Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
596 commits 1 branch 0 tags 494 MiB
Commit graph

596 commits

This branch
This branch
All branches
Author SHA1 Message Date
TreeHugger Robot
8a1ed47bba Merge "correctly label networking gadgets" into sc-dev am: 7fd939fdd7 am: b3ae9a8c03 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14495070

Change-Id: I32c987673a819fea3bd13ecb9527b8fd15552fbf
 2021-05-12 10:41:11 +00:00
TreeHugger Robot
0c4611ecb0 Merge "bthal: allow bthal to access bluetooth kernel driver logbuffer_btlpm and logbuffer_btuart device node" into sc-dev am: 9b8e2b7ba8 am: e7fe59fb13 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14009545

Change-Id: I428409b43fbac1c0c6d4613b5be5d9e8c60f7e93
 2021-05-12 10:02:42 +00:00
TreeHugger Robot
b3ae9a8c03 Merge "correctly label networking gadgets" into sc-dev am: 7fd939fdd7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14495070

Change-Id: I27d3d5a87b676167ffc00af83099c8547c4e3810
 2021-05-12 07:43:07 +00:00
TreeHugger Robot
7fd939fdd7 Merge "correctly label networking gadgets" into sc-dev 2021-05-12 07:38:42 +00:00
TreeHugger Robot
e7fe59fb13 Merge "bthal: allow bthal to access bluetooth kernel driver logbuffer_btlpm and logbuffer_btuart device node" into sc-dev am: 9b8e2b7ba8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14009545

Change-Id: I2c7c39f279ec96eaa6138859ca3982bc85a21f6b
 2021-05-12 07:35:16 +00:00
TreeHugger Robot
9b8e2b7ba8 Merge "bthal: allow bthal to access bluetooth kernel driver logbuffer_btlpm and logbuffer_btuart device node" into sc-dev 2021-05-12 07:06:45 +00:00
TreeHugger Robot
7a4d420378 Merge "com.qorvo.uwb: signed with dedicated key and running as android.uid.uwb uid" into sc-dev am: e2a0158fdf am: 6d2c152bcf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14506301

Change-Id: Ie31251dcf3d49a4844c13b223452caac39f93681
 2021-05-12 07:02:52 +00:00
TreeHugger Robot
6d2c152bcf Merge "com.qorvo.uwb: signed with dedicated key and running as android.uid.uwb uid" into sc-dev am: e2a0158fdf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14506301

Change-Id: Id1e7ebe45d7abab203646ed038cd74d194fd2014
 2021-05-12 06:41:43 +00:00
TreeHugger Robot
e2a0158fdf Merge "com.qorvo.uwb: signed with dedicated key and running as android.uid.uwb uid" into sc-dev 2021-05-12 06:22:21 +00:00
jonerlin
cb3f59b89e bthal: allow bthal to access bluetooth kernel driver logbuffer_btlpm 
and logbuffer_btuart device node

* add sepolicy rules to let bthal can access bluetooth kernel device
  nodes dev/logbuffer_btlpm and dev/logbuffer_tty16 in engineer
  or user debug build

Bug: 177794127
Test: Manually
Change-Id: I5253719df82ca7ef8e64cbd3f2b0ff6d3f088edc
 2021-05-12 13:27:40 +08:00
Wei Wang
6883250a44 Merge "Revert "Grant vendor_sched sysfs nodes access"" into sc-dev am: 53ae55618a am: c515c8345d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14509955

Change-Id: I7f52c6c8fe5f6eac81410f10c4db73f13eaf46dc
 2021-05-12 04:49:43 +00:00
Wei Wang
c515c8345d Merge "Revert "Grant vendor_sched sysfs nodes access"" into sc-dev am: 53ae55618a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14509955

