Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
598 commits 1 branch 0 tags 63 MiB
Commit graph

598 commits

This branch
This branch
All branches
Author SHA1 Message Date
Denny cy Lee
1c087c848d Sepolicy: add pixelstats/HardwareInfo sepolicy am: 38c2803c54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118585

Change-Id: Ida863d602f166dddecfd540eb354c38a8ebd0c09
 2022-03-15 03:16:12 +00:00
Darren Hsu
356fb92bb2 sepolicy: reorder genfs labels for system suspend am: 6d25430600 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149073

Change-Id: Id01fb5bad47786a03ef5562f14d7df6dc6856448
 2022-03-15 03:15:02 +00:00
Denny cy Lee
38c2803c54 Sepolicy: add pixelstats/HardwareInfo sepolicy 
avc denials to fix (after apply ag/17120763)
[   50.171564] type=1400 audit(1647222380.884:28): avc: denied { read } for comm="pixelstats-vend" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
[   54.519375] type=1400 audit(1647222385.228:29): avc: denied { read } for comm="id.hardwareinfo" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 app=com.google.android.hardwareinfo

Bug: 222019890
Test: manually check debug logcat
Change-Id: I0e4f3f3a66783383b0d1327cec4dcd145ae9a7af
 2022-03-15 03:09:18 +00:00
Darren Hsu
6d25430600 sepolicy: reorder genfs labels for system suspend 
Bug: 223683748
Test: check bugreport without relevant avc denials
Change-Id: I295d3dfb96cc87e8faaf16f949918445cc3a0d44
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-15 02:52:48 +00:00
Roshan Pius
e1e3f59a21 gs-sepolicy(uwb): Changes for new UCI stack am: c5710ad18e am: 54840dce7d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17002833

Change-Id: I5da7f3dd9988bb379e2e4c96249ff45a3bda18ac
 2022-03-14 17:04:08 +00:00
Roshan Pius
459f4ce3aa gs-sepolicy(uwb): Allow uwb hal permission to net_admin am: 5ddc8be4f4 am: b27000aab9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17092573

Change-Id: I71ed20b827e1f8729f77795543fc7c964562b550
 2022-03-14 17:03:53 +00:00
Roshan Pius
54840dce7d gs-sepolicy(uwb): Changes for new UCI stack am: c5710ad18e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17002833

Change-Id: Ie20b0208354b16ebd1da8b5334836fad50adbe1a
 2022-03-14 16:40:52 +00:00
Roshan Pius
a0c6282ebe gs-sepolicy(uwb): Changes for new UCI stack am: c5710ad18e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17002833

Change-Id: I3c21d7203b751ca6a7bed8f231b9f19f2d7d6173
 2022-03-14 16:40:48 +00:00
Roshan Pius
b27000aab9 gs-sepolicy(uwb): Allow uwb hal permission to net_admin am: 5ddc8be4f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17092573

Change-Id: Ie187d9ecdea4c00c4f08bd2d1dea82ce3ffd9a5e
 2022-03-14 16:40:40 +00:00
Roshan Pius
72007fbc44 gs-sepolicy(uwb): Allow uwb hal permission to net_admin am: 5ddc8be4f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17092573

Change-Id: I283505cd2a3a50810b546fa3345aa63b7a0222da
 2022-03-14 16:40:37 +00:00
Roshan Pius
c5710ad18e gs-sepolicy(uwb): Changes for new UCI stack 
1. Rename uwb vendor app.
2. Rename uwb vendor HAL binary name & service name.
3. Allow vendor HAL to host the AOSP UWB HAL service.
4. Allow NFC HAL to access uwb calibration files.

Bug: 186585880
Bug: 204718220
Bug: 206045367
Test: Manual Tests
Change-Id: Ib0456617d0f5cf116d11a9412f47f36e2b8df570
 2022-03-14 16:09:02 +00:00
Roshan Pius
5ddc8be4f4 gs-sepolicy(uwb): Allow uwb hal permission to net_admin 
This was alloed under gs101-sepolicy. There is an ongoing discussion on
how to resolve this for the long term in b/190461440. But, without this
uwb functionality is broken on new devices.

