Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
978 commits 1 branch 0 tags 494 MiB
Commit graph

978 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alex Hong
e44e432672 Move the type definition of properties from product to vendor 
These properties cannot be resolved after product sepolicy is replaced.
  vendor_persist_config_default_prop
  vendor_rild_prop

Test: The device can boot to home after replacing with GSI
Bug: 191236468
Change-Id: Ib797601a44306987e5a85897c7b6cd7827ad91b2
 2021-06-24 02:01:20 +00:00
Minchan Kim
650cf48406 Merge "sepolicy: gs101: allow dump cma statistics" into sc-dev 2021-06-24 01:45:11 +00:00
Thierry Strudel
b491ce3a18 Merge "Add support for non-su hal_uwb" into sc-dev am: e99c749cbd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14928438

Change-Id: Ib43a3b2c888f48c70c6a71e117a8de04662f923a
 2021-06-24 00:54:58 +00:00
Thierry Strudel
e99c749cbd Merge "Add support for non-su hal_uwb" into sc-dev 2021-06-24 00:45:49 +00:00
Minchan Kim
7f9abeee45 sepolicy: gs101: allow dump cma statistics 
Provide necessary sepolicy for bugreport dump to access cma metric
information under /sys/kernel/pixel_stat/*

Test: Run "adb bugreport <zip>" and verify it contains the output
      from dumpstate_board.txt
Bug: 191904985
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: Iaa92006eeb5158a0962652427d1af061fe1cf03d
 2021-06-23 14:15:46 -07:00
TreeHugger Robot
99b2f78bde Merge "Allow fingerprint hal to read sysfs_chosen" into sc-dev am: c431abb5bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15072299

Change-Id: I9ca9b992d8f0c428bd36e437d8fc018f395ff8a0
 2021-06-23 11:32:03 +00:00
TreeHugger Robot
c431abb5bf Merge "Allow fingerprint hal to read sysfs_chosen" into sc-dev 2021-06-23 11:20:51 +00:00
Sungwoo choi
5aaa0f6044 gs101-sepolicy: add oemrilservice_app.te 
Seperate oemrilservice_app.te from vendor_telephony_app.te.
  - target process: com.samsung.slsi.telephony.oemril
  - selabel: oemrilservice_app
  - allow to find app_api_service
  - allow to find radio_service
  - allow to find vendor HAL
  - a binder communication with rild

Bug: 191830874
Test: Manual

Signed-off-by: Sungwoo choi <sungwoo48.choi@samsung.com>
Change-Id: I5e31b4a16f0b4d25bf4889da0150084937354808
 2021-06-23 16:51:57 +08:00
Denny cy Lee
632e7b95ab Pixelstat: battery history access premission am: 0b21a2d44a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14688520

Change-Id: I8c5f44af025177d9c6063ae3c8b174118a100e3d
 2021-06-23 08:32:29 +00:00
Kris Chen
a23d1bb37b Allow fingerprint hal to read sysfs_chosen 
Fixes the following avc denial:
android.hardwar: type=1400 audit(0.0:49): avc: denied { search } for name="chosen" dev="sysfs" ino=9575 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=dir permissive=1
android.hardwar: type=1400 audit(0.0:50): avc: denied { read } for name="platform" dev="sysfs" ino=9591 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=file permissive=1
android.hardwar: type=1400 audit(0.0:51): avc: denied { open } for path="/sys/firmware/devicetree/base/chosen/plat/platform" dev="sysfs" ino=9591 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_chosen:s0 tclass=file permissive=1

