device_google_gs201

Author	SHA1	Message	Date
Robb Glasser	727d070b13	Fix sensors_hal selinux denials. Bug: 214473093 Bug: 218930975 Bug: 210067282 Test: com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot Change-Id: Ifd865efd0544f246d1c188f3edce9f05f27313d2	2022-02-22 19:25:50 +00:00
Krzysztof Kosiński	9257cd2a09	Camera: add setsched capability. am: `7997d6a8a0` am: `5975dd89c8` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16943772 Change-Id: I18ad1039c0bd0d91d42d6acb27f6e1da412f7c6b	2022-02-22 10:26:21 +00:00
Ted Lin	5b6a5292c3	hal_health_default: Fix avc denials 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2270): avc: denied { search } for name="thermal" dev="tmpfs" ino=1028 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=1 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2271): avc: denied { search } for name="thermal" dev="sysfs" ino=16790 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=1 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2273): avc: denied { open } for path="/sys/devices/virtual/thermal/thermal_zone13/mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2272): avc: denied { write } for name="mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1 Bug:208721638 Test: adb bugreport Change-Id: I4d9491862ff1bcc88f89b1478497ac569e3d1df1 Signed-off-by: Ted Lin <tedlin@google.com>	2022-02-22 09:11:43 +00:00
Krzysztof Kosiński	7fa1b979e3	Camera: add setsched capability. am: `7997d6a8a0` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16943772 Change-Id: I3cf5fac31683c37c05f427d8226e013f11e3f5a2	2022-02-22 08:51:22 +00:00
Adam Shih	f3a6247154	Let GPU reload am: `b322df9960` am: `37c001e736` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972944 Change-Id: I23b27fef19cd8bbfdd81c23f72562cc48ffc6ab9	2022-02-22 08:49:00 +00:00
Krzysztof Kosiński	5975dd89c8	Camera: add setsched capability. am: `7997d6a8a0` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16943772 Change-Id: I0dd3ce7386c49db308618ceb5b75c04e1c58c5fe	2022-02-22 08:48:23 +00:00
Krzysztof Kosiński	7997d6a8a0	Camera: add setsched capability. The camera HAL needs to increase the priority of some threads to reduce frame drops. Bug: 205072921 Test: Inspected logcat on P10 Change-Id: Ife5194c780a91f32d718f8db38e41f2f47fb929f	2022-02-22 08:12:57 +00:00
Adam Shih	37c001e736	Let GPU reload am: `b322df9960` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972944 Change-Id: I378151b91d62b5c0eca3f876a82a5d73886dbe18	2022-02-22 07:43:55 +00:00
Adam Shih	b322df9960	Let GPU reload 02-22 12:59:47.955 15 15 I mali 28000000.mali: reloading firmware 02-22 12:59:47.955 15 15 W mali 28000000.mali: loading /vendor/firmware/mali_csffw.bin failed with error -13 02-22 12:59:47.955 15 15 W mali 28000000.mali: Direct firmware load for mali_csffw.bin failed with error -2 02-22 12:59:47.955 15 15 E mali 28000000.mali: Failed to reload firmware image 'mali_csffw.bin' 02-22 12:59:47.920 15 15 W kworker/0:1: type=1400 audit(0.0:10): avc: denied { read } for name="mali_csffw.bin" dev="dm-4" ino=5689716 scontext=u:r:kernel:s0 tcontext=u:object_r:same_process_hal_file:s0 tclass=file permissive=0 Bug: 220801802 Test: device can resume after an hour of suspend. Change-Id: Ib252d6b1ac50ba7578a2ebf8cd8745004c385378	2022-02-22 07:05:54 +00:00
neoyu	3cbca42df5	Fix SELinux errors for ims am: `9d12b77b67` am: `faac353bfb` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962938 Change-Id: Icf4c3c27289c35edafa7f1d17d1a8ad52a62af73	2022-02-22 03:10:32 +00:00
neoyu	faac353bfb	Fix SELinux errors for ims am: `9d12b77b67` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962938 Change-Id: I9cc01f3a6b6ef01dbe3e6356e124c55354510559	2022-02-22 02:27:58 +00:00
neoyu	9d12b77b67	Fix SELinux errors for ims Sync different parts from P21 to P22 Bug: 220244357 Test: manual Change-Id: Idf8e5e612b46370812be0907e75e9ae43f37ab7b	2022-02-22 01:43:29 +00:00
Jack Yu	62d5b40d35	uwb: permissions for factory uwb calibration file Allow nfc hal accessing /data/vendor/uwb. Bug: 220167093 Test: build pass Change-Id: I33093231577b71c24d5bf6f980c7021cc546fa98	2022-02-22 01:24:47 +00:00
