolicy: gs101: fix charger_vendor permission denied am: b67138e8ae am: 28efee70de am: d43cfef11c -s ours 
am skip reason: Merged-In I091dbbca35fb833e59fdbc234d74b90bfe74014c with SHA-1 dcb05d1377 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2039623

Change-Id: I01702f92f112bd722cfe3852af74aa79bfaaecef
 2022-03-24 05:14:05 +00:00
Stephane Lee
620e6038e2 Fix off-mode (charger) sepolicy for the health interface am: 84a06151a3 am: c35357078d 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2039624

Change-Id: Ia59f2cdb6b014a802edad3b76f135a69c21002e9
 2022-03-24 04:37:58 +00:00
Jack Wu
d43cfef11c sepolicy: gs101: fix charger_vendor permission denied am: b67138e8ae am: 28efee70de 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2039623

Change-Id: I1802a01e50797f41a63ba0073f5f032a8d49939b
 2022-03-24 04:37:57 +00:00
Stephane Lee
c35357078d Fix off-mode (charger) sepolicy for the health interface am: 84a06151a3 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2039624

Change-Id: Ia2c26cc56c09a535aae2d7b4e8e46ff77b79616e
 2022-03-24 04:06:54 +00:00
Jack Wu
28efee70de sepolicy: gs101: fix charger_vendor permission denied am: b67138e8ae 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2039623

Change-Id: I70510310fad5fb164c3a420685fbad7c1e1e1e71
 2022-03-24 04:06:53 +00:00
Stephane Lee
84a06151a3 Fix off-mode (charger) sepolicy for the health interface 
Bug: 223537397
Test: Ensure that there are no selinux errors for sysfs_batteryinfo in
   off-mode charging

Change-Id: I46fa1b7552eb0655d0545538142131465a337f23
Merged-In: I46fa1b7552eb0655d0545538142131465a337f23
 2022-03-23 11:30:31 -07:00
Jack Wu
b67138e8ae sepolicy: gs101: fix charger_vendor permission denied 
[   27.025458][  T443] type=1400 audit(1644391560.640:11): avc: denied { search } for comm="android.hardwar" name="vendor" dev="tmpfs" ino=2 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=0
[   26.563658][  T447] type=1400 audit(1644397622.588:5): avc: denied { search } for comm="android.hardwar" name="/" dev="sda1" ino=2 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=0
[   27.198144][  T442] type=1400 audit(1644398156.152:5): avc: denied { search } for comm="android.hardwar" name="battery" dev="sda1" ino=12 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=dir permissive=0
[   27.327035][  T443] type=1400 audit(1644398785.276:5): avc: denied { read } for comm="android.hardwar" name="defender_active_time" dev="sda1" ino=17 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=file permissive=0
[   27.355009][  T443] type=1400 audit(1644398785.276:6): avc: denied { write } for comm="android.hardwar" name="defender_charger_time" dev="sda1" ino=16 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=file permissive=0
[   26.771705][  T444] type=1400 audit(1644379988.804:4): avc: denied { read } for comm="android.hardwar" name="specification_version" dev="sysfs" ino=56257 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0
[   27.898684][  T445] type=1400 audit(1644392754.928:8): avc: denied { read } for comm="android.hardwar" name="thermal_zone6" dev="sysfs" ino=15901 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=lnk_file permissive=0
[   29.180076][  T447] type=1400 audit(1644397625.200:9): avc: denied { write } for comm="android.hardwar" name="mode" dev="sysfs" ino=15915 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=0
[   27.043845][  T444] type=1400 audit(1644379988.808:9): avc: denied { search } for comm="android.hardwar" name="thermal" dev="tmpfs" ino=899 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=0
[   27.064916][  T444] type=1400 audit(1644379988.808:10): avc: denied { read } for comm="android.hardwar" name="u:object_r:vendor_battery_defender_prop:s0" dev="tmpfs" ino=306 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=file permissive=0
[   27.356266][  T444] type=1107 audit(1644404450.376:4): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.battery.defender.state pid=457 uid=1000 gid=1000 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=property_service permissive=0'

Bug: 218485039
Test: manually test, no avc: denied
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: I091dbbca35fb833e59fdbc234d74b90bfe74014c
Merged-In: I091dbbca35fb833e59fdbc234d74b90bfe74014c
 2022-03-23 11:27:45 -07:00
Roshan Pius
3ffd8035a2 gs-policy: Remove obsolete uwb vendor service rules 
This service no longer exists in the UCI stack.

Bug: 186585880
Test: Manual UWB tests
Change-Id: I198a20f85cb24f9e38035fa037609d6541640d9e
 2022-03-21 09:19:16 -07:00
Armelle Laine
fcc7d1dbae [automerger skipped] Merge changes from topic "trusty-dsu_fix-sc-qpr3" into sc-v2-dev-plus-aosp am: 92707e72ab -s ours 
am skip reason: Merged-In I86055dd5601f8c2899d28f29bdfcb4dcb9b90d1b with SHA-1 b69ac35ff0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16727208

Change-Id: I485b582f2dd3df1d6c9f25e3df31094e82e8bfc0
 2022-03-18 04:31:42 +00:00
Stephen Crane
8a0cbfea6d [automerger skipped] [automerged blank] Allow TEE storageproxyd permissions needed for DSU handling 2p: b9beafc9fa am: e48d11c26c -s ours 
am skip reason: Merged-In I86055dd5601f8c2899d28f29bdfcb4dcb9b90d1b with SHA-1 b69ac35ff0 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16727208

