Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
719 commits 1 branch 0 tags 494 MiB
Commit graph

719 commits

This branch
This branch
All branches
Author SHA1 Message Date
Michael Ayoubi
075ba05575 Merge "allow recovery and fastboot to access secure elment" into sc-dev 2021-06-30 17:39:40 +00:00
Jeffrey Carlyle
14fcd5ffaf allow recovery and fastboot to access secure elment 
This is to enable clearing of secure element during a master reset.

Bug: 182508814
Test: master reset on device with keys; verified no keys after reset
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
Change-Id: I9bb569e09f8cd6f5640757bd0d10a14ef32946ff
 2021-06-30 15:19:22 +09:00
Gazi Yamin Iqbal
2e1cafdfd8 Merge "gs101-sepolicy: allow rlsservice to read display status files" into sc-dev 2021-06-30 05:41:19 +00:00
Ted Lin
cb3ca1e87b Remove dontaudit form tracking_denials for maxfg and regmap 
Bug:190337297
Test: Check the bugreport
Change-Id: I0887e6256b4f158bd525ed66475cd1ef5672c9df
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-06-30 11:11:22 +08:00
Adam Shih
3ded724256 Merge "Avoid VTS testDataTypeViolators failure" into sc-dev 2021-06-30 01:45:29 +00:00
Kevin Han
1d54c8dd21 Merge "Revert "allow recovery and fastboot to access secure elment"" into sc-dev 2021-06-29 19:33:01 +00:00
Kevin Han
fd47b11162 Revert "allow recovery and fastboot to access secure elment" 
Revert "add gs101-specific recovery library"

Revert "recovery: enable support for device-specific WipeSe impl..."

Revert "clear secure element of Digital Car Keys during factory ..."

Revert submission 14983788-clear_keys

Reason for revert: b/192373955
Reverted Changes:
Ia8fc29e6c:add gs101-specific recovery library
Icc1eabfd4:clear secure element of Digital Car Keys during fa...
I943d97b26:recovery: enable support for device-specific WipeS...
I15c7fbd7f:allow recovery and fastboot to access secure elmen...

Change-Id: Ic576b40641171298ad840bedbd4a9f7b67052d95
 2021-06-29 19:19:24 +00:00
TreeHugger Robot
be3d2bf325 Merge "allow recovery and fastboot to access secure elment" into sc-dev 2021-06-29 17:50:35 +00:00
TreeHugger Robot
432ed9b527 Merge "Fix denial when flashing vendor_boot in fastbootd." into sc-dev 2021-06-29 17:04:07 +00:00
David Anderson
2354e3a924 Fix denial when flashing vendor_boot in fastbootd. 
This mirrors the same sepolicy line in previous Pixel devices.

Bug: 189493387
Test: fastboot flash vendor_boot on r4
Change-Id: Ie15c8e6e5c01b249e1e5e244666c461253279f0b
 2021-06-28 21:06:05 -07:00
Neo Yu
9c27ce91c8 Merge "Fix avc denied for getprop "vendor.radio.call_end_reason"" into sc-dev 2021-06-29 03:05:02 +00:00
TreeHugger Robot
15f7a61603 Merge "Sepolicy: Remove permission for fuel gauge" into sc-dev 2021-06-29 01:48:34 +00:00
neoyu
93944a8b1c Fix avc denied for getprop "vendor.radio.call_end_reason" 
06-10 11:13:02.867 10224  2377  2377 W libc    : Access denied finding property "vendor.radio.call_end_reason"

Bug: 191204793
Test: error is gone with this fix
Change-Id: I50c1d21ba4e2343aa2cee0c533b8c3dbe535e4b5
 2021-06-29 01:18:12 +00:00
TreeHugger Robot
22f27cb215 Merge "Sepolicy: Pixel stats wireless charger sepolicy" into sc-dev 2021-06-29 01:16:35 +00:00
Adam Shih
f9501fc87c Avoid VTS testDataTypeViolators failure 
Bug: 192209720
Test: run -m CtsSecurityHostTestCases -t android.security.cts.SELinuxHostTest
Change-Id: I9043c5adfb544179bceb0f6e5cf73c2b2ddd3d02
 2021-06-29 07:58:57 +08:00
TreeHugger Robot
a63fbd68d4 Merge "Hardwareinfo: battery info porting" into sc-dev 2021-06-28 16:20:12 +00:00
Gazi Yamin Iqbal
4ea317bb6a gs101-sepolicy: allow rlsservice to read display status files 
major changes:
        1. This change is to allow rlsservice to read the status of
        display status file. Similar method was employed in previous
        pixels.
Bug: 191122203
Test: p21 camera test checklist

