Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2415 commits 1 branch 0 tags 494 MiB
Commit graph

825 commits

Author SHA1 Message Date
Ted Lin
951ce82739 Using dontaudit to fix the avc on boot test 
avc: denied { search } for comm="kworker/6:2" name="google_battery" dev="debugfs" ino=32648 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_battery_debugfs:s0 tclass=dir permissive=1

Bug:200739262
Test: Check bugreport
Change-Id: I50a96bab88f564fef0eda9a23bb77dc6ffed357f
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-09-28 03:21:38 +00:00
TreeHugger Robot
b608691d92 Merge "Add Context Hub AIDL to gs101 sepolicy" 2021-09-23 17:14:54 +00:00
Arthur Ishiguro
2bc80fd0e7 Add Context Hub AIDL to gs101 sepolicy 
Bug: 194285834
Test: None
Change-Id: I8f9ef02c51d3f06bbfa94e9ce006cd2a0ee59c73
 2021-09-23 08:16:01 -07:00
Erik Staats
2f3c410332 Revert "Allow the sensor HAL to access dynamic sensor properties." am: aef1a206a7 am: f66955e015 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15886140

Change-Id: I9ff54bc3528ad381e8b871f8fccdf1579e4dac43
 2021-09-22 18:28:17 +00:00
Erik Staats
f66955e015 Revert "Allow the sensor HAL to access dynamic sensor properties." am: aef1a206a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15886140

Change-Id: I8fa160db43cbe237c73cb103e6e212e1aa0df7a0
 2021-09-22 18:11:29 +00:00
Erik Staats
aef1a206a7 Revert "Allow the sensor HAL to access dynamic sensor properties." 
Revert "dynamic_sensor: Add sensor manager init to sub-HAL 2.1."

Revert submission 15874906-bug_195964858.2

Reason for revert: b/200815351
Reverted Changes:
I76a60f7fb:Allow the sensor HAL to access dynamic sensor prop...
I5d587dc46:dynamic_sensor: Add sensor manager init to sub-HAL...

Change-Id: Ib29649b058ec6f329958e1dfcba0c2e35ea79306
 2021-09-22 17:53:58 +00:00
Erik Staats
0489fa3d2a Allow the sensor HAL to access dynamic sensor properties. am: fba4a09331 am: 9cadbdc347 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15874927

Change-Id: I252e8f01842ba5929dba7d8465140170e2a3f177
 2021-09-22 12:58:02 +00:00
Erik Staats
9cadbdc347 Allow the sensor HAL to access dynamic sensor properties. am: fba4a09331 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15874927

Change-Id: I9022c4d8e270af3a0d369692a6996dd046c732c4
 2021-09-22 12:40:34 +00:00
Erik Staats
fba4a09331 Allow the sensor HAL to access dynamic sensor properties. 
Bug: 195964858
Test: Verified dynamic sensor manager is present in sensor list and that
 no SELinux violations occur.
Test: See details in testing done comment in
 https://googleplex-android-review.git.corp.google.com/15874927 .
Change-Id: I76a60f7fbd113059156ccaea2c4f98580cb0836a
 2021-09-20 16:53:16 -07:00
TreeHugger Robot
3b65e6f197 Merge "Split bluetooth sepolicy file to avoid conflict" 2021-09-17 08:46:42 +00:00
Adam Shih
22ed933f97 label extcon files 
Bug: 199987074
Test: boot with no relevant errors
Change-Id: Idd26d8675c332043b1066e3eba1706527254eb03
 2021-09-16 10:02:11 +08:00
Patty
9795c12e8f Split bluetooth sepolicy file to avoid conflict 
- Move bluetooth related config to bluetooth folder

Bug: 196308076
Test: make; boot with service btlinux started
Change-Id: I8d40697f20a916fc154f0b60851abecd1deadc0d
 2021-09-15 10:50:39 +08:00
Jonglin Lee
af3a79ed68 Merge "Revert "Move twoshay definitions to hardware/google/pixel-sepoli..."" 2021-09-10 21:31:23 +00:00
Jonglin Lee
7254de258a Revert "Move twoshay definitions to hardware/google/pixel-sepoli..." 
Revert "Move twoshay definitions to hardware/google/pixel-sepoli..."

Revert "Move twoshay definitions to hardware/google/pixel-sepoli..."

Revert "Move twoshay definitions to hardware/google/pixel-sepoli..."

Revert "Move sepolicy for _touchflow targets."

Revert submission 15676823-reflector-sepolicy

Reason for revert: breaking several builds in git_master-without-vendor
Reverted Changes:
Ifecfc81f0:Move twoshay definitions to hardware/google/pixel-...
Idfd81131c:Move twoshay definitions to hardware/google/pixel-...
Id2b0e1db3:Move twoshay definitions to hardware/google/pixel-...
I43ac6337f:Move twoshay definitions to hardware/google/pixel-...
If95e6e788:Move twoshay definitions to hardware/google/pixel-...
I07ab95780:Move sepolicy for _touchflow targets.
I01f378b51:Move sepolicy for _touchflow targets.

