Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
546 commits 1 branch 0 tags 494 MiB
Commit graph

546 commits

This branch
This branch
All branches
Author SHA1 Message Date
Wei Wang
c515c8345d Merge "Revert "Grant vendor_sched sysfs nodes access"" into sc-dev am: 53ae55618a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14509955

Change-Id: I9a79e69ca43827358937aebcab730471715acb4c
 2021-05-12 04:28:06 +00:00
Wei Wang
53ae55618a Merge "Revert "Grant vendor_sched sysfs nodes access"" into sc-dev 2021-05-12 03:56:58 +00:00
Wei Wang
73b65a0f8b Revert "Grant vendor_sched sysfs nodes access" 
This reverts commit 638778c654.

Reason for revert: b/187884708
Bug: 187884708
Change-Id: I60e80246345ca3e827d7b4749f25e2d5c4dddf9d
 2021-05-12 03:56:42 +00:00
TreeHugger Robot
223f9da106 Merge "Sniffer Logger: Add dontaudit getattr for sysfs_wifi" into sc-dev am: 004c299011 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14485438

Change-Id: Ib9d1708d8e53619827b81850d6e5e97729754825
 2021-05-12 02:16:15 +00:00
TreeHugger Robot
004c299011 Merge "Sniffer Logger: Add dontaudit getattr for sysfs_wifi" into sc-dev 2021-05-12 01:32:03 +00:00
Wei Wang
a04548a17c Merge "Grant vendor_sched sysfs nodes access" into sc-dev am: 3a2d20a1a2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14462495

Change-Id: I957522e3cdb7c45401b50601e2a92cd617d3473a
 2021-05-11 17:42:16 +00:00
Wei Wang
3a2d20a1a2 Merge "Grant vendor_sched sysfs nodes access" into sc-dev 2021-05-11 17:24:38 +00:00
sukiliu
d5d461cc4e Update avc error on ROM 7349999 am: 99853e483b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14500956

Change-Id: If71f414f52934e892475a040684dd91a2a75dfee
 2021-05-11 11:04:31 +00:00
sukiliu
99853e483b Update avc error on ROM 7349999 
avc: denied { call } for scontext=u:r:dumpstate:s0 tcontext=u:r:twoshay:s0 tclass=binder permissive=0

Bug: 187795940
Test: PtsSELinuxTestCases
Change-Id: Ib85ee1d52915b292295b21df8df48c18761c088e
 2021-05-11 17:24:08 +08:00
Peter Csaszar
6ff24d2a06 pixel-selinux: add SJTAG policies am: bc525e1a49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14489636

Change-Id: I19e3462634d1e299ca6bfb8e8e01bd3e689bd903
 2021-05-11 07:24:12 +00:00
Taeju Park
638778c654 Grant vendor_sched sysfs nodes access 
Bug: 182509410
Signed-off-by: Taeju Park <taeju@google.com>
Change-Id: I53a879e904bef3c5b13127404f4f5c422abd46b4
 2021-05-11 04:27:23 +00:00
Peter Csaszar
bc525e1a49 pixel-selinux: add SJTAG policies 
These are the SELinux policies for the DebugFS files of the SJTAG
kernel interface.

Bug: 184768605
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I36996d6fd5fe09adb7a36be573cf57f15ea35756
 2021-05-10 17:58:04 -07:00
Wei Wang
8181bbaaac Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev am: 551505ae05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14486216

Change-Id: I28349709c6a549e25ed8dffd490c84af777b83e9
 2021-05-11 00:18:41 +00:00
Wei Wang
551505ae05 Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev 2021-05-10 23:59:50 +00:00
Jia-yi Chen
1912dc976e Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev am: 06a0792bf1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14460156

Change-Id: I1ddc002e6e20ca3dec0db9f018260ec0e56db574
 2021-05-10 18:52:15 +00:00
Jia-yi Chen
06a0792bf1 Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev 2021-05-10 18:29:41 +00:00
Kyle Lin
1124aeaf32 Add policy for memlat governor needs create/delete perf events 
[   31.756984] type=1400 audit(1620144320.436:11): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[   31.757246] type=1400 audit(1620144320.436:12): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
[   31.757352] type=1400 audit(1620144320.436:13): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[   31.757450] type=1400 audit(1620144320.436:14): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
...
...
[  215.584932] type=1400 audit(1620634018.936:191): avc: denied { cpu } for comm="cpuhp/4" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=0

Bug: 187437491
Bug: 170479743
Test: build, boot and suspend/resume test 200 times.

