Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
569 commits 1 branch 0 tags 494 MiB
Commit graph

569 commits

This branch
This branch
All branches
Author SHA1 Message Date
Peter Csaszar
d39d9e517f pixel-selinux: add SJTAG policies am: bc525e1a49 am: 6ff24d2a06 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14489636

Change-Id: Icab05e0fb309a6eaa0befd3d3960e84569957005
 2021-05-11 07:47:11 +00:00
Peter Csaszar
6ff24d2a06 pixel-selinux: add SJTAG policies am: bc525e1a49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14489636

Change-Id: I19e3462634d1e299ca6bfb8e8e01bd3e689bd903
 2021-05-11 07:24:12 +00:00
Peter Csaszar
bc525e1a49 pixel-selinux: add SJTAG policies 
These are the SELinux policies for the DebugFS files of the SJTAG
kernel interface.

Bug: 184768605
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Change-Id: I36996d6fd5fe09adb7a36be573cf57f15ea35756
 2021-05-10 17:58:04 -07:00
Wei Wang
ff1bb37173 Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev am: 551505ae05 am: 8181bbaaac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14486216

Change-Id: I616fa1b699d2b2fee93496cf06b24786f7e4e74b
 2021-05-11 00:34:34 +00:00
Wei Wang
8181bbaaac Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev am: 551505ae05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14486216

Change-Id: I28349709c6a549e25ed8dffd490c84af777b83e9
 2021-05-11 00:18:41 +00:00
Wei Wang
551505ae05 Merge "Add policy for memlat governor needs create/delete perf events" into sc-dev 2021-05-10 23:59:50 +00:00
Jia-yi Chen
344b354f8b Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev am: 06a0792bf1 am: 1912dc976e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14460156

Change-Id: I7d847033afc8548522bac80ad657bcbae806dbd7
 2021-05-10 19:07:21 +00:00
Jia-yi Chen
1912dc976e Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev am: 06a0792bf1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14460156

Change-Id: I1ddc002e6e20ca3dec0db9f018260ec0e56db574
 2021-05-10 18:52:15 +00:00
Jia-yi Chen
06a0792bf1 Merge "Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0" into sc-dev 2021-05-10 18:29:41 +00:00
Kyle Lin
1124aeaf32 Add policy for memlat governor needs create/delete perf events 
[   31.756984] type=1400 audit(1620144320.436:11): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[   31.757246] type=1400 audit(1620144320.436:12): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
[   31.757352] type=1400 audit(1620144320.436:13): avc: denied { perfmon } for comm="cpuhp/4" capability=38 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability2 permissive=0
[   31.757450] type=1400 audit(1620144320.436:14): avc: denied { sys_admin } for comm="cpuhp/4" capability=21 scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=capability permissive=0
...
...
[  215.584932] type=1400 audit(1620634018.936:191): avc: denied { cpu } for comm="cpuhp/4" scontext=u:r:kernel:s0 tcontext=u:r:kernel:s0 tclass=perf_event permissive=0

Bug: 187437491
Bug: 170479743
Test: build, boot and suspend/resume test 200 times.

Change-Id: I4fd3d3fb915ca518ffa226f25298c94faaf867f1
 2021-05-10 16:18:58 +08:00
JJ Lee
2a2ce4a0ae Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev am: df02b6ef77 am: 51c75a291e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14452416

Change-Id: I085a5e10dc22ac41c84c98614dbe3133c5971d40
 2021-05-10 02:58:04 +00:00
JJ Lee
51c75a291e Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev am: df02b6ef77 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14452416

Change-Id: I9da7211554c5f2fdce509051caa4f3b2e381f9c1
 2021-05-10 02:34:31 +00:00
JJ Lee
df02b6ef77 Merge "sepolicy: gs101: allow audio hal to use wakelock" into sc-dev 2021-05-10 02:14:07 +00:00
TreeHugger Robot
df80f0be9f Merge "vibrator: Remove temporary method" into sc-dev am: ec3144742f am: e853b4335e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14467421

Change-Id: I6170cab39b5fec5c777500dab7506fafafba7000
 2021-05-10 01:58:17 +00:00
TreeHugger Robot
eb15c49e77 Merge changes Ic697ffe8,Idcf38e09 into sc-dev am: a2d2ebd508 am: 41d657e591 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456725

Change-Id: I7c502814dadb2a5bb026fb856b0d8a6c7905085a
 2021-05-10 01:57:50 +00:00
TreeHugger Robot
e853b4335e Merge "vibrator: Remove temporary method" into sc-dev am: ec3144742f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14467421

Change-Id: I8abc6a5985a10691d2a6b2350aaf7c1b3b523056
 2021-05-10 01:41:55 +00:00
TreeHugger Robot
41d657e591 Merge changes Ic697ffe8,Idcf38e09 into sc-dev am: a2d2ebd508 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456725

