Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3764 commits 1 branch 0 tags 494 MiB
Commit graph

206 commits

Author SHA1 Message Date
sukiliu
d48a10f9b0 Update SELinux error 
Test: scanBugreport
Bug: 269045042
Change-Id: I6291a7d3fd3b75d68548bd2fb7287b8ff754684a
 2023-02-13 10:41:23 +08:00
sukiliu
8835275413 Update SELinux error 
Test: scanBugreport
Bug: 268411073
Bug: 268147283
Bug: 268146971
Change-Id: I60fdc8e3d44da7632522f57adc01c0e6879be83c
 2023-02-10 10:20:35 +08:00
Kyle Zhang
bfbf488408 Merge "Add hal_drm_widevine for Widevine exec sepolicy" 2023-01-11 05:37:46 +00:00
Kyle Zhang
902db3961f Add hal_drm_widevine for Widevine exec sepolicy 
Bug: 243699259
Test: atp v2/widevine-eng/drm_compliance
Change-Id: Ifede19e690cb7b7333016df08fb146a0ec8f7409
 2023-01-06 03:14:20 +00:00
Adam Shih
afe63f78cc Update SELinux error 
Test: scanBugreport
Bug: 264483673
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: I954f764f035fcffa06c1c940bece36f0d7e42711
 2023-01-05 13:38:16 +08:00
Adam Shih
46285b5dd5 Update SELinux error 
Test: scanBugreport
Bug: 264483156
Change-Id: Ifa7de8df3b09eabee7df8008dbb381854e18f48f
 2023-01-05 11:04:58 +08:00
Lucas Wei
8a9fd1b4aa votable: update SEpolicy error am: 5851e17605 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/20265110

Change-Id: I3d444fed3a236050d00988b59a4237df3815f2e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-24 03:28:26 +00:00
Lucas Wei
5851e17605 votable: update SEpolicy error 
Bug: 247905787
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: Ia6dfb7796ab46b0ac339b98465ccd91624b655ed
 2022-10-23 23:23:41 +08:00
Thiébaud Weksteen
7d6c449261 Revert "Update SELinux error" 
This reverts commit 286d40c81b.

Test: TH
Bug: 241172186
Bug: 241172220
Bug: 241172337
Bug: 241172391
Bug: 241172490
Change-Id: Id3453e85aee3ee8e0255d3e53f37ca4488d7c9f9
 2022-08-15 13:47:56 +10:00
Adam Shih
286d40c81b Update SELinux error 
Test: checkSensors
Bug: 241172337
Test: scanBugreport
Bug: 241172490
Test: testAtomicWrite
Bug: 241172490
Test: testConfigMaxSectorsKB
Bug: 241172490
Test: testDirectWriteNormalReadInEncryptedDir
Bug: 241172391
Test: testInvalidWrite
Bug: 241172490
Test: testLoopMaxPartDefined
Bug: 241172391
Test: testNormalWriteDirectReadInEncryptedDir
Bug: 241172490
Test: testPinFile
Bug: 241172490
Test: testSmallFileInEncryptedDir
Bug: 241172490
Change-Id: Iee5a8e6fff46b62ec0a448b05db64a788b7d08fb
 2022-08-03 01:09:57 +00:00
Adam Shih
479986a020 Update SELinux error 
Test: checkSensors
Bug: 240632824
Test: checkLockScreen
Bug: 240632824
Test: scanBugreport
Bug: 240632824
Change-Id: I4fee87636dc65765e4ab3e10e0b7080d7b4d44b2
 2022-07-29 10:18:10 +08:00
Kyle Lin
3014f97824 Merge "Remove dontaudit since read early_wakeup completed" 2022-07-28 02:51:37 +00:00
Stephane Lee
faec9385c4 Bug fixed in ag/19153533 
Bug: 238143381
Test: N/A
Change-Id: If527ea681abaa221e55533a3dab1371ecac7a3b2
 2022-07-22 16:55:24 -07:00
Jimmy Shiu
55d41f1a3e Remove dontaudit since read early_wakeup completed 
The display file node, early_wakeup, just for trigger the worker for
display and it doesn't have meaningful read function. But PowerHAL read
all nodes and try to dump their valuesi while triggering bugreport. As
the read operation has been completed, so we can remove the clause.

07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:8): avc: denied { dac_read_search } for capability=2 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
07-02 00:53:56.888   522   522 W android.hardwar: type=1400 audit(0.0:9): avc: denied { dac_override } for capability=1 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0

Bug: 221384860
Bug: 192617242
Bug: 171760921
Test: adb shell dumpsys android.hardware.power.IPower/default
Change-Id: If0018499cc19f79819ef69794d7672d5a53de74e
 2022-07-18 11:08:58 +08:00
Minchan Kim
86ef69850b Remove vendor_init.te from tracking_denials 
Since last error fixed, remove the vendor_init.te from tracking_denials.