Jinting Lin	2c914cd02c	Adds mnt file and batt info permissions for modem app Bug: 220076340 Change-Id: Icd02d4f8757719afed020c27a90812921d5f37ec	2022-02-22 01:16:41 +00:00
neoyu	1bdb2ced7c	Fix SELinux errors for vendor_init am: `7a34798ea4` am: `d889ee6353` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962933 Change-Id: I71911df1c95d7f1570d49eb50490039c7352c2d0	2022-02-21 12:02:00 +00:00
neoyu	d889ee6353	Fix SELinux errors for vendor_init am: `7a34798ea4` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962933 Change-Id: I22d3af89dd84fab0330f1180b39a55157add6f33	2022-02-21 10:32:55 +00:00
neoyu	662c55b911	Fix SELinux errors for rild am: `26aa7c150e` am: `05fbdcedc3` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962925 Change-Id: I6b323d560fe4fc45c009dd3e32659b12d2d6ba41	2022-02-21 07:34:49 +00:00
Tai Kuo	528d78f539	Remove hal_vibrator_default avc tracking denials am: `bc3924f61d` am: `373795e6a5` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939010 Change-Id: Icb76e10d0fb5a72ab54b4d069cd3cdf71d6bc530	2022-02-21 07:33:50 +00:00
wenchangliu	8087834fce	Allow hal_graphics_allocator to access vscaler_heap_device am: `84d53775e1` am: `44eba6830b` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962930 Change-Id: Ia4cec67bee98b0921b5b8c6875a26d00a90c387d	2022-02-21 07:23:25 +00:00
wenchangliu	2638c815af	Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device am: `ad0a033f97` am: `258318a4af` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962929 Change-Id: I1639ad7fa458d8174194973f547f12a9eb1c2492	2022-02-21 07:23:24 +00:00
neoyu	05fbdcedc3	Fix SELinux errors for rild am: `26aa7c150e` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962925 Change-Id: I288eca3c6e1e92558775082bbeac8c371d549379	2022-02-21 07:01:27 +00:00
Tai Kuo	373795e6a5	Remove hal_vibrator_default avc tracking denials am: `bc3924f61d` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939010 Change-Id: I6a962e36cee9d8f402e1386f3736219e9a15b8a7	2022-02-21 07:01:17 +00:00
wenchangliu	44eba6830b	Allow hal_graphics_allocator to access vscaler_heap_device am: `84d53775e1` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962930 Change-Id: I6524c426deb02574346c67e66e81c8caa226d731	2022-02-21 07:01:04 +00:00
wenchangliu	258318a4af	Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device am: `ad0a033f97` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962929 Change-Id: Ic9b9d211039819015f0a432d6ec703d259cb5677	2022-02-21 07:01:04 +00:00
neoyu	7a34798ea4	Fix SELinux errors for vendor_init avc: denied { set } for property=logd.logpersistd pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:logpersistd_logging_prop:s0 tclass=property_service permissive=0' avc: denied { set } for property=logd.logpersistd.size pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:logpersistd_logging_prop:s0 tclass=property_service permissive=0' avc: denied { set } for property=persist.vendor.ril.use.iccid_to_plmn pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0' avc: denied { set } for property=persist.vendor.ril.emergencynumber.mode pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0' avc: denied { set } for property=persist.vendor.ril.log_mask pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0' avc: denied { set } for property=persist.vendor.ril.log.base_dir pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0' avc: denied { set } for property=persist.vendor.ril.log.chunk_size pid=1 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_rild_prop:s0 tclass=property_service permissive=0' Bug: 220261262 Test: manual Change-Id: Ieb6673234f913af25e275e61404098a0deccbed2	2022-02-21 14:58:29 +08:00
neoyu	dffd11e39f	[automerger skipped] Fix SELinux errors for ims am: `e909ddabea` am: `bf6cd933e7` -s ours am skip reason: Merged-In I3e7f6781718c3967f7842b074b0ef91818508af2 with SHA-1 `e909ddabea` is already in history Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962927 Change-Id: If504e329add9e6a18766a60dcbbab83cc4a1b3ce	2022-02-21 06:50:47 +00:00
