Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2551 commits 1 branch 0 tags 63 MiB
Commit graph

146 commits

Author SHA1 Message Date
Eileen Lai
f906b69f95 modem_svc: use shared_modem_platform to replace all modem_svc_sit 
Bug: 368257019

Flag: NONE local testing only
Change-Id: Icc258ce297b5e7ea51fa60aa2ffb09ce99b7ef18
 2024-10-14 07:27:41 +00:00
samou
315cc63557 sepolicy: allow dumpstate to execute dump_power 
10-04 19:36:47.308  7141  7141 I android.hardwar: type=1400 audit(0.0:6974): avc:  denied  { execute_no_trans } for  path="/vendor/bin/dump/dump_power" dev="overlay" ino=91 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6975): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6976): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6977): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6978): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6979): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6980): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.336  7141  7141 I dump_power: type=1400 audit(0.0:6981): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=50604 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:25): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:26): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:27): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:28): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:29): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:30): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:29): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:30): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:31): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:32): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:33): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18792): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18793): avc:  denied  { read } for  name="uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18794): avc:  denied  { open } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18795): avc:  denied  { getattr } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18796): avc:  denied  { search } for  name="8-003c" dev="sysfs" ino=55942 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18797): avc:  denied  { read } for  name="maxfg" dev="sysfs" ino=62568 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18798): avc:  denied  { read } for  name="logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18799): avc:  denied  { open } for  path="/dev/logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6191): avc:  denied  { search } for  name="mitigation" dev="dm-50" ino=3758 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6192): avc:  denied  { read } for  name="thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6193): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6194): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6195): avc:  denied  { search } for  name="mitigation" dev="sysfs" ino=85222 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6196): avc:  denied  { read } for  name="last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6197): avc:  denied  { open } for  path="/sys/devices/virtual/pmic/mitigation/last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6198): avc:  denied  { read } for  name="batoilo_count" dev="sysfs" ino=85287 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:875): avc:  denied  { read } for  name="thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:876): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:877): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:878): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:879): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:880): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:881): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:882): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:883): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:884): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:885): avc:  denied  { open } for  path="/sys/devices/platform/cpupm/cpupm/time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1

Flag: EXEMPT refactor
Bug: 364989823
Change-Id: Ie4637b1295975c716f50333ad6635b9694a624b8
Signed-off-by: samou <samou@google.com>
 2024-10-04 16:07:07 +00:00
Tej Singh
077e59c64f Make android.framework.stats-v2-ndk app reachable 
For libedgetpu

Test: TH
Bug: 354763040
Flag: EXEMPT bugfix
Change-Id: If78bc951a9a4cfc223d01970ca6819fe2b5c6335
 2024-09-20 21:34:56 -07:00
Randall Huang
b67284dc2f storage: move storage related device type to common folder 
Bug: 364225000
Test: forrest build
Change-Id: Iaed5b07a1d9823ebf3c7210921784d81bf6207a5
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-04 10:44:13 +08:00
samou
5e0dca971a sepolicy: remove dump_power_gs201.sh 
Flag: EXEMPT refactor
Bug: 349935208
Change-Id: I3c0f48d00d312ef19677fe5ef9f080f063408667
Signed-off-by: samou <samou@google.com>
 2024-08-23 10:58:20 +00:00
chenkris
5a1bb0df6e Allow fingerprint to access the folder /data/vendor/fingerprint 
Fix the following avc denial:
android.hardwar: type=1400 audit(0.0:20): avc:  denied  { write } for  name="fingerprint" dev="dm-56" ino=36703 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 267766859
Test: Tested fingerprint under enforcing mode
Change-Id: I11c465fe89fcbfa7d9132ccee1c7666d1cd75a24
 2024-05-08 08:46:26 +00:00
Lei Ju
967204e373 [gs201] Use common settings for Contexthub HAL 
The change also labeled files under /data/vendor/chre/ to grant
required access.

Test: compilation
Bug: 248615564
Change-Id: Ia96b7a592523e7b5e64acb8cb7ae4f0f1fc3a78b
 2024-02-18 11:43:27 -08:00
wenchangliu
997782c603 gs201: move mediacodec_samsung sepolicy to gs-common 
remove mediacodec_samsung sepolicy in legacy path since we will include it from gs-common.

