Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2756 commits 1 branch 0 tags 494 MiB
Commit graph

2756 commits

This branch
This branch
All branches
Author SHA1 Message Date
Siddharth Kapoor
00ceb78ed2 Label GPU power_policy sysfs node am: a7aa46862d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16091105

Change-Id: Iad4caeea7667379e15b69b9a2694a31d759c9dab
 2021-11-02 05:03:24 +00:00
TreeHugger Robot
eeaf013788 Merge "Grant selinux permission to com.google.edgetpu_app_service-V2-ndk.so" 2021-11-01 01:28:53 +00:00
qinyiyan
d60240f504 Grant selinux permission to com.google.edgetpu_app_service-V2-ndk.so 
Bug: 204528053
Test: forrest build with the change. AVC denials don't show up.
Change-Id: Ic3fafeb749156967d772d5288ecf99a44ebc7031
 2021-10-29 15:04:31 -07:00
Siddharth Kapoor
6d1da2c994 Label GPU power_policy sysfs node am: f94633e718 am: 62460926d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16123766

Change-Id: Ic0715cc18f5848e694d40f3633c005cf7964791c
 2021-10-28 01:27:24 +00:00
Siddharth Kapoor
62460926d3 Label GPU power_policy sysfs node am: f94633e718 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16123766

Change-Id: Ia753ea69fb270e2bbeca29f2275b84482cc77ec3
 2021-10-28 01:08:49 +00:00
Jiyong Park
b928ceec0c [automerger skipped] Remove ndk_platform backend. Use the ndk backend. am: 90d1e82ae6 am: caf102afda am: 02048701de am: d753a4e82d -s ours 
am skip reason: Merged-In Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2 with SHA-1 5cc5d52bd7 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16119648

Change-Id: Ia2728528486c77d026aedf9ff702bed77b56c4f8
 2021-10-27 07:24:20 +00:00
Jiyong Park
d753a4e82d Remove ndk_platform backend. Use the ndk backend. am: 90d1e82ae6 am: caf102afda am: 02048701de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16119648

Change-Id: I7714a03deb27225af3ddaebdcb523fee20f27069
 2021-10-27 07:02:59 +00:00
Jiyong Park
02048701de Remove ndk_platform backend. Use the ndk backend. am: 90d1e82ae6 am: caf102afda 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16119648

Change-Id: I9742f6b11c4b07698f597aeac36aa55686dd8b3f
 2021-10-27 06:46:14 +00:00
Jiyong Park
caf102afda Remove ndk_platform backend. Use the ndk backend. am: 90d1e82ae6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16119648

Change-Id: I9a01c4e883cf1903eab8589c4eeca1d60d9fb741
 2021-10-27 06:27:12 +00:00
TreeHugger Robot
f0e660c212 Merge "Add touch procfs and sysfs sepolicy." 2021-10-27 02:13:02 +00:00
Siddharth Kapoor
f94633e718 Label GPU power_policy sysfs node 
Bug: 201718421
Test: trace while App launch
Change-Id: Icd85b8611632e4638946b492740e509baf2714ce
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2021-10-27 01:59:23 +00:00
Steve Pfetsch
a461a356e2 [automerger skipped] Merge "Move twoshay definitions to hardware/google/pixel-sepolicy/input." into sc-v2-dev am: 421cbb2f61 -s ours am: 30ec086c5d -s ours 
am skip reason: Merged-In I2cada463fcbfd3b52230430b12b091a655e2abbb with SHA-1 b834b1d008 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16095720

Change-Id: I5bb16849ceee69c0c3bffcd25f3dd04d17cfbe13
 2021-10-27 00:50:09 +00:00
Steve Pfetsch
30ec086c5d [automerger skipped] Merge "Move twoshay definitions to hardware/google/pixel-sepolicy/input." into sc-v2-dev am: 421cbb2f61 -s ours 
am skip reason: Merged-In I2cada463fcbfd3b52230430b12b091a655e2abbb with SHA-1 b834b1d008 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16095720

Change-Id: I7144920413f461fee6f59eebf1b2e865ce652854
 2021-10-27 00:28:58 +00:00
Steve Pfetsch
421cbb2f61 Merge "Move twoshay definitions to hardware/google/pixel-sepolicy/input." into sc-v2-dev 2021-10-27 00:14:20 +00:00
Philip Quinn
fcc9f6c3f0 [automerger skipped] Move twoshay definitions to hardware/google/pixel-sepolicy/input. am: b834b1d008 -s ours 
am skip reason: Merged-In I2cada463fcbfd3b52230430b12b091a655e2abbb with SHA-1 d5ac0ac3ce is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16120231

Change-Id: I6f2e4f7eabef2a6f3b604bb63fc05598ced9490f
 2021-10-26 20:11:05 +00:00
Jiyong Park
90d1e82ae6 Remove ndk_platform backend. Use the ndk backend. 
The ndk_platform backend will soon be deprecated because the ndk backend
can serve the same purpose. This is to eliminate the confusion about
having two variants (ndk and ndk_platform) for the same ndk backend.

