Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
569 commits 1 branch 0 tags 494 MiB
Commit graph

569 commits

This branch
This branch
All branches
Author SHA1 Message Date
TreeHugger Robot
ccace2f90f Merge "gs101-sepolicy: Allow platform_app to call uwb" into sc-dev am: 9573fc21a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14133747

Change-Id: Ia285a61d54b3467eb56b0ae0964c1042d38f5ae2
 2021-04-22 22:39:04 +00:00
TreeHugger Robot
9573fc21a0 Merge "gs101-sepolicy: Allow platform_app to call uwb" into sc-dev 2021-04-22 22:12:28 +00:00
Michael Ayoubi
0f58cb9a66 Merge "gs101: Remove kernel.te after UWB fixes" into sc-dev am: 134a3882cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14275478

Change-Id: I4bcdce350de5be018f303b87f839a9c9d3e1204e
 2021-04-22 15:33:42 +00:00
Michael Ayoubi
134a3882cc Merge "gs101: Remove kernel.te after UWB fixes" into sc-dev 2021-04-22 15:11:23 +00:00
sukiliu
0370eaf549 Update avc error on ROM 7302474 am: 89e016d436 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14276161

Change-Id: I77cf5bdbb398272ccc1064c26e661c44e9d73b95
 2021-04-22 07:22:31 +00:00
Michael Ayoubi
d17f3bad0f gs101: Remove kernel.te after UWB fixes 
tracking_denials/kernel.te is no longer needed after fixes from b/182954062.

Bug: 171943668
Test: Add dw3000 module back into build
      Compile and test image on Raven
      Confirm no avc denial logs are seen and that the dw3000 driver
      loads successfully.
Signed-off-by: Michael Ayoubi <mayoubi@google.com>
Change-Id: I9a8510ed3852c053319a3395871728048a57ecb5
 2021-04-22 05:38:21 +00:00
sukiliu
89e016d436 Update avc error on ROM 7302474 
avc: denied { call } for scontext=u:r:servicemanager:s0 tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=0

Bug: 186067463
Test: PTS SELinuxTest
Change-Id: I2792875a195fa3ca75d6fa57537f81e7dbeb5bac
 2021-04-22 11:21:10 +08:00
Wei Wang
75fe88e1a7 Merge "thermal: add sepolicy rule to access ODPM sysfs" into sc-dev am: aa3d3a3adb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14182158

Change-Id: I896ddd5a9d1fb6c79f6c3509b6dd3bbd351ab89a
 2021-04-21 16:12:15 +00:00
Wei Wang
aa3d3a3adb Merge "thermal: add sepolicy rule to access ODPM sysfs" into sc-dev 2021-04-21 15:44:40 +00:00
TreeHugger Robot
03669af095 Merge "fingerprint: fps hal can connect Stats service" into sc-dev am: 11871825f3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14211588

Change-Id: Id70bad75b004252631ed22a2b65eaea083b56fac
 2021-04-21 10:02:07 +00:00
TreeHugger Robot
11871825f3 Merge "fingerprint: fps hal can connect Stats service" into sc-dev 2021-04-21 09:46:56 +00:00
eddielan
97b2c469fa fingerprint: fps hal can connect Stats service 
04-16 23:23:42.746   402   402 E
SELinux : avc:  denied  { find } for pid=4314 uid=1000
name=android.frameworks.stats.IStats/default
scontext=u:r:hal_fingerprint_default:s0
tcontext=u:object_r:fwk_stats_service:s0
tclass=service_manager permissive=0

Bug: 183486186
Test: Build Pass
Change-Id: Ie685db6ffd27bb2ad7936f55b70c3e2e5189b0ed
 2021-04-21 09:45:52 +00:00
Aaron Tsai
721ba4e6f2 Update tracking error for Silent Logging tool am: 90ead0f9cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14207370

Change-Id: I5ed8b83a65356d334f122c57e1939fb6e184ddc2
 2021-04-21 08:39:25 +00:00
Aaron Tsai
90ead0f9cb Update tracking error for Silent Logging tool 
04-06 20:16:59.772  1000  5754  5754 W RenderThread: type=1400 audit(0.0:17): avc: denied { write } for name="code_cache" dev="dm-7" ino=4477 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
[   65.233590] type=1400 audit(1618796326.840:4): avc: denied { getattr } for comm="y.silentlogging" path="/data/user/0/com.samsung.slsi.telephony.silentlogging" dev="dm-11" ino=6338 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
[   65.280798] type=1400 audit(1618796326.888:6): avc: denied { search } for comm="y.silentlogging" name="com.samsung.slsi.telephony.silentlogging" dev="dm-11" ino=6338 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0