Bug: 318793681
Test: build pass, camera record, youtube
Change-Id: I08a9ce89155324b0ac749bde4a9d205585a57320
Signed-off-by: wenchangliu <wenchangliu@google.com>
 2024-01-09 14:49:56 +00:00
David Drysdale
eca39285c5 Add Secretkeeper HAL 
Test: VtsAidlAuthGraphSessionTest
Bug: 306364873
Change-Id: I84d4098960d6445da1eb7e58e25a015cd591d6b3
 2023-12-06 10:21:00 +00:00
Jason Chiu
e2d9795558 gs201: move sepolicy related to bootctrl hal to gs-common 
Bug: 265063384
Change-Id: I30a71900c2a305b05ae6e17d658df32d95097d14
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-12-05 01:21:53 +08:00
Randall Huang
2bd12254f4 Move sg_device related policy 
Bug: 312582937
Test: make selinux_policy
Change-Id: I18617643e66d6d2fe5ff19e440dea204206b3035
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-11-22 14:16:38 +08:00
Devika Krishnadas
3b40f18e29 Add Pixel Mapper as a sp-HAL 
Bug: 267352318

Change-Id: I460f379d8d6904f5bda3f67a7158c0ac6f2e7b5f
Signed-off-by: Devika Krishnadas <kdevika@google.com>
 2023-11-20 18:17:26 +00:00
Daniel Norman
b204558a73 Removes duplicate hidraw_device type definition. 
This type is now defined by the platform.

Bug: 303522222
Change-Id: Ia2f817ce99548c30f39a5164c8f6ec323db66155
Test: ls -z /dev/hidraw0
 2023-11-10 22:52:26 +00:00
Rick Chen
e22b188d9d sensors: Move USF related sepolicy to gs-common. 
Bug: 305120274
Test: Compile pass. Flash the build to WHI_PRO devices and no sensor
      related avc denied log.
Change-Id: I48d959d439565e9c31ce83812bf29b6d8025c35b
Signed-off-by: Rick Chen <rickctchen@google.com>
 2023-11-07 06:49:05 +00:00
Woody Lin
98620c3b10 Add vendor_sjtag_lock_state_prop and init-check_ap_pd_auth-sh 
1. Add init-check_ap_pd_auth-sh for the vendor daemon script
   `/vendor/bin/init.check_ap_pd_auth.sh`.
2. Add policy for properties `ro.vendor.sjtag_{ap,gsa}_is_unlocked` for
   init, init-check_ap_pd_auth-sh and ssr_detector to access them.

SjtagService: type=1400 audit(0.0:1005): avc:  denied  { open } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1006): avc:  denied  { getattr } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1007): avc:  denied  { map } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=379 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
SjtagService: type=1400 audit(0.0:1008): avc:  denied  { write } for  name="property_service" dev="tmpfs" ino=446 scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
SjtagService: type=1400 audit(0.0:1009): avc:  denied  { connectto } for  path="/dev/socket/property_service" scontext=u:r:ssr_detector_app:s0:c512,c768 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1

Bug: 298314432
Change-Id: Ib5dbcc50e266e33797626280504ea9e2cdc9f942
 2023-09-13 04:10:09 +00:00
Dinesh Yadav
b29cf7645a [Cleanup]: Move gxp sepolicies to gs-common for P22 
These policies are moved to gs-common as part of ag/24002524

Bug: 288368306
Change-Id: If7466983009021c642db998e1c30071ee548846e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-07-14 04:00:23 +00:00
Sebastian Pickl
91585993ad Revert "Allow bthal to access vendor bluetooth folder" am: 41ed8e83ea am: d3ef7a804c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23874549

Change-Id: I67ec25d1297413c4504f6830f766d086585667e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 12:43:27 +00:00
Sebastian Pickl
41ed8e83ea Revert "Allow bthal to access vendor bluetooth folder" 
Revert submission 23844270-P22-vendor-log-udc-qpr

Reason for revert: causes selinux tests to fail b/289989584

go/abtd: https://android-build.googleplex.com/builds/abtd/run/L37600000961782595

Bug:289989584

Reverted changes: /q/submissionid:23844270-P22-vendor-log-udc-qpr

Change-Id: I4e9ccf17050702a6405c549340e7fe97eba0eb65
 2023-07-05 10:11:12 +00:00
Patty Huang
8bece71dbe Allow bthal to access vendor bluetooth folder am: 1a52c8b952 am: 3e1348f4fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23854004