Bug: 206045367
Bug: 222194886
Change-Id: I6729352f2b7bb93b01990a790e62aa69f60342fe
 2022-03-14 16:09:02 +00:00
Tim Lin
c325ec9aca ril: dump radio hal from user build. am: e42c7120dd am: a5cb956b5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17155484

Change-Id: I64ff1017c167076c42f93be7475a21842a325953
 2022-03-14 11:51:05 +00:00
Tim Lin
a5cb956b5a ril: dump radio hal from user build. am: e42c7120dd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17155484

Change-Id: I4b32ed5c0e662d424eb562589a9cf5b38ca04a1a
 2022-03-14 11:17:19 +00:00
Tim Lin
f4de3d67e9 ril: dump radio hal from user build. am: e42c7120dd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17155484

Change-Id: I65afb8a98149d2e782edd16bbbf2ccc4eb456a67
 2022-03-14 11:17:12 +00:00
Tim Lin
e42c7120dd ril: dump radio hal from user build. 
To get radio hal debug info on user build as we do on previous Pixels.

Bug: 221391981
Test: Trigger bugreport on USERDEBUG with dumpstate.unroot set
to true and check IRadio log

Change-Id: I354d5770272b518761db4aab8da726de97e472bb
 2022-03-14 10:49:07 +00:00
Chungjui Fan
82efa59fb5 sepolicy: allow fastbootd to access gsc device node am: e02f501377 am: a0f0f1e049 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17157683

Change-Id: I8e6d53c215fa9129db2030c011895924456d8a28
 2022-03-14 05:39:42 +00:00
Chungjui Fan
b68cbdf4c8 sepolicy: allow fastbootd to access gsc device node am: e02f501377 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17157683

Change-Id: I7a81fba2eb15464614d294d7aaf5e5667b57e665
 2022-03-14 05:18:51 +00:00
Chungjui Fan
a0f0f1e049 sepolicy: allow fastbootd to access gsc device node am: e02f501377 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17157683

Change-Id: I4234b878168d327657f3114bf96da9e6f056334e
 2022-03-14 05:17:37 +00:00
Chungjui Fan
e02f501377 sepolicy: allow fastbootd to access gsc device node 
audit: type=1400 audit(1646614793.912:8): avc:  denied  { getattr }
for pid=347 comm="fastbootd" path="/dev/gsc0" dev="tmpfs" ino=469
scontext=u:r:fastbootd:s0 tcontext=u:object_r:citadel_device:s0
tclass=chr_file permissive=0

Bug: 221410358
Test: fastboot -w in fastbootd mode
Change-Id: I5680515865c2656ffa91dfe593459aab1ade81cb
Signed-off-by: Chungjui Fan <chungjuifan@google.com>
 2022-03-14 04:47:31 +00:00
Ramji Jiyani
30ce6f42f3 dumpstate: Remove do not audit for /system_dlkm am: cec1d2a769 am: 3b53f750cd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17180360

Change-Id: I5acc30ad207c7940758baba44150f7b3705e5f78
 2022-03-14 04:25:37 +00:00
Ramji Jiyani
b3d20badcf dumpstate: Remove do not audit for /system_dlkm am: cec1d2a769 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17180360

Change-Id: Ib7e5de5db8aee96742905df9ac46aacc6ed81770
 2022-03-14 04:03:56 +00:00
Ramji Jiyani
3b53f750cd dumpstate: Remove do not audit for /system_dlkm am: cec1d2a769 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17180360

