Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3273 commits 1 branch 0 tags 494 MiB
Commit graph

1256 commits

Author SHA1 Message Date
Albert Wang
2caa560163 Allow suspend_control to access xHCI wakeup node am: a506ed1e06 am: 43bde53275 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16370946

Change-Id: I6b86ed75839021c860f8f556f25caedd4443fc84
 2021-12-02 02:29:37 +00:00
Albert Wang
43bde53275 Allow suspend_control to access xHCI wakeup node am: a506ed1e06 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16370946

Change-Id: I17198ed93403abe1b6526b385218847616b52c5b
 2021-12-02 01:53:59 +00:00
Albert Wang
a506ed1e06 Allow suspend_control to access xHCI wakeup node 
This is a WORKAROUND to avoid the xHCI wakeup node permission problem,
since system will automatically allocated device ID.

Bug: 205138535
Test: n/a
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: Ia2ca04618f950bdded4aea76c897579eb4b92daf
 2021-12-01 23:45:19 +08:00
Rick Yiu
10bd8547d7 Merge "gs101-sepolicy: Fix avc denials" 2021-11-26 10:40:43 +00:00
Rick Yiu
4075287498 gs101-sepolicy: Fix avc denials 
Fix below and other potential denials

11-21 10:10:43.984  3417  3417 I auditd  : type=1400 audit(0.0:4): avc: denied { write } for comm=4173796E635461736B202332 path="/sys/kernel/vendor_sched/set_task_group_fg" dev="sysfs" ino=44511 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=file permissive=0 app=com.google.android.pixel.setupwizard

11-21 10:10:44.840  3976  3976 I auditd  : type=1400 audit(0.0:10): avc: denied { write } for comm="StallDetector-1" path="/sys/kernel/vendor_sched/set_task_group_fg" dev="sysfs" ino=44511 scontext=u:r:untrusted_app_30:s0:c170,c256,c512,c768 tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=file permissive=0 app=com.google.android.inputmethod.latin

11-21 18:10:51.280  5595  5595 I auditd  : type=1400 audit(0.0:102): avc: denied { write } for comm="SharedPreferenc" path="/sys/kernel/vendor_sched/set_task_group_fg" dev="sysfs" ino=44511 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=file permissive=0 app=com.google.android.gms

Bug: 206970384
Test: make selinux_policy pass
Change-Id: I7c981ef0516dc5be93ec825768de57c15786b4bd
 2021-11-25 14:26:35 +00:00
TreeHugger Robot
27e7eeb875 Merge "aoc: add audio property for audio aocdump feature" 2021-11-25 07:05:25 +00:00
Randall Huang
68ffcb774d Fix health HAL avc denied when running idle-maint 
Log:
avc: denied { read } for comm="android.hardwar" name="wb_avail_buf"
dev="sysfs" ino=59061 scontext=u:r:hal_health_storage_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 206741894
Test: adb shell sm idle-maint run
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: I79e7763df16816e6799f288d2f8b7e26c204cbc4
 2021-11-23 03:17:54 +00:00
Albert Wang
8bdcb60170 [RESTRICT AUTOMERGE] Allow suspend_control to access xHCI wakeup node am: e6fb90425d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16246250

Change-Id: If82693c02020cc701953dcb12412fa0fe132f16b
 2021-11-17 08:51:05 +00:00
Albert Wang
e6fb90425d [RESTRICT AUTOMERGE] Allow suspend_control to access xHCI wakeup node 
Bug: 205138535
Test: n/a
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I6e012fea56c50656c8f26216199459092dcfc0f9
Merged-In: I6e012fea56c50656c8f26216199459092dcfc0f9
 2021-11-17 07:18:29 +00:00
yixuanjiang
002907fb12 aoc: add audio property for audio aocdump feature 
Bug: 204080552
Test: local
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: I79b960cf5e88856c37f7901d718ac8f14e44b812
 2021-11-16 14:55:26 +08:00
Albert Wang
c0ad9b7e8a Allow suspend_control to access xHCI wakeup node 
Bug: 205138535
Test: n/a
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I6e012fea56c50656c8f26216199459092dcfc0f9
 2021-11-16 12:23:33 +08:00
Michael Ayoubi
11bb305754 Merge "Allow uwb_vendor_app to get SE properties" into sc-v2-dev am: e7a17433a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16233414

Change-Id: Ibac4fbebf2f14157e1ac32585e4da68b61acea19
 2021-11-12 01:48:47 +00:00
Michael Ayoubi
e7a17433a0 Merge "Allow uwb_vendor_app to get SE properties" into sc-v2-dev 2021-11-12 01:24:43 +00:00
Oleg Matcovschi
0684e81d5f gs101:ssr_detector: Allow access to aoc properties in user builds am: 63d04e1e02 am: 2eced57692 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16236498

