Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
4574 commits 1 branch 0 tags 494 MiB
Commit graph

4574 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sam Ou
cf99531470 Merge changes from topic "kernel5_revision" into main 
* changes:
  sepolicy: gs101: fix bm selinux
  sepolicy: remove dump_gs101.sh
  sepolicy: remove duplicate policy
 2024-08-23 10:58:35 +00:00
Xiaofan Jiang
181183a4f5 Merge "Revert "Revert "gs101: update shared_modem_platform sepolicy for..."" into main 2024-08-15 20:44:28 +00:00
Xiaofan Jiang
4b26ef2e43 Revert "Revert "gs101: update shared_modem_platform sepolicy for..." 
Revert submission 28822848-revert-28762313-SAYUORWKVG

Reason for revert: issue identify and fix is ready

Reverted changes: /q/submissionid:28822848-revert-28762313-SAYUORWKVG

Change-Id: I17fd2b246fc95eac9a5e953c7c7889ecb2c91d1d
 2024-08-15 19:25:33 +00:00
Priyanka Advani (xWF)
7a34ff247b Merge "Revert "gs101: update shared_modem_platform sepolicy for UMI"" into main 2024-08-15 18:30:35 +00:00
Priyanka Advani (xWF)
4c48ef2770 Revert "gs101: update shared_modem_platform sepolicy for UMI" 
Revert submission 28762313

Reason for revert: Droidmonitor created revert due to b/360059249.

Reverted changes: /q/submissionid:28762313

Change-Id: I4ffb476a64b32a4e725c894f8014070121848cc0
 2024-08-15 16:14:52 +00:00
Xiaofan Jiang
9c590907f6 Merge "gs101: update shared_modem_platform sepolicy for UMI" into main 2024-08-15 04:01:13 +00:00
samou
b8f3e01274 sepolicy: gs101: fix bm selinux 
- add odpm scale value path
- add gpu cur_freq

Flag: EXEMPT refactor
Bug: 349935208
Change-Id: Ib5f4baf57c181f3ca2470514d256f307b7761403
Signed-off-by: samou <samou@google.com>
 2024-08-14 12:32:56 +00:00
samou
a6390dc3ea sepolicy: remove dump_gs101.sh 
Flag: EXEMPT refactor
Bug: 349935208
Change-Id: I4f2d5ef40dc328237f62aac7e4116a1f1410516a
Signed-off-by: samou <samou@google.com>
 2024-08-14 12:32:30 +00:00
samou
50ee17cede sepolicy: remove duplicate policy 
Flag: EXEMPT refactor
Bug: 349935208
Change-Id: Ib20bc0cc9af38ed481697420bb92ea12a917d594
Signed-off-by: samou <samou@google.com>
 2024-08-14 12:32:05 +00:00
Xiaofan Jiang
bf7161db56 gs101: update shared_modem_platform sepolicy for UMI 
Bug: 357139752

Flag: EXEMPT sepolicy

[   68.189198] type=1400 audit(1722986580.568:59): avc:  denied  { unlink } for  comm="binder:892_2" name="modem_svc_socket" dev="dm-52" ino=20239 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1
[   68.189448] type=1400 audit(1722986580.568:60): avc:  denied  { create } for  comm="binder:892_2" name="modem_svc_socket" scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1

Change-Id: I7e28f5a8c7f8a6909fccdc813e7c94ce8c7f8831
 2024-08-14 01:42:37 +00:00
Kevin Ying
774949828e Allow camera HAL to access power_state sysfs 
08-03 01:36:52.108   791   791 W TaskPool: type=1400 audit(0.0:125): avc:  denied  { read } for  name="power_state" dev="sysfs" ino=86770 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 339690296
Test: Open camera, no display avc error
Flag: EXEMPT resource update only
Change-Id: I407c31e0898b07bef0df1b090dbc570f61c49272
Signed-off-by: Kevin Ying <kevinying@google.com>
 2024-08-08 23:17:18 +00:00
Daniel Chapin
2327a5c0f5 Merge "Revert "trusty: storageproxy: add fs_ready_rw property context"" into main 2024-07-24 21:48:57 +00:00
Daniel Chapin
7bc5a6b183 Revert "trusty: storageproxy: add fs_ready_rw property context" 
Revert submission 28318041-rw_storage

