device_google_gs101

Author	SHA1	Message	Date
Wei Wang	8c19aec1ee	Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev am: `551505ae05` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14486216 Change-Id: I18294c64c2dc118e1af978614d5feaec92ac0445	2021-05-11 00:16:50 +00:00
Wei Wang	551505ae05	Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev	2021-05-10 23:59:50 +00:00
Jia-yi Chen	9894e8e202	Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev am: `06a0792bf1` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14460156 Change-Id: I206c35135cf16ff9956d1d7b5080697c9ea566b6	2021-05-10 18:48:39 +00:00
Jia-yi Chen	06a0792bf1	Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev	2021-05-10 18:29:41 +00:00
Kyle Lin	1124aeaf32	Add policy for memlat governor needs create/delete perf events [ 31.756984] type=1400 audit(1620144320.436:11): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0 [ 31.757246] type=1400 audit(1620144320.436:12): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0 [ 31.757352] type=1400 audit(1620144320.436:13): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0 [ 31.757450] type=1400 audit(1620144320.436:14): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0 ... ... [ 215.584932] type=1400 audit(1620634018.936:191): avc: denied { cpu } for comm="cpuhp/4" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=0 Bug: 187437491 Bug: 170479743 Test: build, boot and suspend/resume test 200 times. Change-Id: I4fd3d3fb915ca518ffa226f25298c94faaf867f1	2021-05-10 16:18:58 +08:00
JJ Lee	4be4faa1dc	Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev am: `df02b6ef77` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14452416 Change-Id: I51e769688205bbb6ea24e4afe736f22876e7b104	2021-05-10 02:31:46 +00:00
JJ Lee	df02b6ef77	Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev	2021-05-10 02:14:07 +00:00
TreeHugger Robot	bba2a7a0c9	Merge "vibrator: Remove temporary method" into sc-dev am: `ec3144742f` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14467421 Change-Id: Ieb1405f8124528b337ee3273ebe79b6c522c2f44	2021-05-10 01:39:54 +00:00
TreeHugger Robot	0121aed44a	Merge changes Ic697ffe8,Idcf38e09 into sc-dev am: `a2d2ebd508` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456725 Change-Id: I55d5ff71adec66427fb69a36bfd17a8cc7a37d0b	2021-05-10 01:39:34 +00:00
TreeHugger Robot	ec3144742f	Merge "vibrator: Remove temporary method" into sc-dev	2021-05-10 01:13:47 +00:00
TreeHugger Robot	a2d2ebd508	Merge changes Ic697ffe8,Idcf38e09 into sc-dev * changes: Remove dumpstate AVC denials dontaudit for twoshay Allow dumpstate to access twoshay	2021-05-10 01:11:46 +00:00
TreeHugger Robot	4e4b697ebc	Merge "Allow radioext to communicate with bt hal" into sc-dev am: `c03c055812` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456718 Change-Id: Ieab3a480c6a09103b09b09f5f238f975ee4845ad	2021-05-08 19:09:55 +00:00
TreeHugger Robot	c03c055812	Merge "Allow radioext to communicate with bt hal" into sc-dev	2021-05-08 18:59:51 +00:00
TreeHugger Robot	978d75fba7	Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev am: `296f8ddc5d` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14440528 Change-Id: I336b1e613abebe0e56faf3732dce5d3fea52b0dc	2021-05-07 23:43:53 +00:00
TreeHugger Robot	296f8ddc5d	Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev	2021-05-07 23:29:31 +00:00
chasewu	59161a5745	vibrator: Remove temporary method Bug: 177176811 Test: no avc denied logs Signed-off-by: chasewu <chasewu@google.com> Change-Id: I424e15037b3e20824f5e072d88bdf71a50cfdabf	2021-05-07 18:33:15 +08:00
Seungah Lim	72e6339123	iwlan: update sepolicy for qualifiednetworksservice Bug: 185942456 Test: VoLTE/VoWifi Change-Id: I352bb933e577b11bb052a297d17776ff0a5f3a75 Signed-off-by: Seungah Lim <sss.lim@samsung.com>	2021-05-07 17:14:00 +08:00
Tai Kuo	8e3aaa30ff	Remove dumpstate AVC denials dontaudit for twoshay Bug: 187014717 Test: pts-tradefed run pts -m PtsSELinuxTest -t \ com.google.android.selinux.pts.SELinuxTest#scanBugreport Signed-off-by: Tai Kuo <taikuo@google.com> Change-Id: Ic697ffe8f6ee15fb9d9330173a3c92aeca61de67	2021-05-07 14:56:22 +08:00
Tai Kuo	0e68aed154	Allow dumpstate to access twoshay Bug: 173330981 Bug: 187014717 Test: no avc denials for twoshay was found. Signed-off-by: Tai Kuo <taikuo@google.com> Change-Id: Idcf38e0921fb4d6d617e7cd443425193aea3fe91	2021-05-07 14:55:43 +08:00
