Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4550 commits 1 branch 0 tags 494 MiB
Commit graph

4550 commits

This branch
This branch
All branches
Author SHA1 Message Date
Wilson Sung
855cd95dce Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 340723222
Bug: 340723303
Bug: 340723030
Test: scanBugreport
Bug: 340723303
Bug: 340722537
Bug: 340723222
Bug: 340722772
Test: scanAvcDeniedLogRightAfterReboot
Bug: 340723303
Bug: 340723030
Bug: 340723222
Change-Id: I91df897d8ae7d8e4b1b49a7eb20f6bb5fe99755c
 2024-05-15 03:50:37 +00:00
KRIS CHEN
b4c75c1767 Merge "Allow fingerprint to access the folder /data/vendor/fingerprint" into main 2024-05-08 08:46:30 +00:00
chenkris
44f0166eb6 Allow fingerprint to access the folder /data/vendor/fingerprint 
Fix the following avc denial:
android.hardwar: type=1400 audit(0.0:20): avc:  denied  { write } for  name="fingerprint" dev="dm-56" ino=36703 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 267766859
Test: Tested fingerprint under enforcing mode
Change-Id: Id3f00d526dbe044f60aad2198fa65fbe3b6b2c60
 2024-05-08 06:48:55 +00:00
Enzo Liao
db1807eb1e [automerger skipped] Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. am: 9df205d57f -s ours 
am skip reason: Merged-In I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf with SHA-1 b0daa90c01 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/27046800

Change-Id: I5160dde7d03a1fa534106dc07eabc90acdb28d1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-26 08:08:34 +00:00
Enzo Liao
9df205d57f Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b0daa90c01a3f377715524c91392fe80c9aa5800)
Merged-In: I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf
Change-Id: I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf
 2024-04-26 02:15:43 +00:00
Spade Lee
aa51b497d6 [automerger skipped] pixelstats_vendor: add logbuffer_device r_file_perms am: 2034e36abb -s ours 
am skip reason: Merged-In I2c6069f43d17114f937657724dc34e43cf3d48fe with SHA-1 66d3a4ef4e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/27096075

Change-Id: I76023c2f8df9b07f8cad4bf3e3d83f0eef04fa2b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-25 08:20:28 +00:00
Spade Lee
2034e36abb pixelstats_vendor: add logbuffer_device r_file_perms 
avc: denied { read } for name="logbuffer_maxfg_monitor" dev="tmpfs" ino=1034 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=0

Bug: 329174074
Test: no denied log, and able to read logbuffer in pixelstats_vendor
Signed-off-by: Spade Lee <spadelee@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:66d3a4ef4e33553862de92119cd2345b777df1f6)
Merged-In: I2c6069f43d17114f937657724dc34e43cf3d48fe
Change-Id: I2c6069f43d17114f937657724dc34e43cf3d48fe
 2024-04-25 06:10:20 +00:00
Wilson Sung
6746f8920e [automerger skipped] Update SELinux error am: 5e8b518a77 am: 371efbbd49 -s ours 
am skip reason: Merged-In I5ef59058c7c7487a8a9cb238767e019631c5ac63 with SHA-1 89224de0eb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3059165

Change-Id: Ic9d6954a344d41aa4fd9bed0ba6cef6304b91d1f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-24 22:46:14 +00:00
Wilson Sung
371efbbd49 Update SELinux error am: 5e8b518a77 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3059165

Change-Id: I9e3fee37647dd0ee706e85ea35d96f68ae2fe1ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-24 22:16:34 +00:00
Wilson Sung
5e8b518a77 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 329380904
Merged-In: I5ef59058c7c7487a8a9cb238767e019631c5ac63
Change-Id: I5ef59058c7c7487a8a9cb238767e019631c5ac63
 2024-04-24 13:37:22 -07:00
Pablo Gamito
46c7063452 Revert "Remove donotaudit line for b/277155042" am: 6750917d2b am: d7cda09653 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3048618

Change-Id: I41348026047641edee9d894d4d665bc23b13dbea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-19 21:33:13 +00:00
Pablo Gamito
d7cda09653 Revert "Remove donotaudit line for b/277155042" am: 6750917d2b 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3048618

Change-Id: I8181ceda2a88a9f943cf1374e9fad8f1839f9eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-19 21:13:55 +00:00
Pablo Gamito
6750917d2b Revert "Remove donotaudit line for b/277155042" 
This reverts commit f1baab0530.