Bug: 190337297
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I5178c864a70748c1dddf8c08baa8d653cd0225d9
 2022-07-15 05:10:55 +00:00
Adam Shih
32d987cd24 Update SELinux error 
Bug: 234547283
Change-Id: I50bd66a22755eefe7aa24ec1042e3b6cb627ad3d
 2022-07-15 00:30:47 +00:00
Adam Shih
74d2d8963f Update error on ROM 8820442 
Bug: 238825802
Test: testSysfsHealth
Change-Id: I607f78de19b18b258309f89669ded393dd74a2a7
 2022-07-13 11:01:28 +08:00
Adam Shih
c6186c2960 Update SELinux error 
Test: checkSensors
Bug: 238571420
Test: checkLockScreen
Bug: 238570971
Test: scanBugreport
Bug: 238571324
Change-Id: Ia6f2db6374d7ebe1a9c3f5b0bd8d152ed9d4a9a0
 2022-07-11 10:24:12 +08:00
Adam Shih
347e482d19 Update SELinux error 
Test: checkLockScreen
Bug: 238263438
Bug: 238263568
Change-Id: I694924ceb031abb749e4b92a715d3b7dc87088be
 2022-07-07 11:29:44 +08:00
Adam Shih
bc85d46045 ignore shell access on wlc 
Bug: 238038592
Test: boot
Change-Id: I09b67ca07d7f9573d77f64686fb818d4dc1753cc
 2022-07-06 14:44:41 +08:00
Adam Shih
a8aeb4a6c9 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238143262
Bug: 238143381
Change-Id: Ibe3ce917418d71b61aa6d085041a51dda5998c74
 2022-07-06 02:58:51 +00:00
Adam Shih
7835523aea Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 238038592
Change-Id: Id248ba82c49fa09be28f7a0219eb42b0ecc9e358
 2022-07-05 11:17:25 +08:00
Adam Shih
d472e161ae mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 am: c68fe289e3 am: 5bf5ffc8d3 am: d8d5fd4374 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I75a4589877c5803c6facbb189bd36662c66d2274
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 06:29:36 +00:00
Adam Shih
5bf5ffc8d3 mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 am: c68fe289e3 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I2afec41baa838d8db9ab23d9d01def68249d99c5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 05:44:54 +00:00
Adam Shih
c68fe289e3 mute update_engine probing mnt_vendor_file am: 5889704eff am: 203f473af5 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2124912

Change-Id: I15a18379ff4969dcb043e2fae94cf6c9f13ac834
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-14 05:18:34 +00:00
Adam Shih
5889704eff mute update_engine probing mnt_vendor_file 
Bug: 187016910
Test: boot to home
Change-Id: I5f7141f817b543a1499ef5826177f3ac4945e857
 2022-06-14 02:58:58 +00:00
Krzysztof Kosiński
bdd4ecc51c gs101: Add dontaudit statements to camera HAL policy. am: fbcf66a04a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18817845

Change-Id: I6138022efbcdc8ce149123399d3a8277e69c64b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 21:04:38 +00:00
Krzysztof Kosiński
fbcf66a04a gs101: Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Fix: 178980085
Fix: 180567725
Fix: 218585004
Test: build & camera check on raven
Change-Id: I3f3a1f64d403182d4f592f1cacc6ef8d1418062d
(cherry picked from commit b71d24d62c)
 2022-06-09 20:53:05 +00:00
Adam Shih
7e5fd22585 remove obsolete entries am: 2bb24e91b3 am: 35653159b1 am: 6701e00896 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18800078

Change-Id: I078bf3ae04c1f83a944062684d3afaf7840150ed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-09 06:22:30 +00:00
Adam Shih
249ef7bd07 remove obsolete sepolicy am: acf18a6f23 am: 60e41883e7 am: 9c49855f44 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/18800077

Change-Id: I7eeef5fd9d5401b1e823c77857f3149ea5a840ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-09 05:56:19 +00:00
Adam Shih
d7f53f6018 remove obsolete entries 
Bug: 190337296
Bug: 228181404
Test: adb bugreport
Change-Id: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
Merged-In: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
 2022-06-09 12:06:04 +08:00
Adam Shih
2bb24e91b3 remove obsolete entries 
Bug: 190337296
Bug: 228181404
Test: adb bugreport
Change-Id: Ibd5ea9d9d56b7da9b17f78f22aef985d5f33df94
 2022-06-09 11:59:45 +08:00
Adam Shih
acf18a6f23 remove obsolete sepolicy 
Bug: 193474772
Bug: 193726003
Bug: 193009345
Bug: 190337283
Bug: 226717475
Test: boot with no relevant avc error shows up
Change-Id: I8af2693fb7726e49d9b6d1c13010840a0b581326
 2022-06-09 11:29:43 +08:00
Adam Shih
518c7910be remove obsolete sepolicy 
Bug: 193474772
Bug: 193726003
Bug: 193009345
Bug: 190337283
Bug: 226717475
Test: boot with no relevant avc error shows up