Change-Id: I09483881294fd6dde46d4d0b7283311a2d20c404
 2021-06-28 22:15:08 +08:00
TreeHugger Robot
407d0cf58d Merge "gs101-sepolicy: add oemrilservice_app.te" into sc-dev 2021-06-27 01:47:21 +00:00
Jeffrey Carlyle
9ac870aa22 allow recovery and fastboot to access secure elment 
This is to enable clearing of secure element during a master reset.

Bug: 182508814
Test: master reset on device with keys; verified no keys after reset
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
Change-Id: I15c7fbd7f2c4fb34dcad0ae4f5cee3238f526fa5
 2021-06-25 17:54:29 -07:00
sukiliu
7ea816284d Update avc error on ROM 7492139 
avc: denied { call } for comm="servicemanager" scontext=u:r:servicemanager:s0 tcontext=u:r:hal_fingerprint_default:s0 tclass=binder permissive=0

Bug: 192040144
Test: PtsSELinuxTestCases
Change-Id: I2de11d2706222a88c4234d99399b7b2437f36e31
 2021-06-25 14:40:17 +08:00
sukiliu
e31c8840de Update avc error on ROM 7490489 
avc: denied { call } for scontext=u:r:dumpstate:s0 tcontext=u:r:hal_uwb_default:s0 tclass=binder permissive=0
avc: denied { call } for comm="dumpstate" scontext=u:r:dumpstate:s0 tcontext=u:r:hal_uwb_default:s0 tclass=binder permissive=0

Bug: 192026913
Test: PtsSELinuxTestCases
Change-Id: Ieca08e87db1b46f3b7fc7de1492e45d4a5bec868
 2021-06-25 09:42:51 +08:00
Ilya Matyukhin
f9828a9944 Merge "raviole: transition SystemUI to use HWC for LHBM" into sc-dev 2021-06-25 01:12:52 +00:00
Adam Shih
99bfde4f38 Merge "modularize dmd" into sc-dev 2021-06-25 01:12:50 +00:00
TreeHugger Robot
655f5cfd8f Merge "vendor_init/dumpstate: Grant to access logger prop" into sc-dev 2021-06-24 10:02:11 +00:00
Adam Shih
9b0b96b907 Merge "modularize pktrouter" into sc-dev 2021-06-24 07:24:45 +00:00
Ilya Matyukhin
2460cdcc9f raviole: transition SystemUI to use HWC for LHBM 
This change removes direct access to the LHBM sysfs node from SystemUI,
but allows SystemUI to make binder calls to the hardware composer (HWC),
which can be used to enable or disable LHBM.

Bug: 191132545
Bug: 190563896
Bug: 184768835
Test: no avc denials
Change-Id: I5417377ff096e869ad772e4fd2fb23f8c1fd4f1e
 2021-06-23 23:38:27 -07:00
Adam Shih
8b326703e1 modularize dmd 
Bug: 190331463
Test: build ROM and make sure dmd is launched
Change-Id: If1e51b6bc100e870a15a40f5e0d93a75fe68bac3
 2021-06-24 14:17:29 +08:00
Alex Hong
d912300853 Merge "Move the type definition of properties from product to vendor" into sc-dev 2021-06-24 02:15:36 +00:00
Alex Hong
e44e432672 Move the type definition of properties from product to vendor 
These properties cannot be resolved after product sepolicy is replaced.
  vendor_persist_config_default_prop
  vendor_rild_prop

