Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3273 commits 1 branch 0 tags 494 MiB
Commit graph

1256 commits

Author SHA1 Message Date
Ziyi Cui
b3b59f8f88 Merge changes from topic "temp_residency_metrics" into tm-qpr-dev am: 7b5ec97f7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20590705

Change-Id: Ief5cae20292865a5a9e44089f406e8157dd7bb87
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 06:59:43 +00:00
Ziyi Cui
bb69de3087 [ DO NOT MERGE ] gs101-sepolicy: pixelstats: enable pixelstats access to temp-residency-metrics am: 86d7d36fcf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20527590

Change-Id: I8a812f509a63c4e5a7877195b78058b1a100eef1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-01 06:59:36 +00:00
Ziyi Cui
7b5ec97f7d Merge changes from topic "temp_residency_metrics" into tm-qpr-dev 
* changes:
  gs101-sepolicy:dumpstate: allow dumpstate access sysfs_vendor_metrics
  [ DO NOT MERGE ] gs101-sepolicy: pixelstats: enable pixelstats access to temp-residency-metrics
 2022-12-01 06:27:28 +00:00
Stephen Crane
427fabf934 Allow Trusty storageproxy property am: 502c76f22b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20546072

Change-Id: I76fb4e52ef76a6d268043243f57f688eadcd4e00
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-30 01:15:17 +00:00
Ziyi Cui
713d3ebf05 gs101-sepolicy:dumpstate: allow dumpstate access sysfs_vendor_metrics 
Test: "adb bugreport" includes metrics capture.

Bug: 246799997
Test: "adb bugreport" includes metrics capture.
Change-Id: I48247f8378e52d15b264c37342dee5a938ba90a1
Signed-off-by: Ziyi Cui <ziyic@google.com>
 2022-11-30 00:19:34 +00:00
Ziyi Cui
86d7d36fcf [ DO NOT MERGE ] gs101-sepolicy: pixelstats: enable pixelstats access to temp-residency-metrics 
enable pixelstats access to sysfs path
Bug: 246799997
Test: Verified the existence of atom and correctness of atom stats
Change-Id: If329f2a65ed4cf347bd57150c637d38312f3dcb1
Signed-off-by: Ziyi Cui <ziyic@google.com>
 2022-11-30 00:16:05 +00:00
Nicolas Geoffray
696c944e51 Allow ssr_detector_app writes to system_app_data_file. am: 1af71fc9ff am: 244284a31b 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2320310

Change-Id: Ia87808477911b933667159fa295aaa770bcb59e1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 17:39:31 +00:00
Nicolas Geoffray
244284a31b Allow ssr_detector_app writes to system_app_data_file. am: 1af71fc9ff 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2320310

Change-Id: Ia7709417ea78e4b351eef8a67c7ab731dd050c83
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 16:39:39 +00:00
Nicolas Geoffray
1af71fc9ff Allow ssr_detector_app writes to system_app_data_file. 
Bug: 260557058
Test: m

(cherry picked from commit dc7ea2f09b)

Merged-In: I65697c3afb9cfd11d5235d15aa20633f1a96fdbb
Change-Id: Iaeb69d0c1e46e3e28cd75109ebfe3c494dd7c150
 2022-11-28 17:32:28 +00:00
Stephen Crane
502c76f22b Allow Trusty storageproxy property 
Allows the Trusty storageproxyd to set ro.vendor.trusty.storage.fs_ready
when the data filesystems are ready for use, and allows vendor init to
query and wait on this property.

Test: m raven-userdebug, flash, test app loading
Bug: 258018785
Change-Id: If995d35be490fbca6c99ef9f73f2842f5c488bd4
Merged-In: If995d35be490fbca6c99ef9f73f2842f5c488bd4
 2022-11-23 00:36:27 +00:00
Joen Chen
805c8a476b Merge changes from topic "RRS_R4" into tm-qpr-dev am: 33f38db80f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20419725

Change-Id: If2198400b4c5f52eec07f6b5a688b0cd0b208b67
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-16 09:43:14 +00:00
joenchen
a5060e6616 RRS: Apply the default config from persist prop am: 90aeb6e15c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/19881052

Change-Id: I393898918b9d0a6d93f8f8d891527f59925ed3ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-16 09:43:12 +00:00
Joen Chen
33f38db80f Merge changes from topic "RRS_R4" into tm-qpr-dev 
* changes:
  Allow InputProcessor HAL to read display resolution
  RRS: Apply the default config from persist prop
 2022-11-16 09:01:32 +00:00
Rick Chen
1fefc4e6de Allow CHRE to use EPOLLWAKEUP [DO NOT MERGE] am: bd36256bad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20407807

Change-Id: I8ced56e90a34167048d5e56153081c9ca2583aa9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-09 16:09:12 +00:00
Siarhei Vishniakou
c765567524 Allow InputProcessor HAL to read display resolution 
Currently, there's no API to read the resolution from the system domain,
so the HAL has to read this from the sysprop provided by the display
code.