Bug: 199548147
Change-Id: I84f106c24bd47fd171788301415c0eabafe9254f
 2021-09-10 21:23:57 +00:00
Philip Quinn
5c58949ac6 Merge "Move twoshay definitions to hardware/google/pixel-sepolicy/input." 2021-09-10 17:15:05 +00:00
Adam Shih
778f7da931 label Extcon files 
Bug: 199218084
Test: Boot with target files labeled correctly
Change-Id: I7d8c4ecb23a5717e2265cfd66b161fb46717615f
 2021-09-09 13:05:36 +08:00
Philip Quinn
d1dd6bac2a Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on r4
Change-Id: Id2b0e1db3e1cb9ddf579ea7ed74493464d13fc84
 2021-09-08 13:22:24 -07:00
Adam Shih
82db60c2d4 remove obsolete devices 
Bug: 196916111
Test: No file on the path
Change-Id: If8e54bd161bc955424b40023d94f15bf6b82cc8f
 2021-09-08 13:15:44 +08:00
Mark Chang
0782cab4f0 Merge "sepolicy: Add "dontaudit" for twoshay dac_override." 2021-09-08 01:28:34 +00:00
Jenny Ho
7d27682911 sepolicy: add rule for new debug file node am: 17e518038e am: ee73f40872 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15756806

Change-Id: Ie03501a815a501184142af5f8dd0e4aa1df97729
 2021-09-07 14:33:01 +00:00
Jenny Ho
ee73f40872 sepolicy: add rule for new debug file node am: 17e518038e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15756806

Change-Id: Ie913098b9b31e3c042abe13672fddc726cf4aef0
 2021-09-07 14:21:17 +00:00
Mark Chang
8a5863ab6d sepolicy: Add "dontaudit" for twoshay dac_override. 
Bug: 198755236
Test: build pass and boot to home
Signed-off-by: Mark Chang <changmark@google.com>
Change-Id: I5c330564cc026e113c5d33d5d093dbcdb3ede5e4
(cherry picked from commit a1aab562ca)
 2021-09-06 13:08:59 +00:00
Jenny Ho
17e518038e sepolicy: add rule for new debug file node 
W dumpstate@1.1-s: type=1400 audit(0.0:7): avc: denied { read } for name="logbuffer_maxfg_monitor" dev="tmpfs" ino=500 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0

Bug: 196755019
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: I0ddf68d5e15fe8d77d8d61287f65621c14024f46
 2021-09-06 06:21:34 +00:00
Roshan Pius
9c96111094 gs101-sepolicy: Rename hal_uwb -> hal_uwb_vendor 
Since we are now creating an AOSP HAL for uwb. Rename qorvo's internal
HAL to hal_uwb_vendor to avoid conflicts with the AOSP HAL sepolicy
rules.

Bug: 195308730
Test: Compiles
Change-Id: Ief48eacde68b062b2199b20c0c1bb3af23795240
Merged-In: Ief48eacde68b062b2199b20c0c1bb3af23795240
 2021-08-26 20:02:20 +00:00
Victor Liu
e877511429 uwb: permissions for factory uwb calibration file am: 29aa981623 am: 5dfabe8acf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15616315

Change-Id: I35c0484a84695969e5f1f3e7cf2e8c7c06b4df3e
 2021-08-25 23:41:44 +00:00
Victor Liu
7a06a7a434 uwb: permissions for factory uwb calibration file am: 29aa981623 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15616315

Change-Id: I9755128c2a7a1039cb3b1c5a2e3913a0965540d9
 2021-08-25 23:29:50 +00:00
Victor Liu
29aa981623 uwb: permissions for factory uwb calibration file 
add permission to:
copy factory uwb calib files from persist to /data/vendor/uwb
convert copied file to proper format for uwb stack to consume

Bug: 195659525
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I3e5282477fd391b483e03242ce0b806bd447dc54
Merged-In: I3e5282477fd391b483e03242ce0b806bd447dc54
 2021-08-25 19:14:10 +00:00
Victor Liu
8383d9e13f uwb: permissions for factory uwb calibration file 
add permission to:
copy factory uwb calib files from persist to /data/vendor/uwb
convert copied file to proper format for uwb stack to consume

Bug: 195659525
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I3e5282477fd391b483e03242ce0b806bd447dc54
 2021-08-25 19:12:44 +00:00
Roshan Pius
515c17c4e3 gs101-sepolicy: Rename hal_uwb -> hal_uwb_vendor 
Since we are now creating an AOSP HAL for uwb. Rename qorvo's internal
HAL to hal_uwb_vendor to avoid conflicts with the AOSP HAL sepolicy
rules.

