Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4550 commits 1 branch 0 tags 494 MiB
Commit graph

4550 commits

This branch
This branch
All branches
Author SHA1 Message Date
Adam Shih
c36661eb0b remove obsolete entries 
Bug: 177389198
Bug: 177860960
Bug: 178752576
Bug: 178753472
Bug: 179310892
Bug: 179437292
Bug: 179437988
Bug: 180656125
Bug: 180960879
Bug: 182705863
Test: boot and grab bugreport with no gmscore error found
Change-Id: I154733215aeca58a76add8d346cc0016a5f0dff7
 2021-03-18 10:15:43 +08:00
Adam Shih
15a0c61432 update error on ROM 7216638 
Bug: 183055762
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Id60bb2e822734e23803b8f937b71dc59a325c27b
 2021-03-18 10:03:37 +08:00
Albert Wang
beb4f82d32 sepolicy: fix usb hal selinux permission 
avc: denied { read } for name="port0-partner" dev="sysfs" ino=98412 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-6/6-0025/typec/port0/port0-partner" dev="sysfs" ino=98412 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0025/typec/port0/power_role" dev="sysfs" ino=67861 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-5/5-0025/typec/port0/power_role" dev="sysfs" ino=67861 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
avc: denied { write } for name="port_type" dev="sysfs" ino=71778 scontext=u:r:hal_usb_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug: 182122983
Test: atest VtsHalUsbV1_0TargetTest
      atest HalUsbGadgetV1_0HostTest
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: Ia2cf9061dd5eaa7af582331477afd34db56531e8
 2021-03-18 09:51:14 +08:00
TreeHugger Robot
2a61dddc6f Merge "Fix selinux error for vendor_init" into sc-dev am: 57ec723c5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13880426

Change-Id: I66406cd526eaebca4ce94ab9dd3f9594e3e1c5ae
 2021-03-18 01:18:38 +00:00
TreeHugger Robot
57ec723c5e Merge "Fix selinux error for vendor_init" into sc-dev 2021-03-18 00:49:15 +00:00
iayara
adeaaead76 Add "libedgetpu_darwinn2.so" library duplicate to be used for external 
launch.

This change is intended to keep naming consistency with previous
Darwinn external launch. In the future, all "libedgetpu_darwinn2.so"
instances should be replaced by "libedgetpu_util.so".

Bug: 182303547
Change-Id: I99e83f5f2e317b195b2061c781cb23544e547c55
 2021-03-17 23:47:07 +00:00
Hridya Valsaraju
fed91e74ba Merge "Add a label for Pixel DMA-BUF heap tracepoints" into sc-dev am: 2f772dd166 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13896546

Change-Id: Idfe3aa3b34bb8b6b8eb8f348b940327656a96c2f
 2021-03-17 22:44:05 +00:00
Hridya Valsaraju
2f772dd166 Merge "Add a label for Pixel DMA-BUF heap tracepoints" into sc-dev 2021-03-17 21:58:55 +00:00
Yu-Chi Cheng
bcb92ac0c9 Merge "Allowed Camera hal to access EdgeTPU service for on-device compilation." into sc-dev am: a802ac3b05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13889939

Change-Id: Iff962bcb9446a4a48123dc0ff435ffd56a115079
 2021-03-17 21:10:37 +00:00
Yu-Chi Cheng
a802ac3b05 Merge "Allowed Camera hal to access EdgeTPU service for on-device compilation." into sc-dev 2021-03-17 20:37:44 +00:00
Yu-Chi Cheng
86aa156202 Allowed Camera hal to access EdgeTPU service for on-device compilation. 
Camera hal DarwiNN pipelines are switching to use the on-device
compilation, which achieves by talking to the EdgeTPU service.
This change added the required selinux policies to allow accessing
the service, as well as allowing file descriptors to be shared
between them for passing the compilation info around.