Fixes: 331693615
Reason for revert: b/331693615

Change-Id: I32d6dc1e1b89b430d34da6909590367defd0af9d
 2024-04-19 10:48:29 +00:00
Enzo Liao
637291fe10 Merge "Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common." into main 2024-04-11 02:03:26 +00:00
Enzo Liao
b0daa90c01 Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
Change-Id: I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf
 2024-04-08 19:37:33 +08:00
Spade Lee
45d1beda4a sepolicy: allow kernel to search vendor debugfs am: bddc287c10 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/26762105

Change-Id: I7533cb34050e307deceb40dcf48533ce692c4087
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-03 04:24:44 +00:00
Spade Lee
bddc287c10 sepolicy: allow kernel to search vendor debugfs 
audit: type=1400 audit(1710259012.824:4): avc:  denied  { search } for  pid=128 comm="kworker/3:1" name="max77779fg" dev="debugfs" ino=24204 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
audit: type=1400 audit(1710427790.680:2): avc:  denied  { search } for  pid=10 comm="kworker/u16:1" name="gvotables" dev="debugfs" ino=10582 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_votable_debugfs:s0 tclass=dir permissive=1
audit: type=1400 audit(1710427790.680:3): avc:  denied  { search } for  pid=211 comm="kworker/u16:4" name="google_charger" dev="debugfs" ino=16673 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_charger_debugfs:s0 tclass=dir permissive=1

Bug: 328016570
Bug: 329317898
Test: check all debugfs folders are correctly mounted
Change-Id: I13ef8c4d9b0f84a8641cfbe12a7b5cf89a97d3da
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-04-02 07:35:39 +00:00
kadirpili
ec6f15d812 gs101: telephony property for cbd 
Bug: 316817111
Change-Id: Idf85b27d755cff0fb5fffb088d13b105c25beb3b
 2024-03-27 07:35:01 +00:00
Hungyen Weng
3a2d59d8a9 Allow modem_svc to access modem files and perfetto 
Bug: 331147031
Bug: 330730987

Test: Confirmed that modem_svc is able to access token db files in modem partition
Test: Confiemed that modem_svc can send traces to perfetto
Test: Confirmed v2/pixel-health-guard/device-boot-health-check-extra has no modem_svc avc denials.

Change-Id: I5fabd3177c758be533ca8bdef3cb3305afd6a5a6
 2024-03-25 22:15:19 +00:00
Treehugger Robot
883cf12320 Merge "Update SELinux error" into main 2024-03-25 13:42:12 +00:00
Pablo Gamito
f2a869d688 Remove donotaudit line for b/277155042 am: f1baab0530 am: 96fd92b050 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3009455

Change-Id: I19af3da60141ab46ca404d1f5a2de98753805469
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-25 09:28:27 +00:00
Pablo Gamito
96fd92b050 Remove donotaudit line for b/277155042 am: f1baab0530 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3009455

Change-Id: Ib3a8219b620cdb59e384f4e7d83299369ab9bc0a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-25 09:13:06 +00:00
Ján Sebechlebský
3568f1c1e3 Merge "Remove virtual_camera dumpstate denial entry from bug_map" into main 2024-03-25 09:00:43 +00:00
Jan Sebechlebsky
27e4e3cd9d Remove virtual_camera dumpstate denial entry from bug_map 
Fix: 312894628
Test: N/A
Change-Id: Ia31780377ef121b9347eace64af470926220524b
 2024-03-25 09:00:07 +00:00
Pablo Gamito
f1baab0530 Remove donotaudit line for b/277155042 
Since this bug is now fixed