Change-Id: I8af2693fb7726e49d9b6d1c13010840a0b581326
Merged-In: I8af2693fb7726e49d9b6d1c13010840a0b581326
 2022-06-09 11:05:03 +08:00
Suki Liu
13e8467fc0 Merge "Update avc error on ROM 8595544" 2022-05-17 02:11:01 +00:00
Orion Hodson
3893757352 Remove incidentd denial for apex_info_file am: 400d4fb7f4 am: 4fa31df30e am: 71f450f955 am: 32a87f289f am: ea2f827fd7 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2098049

Change-Id: I621c4e5397c7af9676abc2ca0f35d6939b9cc6a9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-16 20:28:50 +00:00
Orion Hodson
71f450f955 Remove incidentd denial for apex_info_file am: 400d4fb7f4 am: 4fa31df30e 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/2098049

Change-Id: I7dc2d9dc20e060c9c2db2b9f98bd1292e0677033
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-16 16:59:14 +00:00
Orion Hodson
400d4fb7f4 Remove incidentd denial for apex_info_file 
Underlying issue addressed by https://r.android.com/1849822 which
gives incidentd r_file_perms for apex_info_file:file.

Fix: 187015816
Test: atest incidentd_test; adb logcat | grep denied
Change-Id: I90b57a5f01c97c8488c10692208080557a863051
 2022-05-16 14:45:53 +01:00
sukiliu
101a021277 Update avc error on ROM 8595544 
Bug: 232714489
Bug: 231821875
Test: PtsSELinuxTestCases
Change-Id: I4dd2c51dd237b19a110b24cb7ac8e1cb2284f99c
 2022-05-16 12:00:57 +08:00
Krzysztof Kosiński
b71d24d62c gs101: Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Fix: 178980085
Fix: 180567725
Test: build & camera check on raven
Change-Id: I3f3a1f64d403182d4f592f1cacc6ef8d1418062d
 2022-05-10 05:34:51 +00:00
chungkai
384218408f sepolicy: ignore avc denial 
dont audit since it's debugfs

Bug: 228181404
Test: forrest with boot test
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I7f2a85e2a405c78c9d8d11e9c2fdfdc5e87f7931
 2022-04-06 09:21:24 +00:00
sukiliu
ed3ac0623b Update avc error on ROM 8386107 
Bug: 226717475
Test: PtsSELinuxTestCases
Change-Id: Ia366a4ad0f193858960b7c5df34096bd2d4eada5
 2022-03-31 15:48:04 +08:00
sukiliu
037f9cda4e Update avc error on ROM 8276520 
Bug: 223502652
Bug: 223330933
Test: PtsSELinuxTestCases
Change-Id: Ib8c14c4928410ee5ed4626e95e2882b89341ee9a
 2022-03-09 14:16:33 +08:00
Kris Chen
e0c6120237 Add sepolicy rules for fingerprint hal 
Fix the following avc denial:
avc: denied { set } for property=vendor.gf.cali.state pid=1152 uid=1000 gid=1000 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 219372997
Bug: 220263520
Test: No above avc denial in logcat.
Change-Id: I93ace30c67e04bc836bfba050028a1f25af641d5
 2022-03-01 15:05:42 +08:00
Shubham Dubey
5e2e261148 Temporarily don't audit hal_fingerprint to fix avc denial 
Fix: 220263520

Change-Id: Ic06981fdc071c5027e6ccd137c1a2d19b9366c98
 2022-02-21 13:07:23 +00:00
Philip Quinn
b834b1d008 Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-26 02:06:20 +00:00
Philip Quinn
d5ac0ac3ce Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-09-28 20:11:33 +00:00
Adam Shih
22ed933f97 label extcon files 
Bug: 199987074
Test: boot with no relevant errors
Change-Id: Idd26d8675c332043b1066e3eba1706527254eb03
 2021-09-16 10:02:11 +08:00
sukiliu
2d2d6999d2 Update avc error on ROM 7733084 
avc: denied { read } for comm="android.ui" name="extcon0" dev="sysfs" ino=72527 scontext=u:r:system_server:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0

Bug: 199987074
Test: PtsSELinuxTestCases
Change-Id: I1d160b06b4b0bba9402ae3de5f564d6f893505c1
 2021-09-15 14:41:46 +08:00
qinyiyan
ee4e7f45ce Revert the unnecessary sepolicy rules for hal_neuralnetworks_darwinn. 
Bug: 194241380
Test: flashed forrest build and ran PtsSELinuxTestCases
Change-Id: Ie2f0572a368f09e522bc2cdfdf9da1859c1c44e7
 2021-07-30 23:36:06 +00:00