Evolution-X-Tensor/device_google_gs101
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1414 commits 1 branch 0 tags 494 MiB
Commit graph

1414 commits

This branch
This branch
All branches
Author SHA1 Message Date
JJ Lee
43735f0fc3 sepolicy: gs101: allow audio hal to use wakelock 
Bug: 178789331
Test: build pass
Signed-off-by: JJ Lee <leejj@google.com>
Change-Id: I1d5c9ea8726f2e53bc05e0ecd5dedddede274794
 2021-05-06 19:43:24 +08:00
Aaron Tsai
2cea3621b0 Fix avc denied for shannon-ims am: 6a9a85cd07 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14410097

Change-Id: I5289bf698f1bfad5074d446beff9aeeace50e27d
 2021-05-06 10:49:37 +00:00
Aaron Tsai
6a9a85cd07 Fix avc denied for shannon-ims 
04-01 19:10:22.956 10272  2327  2327 W Binder:2327_4: type=1400 audit(0.0:8): avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=139 scontext=u:r:vendor_ims_app:s0:c16,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.shannon.imsservice
04-01 19:10:22.960 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.wfc_avail_ovr0"
04-01 19:10:22.981 10272  2327  4608 E libc    : Access denied finding property "persist.dbg.vt_avail_ovr0"
04-01 19:10:22.982 10272  2327  4980 E libc    : Access denied finding property "persist.dbg.volte_avail_ovr0"

Bug: 183935382
Bug: 184858478
Test: verified with the forrest ROM and error log goneFix
Change-Id: I0754c6be7f74ed73533e9570c7d1916320ab2897
 2021-05-06 09:04:03 +00:00
TreeHugger Robot
5f2f2a672b Merge "HardwareInfo: Add sepolicy for display" into sc-dev am: 6978eeaea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/13824666

Change-Id: I79da8abcc3cdaab61fe2932fa8da8ab9f6400eef
 2021-05-06 06:13:04 +00:00
TreeHugger Robot
6978eeaea4 Merge "HardwareInfo: Add sepolicy for display" into sc-dev 2021-05-06 06:03:18 +00:00
TreeHugger Robot
4a6a02638b Merge "wlc fwupdate implementation" into sc-dev am: 577f562727 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14063269

Change-Id: I62224845358e55795a969607313d0e69215b4e36
 2021-05-06 05:57:43 +00:00
TreeHugger Robot
577f562727 Merge "wlc fwupdate implementation" into sc-dev 2021-05-06 05:41:01 +00:00
SalmaxChang
48327b8da1 logger_app: Fix avc errors am: ab97657410 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439439

Change-Id: I53a9905e749c8b6647b42e70f87a221751fb0432
 2021-05-06 04:14:28 +00:00
SalmaxChang
ab97657410 logger_app: Fix avc errors 
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=141 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger
Access denied finding property "viewroot.profile_rendering"
Access denied finding property "ro.input.resampling"
Access denied finding property "persist.input.velocitytracker.strategy"

avc: denied { read } for comm="oid.pixellogger" name="u:object_r:usb_control_prop:s0" dev="tmpfs" ino=281 scontext=u:r:logger_app:s0:c21,c257,c512,c768 tcontext=u:object_r:usb_control_prop:s0 tclass=file permissive=0 app=com.android.pixellogger

Bug: 186612284
Change-Id: I15f00d9ed3cc0c0657c854292caad60e3f7a3011
 2021-05-06 03:57:01 +00:00
Jack Wu
9ac90fc4c1 sepolicy: gs101: Fix hal_health_default avc denials am: 2c1ecf3a54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14439451