Fixes: 277155042
Test: scanBugreport
Change-Id: If2fdbcbd0b0c0edbcc6824235bbfc561e0f43378
 2024-03-25 08:55:20 +00:00
Wilson Sung
629dd3eaf9 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 331147031
Change-Id: I098aab7a986a8b2c659c006f50b5dade74ebcb5b
 2024-03-25 07:56:34 +00:00
Spade Lee
9b44bbebe8 Merge "pixelstats_vendor: add logbuffer_device r_file_perms" into main 2024-03-22 07:30:31 +00:00
Spade Lee
66d3a4ef4e pixelstats_vendor: add logbuffer_device r_file_perms 
avc: denied { read } for name="logbuffer_maxfg_monitor" dev="tmpfs" ino=1034 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=0

Bug: 329174074
Test: no denied log, and able to read logbuffer in pixelstats_vendor
Change-Id: I2c6069f43d17114f937657724dc34e43cf3d48fe
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-03-21 00:29:41 +00:00
Spade Lee
9ddb9bab3d sepolicy: allow kernel to search vendor debugfs 
audit: type=1400 audit(1710259012.824:4): avc:  denied  { search } for  pid=128 comm="kworker/3:1" name="max77779fg" dev="debugfs" ino=24204 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
audit: type=1400 audit(1710427790.680:2): avc:  denied  { search } for  pid=10 comm="kworker/u16:1" name="gvotables" dev="debugfs" ino=10582 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_votable_debugfs:s0 tclass=dir permissive=1
audit: type=1400 audit(1710427790.680:3): avc:  denied  { search } for  pid=211 comm="kworker/u16:4" name="google_charger" dev="debugfs" ino=16673 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_charger_debugfs:s0 tclass=dir permissive=1

Bug: 328016570
Bug: 329317898
Test: check all debugfs folders are correctly mounted
Change-Id: I13ef8c4d9b0f84a8641cfbe12a7b5cf89a97d3da
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-03-20 18:18:07 +00:00
Wilson Sung
89224de0eb Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 329380904
Change-Id: I5ef59058c7c7487a8a9cb238767e019631c5ac63
 2024-03-18 03:24:54 +00:00
Thiébaud Weksteen
aa08862f13 [automerger skipped] Remove persist.bootanim.color property definitions am: d3db02a5c3 am: 5b4150791c -s ours 
am skip reason: Merged-In Iafe8da5e19a43807aed49e1984ef798de396e723 with SHA-1 dbac8fd52f is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2994313

Change-Id: I2c1acad2c469347dfda3cdbb652b6e3fac1ddcd8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-12 06:40:17 +00:00
Thiébaud Weksteen
5b4150791c Remove persist.bootanim.color property definitions am: d3db02a5c3 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2994313

Change-Id: I13c9f21d5c43af8307f4f0f72671daf16109f363
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-12 05:57:12 +00:00
Thiébaud Weksteen
d3db02a5c3 Remove persist.bootanim.color property definitions 
These now belong to the platform policy.

Bug: 321088135
Test: build
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:dbac8fd52fbe391d0a27b35a803b212ecba8f278)
Merged-In: Iafe8da5e19a43807aed49e1984ef798de396e723
Change-Id: Iafe8da5e19a43807aed49e1984ef798de396e723
 2024-03-08 01:38:00 +00:00
Xin Li
dcd436edf2 [automerger skipped] Merge Android 14 QPR2 to AOSP main am: 1a5459b192 -s ours am: ca2a6b61b3 -s ours 
am skip reason: Merged-In Ifb5d71336bd21aa8d8de377bf128758240ce1206 with SHA-1 1911f171f7 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2990661

Change-Id: Ifc8052860154b4561598ac529f48ddde771c10cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-07 10:46:43 +00:00
Xin Li
ca2a6b61b3 [automerger skipped] Merge Android 14 QPR2 to AOSP main am: 1a5459b192 -s ours 
am skip reason: Merged-In Ifb5d71336bd21aa8d8de377bf128758240ce1206 with SHA-1 1911f171f7 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2990661