Bug: 182423730
Bug: 182706078
Test: verified on Oriole running camera.
Change-Id: I5d3bc84fd54d4618f505f37d9773894261061d7f
 2021-03-17 08:18:55 -07:00
Aaron Tsai
185dbee4eb Fix selinux error for vendor_init 
03-12 18:15:16.240  root     1     1 I /system/bin/init: type=1107 audit(0.0:19): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.sys.modem_reset pid=354 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_sys_default_prop:s0 tclass=property_service permissive=1'

Bug: 182715587
Test: verified with the forrest ROM and error log gone
Change-Id: Icfea06220c491d414f6bdbf04ceda4c46299fb29
 2021-03-17 10:14:31 +00:00
TreeHugger Robot
afdfc82734 Merge "label uwb service to prevent reset after unplugging USB" into sc-dev am: 64c726720b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13895430

Change-Id: I7d50b4777a52b307272c8b9ab68f2eeb279ebb4d
 2021-03-17 08:36:35 +00:00
Jenny Ho
673ba29390 Merge "genfs_contexts: add sepolicy for dumping eeprom data" into sc-dev am: 208d1aed01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13895428

Change-Id: I39b601de53ad1b2ccfec2274194b9dfcb8f1dbf1
 2021-03-17 08:36:13 +00:00
TreeHugger Robot
64c726720b Merge "label uwb service to prevent reset after unplugging USB" into sc-dev 2021-03-17 08:35:08 +00:00
Jenny Ho
208d1aed01 Merge "genfs_contexts: add sepolicy for dumping eeprom data" into sc-dev 2021-03-17 08:07:45 +00:00
Adam Shih
ebeae6abc3 label uwb service to prevent reset after unplugging USB 
Bug: 182953824
Test: unplug USB under enforcing mode
Change-Id: Ib4bdf9b9339fc631d045bde57f78a46ce3ca8b6e
 2021-03-17 15:25:27 +08:00
TreeHugger Robot
188c7e93fc Merge "sensors: Add sensor related rule to chre." into sc-dev am: b8ec327d5c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13885466

Change-Id: I9a4f8817963617f8e212d8ffdf36a17e5580d192
 2021-03-17 07:00:57 +00:00
TreeHugger Robot
b8ec327d5c Merge "sensors: Add sensor related rule to chre." into sc-dev 2021-03-17 06:28:41 +00:00
Hridya Valsaraju
a570dc6991 Add a label for Pixel DMA-BUF heap tracepoints 
These tracepoint are the DMA-BUF equivalents to the ION tracepoints.
They expose the size of the DMA-BUF, unique inode number of the DMA-BUF
and total size of all DMA-BUFs exported from the DMA-BUF heap framework.

Test: build
Bug: 182328989
Change-Id: I311b68275ebd668f73d0ccff0fcaa01d251250bc
 2021-03-16 23:00:41 -07:00
Adam Shih
afb246e88a Merge changes I33cd99d5,I8417d4eb into sc-dev am: 63143cdf96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13895426

Change-Id: I9fa4c9593bb10eae995d38922a41b0ddd917e5b8
 2021-03-17 05:40:37 +00:00
Jenny Ho
2dc4d2d61f genfs_contexts: add sepolicy for dumping eeprom data 
I auditd  : type=1400 audit(0.0:53): avc: denied { getattr } for comm="sh" path="/sys/devices/platform/10970000.hsi2c/i2c-5/5-0050/eeprom" dev="sysfs" ino=59692 scontext=u:r:shell:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
I sh      : type=1400 audit(0.0:53): avc: denied { getattr } for path="/sys/devices/platform/10970000.hsi2c/i2c-5/5-0050/eeprom" dev="sysfs" ino=59692 scontext=u:r:shell:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
I auditd  : type=1400 audit(0.0:57): avc: denied { getattr } for comm="ls" path="/sys/devices/platform/10970000.hsi2c/i2c-5/5-0050/eeprom" dev="sysfs" ino=59692 scontext=u:r:shell:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
I ls      : type=1400 audit(0.0:57): avc: denied { getattr } for path="/sys/devices/platform/10970000.hsi2c/i2c-5/5-0050/eeprom" dev="sysfs" ino=59692 scontext=u:r:shell:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 182531832
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: If189575c6db8b43b59c6009378ec724bd075c0d1
 2021-03-17 13:07:55 +08:00
Adam Shih
63143cdf96 Merge changes I33cd99d5,I8417d4eb into sc-dev 
* changes:
  label missing power sys nodes
  update error on ROM 7213588
 2021-03-17 05:03:29 +00:00
TreeHugger Robot
2d39854611 Merge "Add Sepolicy rule for connectivity monitor app" into sc-dev am: 0aef3b56c5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13880431