Change-Id: I31ebc93fd8a8a664f75e623c007482fa345a1248
 2021-05-10 01:41:42 +00:00
TreeHugger Robot
ec3144742f Merge "vibrator: Remove temporary method" into sc-dev 2021-05-10 01:13:47 +00:00
TreeHugger Robot
a2d2ebd508 Merge changes Ic697ffe8,Idcf38e09 into sc-dev 
* changes:
  Remove dumpstate AVC denials dontaudit for twoshay
  Allow dumpstate to access twoshay
 2021-05-10 01:11:46 +00:00
TreeHugger Robot
73f7604819 Merge "Allow radioext to communicate with bt hal" into sc-dev am: c03c055812 am: 93008dc81a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456718

Change-Id: I04601b7854246242a3e73d12ceb0491c7428c3c4
 2021-05-08 19:33:35 +00:00
TreeHugger Robot
93008dc81a Merge "Allow radioext to communicate with bt hal" into sc-dev am: c03c055812 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14456718

Change-Id: I3d1fed21b348e309acf8c981d0295fc0c6db1597
 2021-05-08 19:13:26 +00:00
TreeHugger Robot
c03c055812 Merge "Allow radioext to communicate with bt hal" into sc-dev 2021-05-08 18:59:51 +00:00
TreeHugger Robot
73e866b8c8 Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev am: 296f8ddc5d am: cb8de215f8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14440528

Change-Id: I5f0f438dd488cb64579f777809ddf2ab31fd9926
 2021-05-07 23:59:40 +00:00
TreeHugger Robot
cb8de215f8 Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev am: 296f8ddc5d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14440528

Change-Id: I99470e75b9839107b8ea89232437d3c91a722a23
 2021-05-07 23:45:52 +00:00
TreeHugger Robot
296f8ddc5d Merge "iwlan: update sepolicy for qualifiednetworksservice" into sc-dev 2021-05-07 23:29:31 +00:00
chasewu
59161a5745 vibrator: Remove temporary method 
Bug: 177176811
Test: no avc denied logs
Signed-off-by: chasewu <chasewu@google.com>
Change-Id: I424e15037b3e20824f5e072d88bdf71a50cfdabf
 2021-05-07 18:33:15 +08:00
Seungah Lim
72e6339123 iwlan: update sepolicy for qualifiednetworksservice 
Bug: 185942456
Test: VoLTE/VoWifi

Change-Id: I352bb933e577b11bb052a297d17776ff0a5f3a75
Signed-off-by: Seungah Lim <sss.lim@samsung.com>
 2021-05-07 17:14:00 +08:00
Tai Kuo
8e3aaa30ff Remove dumpstate AVC denials dontaudit for twoshay 
Bug: 187014717
Test: pts-tradefed run pts -m PtsSELinuxTest -t \
  com.google.android.selinux.pts.SELinuxTest#scanBugreport
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: Ic697ffe8f6ee15fb9d9330173a3c92aeca61de67
 2021-05-07 14:56:22 +08:00
Tai Kuo
0e68aed154 Allow dumpstate to access twoshay 
Bug: 173330981
Bug: 187014717
Test: no avc denials for twoshay was found.
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: Idcf38e0921fb4d6d617e7cd443425193aea3fe91
 2021-05-07 14:55:43 +08:00
Jia-yi Chen
15c046878b Add high_capacity_start_cpu to u:object_r:sysfs_vendor_sched:s0 
Bug: 186564130
Test: Boot & check powerhal log
Change-Id: I1a828f113266d4b3386b2f6fa74df050255113a9
 2021-05-06 21:00:08 -07:00
Labib
a27f8c4480 Allow radioext to communicate with bt hal 
Bug: 187447420
Change-Id: I1a1626502a6c3913846b957c3c0a31fdd99feb31
 2021-05-07 09:20:02 +08:00
Tri Vo
b38ed0c788 Merge "trusty: sepolicy for metrics reporter" into sc-dev am: f7bec8b3c6 am: f40a4f7416 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14286451

Change-Id: I03c47276db396ec87b7f6bb27af99fa4033e7b52
 2021-05-06 16:29:52 +00:00
Tri Vo
f40a4f7416 Merge "trusty: sepolicy for metrics reporter" into sc-dev am: f7bec8b3c6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14286451

Change-Id: I9723772bdbd3c02e6af0e7348d45a3717a19cc0c
 2021-05-06 16:09:53 +00:00
Tri Vo
f7bec8b3c6 Merge "trusty: sepolicy for metrics reporter" into sc-dev 2021-05-06 15:52:51 +00:00
JJ Lee
43735f0fc3 sepolicy: gs101: allow audio hal to use wakelock 
Bug: 178789331
Test: build pass
Signed-off-by: JJ Lee <leejj@google.com>
Change-Id: I1d5c9ea8726f2e53bc05e0ecd5dedddede274794
 2021-05-06 19:43:24 +08:00
Aaron Tsai
e4773d1db2 Fix avc denied for shannon-ims am: 6a9a85cd07 am: 71aa99edff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14410097

