Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
971 commits 1 branch 0 tags 494 MiB
Commit graph

971 commits

This branch
This branch
All branches
Author SHA1 Message Date
joenchen
bef2d7397c Label min_vrefresh and idle_delay_ms as sysfs_display 
Bug: 202567084
Test: Check the files label by "adb shell ls -Z"
Change-Id: I29243751ab5f38eca5d8e4221122764f79c75e04
Merged-In: I29243751ab5f38eca5d8e4221122764f79c75e04
 2021-12-06 02:45:51 +00:00
Albert Wang
e6fb90425d [RESTRICT AUTOMERGE] Allow suspend_control to access xHCI wakeup node 
Bug: 205138535
Test: n/a
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I6e012fea56c50656c8f26216199459092dcfc0f9
Merged-In: I6e012fea56c50656c8f26216199459092dcfc0f9
 2021-11-17 07:18:29 +00:00
Michael Ayoubi
e7a17433a0 Merge "Allow uwb_vendor_app to get SE properties" into sc-v2-dev 2021-11-12 01:24:43 +00:00
Oleg Matcovschi
63d04e1e02 gs101:ssr_detector: Allow access to aoc properties in user builds 
Bug: 205755422
Signed-off-by: Oleg Matcovschi <omatcovschi@google.com>
Change-Id: I684590a2ee91cf6d1edfc8a606f3a9e6672ca46f
 2021-11-11 06:13:44 +00:00
Michael Ayoubi
a8e745039f Allow uwb_vendor_app to get SE properties 
Bug: 205770401
Test: Build and flash on device.
Change-Id: Ic98f394434fad12e7d8ef804ecfd694a55ee8190
Merged-In: Ic98f394434fad12e7d8ef804ecfd694a55ee8190
 2021-11-11 00:50:08 +00:00
Ted Lin
3d463050a2 Using dontaudit to fix the avc on boot test 
avc: denied { search } for comm="kworker/6:2" name="google_battery" dev="debugfs" ino=32648 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_battery_debugfs:s0 tclass=dir permissive=1

Bug:200739262
Test: Check bugreport
Change-Id: I50a96bab88f564fef0eda9a23bb77dc6ffed357f
Signed-off-by: Ted Lin <tedlin@google.com>
(cherry picked from commit 951ce82739)
 2021-11-03 03:20:45 +00:00
Siddharth Kapoor
3e1bd82949 Label GPU power_policy sysfs node am: a7aa46862d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16091105

Change-Id: Ia0a271554b8640cd32f1293c8e96405abf9f31b6
 2021-11-02 05:03:27 +00:00
Siddharth Kapoor
f94633e718 Label GPU power_policy sysfs node 
Bug: 201718421
Test: trace while App launch
Change-Id: Icd85b8611632e4638946b492740e509baf2714ce
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2021-10-27 01:59:23 +00:00
Steve Pfetsch
421cbb2f61 Merge "Move twoshay definitions to hardware/google/pixel-sepolicy/input." into sc-v2-dev 2021-10-27 00:14:20 +00:00
Siddharth Kapoor
a7aa46862d Label GPU power_policy sysfs node 
Bug: 201718421
Test: trace while App launch
Change-Id: Icd85b8611632e4638946b492740e509baf2714ce
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2021-10-21 14:23:00 +08:00
Philip Quinn
0d48ab4fbf Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-20 23:09:13 +00:00
TreeHugger Robot
7352bf22f0 Merge "audio: add permission to request health/sensor data" into sc-v2-dev 2021-10-20 04:12:49 +00:00
Shawn Yang
e48bb0205b Merge "Allow modem app to read the battery info" into sc-v2-dev 2021-10-20 03:25:48 +00:00
Jasmine Cha
27a4afc1a9 audio: add permission to request health/sensor data 
- Add audio hal into hal_health clients
- Allow audio hal to find fwk_sensor_hwservice
SELinux : avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1
SELinux : avc:  denied  { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1
audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1
audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1


