Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1610 commits 1 branch 0 tags 494 MiB
Commit graph

1610 commits

This branch
This branch
All branches
Author SHA1 Message Date
Yabin Cui
b48e33f29f Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f am: 1a59c0625f am: c581535e5c 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: I391bab4a982ec03d1904d59aa2376a3d3c816c40
 2022-01-21 22:47:19 +00:00
Jasmine Cha
0bfc811257 audio: add sepolicy for getting thermal event am: 2abecb1519 am: 54e84e9978 am: d57668f3cc 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: Idb58719a8511be2f750c8e4a11421d147801b57c
 2022-01-21 22:47:00 +00:00
Jasmine Cha
6a1155a468 [automerger skipped] audio: add permission to request health/sensor data am: a21b7f8800 am: cdcccbbd02 am: 8b5831f247 -s ours 
am skip reason: Merged-In I8e8a512cfbd6be814c98bac75ff6c0e5db028db2 with SHA-1 27a4afc1a9 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: Ib2f5a7ce0376aeedc3c2afb23862ee42e85cb493
 2022-01-21 22:46:31 +00:00
David Anderson
9e40c2e027 Fix sepolicy denial in update_engine. am: 2fe229352b am: e999b85d07 am: b7b8477e12 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: I8f97a3527ec13132ddbba7a0981619f55e0e0f9d
 2022-01-21 22:46:11 +00:00
Matt Buckley
69b607c877 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f am: 8670a782de am: 773506d408 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: Ie88713a1f13dc5e90f0bc928dc2312625bcca096
 2022-01-21 22:45:33 +00:00
Joel Galenson
651a6b8631 Include core policy OWNERS. am: b287da183e am: 453006460d am: 047d2a31ed 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: I7a1f6fb78088aca3c2c748106f8d4cb424c73c23
 2022-01-21 22:45:06 +00:00
Xin Li
1a9568121f [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours am: 01d5ec6d2a -s ours am: 4f9be8d5b2 -s ours 
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: Ic2096a0d1be12d0b8295af1bf852fb5df383c0bb
 2022-01-21 22:44:34 +00:00
chenpaul
cdab1fefb6 Remove wifi_logger related sepolicy settings am: 37d4cfa648 am: 9a9bf7fc09 am: ebc02c3437 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I036388f399ef567dc4eb32d1c4799e58eb8815af
 2022-01-21 22:43:56 +00:00
Yabin Cui
c581535e5c Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f am: 1a59c0625f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: If31d085e00b660262575ab11decb61b372597ceb
 2022-01-21 22:29:59 +00:00
Jasmine Cha
d57668f3cc audio: add sepolicy for getting thermal event am: 2abecb1519 am: 54e84e9978 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: Iddcd4b760301c761c273d53231147a6c1b0927da
 2022-01-21 22:29:29 +00:00
Jasmine Cha
8b5831f247 audio: add permission to request health/sensor data am: a21b7f8800 am: cdcccbbd02 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: I16f8196bfe5e3b49575b936ee6d2376e878aa9be
 2022-01-21 22:29:12 +00:00
David Anderson
b7b8477e12 Fix sepolicy denial in update_engine. am: 2fe229352b am: e999b85d07 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: I45ccf375ccb5b97f848a1db62de77271de5c0b86
 2022-01-21 22:28:55 +00:00
Matt Buckley
773506d408 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f am: 8670a782de 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: I2478a1ce77383d66cd7cb677406920b25bf165da
 2022-01-21 22:28:26 +00:00
Joel Galenson
047d2a31ed Include core policy OWNERS. am: b287da183e am: 453006460d 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: Ia079ef87912e57d704629f397bf6054a83f394bb
 2022-01-21 22:27:53 +00:00
Xin Li
4f9be8d5b2 [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours am: 01d5ec6d2a -s ours 
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: I716fc9fc6a34b69afcdfb0332b3870e19f536f1a
 2022-01-21 22:26:43 +00:00
chenpaul
ebc02c3437 Remove wifi_logger related sepolicy settings am: 37d4cfa648 am: 9a9bf7fc09 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I6402127385b8141c67e44d7f0c8e6d5625fbdc2e
 2022-01-21 22:25:47 +00:00
Yabin Cui
1a59c0625f Merge "Add SOC specific ETM sysfs paths" am: 9ee70a3d7f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1943866