Change-Id: I9a79e69ca43827358937aebcab730471715acb4c
 2021-05-12 04:28:06 +00:00
Thierry Strudel
03f4884884 com.qorvo.uwb: signed with dedicated key and running as android.uid.uwb uid 
Test:
05-11 21:05:48.077   786   786 I qorvo.uwb.main: UWB HAL start
05-11 21:05:48.078   412   412 I servicemanager: Found hardware.qorvo.uwb.IUwb/default in device VINTF manifest.
05-11 21:05:50.960  1639  1639 W PackageSettings: Missing permission state for package: com.qorvo.uwbtestapp.system
05-11 21:05:53.530  1639  1639 V StorageManagerService: Package com.qorvo.uwb does not have legacy storage
05-11 21:05:53.548  1639  1639 V StorageManagerService: Package com.qorvo.uwbtestapp.system does not have legacy storage
05-11 21:05:56.571  1639  1902 I am_proc_start: [0,3055,1083,com.qorvo.uwb,added application,com.qorvo.uwb]
05-11 21:05:56.571  1639  1902 I ActivityManager: Start proc 3055:com.qorvo.uwb/1083 for added application com.qorvo.uwb
05-11 21:05:56.653  1639  2264 I am_proc_bound: [0,3055,com.qorvo.uwb]
05-11 21:05:56.709  3055  3055 I TetheringManager: registerTetheringEventCallback:com.qorvo.uwb
05-11 21:05:56.710  3055  3055 V GraphicsEnvironment: ANGLE Developer option for 'com.qorvo.uwb' set to: 'default'
05-11 21:06:05.045  1639  1900 I am_pss  : [3055,1083,com.qorvo.uwb,5719040,4239360,0,88702976,2,0,6]
05-11 21:06:07.233  1639  1981 I am_compact: [3055,com.qorvo.uwb,all,84816,39052,44628,0,-816,0,-816,816,26,0,0,-800,0,1921532,-768]
05-11 21:06:38.442   786   786 I qorvo.Uwb: open
05-11 21:06:38.443   786   786 I qorvo.uwb.McpsUtils: ListHardware
05-11 21:06:38.443   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse
05-11 21:06:38.443   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse: Read message
05-11 21:06:38.443   786   786 I qorvo.uwb.IeeeUtils: ListDevices
05-11 21:06:38.443   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse
05-11 21:06:38.443   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse: Read message
05-11 21:06:38.443   786   786 I qorvo.uwb.UwbIface: Load calibration on wpan0, hw index: 0
05-11 21:06:38.445   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse
05-11 21:06:38.445   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse: Read message
05-11 21:06:38.445   786   786 I qorvo.uwb.UwbIface: Load properties on wpan0, hw index: 0
05-11 21:06:38.446   786   786 I qorvo.Uwb: getIface
05-11 21:06:38.449   786   786 I qorvo.uwb.UwbIface: firaController
05-11 21:06:38.449   786   786 I qorvo.Uwb: listHardwareIndex
05-11 21:06:38.449   786   786 I qorvo.uwb.McpsUtils: ListHardware
05-11 21:06:38.449   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse
05-11 21:06:38.450   786   786 I qorvo.uwb.NlSocket: SendAndAwaitResponse: Read message
05-11 21:06:38.450   786   786 I qorvo.Uwb: getIface
05-11 21:06:38.450   786   786 I qorvo.uwb.UwbIface: cccController

Bug: 187766150
Signed-off-by: Thierry Strudel <tstrudel@google.com>
Change-Id: Ie667a666a445e907aa99542f1c52046522b5dd02
 2021-05-12 04:07:58 +00:00
Wei Wang
53ae55618a Merge "Revert "Grant vendor_sched sysfs nodes access"" into sc-dev 2021-05-12 03:56:58 +00:00
Wei Wang
73b65a0f8b Revert "Grant vendor_sched sysfs nodes access" 
This reverts commit 638778c654.

Reason for revert: b/187884708
Bug: 187884708
Change-Id: I60e80246345ca3e827d7b4749f25e2d5c4dddf9d
 2021-05-12 03:56:42 +00:00
TreeHugger Robot
8966b0738f Merge "Sniffer Logger: Add dontaudit getattr for sysfs_wifi" into sc-dev am: 004c299011 am: 223f9da106 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14485438

Change-Id: Id7fa2e92ca7ec7ef0cf92bca58d54bcd3bd3428f
 2021-05-12 02:43:53 +00:00
TreeHugger Robot
223f9da106 Merge "Sniffer Logger: Add dontaudit getattr for sysfs_wifi" into sc-dev am: 004c299011 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14485438

Change-Id: Ib9d1708d8e53619827b81850d6e5e97729754825
 2021-05-12 02:16:15 +00:00
TreeHugger Robot
004c299011 Merge "Sniffer Logger: Add dontaudit getattr for sysfs_wifi" into sc-dev 2021-05-12 01:32:03 +00:00
Wei Wang
82e3d3146f Merge "Grant vendor_sched sysfs nodes access" into sc-dev am: 3a2d20a1a2 am: a04548a17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14462495