Bug: 199382564
Bug: 199801586
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I8e8a512cfbd6be814c98bac75ff6c0e5db028db2
 2021-10-20 03:04:32 +00:00
Michael Ayoubi
21c2c3f145 Merge "Allow euiccpixel_app to get dck_prop" into sc-v2-dev 2021-10-20 00:32:56 +00:00
jintinglin
936079ad1c Allow modem app to read the battery info 
Test: flash the forrest build, MDS can read the info file

Bug: 203478533

Change-Id: I9985dd2731a43445dd653e226fd2939ca355cda4
 2021-10-19 03:22:46 +00:00
Alfred Lin
f545ab60c3 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: Ifb4b5b6f8eadd26d06a0e7980f05aa60e9d7cacb
 2021-10-08 13:33:29 +00:00
Alfred Lin
24693cd264 [Display] Add SELinux policy for hal_graphics_composer_default 
Add SELinux policy for hal_graphics_composer_default to find persist_display_file

Bug: 202487234

Test: device boot will not find avc denied log as "avc: denied { search } for name="display" dev="sda1" ino=21 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:persist_display_file:s0 tclass=dir permissive=0"
Change-Id: I8fc386cb18397911404e1f2803601711e40edead
 2021-10-08 11:07:40 +00:00
Max Kogan
584abcc50c Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I72aaf0f773f9fd640a56a1b684cfea012efeabb8
 2021-10-04 18:15:20 +00:00
Max Kogan
2a166c0eb5 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev 2021-10-04 18:04:01 +00:00
George Lee
0ab239e045 Merge "power_hal: add bcl file permission" into sc-qpr1-dev am: 9d3965da4f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15905927

Change-Id: Idf99714202d32825ff0b04843e1688e42cf6635a
 2021-10-04 17:11:49 +00:00
George Lee
9d3965da4f Merge "power_hal: add bcl file permission" into sc-qpr1-dev 2021-10-04 16:54:14 +00:00
Edwin Tung
0a91edb9b7 Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev am: 6c249e4a9f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15897560

Change-Id: If95d3e18d1da32b13246d0897d998935eb37c774
 2021-09-30 14:26:41 +00:00
Edwin Tung
6c249e4a9f Merge "gps: add sepolicy to allow gps access pps gpio" into sc-qpr1-dev 2021-09-30 14:11:49 +00:00
Edwin Tung
4d6a7023e1 gps: add sepolicy to allow gps access pps gpio 
Bug: 175086879
Test: no avc deny
Change-Id: I960940d7223c25732021ff4d92ae72255c044291
 2021-09-30 12:41:17 +08:00
Erik Staats
d60ebc5327 Allow the sensor HAL to access raw HID devices. 
Bug: 195964858
Test: Paired a Sony PS4 controller and verified that it's discovered by
 the dynamic sensor HAL.
Test: See details in testing done comment in
 https://googleplex-android-review.git.corp.google.com/15847652 .
Change-Id: Ic0bdd711d066a9793eba305102e9a850e3973856
 2021-09-27 18:34:30 +00:00
Jenny Ho
a592fb52c3 [automerger skipped] sepolicy: add rule for new debug file node am: c8651e514c -s ours 
am skip reason: Merged-In I0ddf68d5e15fe8d77d8d61287f65621c14024f46 with SHA-1 17e518038e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15773285

Change-Id: Id8b68427c9c185ee0cfe76446f6d5bfaba4a0341
 2021-09-27 15:58:25 +00:00
George Lee
2a4bce5b31 power_hal: add bcl file permission 
Bug: 201002339
Test: Local test and ensure proper ratio written via PowerHAL
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ib0a3a5401312403ce870b9c4a4ca971f05c253e4
 2021-09-24 16:10:53 +00:00
Erik Staats
e42a4ed3be Allow the sensor HAL to access dynamic sensor properties. 
Bug: 195964858
Test: Verified dynamic sensor manager is present in sensor list and that
 no SELinux violations occur on sc-v2-dev and master.
Test: See details in testing done comment in
 https://googleplex-android-review.git.corp.google.com/15905607 .
Change-Id: I2f1c05ec0d840f6ebae1e5356f668b3f9431fd25
 2021-09-24 05:53:35 -07:00
Max Kogan
b92bc5f51c sepolicy: gs101: allow dumpstate to access AoC stats 
Add AoC DRAM votes to bugreports.