Change-Id: I3a8dfac579c6d631faa4b11a0a2dc2f2669647d5
 2021-05-05 22:13:35 +00:00
Jack Wu
2c1ecf3a54 sepolicy: gs101: Fix hal_health_default avc denials 
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:3): avc: denied { read } for name="type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:4): avc: denied { open } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
01-01 12:00:08.752  1000   682   682 I android.hardwar: type=1400 audit(0.0:5): avc: denied { getattr } for path="/sys/devices/platform/10d50000.hsi2c/i2c-7/7-0069/power_supply/dc/type" dev="sysfs" ino=68812 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Bug: 184429394
Test: Verify pass by checking device log are w/o above errors after
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: If1253c902af1723ca80d31223f51ebf439404527
 2021-05-06 00:26:14 +08:00
Alex Hong
00279692ff Merge "sepolicy: Update dumpstate HAL to V1.1" into sc-dev am: be17ec14cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14424440

Change-Id: I70997d234403030cb0e06d51dad4bad965e39758
 2021-05-05 06:30:01 +00:00
Alex Hong
be17ec14cc Merge "sepolicy: Update dumpstate HAL to V1.1" into sc-dev 2021-05-05 06:09:11 +00:00
Tri Vo
1dac39e833 trusty: sepolicy for metrics reporter 
Bug: 173423860
Test: m
Change-Id: I42d646c6c9453662e670e7c22712f2bde2368bba
 2021-05-05 05:38:34 +00:00
TreeHugger Robot
5853581df5 Merge "add sepolicy for dump TRICKLE/TEMP/DWELL defend config" into sc-dev am: 6978cd7220 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14419455

Change-Id: Iae2b95ad4cb344b3783d00b8a9f003226f4bbdc4
 2021-05-05 03:22:22 +00:00
TreeHugger Robot
6978cd7220 Merge "add sepolicy for dump TRICKLE/TEMP/DWELL defend config" into sc-dev 2021-05-05 02:55:28 +00:00
qinyiyan
d781335da0 [SEPolicy] Allow EdgeTPU related service to log to stats service am: 9eeae92ade 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14431799

Change-Id: I9ea7c9a787fc7e74b9e934c029ca0d4a4d7cb2d9
 2021-05-05 02:26:55 +00:00
qinyiyan
9eeae92ade [SEPolicy] Allow EdgeTPU related service to log to stats service 
We are collecting Suez metrics from TPU related services. This includes
NNAPI HAL, edgetput logging service, and edgetpu service.

This change allows them all to find stats_service.

Bug: 151063663
Test: Pushed selinx module to device and successfully logged Stats
service.

Change-Id: I80774485ae7c2a5f994d48a71b6406fac753a9f8
 2021-05-04 17:08:56 -07:00
Chris Kuiper
0b3635fb29 Merge "sepolicy: gs101: allow usf_reg_edit to run" into sc-dev am: d0d0304443 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14415568

Change-Id: Ifd5885646dbfac42f16fc867296717e173f6ff18
 2021-05-04 22:54:13 +00:00
Chris Kuiper
d0d0304443 Merge "sepolicy: gs101: allow usf_reg_edit to run" into sc-dev 2021-05-04 22:33:57 +00:00
Yu-Chi Cheng
c454ab19c0 Merge "Added the SELinux rule for the EdgeTPU vendor service." into sc-dev am: 7eef8643a3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14299125

Change-Id: Ia605bdd86e266c6487d591ddc30d64101365e929
 2021-05-04 20:09:19 +00:00
Yu-Chi Cheng
7eef8643a3 Merge "Added the SELinux rule for the EdgeTPU vendor service." into sc-dev 2021-05-04 19:39:32 +00:00
Yu-Chi Cheng
b844190a34 Added the SELinux rule for the EdgeTPU vendor service. 
To comply with the GSI compliance test, this change
splits the compiler part of the edgetpu_service into a
separate edgetpu_vendor_service under vendor.

The edgetpu_service locates under /system_ext/ and used
to be connected by both applications and vendor clients.
With this change, vendor clients could talk to the vendor
part of this service directly without having to cross
the system and vendor boundary.

Applications will still talk to the system_ext one, which
will forward the requests to the vendor service.

