Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4238 commits 1 branch 0 tags 494 MiB
Commit graph

4238 commits

This branch
This branch
All branches
Author SHA1 Message Date
Ilya Matyukhin
0226800307 Merge "Add sepolicy for SystemUIGoogle to write to lhbm" into sc-dev am: 75d0cce94f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14105113

Change-Id: I232b907292500d053fa55696a388a04c1bdd9879
 2021-04-14 01:25:39 +00:00
Roshan Pius
8119d482ed Uwb: Create a new Uwb system service 
Move the vendor service to a different name which will be used by AOSP
uwb service.

Also, create a new domain for the UWB vendor app which can expose this
vendor service.

Denials:
04-12 16:38:38.282   411   411 E SELinux : avc:  denied  { find } for pid=2964
uid=1000 name=tethering scontext=u:r:uwb_vendor_app:s0:c232,c259,c512,c768
tcontext=u:object_r:tethering_service:s0 tclass=service_manager permissive=0

04-12 17:56:49.320   411   411 E SELinux : avc:  denied  { find } for pid=2964
uid=1000 name=hardware.qorvo.uwb.IUwb/default scontext=u:r:uwb_vendor_app:s0:c232,c259,c512,c768
tcontext=u:object_r:hal_uwb_service:s0 tclass=service_manager permissive=0

04-12 20:13:37.952  3034  3034 W com.qorvo.uwb: type=1400 audit(0.0:8): avc: denied
{ getattr } for path="/data/user/0/com.qorvo.uwb" dev="dm-11" ino=7176
scontext=u:r:uwb_vendor_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0
tclass=dir permissive=0

04-12 20:13:38.003   408   408 E SELinux : avc:  denied  { find } for pid=3034
uid=1000 name=content_capture scontext=u:r:uwb_vendor_app:s0:c232,c259,c512,c768
tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=0

04-12 21:25:03.244  2992  2992 W com.qorvo.uwb: type=1400 audit(0.0:7): avc: denied
{ getattr } for path="/data/user/0/com.qorvo.uwb" dev="dm-11" ino=7176
scontext=u:r:uwb_vendor_app:s0:c232,c259,c512,c768 tcontext=u:object_r:
system_app_data_file:s0:c232,c259,c512,c768 tclass=dir permissive=0

Bug: 183904955
Test: atest android.uwb.cts.UwbManagerTest
Change-Id: Iecb871902ebe7d110f2deb9ddb960c1a3945d8e9
 2021-04-13 17:54:42 -07:00
Ilya Matyukhin
75d0cce94f Merge "Add sepolicy for SystemUIGoogle to write to lhbm" into sc-dev 2021-04-14 00:16:35 +00:00
Vova Sharaienko
b0a79e65a1 wirelesscharger-adapter: updated sepolicy am: 72f80a3c90 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14176231

Change-Id: Id446f4625b0d89a27365d3385395ef190f6cf0e2
 2021-04-13 23:53:23 +00:00
Vova Sharaienko
54fbaee2e2 wirelesscharger-adapter: updated sepolicy am: 72f80a3c90 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14176231

Change-Id: I8c5bd90516347079ea1a51e744614f4d30921805
 2021-04-13 23:48:26 +00:00
Vova Sharaienko
72f80a3c90 wirelesscharger-adapter: updated sepolicy 
This allows the wirelesscharger-adapter to access AIDL Stats service

Bug: 181892307
Test: Build, flash, boot & and logcat | grep "platform_app"
Change-Id: I801e801133e4c7a0977f6c1e816b7c64135f59a3
 2021-04-13 19:26:01 +00:00
Ilya Matyukhin
acf6b1f5ae Add sepolicy for SystemUIGoogle to write to lhbm 
Bug: 184768835
Bug: 182520014
Test: adb logcat | grep "avc: denied"
Change-Id: Ia200983c87e0b826a0b62052e65cc731453a632f
 2021-04-13 11:26:34 -07:00
TreeHugger Robot
ad6d6919ec Merge "logger_app: Remove Pixelize rule" into sc-dev am: 421bee976b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13805048

Change-Id: I3fcb8e777ebb3b22be823603eb9260a45762e9e5
 2021-04-13 12:37:11 +00:00
TreeHugger Robot
2a113e7403 Merge "Fix Android GPU Inspector (AGI) support" into sc-dev am: f7c08818e6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14160223

