Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
485 commits 1 branch 0 tags 63 MiB
Commit graph

485 commits

This branch
This branch
All branches
Author SHA1 Message Date
Denny cy Lee
2c4cc89cdd Sepolicy: Pixel stats orientationCollector sepolicy am: d8eab32b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652447

Change-Id: Iec661711780385e125c324d6b057e74a4996eb19
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 02:49:17 +00:00
Denny cy Lee
d8eab32b49 Sepolicy: Pixel stats orientationCollector sepolicy 
Bug: 228547969
Test: adb shell cmd stats print-logs;[do wireless charge], and below log
found
03-31 22:52:21.798   801   809 I statsd  : { uid(1000) 1648738341
240287209019 (105009)0x10000->[S] 0x20000->0[I]  }

Signed-off-by: Denny cy Lee <dennycylee@google.com>
Change-Id: I5ef5279ba7c8bf0fd3d4cf0155f5bcad79eeb6b2
 2022-04-14 02:01:13 +00:00
Jenny Ho
f1a9fb4da2 sepolicy: add sepolicy for disable.battery.defender 
Bug: 221384939
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Iba8f4e7abca98b5805eb75ba386c90581269f749
 2022-04-14 01:06:58 +00:00
Robert Shih
38151187bf Pixel 2022: MediaDrm AIDL sepolicy 
Bug: 219538389
Bug: 221180205
Change-Id: I985230093d692fcf948049455fa465fce116d2a6
Test: atest VtsAidlHalDrmTargetTest
 2022-04-13 18:38:21 +00:00
Darren Hsu
8af71b59c0 sepolicy: lable p9412 wakeup for system suspend am: cf2cc47e79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731166

Change-Id: Ic0c96ad1ef2bc91f5fce9196c4133b39c6a33a50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 10:20:02 +00:00
Darren Hsu
cf2cc47e79 sepolicy: lable p9412 wakeup for system suspend 
Bug: 226887726
Bug: 228947596
Test: do bugreport without avc denials
Change-Id: Ic8eab625a20c60a4bf78403ef10465074d782821
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-04-13 13:39:02 +08:00
Wayne Lin
1ae80c59a7 gps: allow system server to send sensor data callback to GPS am: aab4f72223 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699754

Change-Id: I4d29356b95bb185182a24190bc9c7ca5075e5ed2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-13 03:14:34 +00:00
Wayne Lin
aab4f72223 gps: allow system server to send sensor data callback to GPS 
avc: denied { call } for scontext=u:r:system_server:s0 tcontext=u:r:gpsd:s0 tclass=binder permissive=0

Bug: 224772976
Test: build pass, verify no avc denied and gpsd can receive sensor callback
Change-Id: If3b58b5527f67732ea60b3dd943ae472aebb7aed
 2022-04-13 02:54:24 +00:00
Albert Wang
e914d6fcc3 Add more xHCI wakeup path for suspend_control 
To addressdd the xHCI wakeup nodes permission problem, add new nodes:
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/wakeup
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb2
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.auto/usb3
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/wakeup
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb2
/devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb3
/devices/platform/11210000.usb/wakeup

Bug: 228791172
Test: verified with forrest test build
Signed-off-by: Albert Wang <albertccwang@google.com>
Change-Id: I457e64c252ec3573ab15923898c469472fc3b9b6
 2022-04-12 15:07:04 +08:00
Darren Hsu
88dc029b88 sepolicy: label charger wakeup for system suspend am: 68f1d4fb71 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17686708

Change-Id: Ia0c3065b170d6be3823dff7b4c4e650396df9c97
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-12 04:05:03 +00:00
Darren Hsu
68f1d4fb71 sepolicy: label charger wakeup for system suspend 
Bug: 226887726
Test: do bugreport without avc denials
Change-Id: I0b57cfdddb81c1685f6a054944c064e02c099637
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-04-12 07:43:30 +08:00
Grace Chen
2a8ed004f6 Add selinux permissions to r/w sysfs st33spi_state 
Bug: 228508704
Test: Confirm can r/w to sysfs file
Change-Id: If96f15f53ee510bf361a2bec5f006d67b178981e
 2022-04-11 21:00:50 +00:00
Darren Hsu
7903dbb74c Label AoC wakeup for system suspend am: c750a64e4c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17652444

