Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4238 commits 1 branch 0 tags 494 MiB
Commit graph

4238 commits

This branch
This branch
All branches
Author SHA1 Message Date
TreeHugger Robot
8f541049bc Merge "Create sepolicy for the fingerprint GHBM sysprop" into sc-dev am: 4a3f3550f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14105112

Change-Id: I627caec9927f15bc7f88af0ab298ad876a01f169
 2021-04-09 02:59:26 +00:00
jimsun
17f08b3cba gs101: fix grilservice context 
The app is no longer signed with the platform key.

Bug: 162313924
Test: verify gril service function works normally
Change-Id: I9bf0494e65cafca9432665be199c30508d36417e
 2021-04-09 02:48:30 +00:00
SalmaxChang
5feb916e47 init: allow to set tcpdump property 
init: Unable to set property 'persist.vendor.tcpdump.log.alwayson' from uid:10273 gid:10273 pid:7074: SELinux permission check failed

Bug: 184411489

Change-Id: If449e0d883fa4cbf8dd5ac3a6a84d205e7ac1f31
 2021-04-09 10:47:56 +08:00
Nick Sanders
d59ea41ac8 gs101-sepolicy: Allow platform_app to call uwb 
This is to fix below avc denial:
  SELinux : avc: denied { find } for pid=10783 uid=10294 name=uwb
  scontext=u:r:platform_app:s0:c512,c768
  tcontext=u:object_r:uwb_service:s0 tclass=service_manager permissive=0

Bug: 184286788
Test: Run Qorvo app without failure
Change-Id: I9673a3eef3f0b0bedb50ef2a5c336d8bfe7620e7
 2021-04-09 02:21:20 +00:00
TreeHugger Robot
4a3f3550f5 Merge "Create sepolicy for the fingerprint GHBM sysprop" into sc-dev 2021-04-09 02:11:57 +00:00
Ilya Matyukhin
b9e10feefb Create sepolicy for the fingerprint GHBM sysprop 
Bug: 184761756
Bug: 183728349
Test: adb logcat | grep "avc: denied"
Change-Id: I5209bdf859e86a83ac3fa29ecf8bfd8d5b6d88ce
 2021-04-08 23:21:22 +00:00
TreeHugger Robot
5d9cf2c7ee Merge "Give hal_dumpstate_default read access to slog files" into sc-dev am: f15b8edbd1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14127725

Change-Id: I523ad11883f342ac65d868a04cbb498d6cfb4609
 2021-04-08 22:10:28 +00:00
TreeHugger Robot
f15b8edbd1 Merge "Give hal_dumpstate_default read access to slog files" into sc-dev 2021-04-08 21:40:31 +00:00
Eddie Tashjian
ce90dbfb57 Merge "Add TCP dump permissions." into sc-dev am: 5bbdd82a4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14119567

Change-Id: I7ca93885708d1ca028aa6addc56da126a0635a87
 2021-04-08 18:38:47 +00:00
Eddie Tashjian
5bbdd82a4e Merge "Add TCP dump permissions." into sc-dev 2021-04-08 18:25:30 +00:00
Craig Dooley
cf558dbf33 Merge "Fix SELinux errors with aocd" into sc-dev am: cd888e847f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14105108

Change-Id: Ie4bbc58c3471209486cf380fb6f5ed209bda789c
 2021-04-08 18:11:31 +00:00
Craig Dooley
cd888e847f Merge "Fix SELinux errors with aocd" into sc-dev 2021-04-08 17:27:56 +00:00
Chris Fries
1d379dfbc9 Give hal_dumpstate_default read access to slog files 
Bug: 184821900

Bugreports require access to "silent log" files.

cp      : type=1400 audit(0.0:20): avc: denied { getattr } for path="/data/vendor/radio/logs/always-on/sbuff_20210408191538.sdm" dev="dm-11" ino=9075 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_slog_file:s0 tclass=file permissive=0

Change-Id: Iacc4778d1242f304e9519180437ceb0f0e9d350d
 2021-04-08 16:27:29 +00:00
Cliff Wu
816fefcd34 Merge "[Bug] Change the sepolicy name for exo_camera_injection" into sc-dev am: ec6bd9449b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14112451

Change-Id: Ice4fe2982eeef2ef8c6f45eebcf4df4305e9bfa0
 2021-04-08 14:41:08 +00:00
Cliff Wu
ec6bd9449b Merge "[Bug] Change the sepolicy name for exo_camera_injection" into sc-dev 2021-04-08 14:09:47 +00:00
Craig Dooley
3d4d9159c9 Fix SELinux errors with aocd 
Add inotify support for /dev
Fix the aoc vendor property

Bug: 184173298
Change-Id: I40a71edd56b2d51f848085c43ae1d10a4c2c0c4b
 2021-04-08 03:59:23 +00:00
Speth Chang
1c64cd89a2 allow camera to connect stats service 
Bug: 177076189
Test: build pass
Change-Id: I1132e8a6794d09306b70fe902fc82fbdb7bf9bb4
 2021-04-08 11:48:08 +08:00
Eddie Tashjian
b2fb9cdace Add TCP dump permissions. 
Copy selinux policy for tcp dump binary from previous Pixel to support
TCP logging on P21 through PixelLogger.

