Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2572 commits 1 branch 0 tags 494 MiB
Commit graph

2572 commits

This branch
This branch
All branches
Author SHA1 Message Date
Adam Shih
5c28519e40 move bluetooth related types to bluetooth 
Bug: 202790744
Test: boot with bluetooth hal started
Change-Id: I615d4b13262af2bc2c044914e595a7c2085999d2
 2021-10-18 11:43:15 +08:00
Bart Van Assche
3a1c10bb76 Stop using the bdev_type and sysfs_block_type SELinux attributes 
Stop using these attributes since these will be removed soon. This
commit reverts 37b5741301 ("Add the 'bdev_type' attribute to all block
device types").

Bug: 202520796
Test: Untested.
Change-Id: I00f10d1fd164b6ca01ecd5cffd2012acfc05eeca
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-10-15 14:20:18 -07:00
qinyiyan
6e818988b6 Allow the NNAPI HAL to access edgetpu_app_service. 
10-12 14:40:11.528   759   759 W Binder:759_1: type=1400 audit(0.0:23): avc: denied { call } for scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:r:edgetpu_app_server:s0 tclass=binder permissive=0

10-12 18:17:04.678   440   440 E SELinux : avc:  denied  { find } for pid=753 uid=1000 name=com.google.edgetpu.IEdgeTpuAppService/default scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:object_r:edgetpu_app_service:s0 tclass=service_manager permissive=0

Test: rebuilt the selinux_policy. The AVC denials don't show up.
Bug: 196697793
Change-Id: If43f7411a3324f65323ea004e34878f070d9ebeb
 2021-10-12 22:21:52 +00:00
Adam Shih
86d9e3657c Merge "reorganize pixelstats_vendor" 2021-10-12 01:37:36 +00:00
Alfred Lin
7c95e95cda [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: f545ab60c3 am: 0da6568bbf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: I66d01731f652da14477f0b2fd85125d961e5936b
 2021-10-08 14:37:21 +00:00
Alfred Lin
0bbfc93655 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: 7bfec1ad53 am: 48aa625c44 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: I34ccadb4c65dd72b4b7826d66135c0003259b572
 2021-10-08 14:37:14 +00:00
Alfred Lin
0da6568bbf [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: f545ab60c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: Ia5eedb2532279e60ff4f557b3734624f50111632
 2021-10-08 14:05:14 +00:00
Alfred Lin
48aa625c44 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: 7bfec1ad53 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: Ifbea1ae180dfd3d58eac17ff792e5f81245ca301
 2021-10-08 14:04:27 +00:00
Alfred Lin
f545ab60c3 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: Ifb4b5b6f8eadd26d06a0e7980f05aa60e9d7cacb
 2021-10-08 13:33:29 +00:00
Alfred Lin
7bfec1ad53 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: I8f9932ad8885aaefde9548f87c6d2c6cc148cd4c
 2021-10-08 13:29:54 +00:00
Alfred Lin
24693cd264 [Display] Add SELinux policy for hal_graphics_composer_default 
Add SELinux policy for hal_graphics_composer_default to find persist_display_file

Bug: 202487234

Test: device boot will not find avc denied log as "avc: denied { search } for name="display" dev="sda1" ino=21 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:persist_display_file:s0 tclass=dir permissive=0"
Change-Id: I8fc386cb18397911404e1f2803601711e40edead
 2021-10-08 11:07:40 +00:00
David Brazdil
a03f3b1a50 Assign pkvm_enabler to vendor_misc_writer domain 
Builds of gs101 targets with pKVM force-enabled have an init service
which checks that /dev/kvm exists and if not, runs misc_writer to
instruct the bootloader to enable pKVM, and forces a reboot.

Assign the binary to the existing vendor_misc_writer domain and add
permission to execute the /vendor/bin/misc_writer binary. Since this is
for tests only, the rules are only added to targets that define
TARGET_PKVM_ENABLED.

Bug: 192819132
Test: flash a _pkvm build, observe double-reboot, check /dev/kvm exists
Change-Id: I5f9962e4cdd3ec267ab19ea4485e4e94a3ec15cd
 2021-10-08 09:34:22 +00:00
Adam Shih
17881f3a38 reorganize pixelstats_vendor 
Bug: 202462997
Test: boot with pixelstats_vendor started
Change-Id: I8582ac4e83720768ee7992d41bdac0798da892d9
 2021-10-08 11:06:49 +08:00
Adam Shih
7d5cf2a1bd Merge "centralize wifi_ext config" 2021-10-05 01:38:47 +00:00
Max Kogan
b99188ad46 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 584abcc50c am: 2d4e8d567f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I7b54dae9429168d29b1a4a3e2f9f390b69b8b3fe
 2021-10-04 18:59:23 +00:00
Max Kogan
61792ec645 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 49a05309af am: f2d985cc54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: Ib3f29fbb54a6af7ba033cbb756e34c6726caa6bb
 2021-10-04 18:57:11 +00:00
George Lee
e36b0e9e13 Merge "power_hal: add bcl file permission" into sc-qpr1-dev am: 9d3965da4f am: 0ab239e045 am: c56116c0d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15905927