Bug: 191832617
Test: Enroll and authenticate fingerprints.
Change-Id: I5c576cc210d9e85b1999655bdc27736183db8aed
 2021-06-23 16:20:57 +08:00
Denny cy Lee
433aeb2d4d Sepolicy: Pixel stats wireless charger sepolicy 
Bug: 171853251
Bug: 188601686
Test: manually, do wirelees charge, check logcat
Change-Id: I4cbd7da038365ae92e34780131056da61b9a55dc
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2021-06-23 06:48:42 +00:00
Denny cy Lee
0b21a2d44a Pixelstat: battery history access premission 
Test: manually, relate seploicy not show; battery history log printed
      05-24 13:29:19.637  2829  2829 D pixelstats_BatteryEEPROM:
      checkAndReport: 0940 0a80 0500 0200 0200 0000
Bug: 189050725
Change-Id: I20567e168db43fe2168a9a30ac7a4b0cec65a665
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2021-06-23 13:50:32 +08:00
Adam Shih
a70819d2f0 modularize pktrouter 
Bug: 190331212
Test: make sure pktrouter gets initialized
06-23 13:21:19.372  1 1 I init : Parsing file /vendor/etc/init/pktrouter.rc...
06-23 13:21:23.510     1     1 I init    : processing action (vendor.pktrouter=1) from (/vendor/etc/init/pktrouter.rc:7)
06-23 13:21:23.510     1     1 I init    : starting service 'pktrouter'...
Change-Id: Icc7ab88505aea47cfed5ffc5182d0625b7a7609d
 2021-06-23 05:24:01 +00:00
Adam Shih
af082207ce modulize init.radio.sh am: d74e989739 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15048203

Change-Id: I9fd2463183e0b630daca6503b1655fd3bd88227f
 2021-06-23 03:16:54 +00:00
SalmaxChang
a926055749 vendor_init/dumpstate: Grant to access logger prop 
Bug: 176176656
Change-Id: I551ccfac57d983aab95aa23e1f350f78ee0a159f
 2021-06-23 10:06:09 +08:00
Michael Ayoubi
cebbf14174 Add support for non-su hal_uwb 
Bug: 187386527
Test: Boot and confirm HAL is up
Signed-off-by: Michael Ayoubi <mayoubi@google.com>
Change-Id: Ia9f3f90fba6981762fe375aa37c81f8474ad9c53
 2021-06-23 01:26:25 +00:00
Adam Shih
d74e989739 modulize init.radio.sh 
Bug: 190331600
Test: build ROM and make sure the file is there and functional.
Change-Id: Icb3e0e590ae315d53eb5251fd5e74d6aacab1fe2
 2021-06-23 01:07:26 +00:00
TreeHugger Robot
7559eac0df Merge "Allow camera hal to access devfreq query" into sc-dev am: e2ef28efca 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14980575

Change-Id: I053b84d7c183802f0e78511de11e18b60ad68709
 2021-06-22 12:26:37 +00:00
TreeHugger Robot
e2ef28efca Merge "Allow camera hal to access devfreq query" into sc-dev 2021-06-22 12:06:16 +00:00
Speth Chang
419019a71a Allow camera hal to access devfreq query 
Bug: 190687351
Test: p21 checklist
Change-Id: Id0cb74b483882a6ede93cadc475a7be334ecf20d
 2021-06-22 10:19:49 +00:00
Alex Hong
710cc3863d Merge "Move the genfs_contexts of sched nodes from vendor to product" into sc-dev am: 1f17829dc2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15045028

Change-Id: I3f65c53287d4ba739d640e40a458e169c92b78f6
 2021-06-22 03:19:49 +00:00
Alex Hong
1f17829dc2 Merge "Move the genfs_contexts of sched nodes from vendor to product" into sc-dev 2021-06-22 03:01:07 +00:00
Srinivas Patibandla
38b0a12272 Update time sync seinfo to not use platform signature am: 51c891fa7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15014432

Change-Id: Ia0719062e6021fb25aa88183eec92740c1e0bf3d
 2021-06-21 19:56:40 +00:00
Alex Hong
c598db170c Move the genfs_contexts of sched nodes from vendor to product 
For sched nodes, "proc_vendor_sched" and "sysfs_vendor_sched",
their type definition is in product sepolicy,
while genfs_contexts is in vendor sepolicy.
In this case, genfs_contexts cannot be resolved after product sepolicy
is replaced by Dynamic System Update.

Need to keep the type definition and genfs_contexts in the same partition.
Now move genfs_contexts because the type definition has to be in product for now
since other private domains are accessing these sched nodes.