Change-Id: I2e71cdc8d343e82a83cf40c5aa6d653458c16625
 2022-03-14 04:02:45 +00:00
Ramji Jiyani
cec1d2a769 dumpstate: Remove do not audit for /system_dlkm 
FixedBy: http://aosp/2022375
Bug: 223332748
Test: atest SELinuxHostTest#testNoBugreportDenials
Signed-off-by: Ramji Jiyani <ramjiyani@google.com>
Change-Id: I46e427cccec27118fad4440dc6822196d26f4a1b
 2022-03-13 18:32:07 -07:00
Taeju Park
b51c7acf6d Allow accessing power_policy sysfs node for GPU am: dc99069f1e am: 127bdb6c52 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17147970

Change-Id: Idfa7938b5c99f8c5447d5d38b2892c7f41b5ea2c
 2022-03-10 10:50:57 +00:00
Taeju Park
28666f9c91 Allow accessing power_policy sysfs node for GPU am: dc99069f1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17147970

Change-Id: I4d6d6f91d20ee796557f0341fd0553b2a880dbb4
 2022-03-10 10:27:29 +00:00
Taeju Park
127bdb6c52 Allow accessing power_policy sysfs node for GPU am: dc99069f1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17147970

Change-Id: Ie859536806978c4e9edca66601bd1a99572c7b87
 2022-03-10 10:26:57 +00:00
Taeju Park
dc99069f1e Allow accessing power_policy sysfs node for GPU 
Bug: 223440487
Signed-off-by: Taeju Park <taeju@google.com>
Change-Id: Iae2e4a0dc8d474d04200e79b4b4014010eedb147
 2022-03-10 10:03:59 +00:00
Darren Hsu
bea4cd8551 sepolicy: label wakeup source for usbc port am: ab8e1fdc58 am: c3524aa570 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129070

Change-Id: Iabd3c7db52dea253016624ba2ffb9d354cf33e00
 2022-03-10 06:53:36 +00:00
Darren Hsu
c3524aa570 sepolicy: label wakeup source for usbc port am: ab8e1fdc58 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129070

Change-Id: I719c86ff9275562322fa1a8741e45f038d813e7c
 2022-03-10 06:32:26 +00:00
Darren Hsu
ddba63c8e1 sepolicy: label wakeup source for usbc port am: ab8e1fdc58 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129070

Change-Id: I5d7a5c785a47406a692e76c5b5ac1f063be4f562
 2022-03-10 06:31:58 +00:00
Darren Hsu
ab8e1fdc58 sepolicy: label wakeup source for usbc port 
Bug: 223475365
Test: run vts -m SuspendSepolicyTests
Change-Id: I2116c5f4fd19c5995f1612d593532cc7e065a560
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-10 11:29:15 +08:00
Adam Shih
28d56b9f45 Remove obsolete sepolicy am: e989d0087a am: e2bfc6f47f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17130105

Change-Id: Ic8047d68612de73e05398a268119aeff670c4a92
 2022-03-09 09:24:29 +00:00
Adam Shih
52c687855b Remove obsolete sepolicy am: e989d0087a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17130105

Change-Id: Icc23b10b61b23b9a78cd867f6c6105cc91873594
 2022-03-09 08:58:27 +00:00
Adam Shih
e2bfc6f47f Remove obsolete sepolicy am: e989d0087a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17130105

Change-Id: I1fd83076b7693667b95055e0feef410344720934
 2022-03-09 08:57:02 +00:00
Adam Shih
e989d0087a Remove obsolete sepolicy 
Bug: 207300335
Test: do bugreport without relevant error log showing up
Change-Id: I38e4544c59c49543e746775ec686874ee8ae2473
 2022-03-09 08:14:24 +00:00
Darren Hsu
024cc5351d sepolicy: fix VTS failure for SuspendSepolicyTests am: 284b775f21 am: 971ad610df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118583

Change-Id: I77728bab265ee7459f43b2c2ba00ea14ddd1ab83
 2022-03-09 06:21:03 +00:00
Darren Hsu
541e5a1bec sepolicy: fix VTS failure for SuspendSepolicyTests am: 284b775f21 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118583

