Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1627 commits 1 branch 0 tags 494 MiB
Commit graph

1627 commits

This branch
This branch
All branches
Author SHA1 Message Date
Roshan Pius
04fbca104c gs101-sepolicy: Rename hal_uwb -> hal_uwb_vendor 
Since we are now creating an AOSP HAL for uwb. Rename qorvo's internal
HAL to hal_uwb_vendor to avoid conflicts with the AOSP HAL sepolicy
rules.

Bug: 195308730
Test: Compiles
Change-Id: Ief48eacde68b062b2199b20c0c1bb3af23795240
Merged-In: Ief48eacde68b062b2199b20c0c1bb3af23795240
 2021-08-25 17:32:53 +00:00
TreeHugger Robot
f3993d4555 Merge "Allow boot color propagation" into sc-qpr1-dev am: 9c97417d3a am: c9690b1256 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15600825

Change-Id: I6d8905a45f5195294ca67d8cf21917779c6c3a0c
 2021-08-21 17:10:21 +00:00
TreeHugger Robot
4dce16cfef Merge "Allow boot color propagation" into sc-qpr1-dev am: 9c97417d3a am: c3521edd8c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15600825

Change-Id: Ie7fde3e797a018b74849b74543a1a0564d9141fd
 2021-08-19 23:24:40 +00:00
TreeHugger Robot
c3521edd8c Merge "Allow boot color propagation" into sc-qpr1-dev am: 9c97417d3a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15600825

Change-Id: Ibef6a94ac176f32b8bb0a87d3eb8283573bbcc74
 2021-08-19 23:12:37 +00:00
TreeHugger Robot
c9690b1256 Merge "Allow boot color propagation" into sc-qpr1-dev am: 9c97417d3a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15600825

Change-Id: I7c3f9be67d2e2ae13c034e4909c9ec589e38ccf2
 2021-08-19 23:12:30 +00:00
TreeHugger Robot
9c97417d3a Merge "Allow boot color propagation" into sc-qpr1-dev 2021-08-19 22:52:31 +00:00
David Chen
381a1043e1 [automerger skipped] resolve merge conflicts of c0922582bc to sc-v2-dev am: 462d4b1bcd -s ours 
am skip reason: Merged-In Ib95debbc9ce10919c5f935e8f70b340bb293b54a with SHA-1 c0922582bc is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15618916

Change-Id: I4cf911eb3be87f95df8310888a4b4d211fc576fb
 2021-08-19 08:37:09 +00:00
David Chen
462d4b1bcd resolve merge conflicts of c0922582bc to sc-v2-dev 
Bug: 197164878

Change-Id: Ibc7ea7ffe9c30912c8e12d081a6b110f8e73f29f
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-19 02:25:56 +00:00
David Chen
28cd716faa resolve merge conflicts of 945de94222 to sc-v2-dev-plus-aosp 
Bug: 197166084

Change-Id: I4b8b2d99db133be4c96853f072e3b10dbac39b92
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-19 02:25:12 +00:00
davidycchen
945de94222 Allow twoshay to access fwk_stats_service and system_server am: c0922582bc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15605516

Change-Id: I8a500539a2738d27fa47d2d3f45cfe5e68bfe099
 2021-08-19 01:30:20 +00:00
Rick Yiu
7fcca345b0 Merge "gs101-sepolicy: Remove private/mediaprovider_app.te" into sc-v2-dev am: 26fec151ec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15595122

Change-Id: Ic7d8107ef2e16a57e00de5080a86cdffa50c6791
 2021-08-18 04:06:09 +00:00
Rick Yiu
26fec151ec Merge "gs101-sepolicy: Remove private/mediaprovider_app.te" into sc-v2-dev 2021-08-18 03:46:01 +00:00
davidycchen
c0922582bc Allow twoshay to access fwk_stats_service and system_server 
avc:  denied  { find } for pid=813 uid=0
name=android.frameworks.stats.IStats/default scontext=u:r:twoshay:s0
tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager

avc: denied { call } for scontext=u:r:twoshay:s0
tcontext=u:r:system_server:s0 tclass=binder

Bug: 179334953
Test: Make selinux_policy and push related files to the device.