Allow the HAL to do so in this CL.

Bug: 244492960
Test: adb shell dmesg | grep input_processor
Change-Id: Ibdc3589234bbee8641e3c1f7a300b622803ca1a9
 2022-11-09 03:45:55 +00:00
Rick Chen
bd36256bad Allow CHRE to use EPOLLWAKEUP [DO NOT MERGE] 
avc: denied { block_suspend } for comm="UsfTransport" capability=36 scontext=u:r:chre:s0 tcontext=u:r:chre:s0 tclass=capability2 permissive=0

Bug: 238666865
Test: Check no chre avc denied.
Change-Id: Ifd2c37c58c548aec46a2c46891a1fc4d1f83f9be
Signed-off-by: Rick Chen <rickctchen@google.com>
 2022-11-08 15:00:27 +00:00
joenchen
90aeb6e15c RRS: Apply the default config from persist prop 
vendor_config plays as another role to control the display config during
the boot time. To change the default configuration of the user selected
mode, we use persist config to store the value.

Bug: 244492960
Test: Boot w/ and w/o user selected configs and check the resolution
Change-Id: Ic3eb4e1c8a2c5eed83d10799a1965dd7a6be58e1
 2022-11-08 14:09:00 +00:00
Jenny Ho
393e0efb9b Add permission for logbuffer_bd am: 632c5dba75 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20307975

Change-Id: I148592298e9f5a15406bd95418b228385e412ae7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-03 00:59:41 +00:00
Gabriel Biren
21cd48363a Merge "Update gs101 sepolicy to allow the wifi_ext AIDL service." am: 1010b1cceb am: 41505f9991 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2262723

Change-Id: I6e5f2649b6b2679d6e9883c61009f3907414cee6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-31 21:39:48 +00:00
Gabriel Biren
41505f9991 Merge "Update gs101 sepolicy to allow the wifi_ext AIDL service." am: 1010b1cceb 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2262723

Change-Id: Ie2801e8af27484ca08826b4ab93b0f462f45d2d2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-31 21:10:53 +00:00
Jenny Ho
632c5dba75 Add permission for logbuffer_bd 
Bug: 242679204
Change-Id: I134bf8611441274e8438fa06b5ca6c186efb331a
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2022-10-28 22:22:24 +08:00
Lucas Wei
121d50927c Merge "sepolicy: fix odpm avc denials" into tm-qpr-dev am: 4a487ac890 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20067818

Change-Id: Ifc7951728bc578a8c472a217a74e72c82ed846cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-24 09:53:50 +00:00
Lucas Wei
4a487ac890 Merge "sepolicy: fix odpm avc denials" into tm-qpr-dev 2022-10-24 09:07:24 +00:00
Sam Ou
0127869bfd sepolicy: fix odpm avc denials 
add wakeup permissions for odpm driver
since we update acc_data based on alarmtimer

Bug: 250813284
Change-Id: Id7f70d02475a03e53a206dde3b8efa584cacef85
Merged-In: Id7f70d02475a03e53a206dde3b8efa584cacef85
Signed-off-by: Sam Ou <samou@google.com>
Signed-off-by: Lucas Wei <lucaswei@google.com>
 2022-10-24 05:03:01 +00:00
Gabriel Biren
24160a4bcb Update gs101 sepolicy to allow the wifi_ext AIDL service. 
Bug: 205044134
Test: Start wifi on an Oriole device using both the
      HIDL and AIDL versions of wifi_ext.
Change-Id: I45cbc86e4d4feb2aa99641175108dd9745c1715e
 2022-10-20 16:54:19 +00:00
Chungjui Fan
8753d9d07c sepolicy: gs101: allow fastbootd to access gsc device node am: 8d802db37a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20210023

Change-Id: Ic59f5c3967ba09506234161c7a0058b40642851e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-19 12:31:55 +00:00
Chungjui Fan
8d802db37a sepolicy: gs101: allow fastbootd to access gsc device node 
avc:  denied  { getattr } for  pid=469 comm="fastbootd"
path="/dev/gsc0" dev="tmpfs" ino=470 scontext=u:r:fastbootd:s0
tcontext=u:object_r:citadel_device:s0
tclass=chr_file permissive=0