Change-Id: Ie88ecaa0eebded9799143666377ea45aec7816d0
 2021-10-04 18:54:57 +00:00
Max Kogan
2d4e8d567f Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 584abcc50c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I2591a84a0e4efe529b7e0dda4c18e430f182f473
 2021-10-04 18:25:18 +00:00
Max Kogan
f2d985cc54 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 49a05309af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I5cc1bababdf50d88df5e511285783d52dd68f4c2
 2021-10-04 18:24:27 +00:00
Max Kogan
584abcc50c Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I72aaf0f773f9fd640a56a1b684cfea012efeabb8
 2021-10-04 18:15:20 +00:00
Max Kogan
49a05309af Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I71ca6648ff0305c5142047c75eeda8e7d41cb2b6
 2021-10-04 18:15:19 +00:00
Max Kogan
2a166c0eb5 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev 2021-10-04 18:04:01 +00:00
George Lee
ad5faa2933 Merge "power_hal: add bcl file permission" into sc-qpr1-dev am: 9d3965da4f am: 6613966d5d am: e0b6a83d6f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15905927

Change-Id: I8bd36e4c7dab55b0b4e7424112be29b6ef7ffdf1
 2021-10-04 17:37:12 +00:00
George Lee
c56116c0d8 Merge "power_hal: add bcl file permission" into sc-qpr1-dev am: 9d3965da4f am: 0ab239e045 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15905927

Change-Id: I8b8013d3162f8a5101f390350388b6c53410c686
 2021-10-04 17:21:48 +00:00
George Lee
e0b6a83d6f Merge "power_hal: add bcl file permission" into sc-qpr1-dev am: 9d3965da4f am: 6613966d5d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15905927

Change-Id: I26351c1346487603a89f80b612985481bfcf5b3b
 2021-10-04 17:21:05 +00:00
George Lee
0ab239e045 Merge "power_hal: add bcl file permission" into sc-qpr1-dev am: 9d3965da4f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15905927

Change-Id: Idf99714202d32825ff0b04843e1688e42cf6635a
 2021-10-04 17:11:49 +00:00
George Lee
6613966d5d Merge "power_hal: add bcl file permission" into sc-qpr1-dev am: 9d3965da4f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15905927

Change-Id: Ic3e85e9bb8b4ac9139b6c9606edcc3522da818ee
 2021-10-04 17:11:49 +00:00
George Lee
9d3965da4f Merge "power_hal: add bcl file permission" into sc-qpr1-dev 2021-10-04 16:54:14 +00:00
Philip Quinn
ac931238bf Merge "Move twoshay definitions to hardware/google/pixel-sepolicy/input." 2021-09-30 17:23:42 +00:00
Edwin Tung
cc981d9904 Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev am: 6c249e4a9f am: 0a91edb9b7 am: 0dec837b29 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15897560

Change-Id: I1ab433573fa2f0a6b46e730d66fa635e3a7de0e2
 2021-09-30 14:51:01 +00:00
Edwin Tung
ffe990fd82 Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev am: 6c249e4a9f am: 14719fc742 am: 2200881a2b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15897560

Change-Id: I627aac1ebcb4cab000b40aa9a5d5c715d9188e0d
 2021-09-30 14:50:55 +00:00
Edwin Tung
0dec837b29 Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev am: 6c249e4a9f am: 0a91edb9b7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15897560

Change-Id: I50c3aef7cc88b9ec6c5f09807f4c7e7f541e7876
 2021-09-30 14:37:10 +00:00
Edwin Tung
2200881a2b Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev am: 6c249e4a9f am: 14719fc742 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15897560

Change-Id: I1a32ed0832220518af95fdef054f7096ba718d8c
 2021-09-30 14:36:37 +00:00
Edwin Tung
0a91edb9b7 Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev am: 6c249e4a9f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15897560

Change-Id: If95d3e18d1da32b13246d0897d998935eb37c774
 2021-09-30 14:26:41 +00:00
Edwin Tung
14719fc742 Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev am: 6c249e4a9f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15897560

Change-Id: I327b8257a1c929c94a4adc02037488bdb547d642
 2021-09-30 14:26:41 +00:00
Edwin Tung
6c249e4a9f Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev 2021-09-30 14:11:49 +00:00
George Chang
8f3fb5c47f Update SecureElement Sepolicy 
Add rules for sysfs_st33spi
Separate hal_secure_element_st54spi and st33spi form default