Change-Id: I8935b75ce3632935b127d7c1a4038886d40461bf
 2021-05-06 11:07:46 +00:00
Aaron Tsai
71aa99edff Fix avc denied for shannon-ims am: 6a9a85cd07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14410097

Change-Id: I84e986338a7985fe26cdf179bd1734771956defa
 2021-05-06 10:53:09 +00:00
Aaron Tsai
6a9a85cd07 Fix avc denied for shannon-ims 
04-01 19:10:22.956 10272  2327  2327 W Binder:2327_4: type=1400 audit(0.0:8): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_ims_app:s0:c16,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.shannon.imsservice
04-01 19:10:22.960 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.wfc_avail_ovr0"
04-01 19:10:22.981 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.vt_avail_ovr0"
04-01 19:10:22.982 10272  2327  4980 E libc    : Access denied finding property "persist.dbg.volte_avail_ovr0"

Bug: 183935382
Bug: 184858478
Test: verified with the forrest ROM and error log goneFix
Change-Id: I0754c6be7f74ed73533e9570c7d1916320ab2897
 2021-05-06 09:04:03 +00:00
TreeHugger Robot
647dcaf48d Merge "HardwareInfo: Add sepolicy for display" into sc-dev am: 6978eeaea4 am: 5bb2c8ab79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13824666

Change-Id: I30ae225a60b80f8167c4dd9a3723725d6e53ab3c
 2021-05-06 06:31:05 +00:00
TreeHugger Robot
51380a7089 Merge "wlc fwupdate implementation" into sc-dev am: 577f562727 am: 9fccfb01ce 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14063269

Change-Id: Ie01bf8328923a33c63ae7070dac41e687afdeec5
 2021-05-06 06:30:22 +00:00
TreeHugger Robot
5bb2c8ab79 Merge "HardwareInfo: Add sepolicy for display" into sc-dev am: 6978eeaea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13824666

Change-Id: Ifa6682feee948555974d8776d60accb4cc3b356e
 2021-05-06 06:07:06 +00:00
TreeHugger Robot
6978eeaea4 Merge "HardwareInfo: Add sepolicy for display" into sc-dev 2021-05-06 06:03:18 +00:00
TreeHugger Robot
9fccfb01ce Merge "wlc fwupdate implementation" into sc-dev am: 577f562727 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14063269

Change-Id: I2fa4b8768369139bb9d0ea226b6e98ecd38e2ee0
 2021-05-06 05:59:24 +00:00
TreeHugger Robot
577f562727 Merge "wlc fwupdate implementation" into sc-dev 2021-05-06 05:41:01 +00:00
SalmaxChang
12593ef488 logger_app: Fix avc errors am: ab97657410 am: ebf55ff9f1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439439

Change-Id: I066f7b1bbcde9324172955b9997c65554c66709f
 2021-05-06 04:41:26 +00:00
SalmaxChang
ebf55ff9f1 logger_app: Fix avc errors am: ab97657410 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439439

Change-Id: Ia96374b57725305faa7c900ee4702bc2167fde7c
 2021-05-06 04:16:28 +00:00
SalmaxChang
ab97657410 logger_app: Fix avc errors 
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=141 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger
Access denied finding property "viewroot.profile_rendering"
Access denied finding property "ro.input.resampling"
Access denied finding property "persist.input.velocitytracker.strategy"

avc: denied { read } for comm="oid.pixellogger" name="u:object_r:usb_control_prop:s0" dev="tmpfs" ino=281 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:usb_control_prop:s0 tclass=file permissive=0 app=com.android.pixellogger

Bug: 186612284
Change-Id: I15f00d9ed3cc0c0657c854292caad60e3f7a3011
 2021-05-06 03:57:01 +00:00
Jack Wu
8afb8bee7b sepolicy: gs101: Fix hal_health_default avc denials am: 2c1ecf3a54 am: 388860a7ba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439451

Change-Id: I08759859df54a805168b3ee1aa5a1c9fa7d0ffea
 2021-05-05 22:30:20 +00:00
Jack Wu
388860a7ba sepolicy: gs101: Fix hal_health_default avc denials am: 2c1ecf3a54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439451

Change-Id: I9c4332385e1a22043938a022c2074d34b490adbf
 2021-05-05 22:16:08 +00:00
Jack Wu
2c1ecf3a54 sepolicy: gs101: Fix hal_health_default avc denials 
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:3): avc: denied { read } for name="type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:4): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:5): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 184429394
Test: Verify pass by checking device log are w/o above errors after
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: If1253c902af1723ca80d31223f51ebf439404527
 2021-05-06 00:26:14 +08:00