Change-Id: I4fd3d3fb915ca518ffa226f25298c94faaf867f1
 2021-05-10 16:18:58 +08:00
chenpaul
6297e8a5a7 Sniffer Logger: Add dontaudit getattr for sysfs_wifi 
05-10 15:04:37.376 12958 12958 I auditd  : type=1400 audit(0.0:14): avc: denied { getattr } for comm="wifi_sniffer" path="/sys/wifi/firmware_path" dev="sysfs" ino=81201 scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:sysfs_wifi:s0 tclass=file permissive=0

Bug: 187583019
Test: Sniffer Logger is workable
Change-Id: I6bce0bb58d951b6be39f58340b6418b328ffe386
 2021-05-10 15:28:47 +08:00
JJ Lee
51c75a291e Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev am: df02b6ef77 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14452416

Change-Id: I9da7211554c5f2fdce509051caa4f3b2e381f9c1
 2021-05-10 02:34:31 +00:00
JJ Lee
df02b6ef77 Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev 2021-05-10 02:14:07 +00:00
TreeHugger Robot
e853b4335e Merge "vibrator: Remove temporary method" into sc-dev am: ec3144742f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14467421

Change-Id: I8abc6a5985a10691d2a6b2350aaf7c1b3b523056
 2021-05-10 01:41:55 +00:00
TreeHugger Robot
41d657e591 Merge changes Ic697ffe8,Idcf38e09 into sc-dev am: a2d2ebd508 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456725

Change-Id: I31ebc93fd8a8a664f75e623c007482fa345a1248
 2021-05-10 01:41:42 +00:00
TreeHugger Robot
ec3144742f Merge "vibrator: Remove temporary method" into sc-dev 2021-05-10 01:13:47 +00:00
TreeHugger Robot
a2d2ebd508 Merge changes Ic697ffe8,Idcf38e09 into sc-dev 
* changes:
  Remove dumpstate AVC denials dontaudit for twoshay
  Allow dumpstate to access twoshay
 2021-05-10 01:11:46 +00:00
TreeHugger Robot
93008dc81a Merge "Allow radioext to communicate with bt hal" into sc-dev am: c03c055812 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456718

Change-Id: I3d1fed21b348e309acf8c981d0295fc0c6db1597
 2021-05-08 19:13:26 +00:00
TreeHugger Robot
c03c055812 Merge "Allow radioext to communicate with bt hal" into sc-dev 2021-05-08 18:59:51 +00:00
TreeHugger Robot
cb8de215f8 Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev am: 296f8ddc5d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14440528

Change-Id: I99470e75b9839107b8ea89232437d3c91a722a23
 2021-05-07 23:45:52 +00:00
TreeHugger Robot
296f8ddc5d Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev 2021-05-07 23:29:31 +00:00
chasewu
59161a5745 vibrator: Remove temporary method 
Bug: 177176811
Test: no avc denied logs
Signed-off-by: chasewu <chasewu@google.com>
Change-Id: I424e15037b3e20824f5e072d88bdf71a50cfdabf
 2021-05-07 18:33:15 +08:00
Seungah Lim
72e6339123 iwlan: update sepolicy for qualifiednetworksservice 
Bug: 185942456
Test: VoLTE/VoWifi

Change-Id: I352bb933e577b11bb052a297d17776ff0a5f3a75
Signed-off-by: Seungah Lim <sss.lim@samsung.com>
 2021-05-07 17:14:00 +08:00
Tai Kuo
8e3aaa30ff Remove dumpstate AVC denials dontaudit for twoshay 
Bug: 187014717
Test: pts-tradefed run pts -m PtsSELinuxTest -t \
  com.google.android.selinux.pts.SELinuxTest#scanBugreport
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: Ic697ffe8f6ee15fb9d9330173a3c92aeca61de67
 2021-05-07 14:56:22 +08:00
Tai Kuo
0e68aed154 Allow dumpstate to access twoshay 
Bug: 173330981
Bug: 187014717
Test: no avc denials for twoshay was found.
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: Idcf38e0921fb4d6d617e7cd443425193aea3fe91
 2021-05-07 14:55:43 +08:00
Jia-yi Chen
15c046878b Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0 
Bug: 186564130
Test: Boot & check powerhal log
Change-Id: I1a828f113266d4b3386b2f6fa74df050255113a9
 2021-05-06 21:00:08 -07:00
Labib
a27f8c4480 Allow radioext to communicate with bt hal 
Bug: 187447420
Change-Id: I1a1626502a6c3913846b957c3c0a31fdd99feb31
 2021-05-07 09:20:02 +08:00
Tri Vo
f40a4f7416 Merge "trusty: sepolicy for metrics reporter" into sc-dev am: f7bec8b3c6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14286451

