Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
438 commits 1 branch 0 tags 494 MiB
Commit graph

438 commits

This branch
This branch
All branches
Author SHA1 Message Date
TreeHugger Robot
cbce7f27e3 Merge "Fix android.hardware.drm@1.4-service.clearkey label" into sc-dev am: 7ecd67743c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14340676

Change-Id: I161a70490c9e985c731c4880cce9b0aeda19276f
 2021-04-28 23:12:22 +00:00
TreeHugger Robot
7ecd67743c Merge "Fix android.hardware.drm@1.4-service.clearkey label" into sc-dev 2021-04-28 22:26:38 +00:00
Victor Liu
2d6895ee81 Merge "uwb: allow uwb service to access nfc service" into sc-dev am: 247097a000 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14281933

Change-Id: I25542ed6cc608427679b8b347d6e60aaad7d9014
 2021-04-28 21:22:23 +00:00
Victor Liu
247097a000 Merge "uwb: allow uwb service to access nfc service" into sc-dev 2021-04-28 20:49:50 +00:00
Chris Fries
2d2adb3e56 Fix android.hardware.drm@1.4-service.clearkey label 
Bug: 186617617
Change-Id: Icad8008686ef57d4b6c3fca27af41e2b2991f74f
 2021-04-28 14:40:02 -05:00
Roger Fang
abd2189b79 sepolicy: gs101: allows pixelstat to access audio metrics nodes am: 66634d4d20 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14255523

Change-Id: If94b15e8cee4d025b5959ec3f160306b29528f4e
 2021-04-28 08:55:58 +00:00
Roger Fang
66634d4d20 sepolicy: gs101: allows pixelstat to access audio metrics nodes 
audio.service: type=1400 audit(0.0:30): avc: denied { read write } for name="amcs" dev="tmpfs" ino=739 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:amcs_device:s0 tclass=chr_file permissive=0

pixelstats-vend: type=1400 audit(0.0:9): avc: denied { read } for name="speaker_impedance" dev="sysfs" ino=67611 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

HwBinder:696_2: type=1400 audit(0.0:8): avc: denied { open } for path="/dev/amcs" dev="tmpfs" ino=766 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:amcs_device:s0 tclass=chr_file permissive=0

Bug: 171854614
Test: manually test, no avc: denied.
Change-Id: I82ebd22f167200ab3cf59e6525ef43c0be8f722a
 2021-04-28 10:52:06 +08:00
TreeHugger Robot
6f8aeeb560 Merge "Add sepolicy for wlan logger and sniffer logger" into sc-dev am: d60ae7dfed 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14299186

Change-Id: I510b39ee867096b5561ce81520281ae5d26732da
 2021-04-28 02:23:56 +00:00
TreeHugger Robot
c55550bfe5 Merge "Grant powerhal access to sysfs_devfreq_dir" into sc-dev am: 68bbf709c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14329748

Change-Id: I05a052c176bab7ede521050ea1ffb2860cf010fd
 2021-04-28 02:23:23 +00:00
TreeHugger Robot
d60ae7dfed Merge "Add sepolicy for wlan logger and sniffer logger" into sc-dev 2021-04-28 02:12:26 +00:00
TreeHugger Robot
68bbf709c2 Merge "Grant powerhal access to sysfs_devfreq_dir" into sc-dev 2021-04-28 02:03:58 +00:00
Jia-yi Chen
09d5fc647d Grant powerhal access to sysfs_devfreq_dir 
Bug: 186576303
Test: Boot & check logcat
Change-Id: Ia07991c3a8a7dfd8388a228fbdec1f28d2f5b4c3
 2021-04-27 16:16:02 -07:00
chenpaul
920b0e11a9 Add sepolicy for wlan logger and sniffer logger 
Bug: 186069127
Test: Sniffer logger can be start by Pixel Logger app
      wlan logger is workable.
Change-Id: I1e7a75a08de37668316b06e066c080e837d7896b
 2021-04-27 19:37:28 +08:00
TreeHugger Robot
9218a52b63 Merge "update wakeup node" into sc-dev am: 27c30c1cc6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14319145