Change-Id: I6256f73a98c2d1bbbb79c51725270d681302edbe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-07 09:55:18 +00:00
Xin Li
1a5459b192 Merge Android 14 QPR2 to AOSP main 
Bug: 319669529
Merged-In: Ifb5d71336bd21aa8d8de377bf128758240ce1206
Change-Id: Ie8eca71839331df5a9d7306d574f6bd8951eab3b
 2024-03-06 09:29:48 -08:00
Treehugger Robot
59b8b15882 Merge "Add AIDL media.c2 into service_contexts" into main 2024-03-05 06:17:02 +00:00
Treehugger Robot
2a9b7e75e3 Merge "add dsim wakeup labels" into main 2024-03-04 02:58:52 +00:00
Thiébaud Weksteen
0ab9ff1e87 Merge "Revert^2 "Remove persist.bootanim.color property definitions"" into main 2024-02-26 22:40:44 +00:00
Thiébaud Weksteen
f0447fb52d Revert^2 "Remove persist.bootanim.color property definitions" 
303a4dd99b

Change-Id: I237450825ef2aaf4681265aede03091ca2d76484
 2024-02-25 23:59:12 +00:00
Krzysztof Kosiński
7c919c2a2b Merge "Allow camera to acquire wakelocks." into main 2024-02-23 15:37:27 +00:00
Rubin Xu
5daaf46640 Merge "Revert "Remove persist.bootanim.color property definitions"" into main 2024-02-23 12:42:52 +00:00
Rubin Xu
303a4dd99b Revert "Remove persist.bootanim.color property definitions" 
Revert submission 26301396-bootanim_prop

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/quarterdeck/?branch=git_main&target=sdk_goog3_x86_64-trunk_staging-userdebug&lkgb=11487950&lkbb=11488141&fkbb=11488141

Bug: 326521604

Reverted changes: /q/submissionid:26301396-bootanim_prop

Change-Id: Ic931ad1f4f7580cae73355ba3419a7c7422cd580
 2024-02-23 12:24:48 +00:00
Krzysztof Kosiński
6f152690d9 Allow camera to acquire wakelocks. 
This is already allowed on all other Google chips and used
for a face auth latency optimization.

Fix: 303391687
Test: check logs on raven
Change-Id: I6f70b70d1cf4c055ce9f3e76c1fca0ae0c3e070d
 2024-02-23 03:01:52 +00:00
Thiébaud Weksteen
d972c8e001 Merge "Remove persist.bootanim.color property definitions" into main 2024-02-23 02:59:58 +00:00
William McVicker
ea03d9909d Merge "Update i2c sepolicy with new device names" into main 2024-02-22 17:54:41 +00:00
Thiébaud Weksteen
dbac8fd52f Remove persist.bootanim.color property definitions 
These now belong to the platform policy.

Bug: 321088135
Test: build
Change-Id: Iafe8da5e19a43807aed49e1984ef798de396e723
 2024-02-21 13:46:21 +11:00
Lei Ju
40465c1988 [gs101] Use common settings for Contexthub HAL 
The change also labeled files under /data/vendor/chre/ to grant
required access.

Test: compilation
Bug: 248615564
Change-Id: I4db158853764987cf04dc7963ff79c680613f028
 2024-02-18 11:41:51 -08:00
Peter Lin
7af07fe0e4 add dsim wakeup labels 
Bug: 323086660
Bug: 321733124
test: ls sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/wakeup -Z
Change-Id: Ic47c14713727de1639e456fb6b2f0fc7d9810dc6
 2024-02-17 08:13:04 +00:00
Will McVicker
3ad00c9539 Update i2c sepolicy with new device names 
The new names fix uninformative kernel wakelock names.

Bug: 315190967
Bug: 323447554
Change-Id: Iff6eccb677444357f867785f213dadd70fb649c1
 2024-02-16 14:54:04 -08:00