Bug: 161456198
Test: m

Merged-In: Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2
Change-Id: Icc9af3798ac89742fa56b1cb37d8116d99b4a9c2
(cherry picked from commit 5cc5d52bd7)
 2021-10-26 14:59:28 +09:00
Philip Quinn
b834b1d008 Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-26 02:06:20 +00:00
Super Liu
c8220eea82 Add touch procfs and sysfs sepolicy. 
Bug: 193467774
Test: TH build pass.
Signed-off-by: Super Liu <supercjliu@google.com>
Change-Id: I25c4d9422966e8603f12222e93ca7b6d6ea6f566
 2021-10-25 17:01:52 +08:00
Siddharth Kapoor
a7aa46862d Label GPU power_policy sysfs node 
Bug: 201718421
Test: trace while App launch
Change-Id: Icd85b8611632e4638946b492740e509baf2714ce
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2021-10-21 14:23:00 +08:00
Philip Quinn
0d48ab4fbf Move twoshay definitions to hardware/google/pixel-sepolicy/input. 
Bug: 187654303
Test: twoshay works on R4, B3, P7
Change-Id: I2cada463fcbfd3b52230430b12b091a655e2abbb
Merged-In: I2cada463fcbfd3b52230430b12b091a655e2abbb
 2021-10-20 23:09:13 +00:00
TreeHugger Robot
7431e8b11f Merge "audio: add permission to request health/sensor data" into sc-v2-dev am: 7352bf22f0 am: cdfec7db74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15838845

Change-Id: I3507cd6655aa6fddb31ca311fd1d94e45ee7b860
 2021-10-20 04:52:34 +00:00
TreeHugger Robot
cdfec7db74 Merge "audio: add permission to request health/sensor data" into sc-v2-dev am: 7352bf22f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15838845

Change-Id: Ic4d717872a99b98770be9d883c0569a09e6c7f3a
 2021-10-20 04:32:42 +00:00
TreeHugger Robot
7352bf22f0 Merge "audio: add permission to request health/sensor data" into sc-v2-dev 2021-10-20 04:12:49 +00:00
Shawn Yang
9d0aca6070 Merge "Allow modem app to read the battery info" into sc-v2-dev am: e48bb0205b am: 72a6569655 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15879394

Change-Id: Ibe4657697553193c4881cf49ee3922a9afbcf92c
 2021-10-20 03:56:33 +00:00
Shawn Yang
72a6569655 Merge "Allow modem app to read the battery info" into sc-v2-dev am: e48bb0205b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15879394

Change-Id: I14e54fdae2d7c3929057ab8fdc24158685d87e6f
 2021-10-20 03:42:10 +00:00
Shawn Yang
e48bb0205b Merge "Allow modem app to read the battery info" into sc-v2-dev 2021-10-20 03:25:48 +00:00
Jasmine Cha
27a4afc1a9 audio: add permission to request health/sensor data 
- Add audio hal into hal_health clients
- Allow audio hal to find fwk_sensor_hwservice
SELinux : avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1
SELinux : avc:  denied  { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1
audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1
audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1


Bug: 199382564
Bug: 199801586
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I8e8a512cfbd6be814c98bac75ff6c0e5db028db2
 2021-10-20 03:04:32 +00:00
Michael Ayoubi
ea0561e344 Merge "Allow euiccpixel_app to get dck_prop" into sc-v2-dev am: 21c2c3f145 am: f94f426c9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15795866

Change-Id: Id64d5c0d45c32838a54d33ef81f8b4b2019dd39f
 2021-10-20 01:06:23 +00:00
Michael Ayoubi
f94f426c9e Merge "Allow euiccpixel_app to get dck_prop" into sc-v2-dev am: 21c2c3f145 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15795866

Change-Id: I18da0736804df2e43fab9d938e758d4cc480d9eb
 2021-10-20 00:48:48 +00:00
Michael Ayoubi
21c2c3f145 Merge "Allow euiccpixel_app to get dck_prop" into sc-v2-dev 2021-10-20 00:32:56 +00:00
TreeHugger Robot
2777ffb556 Merge "Allow exo_app to find Virtual Device manager" 2021-10-19 19:15:26 +00:00
Maurice Lam
e6c87533b8 Allow exo_app to find Virtual Device manager 
Bug: 194949534
Test: Manual
Change-Id: I529b9eaf0d2a058a0653ec388d0e1f5abad9d094
 2021-10-19 11:20:13 -07:00
jintinglin
936079ad1c Allow modem app to read the battery info 
Test: flash the forrest build, MDS can read the info file

Bug: 203478533

Change-Id: I9985dd2731a43445dd653e226fd2939ca355cda4
 2021-10-19 03:22:46 +00:00
Adam Shih
d50db9e2e7 Merge "move bluetooth related types to bluetooth" 2021-10-19 01:07:50 +00:00
Adam Shih
5c28519e40 move bluetooth related types to bluetooth 
Bug: 202790744
Test: boot with bluetooth hal started
Change-Id: I615d4b13262af2bc2c044914e595a7c2085999d2
 2021-10-18 11:43:15 +08:00
Bart Van Assche
3a1c10bb76 Stop using the bdev_type and sysfs_block_type SELinux attributes 
Stop using these attributes since these will be removed soon. This
commit reverts 37b5741301 ("Add the 'bdev_type' attribute to all block
device types").