Change-Id: I63c19ed0fb37137c0561b62a3fc2cebe5dabc458
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-11 08:18:19 +00:00
Darren Hsu
c750a64e4c Label AoC wakeup for system suspend 
Bug: 227531769
Test: do bugreport without avc denials
Change-Id: Ie3efd407ff629b583e37c0b5af430c9a9daf8691
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-04-11 15:54:59 +08:00
Adam Shih
28a0ab4015 remove obsolete error 
Bug: 207062833
Bug: 210363938
Bug: 220636850
Test: boot with no relevant error log
Change-Id: I4901be83358e860b4a699ce44013fa1b255ceaa5
 2022-04-11 11:05:15 +08:00
Stephane Lee
ddbaf098f8 Fix off-mode (charger) sepolicy for the health interface am: 73b95396fd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17350882

Change-Id: I8ad0bb623bf857ed55c381dad6a5c571dcd06409
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 03:29:06 +00:00
Stephane Lee
73b95396fd Fix off-mode (charger) sepolicy for the health interface 
Bug: 223537397
Test: Ensure that there are no selinux errors for charger_vendor in
   off-mode charging
Change-Id: I9074079a7ba67813da6b6ad7b110d964b9b7db6d
 2022-04-08 03:13:51 +00:00
Stephane Lee
4b99160e35 ODPM: Add ODPM config file to be read by powerstats 2.0 am: 5ce2f99f38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17621550

Change-Id: I3bd878b212f35cef8ca71a3bbcb28551c6d5257e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:53:52 +00:00
chungkai
1aa53c1f48 sepolicy: ignore avc denial am: 2a3100de6e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17617704

Change-Id: I25f2f431a19e8cd7dbca347865b85d2dbf46f836
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:53:22 +00:00
chungkai
cd880aa0e6 genfs_contexts: fix path for i2c peripheral device am: fb466b4915 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17521224

Change-Id: I9d6ae44e3c1d28b670796dc87e193281f9699c76
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-08 02:53:20 +00:00
Stephane Lee
5ce2f99f38 ODPM: Add ODPM config file to be read by powerstats 2.0 
Test: Ensure that there are no sepolicy errors when
/data/vendor/powerstats/odpm_config exists
Bug: 228112997

Change-Id: I094c29c4d1a82bccfabde7a5511f4aa833c2cd35
 2022-04-08 02:49:40 +00:00
chungkai
2a3100de6e sepolicy: ignore avc denial 
dont audit since it's debugfs

Bug: 228181404
Test: forrest with boot test
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I77a385b73b5a9edafefa8e7d34a351594cd5cd06
 2022-04-08 02:20:26 +00:00
chungkai
fb466b4915 genfs_contexts: fix path for i2c peripheral device 
paths are changed when we enable parallel module loading and
reorder the initializtaion of devices.

Test: without avc denial
Bug: 227541760
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Icd74392e0684ac5614a83d14b936be880148f919
 2022-04-08 02:20:26 +00:00
Adrian Salido
ef36588f0e allow hwc access to persistent vendor display sysprop am: a1c2f220a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17226635

Change-Id: I820ddb93fc74c9bc8606e61f07217f7612e419f5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 16:04:20 +00:00
Adrian Salido
a1c2f220a7 allow hwc access to persistent vendor display sysprop 
Test: check avc denials while switching resolution
Bug: 217399988
Change-Id: Ia3a3ab394ec23ea3150a8cf4638e045cd1e9cac9
 2022-04-07 15:40:54 +00:00
Adam Shih
9e10c64350 let sensor access aoc am: 1e88b530fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609183

Change-Id: I40ac3df71d11deba2bad8d90a6e7927608b611ea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 05:17:17 +00:00
Adam Shih
1e88b530fa let sensor access aoc 
04-03 05:57:12.776   859   859 I auditd  : type=1400 audit(0.0:7): avc: denied { read } for comm="UsfHalWorker" name="services" dev="sysfs" ino=69355 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_dumpstate:s0 tclass=file permissive=0
04-03 05:57:12.776   859   859 I auditd  : type=1400 audit(0.0:8): avc: denied { write } for comm="UsfHalWorker" name="reset" dev="sysfs" ino=69363 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_r:sysfs_aoc_reset:s0 tclass=file permissive=0

