Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
283 commits 1 branch 0 tags 494 MiB
Commit graph

15 commits

Author SHA1 Message Date
Eddie Tashjian
5bbdd82a4e Merge "Add TCP dump permissions." into sc-dev 2021-04-08 18:25:30 +00:00
Craig Dooley
cd888e847f Merge "Fix SELinux errors with aocd" into sc-dev 2021-04-08 17:27:56 +00:00
Craig Dooley
3d4d9159c9 Fix SELinux errors with aocd 
Add inotify support for /dev
Fix the aoc vendor property

Bug: 184173298
Change-Id: I40a71edd56b2d51f848085c43ae1d10a4c2c0c4b
 2021-04-08 03:59:23 +00:00
Eddie Tashjian
b2fb9cdace Add TCP dump permissions. 
Copy selinux policy for tcp dump binary from previous Pixel to support
TCP logging on P21 through PixelLogger.

Bug: 184777243
Test: Check PixelLogger TCP dump works.
Change-Id: Id958c8a3e6375a7aae569d6fc94deb9f8072b57b
 2021-04-08 03:13:55 +00:00
Yabin Cui
05825886f4 Move vendor_kernel_modules to public. 
Bug: 166559473
Bug: 183135316
Test: build
Change-Id: Ib62080d3d12aa197571a0697c17f6fd5d981d653
 2021-04-06 21:46:27 +00:00
Wei Wang
852d1dc3c1 Grant GPU and Fabric node access 
Bug: 183626384
Test: boot
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ibb700110795f81a2da4358352111f61ef987c29b
 2021-04-02 14:22:37 -07:00
Oleg Matcovschi
6862b8e239 vendor: remove sscoredump policies 
Bug: 180760068
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: Ib8d360b227286bdea7de00125ef2ed6ad7978e67
 2021-03-28 21:26:34 -07:00
Steven Liu
c6eca53b9e Add sepolicy for the wifi firmware config OTA feature 
Bug: 177083009
Test: the OTA updated files can be updated and applied.
Change-Id: I2f269dbc146aae41cab57abd568af7e26fd23876
 2021-03-24 06:59:08 -07:00
Adam Shih
7314a7b522 permissions required for OTA 
Bug: 183174452
Test: do OTA under enforcing mode
Change-Id: I0edf7703713e24351f57ef0e68096ca03c59e6f8
 2021-03-23 09:49:02 +08:00
George Lee
9c3d77d088 power: Add policy to access sysfs_bcl 
Bug: 180620276
Test: adb bugreport
dumpstate_board.txt shows:
------ BCL (/sys/devices/virtual/pmic/mitigation/triggered_stats) ------
Source    	Count	Last Triggered	Last SOC	Last Voltage
smpl_warn      	0	0		0		0
ocp_cpu1       	0	0		0		0
ocp_cpu2       	0	0		0		0
soft_ocp_cpu1  	0	0		0		0
soft_ocp_cpu2  	0	0		0		0
ocp_tpu        	0	0		0		0
soft_ocp_tpu   	0	0		0		0
pmic_120c      	0	0		0		0
pmic_140c      	0	0		0		0
pmic_overheat  	0	0		0		0
ocp_gpu        	0	0		0		0
soft_ocp_gpu   	0	0		0		0

------ IF PMIC (/sys/devices/virtual/pmic/max77759-mitigation/triggered_stats) ------
Source    	Count	Last Triggered	Last SOC	Last Voltage
VDROOP1        	0	0		0		0
VDROOP2        	0	0		0		0
BATOILO        	0	0		0		0

Signed-off-by: George Lee <geolee@google.com>
Change-Id: If7874e19b8202175071d474502e77748168565ce
 2021-03-19 02:56:32 +00:00
Wen Chang Liu
e72c30346f Merge changes Ie0ed96d7,Id7f43fe1 into sc-dev 
* changes:
  Add sepolicy for BigOcean device
  Add sepolicy for MFC device
 2021-03-12 05:41:08 +00:00
wenchangliu
b52121a259 Add sepolicy for MFC device 
- Add sysfs_video type for mfc device
- Allow mediacode to access sysfs_video

avc: denied { read } for name="name" dev="sysfs" ino=62278 \
scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \
tclass=file permissive=1

avc: denied { open } for path="/sys/devices/platform/mfc/video4linux/video7/name" \
dev="sysfs" ino=62278 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \
tclass=file permissive=1

avc: denied { getattr } for path="/sys/devices/platform/mfc/video4linux/video7/name" \
dev="sysfs" ino=62278 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \
tclass=file permissive=1

avc: denied { read } for name="name" dev="sysfs" ino=62230 \
scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \
tclass=file permissive=1

avc: denied { open } for path="/sys/devices/platform/mfc/video4linux/video6/name" \
dev="sysfs" ino=62230 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \
tclass=file permissive=1

avc: denied { getattr } for path="/sys/devices/platform/mfc/video4linux/video6/name" \
dev="sysfs" ino=62230 scontext=u:r:mediacodec:s0 tcontext=u:object_r:sysfs:s0 \
tclass=file permissive=1

Bug: 172173484
Test: video playback / camera recording with enforcing mode
Change-Id: Id7f43fe11c9ed089067f43a50d7f765df873d6c6
 2021-03-12 10:51:41 +08:00
Eddie Tashjian
78cd6eb78e Add selinux policies for mounted modem parition 
Bug: 178980032
Bug: 178979986
Bug: 179198083
Bug: 179198085
Bug: 178980065

Test: Check selinux denials
Change-Id: I7f826442d1536946d0e84aadfd80f679c0f4d6da
 2021-03-11 10:16:27 +00:00
SalmaxChang
4d87bc0f2a cbd: Fix avc errors 
avc: denied { write } for comm="cbd" name="ssrdump" dev="dm-9" ino=284 scontext=u:r:cbd:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir
avc: denied { add_name } for comm="cbd" name="crashinfo_modem_2021-03-02_10-57-06.txt" scontext=u:r:cbd:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir
avc: denied { write } for comm="sh" name="image" dev="dm-9" ino=231 scontext=u:r:cbd:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir
avc: denied { read } for comm="cbd" name="u:object_r:radio_prop:s0" dev="tmpfs" ino=206 scontext=u:r:cbd:s0 tcontext=u:object_r:radio_prop:s0 tclass=file
avc: denied { search } for comm="cbd" name="/" dev="sda15" ino=2 scontext=u:r:cbd:s0 tcontext=u:object_r:persist_file:s0 tclass=dir
avc: denied { syslog_read } for comm="cbd" scontext=u:r:cbd:s0 tcontext=u:r:kernel:s0 tclass=system

Bug: 179198083
Bug: 178331928
Bug: 171267363
Change-Id: I8a89e360e6d614ad76ed2eb78467fcbedf1ea0ce
 2021-03-08 06:00:45 +00:00
Robin Peng
5009efa776 Move slider-sepolicy into gs101-sepolicy 
from: 71e609c24c97fc8d44843af30527cbeb90d5dcdf

Bug: 167996145
Change-Id: Ie00e7e0983a3ca695bbd5140c929d07a80144301
 2021-03-06 16:15:39 +08:00