Signed-off-by: davidycchen <davidycchen@google.com>
Change-Id: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-18 09:47:01 +08:00
Bart Van Assche
6828588c74 Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 am: 7513cd7ad6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I5c32e5d3fdb511b5103dc2e0a24f837e714943b7
 2021-08-18 01:26:07 +00:00
Bart Van Assche
65b8e1e433 Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 79b41e3c3a am: 742ff4f98c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: Ie24dd9a6de1a644b15eed4da713089cc6bcbefe6
 2021-08-18 01:20:26 +00:00
Bart Van Assche
07751567ad Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 am: ea25044059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I5d46eab501e1ce290570a69dde5450813eff0bf0
 2021-08-18 01:20:15 +00:00
Bart Van Assche
742ff4f98c Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 79b41e3c3a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I693db84157721b8ff20ae7bd8da213469352cc75
 2021-08-18 01:01:59 +00:00
Bart Van Assche
7513cd7ad6 Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: Iedf50eb9fc1c205eb584c4c53ad7de45c06b695d
 2021-08-18 00:56:43 +00:00
Bart Van Assche
ea25044059 Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I0ca50d490ad5aa49bcc2f1c7db52f5b81a44dcd2
 2021-08-18 00:56:43 +00:00
Bart Van Assche
239bcceb78 Add the 'bdev_type' attribute to all block device types am: 37b5741301 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I19d709e960fe8ccf066bdbd20dc6817ee20e55d0
 2021-08-18 00:34:10 +00:00
Bart Van Assche
79b41e3c3a Add the 'bdev_type' attribute to all block device types am: 37b5741301 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I52ac9161ae22eafecd60a8317370ddc3b243263d
 2021-08-18 00:31:25 +00:00
Bart Van Assche
37b5741301 Add the 'bdev_type' attribute to all block device types 
The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9

The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947

The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.

Bug: 194450129
Bug: 196982345
Test: Built Android images that include this change and verified that neither init nor apexd triggers any SELinux access denied errors.
Change-Id: I6ce1127f199c5b33812f15fe280d86594d7d7ebf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-08-17 15:23:23 -07:00
Lucas Dupin
6e887cf3a0 Allow boot color propagation 
Allows SystemUI to write the boot color sysprop

Test: manual
Bug: 190093578
Change-Id: I844a4dae87fe09a09ff3368c540ffab5f745d455
(cherry picked from commit 8a586e6786)
 2021-08-17 21:06:23 +00:00
Rick Yiu
6224fa9354 gs101-sepolicy: Remove private/mediaprovider_app.te 
Moved to system/sepolicy to solve GSI avc denials.

Bug: 196326750
Test: build pass
Change-Id: I4bdcc1d49bf9550297687534074fd3fc526d3acc
 2021-08-17 21:09:20 +08:00
Edmond Chung
eb1a9fd509 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 am: 36f756e44b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I27bc0b77a3438fcaf6cbdf209945f6c7a360771c
 2021-08-16 22:45:38 +00:00
Edmond Chung
4ee5ff59a0 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 am: 07fbe5b0d8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I91b59573968bb3ad15f7785ac155809ae9a7cfdc
 2021-08-16 22:45:01 +00:00
Edmond Chung
ff5c485ddc Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: d5f9036c8e am: 9bde9324fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I90884f92df1e42fa5b60ad47e914ed1460b40c04
 2021-08-16 22:44:58 +00:00
Edmond Chung
36f756e44b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Id66f403466d50ea3beb4663cc137e551a92e16f3
 2021-08-16 22:32:00 +00:00
Edmond Chung
07fbe5b0d8 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Ia7663a410cd3ffcbb554dc653c2470e53efa2f4b
 2021-08-16 22:32:00 +00:00
Edmond Chung
9bde9324fe Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: d5f9036c8e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Ib347e1a8fbee1822542adf48a03f92dbdac3a302
 2021-08-16 22:31:40 +00:00
Edmond Chung
c45a1b5828 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I97f8f143230d13f64b34ee11c7a46cfcc5f2f3f9
 2021-08-16 22:17:00 +00:00
Edmond Chung
d5f9036c8e Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Icf58b2d5fef01a62ef5ec8c5009690224a15a939
 2021-08-16 22:16:13 +00:00
Edmond Chung
7e581b9a7b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev 2021-08-16 22:01:46 +00:00
Edmond Chung
6b30dbc54c gs101: Allow camera HAL to access interrupt handles 
This is to allow camera HAL to modify IRQ affinity for different use
cases.