neoyu	0123c39413	Fix SELinux errors for rild am: `26aa7c150e` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962925 Change-Id: Ib2262bfdebeb032a401037aa1bfad9bf8159b74a	2022-02-21 06:42:31 +00:00
Tai Kuo	f65f586495	Remove hal_vibrator_default avc tracking denials am: `bc3924f61d` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939010 Change-Id: I09aab5de63058d127791e41a7fa2dcfe08e283a0	2022-02-21 06:42:00 +00:00
wenchangliu	29dd317644	Allow hal_graphics_allocator to access vscaler_heap_device am: `84d53775e1` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962930 Change-Id: Ic1f28fb4f370715ed9bb2ad5cb169888cb296c9d	2022-02-21 06:41:43 +00:00
wenchangliu	032d245dec	Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device am: `ad0a033f97` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962929 Change-Id: Ia9dc74f81614ce5e7b7f9b0cc1390e79fab5d990	2022-02-21 06:41:42 +00:00
neoyu	9ba325c541	[automerger skipped] Fix SELinux errors for ims am: `e909ddabea` -s ours am skip reason: Merged-In I3e7f6781718c3967f7842b074b0ef91818508af2 with SHA-1 `0d22c86fef` is already in history Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962927 Change-Id: Ic5568e403b77bc6a4983962e8188b5c8e0df9dc0	2022-02-21 06:41:12 +00:00
neoyu	26aa7c150e	Fix SELinux errors for rild avc: denied { set } for property=vendor.sys.modem_reset pid=990 uid=1001 gid=1001 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0' Bug: 220261262 Test: manual Change-Id: I2bd616345f665c0cffd1ee73db790708f9cbca06	2022-02-21 06:38:42 +00:00
Tai Kuo	bc3924f61d	Remove hal_vibrator_default avc tracking denials Bug: 204718450 Bug: 207062207 Bug: 208721729 Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot Change-Id: Icb3d6a48fc9fbb6e6644d1d65150436f7c0c8c3f	2022-02-21 06:37:00 +00:00
wenchangliu	84d53775e1	Allow hal_graphics_allocator to access vscaler_heap_device avc: denied { read } for name="vscaler-secure" dev="tmpfs" \ ino=458 scontext=u:r:hal_graphics_allocator_default:s0 \ tcontext=u:object_r:vscaler_heap_device:s0 \ tclass=chr_file permissive=0 Bug: 199467922 Test: ExoPlayer secure playback Change-Id: I2b3be9f4f038317eb456a20b33e555e8d5db2678	2022-02-21 06:36:34 +00:00
wenchangliu	ad0a033f97	Allow hal_graphics_allocator to access dmabuf_system_secure_heap_device avc: denied { ioctl } for path="/dev/dma_heap/vframe-secure" dev="tmpfs" \ ino=801 ioctlcmd=0x4800 scontext=u:r:hal_graphics_allocator_default:s0 \ tcontext=u:object_r:dmabuf_system_secure_heap_device:s0 \ tclass=chr_file permissive=0 Bug: 199467922 Test: ExoPlayer secure playback Change-Id: I9e6e1bba6d01c1a416a440e8ad425a5cf2ac19c5	2022-02-21 06:36:34 +00:00
neoyu	bf6cd933e7	Fix SELinux errors for ims am: `e909ddabea` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962927 Change-Id: I4c07a8c15ae99f489044c360e84a7480d2348846	2022-02-21 06:14:24 +00:00
neoyu	e909ddabea	Fix SELinux errors for ims avc: denied { write } for name="property_service" dev="tmpfs" ino=362 scontext=u:r:vendor_ims_app:s0:c208,c256,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 app=com.shannon.imsservice avc: denied { set } for property=persist.radio.call.audio.output pid=1920 uid=10216 gid=10216 scontext=u:r:vendor_ims_app:s0:c216,c256,c512,c768 tcontext=u:object_r:radio_prop:s0 tclass=property_service permissive=0' Bug: 219954530 Test: manual Change-Id: I3e7f6781718c3967f7842b074b0ef91818508af2 (cherry picked from commit `0d22c86fef`) Merged-In: I3e7f6781718c3967f7842b074b0ef91818508af2	2022-02-21 05:44:38 +00:00
Adam Shih	9809b69b55	update error on ROM 8205122 am: `2b6835e404` am: `9589916921` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962923 Change-Id: I9dfaff1b0924a18001d84799aa8b1921870ee8ee	2022-02-21 04:37:51 +00:00
Adam Shih	76a7ff4af6	update error on ROM 8205122 am: `2b6835e404` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962923 Change-Id: I7c9696fb57a9521edc5a54eef871d236cae0c17a	2022-02-21 04:20:20 +00:00