Bug: 228030183
Bug: 228030193
Test: boot with no relevant errors
Change-Id: I87fd1aa1dc9b9cf42b23fb0e7f5d4e5b6f845610
 2022-04-07 04:37:49 +00:00
Siddharth Kapoor
1b92d2d5d2 Revert "Move ODPM file rule to pixel sepolicy" am: 15f80f57bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17609199

Change-Id: I8f7cbae7916b6bf21415d35afdeb653c243d2c6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-07 04:23:37 +00:00
Siddharth Kapoor
15f80f57bf Revert "Move ODPM file rule to pixel sepolicy" 
Revert "Move ODPM file rule to pixel sepolicy"

Revert "Move ODPM file rule to pixel sepolicy"

Revert submission 17215583-odpm_sepolicy_refactor-tm-dev

Reason for revert: build failure tracked in b/228261711
Reverted Changes:
Ic9a89950a:Move ODPM file rule to pixel sepolicy
I24105669b:Move ODPM file rule to pixel sepolicy
I044a285ff:Move ODPM file rule to pixel sepolicy

Change-Id: Idbf5cd106f229c8a72b2ecbc6e5ffd20d9e06805
 2022-04-07 04:06:29 +00:00
Jeremy DeHaan
18f8d933ab Update selinux policy for display information 
Two new sysfs nodes were added to sysfs_display type and permission to
access sysfs_display nodes was added for the dumpstate service. This
allows display information to be captured during bug report generation.

Bug: 225376485
Test: Manual - ran 'adb bugreport'
Change-Id: Ib121b0b21aa326e791e67c5bd24b3e70979a554c
 2022-04-06 18:51:45 +00:00
Mason Wang
60592aae02 hal_dumpstate_default: Fix avc denial of focaltech_touch. am: 882527f08b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17524943

Change-Id: I303b4b33cd88445e2e277f63a9c0596d641a5ed4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 10:28:53 +00:00
Mason Wang
882527f08b hal_dumpstate_default: Fix avc denial of focaltech_touch. 
Fixed following avc denial:
avc: denied { read } for name="focaltech_touch" dev="proc" ino=4026535419 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc_touch:s0 tclass=dir permissive=0

Bug: 199105131
Test: Verify pass by checking device log are w/o above errors when
trigger bugreport.

Change-Id: Id2af1f59cd397f0332fba94f68d9940f612a8e81
 2022-04-06 10:03:14 +00:00
samou
8c8727b061 Move ODPM file rule to pixel sepolicy am: ece8953942 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213985

Change-Id: I21d1c1488efa4e00412962f16d2fe837d8ffeb27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-06 02:38:48 +00:00
samou
ece8953942 Move ODPM file rule to pixel sepolicy 
Bug: 213257759
Change-Id: I24105669b076061780addf5b038607f4d1957ee5
 2022-04-06 02:09:38 +00:00
Anthony Stange
2ff2776db0 Add BT HAL SELinux policy am: ede5e0944a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17474643

Change-Id: I538afe38e3ed3eb630d05efb74137ec15881cee2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-04 16:27:09 +00:00
Anthony Stange
ede5e0944a Add BT HAL SELinux policy 
Bug: 193474802
Test: presubmits
Change-Id: I0ce730c119b60fdfec6e31dea88f5edbf69048ed
 2022-04-04 15:55:43 +00:00
sukiliu
6be9cbeb9a Update avc error on ROM 8388849 am: 97326bf38b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17530928

Change-Id: Ie3331c90cf0d2de60f38f694861e02ad1a8e6d5c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 07:36:44 +00:00
sukiliu
97326bf38b Update avc error on ROM 8388849 
Bug: 221384939
Bug: 227694693
Bug: 227695036
Test: PtsSELinuxTestCases
Change-Id: I0768e29a0a162c6f568a5186602b01f1375a1ca5
 2022-04-01 11:55:09 +08:00
Taesoon Park
45d538c645 Add permission to access vendor.ims property to vendor ims app am: 9211922e70 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17465256

Change-Id: Ia3c34bb10d68af53a47e8939ffea389e6d57e542
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-01 01:45:59 +00:00
Taesoon Park
9211922e70 Add permission to access vendor.ims property to vendor ims app 
Vendor IMS Service read a SystemProperty starts with
persist.vendor.ims prefix, but it does not have a permission to
access it.
This change create a permission to access the SystemProperties start
with 'persist.vendor.ims.' prefix from vendor ims service.