Change-Id: Ia4981828bf05e6b824ab071c0475579405693bb3
 2021-03-17 03:44:56 +00:00
TreeHugger Robot
0aef3b56c5 Merge "Add Sepolicy rule for connectivity monitor app" into sc-dev 2021-03-17 03:12:31 +00:00
Adam Shih
74052118a8 label missing power sys nodes 
Bug: 182954169
Test: boot with no avc error found
Change-Id: I33cd99d5748dd9fc40301c460a050b6e969f30f4
 2021-03-17 10:49:24 +08:00
Rick Chen
78047fa17b sensors: Add sensor related rule to chre. 
[    8.417813] type=1400 audit(1615518074.988:4): avc: denied { write } for comm="sensors@2.0-ser" name="chre" dev="tmpfs" ino=908 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:chre_socket:s0 tclass=sock_file permissive=1
[    8.418075] type=1400 audit(1615518074.988:5): avc: denied { connectto } for comm="sensors@2.0-ser" path="/dev/socket/chre" scontext=u:r:hal_sensors_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1
03-12 11:01:14.988   694   694 I sensors@2.0-ser: type=1400 audit(0.0:5): avc: denied { connectto } for path="/dev/socket/chre" scontext=u:r:hal_sensors_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1

Also merge two sensor_hal related files into single file.

Bug: 182523946
Test: make selinux_policy -j128 and push to device.
      No hal_sensors_default related avc deined log during boot.
Signed-off-by: Rick Chen <rickctchen@google.com>
Change-Id: I49ce71ba4703528fb2e26dd8956c4ed741337ffc
 2021-03-17 10:34:14 +08:00
Benjamin Schwartz
6beac59d8d Merge "Give power stats HAL permission to read ufs stats" into sc-dev am: fe980b935b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13881265

Change-Id: I21a2217c38a764545fc4a19b4b114eaee260efe3
 2021-03-17 02:25:59 +00:00
TreeHugger Robot
120967467a Merge "allow df to collect partition info" into sc-dev am: 23017e956d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13856371

Change-Id: I53f473fa1d949eb035367b5bfa16022dd3098ebc
 2021-03-17 02:25:39 +00:00
Adam Shih
7c0fd2a413 update error on ROM 7213588 
Bug: 182954169
Bug: 182954060
Bug: 182954138
Bug: 182954062
Bug: 182953824
Bug: 182953825
Bug: 182954248
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8417d4ebacefa691838e25131749b0e4fd152a2f
 2021-03-17 10:15:02 +08:00
Benjamin Schwartz
fe980b935b Merge "Give power stats HAL permission to read ufs stats" into sc-dev 2021-03-17 02:09:54 +00:00
TreeHugger Robot
23017e956d Merge "allow df to collect partition info" into sc-dev 2021-03-17 01:52:43 +00:00
Benjamin Schwartz
d5ab86411f Fix sepolicies for hal_power_stats_default am: ed8fdc9997 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13877746

Change-Id: I01e5424a15c0a2771f0b958c2d29adf4d43d33a9
 2021-03-16 20:54:07 +00:00
Benjamin Schwartz
ed8fdc9997 Fix sepolicies for hal_power_stats_default 
Bug: 182320246
Test: No more avc denied log messages for hal_power_stats_default
Change-Id: I1cd801bb4823e80bd5ea112fb0b7bdfaeabbdef5
 2021-03-16 10:37:09 -07:00
TreeHugger Robot
411cd08e91 Merge "display: add sepolicy for hal_graphics_composer" into sc-dev am: 96d0c28dc4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13880429

Change-Id: I0f7c6b3d3c172fd4e2038f9bef7d6b7a0fa9436b
 2021-03-16 12:38:49 +00:00
TreeHugger Robot
96d0c28dc4 Merge "display: add sepolicy for hal_graphics_composer" into sc-dev 2021-03-16 12:05:50 +00:00
Hsiaoan Hsu
46fedc2148 Add Sepolicy rule for connectivity monitor app 
sync sepolicy from previous projects.

Bug: 182715920
Test: build pass. connetivity monitor service running successfully.
Change-Id: Id5606b5db74fbf672ac41549862a83557734ac57
 2021-03-16 15:48:53 +08:00
raylinhsu
031fe80418 display: add sepolicy for hal_graphics_composer 
Allow HWC to access vendor_log_file and also allow hwc to access
power hal

Bug: 181712799
Test: pts -m PtsSELinuxTest -t
com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot

Change-Id: I403a528f651b9ee5755d11525f2a33c39628ecee
 2021-03-16 13:50:48 +08:00
SalmaxChang
81104c001c MDS: Fix avc errors am: b70e0bebdd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13816042