Change-Id: Ia8f8af31038a6fe8a872e1632c750a0e693a8f60
 2021-05-11 18:10:48 +00:00
Wei Wang
a04548a17c Merge "Grant vendor_sched sysfs nodes access" into sc-dev am: 3a2d20a1a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14462495

Change-Id: I957522e3cdb7c45401b50601e2a92cd617d3473a
 2021-05-11 17:42:16 +00:00
Wei Wang
3a2d20a1a2 Merge "Grant vendor_sched sysfs nodes access" into sc-dev 2021-05-11 17:24:38 +00:00
sukiliu
7a1938e846 Update avc error on ROM 7349999 am: 99853e483b am: d5d461cc4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14500956

Change-Id: I3e39d50fcfcf238866363c2ea927286dddb3eb55
 2021-05-11 11:34:06 +00:00
sukiliu
d5d461cc4e Update avc error on ROM 7349999 am: 99853e483b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14500956

Change-Id: If71f414f52934e892475a040684dd91a2a75dfee
 2021-05-11 11:04:31 +00:00
sukiliu
99853e483b Update avc error on ROM 7349999 
avc: denied { call } for scontext=u:r:dumpstate:s0 tcontext=u:r:twoshay:s0 tclass=binder permissive=0

Bug: 187795940
Test: PtsSELinuxTestCases
Change-Id: Ib85ee1d52915b292295b21df8df48c18761c088e
 2021-05-11 17:24:08 +08:00
Peter Csaszar
d39d9e517f pixel-selinux: add SJTAG policies am: bc525e1a49 am: 6ff24d2a06 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14489636

Change-Id: Icab05e0fb309a6eaa0befd3d3960e84569957005
 2021-05-11 07:47:11 +00:00
Maciej Żenczykowski
60e0a18e2a correctly label networking gadgets 
This is to pass system/netd/tests/netd_test.cpp:

TEST(NetdSELinuxTest, CheckProperMTULabels) {
    // Since we expect the egrep regexp to filter everything out,
    // we thus expect no matches and thus a return code of 1
    ASSERT_EQ(W_EXITCODE(1, 0), system("ls -Z /sys/class/net/*/mtu | egrep -q -v "
                                       "'^u:object_r:sysfs_net:s0 /sys/class/net/'"));
}

Test: atest, TreeHugger, manual observation of labeling
Bug: 185962988
Signed-off-by: Maciej Żenczykowski <maze@google.com>
Change-Id: Ib4f8aa6cc2e0f5a5bd432bcfe473e550f5c68132
 2021-05-11 07:40:38 +00:00
Peter Csaszar
6ff24d2a06 pixel-selinux: add SJTAG policies am: bc525e1a49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14489636

Change-Id: I19e3462634d1e299ca6bfb8e8e01bd3e689bd903
 2021-05-11 07:24:12 +00:00
Taeju Park
638778c654 Grant vendor_sched sysfs nodes access 
Bug: 182509410
Signed-off-by: Taeju Park <taeju@google.com>
Change-Id: I53a879e904bef3c5b13127404f4f5c422abd46b4
 2021-05-11 04:27:23 +00:00
Peter Csaszar
bc525e1a49 pixel-selinux: add SJTAG policies 
These are the SELinux policies for the DebugFS files of the SJTAG
kernel interface.

Bug: 184768605
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I36996d6fd5fe09adb7a36be573cf57f15ea35756
 2021-05-10 17:58:04 -07:00
Wei Wang
ff1bb37173 Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev am: 551505ae05 am: 8181bbaaac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14486216

Change-Id: I616fa1b699d2b2fee93496cf06b24786f7e4e74b
 2021-05-11 00:34:34 +00:00
Wei Wang
8181bbaaac Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev am: 551505ae05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14486216

Change-Id: I28349709c6a549e25ed8dffd490c84af777b83e9
 2021-05-11 00:18:41 +00:00
Wei Wang
551505ae05 Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev 2021-05-10 23:59:50 +00:00
Jia-yi Chen
344b354f8b Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev am: 06a0792bf1 am: 1912dc976e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14460156

Change-Id: I7d847033afc8548522bac80ad657bcbae806dbd7
 2021-05-10 19:07:21 +00:00
Jia-yi Chen
1912dc976e Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev am: 06a0792bf1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14460156

Change-Id: I1ddc002e6e20ca3dec0db9f018260ec0e56db574
 2021-05-10 18:52:15 +00:00
Jia-yi Chen
06a0792bf1 Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev 2021-05-10 18:29:41 +00:00
Kyle Lin
1124aeaf32 Add policy for memlat governor needs create/delete perf events 
[   31.756984] type=1400 audit(1620144320.436:11): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[   31.757246] type=1400 audit(1620144320.436:12): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
[   31.757352] type=1400 audit(1620144320.436:13): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[   31.757450] type=1400 audit(1620144320.436:14): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
...
...
[  215.584932] type=1400 audit(1620634018.936:191): avc: denied { cpu } for comm="cpuhp/4" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=0

Bug: 187437491
Bug: 170479743
Test: build, boot and suspend/resume test 200 times.