Reason for revert: Droidfood blocking bug b/355163562

Reverted changes: /q/submissionid:28318041-rw_storage

Change-Id: I3846d284bb6810ed3adea0070ac663babf6bb966
 2024-07-24 20:17:27 +00:00
Mike McTernan
f9d21e23c3 Merge "trusty: storageproxy: add fs_ready_rw property context" into main 2024-07-23 10:02:28 +00:00
Mike McTernan
63a927b837 trusty: storageproxy: add fs_ready_rw property context 
Flag: EXEMPT bug fix
Bug: 350362101
Test: ABTD
Change-Id: I6876593d904ce7223b91f30d31edcd3e60fac82b
 2024-07-15 10:32:27 +01:00
Aaron Tsai
eb11b78314 Add permission for setting gril property 
05-22 17:52:28.190   936   936 I auditd  : type=1400 audit(0.0:784): avc:  denied  { write } for  comm="radioext@1.0-se" name="property_service" dev="tmpfs" ino=842 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Bug: 343012301
Bug: 203824024
Test: manual test
Flag: EXEMPT bugfix
Change-Id: I8048a67b59beac0d2ce8c7331eb0e1ea21881f9b
 2024-07-05 08:05:03 +00:00
Wilson Sung
8c9a2875ab Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 350831964
Change-Id: Iec0a5b8418d95a83cc989681f8bc5b42e03b032f
 2024-07-03 02:05:23 +00:00
Xin Li
7d1765c2de [automerger skipped] Merge 24Q3 (ab/11976889) to aosp-main-future am: dbe46101b1 -s ours 
am skip reason: Merged-In I91df897d8ae7d8e4b1b49a7eb20f6bb5fe99755c with SHA-1 855cd95dce is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/27908657

Change-Id: If3b6af5094732d33963d309308b9cca1fb0219c6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-20 20:50:49 +00:00
Xin Li
dbe46101b1 Merge 24Q3 (ab/11976889) to aosp-main-future 
Bug: 347831320
Merged-In: I91df897d8ae7d8e4b1b49a7eb20f6bb5fe99755c
Change-Id: I9aa8156caaf003c43c790005b15e7af65ff1c2f0
 2024-06-18 14:13:22 -07:00
Xin Li
05cfd7ea64 [automerger skipped] Merge Android 14 QPR3 to AOSP main am: 9149c5888b -s ours am: bcf8958ac5 -s ours 
am skip reason: Merged-In I3d2570e6841c7c384a36b8bf2bcb8d4c9b3a9f49 with SHA-1 9948aa54c7 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3131495

Change-Id: If186c7eab7a682c68afddfc555509680ced5175b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-18 05:55:54 +00:00
Xin Li
bcf8958ac5 [automerger skipped] Merge Android 14 QPR3 to AOSP main am: 9149c5888b -s ours 
am skip reason: Merged-In I3d2570e6841c7c384a36b8bf2bcb8d4c9b3a9f49 with SHA-1 9948aa54c7 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3131495

Change-Id: I759842dfd756a95bf95741c452e5f6f7fcd3a31d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-17 20:41:32 +00:00
Xin Li
9149c5888b Merge Android 14 QPR3 to AOSP main 
Bug: 346855327
Merged-In: I3d2570e6841c7c384a36b8bf2bcb8d4c9b3a9f49
Change-Id: I0852627e915ecf0d0867b85c406c9d10a3d50de8
 2024-06-13 10:48:23 -07:00
Xin Li
78d96c7781 [automerger skipped] Merge Android 24Q2 Release (ab/11526283) to aosp-main-future am: 9948aa54c7 -s ours 
am skip reason: Merged-In I237450825ef2aaf4681265aede03091ca2d76484 with SHA-1 f0447fb52d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/27273898