Change-Id: I89a806d01292ec28a0b22bef7833fae566d1d941
 2022-01-21 22:12:12 +00:00
Jasmine Cha
54e84e9978 audio: add sepolicy for getting thermal event am: 2abecb1519 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944690

Change-Id: I7d33c5cf635907493462d49d8b3a2ceacc128f00
 2022-01-21 22:12:02 +00:00
Jasmine Cha
cdcccbbd02 audio: add permission to request health/sensor data am: a21b7f8800 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1944689

Change-Id: I0ec1f8e2c389b199e0b0646397bdd40593b3c374
 2022-01-21 22:11:55 +00:00
David Anderson
e999b85d07 Fix sepolicy denial in update_engine. am: 2fe229352b 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934897

Change-Id: Ie42aaf3f8b972471ccf43fda689e32bc4b388bf8
 2022-01-21 22:11:24 +00:00
Matt Buckley
8670a782de Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags am: 317166636f 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1934617

Change-Id: I20977b9d52ecd10ce3feac4111677e278cadd3c2
 2022-01-21 22:11:00 +00:00
Joel Galenson
453006460d Include core policy OWNERS. am: b287da183e 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1931017

Change-Id: I91c6a5a9e6fde086d82b2def66207b938f18adae
 2022-01-21 22:10:13 +00:00
Xin Li
01d5ec6d2a [automerger skipped] Merge Android 12 QPR1 am: 0d05632eb8 -s ours 
am skip reason: Merged-In Ie31b278a639fd5a9e249ca934d543de770fb3217 with SHA-1 856fe3d040 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1921233

Change-Id: Icf501a9eaa676a0fbf49f2862e76fe482dfa6238
 2022-01-21 22:09:34 +00:00
chenpaul
9a9bf7fc09 Remove wifi_logger related sepolicy settings am: 37d4cfa648 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/1881116

Change-Id: I4537982542fcf8f47e7b9fbaacf326db2cc12dc7
 2022-01-21 22:08:19 +00:00
Presubmit Automerger Backend
bb9f892d56 [automerge] Add vendor SELinux denial to allowlist 2p: ed2c8d78ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16672552

Bug: 215640468
Change-Id: Ie94576056af0683b0cb23b51ae8543ef14b2bca7
 2022-01-21 03:37:25 +00:00
eddielan
ed2c8d78ae Add vendor SELinux denial to allowlist 
Bug: 215640468
Test: Build Pass
Change-Id: I8c2aa5ce4c6cc229837f763c6a20a1c27e1978a6
 2022-01-21 03:37:16 +00:00
YiHo Cheng
b4024884f1 Merge "thermal: Label tmu register dump sysfs" into sc-v2-dev am: e400db11ba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16569088

Change-Id: I3c9929f0ec857786766b892e415d4b58163797be
 2022-01-12 23:14:55 +00:00
YiHo Cheng
e400db11ba Merge "thermal: Label tmu register dump sysfs" into sc-v2-dev 2022-01-12 23:03:42 +00:00
Yabin Cui
9ee70a3d7f Merge "Add SOC specific ETM sysfs paths" 2022-01-11 19:40:23 +00:00
Jasmine Cha
2abecb1519 audio: add sepolicy for getting thermal event 
type=1400 audit(0.0:15): avc: denied { call } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

type=1400 audit(0.0:16): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

Bug: 204271308
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I900de2a2d8bf0753543ef4428374e782908e7aee
 2022-01-11 13:42:58 +08:00
Jasmine Cha
a21b7f8800 audio: add permission to request health/sensor data 
- Add audio hal into hal_health clients
- Allow audio hal to find fwk_sensor_hwservice
SELinux : avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1
SELinux : avc:  denied  { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1
audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1
audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1