Bug: 202520796
Test: Untested.
Change-Id: I00f10d1fd164b6ca01ecd5cffd2012acfc05eeca
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-10-15 14:20:18 -07:00
qinyiyan
6e818988b6 Allow the NNAPI HAL to access edgetpu_app_service. 
10-12 14:40:11.528   759   759 W Binder:759_1: type=1400 audit(0.0:23): avc: denied { call } for scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:r:edgetpu_app_server:s0 tclass=binder permissive=0

10-12 18:17:04.678   440   440 E SELinux : avc:  denied  { find } for pid=753 uid=1000 name=com.google.edgetpu.IEdgeTpuAppService/default scontext=u:r:hal_neuralnetworks_darwinn:s0 tcontext=u:object_r:edgetpu_app_service:s0 tclass=service_manager permissive=0

Test: rebuilt the selinux_policy. The AVC denials don't show up.
Bug: 196697793
Change-Id: If43f7411a3324f65323ea004e34878f070d9ebeb
 2021-10-12 22:21:52 +00:00
Adam Shih
86d9e3657c Merge "reorganize pixelstats_vendor" 2021-10-12 01:37:36 +00:00
Alfred Lin
7c95e95cda [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: f545ab60c3 am: 0da6568bbf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: I66d01731f652da14477f0b2fd85125d961e5936b
 2021-10-08 14:37:21 +00:00
Alfred Lin
0bbfc93655 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: 7bfec1ad53 am: 48aa625c44 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: I34ccadb4c65dd72b4b7826d66135c0003259b572
 2021-10-08 14:37:14 +00:00
Alfred Lin
0da6568bbf [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: f545ab60c3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: Ia5eedb2532279e60ff4f557b3734624f50111632
 2021-10-08 14:05:14 +00:00
Alfred Lin
48aa625c44 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 am: 7bfec1ad53 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: Ifbea1ae180dfd3d58eac17ff792e5f81245ca301
 2021-10-08 14:04:27 +00:00
Alfred Lin
f545ab60c3 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: Ifb4b5b6f8eadd26d06a0e7980f05aa60e9d7cacb
 2021-10-08 13:33:29 +00:00
Alfred Lin
7bfec1ad53 [Display] Add SELinux policy for hal_graphics_composer_default am: 24693cd264 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/16004355

Change-Id: I8f9932ad8885aaefde9548f87c6d2c6cc148cd4c
 2021-10-08 13:29:54 +00:00
Alfred Lin
24693cd264 [Display] Add SELinux policy for hal_graphics_composer_default 
Add SELinux policy for hal_graphics_composer_default to find persist_display_file

Bug: 202487234

Test: device boot will not find avc denied log as "avc: denied { search } for name="display" dev="sda1" ino=21 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:persist_display_file:s0 tclass=dir permissive=0"
Change-Id: I8fc386cb18397911404e1f2803601711e40edead
 2021-10-08 11:07:40 +00:00
David Brazdil
a03f3b1a50 Assign pkvm_enabler to vendor_misc_writer domain 
Builds of gs101 targets with pKVM force-enabled have an init service
which checks that /dev/kvm exists and if not, runs misc_writer to
instruct the bootloader to enable pKVM, and forces a reboot.

Assign the binary to the existing vendor_misc_writer domain and add
permission to execute the /vendor/bin/misc_writer binary. Since this is
for tests only, the rules are only added to targets that define
TARGET_PKVM_ENABLED.

Bug: 192819132
Test: flash a _pkvm build, observe double-reboot, check /dev/kvm exists
Change-Id: I5f9962e4cdd3ec267ab19ea4485e4e94a3ec15cd
 2021-10-08 09:34:22 +00:00
Adam Shih
17881f3a38 reorganize pixelstats_vendor 
Bug: 202462997
Test: boot with pixelstats_vendor started
Change-Id: I8582ac4e83720768ee7992d41bdac0798da892d9
 2021-10-08 11:06:49 +08:00
Adam Shih
7d5cf2a1bd Merge "centralize wifi_ext config" 2021-10-05 01:38:47 +00:00
Max Kogan
b99188ad46 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 584abcc50c am: 2d4e8d567f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: I7b54dae9429168d29b1a4a3e2f9f390b69b8b3fe
 2021-10-04 18:59:23 +00:00
Max Kogan
61792ec645 Merge "sepolicy: gs101: allow dumpstate to access AoC stats" into sc-qpr1-dev am: 2a166c0eb5 am: 49a05309af am: f2d985cc54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/15900366

Change-Id: Ib3f29fbb54a6af7ba033cbb756e34c6726caa6bb
 2021-10-04 18:57:11 +00:00