Bug: 185432427
Test: tested on Oriole + GCA.
Change-Id: I1ee47946f1fc3694d5f8b5325c192d6bd720a76e
 2021-05-04 10:36:21 -07:00
Alex Hong
ea5b597e3d sepolicy: Update dumpstate HAL to V1.1 
Test: $ make selinux_policy
      Check the label after boot completed
Bug: 186539439
Change-Id: I6690e2bc485aceb53dc607b8a7656a4f57edf70e
 2021-05-04 17:11:07 +08:00
Jenny Ho
f5b47095be add sepolicy for dump TRICKLE/TEMP/DWELL defend config 
type=1400 audit(0.0:12): avc: denied { read } for name="google,charger" dev="sysfs" ino=25880 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0

Bug: 186872139
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Id8868d2b12408d4a39ba42c8b0faf801923f73f3
 2021-05-04 15:24:38 +08:00
Daniel Mentz
ff7a1a95d0 Merge "Remove /vendor/lib/modules from file_contexts" into sc-dev am: 48e3555770 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14416770

Change-Id: Ifde63969cc43d9730285fc3838f11f46755794bd
 2021-05-04 04:46:03 +00:00
Daniel Mentz
48e3555770 Merge "Remove /vendor/lib/modules from file_contexts" into sc-dev 2021-05-04 04:28:49 +00:00
Daniel Mentz
00288cf620 Merge "Revert "remove wildcard on kernel modules"" into sc-dev am: 1473b1d155 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14393364

Change-Id: I3caa7f3715ca52992975f70383340900374b5687
 2021-05-04 04:13:30 +00:00
TreeHugger Robot
ce190bb6ba Merge changes from topic "tcpdump_logger" into sc-dev am: 3186a0f24c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14048497

Change-Id: I01f9defbf0476465743e2db691958def15a06258
 2021-05-04 04:13:15 +00:00
lucaslin
6bc595ff73 Add sepolicy for tcpdump_logger to access wlan_logs folder am: 4099f60681 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14410096

Change-Id: I5f29c548309fcc697f1432047a48150f5d991e88
 2021-05-04 04:13:15 +00:00
Daniel Mentz
1473b1d155 Merge "Revert "remove wildcard on kernel modules"" into sc-dev 2021-05-04 03:50:16 +00:00
TreeHugger Robot
3186a0f24c Merge changes from topic "tcpdump_logger" into sc-dev 
* changes:
  Add sepolicy for dumpstate to access logs of tcpdump_logger
  Add sepolicy for tcpdump_logger to access wlan_logs folder
 2021-05-04 03:48:04 +00:00
Jenny Ho
7fa843a6c5 Merge "set sepolicy for testing_battery_profile" into sc-dev am: 93e25c878a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14409676

Change-Id: Ie708a143b6ceee8a648f2206d880b6c4f04055ba
 2021-05-04 03:03:56 +00:00
Jenny Ho
93e25c878a Merge "set sepolicy for testing_battery_profile" into sc-dev 2021-05-04 02:48:41 +00:00
lucaslin
34278f05a0 Add sepolicy for dumpstate to access logs of tcpdump_logger 
Bug: 183467815
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I178aca40d94602994eef619f05a26ceb78eeff1f
 2021-05-04 10:30:22 +08:00
Ted Lin
69c8212a41 wlc fwupdate implementation 
Fix sepolicy problems.

Bug: 183465596
Test: logcat/dmesg grep wlc.
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: I834f4d83f822b8189a576ac198bae9a7d77a3e10
 2021-05-04 02:09:32 +00:00
Daniel Mentz
2fb432f08c Remove /vendor/lib/modules from file_contexts 
Vendor kernel modules were moved to /vendor_dlkm/lib/modules. Let's
remove the old directory /vendor/lib/modules from file_contexts.

Bug: 185184472
Bug: 186777291
Change-Id: I38f1b25cb2d73a804f1cdb113edc9b11f8e516f7
 2021-05-03 18:16:05 -07:00
Chris Kuiper
db03875ebe sepolicy: gs101: allow usf_reg_edit to run 
Provide necessary permissions to run usf_reg_edit from bugreport.