Change-Id: I2349fab8fc749e60ce6c2425ea4af9a4f9cbca6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 07:49:36 +00:00
Patty Huang
1a52c8b952 Allow bthal to access vendor bluetooth folder 
Bug:289055382
Test: enable vendor debug log and check the vendor snoop log contain the
vendor log

Change-Id: I89164330998d7fbea45dab65931c2a3db22a4c92
 2023-06-30 11:55:35 +08:00
changyan
61abd02cd3 Updating sepolicy for dump_modem to read /dev/logbuffer_cpif. This is 
required as part of bugreport.

Test: Pts SELinuxTest#scanBugreport
Bug: 277300226
Fix: 282626702
Change-Id: I129116ab78ec89da1529e33be1cfd403715889af
 2023-06-14 07:58:46 +00:00
martinwu
ee611cfb51 [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
 2023-04-27 13:43:26 +00:00
Martin Wu
c6d08c1781 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." 
Revert submission 22814097-Fix-tcpdump-sepolicy

Reason for revert: build break

Reverted changes: /q/submissionid:22814097-Fix-tcpdump-sepolicy

Change-Id: I5b1c00cc6a1ae186eb51acc2c99171578c43bace
 2023-04-27 02:20:48 +00:00
martinwu
b7e90ec616 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I0eb9352e349ae8f06e469e953f137b00204f1c3b
 2023-04-27 01:38:24 +00:00
Leo Liou
5adecc7433 gs201: add sepolicy for ufs_firmware_update process 
Allow the script to access the specified partition and sysfs.

Bug: 273305212
Test: full build and test ffu flow
Change-Id: Iefeacea2d4c07e7a5b39713c9575e86bd25ce008
Signed-off-by: Leo Liou <leoliou@google.com>
 2023-04-17 09:58:11 +00:00
Minchan Kim
dc35b4158b remove dump_gs201 sepolicy 
Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I39c01692d959a63c091f98969a69ab35b2debe1a
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 06:09:00 +00:00
Adam Shih
9519323a98 use dumpsate from gs-common 
Bug: 273380985
Test: adb bugreport
Change-Id: Ibd54c0049480810e2aa14074e0ec9c4d611d51ff
 2023-04-10 01:11:14 +00:00
Adam Shih
933e6a172b Move power dump out of hal_dumpstate_default 
Bug: 273380509
Test: adb bugreport
Change-Id: I0963af3f8f90b4f05724df31017b0d21d10c59ca
 2023-03-30 02:20:37 +00:00
Adam Shih
a334895789 create a dump for gs201 
Bug: 273380509
Test: adb bugreport
Change-Id: Ic47e0d43d9a5aef4381880eabbba74633ee260a1
 2023-03-28 12:52:52 +08:00
Adam Shih
0f80193c30 use gs-common camera dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I925fbbba81a92689c4590df4a8d7529cc8b57bf8
 2023-03-20 11:14:44 +08:00
Adam Shih
3c494301c8 Move display dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I8d2d0413987629bd3774034a5f99f5b7feb4b3ba
 2023-03-07 12:35:16 +08:00
Adam Shih
8c4ca7b5a4 remove same_process_hal access from gxp firmware 
Bug: 246218258
Test: boot with no relevant SELinux errors
Change-Id: I52c82ff4c70cb16057cf719059f63c3f9c381c46
 2023-02-16 00:02:13 +00:00
Treehugger Robot
45583701ab Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 am: d67d52eb4f am: 68c7241129 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: Ic65e69e5095b5fadf7ebae056785b81d72144139
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 20:44:30 +00:00
Treehugger Robot
68c7241129 Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 am: d67d52eb4f 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: Ibf36bb7559b4a2a91dd6ce063db28828b80b90a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 19:41:21 +00:00
Treehugger Robot
d67d52eb4f Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: If7561935299aa965f69919dbac04fcf807bf7c7a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 18:56:36 +00:00
Adam Shih
333b450ee7 move tablet settings to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I2bac842aaab1737b2fcecd232e82d49f00439607
 2023-02-14 04:28:30 +00:00
Subrahmanyaman
b05ec9c753 Map AIDL Gatekeeper to same policy as HIDL version 
Bug: 268342724
Test: VtsHalGatekeeperTargetTest
Change-Id: Ic2849f8f00aea80e707a85334364f8ecfe7a64e3
 2023-02-08 18:36:45 +00:00
Sajid Dalvi
e80669242c logbuffer: Add pcie driver support am: eb745cabd1 am: cf7bb88b7a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21077111