04-06 21:07:23.576  7458  7458 I auditd  : type=1400 audit(0.0:64): avc: denied { create } for comm="RenderThread" name="com.android.skia.shaders_cache" scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=0
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:524): avc: denied { read } for name="SHARED_PREF.xml" dev="dm-7" ino=16734 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:525): avc: denied { read } for name="com.samsung.slsi.telephony.silentlogging_preferences.xml" dev="dm-7" ino=17227 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:526): avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.telephony.silentlogging/shared_prefs/com.samsung.slsi.telephony.silentlogging_preferences.xml" dev="dm-7" ino=17227 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
04-13 14:14:38.572  1000  8875  8875 I SharedPreferenc: type=1400 audit(0.0:527): avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.telephony.silentlogging/shared_prefs/SHARED_PREF.xml" dev="dm-7" ino=16734 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1

04-06 12:02:03.460  1000  9117  9117 W si.sysdebugmode: type=1400 audit(0.0:35): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-06 12:02:03.465  1000  9117  9117 W libc    : Access denied finding property "persist.input.velocitytracker.strategy"

04-13 15:01:12.636  1000  8718  8718 W y.silentlogging: type=1400 audit(0.0:60): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=131 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-13 15:01:12.638  1000  8718  8718 W libc    : Access denied finding property "ro.input.resampling"

04-13 15:01:12.724  1000  8718  8718 W y.silentlogging: type=1400 audit(0.0:61): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=131 scontext=u:r:vendor_telephony_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
04-13 15:01:12.726  1000  8718  8718 W libc    : Access denied finding property "viewroot.profile_rendering"


Bug: 184921478
Test: manual
Change-Id: Ia842b3dcfd8ec2ad30acc065f9caceafdc0458cd
 2021-04-21 06:59:01 +00:00
Yu-Chi Cheng
0c21817ad1 Merge "Allowed EdgeTPU service to generate Perfetto trace." into sc-dev am: e08f769244 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14170537

Change-Id: I24b613658d31195eca9215bef2cc0638c778db0b
 2021-04-21 01:55:11 +00:00
Yu-Chi Cheng
e08f769244 Merge "Allowed EdgeTPU service to generate Perfetto trace." into sc-dev 2021-04-21 01:15:33 +00:00
Yu-Chi Cheng
f5bb17ab49 Allowed EdgeTPU service to generate Perfetto trace. 
Bug: 185238493
Test: tested on local Oriole
Change-Id: I2973ccedd05d5f6dd06c3044adeb983ffb4628aa
 2021-04-20 12:08:42 -07:00
Wenhao Wang
dc7970d82a Merge "Fix selinux for RPMB daemon" into sc-dev am: a16b1668be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14242046

Change-Id: I814c3fa64629e08a15552af192244e61e8895faf
 2021-04-20 17:54:13 +00:00
Wenhao Wang
a16b1668be Merge "Fix selinux for RPMB daemon" into sc-dev 2021-04-20 17:20:50 +00:00
TreeHugger Robot
cd0abec4c6 Merge "sepolicy: add cs40l26 haptics modules" into sc-dev am: 77725ac5f8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14236565

Change-Id: I3f53c457c0057aef86e9c7bb24aacc92a5f60830
 2021-04-20 12:18:21 +00:00
TreeHugger Robot
77725ac5f8 Merge "sepolicy: add cs40l26 haptics modules" into sc-dev 2021-04-20 11:49:51 +00:00
Tai Kuo
0e9abb4ef2 sepolicy: add cs40l26 haptics modules 
Fix the following avc denial:
avc: denied { module_load } for comm="insmod" path="/vendor_dlkm/lib/modules/cl_dsp.ko" dev="overlay" ino=41 scontext=u:r:init-insmod-sh:s0 tcontext=u:object_r:vendor_file:s0 tclass=system permissive=1