Bug: 193417907
Test: VtsHalSecureElementV1_2TargetTest,
      VtsHalSecureElementV1_1TargetTest,
      VtsHalSecureElementV1_0TargetTest,
      CtsOmapiTestCases
Change-Id: I444af2e38fc120d173445bce48b7e4d381201a91
 2021-09-30 17:41:32 +08:00
Adam Shih
d61f60e882 centralize wifi_ext config 
Bug: 201599426
Test: boot with wifi_ext started
Change-Id: I0638216a7100b26415a79e87cdb1a5a260f05baa
 2021-09-30 14:25:57 +08:00
Edwin Tung
4d6a7023e1 gps: add sepolicy to allow gps access pps gpio 
Bug: 175086879
Test: no avc deny
Change-Id: I960940d7223c25732021ff4d92ae72255c044291
 2021-09-30 12:41:17 +08:00
Philip Quinn
d5ac0ac3ce Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-09-28 20:11:33 +00:00
TreeHugger Robot
abb6cd5910 Merge "Using dontaudit to fix the avc on boot test" 2021-09-28 05:46:10 +00:00
Ted Lin
951ce82739 Using dontaudit to fix the avc on boot test 
avc: denied { search } for comm="kworker/6:2" name="google_battery" dev="debugfs" ino=32648 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_battery_debugfs:s0 tclass=dir permissive=1

Bug:200739262
Test: Check bugreport
Change-Id: I50a96bab88f564fef0eda9a23bb77dc6ffed357f
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-09-28 03:21:38 +00:00
Erik Staats
c57b0bdb55 Allow the sensor HAL to access raw HID devices. am: d60ebc5327 am: 35b6d77e0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15847652

Change-Id: I9bb49fa27647423d27a4d8cb5444412b5220930c
 2021-09-27 19:06:50 +00:00
Erik Staats
35b6d77e0c Allow the sensor HAL to access raw HID devices. am: d60ebc5327 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15847652

Change-Id: I31d13e1a04c7280706e52caea4f1c34a28b5d0e7
 2021-09-27 18:45:23 +00:00
Erik Staats
d60ebc5327 Allow the sensor HAL to access raw HID devices. 
Bug: 195964858
Test: Paired a Sony PS4 controller and verified that it's discovered by
 the dynamic sensor HAL.
Test: See details in testing done comment in
 https://googleplex-android-review.git.corp.google.com/15847652 .
Change-Id: Ic0bdd711d066a9793eba305102e9a850e3973856
 2021-09-27 18:34:30 +00:00
Jenny Ho
0970321dcb [automerger skipped] sepolicy: add rule for new debug file node am: c8651e514c -s ours am: a592fb52c3 -s ours am: 59ec413953 -s ours 
am skip reason: Merged-In I0ddf68d5e15fe8d77d8d61287f65621c14024f46 with SHA-1 17e518038e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15773285

Change-Id: I09ea2191f3755e63c1b4eea4c4584b6cd8e36e98
 2021-09-27 16:30:46 +00:00
Jenny Ho
23373a1187 [automerger skipped] sepolicy: add rule for new debug file node am: c8651e514c am: 948eeb2de5 -s ours am: ae368d3f03 -s ours 
am skip reason: Merged-In I0ddf68d5e15fe8d77d8d61287f65621c14024f46 with SHA-1 17e518038e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15773285

Change-Id: I0b6a5473fc06f2707899f6e30b27c1abd6aee04a
 2021-09-27 16:30:32 +00:00
Jenny Ho
59ec413953 [automerger skipped] sepolicy: add rule for new debug file node am: c8651e514c -s ours am: a592fb52c3 -s ours 
am skip reason: Merged-In I0ddf68d5e15fe8d77d8d61287f65621c14024f46 with SHA-1 17e518038e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15773285

Change-Id: I0ad52614acb4f241c9000db84095182261061b3d
 2021-09-27 16:20:46 +00:00
Jenny Ho
ae368d3f03 [automerger skipped] sepolicy: add rule for new debug file node am: c8651e514c am: 948eeb2de5 -s ours 
am skip reason: Merged-In I0ddf68d5e15fe8d77d8d61287f65621c14024f46 with SHA-1 17e518038e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15773285

Change-Id: Ibef4eab822f2fa8cff1af49400a9fde361157f5c
 2021-09-27 16:15:09 +00:00
Jenny Ho
a592fb52c3 [automerger skipped] sepolicy: add rule for new debug file node am: c8651e514c -s ours 
am skip reason: Merged-In I0ddf68d5e15fe8d77d8d61287f65621c14024f46 with SHA-1 17e518038e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15773285

Change-Id: Id8b68427c9c185ee0cfe76446f6d5bfaba4a0341
 2021-09-27 15:58:25 +00:00