Change-Id: I2f9ef19575a7ec777cfe50505d59aefef20876dd
 2021-04-27 10:14:17 +00:00
TreeHugger Robot
27c30c1cc6 Merge "update wakeup node" into sc-dev 2021-04-27 08:47:38 +00:00
Adam Shih
72ca81757a update wakeup node 
Bug: 186492032
Test: pts-tradefed run pts -m PtsSELinuxTest
-t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot

Change-Id: I9bac40334001d4073dae1846a2cd0310d59ebfe7
 2021-04-27 15:30:55 +08:00
Adam Shih
019616a985 Merge "move vendor_executes_system_violators to userdebug" into sc-dev am: ab9437c069 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14299203

Change-Id: I4f5007f307793b58e07d6a8e1055858aeb5eed5e
 2021-04-27 01:30:05 +00:00
Adam Shih
ab9437c069 Merge "move vendor_executes_system_violators to userdebug" into sc-dev 2021-04-27 01:01:21 +00:00
TreeHugger Robot
0d57b91246 Merge "logger_app: Grant access to control usb debug port" into sc-dev am: 6f18d69b86 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14308745

Change-Id: I8a0df127bdc0e445eed402da8da96319ca67d0e5
 2021-04-26 19:01:56 +00:00
TreeHugger Robot
6f18d69b86 Merge "logger_app: Grant access to control usb debug port" into sc-dev 2021-04-26 18:19:35 +00:00
TreeHugger Robot
49311401b7 Merge "usb: Add sepolicy for extcon access" into sc-dev am: a18b6c2e99 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14182157

Change-Id: Ibf319b50694f0fca4a18f042e5fdff45197e3b14
 2021-04-26 10:27:23 +00:00
TreeHugger Robot
a18b6c2e99 Merge "usb: Add sepolicy for extcon access" into sc-dev 2021-04-26 10:00:15 +00:00
David Massoud
fb32b81473 Add gs101 specific sysfs_devfreq_cur entries am: e03291c6af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14187061

Change-Id: I4bad92f54492dbbb727eb286f060093ede407316
 2021-04-26 05:28:13 +00:00
Nicole Lee
b3dfc87e03 logger_app: Grant access to control usb debug port 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=325 scontext=u:r:logger_app:s0:c22,c257,c512,c768 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1 app=com.android.pixellogger
avc: denied { open } for comm="oid.pixellogger" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=325 scontext=u:r:logger_app:s0:c22,c257,c512,c768 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1 app=com.android.pixellogger
avc: denied { set } for property=vendor.usb.config pid=8892 uid=10278 gid=10278 scontext=u:r:logger_app:s0:c22,c257,c512,c768 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=1

Bug: 186365435
Change-Id: Ie7aef49eee1dd66a6ca6ca9a1a4f8d31cc793551
 2021-04-26 11:50:51 +08:00
David Massoud
e03291c6af Add gs101 specific sysfs_devfreq_cur entries 
Device specific implementation for go/oag/1676945

Bug: 181850306
Test: See go/oag/1676945
Change-Id: I8a973f400c89ada880edb5566ec31fc6ee7b97c1
 2021-04-26 00:56:42 +00:00
Adam Shih
22f18adb26 move vendor_executes_system_violators to userdebug 
Bug: 186189967
Test: com.google.android.security.gts.SELinuxHostTest#testNoExemptionsForVendorExecutingCore
Change-Id: I277cec72377b647c9af40e32b5582e30e9e3730e
 2021-04-26 08:41:02 +08:00
TreeHugger Robot
021e9288fd Merge "allow RilConfigService to call oemrilhook api" into sc-dev am: 707d297dd8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14232872

Change-Id: I4f9632117898e6161e45f638a517c608a2f652bd
 2021-04-23 18:06:33 +00:00
TreeHugger Robot
707d297dd8 Merge "allow RilConfigService to call oemrilhook api" into sc-dev 2021-04-23 17:48:32 +00:00
TreeHugger Robot
f1af2d0f15 Merge "Mark GS101 camera HAL as using Binder." into sc-dev am: 16730f3087 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14285352