Test: The device can boot to home after replacing with GSI
Bug: 191236468
Change-Id: Ib797601a44306987e5a85897c7b6cd7827ad91b2
 2021-06-24 02:01:20 +00:00
Minchan Kim
650cf48406 Merge "sepolicy: gs101: allow dump cma statistics" into sc-dev 2021-06-24 01:45:11 +00:00
Thierry Strudel
e99c749cbd Merge "Add support for non-su hal_uwb" into sc-dev 2021-06-24 00:45:49 +00:00
Minchan Kim
7f9abeee45 sepolicy: gs101: allow dump cma statistics 
Provide necessary sepolicy for bugreport dump to access cma metric
information under /sys/kernel/pixel_stat/*

Test: Run "adb bugreport <zip>" and verify it contains the output
      from dumpstate_board.txt
Bug: 191904985
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: Iaa92006eeb5158a0962652427d1af061fe1cf03d
 2021-06-23 14:15:46 -07:00
TreeHugger Robot
c431abb5bf Merge "Allow fingerprint hal to read sysfs_chosen" into sc-dev 2021-06-23 11:20:51 +00:00
Sungwoo choi
5aaa0f6044 gs101-sepolicy: add oemrilservice_app.te 
Seperate oemrilservice_app.te from vendor_telephony_app.te.
  - target process: com.samsung.slsi.telephony.oemril
  - selabel: oemrilservice_app
  - allow to find app_api_service
  - allow to find radio_service
  - allow to find vendor HAL
  - a binder communication with rild

Bug: 191830874
Test: Manual

Signed-off-by: Sungwoo choi <sungwoo48.choi@samsung.com>
Change-Id: I5e31b4a16f0b4d25bf4889da0150084937354808
 2021-06-23 16:51:57 +08:00
Kris Chen
a23d1bb37b Allow fingerprint hal to read sysfs_chosen 
Fixes the following avc denial:
android.hardwar: type=1400 audit(0.0:49): avc: denied { search } for name="chosen" dev="sysfs" ino=9575 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=dir permissive=1
android.hardwar: type=1400 audit(0.0:50): avc: denied { read } for name="platform" dev="sysfs" ino=9591 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=file permissive=1
android.hardwar: type=1400 audit(0.0:51): avc: denied { open } for path="/sys/firmware/devicetree/base/chosen/plat/platform" dev="sysfs" ino=9591 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=file permissive=1

Bug: 191832617
Test: Enroll and authenticate fingerprints.
Change-Id: I5c576cc210d9e85b1999655bdc27736183db8aed
 2021-06-23 16:20:57 +08:00
Denny cy Lee
433aeb2d4d Sepolicy: Pixel stats wireless charger sepolicy 
Bug: 171853251
Bug: 188601686
Test: manually, do wirelees charge, check logcat
Change-Id: I4cbd7da038365ae92e34780131056da61b9a55dc
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2021-06-23 06:48:42 +00:00
Denny cy Lee
0b21a2d44a Pixelstat: battery history access premission 
Test: manually, relate seploicy not show; battery history log printed
      05-24 13:29:19.637  2829  2829 D pixelstats_BatteryEEPROM:
      checkAndReport: 0940 0a80 0500 0200 0200 0000
Bug: 189050725
Change-Id: I20567e168db43fe2168a9a30ac7a4b0cec65a665
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2021-06-23 13:50:32 +08:00
Adam Shih
a70819d2f0 modularize pktrouter 
Bug: 190331212
Test: make sure pktrouter gets initialized
06-23 13:21:19.372  1 1 I init : Parsing file /vendor/etc/init/pktrouter.rc...
06-23 13:21:23.510     1     1 I init    : processing action (vendor.pktrouter=1) from (/vendor/etc/init/pktrouter.rc:7)
06-23 13:21:23.510     1     1 I init    : starting service 'pktrouter'...
Change-Id: Icc7ab88505aea47cfed5ffc5182d0625b7a7609d
 2021-06-23 05:24:01 +00:00
SalmaxChang
a926055749 vendor_init/dumpstate: Grant to access logger prop 
Bug: 176176656
Change-Id: I551ccfac57d983aab95aa23e1f350f78ee0a159f
 2021-06-23 10:06:09 +08:00
Michael Ayoubi
cebbf14174 Add support for non-su hal_uwb 
Bug: 187386527
Test: Boot and confirm HAL is up
Signed-off-by: Michael Ayoubi <mayoubi@google.com>
Change-Id: Ia9f3f90fba6981762fe375aa37c81f8474ad9c53
 2021-06-23 01:26:25 +00:00
Adam Shih
d74e989739 modulize init.radio.sh 
Bug: 190331600
Test: build ROM and make sure the file is there and functional.
Change-Id: Icb3e0e590ae315d53eb5251fd5e74d6aacab1fe2
 2021-06-23 01:07:26 +00:00
TreeHugger Robot
e2ef28efca Merge "Allow camera hal to access devfreq query" into sc-dev 2021-06-22 12:06:16 +00:00
Speth Chang
419019a71a Allow camera hal to access devfreq query 
Bug: 190687351
Test: p21 checklist
Change-Id: Id0cb74b483882a6ede93cadc475a7be334ecf20d
 2021-06-22 10:19:49 +00:00
Alex Hong
1f17829dc2 Merge "Move the genfs_contexts of sched nodes from vendor to product" into sc-dev 2021-06-22 03:01:07 +00:00
Alex Hong
c598db170c Move the genfs_contexts of sched nodes from vendor to product 
For sched nodes, "proc_vendor_sched" and "sysfs_vendor_sched",
their type definition is in product sepolicy,
while genfs_contexts is in vendor sepolicy.
In this case, genfs_contexts cannot be resolved after product sepolicy
is replaced by Dynamic System Update.