Change-Id: Iadc3284119120be092462d2769bf2ce0a4e0bf2d
 2022-03-09 05:57:35 +00:00
Darren Hsu
971ad610df sepolicy: fix VTS failure for SuspendSepolicyTests am: 284b775f21 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118583

Change-Id: I2c33087c2413db910e3ad4968be605dbc10c6ccf
 2022-03-09 05:56:22 +00:00
Darren Hsu
284b775f21 sepolicy: fix VTS failure for SuspendSepolicyTests 
Label the common parent wakeup path instead of each
individual wakeup source to avoid bloating the genfs
contexts.

Bug: 221174227
Test: run vts -m SuspendSepolicyTests
Change-Id: I38e3a349af04f83e63735ea7ca010cf634c2f1ab
 2022-03-09 05:29:09 +00:00
SalmaxChang
c9e43b03e3 incident: Fix avc errors am: 1f72ffdec6 am: e0e47e1d51 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129066

Change-Id: I4d0e9bf5ce5984918e8aea22deb111ccf6de6a31
 2022-03-09 05:20:03 +00:00
sukiliu
114cfa428b Update avc error on ROM 8268341 am: b82a5ab98b am: 82778d58cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118587

Change-Id: Icdb610a1595b7a1676058f5a01c75a1f6e89a11f
 2022-03-09 05:19:51 +00:00
SalmaxChang
e0e47e1d51 incident: Fix avc errors am: 1f72ffdec6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129066

Change-Id: I70701611ef3193e945f8f3fb6fb18707ac2ddf36
 2022-03-09 05:04:17 +00:00
SalmaxChang
8e6d8aca0a incident: Fix avc errors am: 1f72ffdec6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17129066

Change-Id: If23a5eadf674fb9dab7fb852d1509e5ff78d0c81
 2022-03-09 05:03:25 +00:00
SalmaxChang
1f72ffdec6 incident: Fix avc errors 
avc: denied { use } for comm="incident" dev="dm-47" ino=10911 scontext=u:r:incident:s0 tcontext=u:r:logger_app:s0:c239,c256,c512,c768 tclass=fd
avc: denied { append } for dev="dm-7" ino=12639 scontext=u:r:incident:s0 tcontext=u:object_r:media_rw_data_file:s0:c30,c257,c512,c768 tclass=file

Bug: 222209243
Change-Id: I9e622e2af1a036eab818cd2b66c07b137fe9cc99
 2022-03-09 04:55:08 +00:00
sukiliu
ab0ae93203 Update avc error on ROM 8268341 am: b82a5ab98b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118587

Change-Id: I3a08a7839302128d7660777a2607e6a87074a2d2
 2022-03-09 04:53:32 +00:00
sukiliu
82778d58cc Update avc error on ROM 8268341 am: b82a5ab98b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118587

Change-Id: I9b5926633555e0cfb2af2a92db05ac2c05bdf4ad
 2022-03-09 04:51:53 +00:00
sukiliu
b82a5ab98b Update avc error on ROM 8268341 
Bug: 223332748
Bug: 208721808
Test: PtsSELinuxTestCases
Change-Id: Ie3c6fdb9c8f29cac41db2750e71d3163132d4951
 2022-03-09 04:25:38 +00:00
Michael Eastwood
6c5f5af3fb Update SELinux policy to allow camera HAL to send Perfetto trace packets am: 07bf62c387 am: 4724d39907 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17080874

Change-Id: I08eafa3a554e983f7d66cb0f05bf4d3c1c43e804
 2022-03-09 02:15:28 +00:00
SalmaxChang
14126ff3f3 dumpstate: Grant to access media_rw_data_file am: db1196932e am: ea7d1c1e1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17106207

Change-Id: Ic9c598226c737a788753b79209b42c71513d04af
 2022-03-09 02:15:22 +00:00