Test: $ make selinux_policy
      The device can boot to home after replacing with GSI.
Bug: 191236468
Change-Id: I02ea78b04dfcade4ceb426ff6ebf498daa81ac32
 2021-06-21 14:55:08 +00:00
Srinivas Patibandla
51c891fa7b Update time sync seinfo to not use platform signature 
Bug: b/190695230
Change-Id: I2dbee2e624c8794b3aa9ff85d8985a15ee159a0f
 2021-06-21 14:47:28 +00:00
Thiebaud Weksteen
24b135a5ba Merge "Fix access permissions for sysfs_aoc_reset" into sc-dev am: c4d98b5c11 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15018192

Change-Id: Id422825604c3df974fbcd225c966742ceb1f6a7f
 2021-06-21 08:55:44 +00:00
Thiebaud Weksteen
c4d98b5c11 Merge "Fix access permissions for sysfs_aoc_reset" into sc-dev 2021-06-21 08:38:37 +00:00
Jack Wu
e2aaccb114 sepolicy: gs101: allows pixelstat to access wlc file nodes am: 2794370557 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14732233

Change-Id: I8b9f1e8b1dc1e945ef0f24431610d43f19aafa38
 2021-06-19 02:57:02 +00:00
Jack Wu
2794370557 sepolicy: gs101: allows pixelstat to access wlc file nodes 
05-31 11:14:57.280  1000  3126  3126 W pixelstats-vend: type=1400 audit(0.0:162): avc: denied { search } for name="i2c-p9412" dev="sysfs" ino=60862 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=0
05-31 11:14:57.280  1000  3126  3126 W pixelstats-vend: type=1400 audit(0.0:163): avc: denied { search } for name="i2c-p9412" dev="sysfs" ino=60862 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=0

05-31 13:12:23.940  1000  2838  2838 W pixelstats-vend: type=1400 audit(0.0:182): avc: denied { read } for name="charge_stats" dev="sysfs" ino=73276 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0

05-31 15:02:02.215  1000 13169 13169 W pixelstats-vend: type=1400 audit(0.0:166): avc: denied { write } for name="charge_stats" dev="sysfs" ino=73483 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
05-31 15:02:02.215  1000 13169 13169 W pixelstats-vend: type=1400 audit(0.0:167): avc: denied { write } for name="charge_stats" dev="sysfs" ino=73483 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0

Bug: 176195960
Test: manually test, no avc: denied
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: I0af03dd8099e246c5f94e8e8530d7b2bcf50ff95
 2021-06-18 13:50:59 +00:00
Franklin He
d743a1a37b Merge "Add new sepolicy to allow Power Hint" into sc-dev am: 6a488b8a81 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14997453

Change-Id: Ib88e7249a095c051820f47ebedbc5b902490e3ab
 2021-06-18 08:50:56 +00:00
Franklin He
6a488b8a81 Merge "Add new sepolicy to allow Power Hint" into sc-dev 2021-06-18 08:37:19 +00:00
Krzysztof Kosiński
2bdd262506 Merge changes I18cbcf1b,I28a27741 into sc-dev am: c18265aaaa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15020911

Change-Id: If57e9679a73833f2b3b9061a0baf765bc1c4cc6c
 2021-06-18 08:03:54 +00:00
Krzysztof Kosiński
c18265aaaa Merge changes I18cbcf1b,I28a27741 into sc-dev 
* changes:
  Allow camera HAL to set vendor.camera properties
  Allow rlsservice/camera HAL to read /apex/apex-info-list.xml
 2021-06-18 07:46:33 +00:00
Thiébaud Weksteen
7e232446dc Fix access permissions for sysfs_aoc_reset 
avc: denied { getattr } for comm="UsfHalWorker" path="/sys/devices/platform/19000000.aoc/reset" dev="sysfs" ino=69873 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_reset:s0 tclass=file permissive=0

Bug: 190712449
Bug: 191415949
Change-Id: Ibad4e75aa60b06129221086031289c855c561e96
 2021-06-18 08:56:59 +02:00
Adam Shih
5f89bc8b4b organize confirmationui settings am: d77bc5a970 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15021790

