Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4606 commits 1 branch 0 tags 494 MiB
Commit graph

1553 commits

Author SHA1 Message Date
Kiyoung Kim
e2aaff8d5e Move file context on vendor libdmabufheap to system/sepolicy 
libdmabufheap is former VNDK-SP library, and will be marked as sp-hal
sepolicy label by default. Current definition on gs-101 creates conflict
with generic sepolicy update. This change removes label on libdmabufheap
from gs101 and move it to generic sepolicy.

Bug: 291673098
Test: N/A
Change-Id: Ida23dc71e9794aa86e8b50ed927dc6b5fa57ea91
 2023-07-20 09:53:15 +09:00
Utku Utkan
19e79acba9 Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" am: e10372e111 am: 2c9f86f98e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/24124265

Change-Id: I60fc2bc79bf2f4785e2f4b45ef78e8b85b1a5a03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 19:58:33 +00:00
Utku Utkan
e10372e111 Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Reason for revert: Relanding the original topic after copying the certificates under `device/google` for `without-vendor` branches

Reverted changes: /q/submissionid:24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Bug: 287069860
Test: m && flashall
Change-Id: Icf52453dc2a0a4d60958b8fe76509f385ac6fae2
 2023-07-18 22:16:25 -07:00
Inseob Kim
cdfcf7c0c2 Revert "Introduce CameraServices seinfo tag for PixelCameraServices" am: 722322664c am: 255748199d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/24122568

Change-Id: I28619e3f7896dbbfd48724f0efaa80c62f7bda2e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 03:33:46 +00:00
Inseob Kim
722322664c Revert "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24056607-pixel-camera-services-extensions-sepolicy

Reason for revert: build breakage on git_main-without-vendor

Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy

Change-Id: I0654c7c4ef296b4594db86cc8af5a73627e2b7d7
 2023-07-19 01:15:33 +00:00
Utku Utkan
cbf99979a0 Introduce CameraServices seinfo tag for PixelCameraServices am: 3c8d114e48 am: 21564d9f28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/24030377

Change-Id: Id38be1e34f19a6e72e03881fcccf1391e8a1fbb7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 22:35:36 +00:00
Utku Utkan
3c8d114e48 Introduce CameraServices seinfo tag for PixelCameraServices 
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I9e9d3914499550d9e9b6c8ea7c4a7cabd9e9a5dd
 2023-07-18 12:18:34 -07:00
Samuel Huang
04b78383f6 Merge "Create telephony.ril.silent_reset system_ext property for RILD restart" into udc-qpr-dev am: 78be291b79 am: 54b7ae985b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/23840685

Change-Id: I351bbd752bdabd6a95f65d4e1b5b546105e5a9ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-07 03:10:43 +00:00
Samuel Huang
78be291b79 Merge "Create telephony.ril.silent_reset system_ext property for RILD restart" into udc-qpr-dev 2023-07-07 01:45:24 +00:00
Patty Huang
386ab800d3 Allow bthal to access vendor bluetooth folder am: 73a74266f9 am: eb01b5cc30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/23869830

Change-Id: If791ae856fd5bb2632838117fb840977aaba0d7f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 07:28:36 +00:00
Patty Huang
73a74266f9 Allow bthal to access vendor bluetooth folder 
Bug: 289055382
Test: enable vendor debug log and check the vendor snoop log contain the
vendor log

Change-Id: I25d7080f89ef1ca5836315097eab3c2916c9f4c0
 2023-07-03 12:28:00 +08:00
Samuel Huang
68893eb7e3 Create telephony.ril.silent_reset system_ext property for RILD restart 
RILD listens for changes to this property. If the value changes to 1,
RILD will restart itself and set this property back to 0.

The TelephonyGoogle app will set this property to 1 when it receives a
request from the SCONE app. Since TelephonyGoogle runs in the
com.android.phone process, we also need to give the radio domain
permission to set the telephony.ril.silent_reset property.

Bug: 286476107
Test: manual
Change-Id: I9f41aab747c075dd3a20d66f011e10ffee5a7608
 2023-06-29 01:47:32 +00:00
Yen-Chao Chem
f2d94bd977 Remove sysfs_spi 
Remove sysfs_spi because it's already defined in gs-common.

Bug: 288814327
Test: trigger bugreport.

Change-Id: Ibbe418bfc6091b82ac0569e02f6825a6c139d5b6
Signed-off-by: Yen-Chao Chem <davidycchen@google.com>
 2023-06-26 16:26:12 +08:00
Jenny Ho
03c6806df9 Add permissions for read maxfg debugfs 
Bug: 286001476
Change-Id: I787a8af17963c612dbbb9172fc539172f6633ca2
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-06-06 16:32:12 +08:00
Donnie Pollitz
7a95093a60 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-dev 2023-05-26 07:17:41 +00:00
TreeHugger Robot
1518744c74 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-dev 2023-05-25 05:28:46 +00:00
Donnie Pollitz
59c1582928 Allow vendor_init to fix permissions of TEE data file 
Background:
* vendor_init needs to be able to possibly fix ownership of
  tee_data_file