Bug: 184610991
Test: Full built. Check if the avc denial was gone.
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: Ic41ea6a6add818bfdf95e71e20df77b9e06db6c1
 2021-04-20 11:43:03 +00:00
TreeHugger Robot
c5281c95d2 Merge "remove obsolete entry" into sc-dev am: a0fbe1508d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14233638

Change-Id: I0e8497caa9243d4831fb53ed1ed901c6d427fff2
 2021-04-20 08:00:34 +00:00
TreeHugger Robot
a0fbe1508d Merge "remove obsolete entry" into sc-dev 2021-04-20 07:52:18 +00:00
Adam Shih
39e65e661e suppress logs created by userdebug-only features am: a2f8a45c46 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14233635

Change-Id: I32e986dd5b9c01b5ed7adc8c3aabf06a81d56648
 2021-04-20 07:48:53 +00:00
Adam Shih
93b498ea78 remove obsolete entry 
Bug: 182531832
Test: do bugreport with no dumpstate related error
Change-Id: I3f19f82f37b11221f4816d958797336da23b14b4
 2021-04-20 14:42:55 +08:00
Adam Shih
a2f8a45c46 suppress logs created by userdebug-only features 
Bug: 185439604
Test: cts-tradefed run commandAndExit cts -m CtsSecurityHostTestCases
Change-Id: I8d993154e8e6c3205e1e83c6b81d4d9064dc3171
 2021-04-20 06:17:20 +00:00
Wenhao Wang
f5277482c1 Fix selinux for RPMB daemon 
Secure persistent storage has been moved to persist root.
The corresponding pathes on SELinux policy has to be updated.

Bug: 173971240
Bug: 173032298
Test: Trusty storage tests
Change-Id: I0e7756f3b4d5c6be705a87e1d7d80247df1ec4bb
 2021-04-20 13:01:23 +08:00
Wei Wang
2eecd29f2f Merge "Grant Fabric node access for memory min frequency setting" into sc-dev am: 0ae24df58d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14242545

Change-Id: I47da08d8684a588094705204ac56c56334751e62
 2021-04-20 02:53:43 +00:00
Wei Wang
0ae24df58d Merge "Grant Fabric node access for memory min frequency setting" into sc-dev 2021-04-20 02:14:18 +00:00
Taeju Park
3e824702f2 Grant Fabric node access for memory min frequency setting 
Bug: 170510392
Signed-off-by: Taeju Park <taeju@google.com>
Change-Id: Ia96c8d9e890251a4f82bf8c8bb042ae6ce57182b
 2021-04-20 00:46:32 +00:00
Salmax Chang
f9718d7bab Merge "dumpstate/incident: Fix avc errors" into sc-dev am: 854e4dfd60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14207379

Change-Id: I1e4499000e0a3a3589bf61333038e8391ca9cf79
 2021-04-19 10:32:04 +00:00
Salmax Chang
854e4dfd60 Merge "dumpstate/incident: Fix avc errors" into sc-dev 2021-04-19 10:00:10 +00:00
SalmaxChang
1b17b0fbaa dumpstate/incident: Fix avc errors 
avc: denied { append } for path="/storage/emulated/0/Android/data/com.android.pixellogger/files/bugreport-oriole-MASTER-2021-04-19-14-57-22.zip" dev="dm-7" ino=35424 scontext=u:r:dumpstate:s0 tcontext=u:object_r:media_rw_data_file:s0:c28,c257,c512,c768 tclass=file
avc: denied { use } for path="/storage/emulated/0/Android/data/com.android.pixellogger/files/bugreport-oriole-MASTER-2021-04-19-14-57-22.zip" dev="dm-7" ino=35424 scontext=u:r:incident:s0 tcontext=u:r:logger_app:s0:c28,c257,c512,c768 tclass=fd
avc: denied { append } for path="/storage/emulated/0/Android/data/com.android.pixellogger/files/bugreport-oriole-MASTER-2021-04-19-16-30-05.zip" dev="dm-7" ino=12639 scontext=u:r:incident:s0 tcontext=u:object_r:media_rw_data_file:s0:c30,c257,c512,c768 tclass=file

Bug: 178744858
Change-Id: I07eb1f4abf6cb9b399c773854ca6f47fcd5e2f37
 2021-04-19 08:34:57 +00:00
TreeHugger Robot
c7657f946d Merge "Add sepolicy rules when PowerAnomalyDataDetection service enabled" into sc-dev am: 8c30e63758 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14207376