Change-Id: I7438c1c4654e8053e0315623c42475e656737a11
 2021-03-16 04:26:46 +00:00
SalmaxChang
b70e0bebdd MDS: Fix avc errors 
avc: denied { search } for name="vendor" dev="tmpfs" ino=2 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1 app=com.google.mds
avc: denied { search } for name="vendor" dev="tmpfs" ino=2 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1 app=com.google.mds
avc: denied { search } for comm=4173796E635461736B202332 name="radio" dev="dm-9" ino=242 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1 app=com.google.mds
avc: denied { call } for comm=4173796E635461736B202331 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:r:dmd:s0 tclass=binder permissive=1 app=com.google.mds
avc: denied { write } for name="property_service" dev="tmpfs" ino=316 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1 app=com.google.mds
avc: denied { read } for name="u:object_r:vendor_modem_prop:s0" dev="tmpfs" ino=289 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:vendor_modem_prop:s0 tclass=file permissive=1 app=com.google.mds
avc: denied { search } for comm=4173796E635461736B202331 name="chosen" dev="sysfs" ino=9330 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs_chosen:s0 tclass=dir permissive=1 app=com.google.mds

Bug: 181185131
Bug: 179110848

Change-Id: I1ac00b68e2db44cc86f6b5c70001cda78264ff6e
 2021-03-16 02:27:54 +00:00
Adam Shih
df5b767adf Merge "label power.stats-vendor properly" into sc-dev am: dd7f31a99f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13856370

Change-Id: I301a946f6fbfeab735b81fb92e37a657ede3e9a6
 2021-03-16 01:50:01 +00:00
Adam Shih
dd7f31a99f Merge "label power.stats-vendor properly" into sc-dev 2021-03-16 01:16:20 +00:00
Adam Shih
142e40a2e0 Merge "Allow bluetooth hal to get boot status" into sc-dev am: 3887fc2628 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13856369

Change-Id: I7c25de614a2e2625f2cfc8fd8a3df8a5d74f877d
 2021-03-16 00:57:19 +00:00
Benjamin Schwartz
a1f92cdd90 Give power stats HAL permission to read ufs stats 
Bug: 140217385
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ib3fa9440982bc5846053e9ddf56d3ed178599c0c
 2021-03-15 17:37:29 -07:00
Adam Shih
3887fc2628 Merge "Allow bluetooth hal to get boot status" into sc-dev 2021-03-16 00:35:59 +00:00
Alex Hong
21a2c8b6e8 Merge "Clean up the obsoleted dontaudit rules" into sc-dev am: e2f3348361 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13839793

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I588088235e0172d82beb1ab15942e20706112c26
 2021-03-15 08:58:29 +00:00
Alex Hong
e2f3348361 Merge "Clean up the obsoleted dontaudit rules" into sc-dev 2021-03-15 08:22:53 +00:00
Alex Hong
abfa9355ee Clean up the obsoleted dontaudit rules 
Verify with the ROM: go/ab/7203892 oriole-userdebug

Test: $ make selinux_policy
      Push selinux modules. Check the denials during boot.

      $ pts-tradefed run commandAndExit pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanBugreport
      $ pts-tradefed run commandAndExit pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Bug: 171760597
Bug: 171760846
Bug: 173969190
Bug: 174443175
Bug: 176777145
Bug: 176868315
Bug: 177386448
Bug: 177389321
Bug: 177614659
Bug: 177616188
Bug: 177778551
Bug: 177778793
Bug: 177860838
Bug: 177862403
Bug: 177862777
Bug: 177966144
Bug: 178433506
Bug: 178433618
Bug: 178753151
Bug: 178752409
Bug: 178979985
Bug: 178980142
Bug: 179093352
Bug: 179310875
Bug: 179435036
Bug: 179437293
Bug: 179437737
Bug: 180551518
Bug: 180567612
Bug: 180655373
Bug: 180656244
Bug: 180874342
Bug: 180963328
Bug: 180963587
Change-Id: I19e19e49d36e5635629c1e68c7d23a98c714ebcf
 2021-03-15 06:24:59 +00:00
Adam Shih
881d24db37 update error on ROM 7207833 am: 36e82d438a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13856368

MUST ONLY BE SUBMITTED BY AUTOMERGER

Change-Id: I2f9b3e1e7f93b2eb35a908b55e10e724ddea459d
 2021-03-15 03:08:09 +00:00
Adam Shih
0218941cb8 allow df to collect partition info 
Bug: 179310854
Test: do bugreport and the error disappear
Change-Id: I9fdcbb27742a70f3b796c668c3e0d4688d36b4d8
 2021-03-15 11:00:41 +08:00