Change-Id: I9a10630cf9dd31ad3dca60c40e1c175da28deab2
 2021-06-18 06:56:41 +00:00
Yuriy Romanenko
6bf4661e8f Allow camera HAL to set vendor.camera properties 
Bug: 188246923
Test: See topic
Change-Id: I18cbcf1b622ad7cd6d6bd1ea258b3d537db54412
 2021-06-17 21:58:54 -07:00
Adam Shih
d77bc5a970 organize confirmationui settings 
Bug: 190331547
Bug: 190331370
Test: build ROM and make sure file and sepolicy is still there
Change-Id: I4cabf9280ab5e21038bcb72615799b7ed0fb1670
 2021-06-18 12:56:05 +08:00
Badhri Jagan Sridharan
4632b7aa7d Merge "Add file context for /dev/logbuffer_tcpm" into sc-dev am: d9876fd266 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15019635

Change-Id: Ie59d003bc6d1e74f1b37f440b9f27059156503f6
 2021-06-18 03:53:45 +00:00
Badhri Jagan Sridharan
d9876fd266 Merge "Add file context for /dev/logbuffer_tcpm" into sc-dev 2021-06-18 03:38:35 +00:00
Badhri Jagan Sridharan
eb3881dbe7 Add file context for /dev/logbuffer_tcpm 
/dev/logbuffer_tcpm gets accessed by dumpstate while bugreport
generation.

Bug: 189792358
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Ica0f3557ad9c41844f8411b0bdf68d66fbba00e5
 2021-06-17 16:11:28 -07:00
Craig Dooley
dfdc21e14f Merge "Allow hal_dumpstate to collect AoC statistics" into sc-dev am: 7fe9d053e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15000356

Change-Id: I77b03e12df36cdf81bddd1d51d64ea50800d9102
 2021-06-17 16:48:35 +00:00
Craig Dooley
7fe9d053e8 Merge "Allow hal_dumpstate to collect AoC statistics" into sc-dev 2021-06-17 16:32:38 +00:00
Franklin He
c53c03b843 Add new sepolicy to allow Power Hint 
SELinux policy changes to work with https://googleplex-android-review.git.corp.google.com/c/device/google/gs101/+/14997393
This allows the NNAPI HAL to make IPC calls to the Power HAL in order to request power hints

Bug: 191241561
Test: Pushed new SEPolicy to device, verified no AVC problems when making IPC calls
Change-Id: I8209b3677bedf908901389c07304f4478d0431b0
 2021-06-17 07:59:11 +00:00
Yuriy Romanenko
14786d9b40 Allow rlsservice/camera HAL to read /apex/apex-info-list.xml 
To detect apex updates

Bug: 188246923
Test: See topic
Change-Id: I28a27741c1c285f8b49a2aa50bc0665143c1b7cb
 2021-06-16 20:55:38 -07:00
TreeHugger Robot
a62f3266fc Merge "vendor_telephony_app.te: add selinuxfs:file" into sc-dev am: 502b653380 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14963703

Change-Id: Id09fec7d2642bf8e67bd9425240408bc40728164
 2021-06-17 01:43:19 +00:00
TreeHugger Robot
502b653380 Merge "vendor_telephony_app.te: add selinuxfs:file" into sc-dev 2021-06-17 01:14:20 +00:00
Yu-Chi Cheng
067e314a35 Allowed EdgeTPU compilation services (tflite and nnapi) to access am: 643e5a7123 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15004632

Change-Id: I1c51e2b2c1d0afb0f3660ccc30cf1db51888d644
 2021-06-17 01:08:59 +00:00
Yu-Chi Cheng
643e5a7123 Allowed EdgeTPU compilation services (tflite and nnapi) to access 
overcommit_memory info.

This is required as part of the compilation process, likely part of
the jemalloc which was added recently.

Bug: 190790251
Test: verified on local P21 device.
Change-Id: I4d90ea92afd7beaa4c4efa6ed509d703764932a1
 2021-06-16 16:17:14 -07:00
Craig Dooley
3031b077a3 Allow hal_dumpstate to collect AoC statistics 
Bug: 188114650
Signed-off-by: Craig Dooley <dooleyc@google.com>
Change-Id: Iba5525af2c651070b9a5f7769c0439ef320d666b
 2021-06-16 17:18:55 +00:00
TreeHugger Robot
41e4576f08 Merge "Add sepolicy for hwcomposer to access lhbm sysfs" into sc-dev am: 11ebd6122e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14234767

Change-Id: I68363c30b1d6c3668434d277c542ef31a0d2419b
 2021-06-16 14:04:36 +00:00