Bug: 195308730
Test: Compiles
Change-Id: Ief48eacde68b062b2199b20c0c1bb3af23795240
 2021-08-23 09:03:06 -07:00
David Chen
462d4b1bcd resolve merge conflicts of c0922582bc to sc-v2-dev 
Bug: 197164878

Change-Id: Ibc7ea7ffe9c30912c8e12d081a6b110f8e73f29f
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-19 02:25:56 +00:00
David Chen
28cd716faa resolve merge conflicts of 945de94222 to sc-v2-dev-plus-aosp 
Bug: 197166084

Change-Id: I4b8b2d99db133be4c96853f072e3b10dbac39b92
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-19 02:25:12 +00:00
Horng Chuang
b43621dd40 Merge "sepolicy: gs101: Grant permission for more camera device nodes" 2021-08-18 06:16:25 +00:00
davidycchen
c0922582bc Allow twoshay to access fwk_stats_service and system_server 
avc:  denied  { find } for pid=813 uid=0
name=android.frameworks.stats.IStats/default scontext=u:r:twoshay:s0
tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager

avc: denied { call } for scontext=u:r:twoshay:s0
tcontext=u:r:system_server:s0 tclass=binder

Bug: 179334953
Test: Make selinux_policy and push related files to the device.

Signed-off-by: davidycchen <davidycchen@google.com>
Change-Id: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-18 09:47:01 +08:00
Bart Van Assche
eeccb9bc7a Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 am: ea25044059 am: 07751567ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: Ifac56b5f8a8e14ca55419e3009771644c3041df2
 2021-08-18 01:32:55 +00:00
Bart Van Assche
07751567ad Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 am: ea25044059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I5d46eab501e1ce290570a69dde5450813eff0bf0
 2021-08-18 01:20:15 +00:00
Bart Van Assche
7513cd7ad6 Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: Iedf50eb9fc1c205eb584c4c53ad7de45c06b695d
 2021-08-18 00:56:43 +00:00
Bart Van Assche
239bcceb78 Add the 'bdev_type' attribute to all block device types am: 37b5741301 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I19d709e960fe8ccf066bdbd20dc6817ee20e55d0
 2021-08-18 00:34:10 +00:00
Bart Van Assche
37b5741301 Add the 'bdev_type' attribute to all block device types 
The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9

The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947

The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.

Bug: 194450129
Bug: 196982345
Test: Built Android images that include this change and verified that neither init nor apexd triggers any SELinux access denied errors.
Change-Id: I6ce1127f199c5b33812f15fe280d86594d7d7ebf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-08-17 15:23:23 -07:00
Jack Wu
941a3bcd44 sepolicy: gs101: allows dock power supply permission 
Bug: 196017001
Test: can dump dock power supply in dumpstate
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Ie2781da77da0f181665974c335998a6dcb0e8ad2
 2021-08-17 03:48:48 +00:00
Edmond Chung
25ccfad161 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: d5f9036c8e am: 9bde9324fe am: ff5c485ddc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I0f9314f34e796e55e0adc47779f5e342ca6b3b84
 2021-08-16 23:37:27 +00:00
Edmond Chung
ff5c485ddc Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: d5f9036c8e am: 9bde9324fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I90884f92df1e42fa5b60ad47e914ed1460b40c04
 2021-08-16 22:44:58 +00:00
Edmond Chung
36f756e44b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Id66f403466d50ea3beb4663cc137e551a92e16f3
 2021-08-16 22:32:00 +00:00
Edmond Chung
9bde9324fe Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: d5f9036c8e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Ib347e1a8fbee1822542adf48a03f92dbdac3a302
 2021-08-16 22:31:40 +00:00
Edmond Chung
c45a1b5828 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I97f8f143230d13f64b34ee11c7a46cfcc5f2f3f9
 2021-08-16 22:17:00 +00:00
Edmond Chung
7e581b9a7b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev 2021-08-16 22:01:46 +00:00
Edmond Chung
6b30dbc54c gs101: Allow camera HAL to access interrupt handles 
This is to allow camera HAL to modify IRQ affinity for different use
cases.

Bug: 196058977
Test: Camera use cases
Change-Id: I498b0ac763b735d05299e1f4b09de14e131fd6e3
 2021-08-16 10:52:27 -07:00
Rick Yiu
63a624e811 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 7b8fe23d74 am: fa5d13d6e1 am: 7b0fa572c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I985dde431db9fa2f03f6036c139c6a653f3fe755
 2021-08-16 14:40:25 +00:00
Rick Yiu
7b0fa572c3 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 7b8fe23d74 am: fa5d13d6e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: Ia05c12145187f2500010827b6e28ce5b56039511
 2021-08-16 14:25:57 +00:00
Rick Yiu
9c7ca5fdd3 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I59e7baee2e2c5a80d53b5a6f5c8712a2b09a36d3
 2021-08-16 14:11:45 +00:00
Rick Yiu
fa5d13d6e1 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 7b8fe23d74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I2837b12374957c35725af2f4aed49ada200810ff
 2021-08-16 14:11:31 +00:00