Bug: 198203507
Change-Id: I77addf15709fceb70514d552b9fa8553cb129a7c
 2021-09-23 17:52:51 -07:00
Jenny Ho
c8651e514c sepolicy: add rule for new debug file node 
W dumpstate@1.1-s: type=1400 audit(0.0:7): avc: denied { read } for name="logbuffer_maxfg_monitor" dev="tmpfs" ino=500 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0

Bug: 196755019
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Merged-In: I0ddf68d5e15fe8d77d8d61287f65621c14024f46
Change-Id: I0ddf68d5e15fe8d77d8d61287f65621c14024f46
 2021-09-23 23:29:29 +00:00
Erik Staats
aef1a206a7 Revert "Allow the sensor HAL to access dynamic sensor properties." 
Revert "dynamic_sensor: Add sensor manager init to sub-HAL 2.1."

Revert submission 15874906-bug_195964858.2

Reason for revert: b/200815351
Reverted Changes:
I76a60f7fb:Allow the sensor HAL to access dynamic sensor prop...
I5d587dc46:dynamic_sensor: Add sensor manager init to sub-HAL...

Change-Id: Ib29649b058ec6f329958e1dfcba0c2e35ea79306
 2021-09-22 17:53:58 +00:00
Erik Staats
fba4a09331 Allow the sensor HAL to access dynamic sensor properties. 
Bug: 195964858
Test: Verified dynamic sensor manager is present in sensor list and that
 no SELinux violations occur.
Test: See details in testing done comment in
 https://googleplex-android-review.git.corp.google.com/15874927 .
Change-Id: I76a60f7fbd113059156ccaea2c4f98580cb0836a
 2021-09-20 16:53:16 -07:00
Michael Ayoubi
cb6a843980 Allow euiccpixel_app to get dck_prop 
Bug: 189881206
Bug: 183606657

Test: Build and confirm EuiccSupportPixel can get
      ro.gms.dck.eligible_wcc
Change-Id: I59873d33f21632347183d749c9bbf25c6e6ba2cd
 2021-09-09 15:44:25 +00:00
Jenny Ho
17e518038e sepolicy: add rule for new debug file node 
W dumpstate@1.1-s: type=1400 audit(0.0:7): avc: denied { read } for name="logbuffer_maxfg_monitor" dev="tmpfs" ino=500 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0

Bug: 196755019
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: I0ddf68d5e15fe8d77d8d61287f65621c14024f46
 2021-09-06 06:21:34 +00:00
Victor Liu
7a06a7a434 uwb: permissions for factory uwb calibration file am: 29aa981623 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15616315

Change-Id: I9755128c2a7a1039cb3b1c5a2e3913a0965540d9
 2021-08-25 23:29:50 +00:00
Victor Liu
29aa981623 uwb: permissions for factory uwb calibration file 
add permission to:
copy factory uwb calib files from persist to /data/vendor/uwb
convert copied file to proper format for uwb stack to consume

Bug: 195659525
Signed-off-by: Victor Liu <victorliu@google.com>
Change-Id: I3e5282477fd391b483e03242ce0b806bd447dc54
Merged-In: I3e5282477fd391b483e03242ce0b806bd447dc54
 2021-08-25 19:14:10 +00:00
TreeHugger Robot
c9690b1256 Merge "Allow boot color propagation" into sc-qpr1-dev am: 9c97417d3a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15600825