Change-Id: I71377a83c2fd2b4b303b2f5d8dabd87547dfa25b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-29 19:45:33 +00:00
Wilson Sung
855cd95dce Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 340723222
Bug: 340723303
Bug: 340723030
Test: scanBugreport
Bug: 340723303
Bug: 340722537
Bug: 340723222
Bug: 340722772
Test: scanAvcDeniedLogRightAfterReboot
Bug: 340723303
Bug: 340723030
Bug: 340723222
Change-Id: I91df897d8ae7d8e4b1b49a7eb20f6bb5fe99755c
 2024-05-15 03:50:37 +00:00
KRIS CHEN
b4c75c1767 Merge "Allow fingerprint to access the folder /data/vendor/fingerprint" into main 2024-05-08 08:46:30 +00:00
chenkris
44f0166eb6 Allow fingerprint to access the folder /data/vendor/fingerprint 
Fix the following avc denial:
android.hardwar: type=1400 audit(0.0:20): avc:  denied  { write } for  name="fingerprint" dev="dm-56" ino=36703 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 267766859
Test: Tested fingerprint under enforcing mode
Change-Id: Id3f00d526dbe044f60aad2198fa65fbe3b6b2c60
 2024-05-08 06:48:55 +00:00
Xin Li
9948aa54c7 Merge Android 24Q2 Release (ab/11526283) to aosp-main-future 
Bug: 337098550
Merged-In: I237450825ef2aaf4681265aede03091ca2d76484
Change-Id: I3d2570e6841c7c384a36b8bf2bcb8d4c9b3a9f49
 2024-05-06 12:17:52 -07:00
Enzo Liao
db1807eb1e [automerger skipped] Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. am: 9df205d57f -s ours 
am skip reason: Merged-In I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf with SHA-1 b0daa90c01 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/27046800

Change-Id: I5160dde7d03a1fa534106dc07eabc90acdb28d1d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-26 08:08:34 +00:00
Enzo Liao
9df205d57f Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:b0daa90c01a3f377715524c91392fe80c9aa5800)
Merged-In: I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf
Change-Id: I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf
 2024-04-26 02:15:43 +00:00
Spade Lee
aa51b497d6 [automerger skipped] pixelstats_vendor: add logbuffer_device r_file_perms am: 2034e36abb -s ours 
am skip reason: Merged-In I2c6069f43d17114f937657724dc34e43cf3d48fe with SHA-1 66d3a4ef4e is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/27096075

Change-Id: I76023c2f8df9b07f8cad4bf3e3d83f0eef04fa2b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-25 08:20:28 +00:00
Spade Lee
2034e36abb pixelstats_vendor: add logbuffer_device r_file_perms 
avc: denied { read } for name="logbuffer_maxfg_monitor" dev="tmpfs" ino=1034 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=0

Bug: 329174074
Test: no denied log, and able to read logbuffer in pixelstats_vendor
Signed-off-by: Spade Lee <spadelee@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:66d3a4ef4e33553862de92119cd2345b777df1f6)
Merged-In: I2c6069f43d17114f937657724dc34e43cf3d48fe
Change-Id: I2c6069f43d17114f937657724dc34e43cf3d48fe
 2024-04-25 06:10:20 +00:00
Wilson Sung
6746f8920e [automerger skipped] Update SELinux error am: 5e8b518a77 am: 371efbbd49 -s ours 
am skip reason: Merged-In I5ef59058c7c7487a8a9cb238767e019631c5ac63 with SHA-1 89224de0eb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3059165

Change-Id: Ic9d6954a344d41aa4fd9bed0ba6cef6304b91d1f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-24 22:46:14 +00:00
Wilson Sung
371efbbd49 Update SELinux error am: 5e8b518a77 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3059165

Change-Id: I9e3fee37647dd0ee706e85ea35d96f68ae2fe1ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-24 22:16:34 +00:00
Wilson Sung
5e8b518a77 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 329380904
Merged-In: I5ef59058c7c7487a8a9cb238767e019631c5ac63
Change-Id: I5ef59058c7c7487a8a9cb238767e019631c5ac63
 2024-04-24 13:37:22 -07:00
Pablo Gamito
46c7063452 Revert "Remove donotaudit line for b/277155042" am: 6750917d2b am: d7cda09653 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3048618

Change-Id: I41348026047641edee9d894d4d665bc23b13dbea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-19 21:33:13 +00:00
Pablo Gamito
d7cda09653 Revert "Remove donotaudit line for b/277155042" am: 6750917d2b 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3048618

Change-Id: I8181ceda2a88a9f943cf1374e9fad8f1839f9eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-19 21:13:55 +00:00
Pablo Gamito
6750917d2b Revert "Remove donotaudit line for b/277155042" 
This reverts commit f1baab0530.