Change-Id: I9723772bdbd3c02e6af0e7348d45a3717a19cc0c
 2021-05-06 16:09:53 +00:00
Tri Vo
f7bec8b3c6 Merge "trusty: sepolicy for metrics reporter" into sc-dev 2021-05-06 15:52:51 +00:00
JJ Lee
43735f0fc3 sepolicy: gs101: allow audio hal to use wakelock 
Bug: 178789331
Test: build pass
Signed-off-by: JJ Lee <leejj@google.com>
Change-Id: I1d5c9ea8726f2e53bc05e0ecd5dedddede274794
 2021-05-06 19:43:24 +08:00
Aaron Tsai
71aa99edff Fix avc denied for shannon-ims am: 6a9a85cd07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14410097

Change-Id: I84e986338a7985fe26cdf179bd1734771956defa
 2021-05-06 10:53:09 +00:00
Aaron Tsai
6a9a85cd07 Fix avc denied for shannon-ims 
04-01 19:10:22.956 10272  2327  2327 W Binder:2327_4: type=1400 audit(0.0:8): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_ims_app:s0:c16,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.shannon.imsservice
04-01 19:10:22.960 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.wfc_avail_ovr0"
04-01 19:10:22.981 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.vt_avail_ovr0"
04-01 19:10:22.982 10272  2327  4980 E libc    : Access denied finding property "persist.dbg.volte_avail_ovr0"

Bug: 183935382
Bug: 184858478
Test: verified with the forrest ROM and error log goneFix
Change-Id: I0754c6be7f74ed73533e9570c7d1916320ab2897
 2021-05-06 09:04:03 +00:00
TreeHugger Robot
5bb2c8ab79 Merge "HardwareInfo: Add sepolicy for display" into sc-dev am: 6978eeaea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13824666

Change-Id: Ifa6682feee948555974d8776d60accb4cc3b356e
 2021-05-06 06:07:06 +00:00
TreeHugger Robot
6978eeaea4 Merge "HardwareInfo: Add sepolicy for display" into sc-dev 2021-05-06 06:03:18 +00:00
TreeHugger Robot
9fccfb01ce Merge "wlc fwupdate implementation" into sc-dev am: 577f562727 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14063269

Change-Id: I2fa4b8768369139bb9d0ea226b6e98ecd38e2ee0
 2021-05-06 05:59:24 +00:00
TreeHugger Robot
577f562727 Merge "wlc fwupdate implementation" into sc-dev 2021-05-06 05:41:01 +00:00
SalmaxChang
ebf55ff9f1 logger_app: Fix avc errors am: ab97657410 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439439

Change-Id: Ia96374b57725305faa7c900ee4702bc2167fde7c
 2021-05-06 04:16:28 +00:00
SalmaxChang
ab97657410 logger_app: Fix avc errors 
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=141 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger
Access denied finding property "viewroot.profile_rendering"
Access denied finding property "ro.input.resampling"
Access denied finding property "persist.input.velocitytracker.strategy"

avc: denied { read } for comm="oid.pixellogger" name="u:object_r:usb_control_prop:s0" dev="tmpfs" ino=281 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:usb_control_prop:s0 tclass=file permissive=0 app=com.android.pixellogger

Bug: 186612284
Change-Id: I15f00d9ed3cc0c0657c854292caad60e3f7a3011
 2021-05-06 03:57:01 +00:00
Jack Wu
388860a7ba sepolicy: gs101: Fix hal_health_default avc denials am: 2c1ecf3a54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439451

Change-Id: I9c4332385e1a22043938a022c2074d34b490adbf
 2021-05-05 22:16:08 +00:00
Jack Wu
2c1ecf3a54 sepolicy: gs101: Fix hal_health_default avc denials 
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:3): avc: denied { read } for name="type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:4): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:5): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 184429394
Test: Verify pass by checking device log are w/o above errors after
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: If1253c902af1723ca80d31223f51ebf439404527
 2021-05-06 00:26:14 +08:00
Alex Hong
a0e4da3cb4 Merge "sepolicy: Update dumpstate HAL to V1.1" into sc-dev am: be17ec14cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14424440

Change-Id: I381c9f63d18cd7568f3ea912e5a77010909a1fbf
 2021-05-05 06:31:55 +00:00
Alex Hong
be17ec14cc Merge "sepolicy: Update dumpstate HAL to V1.1" into sc-dev 2021-05-05 06:09:11 +00:00
Tri Vo
1dac39e833 trusty: sepolicy for metrics reporter 
Bug: 173423860
Test: m
Change-Id: I42d646c6c9453662e670e7c22712f2bde2368bba
 2021-05-05 05:38:34 +00:00