Change-Id: I7c3f9be67d2e2ae13c034e4909c9ec589e38ccf2
 2021-08-19 23:12:30 +00:00
TreeHugger Robot
9c97417d3a Merge "Allow boot color propagation" into sc-qpr1-dev 2021-08-19 22:52:31 +00:00
David Chen
462d4b1bcd resolve merge conflicts of c0922582bc to sc-v2-dev 
Bug: 197164878

Change-Id: Ibc7ea7ffe9c30912c8e12d081a6b110f8e73f29f
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-19 02:25:56 +00:00
Rick Yiu
26fec151ec Merge "gs101-sepolicy: Remove private/mediaprovider_app.te" into sc-v2-dev 2021-08-18 03:46:01 +00:00
davidycchen
c0922582bc Allow twoshay to access fwk_stats_service and system_server 
avc:  denied  { find } for pid=813 uid=0
name=android.frameworks.stats.IStats/default scontext=u:r:twoshay:s0
tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager

avc: denied { call } for scontext=u:r:twoshay:s0
tcontext=u:r:system_server:s0 tclass=binder

Bug: 179334953
Test: Make selinux_policy and push related files to the device.

Signed-off-by: davidycchen <davidycchen@google.com>
Change-Id: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
Merged-In: Ib95debbc9ce10919c5f935e8f70b340bb293b54a
 2021-08-18 09:47:01 +08:00
Bart Van Assche
7513cd7ad6 Add the 'bdev_type' attribute to all block device types am: 37b5741301 am: 239bcceb78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: Iedf50eb9fc1c205eb584c4c53ad7de45c06b695d
 2021-08-18 00:56:43 +00:00
Bart Van Assche
239bcceb78 Add the 'bdev_type' attribute to all block device types am: 37b5741301 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15517922

Change-Id: I19d709e960fe8ccf066bdbd20dc6817ee20e55d0
 2021-08-18 00:34:10 +00:00
Bart Van Assche
37b5741301 Add the 'bdev_type' attribute to all block device types 
The following patch introduces code that iterates over all block
devices:
https://android-review.googlesource.com/c/platform/system/core/+/1783847/9

The following patch grants 'init' and 'apexd' permission to iterate over
all block devices:
https://android-review.googlesource.com/c/platform/system/sepolicy/+/1783947

The above SELinux policy change requires to add the 'bdev_type'
attribute to all block devices. Hence this patch.

Bug: 194450129
Bug: 196982345
Test: Built Android images that include this change and verified that neither init nor apexd triggers any SELinux access denied errors.
Change-Id: I6ce1127f199c5b33812f15fe280d86594d7d7ebf
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-08-17 15:23:23 -07:00
Lucas Dupin
6e887cf3a0 Allow boot color propagation 
Allows SystemUI to write the boot color sysprop

Test: manual
Bug: 190093578
Change-Id: I844a4dae87fe09a09ff3368c540ffab5f745d455
(cherry picked from commit 8a586e6786)
 2021-08-17 21:06:23 +00:00
Rick Yiu
6224fa9354 gs101-sepolicy: Remove private/mediaprovider_app.te 
Moved to system/sepolicy to solve GSI avc denials.

Bug: 196326750
Test: build pass
Change-Id: I4bdcc1d49bf9550297687534074fd3fc526d3acc
 2021-08-17 21:09:20 +08:00
Edmond Chung
36f756e44b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b am: c45a1b5828 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: Id66f403466d50ea3beb4663cc137e551a92e16f3
 2021-08-16 22:32:00 +00:00
Edmond Chung
c45a1b5828 Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev am: 7e581b9a7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15584607

Change-Id: I97f8f143230d13f64b34ee11c7a46cfcc5f2f3f9
 2021-08-16 22:17:00 +00:00
Edmond Chung
7e581b9a7b Merge "gs101: Allow camera HAL to access interrupt handles" into sc-dev 2021-08-16 22:01:46 +00:00