Bug: 199382564
Bug: 199801586
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I8e8a512cfbd6be814c98bac75ff6c0e5db028db2
Merged-In: I8e8a512cfbd6be814c98bac75ff6c0e5db028db2
 2022-01-11 13:42:55 +08:00
YiHo Cheng
ca06222472 thermal: Label tmu register dump sysfs 
Allow dumpstate to access tmu register dump sysfs

[ 1155.422181] type=1400 audit(1641335196.892:8): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_reg_dump_state" dev="sysfs"
ino=68561
scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0
tclass=file permissive=0
[ 1155.423398] type=1400 audit(1641335196.892:9): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_reg_dump_current_temp" dev="sysfs"
ino
=68562 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.443740] type=1400 audit(1641335196.896:10): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_rise_thres"
dev="sysfs"
ino=68563 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.466064] type=1400 audit(1641335196.896:11): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_fall_thres"
dev="sysfs"
ino=68565 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.488251] type=1400 audit(1641335196.916:12): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_sub_reg_dump_rise_thres"
dev="sysfs" ino=68564 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
[ 1155.510614] type=1400 audit(1641335196.960:13): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_sub_reg_dump_fall_thres"
dev="sysfs"
ino=68566 scontext=u:r:hal_dumpstate_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
o

Bug: 202736838
Test: check thermal section in dumpstate
Change-Id: Icecca9f69ee9b57d43aa2864864951bf66c4905f
 2022-01-11 08:42:45 +08:00
Yabin Cui
1459e9734a Add SOC specific ETM sysfs paths 
Bug: 213519191
Test: run profcollectd on oriole
Change-Id: Ib1ae7466c76362b8242f2bb8560bb8b1d80c4253
 2022-01-10 11:25:25 -08:00
Vinay Kalia
97addf8500 [DO NOT MERGE] Allow media codec to access power HAL am: 8337626f4a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16483773

Change-Id: I4ce0bb633c8d27e798c7a8e80e1d23eb06b3a2a0
 2022-01-10 06:13:59 +00:00
Vinay Kalia
8337626f4a [DO NOT MERGE] Allow media codec to access power HAL 
This commit fixes the following denials:

W /vendor/bin/hw/google.hardware.media.c2@1.0-service: type=1400 audit(0.0:276): avc: denied
{ call } for comm=436F646563322E30204C6F6F706572 scontext=u:r:mediacodec:s0
tcontext=u:r:servicemanager:s0 tclass=binder permissive=0

bug: 206687836
Test: Secure HFR AV1 video playback with resolution change.
Signed-off-by: Vinay Kalia <vinaykalia@google.com>
Change-Id: I79c20bda87af6066ae667a5176747378718a3a62
 2022-01-06 20:18:34 +00:00
David Anderson
2fe229352b Fix sepolicy denial in update_engine. 
pvmfw is an A/B partition but is not properly labeled and update_engine
gets a denial trying to write to it.

Bug: N/A
Test: m otapackage, apply OTA, check for denials
Change-Id: I55f41a8937384d3bcda5797b5df3f34257f7a114
 2021-12-28 21:52:12 -08:00
Matt Buckley
317166636f Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags 
For the hardware composer and surfaceflinger to coordinate on certain features, it is necessary for the hardware composer to be able to read the surface_flinger_native_boot_prop to know what should be enabled.

Bug: b/195990840
Test: None
Change-Id: Idc1599820026febecda84233d60982e7db7b14b5
 2021-12-28 19:08:06 +00:00
Joel Galenson
b287da183e Include core policy OWNERS. 
Test: None
Change-Id: I053d84eba7695fe125783b536421d43117b3f16d
 2021-12-21 07:27:03 -08:00
Xin Li
0d05632eb8 Merge Android 12 QPR1 
Bug: 210511427
Merged-In: Ie31b278a639fd5a9e249ca934d543de770fb3217
Change-Id: I0daddb05e061916c60055b7df00164a76c69ebd2
 2021-12-14 08:38:59 -08:00
Chris Kuiper
3ce470c235 selinux: Allow sensor HAL to access the display service HAL am: 734d79bdaf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16376281

Change-Id: Ib3f0609b74dbb05a7e4936fa2055a1e050777b3e
 2021-12-10 17:44:16 +00:00
Chris Kuiper
734d79bdaf selinux: Allow sensor HAL to access the display service HAL 
Add necessary permissions.