Change-Id: I9c8c5a7fe388caf3cf01702df3445e7d7468ed1c
 2021-04-23 01:19:27 +00:00
TreeHugger Robot
16730f3087 Merge "Mark GS101 camera HAL as using Binder." into sc-dev 2021-04-23 00:52:20 +00:00
TreeHugger Robot
3cb81978f7 Merge "Allow access to NFC power stats" into sc-dev am: 0f87f26134 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14268788

Change-Id: I1a1ef7a01f7859ff8e945498315c683951114424
 2021-04-23 00:01:48 +00:00
TreeHugger Robot
0f87f26134 Merge "Allow access to NFC power stats" into sc-dev 2021-04-22 23:38:44 +00:00
TreeHugger Robot
3b2fb2e196 Merge "gs101-sepolicy: Allow platform_app to call uwb" into sc-dev am: 9573fc21a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14133747

Change-Id: I8d59dd14289027636f1fb6eded5c774766b0eebb
 2021-04-22 22:42:13 +00:00
TreeHugger Robot
9573fc21a0 Merge "gs101-sepolicy: Allow platform_app to call uwb" into sc-dev 2021-04-22 22:12:28 +00:00
Krzysztof Kosiński
de973d797a Mark GS101 camera HAL as using Binder. 
The service implements a public API, so it will communicate over
Binder in both the framework domain and the vendor domain.

Bug: 186067463
Test: boot on oriole & check logs
Change-Id: If5bee474f79b7d14f65351580544c0dcb701d604
 2021-04-22 13:50:42 -07:00
Victor Liu
4605f4b82c uwb: allow uwb service to access nfc service 
04-22 00:47:16.771  9777  9777 V UwbService: Service: Getting Nfc
adapter 04-22 00:47:16.771   412   412 E SELinux : avc:  denied
{ find } for pid=9777 uid=1000 name=nfc scontext=u:r:uwb_vendor_app:
s0:c232,c259,c512,c768 tcontext=u:object_r:nfc_service:s0
tclass=service_manager permissive=1

Bug: 185389669
Test: on device, no avc: denied message
Change-Id: Ib31385d88a68878eaca5e53b4ddeddc5a6e7c87d
 2021-04-22 08:51:21 -07:00
Michael Ayoubi
3abc895e64 Merge "gs101: Remove kernel.te after UWB fixes" into sc-dev am: 134a3882cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14275478

Change-Id: I3be08d9692d8d5c9e28100efa700b5c1d1b25ce6
 2021-04-22 15:35:43 +00:00
Michael Ayoubi
134a3882cc Merge "gs101: Remove kernel.te after UWB fixes" into sc-dev 2021-04-22 15:11:23 +00:00
sukiliu
009867dc37 Update avc error on ROM 7302474 am: 89e016d436 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14276161

Change-Id: Ia3568364f0f03f90e5b8b96d4316025e6358708b
 2021-04-22 07:24:00 +00:00
Michael Ayoubi
d17f3bad0f gs101: Remove kernel.te after UWB fixes 
tracking_denials/kernel.te is no longer needed after fixes from b/182954062.

Bug: 171943668
Test: Add dw3000 module back into build
      Compile and test image on Raven
      Confirm no avc denial logs are seen and that the dw3000 driver
      loads successfully.
Signed-off-by: Michael Ayoubi <mayoubi@google.com>
Change-Id: I9a8510ed3852c053319a3395871728048a57ecb5
 2021-04-22 05:38:21 +00:00
sukiliu
89e016d436 Update avc error on ROM 7302474 
avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=0

Bug: 186067463
Test: PTS SELinuxTest
Change-Id: I2792875a195fa3ca75d6fa57537f81e7dbeb5bac
 2021-04-22 11:21:10 +08:00
Benjamin Schwartz
5293925c65 Allow access to NFC power stats 
Bug: 184722506
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ie4b5a6823aacf5e5a84760b1d4872fbb4cc2826d
 2021-04-21 11:30:55 -07:00
Wei Wang
239eb17582 Merge "thermal: add sepolicy rule to access ODPM sysfs" into sc-dev am: aa3d3a3adb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14182158