Bug: 184777243
Test: Check PixelLogger TCP dump works.
Change-Id: Id958c8a3e6375a7aae569d6fc94deb9f8072b57b
 2021-04-08 03:13:55 +00:00
Chase Wu
dfd9b4376d Merge "update label missing vibrator sys nodes for dual part" into sc-dev am: 682e3a348f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14033446

Change-Id: I2c8db9943b6d619194718226a2efc9a563902fe4
 2021-04-08 02:41:21 +00:00
Mat Bevilacqua
8c46fe8986 Merge "Fix selinux permissions errors for UwbService" into sc-dev am: b58243632d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14096432

Change-Id: Iffdeac5d97da71c279e83d61db670b71a7ec6b36
 2021-04-08 02:37:23 +00:00
Chase Wu
682e3a348f Merge "update label missing vibrator sys nodes for dual part" into sc-dev 2021-04-08 02:24:28 +00:00
Mat Bevilacqua
b58243632d Merge "Fix selinux permissions errors for UwbService" into sc-dev 2021-04-08 02:09:57 +00:00
TreeHugger Robot
034ecec70b Merge "whitechapel: add permission for pixellogger set audio property" into sc-dev am: 34e0106672 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14100415

Change-Id: I417358ac866cb6c57fd339ba172abbf5840b2b99
 2021-04-08 01:57:35 +00:00
Adam Shih
3092cd1cb5 Merge "remove wildcard on kernel modules" into sc-dev am: bf832c3b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14108662

Change-Id: I14680d1c5dca483f44c8e95bccbb253cad26a050
 2021-04-08 01:57:23 +00:00
TreeHugger Robot
34e0106672 Merge "whitechapel: add permission for pixellogger set audio property" into sc-dev 2021-04-08 01:31:35 +00:00
Adam Shih
bf832c3b49 Merge "remove wildcard on kernel modules" into sc-dev 2021-04-08 01:10:56 +00:00
Eddie Tashjian
61b20db123 Merge "Fix modem logging configuration." into sc-dev am: aa9ecdc436 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14106552

Change-Id: I144856a3f19f521eabb2d5872f2ac189682db079
 2021-04-07 19:04:54 +00:00
Mat Bevilacqua
82d7164b5c Fix selinux permissions errors for UwbService 
Fixes gmscore access to UwbManager APIs, fixes UwbService access to UWB
HAL APIs, and fixes CTS UwbService presence test.

Bug: 184402100
Test: atest CtsUwbTestCases
Change-Id: I7450242f8b35570c3d5a676c5835b01f74995202
 2021-04-07 11:39:31 -07:00
Eddie Tashjian
aa9ecdc436 Merge "Fix modem logging configuration." into sc-dev 2021-04-07 16:56:47 +00:00
Yabin Cui
673d8457be Merge "Move vendor_kernel_modules to public." into sc-dev am: a4af5bb39c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14106320

Change-Id: Ic24db5a261a4e090f14342d59bbd53767ca9485e
 2021-04-07 16:35:56 +00:00
Yabin Cui
a4af5bb39c Merge "Move vendor_kernel_modules to public." into sc-dev 2021-04-07 16:14:32 +00:00
Cliff Wu
c0b806fd2d [Bug] Change the sepolicy name for exo_camera_injection 
- Change the sepolicy name from platfrom_app to exo_app.
- Selinux avc log:
E/SELinux: avc:  denied  { find } for interface=vendor.google.exo_camera_injection::IExoCameraInjection sid=u:r:exo_app:s0:c248,c256,c512,c768 pid=11479 scontext=u:r:exo_app:s0:c248,c256,c512,c768 tcontext=u:object_r:hal_exo_camera_injection_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 184736718
Test: Verified exo_camera_injection provider service use cases function as expected; no denials.
Change-Id: I08887b8b6020cb7b3fb3da77cea9a1f453655bea
 2021-04-07 15:17:44 +00:00
chenpaul
7376656ff4 logger_app: Remove Pixelize rule 
In original design, pixellogger was included in Pixelize mk file,
but the sepolicy are defined by the product specific te file.
These are not aligned and have dependency concern if add new sepolicy rule
in Pixelize te file.