Bug: b/204471211
Test: Testing with corresponding sensor HAL changes and sensor_test commands.
Change-Id: I01774210693ceb4a6d0d4dee4fb5e905117774d3
 2021-12-10 11:00:07 +08:00
TreeHugger Robot
65a718976e [automerger skipped] Merge "Label min_vrefresh and idle_delay_ms as sysfs_display" into sc-v2-dev am: f7db23e139 -s ours 
am skip reason: Merged-In I29243751ab5f38eca5d8e4221122764f79c75e04 with SHA-1 8d4e8a65d6 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16302392

Change-Id: Ib87c387438c8ada00867ef1422dfa6bc2c4c6df9
 2021-12-08 01:57:41 +00:00
TreeHugger Robot
f7db23e139 Merge "Label min_vrefresh and idle_delay_ms as sysfs_display" into sc-v2-dev 2021-12-08 01:40:06 +00:00
joenchen
8d4e8a65d6 Label min_vrefresh and idle_delay_ms as sysfs_display 
Bug: 202567084
Test: Check the files label by "adb shell ls -Z"
Change-Id: I29243751ab5f38eca5d8e4221122764f79c75e04
Merged-In: I29243751ab5f38eca5d8e4221122764f79c75e04
 2021-12-07 03:42:52 +00:00
joenchen
bef2d7397c Label min_vrefresh and idle_delay_ms as sysfs_display 
Bug: 202567084
Test: Check the files label by "adb shell ls -Z"
Change-Id: I29243751ab5f38eca5d8e4221122764f79c75e04
Merged-In: I29243751ab5f38eca5d8e4221122764f79c75e04
 2021-12-06 02:45:51 +00:00
Albert Wang
43bde53275 Allow suspend_control to access xHCI wakeup node am: a506ed1e06 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16370946

Change-Id: I17198ed93403abe1b6526b385218847616b52c5b
 2021-12-02 01:53:59 +00:00
Albert Wang
a506ed1e06 Allow suspend_control to access xHCI wakeup node 
This is a WORKAROUND to avoid the xHCI wakeup node permission problem,
since system will automatically allocated device ID.

Bug: 205138535
Test: n/a
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: Ia2ca04618f950bdded4aea76c897579eb4b92daf
 2021-12-01 23:45:19 +08:00
Xin Li
50628a78a8 [automerger skipped] Merge sc-qpr1-dev-plus-aosp-without-vendor@7810918 am: 856fe3d040 -s ours am: 4613d25f07 -s ours 
am skip reason: Merged-In I8f9932ad8885aaefde9548f87c6d2c6cc148cd4c with SHA-1 7bfec1ad53 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16278444

Change-Id: Ib19bc7987a5b32c39431ebdce2923541a944f608
 2021-11-18 22:25:11 +00:00
Xin Li
4613d25f07 [automerger skipped] Merge sc-qpr1-dev-plus-aosp-without-vendor@7810918 am: 856fe3d040 -s ours 
am skip reason: Merged-In I8f9932ad8885aaefde9548f87c6d2c6cc148cd4c with SHA-1 7bfec1ad53 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16278444

Change-Id: I3f0e4f5e9f26b048b89f495b7d79d9ceffb61f80
 2021-11-18 22:00:55 +00:00
Albert Wang
8bdcb60170 [RESTRICT AUTOMERGE] Allow suspend_control to access xHCI wakeup node am: e6fb90425d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16246250

Change-Id: If82693c02020cc701953dcb12412fa0fe132f16b
 2021-11-17 08:51:05 +00:00