Change-Id: I4e9ded6165f8e1db1aed145f8156347de70d5e73
 2022-03-18 04:31:40 +00:00
Armelle Laine
92707e72ab Merge changes from topic "trusty-dsu_fix-sc-qpr3" into sc-v2-dev-plus-aosp 
* changes:
  [automerged blank] Allow TEE storageproxyd permissions needed for DSU handling 2p: b9beafc9fa
  Allow TEE storageproxyd permissions needed for DSU handling
 2022-03-18 04:14:36 +00:00
Darren Hsu
61e944b081 sepolicy: reorder genfs labels for system suspend am: 2018f942a7 am: 83e88065fc am: 186f2306d7 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2026063

Change-Id: Ieebbc5aafe7ddabe3560310dd599573d0ced3caf
 2022-03-17 04:54:29 +00:00
Darren Hsu
186f2306d7 sepolicy: reorder genfs labels for system suspend am: 2018f942a7 am: 83e88065fc 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2026063

Change-Id: I732b1d982c15846e2b9ae1365894b4d0ea0f424f
 2022-03-17 03:55:26 +00:00
Darren Hsu
83e88065fc sepolicy: reorder genfs labels for system suspend am: 2018f942a7 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2026063

Change-Id: Ic1a74c930cc6ade12dc6ea7a42f9ed347a491c95
 2022-03-17 02:49:16 +00:00
samou
753edef5f6 Move ODPM file rule to pixel sepolicy 
Bug: 213257759
Change-Id: Ic9a89950a609efe5434dfedc0aa023312c4192d9
 2022-03-16 06:05:52 +00:00
Darren Hsu
2018f942a7 sepolicy: reorder genfs labels for system suspend 
Bug: 223683748
Test: check bugreport without relevant avc denials
Change-Id: I66ede69d94bb3cb1a446e1cd5f3250b6f9b7f7e9
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-15 11:48:39 +08:00
TreeHugger Robot
e4dfe23d99 Merge "sepolicy: reorder genfs labels for system suspend" into tm-dev 2022-03-15 02:52:34 +00:00
TreeHugger Robot
85f293ab62 Merge "gs-sepolicy(uwb): Changes for new UCI stack" into tm-dev 2022-03-14 16:09:09 +00:00
TeYuan Wang
6052118e99 Move libperfmgr thermal rules to pixel-sepolicy am: f7aba10674 am: fe826745b3 am: faec59da79 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2020535

Change-Id: I44c643184de6294c407c9fc1670b0631faac3e45
 2022-03-14 06:22:59 +00:00
TeYuan Wang
faec59da79 Move libperfmgr thermal rules to pixel-sepolicy am: f7aba10674 am: fe826745b3 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2020535

Change-Id: I919c688388bcd8cc320068f6139432b58b3f0ea4
 2022-03-14 06:02:51 +00:00
TeYuan Wang
fe826745b3 Move libperfmgr thermal rules to pixel-sepolicy am: f7aba10674 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2020535

Change-Id: Ie191a767c8b3450df75a37e36deebf5f20242575
 2022-03-14 05:40:21 +00:00
TeYuan Wang
f7aba10674 Move libperfmgr thermal rules to pixel-sepolicy 
Bug: 213257759
Bug: 188579571
Test: build
Change-Id: I9893d53055594bfb4e4dba3d68b53f0fe132617d
 2022-03-10 21:28:33 +08:00
Kris Chen
9b54bf3665 Allow hal_fingerprint_default to access fwk_sensor_hwservice 
Fix the following avc denial:
avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_fingerprint_default:s0 pid=1258 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 197789721
Test: build and test fingerprint on device.
Change-Id: I7494f28e69e5a1b660dc7fbaa528b1088048723b
 2022-03-10 16:53:22 +08:00
TreeHugger Robot
a1f73d0faa Merge "Update avc error on ROM 8276520" into tm-dev 2022-03-10 02:40:10 +00:00
Darren Hsu
44fcba7efd sepolicy: reorder genfs labels for system suspend 
Bug: 223683748
Test: check bugreport without relevant avc denials
Change-Id: I66ede69d94bb3cb1a446e1cd5f3250b6f9b7f7e9
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-10 09:19:31 +08:00
Michael Eastwood
ecb7a69d78 Merge "Update SELinux policy to allow camera HAL to send Perfetto trace packets" am: 82a110ba3b am: a45d075fd0 am: ada03db5e0 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2016899

Change-Id: Ic6e51b5ea87b5d682f406a9711d39d80c4b29a9c
 2022-03-09 18:55:19 +00:00
Michael Eastwood
ada03db5e0 Merge "Update SELinux policy to allow camera HAL to send Perfetto trace packets" am: 82a110ba3b am: a45d075fd0 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2016899

Change-Id: I2b73c3f4576a4f42f76afbf7b8e75fd3be838107
 2022-03-09 18:32:59 +00:00
Michael Eastwood
a45d075fd0 Merge "Update SELinux policy to allow camera HAL to send Perfetto trace packets" am: 82a110ba3b 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2016899

Change-Id: I55cfbec1df5a5b3952e02875860d25db44b64b98
 2022-03-09 18:00:28 +00:00