wenchangliu	9adddfcfed	Allow mediacodec_samsung to access gpu device am: `28817da2a3` am: `318db1ac82` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939013 Change-Id: I73c0b9acc2cf297e8baf2ea9ebf524c6acdb1491	2022-02-21 04:07:39 +00:00
Adam Shih	9589916921	update error on ROM 8205122 am: `2b6835e404` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16962923 Change-Id: I69c24ef1ae29c7eba9085e0ab2f113a0039dd670	2022-02-21 03:34:06 +00:00
wenchangliu	318db1ac82	Allow mediacodec_samsung to access gpu device am: `28817da2a3` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16939013 Change-Id: I0fa6c765db711a277e356fbdadc6de1f526d5943	2022-02-21 03:34:00 +00:00
Adam Shih	2b6835e404	update error on ROM 8205122 Bug: 220636850 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I201f9e84eca676b9f7aa5d09356bce384df1fa4b	2022-02-21 03:20:59 +00:00
Jinting Lin	e65363450c	Adds logging related properties for logger app Bug: 220073302 Change-Id: I3917ce13f51a5ccb3304eb2db860f4da8424438b	2022-02-21 01:45:27 +00:00
wenchangliu	28817da2a3	Allow mediacodec_samsung to access gpu device avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" \ ino=1042 scontext=u:r:mediacodec_samsung:s0 \ tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1 avc: denied { read write } for name="mali0" dev="tmpfs" \ ino=1042 scontext=u:r:mediacodec_samsung:s0 \ tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1 avc: denied { open } for path="/dev/mali0" dev="tmpfs" \ ino=1042 scontext=u:r:mediacodec_samsung:s0 \ tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1 avc: denied { ioctl } for path="/dev/mali0" dev="tmpfs" \ ino=1042 ioctlcmd=0x8034 scontext=u:r:mediacodec_samsung:s0 \ tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1 avc: denied { map } for path="/dev/mali0" dev="tmpfs" \ ino=1042 scontext=u:r:mediacodec_samsung:s0 \ tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1 Bug: 205772037 Test: demo-transformer HDR editing Change-Id: Ib5d075bfd1247112c803f01db430d93259fd9e7f	2022-02-18 13:50:13 +00:00
Alex Hong	453b37ebdc	Remove the sepolicy for tetheroffload service Test: m checkvintf run vts -m VtsHalTetheroffloadControlV1_0TargetTest Bug: 207076973 Bug: 214494717 Change-Id: I5ecec46512ff4e1ae6c52147cfa0179e5fc93420	2022-02-18 07:55:02 +00:00
neoyu	0d22c86fef	Fix SELinux errors for ims avc: denied { write } for name="property_service" dev="tmpfs" ino=362 scontext=u:r:vendor_ims_app:s0:c208,c256,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 app=com.shannon.imsservice avc: denied { set } for property=persist.radio.call.audio.output pid=1920 uid=10216 gid=10216 scontext=u:r:vendor_ims_app:s0:c216,c256,c512,c768 tcontext=u:object_r:radio_prop:s0 tclass=property_service permissive=0' Bug: 219954530 Test: manual Change-Id: I3e7f6781718c3967f7842b074b0ef91818508af2	2022-02-18 02:39:23 +00:00
Peter Csaszar	4041f814be	pixel-selinux: add SJTAG policies These are the SELinux policies for the sysfs files of the SJTAG kernel interface. The files are in the following directories: /sys/devices/platform/sjtag_ap/interface/ /sys/devices/platform/sjtag_gsa/interface/ Bug: 207571417 Signed-off-by: Peter Csaszar <pcsaszar@google.com> Change-Id: I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff	2022-02-17 12:31:09 -08:00
Midas Chien	c8c1f766d2	Allow composer to read panel_idle sysfs node Change panel_idle selinux type to sysfs_display to allow composer can access it. Bug: 198808492 Test: ls -Z to check selinux type Test: make sure composer can access it Change-Id: Ic2bd697c79b398b8093dd00598b1076e3ea3aec2	2022-02-17 09:17:42 +00:00
Denny cy Lee	efbd9fa0b2	sepolicy: hwinfo: Add battery fuel gauge permission Bug: 208909060 Bug: 219660742 Bug: 219660741 Test: check dmeg and search "avc: denied { search } for comm="id.hardwareinfo" vendor_maxfg_debugfs avc gone after apply patch Change-Id: I3399e696b59218e62c4d1adcc2a12f5d6ee5c8cc Signed-off-by: Denny cy Lee <dennycylee@google.com>	2022-02-17 09:04:23 +00:00

... 39 40 41 42 43 ...

2402 commits