Bug: 248301125

Change-Id: Ic1aec8874636437b9b8d795b46fae72fa8533302
Signed-off-by: Chungjui Fan <chungjuifan@google.com>
 2022-10-17 12:26:10 +00:00
Krzysztof Kosiński
f9f745da33 Use generic wildcard for vendor libprotobuf. am: 2118dfb684 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2255496

Change-Id: I3788ebba42c38f754c183eb518e2d3a9ad31bba7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 15:51:58 +00:00
Krzysztof Kosiński
2118dfb684 Use generic wildcard for vendor libprotobuf. 
The suffix changes on each upgrade and the newest release uses
a two-part version number instead of a three-part one. Use a regex
that will match any suffix.

Bug: 203713560
Test: presubmit, log check
Change-Id: I27d7bd10e469b794226fe0c77b02c57d876729b1
 2022-10-14 14:06:56 +00:00
Jinting Lin
230b907ae1 Merge "Allows modem_svc to read the logging related properties" into tm-qpr-dev am: d255ed1576 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/19967636

Change-Id: Ic7a7ec1e03af32e88989f32452c2c255e1419a36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-22 15:35:53 +00:00
Jinting Lin
d255ed1576 Merge "Allows modem_svc to read the logging related properties" into tm-qpr-dev 2022-09-22 14:30:32 +00:00
Eden Su
c3c4aa626b Merge changes from topic "gs101_network_access" into tm-qpr-dev 
* changes:
  Sepolicy: add permission to allow create, connect udp socket
  sepolicy: gs101: allowed permissions required for network access
 2022-09-20 00:34:18 +00:00
jintinglin
9a4545eafa Allows modem_svc to read the logging related properties 
avc: denied { read } for comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=347 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 243039758
Change-Id: I80a6971a2c3e09320e780d1eff24e040cd8b3541
 2022-09-19 05:31:09 +00:00
Hana Kim
060b562310 Sepolicy: add permission to allow create, connect udp socket 
Bug: 226412527
Test: The tester verified IMS didn't crash and no avc denied log
Signed-off-by: Hana Kim <hanaa.kim@samsung.com>
Change-Id: Id9ba79ba87010326c53b6aec408e5cdb291122a6
Merged-In: Id9ba79ba87010326c53b6aec408e5cdb291122a6
 2022-09-19 04:58:00 +00:00
Jinhee Kim
fd941e1c1a sepolicy: gs101: allowed permissions required for network access am: 653e53d11d am: 9ca55393c9 am: a62f7495fb am: 11149a00ca 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2214621

Change-Id: Iee88f3f9d98f1b1f1568613b81542560e42ee25d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-16 12:18:57 +00:00
Hana Kim
a29b3c8ca1 Sepolicy: add permission to allow create, connect udp socket am: 09e0e1b280 am: 6c17e1e6f5 am: 19e9846ba8 am: 6b1cbfe260 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2200444

Change-Id: I50d573cc65874987be884d83b72f4aaaa71c8818
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-16 12:18:56 +00:00
Jinhee Kim
11149a00ca sepolicy: gs101: allowed permissions required for network access am: 653e53d11d am: 9ca55393c9 am: a62f7495fb 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2214621

Change-Id: I1da45f9173b7812ab45d8b503af446689a2e7fe4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-16 11:49:03 +00:00
Hana Kim
6b1cbfe260 Sepolicy: add permission to allow create, connect udp socket am: 09e0e1b280 am: 6c17e1e6f5 am: 19e9846ba8 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2200444

Change-Id: I9074a2aaab6ef1916fc3fa9a0c1f3e5e3fe610a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-16 11:49:01 +00:00
Jinhee Kim
908a8fcf14 sepolicy: gs101: allowed permissions required for network access 
avc: denied { write } for comm="Thread-102" name="dnsproxyd" dev="tmpfs" ino=1022 scontext=u:r:vendor_ims_app:s0:c251,c256,c512,c768 tcontext=u:object_r:dnsproxyd_socket:s0 tclass=sock_file permissive=0 app=com.shannon.imsservice
avc: denied { node_bind } for comm="Thread-102" src=50174 scontext=u:r:vendor_ims_app:s0:c251,c256,c512,c768 tcontext=u:object_r:node:s0 tclass=udp_socket permissive=0 app=com.shannon.imsservice