Change-Id: Id30e6d4082331c23514da82d3f515e9da4a0abd8
 2021-04-13 12:36:39 +00:00
TreeHugger Robot
421bee976b Merge "logger_app: Remove Pixelize rule" into sc-dev 2021-04-13 11:54:20 +00:00
TreeHugger Robot
f7c08818e6 Merge "Fix Android GPU Inspector (AGI) support" into sc-dev 2021-04-13 10:27:29 +00:00
SalmaxChang
674ed8943f hal_dumpstate_default: Fix avc error am: cbc7709c10 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14160604

Change-Id: I246ab92b5e9ab33312e78eca151fb8fa6aa80bb9
 2021-04-13 08:50:47 +00:00
SalmaxChang
cbc7709c10 hal_dumpstate_default: Fix avc error 
avc: denied { set } for property=vendor.sys.modem.logging.enable pid=9743 uid=1000 gid=1000 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_modem_prop:s0 tclass=property_service permissive=0

Bug: 185196642
Change-Id: I955271fa4d2d9bc2ef4b306068623f79f5b37c74
 2021-04-13 07:43:29 +00:00
Adam Shih
e541cce49b change assigned bug 
Bug: 182531832
Test: take bugreport and see no relevant log
Change-Id: I33911bf652c7d21eb2a153e6b6129162434be72f
 2021-04-13 15:08:13 +08:00
KRIS CHEN
257a9b2464 Merge "Allow fingerprint hal to access dmabuf_system_heap_device" into sc-dev am: ef5cde63e6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14112452

Change-Id: I9ee3f7401b214f0544049f6d5743c57566f42496
 2021-04-13 06:53:39 +00:00
Adam Shih
77e7ed4983 Merge changes Ieac81e9d,I7c069770 into sc-dev am: a071425509 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14160597

Change-Id: Ib81459027e1949d2b1756e236b5d9ace46dc49e0
 2021-04-13 06:53:10 +00:00
KRIS CHEN
ef5cde63e6 Merge "Allow fingerprint hal to access dmabuf_system_heap_device" into sc-dev 2021-04-13 06:22:13 +00:00
Kris Chen
c14f02da5d Allow fingerprint hal to access dmabuf_system_heap_device 
Fixes the following avc denial:
android.hardwar: type=1400 audit(0.0:1207): avc: denied { read } for name="system" dev="tmpfs" ino=689 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=0

Bug: 171791180
Bug: 184034094
Test: Enroll and authenticate fingerprints.
Change-Id: Ie86143ac2484d8909b1070829ff20cf02572f17d
 2021-04-13 06:21:09 +00:00
Adam Shih
a071425509 Merge changes Ieac81e9d,I7c069770 into sc-dev 
* changes:
  dump hal_graphics_composer
  allow init to set readahead_size
 2021-04-13 05:56:39 +00:00
Adam Shih
440e15e109 Merge "update error on ROM 7278058" into sc-dev am: c8d0ba4326 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14160592

Change-Id: Ia9b2876f6ed9044c83522fab28281acf7bbb8917
 2021-04-13 05:17:36 +00:00
Jim Sun
0c1e46a6b3 Merge "gs101: fix grilservice context" into sc-dev am: 9e25f06368 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13880430

Change-Id: I5397c2ad98abbc2b5939f8a4f61dacdd4f24d191
 2021-04-13 05:17:20 +00:00
Adam Shih
c8d0ba4326 Merge "update error on ROM 7278058" into sc-dev 2021-04-13 05:10:03 +00:00
Jim Sun
9e25f06368 Merge "gs101: fix grilservice context" into sc-dev 2021-04-13 04:31:21 +00:00
Adam Shih
7e071d6cb2 dump hal_graphics_composer 
Bug: 179310854
Bug: 176868159
Bug: 177176812
Bug: 177389412
Bug: 177614642
Bug: 177778217
Bug: 177860841
Bug: 178752460
Bug: 179310909
Bug: 179437463
Bug: 180963481
Bug: 181177909
Bug: 174961421
Test: do bugreport with no relevant error logs
Change-Id: Ieac81e9d684044fbd649b4fec608f393627c34cb
 2021-04-13 11:59:13 +08:00
Adam Shih
7e60d3a032 allow init to set readahead_size 
Bug: 185186743
Test: boot with no error found during boot
Change-Id: I7c06977023a1125d0187b96103e94c355a9d17a2
 2021-04-13 11:17:31 +08:00
Adam Shih
06cc3ee882 update error on ROM 7278058 
Bug: 185186743
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I40066584800e1a40fbd75dc2d97ee44f9e6dde89
 2021-04-13 10:55:33 +08:00
SalmaxChang
6f1275582c logger_app: Grant to access new logger properties am: 2c1b29b494 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14140254

Change-Id: I7b4a9da5ba9d1ac3dc43469c11f360ca7e887d9d
 2021-04-13 02:18:43 +00:00
Sidath Senanayake
7c8d4d86e8 Fix Android GPU Inspector (AGI) support 
In order for AGI to work, it needs to dlopen the libgpudataproducer.so
shared object.