Bug: 280325952
Test: Changed permissions and confirmed user transitions
Change-Id: I26aaf70548a3ad132e5d0da2c10a2753a0954ffc
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-05-24 16:51:22 +02:00
Jin Jeong
ec56e377c5 Merge changes from topic "esim_prop" into udc-dev 
* changes:
  Revert "Fix SELinux error for com.google.android.euicc"
  Revert "Fix LPA crash due to selinux denial"
 2023-05-24 01:07:11 +00:00
allieliu
16e12a6cf1 vendor_init: add esim_prop 
Bug: 279988311

Change-Id: I5f8759baff65073b758ce335772e72a383827d05
Signed-off-by: allieliu <allieliu@google.com>
 2023-05-17 05:47:01 +00:00
Jin Jeong
15e1832396 Revert "Fix SELinux error for com.google.android.euicc" 
Revert submission 22899490-euicc_selinux_fix

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Bug: 279988311
Reverted changes: /q/submissionid:22899490-euicc_selinux_fix

Change-Id: I72da756853a540d6251e074313b1880c9c9038e8
 2023-05-16 12:18:21 +00:00
Jin Jeong
d569008b77 Revert "Fix LPA crash due to selinux denial" 
Revert submission 22955599-euicc_selinux_fix2

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Bug: 279988311
Reverted changes: /q/submissionid:22955599-euicc_selinux_fix2

Change-Id: I6421319ba280fb11d05f2e107754449e54e5afa4
 2023-05-16 01:05:47 +00:00
allieliu
a1f81bef7a vendor_init: add esim_modem_prop 
Bug: 279988311

Change-Id: I5f8759baff65073b758ce335772e72a383827d05
Signed-off-by: allieliu <allieliu@google.com>
 2023-05-16 00:58:49 +00:00
sashwinbalaji
38640e48dd thermal: thermal_metrics: Update selinux to reset stats 
Bug: 193833982
Test: Local build and verify statsD logs
adb shell cmd stats print-logs && adb logcat -b all | grep -i 105045
Change-Id: I79710aa05ff52caf9d08f21fa7a36c46a1b2a3d9
 2023-05-08 05:15:49 +00:00
Jinyoung Jeong
d3a0214801 Fix LPA crash due to selinux denial 
Bug: 280336861
Test: No crash found during LPA basic tests: download eSIM,
enable/disalbe eSIM.

Change-Id: I15227415993ef3975e183f500711416f8eb8e62c
 2023-05-02 11:02:39 +00:00
TreeHugger Robot
eccb905391 Merge "[TSV2] Remove tcpdump sepolicy from gs101 and move sepolicy to gs-common" into udc-dev 2023-05-02 03:16:03 +00:00
Jin Jeong
5b3b2c2b1c Merge "Fix SELinux error for com.google.android.euicc" into udc-dev 2023-04-30 02:51:46 +00:00
martinwu
3785b0d271 [TSV2] Remove tcpdump sepolicy from gs101 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: Iea67de1e645592c6993a3ee6f2ca8e6bf3c6c949
Merged-In: Iea67de1e645592c6993a3ee6f2ca8e6bf3c6c949
 2023-04-29 13:03:01 +00:00
Jinyoung Jeong
42a0c82065 Fix SELinux error for com.google.android.euicc 
bug: 279548423
Test: http://fusion2/bb76429b-7d84-4e14-b127-8458abb3e2ed
Change-Id: I00bdf71f04eec985147189eb1b474c7ff6797023
 2023-04-28 13:39:35 +00:00
Bruno BELANYI
88f5acac54 Merge changes from topic "hal_neuralnetworks_armnn-selinux-exceptions - udc" into udc-dev 
* changes:
  Remove 'hal_neuralnetworks_armnn' '/data' access exception
  Remove 'hal_neuralnetworks_armnn' sysprop exceptions
  Add ArmNN config sysprops SELinux rules
 2023-04-27 08:06:48 +00:00
Martin Wu
e30ee618d6 Revert "Remove tcpdump sepolicy from gs101 and move sepolicy to ..." 
Revert submission 22814097-Fix-tcpdump-sepolicy

Reason for revert: build break

Reverted changes: /q/submissionid:22814097-Fix-tcpdump-sepolicy

Change-Id: I3d47d22250b435416c4ca44ff1956569662591ee
 2023-04-27 02:20:55 +00:00
martinwu
6be45972bb Remove tcpdump sepolicy from gs101 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I3d0cb388cf9b7c96d2856f46c0440b4017477480
 2023-04-27 01:38:04 +00:00
Bruno BELANYI
a668555419 Add ArmNN config sysprops SELinux rules 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:0f99f3e63450befc661d38827e9afc853ca9257a)
Merged-In: I70c89dcc4b2bbe665d69cc4be1ac2f6cf8155a10
Change-Id: I70c89dcc4b2bbe665d69cc4be1ac2f6cf8155a10
 2023-04-26 08:12:54 +00:00
Joseph Jang
ac6f4e0d00 Move recovery.te to device/google/gs-common/dauntless/sepolicy 
Bug: 279381809
Change-Id: If41449f97e729053caa98930cc7f2ef9fd6d844e
 2023-04-24 08:09:23 +00:00
jimsun
26e3d2abd0 rild: allow rild to ptrace 
06-20 18:47:41.940000  8708  8708 I auditd  : type=1400 audit(0.0:7): avc: denied { ptrace } for comm="libmemunreachab" scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0
06-20 18:47:41.940000  8708  8708 W libmemunreachab: type=1400 audit(0.0:7): avc: denied { ptrace } for scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0