Bug: 242231557
Test: The tester verified IMS didn't crash and no avc denied log
Change-Id: Icc3762cef7f9766d845f1e1a56af1315fc97163b
Signed-off-by: Jinhee Kim <jinhee.k@samsung.com>
Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
Merged-In: Icc3762cef7f9766d845f1e1a56af1315fc97163b
 2022-09-16 08:51:52 +00:00
Estefany Torres
899574b2d8 Merge "Add rules for letting logger app send the command to ril" into tm-qpr-dev am: 0ec93ed8cd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/19912324

Change-Id: I14947b4a9dc41ffdb9afef580597ee0d4798443f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 14:35:07 +00:00
Estefany Torres
0ec93ed8cd Merge "Add rules for letting logger app send the command to ril" into tm-qpr-dev 2022-09-15 14:09:07 +00:00
TreeHugger Robot
a106f636f8 Merge "aoc: add audio property for pixellogger update control" into tm-qpr-dev am: 75f908a8ed 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/19533964

Change-Id: I347bbb35b216896a87b3b2edc96af57d6dadfe80
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-14 02:23:57 +00:00
TreeHugger Robot
75f908a8ed Merge "aoc: add audio property for pixellogger update control" into tm-qpr-dev 2022-09-14 01:48:40 +00:00
Jinhee Kim
653e53d11d sepolicy: gs101: allowed permissions required for network access 
avc: denied { write } for comm="Thread-102" name="dnsproxyd" dev="tmpfs" ino=1022 scontext=u:r:vendor_ims_app:s0:c251,c256,c512,c768 tcontext=u:object_r:dnsproxyd_socket:s0 tclass=sock_file permissive=0 app=com.shannon.imsservice
avc: denied { node_bind } for comm="Thread-102" src=50174 scontext=u:r:vendor_ims_app:s0:c251,c256,c512,c768 tcontext=u:object_r:node:s0 tclass=udp_socket permissive=0 app=com.shannon.imsservice

Bug: 242231557
Test: Build
Change-Id: Icc3762cef7f9766d845f1e1a56af1315fc97163b
Signed-off-by: Jinhee Kim <jinhee.k@samsung.com>
Signed-off-by: Kukjin Kim <kgene.kim@samsung.com>
 2022-09-12 15:18:32 +08:00
Hana Kim
09e0e1b280 Sepolicy: add permission to allow create, connect udp socket 
Bug: 226412527
Test: Build
Signed-off-by: Hana Kim <hanaa.kim@samsung.com>
Change-Id: Id9ba79ba87010326c53b6aec408e5cdb291122a6
 2022-09-12 15:17:44 +08:00
Estefany Torres
7b5ed95fdd Add rules for letting logger app send the command to ril 
08-31 23:40:57.354   458   458 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c252,c256,c512,c768 pid=2901 scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
09-01 00:08:19.600  2881  2881 W oid.pixellogger: type=1400 audit(0.0:10): avc: denied { call } for scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.android.pixellogger

Bug: 241412942
Test: tested in C10 with pixel logger change
Change-Id: Idcd693790d654d0a9b7aba46a41764d65867a61c
 2022-09-09 17:35:19 +00:00
JJ Lee
479f2286d7 sepolicy: add nodes for aoc memory votes stats am: f07279785d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/19739216

Change-Id: I795b972da3d42e7394fbd954f041934370fbd77a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 05:16:23 +00:00
JJ Lee
f07279785d sepolicy: add nodes for aoc memory votes stats 
Bug: 223674292
Test: build pass, not blocking bugreport
Change-Id: I4732c8b3271f553edc423ac115eb8a6afaebff37
Signed-off-by: JJ Lee <leejj@google.com>
 2022-09-07 11:45:18 +00:00
Roger Fang
5321008d5c sepolicy: add permission for AMS rate of pixelstats-vend am: a8eab1aaaf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/19711052

Change-Id: I61f3cfbb14f0f34bf0af2eaba1922b9aed4b7948
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-30 05:15:55 +00:00
Roger Fang
a8eab1aaaf sepolicy: add permission for AMS rate of pixelstats-vend 
I pixelstats-vend: type=1400 audit(0.0:1025): avc: denied { read } for name="ams_rate_read_once" dev="sysfs" ino=79714 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
I pixelstats-vend: type=1400 audit(0.0:1026): avc: denied { open } for path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs" ino=79714 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:1027): avc: denied { getattr } for path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs" ino=79714 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 239508478
Test: Manually test passed

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: I5c47003bed664f2cd9b6fe3630a6445aca27d10d
 2022-08-30 04:36:41 +00:00