Bug: 185127179
Bug: 175593589
Change-Id: I9ad9c587f10e0fd6e27c4743c1d4cb85c896c41d
 2021-04-12 17:41:01 +01:00
Ted Lin
cd12670940 Allow to dump pps-dc 
Bug:185041587
Test: adb bugreport
Change-Id: Ia4adcc335b05f5f7d06625c274842e6a9f5d2637
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-04-12 18:27:20 +08:00
SalmaxChang
2c1b29b494 logger_app: Grant to access new logger properties 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:vendor_ssrdump_prop:s0" dev="tmpfs" ino=308 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_ssrdump_prop:s0 tclass=file permissive=1
avc: denied { set } for property=vendor.debug.ramdump.full pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_ramdump_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.logd.logpersistd.count pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:logpersistd_logging_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.vendor.ril.crash_handling_mode pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=1
avc: denied { set } for property=persist.logd.size pid=5081 uid=10280 gid=10280 scontext=u:r:logger_app:s0:c24,c257,c512,c768 tcontext=u:object_r:logd_prop:s0 tclass=property_service permissive=1

Bug: 178744858
Change-Id: I42629335e82565fbf305be242098870aef6ea317
 2021-04-12 15:08:30 +08:00
Jenny Ho
2d617d57ef Merge "Fix avc denied for maxfg_base/flip and wireless dump" into sc-dev am: 3b6d7aeb94 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14139366

Change-Id: I6ecd5edf52d62b58fe8aeeed700f2501fe2ec0e7
 2021-04-12 04:39:22 +00:00
Jenny Ho
3b6d7aeb94 Merge "Fix avc denied for maxfg_base/flip and wireless dump" into sc-dev 2021-04-12 04:05:09 +00:00
Andy Chou
72aaa16452 Merge "Remove sepolicy of Wirecutter" into sc-dev am: deaf447bc6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14136827

Change-Id: I3a6bfb4d8f39ca7e4319eb14fd234e2ab1bfa806
 2021-04-12 02:27:42 +00:00
Erik Staats
7e5ceecdf6 Add policy for USF low latency transport gralloc usage. am: 1082e886c0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14144079

Change-Id: I32cc4ea5c2f396ddb1b3b288d5531116bf185baf
 2021-04-12 02:27:27 +00:00
Andy Chou
deaf447bc6 Merge "Remove sepolicy of Wirecutter" into sc-dev 2021-04-12 02:06:48 +00:00
Erik Staats
1082e886c0 Add policy for USF low latency transport gralloc usage. 
Bug: 183233052
Test: Verified regular and direct report sampling on Raven with shared
 memory transport enabled.
Test: See details in testing done comment in
 https://googleplex-android-review.git.corp.google.com/14144079 .
Change-Id: Ia852a4a9ca6e8eacb0fb465884d17f95445a6822
 2021-04-12 01:33:52 +00:00
millerliang
b67548e8cf Fix avc denied in MMAP audio exclusive mode am: b4bab832f9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14063265

Change-Id: Ib5a43be93cfcff6ec0a4f2a6e10db267f7c2047c
 2021-04-09 14:36:47 +00:00
millerliang
b4bab832f9 Fix avc denied in MMAP audio exclusive mode 
04-01 15:26:30.936 16390 16390 I auditd  : type=1400 audit(0.0:55): avc:
denied { read } for comm="HwBinder:16390_" name="aaudio_playback_heap"
dev="tmpfs" ino=400 scontext=u:r:hal_audio_default:s0
tcontext=u:object_r:dmabuf_heap_device:s0 tclass=chr_file permissive=1