Fixes: 331693615
Reason for revert: b/331693615

Change-Id: I32d6dc1e1b89b430d34da6909590367defd0af9d
 2024-04-19 10:48:29 +00:00
Enzo Liao
637291fe10 Merge "Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common." into main 2024-04-11 02:03:26 +00:00
Enzo Liao
b0daa90c01 Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
Change-Id: I568f43ab8ed8f5ab330cbda19cd68bcc12838fdf
 2024-04-08 19:37:33 +08:00
Spade Lee
45d1beda4a sepolicy: allow kernel to search vendor debugfs am: bddc287c10 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/26762105

Change-Id: I7533cb34050e307deceb40dcf48533ce692c4087
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-03 04:24:44 +00:00
Spade Lee
bddc287c10 sepolicy: allow kernel to search vendor debugfs 
audit: type=1400 audit(1710259012.824:4): avc:  denied  { search } for  pid=128 comm="kworker/3:1" name="max77779fg" dev="debugfs" ino=24204 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
audit: type=1400 audit(1710427790.680:2): avc:  denied  { search } for  pid=10 comm="kworker/u16:1" name="gvotables" dev="debugfs" ino=10582 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_votable_debugfs:s0 tclass=dir permissive=1
audit: type=1400 audit(1710427790.680:3): avc:  denied  { search } for  pid=211 comm="kworker/u16:4" name="google_charger" dev="debugfs" ino=16673 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_charger_debugfs:s0 tclass=dir permissive=1

Bug: 328016570
Bug: 329317898
Test: check all debugfs folders are correctly mounted
Change-Id: I13ef8c4d9b0f84a8641cfbe12a7b5cf89a97d3da
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-04-02 07:35:39 +00:00
kadirpili
ec6f15d812 gs101: telephony property for cbd 
Bug: 316817111
Change-Id: Idf85b27d755cff0fb5fffb088d13b105c25beb3b
 2024-03-27 07:35:01 +00:00
Hungyen Weng
3a2d59d8a9 Allow modem_svc to access modem files and perfetto 
Bug: 331147031
Bug: 330730987

Test: Confirmed that modem_svc is able to access token db files in modem partition
Test: Confiemed that modem_svc can send traces to perfetto
Test: Confirmed v2/pixel-health-guard/device-boot-health-check-extra has no modem_svc avc denials.

Change-Id: I5fabd3177c758be533ca8bdef3cb3305afd6a5a6
 2024-03-25 22:15:19 +00:00
Treehugger Robot
883cf12320 Merge "Update SELinux error" into main 2024-03-25 13:42:12 +00:00
Pablo Gamito
f2a869d688 Remove donotaudit line for b/277155042 am: f1baab0530 am: 96fd92b050 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3009455

Change-Id: I19af3da60141ab46ca404d1f5a2de98753805469
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-25 09:28:27 +00:00
Pablo Gamito
96fd92b050 Remove donotaudit line for b/277155042 am: f1baab0530 
Original change: https://android-review.googlesource.com/c/device/google/gs101-sepolicy/+/3009455

Change-Id: Ib3a8219b620cdb59e384f4e7d83299369ab9bc0a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-03-25 09:13:06 +00:00
Ján Sebechlebský
3568f1c1e3 Merge "Remove virtual_camera dumpstate denial entry from bug_map" into main 2024-03-25 09:00:43 +00:00
Jan Sebechlebsky
27e4e3cd9d Remove virtual_camera dumpstate denial entry from bug_map 
Fix: 312894628
Test: N/A
Change-Id: Ia31780377ef121b9347eace64af470926220524b
 2024-03-25 09:00:07 +00:00
Pablo Gamito
f1baab0530 Remove donotaudit line for b/277155042 
Since this bug is now fixed

Fixes: 277155042
Test: scanBugreport
Change-Id: If2fdbcbd0b0c0edbcc6824235bbfc561e0f43378
 2024-03-25 08:55:20 +00:00
Wilson Sung
629dd3eaf9 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 331147031
Change-Id: I098aab7a986a8b2c659c006f50b5dade74ebcb5b
 2024-03-25 07:56:34 +00:00