Jia-yi Chen	15c046878b	Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0 Bug: 186564130 Test: Boot & check powerhal log Change-Id: I1a828f113266d4b3386b2f6fa74df050255113a9	2021-05-06 21:00:08 -07:00
Labib	a27f8c4480	Allow radioext to communicate with bt hal Bug: 187447420 Change-Id: I1a1626502a6c3913846b957c3c0a31fdd99feb31	2021-05-07 09:20:02 +08:00
Tri Vo	da485f1270	Merge "trusty: sepolicy for metrics reporter" into sc-dev am: `f7bec8b3c6` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14286451 Change-Id: I3442adb02d7ae36f4533c2b94154a7c32ca9ea6f	2021-05-06 16:08:09 +00:00
Tri Vo	f7bec8b3c6	Merge "trusty: sepolicy for metrics reporter" into sc-dev	2021-05-06 15:52:51 +00:00
JJ Lee	43735f0fc3	sepolicy: gs101: allow audio hal to use wakelock Bug: 178789331 Test: build pass Signed-off-by: JJ Lee <leejj@google.com> Change-Id: I1d5c9ea8726f2e53bc05e0ecd5dedddede274794	2021-05-06 19:43:24 +08:00
Aaron Tsai	c49f82b712	Fix avc denied for shannon-ims am: `6a9a85cd07` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14410097 Change-Id: I480df5510301d889390c92f2cad68c0fb4e489e5	2021-05-06 10:51:12 +00:00
Aaron Tsai	6a9a85cd07	Fix avc denied for shannon-ims 04-01 19:10:22.956 10272 2327 2327 W Binder:2327_4: type=1400 audit(0.0:8): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_ims_app:s0:c16,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.shannon.imsservice 04-01 19:10:22.960 10272 2327 4608 E libc : Access denied finding property "persist.dbg.wfc_avail_ovr0" 04-01 19:10:22.981 10272 2327 4608 E libc : Access denied finding property "persist.dbg.vt_avail_ovr0" 04-01 19:10:22.982 10272 2327 4980 E libc : Access denied finding property "persist.dbg.volte_avail_ovr0" Bug: 183935382 Bug: 184858478 Test: verified with the forrest ROM and error log goneFix Change-Id: I0754c6be7f74ed73533e9570c7d1916320ab2897	2021-05-06 09:04:03 +00:00
TreeHugger Robot	89e2f50371	Merge "HardwareInfo: Add sepolicy for display" into sc-dev am: `6978eeaea4` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13824666 Change-Id: Id3e71b7c4c9b920ec277716861ec6a9b2e6b12a4	2021-05-06 06:12:55 +00:00
TreeHugger Robot	6978eeaea4	Merge "HardwareInfo: Add sepolicy for display" into sc-dev	2021-05-06 06:03:18 +00:00
TreeHugger Robot	eca11f8843	Merge "wlc fwupdate implementation" into sc-dev am: `577f562727` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14063269 Change-Id: I0ab5c9fb9f10820fda8bfd7e9e4fefc2f36e423a	2021-05-06 05:57:17 +00:00
TreeHugger Robot	577f562727	Merge "wlc fwupdate implementation" into sc-dev	2021-05-06 05:41:01 +00:00
SalmaxChang	747868bae7	logger_app: Fix avc errors am: `ab97657410` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439439 Change-Id: I359355128d4569832e88bf1f188275610c6c3dd6	2021-05-06 04:14:44 +00:00
SalmaxChang	ab97657410	logger_app: Fix avc errors avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=141 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger Access denied finding property "viewroot.profile_rendering" Access denied finding property "ro.input.resampling" Access denied finding property "persist.input.velocitytracker.strategy" avc: denied { read } for comm="oid.pixellogger" name="u:object_r:usb_control_prop:s0" dev="tmpfs" ino=281 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:usb_control_prop:s0 tclass=file permissive=0 app=com.android.pixellogger Bug: 186612284 Change-Id: I15f00d9ed3cc0c0657c854292caad60e3f7a3011	2021-05-06 03:57:01 +00:00
Jack Wu	41284f3e10	sepolicy: gs101: Fix hal_health_default avc denials am: `2c1ecf3a54` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439451 Change-Id: I65455bb121c39aafc58a087645aecbed71505ecd	2021-05-05 22:14:02 +00:00
Jack Wu	2c1ecf3a54	sepolicy: gs101: Fix hal_health_default avc denials 01-01 12:00:08.752 1000 682 682 I android.hardwar: type=1400 audit(0.0:3): avc: denied { read } for name="type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 01-01 12:00:08.752 1000 682 682 I android.hardwar: type=1400 audit(0.0:4): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 01-01 12:00:08.752 1000 682 682 I android.hardwar: type=1400 audit(0.0:5): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 Bug: 184429394 Test: Verify pass by checking device log are w/o above errors after Signed-off-by: Jack Wu <wjack@google.com> Change-Id: If1253c902af1723ca80d31223f51ebf439404527	2021-05-06 00:26:14 +08:00