This change remove the Pixelize rule from the device specifc te file.
And the Pixelize rule will be defined by
hardware/google/pixel-sepolicy/logger_app/logger_app.te

Bug: 159650456
Test: Pixel Logger is workable
Change-Id: If13e05b7979f7be02a728b40f8032b81f7c53e06
 2021-04-07 21:31:32 +08:00
chasewu
d57865ec05 update label missing vibrator sys nodes for dual part 
Bug: 184026143
Test: no Permission denied logs
Signed-off-by: chasewu <chasewu@google.com>
Change-Id: Id75f89f5d0f1568942ef787be295b2fa5b0ca2a2
 2021-04-07 09:35:32 +00:00
TreeHugger Robot
d0eb25628f Merge "audio: add support for aocdump to aceess audio state" into sc-dev am: dce254b11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14098530

Change-Id: I967334de2587971edd213d65f0a987b58b41c0fb
 2021-04-07 08:53:38 +00:00
TreeHugger Robot
dce254b11d Merge "audio: add support for aocdump to aceess audio state" into sc-dev 2021-04-07 08:39:49 +00:00
Sriram Kashyap M S
830b2c0009 Allow EdgeTPU NNAPI HAL to access socket files for IPC. am: dcd42938da 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14094386

Change-Id: I9948b7fc288a786f1d86ecb58f6e369929db1c7a
 2021-04-07 08:32:38 +00:00
yixuanjiang
7e8fca8041 whitechapel: add permission for pixellogger set audio property 
Bug: 184708066
Test: local test
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: I6a43959fc3565db8d2a1679ce722c11f58398794
 2021-04-07 07:06:53 +00:00
Adam Shih
a346a7fa34 remove wildcard on kernel modules 
Bug: 170786122
Test: Boot with all kernal modules loaded
Change-Id: I0d1d861af290181231223630497788c051c83ecb
 2021-04-07 14:10:00 +08:00
Adam Shih
5a648ae1e7 grant debugfs access to insmod under userdebug am: 59ba0f97aa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14108655

Change-Id: Ic35524068f3f5d6e2715f6b782063b3a0e16b270
 2021-04-07 06:00:38 +00:00
Sriram Kashyap M S
dcd42938da Allow EdgeTPU NNAPI HAL to access socket files for IPC. 
Bug: 182524105
Test: ./scripts/run_tests.sh on Oriole.
Change-Id: I85106f004fcee2cccc44609584165a0e2ce654e3
 2021-04-07 05:58:58 +00:00
Adam Shih
59ba0f97aa grant debugfs access to insmod under userdebug 
Bug: 182086611
Test: boot with the error gone
Change-Id: I555c12b4ccbb61266dc289aac577d0240bde4d28
 2021-04-07 11:56:49 +08:00
Adam Shih
88c6c2e183 Merge "remove obsolete mobicore operations" into sc-dev am: 58b693aff0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14098526

Change-Id: Ib68a2892065fa38691af2f8fcb82bd9ef801ce8d
 2021-04-07 01:13:57 +00:00
Adam Shih
58b693aff0 Merge "remove obsolete mobicore operations" into sc-dev 2021-04-07 00:48:11 +00:00
Eddie Tashjian
8066a9f471 Fix modem logging configuration. 
Missing binder configuration for dmd to return responses to modem
logging control binary, for cases when it needs to get log mask
configuration information.

Bug: 184605350
Test: Check logging works with selinux enabled.
Change-Id: Ia9a80870927fd890266f702b091343b4b4018673
 2021-04-06 16:42:03 -07:00
Yabin Cui
05825886f4 Move vendor_kernel_modules to public. 
Bug: 166559473
Bug: 183135316
Test: build
Change-Id: Ib62080d3d12aa197571a0697c17f6fd5d981d653
 2021-04-06 21:46:27 +00:00
Yabin Cui
e0581165da Merge "Move vendor_kernel_modules to public." 2021-04-06 20:54:56 +00:00
Krzysztof Kosiński
d52ad2a277 Merge "camera: allow the camera hal to set fatp prop" into sc-dev am: 2a96bc108c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14095704

Change-Id: I7dcd91db0f7774070705a56768acae1d04ea6b3c
 2021-04-06 06:29:22 +00:00
Adam Shih
63c5fb0115 Merge "update error on ROM 7260355" into sc-dev am: f2d78c7d14 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14098527

Change-Id: Icc615ce54290326d8e416dc21c24ee88374ad801
 2021-04-06 06:28:42 +00:00
Yu-Chi Cheng
021fe39d69 Merge "Allowed EdgeTPU service to read system properties related to vendor." into sc-dev am: 26cc7d6499 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14042450

Change-Id: I650b24c2e44106b738dd9149eda59ed9ab9b0aac
 2021-04-06 06:28:04 +00:00