Bug: 204714230
Test: Test results in b/225430461#comment40 enabling the property

Signed-off-by: Taesoon Park <ts89.park@samsung.com>
Change-Id: Ied50f377a3069eac65836ea999dfe021f4e4ed5d
 2022-04-01 01:19:26 +00:00
chungkai
2dc6f70afc sched: move sysfs to procfs 
Modify name from sysfs_vendor_sched to proc_vendor_sched

Test: without avc denial
Bug: 216207007
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ieb829e96ac1db2a1aa28fc416182450d128cac5c
 2022-03-31 07:00:20 +00:00
Ocean Chen
b36cf348d0 sepolicy: add smart_idle_maint_enabled_prop for pixelstats 
pixelstats get this sysprop hit the avc denied
persist.device_config.storage_native_boot.smart_idle_maint_enabled

pixelstats-vend: type=1400 audit(0.0:22): avc: denied { read }
for name="u:object_r:device_config_storage_native_boot_prop:s0"
dev="tmpfs" ino=171 scontext=u:r:pixelstats_vendor:s0
tcontext=u:object_r:device_config_storage_native_boot_prop:s0
tclass=file permissive=0

Bug: 215443809
Test: local build and run pixelstats

Signed-off-by: Ocean Chen <oceanchen@google.com>
Change-Id: Iedb4fa00c5e18cda6c799c3461bf8298bcf357eb
 2022-03-31 03:02:47 +00:00
SalmaxChang
8e9be24a81 hal_dumpstate_default: fix avc error 
avc: denied { search } for comm="dumpstate@1.1-s" name="modem_stat" dev="dm-42" ino=328 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:modem_stat_data_file:s0 tclass=dir

Bug: 227424943
Change-Id: I44e2337129e814ed176ac270ae6c35e34089aa74
 2022-03-31 02:15:19 +00:00
sukiliu
6379865b9d Update avc error on ROM 8374246 
Bug: 227286343
Test: forrest with boot test
Change-Id: I44e32ac8d141dcb14c79ea4d8e78df3f88485dab
 2022-03-31 02:14:40 +00:00
sukiliu
3d3ae38c43 Update avc error on ROM 8378382 
Bug: 226850644
Test: PtsSELinuxTestCases
Change-Id: Ie6c6d8979dc63ebda7c699f10c2abb369a048ab0
 2022-03-31 02:14:00 +00:00
Ray Chi
3fdb24bdc1 Revert "add sepolicy for set_usb_irq.sh" 
This reverts commit 6733f9667d.

Bug: 225789036
Test: build pass
Change-Id: If43c8db71c737d509b1dfd098503f564a06bf046
 2022-03-29 15:45:30 +08:00
Kris Chen
32f2e4b0e7 Allow hal_fingerprint_default to access sysfs_display 
Fix the following avc denial:
avc: denied { read } for name="panel_name" dev="sysfs" ino=71133 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=0

Bug: 223687187
Test: build and test fingerprint on device.
Change-Id: Ief1ccc7e2fa6b8b4dc1ecbd6d446cc49ee3936ce
 2022-03-29 01:39:32 +00:00
Minchan Kim
3496931400 sepolicy: allow dump page_pinner 
Provide necessary sepolicy for dumpreport to access page_pinner
information in /sys/kernel/debug/page_pinner/{longterm_pinner,
alloc_contig_failed}

Bug: 226956571
Test: Run "adb bugreport <zip>" and verify it contains the output
      from page_pinner.
Signed-off-by: Minchan Kim <minchan@google.com>
Change-Id: I7b00d4930fbaa2061537cd8c84616c1053c829cf
 2022-03-28 16:35:02 +00:00
Adam Shih
5cc8837eb6 update error on ROM 8365560 
Bug: 227121550
Bug: 227122249
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Iab96c7644e6c99d700a5f7b42fba30032d3624b7
 2022-03-28 10:59:04 +08:00
Omer Osman
e5cc5f7937 Add hidraw device and Dynamic Sensor SE Linux policy 
Test: Incoming HID data from Pixel Buds

Change-Id: I77489100e13d892fb7d3a7cee9734de044795dec
 2022-03-27 23:26:29 +00:00