Alex Hong	ad3113cee8	Merge "sepolicy: Update dumpstate HAL to V1.1" into sc-dev am: `be17ec14cc` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14424440 Change-Id: I449c5e89858a5365961c82c4ac8a8a87c9de9438	2021-05-05 06:30:00 +00:00
Alex Hong	be17ec14cc	Merge "sepolicy: Update dumpstate HAL to V1.1" into sc-dev	2021-05-05 06:09:11 +00:00
Tri Vo	1dac39e833	trusty: sepolicy for metrics reporter Bug: 173423860 Test: m Change-Id: I42d646c6c9453662e670e7c22712f2bde2368bba	2021-05-05 05:38:34 +00:00
TreeHugger Robot	02d5ccc76d	Merge "add sepolicy for dump TRICKLE/TEMP/DWELL defend config" into sc-dev am: `6978cd7220` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14419455 Change-Id: If12d03a3aefbfa5380f57a271fe759de61ad54ea	2021-05-05 03:21:58 +00:00
TreeHugger Robot	6978cd7220	Merge "add sepolicy for dump TRICKLE/TEMP/DWELL defend config" into sc-dev	2021-05-05 02:55:28 +00:00
qinyiyan	e86759fd5f	[SEPolicy] Allow EdgeTPU related service to log to stats service am: `9eeae92ade` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14431799 Change-Id: Ib6975baa6dc546550f6c7b3b0ed980a2b9c49017	2021-05-05 02:26:56 +00:00
qinyiyan	9eeae92ade	[SEPolicy] Allow EdgeTPU related service to log to stats service We are collecting Suez metrics from TPU related services. This includes NNAPI HAL, edgetput logging service, and edgetpu service. This change allows them all to find stats_service. Bug: 151063663 Test: Pushed selinx module to device and successfully logged Stats service. Change-Id: I80774485ae7c2a5f994d48a71b6406fac753a9f8	2021-05-04 17:08:56 -07:00
Chris Kuiper	1befba6214	Merge "sepolicy: gs101: allow usf_reg_edit to run" into sc-dev am: `d0d0304443` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14415568 Change-Id: I8f10abf38be234dd6fab6d632a157c7624115579	2021-05-04 22:54:39 +00:00
Chris Kuiper	d0d0304443	Merge "sepolicy: gs101: allow usf_reg_edit to run" into sc-dev	2021-05-04 22:33:57 +00:00
Yu-Chi Cheng	51bb36a753	Merge "Added the SELinux rule for the EdgeTPU vendor service." into sc-dev am: `7eef8643a3` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14299125 Change-Id: I70e2180befe6e6371d01d1f45ed92bb1e0318381	2021-05-04 20:09:17 +00:00
Yu-Chi Cheng	7eef8643a3	Merge "Added the SELinux rule for the EdgeTPU vendor service." into sc-dev	2021-05-04 19:39:32 +00:00
Yu-Chi Cheng	b844190a34	Added the SELinux rule for the EdgeTPU vendor service. To comply with the GSI compliance test, this change splits the compiler part of the edgetpu_service into a separate edgetpu_vendor_service under vendor. The edgetpu_service locates under /system_ext/ and used to be connected by both applications and vendor clients. With this change, vendor clients could talk to the vendor part of this service directly without having to cross the system and vendor boundary. Applications will still talk to the system_ext one, which will forward the requests to the vendor service. Bug: 185432427 Test: tested on Oriole + GCA. Change-Id: I1ee47946f1fc3694d5f8b5325c192d6bd720a76e	2021-05-04 10:36:21 -07:00
Alex Hong	ea5b597e3d	sepolicy: Update dumpstate HAL to V1.1 Test: $ make selinux_policy Check the label after boot completed Bug: 186539439 Change-Id: I6690e2bc485aceb53dc607b8a7656a4f57edf70e	2021-05-04 17:11:07 +08:00
Jenny Ho	f5b47095be	add sepolicy for dump TRICKLE/TEMP/DWELL defend config type=1400 audit(0.0:12): avc: denied { read } for name="google,charger" dev="sysfs" ino=25880 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0 Bug: 186872139 Signed-off-by: Jenny Ho <hsiufangho@google.com> Change-Id: Id8868d2b12408d4a39ba42c8b0faf801923f73f3	2021-05-04 15:24:38 +08:00
Daniel Mentz	c4428736aa	Merge "Remove /vendor/lib/modules from file_contexts" into sc-dev am: `48e3555770` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14416770 Change-Id: I2e45bde537960b09ee7e4f635e081bae95a895ec	2021-05-04 04:47:16 +00:00
Daniel Mentz	48e3555770	Merge "Remove /vendor/lib/modules from file_contexts" into sc-dev	2021-05-04 04:28:49 +00:00

1 2 3 4 5 ...

700 commits