Change-Id: I81cac496ef80ab9f41f6648e8a43fa277ec72d46
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 06:11:57 +00:00
Sajid Dalvi
cf7bb88b7a logbuffer: Add pcie driver support am: eb745cabd1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21077111

Change-Id: I36a37418005f271ac2325ccf5b395086befdea5a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 05:41:29 +00:00
Sajid Dalvi
eb745cabd1 logbuffer: Add pcie driver support 
Add logbuffer support to pcie driver to reduce dmesg spam.

Bug: 267495494
Change-Id: Id62006860e161730880aba61ea9974e006884e3e
Signed-off-by: Sajid Dalvi <sdalvi@google.com>
 2023-02-02 21:31:31 +00:00
David Drysdale
1b4f3771ee Map Rust KeyMint to same SELinux policy as C++ 
Allow the Rust and C++ implementations of the KeyMint HAL service to be
toggled easily, by mapping them to the same SELinux policy.

Bug: 197891150
Bug: 225036046
Test: VtsAidlKeyMintTargetTest with local changes, TreeHugger
Change-Id: I37f8016240097381410903f0f326dc16fc24db1e
 2023-01-05 06:22:31 +00:00
Jenny Ho
5f6baf4bbd Add sepolicy rule to allow dump battery maxfg history am: f5a88c35a4 am: 0e90b55ed9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20729299

Change-Id: Id1efeae084e9ddb3eaf9b4de678bc39193dfc863
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-16 08:04:34 +00:00
Jenny Ho
0e90b55ed9 Add sepolicy rule to allow dump battery maxfg history am: f5a88c35a4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20729299

Change-Id: I983b69e606a1e257380abcfaefacfcbd4aea651d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-16 07:26:40 +00:00
Jenny Ho
f5a88c35a4 Add sepolicy rule to allow dump battery maxfg history 
android.hardwar: type=1400 audit(0.0:7): avc: denied { getattr } for path="/dev/maxfg_history" dev="tmpfs" ino=580 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 bug=b/240632721

Bug: 254164096
Change-Id: I64ff95ba8db62a8f831d012b4cdf4e6ec973f086
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2022-12-15 03:03:01 +00:00
Adam Shih
92e5ed6d55 move sensors dump to gs-common 
Bug: 250475720
Test: adb bugreport
Change-Id: I09553d0facd7fdca13a8a3e4bdcb70be8265db25
 2022-11-10 05:20:48 +00:00
Adam Shih
e8712e4c93 remove edgetpu folder 
Bug: 258114806
Test: build pass with the setting still active
Change-Id: I9cdf2bbe318647e1f02f152661e57f8430a9a1cb
 2022-11-10 03:19:25 +00:00
Jenny Ho
4797944212 Add permission for logbuffer_bd am: 441a3ad3ef am: fbec30a349 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20089144

Change-Id: I2f14b602e52674565fcb1a80f64da1ef2c100285
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 21:24:29 +00:00
Jenny Ho
fbec30a349 Add permission for logbuffer_bd am: 441a3ad3ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20089144

Change-Id: I627644e45a2c28d6af8dd6e9493de8577bbcaee8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 06:08:54 +00:00
Jenny Ho
441a3ad3ef Add permission for logbuffer_bd 
Bug: 242679204
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ie5c9829ee1a4980689c933273a273f1f4ac612b6
 2022-11-01 05:34:18 +00:00
George Lee
13fbaff253 bcl: Add Mitigation Logger - Del gs201-sepolicy 
Mitigation Logger logs battery related information for 1 second when it
is triggered by under voltage or over current interrupts.  Information
collected is to help debug system brownout.

Bug: 228383769
Test: Boot and Test
Change-Id: Ia13f6b16dd35803873f20514c21a95ed8dd20a55
Signed-off-by: George Lee <geolee@google.com>
 2022-10-31 14:17:55 +00:00