Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
10 commits 1 branch 0 tags 494 MiB
Commit graph

10 commits

This branch
This branch
All branches
Author SHA1 Message Date
Yu-Chi Cheng
d18a92b0ef Allowed the EdgeTPU service to access Package Manager binder service. 
EdgeTPU service will connect to the Package Manager service
to verify applicatoin signatures.
This change added the corresponding SELinux rules to allow such
connection.

Bug: 181821398
Test: Verified using Google Camera App on local device.
Change-Id: Ia32b3de102c162e28710e0aa917831e8de784183
 2021-03-08 16:02:14 -08:00
TreeHugger Robot
cd3a13deaf Merge "sepolicy: add usf folder to BOARD_SEPOLICY_DIRS." into sc-dev 2021-03-08 09:02:32 +00:00
TreeHugger Robot
433719c74f Merge "Allow vendor_init to set USB properties" into sc-dev 2021-03-08 08:38:01 +00:00
Alex Hong
6bfbfc3c3a Allow vendor_init to set USB properties 
Bug: 181925042
Test: $ make selinux_policy
      Push SELinux modules, switch to Enforcing mode
      Ensure the vendor_init denials are gone
Change-Id: I4007cbc2396fa1fc22f1d18a977beb11c57e3b12
 2021-03-08 14:59:13 +08:00
matthuang
04275485f7 sepolicy: add usf folder to BOARD_SEPOLICY_DIRS. 
03-08 09:26:34.320   701   701 I MonitorFdThread: type=1400
audit(0.0:5): avc: denied { read } for name="/" dev="tmpfs" ino=1
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:device:s0
tclass=dir permissive=1
03-08 09:26:34.320   701   701 I MonitorFdThread: type=1400
audit(0.0:6): avc: denied { watch } for path="/dev" dev="tmpfs" ino=1
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:device:s0
tclass=dir permissive=1
03-08 09:26:36.344   701   701 I android.hardwar: type=1400
audit(0.0:11): avc: denied { read write } for name="acd-com.google.usf"
dev="tmpfs" ino=932 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:aoc_device:s0 tclass=chr_file permissive=1
03-08 09:26:36.344   701   701 I android.hardwar: type=1400
audit(0.0:12): avc: denied { open } for path="/dev/acd-com.google.usf"
dev="tmpfs" ino=932 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:aoc_device:s0 tclass=chr_file permissive=1
03-08 09:26:36.948   701   701 I android.hardwar: type=1400
audit(0.0:13): avc: denied { search } for name="vendor" dev="tmpfs"
ino=2 scontext=u:r:hal_sensors_default:s0
tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1
03-08 09:26:36.948   701   701 I android.hardwar: type=1400
audit(0.0:14): avc: denied { search } for name="/" dev="sda1" ino=2
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:persist_file:s0
tclass=dir permissive=1
03-08 09:26:36.952   701   701 I android.hardwar: type=1400
audit(0.0:15): avc: denied { getattr } for
path="/mnt/vendor/persist/sensors/registry" dev="sda1" ino=24
scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:persist_file:s0
tclass=dir permissive=1
03-08 09:26:36.952   701   701 I android.hardwar: type=1400
audit(0.0:16): avc: denied { read } for name="registry" dev="sda1"
ino=24

Bug:182086633
Test: make selinux_policy -j128 and push to device.
Test: avc denials are disappeared in boot log.

Change-Id: Id7ad6dcb63c880a4b7b07dbe4588ec231e9e00b5
 2021-03-08 14:08:19 +08:00
SalmaxChang
4d87bc0f2a cbd: Fix avc errors 
avc: denied { write } for comm="cbd" name="ssrdump" dev="dm-9" ino=284 scontext=u:r:cbd:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir
avc: denied { add_name } for comm="cbd" name="crashinfo_modem_2021-03-02_10-57-06.txt" scontext=u:r:cbd:s0 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir
avc: denied { write } for comm="sh" name="image" dev="dm-9" ino=231 scontext=u:r:cbd:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir
avc: denied { read } for comm="cbd" name="u:object_r:radio_prop:s0" dev="tmpfs" ino=206 scontext=u:r:cbd:s0 tcontext=u:object_r:radio_prop:s0 tclass=file
avc: denied { search } for comm="cbd" name="/" dev="sda15" ino=2 scontext=u:r:cbd:s0 tcontext=u:object_r:persist_file:s0 tclass=dir
avc: denied { syslog_read } for comm="cbd" scontext=u:r:cbd:s0 tcontext=u:r:kernel:s0 tclass=system

Bug: 179198083
Bug: 178331928
Bug: 171267363
Change-Id: I8a89e360e6d614ad76ed2eb78467fcbedf1ea0ce
 2021-03-08 06:00:45 +00:00
Adam Shih
fc5a6a88db update error on ROM 7191013 
Bug: 182086633
Bug: 182086611
Bug: 182086552
Bug: 182086686
Bug: 182086550
Bug: 182086551
Bug: 182086482
Bug: 182086688
Bug: 182086481
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I3c8c411d985a4a3c9210a39aa30ea0c3626f65e0
 2021-03-08 09:42:05 +08:00
Robin Peng
5009efa776 Move slider-sepolicy into gs101-sepolicy 
from: 71e609c24c97fc8d44843af30527cbeb90d5dcdf

Bug: 167996145
Change-Id: Ie00e7e0983a3ca695bbd5140c929d07a80144301
 2021-03-06 16:15:39 +08:00
Robin Peng
ed6fcdbdc1 Add owners file 
Bug: 167996145
Change-Id: I0865c8272d32859ab5ce44841582ee371b0cf972
 2021-03-04 16:33:18 +08:00
Inna Palant
28ea155558 Initial empty repository 2021-01-22 08:06:42 -08:00