Bug: 263757077
Test: manual
Change-Id: I35ad31e6cc4e2942c671e51720f28a9abce3dcca
 2023-04-18 07:48:32 +00:00
Bruno BELANYI
bf8675143b Merge "Use restricted vendor property for ARM runtime options" into udc-dev 2023-04-17 10:59:23 +00:00
Xin Li
82232b6423 Merge TQ2A.230405.003 
Bug: 271343657
Merged-In: I8c265919f7ae4b18aa304b0a584536d2a0f4b27a
Change-Id: I61dd94e23d10e5405135626487ddadddb1f89f9f
 2023-04-10 23:55:29 -07:00
Adam Shih
240c435174 use dumpsate from gs-common 
Bug: 273380985
Test: adb bugreport
Change-Id: I9092e2e004e3ad0b3667b948ed4d633cd50d088c
 2023-04-07 13:02:21 +08:00
Victor Liu
d87df92740 Merge "uwb: add permission for ccc ranging" into udc-dev 2023-04-06 20:57:49 +00:00
feiyuchen
391f954d5d Allow camera HAL to access edgetpu_app_service in gs101 
We are seeing SELinux error b/276911450. It turns out that I only added the SE policy for 2023 device ag/22248613, but I forgot to add it for gs101 and gs201. So I created this CL.

See more background in ag/22248613.

Test: For gs201, I tested on my Pixel7 and I saw no more error. For gs101, I just did mm.
Bug: 275016466
Bug: 276911450
Change-Id: I3d691128daa2d7115f80c378f7b42de334cd8ed5
 2023-04-04 21:32:36 +00:00
Bruno BELANYI
7838603828 Use restricted vendor property for ARM runtime options 
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I963fb55fb92ef5f91426dbec913c901e58cacf64
 2023-04-04 13:04:00 +00:00
Victor Liu
a55bb8682c uwb: add permission for ccc ranging 
Bug: 255649425
Change-Id: I05aac586146bf25569b5f6251d2fd62b921631be
 2023-03-31 14:04:13 -07:00
Adam Shih
7cc3817f71 Move power dump text section out of hal_dumpstate_default 
Bug: 273380985
Test: adb bugreport
Change-Id: I77b59ea719055972429b2b8a1349e52e0e1fe395
 2023-03-28 15:03:22 +08:00
Adam Shih
5bfe1bdd6d Move camera text dump to dump_gs101 
Bug: 273380985
Test: adb bugreport
Change-Id: Iba138e608885a1215515ec8cc5f5e997dfcfcf3f
 2023-03-27 10:37:02 +08:00
Adam Shih
e7ea94d8e1 Move cma dump to itself 
Bug: 273380985
Test: adb bugreport
Change-Id: I40ecb631c7fbbea216f5c56857b92152c997e466
 2023-03-24 13:56:31 +08:00
KRIS CHEN
2f8f23232a Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev 2023-03-24 02:06:37 +00:00
Kris Chen
d678ee3226 Allow fingerprint hal to read sysfs_leds 
Fix the following avc denials:
avc: denied { search } for name="backlight" dev="sysfs" ino=79316
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=dir permissive=1

avc: denied { read } for name="state" dev="sysfs" ino=79365
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=file permissive=1

Bug: 271072126
Test: Authenticate fingerprint.
Change-Id: I67f5502bc7b4b1d6e14cf493f1bc6575980bcd0d
 2023-03-21 12:19:07 +00:00
Jörg Wagner
cb6bad65e7 Update Mali DDK to r40 : Additional SELinux settings 
Expose DDK's dynamic configuration options through the Android Sysprop
interface, following recommendations from Arm's Android Integration
Manual.

Bug: 261718474

(cherry picked from commit 74d31a1568)
Merged-In: I5c69a8bafe3a4c738c124facb1f437ec721cc3ea
Change-Id: I7e6734cb79b38898eb65a0194b37381a1367fc36
 2023-03-21 10:31:51 +00:00
Adam Shih
4d9aa0b28f use devfreq dump from gs-common 
Bug: 273380985
Test: adb bugreport
Change-Id: I0ea6767fd7640c2ee1be66f659f94c15cb4766cd
 2023-03-21 12:41:23 +08:00
Jasmine Cha
3b3aa9e921 Merge "audio: move sepolicy about audio to gs-common" into udc-dev 2023-03-10 02:06:05 +00:00
Jasmine Cha
b263562360 audio: move sepolicy about audio to gs-common 
Bug: 259161622
Test: build pass and check with audio ext hidl/aidl

Change-Id: Ie1499be82e405c2ddf4cd1a62ee7ff2823befd8e
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-09 10:10:18 +08:00