Change-Id: I4fd3d3fb915ca518ffa226f25298c94faaf867f1
 2021-05-10 16:18:58 +08:00
chenpaul
6297e8a5a7 Sniffer Logger: Add dontaudit getattr for sysfs_wifi 
05-10 15:04:37.376 12958 12958 I auditd  : type=1400 audit(0.0:14): avc: denied { getattr } for comm="wifi_sniffer" path="/sys/wifi/firmware_path" dev="sysfs" ino=81201 scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0 tclass=file permissive=0

Bug: 187583019
Test: Sniffer Logger is workable
Change-Id: I6bce0bb58d951b6be39f58340b6418b328ffe386
 2021-05-10 15:28:47 +08:00
JJ Lee
2a2ce4a0ae Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev am: df02b6ef77 am: 51c75a291e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14452416

Change-Id: I085a5e10dc22ac41c84c98614dbe3133c5971d40
 2021-05-10 02:58:04 +00:00
JJ Lee
51c75a291e Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev am: df02b6ef77 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14452416

Change-Id: I9da7211554c5f2fdce509051caa4f3b2e381f9c1
 2021-05-10 02:34:31 +00:00
JJ Lee
df02b6ef77 Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev 2021-05-10 02:14:07 +00:00
TreeHugger Robot
df80f0be9f Merge "vibrator: Remove temporary method" into sc-dev am: ec3144742f am: e853b4335e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14467421

Change-Id: I6170cab39b5fec5c777500dab7506fafafba7000
 2021-05-10 01:58:17 +00:00
TreeHugger Robot
eb15c49e77 Merge changes Ic697ffe8,Idcf38e09 into sc-dev am: a2d2ebd508 am: 41d657e591 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456725

Change-Id: I7c502814dadb2a5bb026fb856b0d8a6c7905085a
 2021-05-10 01:57:50 +00:00
TreeHugger Robot
e853b4335e Merge "vibrator: Remove temporary method" into sc-dev am: ec3144742f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14467421

Change-Id: I8abc6a5985a10691d2a6b2350aaf7c1b3b523056
 2021-05-10 01:41:55 +00:00
TreeHugger Robot
41d657e591 Merge changes Ic697ffe8,Idcf38e09 into sc-dev am: a2d2ebd508 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456725

Change-Id: I31ebc93fd8a8a664f75e623c007482fa345a1248
 2021-05-10 01:41:42 +00:00
TreeHugger Robot
ec3144742f Merge "vibrator: Remove temporary method" into sc-dev 2021-05-10 01:13:47 +00:00
TreeHugger Robot
a2d2ebd508 Merge changes Ic697ffe8,Idcf38e09 into sc-dev 
* changes:
  Remove dumpstate AVC denials dontaudit for twoshay
  Allow dumpstate to access twoshay
 2021-05-10 01:11:46 +00:00
TreeHugger Robot
73f7604819 Merge "Allow radioext to communicate with bt hal" into sc-dev am: c03c055812 am: 93008dc81a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456718

Change-Id: I04601b7854246242a3e73d12ceb0491c7428c3c4
 2021-05-08 19:33:35 +00:00
TreeHugger Robot
93008dc81a Merge "Allow radioext to communicate with bt hal" into sc-dev am: c03c055812 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456718

Change-Id: I3d1fed21b348e309acf8c981d0295fc0c6db1597
 2021-05-08 19:13:26 +00:00
TreeHugger Robot
c03c055812 Merge "Allow radioext to communicate with bt hal" into sc-dev 2021-05-08 18:59:51 +00:00
TreeHugger Robot
73e866b8c8 Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev am: 296f8ddc5d am: cb8de215f8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14440528

Change-Id: I5f0f438dd488cb64579f777809ddf2ab31fd9926
 2021-05-07 23:59:40 +00:00