Change-Id: Id20a8bf887bea871ea558e91f6c4f9f2fa2a2aa6
 2021-04-19 06:18:21 +00:00
TreeHugger Robot
ad00a4479c Merge "remove obsolete domains" into sc-dev am: 07121f1245 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14230396

Change-Id: I5649646be20304eb0c2f4d2289c8d42cdacf3af0
 2021-04-19 06:17:34 +00:00
TreeHugger Robot
8c30e63758 Merge "Add sepolicy rules when PowerAnomalyDataDetection service enabled" into sc-dev 2021-04-19 06:03:11 +00:00
TreeHugger Robot
07121f1245 Merge "remove obsolete domains" into sc-dev 2021-04-19 05:56:38 +00:00
Rios Kao
3b36f9f4e9 Merge "Allow ssr_detector to read aoc version property" into sc-dev am: 1b25799252 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14185472

Change-Id: I6f06b0d6e7e1aaf1371491d14eaa374b2a78eef1
 2021-04-19 04:33:27 +00:00
Rios Kao
1b25799252 Merge "Allow ssr_detector to read aoc version property" into sc-dev 2021-04-19 04:19:34 +00:00
Adam Shih
597926934c update error on ROM 7293525 am: 59a1c3f04a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14230390

Change-Id: Ie51d0e43b7c8b0c85102ab22bd3e8a835cbc1ee6
 2021-04-19 03:42:21 +00:00
Adam Shih
99988c4c5f remove obsolete domains 
Bug: 168013500
Test: Check that abox and rpmbd are not in ROM anywhere in oriole, raven user,
userdebug and factory ROM

Change-Id: Ie091a1036ba6c25a3c7f0ef0b8f69cc9fc4e306a
 2021-04-19 11:14:54 +08:00
Adam Shih
59a1c3f04a update error on ROM 7293525 
Bug: 185723618
Bug: 185723492
Bug: 185723694
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I5cc12384aca5dcc2658b914e5c7783f2e1e70b5d
 2021-04-19 09:52:55 +08:00
TreeHugger Robot
24cbff3fd4 Merge "sepolicy: fix fingerprint sepolicy" into sc-dev am: 96ed3bb51c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14207375

Change-Id: Id443be6287e001621a2d801aebbc75bf3122c7b4
 2021-04-16 09:55:29 +00:00
TreeHugger Robot
96ed3bb51c Merge "sepolicy: fix fingerprint sepolicy" into sc-dev 2021-04-16 09:25:33 +00:00
eddielan
75a9ea1ee4 sepolicy: fix fingerprint sepolicy 
04-16 01:56:07.948  1039  1039 W fingerprint@2.1: type=1400 audit(0.0:110):
avc: denied { write } for name="wakeup_enable" dev="sysfs" ino=69197
scontext=u:r:hal_fingerprint_default:s0
tcontext=u:object_r:sysfs:s0
tclass=file permissive=0

Bug: 185538163
Test: Build Pass
Change-Id: I8f75daf22577e6a68f3b2a0250eebebd1873ea28
 2021-04-16 15:17:20 +08:00
SalmaxChang
5b14e5db89 Create vendor_logger_prop am: 3c692b942a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14207372

Change-Id: I5c767d97a1e4ddd55a2ba22c58a24fc3be4c10f4
 2021-04-16 06:30:53 +00:00
SalmaxChang
3c692b942a Create vendor_logger_prop 
Bug: 178744858
Change-Id: I4abb6f73b068c5ed265979c3190bcc2feac76f94
 2021-04-16 06:06:36 +00:00
Hsiaoan Hsu
0790114826 Add sepolicy rules when PowerAnomalyDataDetection service enabled 
- Fix avc denied when Power anomaly data detection enable.

Bug: 185544799
Test: Verified Pass
Change-Id: I7b81e09842acb71767f60df18fd0ca4a95e0ff09
 2021-04-16 13:37:04 +08:00
TreeHugger Robot
f6fff87e28 Merge "Update sepolicy for the egetpu_logging service to access the sysfs." into sc-dev am: ca24e70422 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14194013

Change-Id: Icfcdfb4d7fc0b437d3bd0d60bc10239bcdbd514e
 2021-04-16 02:36:18 +00:00