Change-Id: Id2054c9819186424a08e6f4836042dde5ce36c62
 2021-11-11 23:33:41 +00:00
Oleg Matcovschi
2eced57692 gs101:ssr_detector: Allow access to aoc properties in user builds am: 63d04e1e02 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16236498

Change-Id: I80dc34c15c60f80ddde869c6895d1afe53e8bf3e
 2021-11-11 23:14:23 +00:00
Oleg Matcovschi
63d04e1e02 gs101:ssr_detector: Allow access to aoc properties in user builds 
Bug: 205755422
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: I684590a2ee91cf6d1edfc8a606f3a9e6672ca46f
 2021-11-11 06:13:44 +00:00
Michael Ayoubi
a8e745039f Allow uwb_vendor_app to get SE properties 
Bug: 205770401
Test: Build and flash on device.
Change-Id: Ic98f394434fad12e7d8ef804ecfd694a55ee8190
Merged-In: Ic98f394434fad12e7d8ef804ecfd694a55ee8190
 2021-11-11 00:50:08 +00:00
Michael Ayoubi
18d2a96a11 Allow uwb_vendor_app to get SE properties 
Bug: 205770401
Test: Build and flash on device.
Change-Id: Ic98f394434fad12e7d8ef804ecfd694a55ee8190
 2021-11-11 00:48:21 +00:00
Xin Li
856fe3d040 Merge sc-qpr1-dev-plus-aosp-without-vendor@7810918 
Bug: 205056467
Merged-In: I8f9932ad8885aaefde9548f87c6d2c6cc148cd4c
Change-Id: Ie31b278a639fd5a9e249ca934d543de770fb3217
 2021-11-10 08:06:11 +00:00
Ted Lin
ee9b913bb7 Using dontaudit to fix the avc on boot test am: 3d463050a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16175460

Change-Id: I00cfd7b47b7e2c6718e8211809e1ddb20e19656b
 2021-11-04 16:46:45 +00:00
Ted Lin
3d463050a2 Using dontaudit to fix the avc on boot test 
avc: denied { search } for comm="kworker/6:2" name="google_battery" dev="debugfs" ino=32648 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_battery_debugfs:s0 tclass=dir permissive=1

Bug:200739262
Test: Check bugreport
Change-Id: I50a96bab88f564fef0eda9a23bb77dc6ffed357f
Signed-off-by: Ted Lin <tedlin@google.com>
(cherry picked from commit 951ce82739)
 2021-11-03 03:20:45 +00:00
Siddharth Kapoor
00ceb78ed2 Label GPU power_policy sysfs node am: a7aa46862d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16091105

Change-Id: Iad4caeea7667379e15b69b9a2694a31d759c9dab
 2021-11-02 05:03:24 +00:00
Siddharth Kapoor
6d1da2c994 Label GPU power_policy sysfs node am: f94633e718 am: 62460926d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16123766

Change-Id: Ic0715cc18f5848e694d40f3633c005cf7964791c
 2021-10-28 01:27:24 +00:00
Siddharth Kapoor
62460926d3 Label GPU power_policy sysfs node am: f94633e718 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16123766

Change-Id: Ia753ea69fb270e2bbeca29f2275b84482cc77ec3
 2021-10-28 01:08:49 +00:00
Jiyong Park
d753a4e82d Remove ndk_platform backend. Use the ndk backend. am: 90d1e82ae6 am: caf102afda am: 02048701de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16119648

Change-Id: I7714a03deb27225af3ddaebdcb523fee20f27069
 2021-10-27 07:02:59 +00:00
Jiyong Park
02048701de Remove ndk_platform backend. Use the ndk backend. am: 90d1e82ae6 am: caf102afda 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16119648

Change-Id: I9742f6b11c4b07698f597aeac36aa55686dd8b3f
 2021-10-27 06:46:14 +00:00
Siddharth Kapoor
f94633e718 Label GPU power_policy sysfs node 
Bug: 201718421
Test: trace while App launch
Change-Id: Icd85b8611632e4638946b492740e509baf2714ce
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2021-10-27 01:59:23 +00:00
Steve Pfetsch
421cbb2f61 Merge "Move twoshay definitions to hardware/google/pixel-sepolicy/input." into sc-v2-dev 2021-10-27 00:14:20 +00:00
Jiyong Park
90d1e82ae6 Remove ndk_platform backend. Use the ndk backend. 
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same ndk backend.