Bug: 196058977
Test: Camera use cases
Change-Id: I498b0ac763b735d05299e1f4b09de14e131fd6e3
 2021-08-16 10:52:27 -07:00
Rick Yiu
6ce26f4ea0 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d am: 9c7ca5fdd3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I005a8c793d4d8919a1b8cb74528bb7063a7498cb
 2021-08-16 14:26:27 +00:00
Rick Yiu
c3a47b14d5 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d am: d2f6cfc831 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I64c32ca8b100ae5de316130875593ad6e1753744
 2021-08-16 14:26:05 +00:00
Rick Yiu
7b0fa572c3 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 7b8fe23d74 am: fa5d13d6e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: Ia05c12145187f2500010827b6e28ce5b56039511
 2021-08-16 14:25:57 +00:00
Rick Yiu
9c7ca5fdd3 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I59e7baee2e2c5a80d53b5a6f5c8712a2b09a36d3
 2021-08-16 14:11:45 +00:00
Rick Yiu
d2f6cfc831 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 1f4c69a11d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: Ie4daa316c73721aa8cb9d87d262ba754fd926356
 2021-08-16 14:11:43 +00:00
Rick Yiu
fa5d13d6e1 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 am: 7b8fe23d74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I2837b12374957c35725af2f4aed49ada200810ff
 2021-08-16 14:11:31 +00:00
Rick Yiu
1f4c69a11d gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I54a069f83c389b69a73d9d4d64a34177ba652d1c
 2021-08-16 13:54:58 +00:00
Rick Yiu
7b8fe23d74 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials am: 2ef3daba50 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15531061

Change-Id: I1870542193c2b06de1f1e53f38e84fb800a74839
 2021-08-16 13:54:01 +00:00
Rick Yiu
2ef3daba50 gs101-sepolicy: Use untrusted_app_all for vendor_sched denials 
Use untrusted_app_all to cover all Use untrusted_app versions.

Bug: 196109806
Test: no untrusted_app denials for vendor_sched
Change-Id: Ic6426b26b8a05f8a0bc7e2a4a4a293b2988812d3
 2021-08-16 13:40:32 +00:00
Victor Liu
9d0c136cf6 allow uwb hal sys_nice access am: 39b5815a1e am: 9d2d70e09b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: I64e3b902d5a83a50d296439779dc252f159ba66d
 2021-08-13 23:39:35 +00:00
Victor Liu
2fdbcbea3e uwb: allow uwb to access the radio service am: 0c429efc07 am: e4ee9723f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15521660

Change-Id: Ie3cb7e9c74f07966c249bf67e50a80af810f6e38
 2021-08-13 23:34:11 +00:00
Victor Liu
ecceee1ddc allow uwb hal sys_nice access am: 39b5815a1e am: 21d74ff50f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: Ie7d5132a50e0d0f7e8db35d512a70ef6b932ab68
 2021-08-13 22:07:02 +00:00
Victor Liu
243649da79 uwb: allow uwb to access the radio service am: 0c429efc07 am: 19b1a2feef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15521660

Change-Id: I264015c73d5a4a61712726192c7ee3160704dc02
 2021-08-13 21:31:06 +00:00
Victor Liu
9d2d70e09b allow uwb hal sys_nice access am: 39b5815a1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: Ib8b61cc66bd2919360e05434f147f495fcacb156
 2021-08-13 02:41:53 +00:00
Victor Liu
21d74ff50f allow uwb hal sys_nice access am: 39b5815a1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15549222

Change-Id: Ib6d841a96f4ce29a077ec11d10d411e985b110f0
 2021-08-13 02:41:52 +00:00
Victor Liu
39b5815a1e allow uwb hal sys_nice access 
hardware.qorvo.: type=1400 audit(0.0:9): avc: denied { sys_nice } for capability=23 scontext=u:r:hal_uwb_default:s0 tcontext=u:r:hal_uwb_default:s0 tclass=capability permissive=0
hardware.qorvo.: type=1400 audit(0.0:9): avc: denied { setsched } for scontext=u:r:hal_uwb_default:s0 tcontext=u:r:kernel:s0 tclass=process permissive=0

Bug: 196438549
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I742bae701cfcc7b4842cd63abbc8c275d82c8ba1
 2021-08-12 16:11:06 -07:00