Bug: 187081112
Test: Run "adb bugreport <zip>" and verify it contains the output
      from "usf_reg_edit save -".
Change-Id: Iade132d93105d461d51273d19fe570d48cce46fe
 2021-05-03 16:34:58 -07:00
Daniel Mentz
a3c0b2ba9e Revert "remove wildcard on kernel modules" 
This reverts commit a346a7fa34.

Let's move back to wildcards for kernel modules. This better supports
kernel pre-submit testing and local kernel development where the script
build.sh from the kernel repo is used to create the vendor_dlkm parition
image.  With build.sh, the path to a .ko file includes the kernel
version as well as additional directory components like "extra/" that
describe where in the kernel source key the module is located. Example:

/vendor_dlkm/lib/modules/5.10.33-g2f01cf4c7282-dirty/extra/ftm5.ko

Bug: 185184472
Bug: 186777291
Change-Id: I32f85dae7ca60d9063ad6c63f21ffdaecbb66039
 2021-05-03 15:38:56 -07:00
SHUCHI LILU
132080ab36 Merge "Update avc error on ROM 7330059" into sc-dev am: 1d6ffc2305 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14408671

Change-Id: I2b04adff85753f838bff832b98f02b3953213381
 2021-05-03 09:49:01 +00:00
SHUCHI LILU
1d6ffc2305 Merge "Update avc error on ROM 7330059" into sc-dev 2021-05-03 09:34:35 +00:00
TreeHugger Robot
6c360ca9d9 Merge "update error on ROM 7331131" into sc-dev am: 4ae391d780 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14409678

Change-Id: I591d93f1304a950257ff5feec2aae9009375f636
 2021-05-03 09:08:13 +00:00
TreeHugger Robot
4ae391d780 Merge "update error on ROM 7331131" into sc-dev 2021-05-03 08:56:20 +00:00
lucaslin
4099f60681 Add sepolicy for tcpdump_logger to access wlan_logs folder 
tcpdump cannot be zipped into wlan logs when using tcpdump_logger
on-demand function is because tcpdump_logger doesn't have access
of wlan_logs folder.
Add related sepolicies to fix it.

Bug: 183467815
Test: 1. Set logger to wlan
      2. Enable tcpdump_logger on-demand
      3. Start logging
      4. Stop logging
      5. Pull wlan_logs
      6. Check if tcpdump.pcap is zipped into the zip file
Change-Id: Ib1b6c8cbd4512acdbe756d11bfe6f540e16c8db6
 2021-05-03 16:29:18 +08:00
TreeHugger Robot
702902ab26 Merge "Add sepolicy for sensor HAL accessing AOC sysfs node." into sc-dev am: 2391c852bd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14327406

Change-Id: Ia92e0fae422be44e87903e5ca47601b5361965e6
 2021-05-03 07:52:22 +00:00
Adam Shih
722b181dd3 update error on ROM 7331131 
Bug: 187016929
Bug: 187016930
Bug: 187016910
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I294a27fd272f73cc371a4a8dc9783ba5f60203ff
 2021-05-03 15:48:46 +08:00
Jenny Ho
4510c55091 set sepolicy for testing_battery_profile 
need run /vendor/bin/sh before setprop

Bug: 180511460
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: I3dbaa984407c82662dea537da671745851035fa2
 2021-05-03 15:47:14 +08:00
TreeHugger Robot
2391c852bd Merge "Add sepolicy for sensor HAL accessing AOC sysfs node." into sc-dev 2021-05-03 07:42:00 +00:00
sukiliu
58238158ab Update avc error on ROM 7330059 
Bug: 187014717
Bug: 187015705
Bug: 187015816
Test: PtsSELinuxTestCases
Change-Id: I2d79fee24d18865090cd350485daea4e66bb5184
 2021-05-03 15:25:20 +08:00
Eddie Lan
cc4e6fa558 Merge "Add sepolicy for fpc AIDL HAL" into sc-dev am: 2d4071ca8c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs101-sepolicy/+/14282485

Change-Id: Ic89331057d89747796ed29741091a0d79d9e6fd3
 2021-05-03 04:02:34 +00:00