Bug: 161456198
Test: m

Merged-In: Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2
Change-Id: Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2
(cherry picked from commit 5cc5d52bd7)
 2021-10-26 14:59:28 +09:00
Philip Quinn
b834b1d008 Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-26 02:06:20 +00:00
Super Liu
c8220eea82 Add touch procfs and sysfs sepolicy. 
Bug: 193467774
Test: TH build pass.
Signed-off-by: Super Liu <supercjliu@google.com>
Change-Id: I25c4d9422966e8603f12222e93ca7b6d6ea6f566
 2021-10-25 17:01:52 +08:00
Siddharth Kapoor
a7aa46862d Label GPU power_policy sysfs node 
Bug: 201718421
Test: trace while App launch
Change-Id: Icd85b8611632e4638946b492740e509baf2714ce
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2021-10-21 14:23:00 +08:00
Philip Quinn
0d48ab4fbf Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-20 23:09:13 +00:00
TreeHugger Robot
7431e8b11f Merge "audio: add permission to request health/sensor data" into sc-v2-dev am: 7352bf22f0 am: cdfec7db74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15838845

Change-Id: I3507cd6655aa6fddb31ca311fd1d94e45ee7b860
 2021-10-20 04:52:34 +00:00
TreeHugger Robot
cdfec7db74 Merge "audio: add permission to request health/sensor data" into sc-v2-dev am: 7352bf22f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15838845

Change-Id: Ic4d717872a99b98770be9d883c0569a09e6c7f3a
 2021-10-20 04:32:42 +00:00
TreeHugger Robot
7352bf22f0 Merge "audio: add permission to request health/sensor data" into sc-v2-dev 2021-10-20 04:12:49 +00:00
Shawn Yang
9d0aca6070 Merge "Allow modem app to read the battery info" into sc-v2-dev am: e48bb0205b am: 72a6569655 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15879394

Change-Id: Ibe4657697553193c4881cf49ee3922a9afbcf92c
 2021-10-20 03:56:33 +00:00
Shawn Yang
72a6569655 Merge "Allow modem app to read the battery info" into sc-v2-dev am: e48bb0205b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15879394

Change-Id: I14e54fdae2d7c3929057ab8fdc24158685d87e6f
 2021-10-20 03:42:10 +00:00
Shawn Yang
e48bb0205b Merge "Allow modem app to read the battery info" into sc-v2-dev 2021-10-20 03:25:48 +00:00
Jasmine Cha
27a4afc1a9 audio: add permission to request health/sensor data 
- Add audio hal into hal_health clients
- Allow audio hal to find fwk_sensor_hwservice
SELinux : avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1
SELinux : avc:  denied  { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1
audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1
audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1


Bug: 199382564
Bug: 199801586
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I8e8a512cfbd6be814c98bac75ff6c0e5db028db2
 2021-10-20 03:04:32 +00:00
Michael Ayoubi
ea0561e344 Merge "Allow euiccpixel_app to get dck_prop" into sc-v2-dev am: 21c2c3f145 am: f94f426c9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15795866

Change-Id: Id64d5c0d45c32838a54d33ef81f8b4b2019dd39f
 2021-10-20 01:06:23 +00:00
Michael Ayoubi
f94f426c9e Merge "Allow euiccpixel_app to get dck_prop" into sc-v2-dev am: 21c2c3f145 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15795866

Change-Id: I18da0736804df2e43fab9d938e758d4cc480d9eb
 2021-10-20 00:48:48 +00:00
Michael Ayoubi
21c2c3f145 Merge "Allow euiccpixel_app to get dck_prop" into sc-v2-dev 2021-10-20 00:32:56 +00:00
jintinglin
936079ad1c Allow modem app to read the battery info 
Test: flash the forrest build, MDS can read the info file

Bug: 203478533

Change-Id: I9985dd2731a43445dd653e226fd2939ca355cda4
 2021-10-19 03:22:46 +00:00
Adam Shih
d50db9e2e7 Merge "move bluetooth related types to bluetooth" 2021-10-19 01:07:50 +00:00
Adam Shih
5c28519e40 move bluetooth related types to bluetooth 
Bug: 202790744
Test: boot with bluetooth hal started
Change-Id: I615d4b13262af2bc2c044914e595a7c2085999d2
 2021-10-18 11:43:15 +08:00
Bart Van Assche
3a1c10bb76 Stop using the bdev_type and sysfs_block_type SELinux attributes 
Stop using these attributes since these will be removed soon. This
commit reverts 37b5741301 ("Add the 'bdev_type' attribute to all block
device types").

Bug: 202520796
Test: Untested.
Change-Id: I00f10d1fd164b6ca01ecd5cffd2012acfc05eeca
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-10-15 14:20:18 -07:00
Adam Shih
17881f3a38 reorganize pixelstats_vendor 
Bug: 202462997
Test: boot with pixelstats_vendor started
Change-Id: I8582ac4e83720768ee7992d41bdac0798da892d9
 2021-10-08 11:06:49 +08:00
Max Kogan
61792ec645 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 49a05309af am: f2d985cc54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: Ib3f29fbb54a6af7ba033cbb756e34c6726caa6bb
 2021-10-04 18:57:11 +00:00
Max Kogan
f2d985cc54 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 49a05309af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I5cc1bababdf50d88df5e511285783d52dd68f4c2
 2021-10-04 18:24:27 +00:00