Bug: 165737390
Test: Build and use OboeTester to run MMAP audio
Change-Id: I22201dfd4a3f579b52d4cfbc86fc6148dc481cb0
 2021-04-09 20:43:54 +08:00
Jenny Ho
b94e7586ce Fix avc denied for maxfg_base/flip and wireless dump 
Bug: 184780667
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ice4102cf541dc80c85beb05ad5c523a4306a77bc
 2021-04-09 18:24:32 +08:00
andychou
b370d9d2c3 Remove sepolicy of Wirecutter 
Bug: 184886787
Test: build pass
Change-Id: Ibe539d31dc70cc4ea478f074ef4bf75d918bcb67
 2021-04-09 17:06:51 +08:00
TreeHugger Robot
95d168126d Merge "Fix avc denied for Silent Logging" into sc-dev am: 60a2a6c09b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14103373

Change-Id: I77f2d19f407e8b0e0bcda835885b50218da6ad1c
 2021-04-09 06:53:47 +00:00
TreeHugger Robot
60a2a6c09b Merge "Fix avc denied for Silent Logging" into sc-dev 2021-04-09 06:20:41 +00:00
TreeHugger Robot
70ba745b79 Merge "cbd: Grant to access slog file" into sc-dev am: 5c9b9d882f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14119811

Change-Id: Ia792e85b0627e4134db6dc784bc3d3c7e3831ae3
 2021-04-09 05:54:29 +00:00
TreeHugger Robot
5c9b9d882f Merge "cbd: Grant to access slog file" into sc-dev 2021-04-09 05:15:34 +00:00
Aaron Tsai
06b410dc4a Fix avc denied for Silent Logging 
04-06 15:18:31.513  root     1     1 E init    : Do not have permissions to set 'persist.vendor.sys.silentlog.tcp' to 'On' in property file '/vendor/build.prop': SELinux permission check failed
04-06 15:20:17.988  root     1     1 W /system/bin/init: type=1107 audit(0.0:33): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.ap pid=8917 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:20:23.256  root     1     1 W /system/bin/init: type=1107 audit(0.0:38): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.cp pid=9025 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:20:51.340  root     1     1 W /system/bin/init: type=1107 audit(0.0:43): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog pid=9291 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'
04-06 15:21:03.608  root     1     1 W /system/bin/init: type=1107 audit(0.0:54): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.sys.silentlog.tcp pid=9473 uid=1000 gid=1000 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_persist_sys_default_prop:s0 tclass=property_service permissive=0'

04-06 20:17:08.060  1000  5754  5754 W Thread-3: type=1400 audit(0.0:21): avc: denied { write } for name="slog" dev="dm-7" ino=245 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=0
04-06 20:17:09.194  1000   398   398 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.oemservice::IOemService sid=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 pid=5754 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_vendor_oem_hwservice:s0 tclass=hwservice_manager permissive=0
04-06 21:07:18.376  7458  7458 I auditd  : type=1400 audit(0.0:20): avc: denied { call } for comm="y.silentlogging" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:r:dmd:s0 tclass=binder permissive=0

04-06 21:16:53.200  8873  8873 W Thread-4: type=1400 audit(0.0:85): avc: denied { create } for name="NNEXT_PROFILE.nprf" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0:c232,c259,c512,c768 tclass=file permissive=0


Bug: 184608648
Test: verified with the forrest ROM and error log gone
Change-Id: Id9cdf15478c751de92a9a84bcfdc8233d6e9d294
 2021-04-09 04:33:13 +00:00
TreeHugger Robot
b415e72482 Merge "init: allow to set tcpdump property" into sc-dev am: 83d6ee82fb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14124655

Change-Id: Ia3dd270c6ea9f90658f1657051c19a4732c4b38d
 2021-04-09 04:30:36 +00:00
TreeHugger Robot
83d6ee82fb Merge "init: allow to set tcpdump property" into sc-dev 2021-04-09 03:54:18 +00:00
Speth Chang
7d74437b07 Merge "allow camera to connect stats service" into sc-dev am: 6c4d851d28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14108661

Change-Id: I008cdb58623b13e644ad0f2d5e76261271b54dd8
 2021-04-09 03:21:05 +00:00
SalmaxChang
6dd6d9872e cbd: Grant to access slog file 
Bug: 184646743
Change-Id: I06ecfbc8b9276b3801725f0965b03b849eddbdfc
 2021-04-09 03:11:25 +00:00
Speth Chang
6c4d851d28 Merge "allow camera to connect stats service" into sc-dev 2021-04-09 03:01:14 +00:00