Change-Id: If3f0e8a183ef0dc5da3d20f0b35415c89862dcfd
 2021-04-21 16:14:34 +00:00
Wei Wang
aa3d3a3adb Merge "thermal: add sepolicy rule to access ODPM sysfs" into sc-dev 2021-04-21 15:44:40 +00:00
TreeHugger Robot
fb465ba7f5 Merge "fingerprint: fps hal can connect Stats service" into sc-dev am: 11871825f3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14211588

Change-Id: Id2a75c967637114d741fae404416cb7dbd17ce23
 2021-04-21 10:04:14 +00:00
TreeHugger Robot
11871825f3 Merge "fingerprint: fps hal can connect Stats service" into sc-dev 2021-04-21 09:46:56 +00:00
eddielan
97b2c469fa fingerprint: fps hal can connect Stats service 
04-16 23:23:42.746   402   402 E
SELinux : avc:  denied  { find } for pid=4314 uid=1000
name=android.frameworks.stats.IStats/default
scontext=u:r:hal_fingerprint_default:s0
tcontext=u:object_r:fwk_stats_service:s0
tclass=service_manager permissive=0

Bug: 183486186
Test: Build Pass
Change-Id: Ie685db6ffd27bb2ad7936f55b70c3e2e5189b0ed
 2021-04-21 09:45:52 +00:00
Aaron Tsai
028bdd6369 Update tracking error for Silent Logging tool am: 90ead0f9cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14207370

Change-Id: I3d89c02fc66ec0f3acf700047734be9c835bc20c
 2021-04-21 08:41:40 +00:00
Aaron Tsai
90ead0f9cb Update tracking error for Silent Logging tool 
04-06 20:16:59.772  1000  5754  5754 W RenderThread: type=1400 audit(0.0:17): avc: denied { write } for name="code_cache" dev="dm-7" ino=4477 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
[   65.233590] type=1400 audit(1618796326.840:4): avc: denied { getattr } for comm="y.silentlogging" path="/data/user/0/com.samsung.slsi.telephony.silentlogging" dev="dm-11" ino=6338 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
[   65.280798] type=1400 audit(1618796326.888:6): avc: denied { search } for comm="y.silentlogging" name="com.samsung.slsi.telephony.silentlogging" dev="dm-11" ino=6338 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0

04-06 21:07:23.576  7458  7458 I auditd  : type=1400 audit(0.0:64): avc: denied { create } for comm="RenderThread" name="com.android.skia.shaders_cache" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=0
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:524): avc: denied { read } for name="SHARED_PREF.xml" dev="dm-7" ino=16734 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:525): avc: denied { read } for name="com.samsung.slsi.telephony.silentlogging_preferences.xml" dev="dm-7" ino=17227 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:526): avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.telephony.silentlogging/shared_prefs/com.samsung.slsi.telephony.silentlogging_preferences.xml" dev="dm-7" ino=17227 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:527): avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.telephony.silentlogging/shared_prefs/SHARED_PREF.xml" dev="dm-7" ino=16734 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1

04-06 12:02:03.460  1000  9117  9117 W si.sysdebugmode: type=1400 audit(0.0:35): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-06 12:02:03.465  1000  9117  9117 W libc    : Access denied finding property "persist.input.velocitytracker.strategy"

04-13 15:01:12.636  1000  8718  8718 W y.silentlogging: type=1400 audit(0.0:60): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=131 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-13 15:01:12.638  1000  8718  8718 W libc    : Access denied finding property "ro.input.resampling"

04-13 15:01:12.724  1000  8718  8718 W y.silentlogging: type=1400 audit(0.0:61): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=131 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-13 15:01:12.726  1000  8718  8718 W libc    : Access denied finding property "viewroot.profile_rendering"


Bug: 184921478
Test: manual
Change-Id: Ia842b3dcfd8ec2ad30acc065f9caceafdc0458cd
 2021-04-21 06:59:01 +00:00
Yu-Chi Cheng
f63eb384e8 Merge "Allowed EdgeTPU service to generate Perfetto trace." into sc-dev am: e08f769244 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14170537

Change-Id: I2123e576556454c539af6bd3c181082e297ee4cc
 2021-04-21 01:55:11 +00:00