Need to keep the type definition and genfs_contexts in the same partition.
Now move genfs_contexts because the type definition has to be in product for now
since other private domains are accessing these sched nodes.

Test: $ make selinux_policy
      The device can boot to home after replacing with GSI.
Bug: 191236468
Change-Id: I02ea78b04dfcade4ceb426ff6ebf498daa81ac32
 2021-06-21 14:55:08 +00:00
Srinivas Patibandla
51c891fa7b Update time sync seinfo to not use platform signature 
Bug: b/190695230
Change-Id: I2dbee2e624c8794b3aa9ff85d8985a15ee159a0f
 2021-06-21 14:47:28 +00:00
Thiebaud Weksteen
c4d98b5c11 Merge "Fix access permissions for sysfs_aoc_reset" into sc-dev 2021-06-21 08:38:37 +00:00
Jack Wu
2794370557 sepolicy: gs101: allows pixelstat to access wlc file nodes 
05-31 11:14:57.280  1000  3126  3126 W pixelstats-vend: type=1400 audit(0.0:162): avc: denied { search } for name="i2c-p9412" dev="sysfs" ino=60862 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=0
05-31 11:14:57.280  1000  3126  3126 W pixelstats-vend: type=1400 audit(0.0:163): avc: denied { search } for name="i2c-p9412" dev="sysfs" ino=60862 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=0

05-31 13:12:23.940  1000  2838  2838 W pixelstats-vend: type=1400 audit(0.0:182): avc: denied { read } for name="charge_stats" dev="sysfs" ino=73276 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0

05-31 15:02:02.215  1000 13169 13169 W pixelstats-vend: type=1400 audit(0.0:166): avc: denied { write } for name="charge_stats" dev="sysfs" ino=73483 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
05-31 15:02:02.215  1000 13169 13169 W pixelstats-vend: type=1400 audit(0.0:167): avc: denied { write } for name="charge_stats" dev="sysfs" ino=73483 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0

Bug: 176195960
Test: manually test, no avc: denied
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: I0af03dd8099e246c5f94e8e8530d7b2bcf50ff95
 2021-06-18 13:50:59 +00:00
Franklin He
6a488b8a81 Merge "Add new sepolicy to allow Power Hint" into sc-dev 2021-06-18 08:37:19 +00:00
Krzysztof Kosiński
c18265aaaa Merge changes I18cbcf1b,I28a27741 into sc-dev 
* changes:
  Allow camera HAL to set vendor.camera properties
  Allow rlsservice/camera HAL to read /apex/apex-info-list.xml
 2021-06-18 07:46:33 +00:00