Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
844 commits 1 branch 0 tags 63 MiB
Commit graph

844 commits

This branch
This branch
All branches
Author SHA1 Message Date
George Lee
644a47d5a4 [automerger skipped] health: Grant sysfs_thermal access to health am: 17981f9fc0 -s ours 
am skip reason: Merged-In I4d9491862ff1bcc88f89b1478497ac569e3d1df1 with SHA-1 5b6a5292c3 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17312309

Change-Id: Ibffa6cda778adf0b1a3509e3590c355f61bac5b8
 2022-03-23 05:33:07 +00:00
SalmaxChang
13a0910c39 modem_svc_sit: fix avc error am: ae6f085676 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17314904

Change-Id: I3ae7e26013ec250818fee64adedf5e0b568e50c7
 2022-03-23 05:33:06 +00:00
SalmaxChang
a40641f2da vendor_init: fix avc error am: 6dd3de7813 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291644

Change-Id: I58b4e5d1a0bf09666a0f852f2567605ca021cc1a
 2022-03-23 05:33:01 +00:00
SalmaxChang
3ae795cf8b modem_svc_sit: fix avc error am: ae6f085676 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17314904

Change-Id: I0962f68685aaabc68f74fd001c2b5edcc92ac10e
 2022-03-23 05:33:00 +00:00
SalmaxChang
cf09620f3c vendor_init: fix avc error am: 6dd3de7813 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17291644

Change-Id: Ic7d9db340241626de5f9852e4ddc01bbf6c8b84b
 2022-03-23 05:32:52 +00:00
George Lee
17981f9fc0 health: Grant sysfs_thermal access to health 
health-service has trouble accessing /dev/thermal.  This change fixes
this.

Bug: 226009696
Test: dev/thermal/tz-by-name/soc/mode error:Permission denied no longer
exist
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I8d112cb12f3aeb1c8d5433ca69415d0413f070a2
Merged-In: I4d9491862ff1bcc88f89b1478497ac569e3d1df1
 2022-03-23 05:30:33 +00:00
SalmaxChang
ae6f085676 modem_svc_sit: fix avc error 
avc: denied { write } for comm="modem_svc_sit" name="modem_stat" dev="dm-46" ino=333 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 225149029
Change-Id: Id1045d9488a200b6c64abbe02cf5e65926ba0203
 2022-03-23 05:13:29 +00:00
Yabin Cui
278d110fba Add SOC specific ETM sysfs paths 
Bug: 225403280
Test: run profcollectd on c10
Change-Id: I10c8d250cf88b371ee573561d6678fc24f4e440c
 2022-03-22 16:53:23 +00:00
SalmaxChang
6dd3de7813 vendor_init: fix avc error 
avc: denied { getattr } for comm="init" name="/" dev="sda19" ino=2 scontext=u:r:vendor_init:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=0

Bug: 225151104
Change-Id: I508aa6b85039edc4b5a8746aaa602f1131768630
 2022-03-22 07:57:59 +00:00
Kris Chen
b89f8faaca Allow hal_fingerprint_default to access fwk_sensor_hwservice am: 997b8974ef am: 3d1c17ffd7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17288686

Change-Id: Iad8b3eec7c5c9abc23d2df8d09e4b9b3e7b59ccb
 2022-03-22 04:15:55 +00:00
Kris Chen
3d1c17ffd7 Allow hal_fingerprint_default to access fwk_sensor_hwservice am: 997b8974ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17288686

Change-Id: If57f3542180e8e0af17351c50415a8bab57306e5
 2022-03-22 03:59:58 +00:00
Kris Chen
a312c79491 Allow hal_fingerprint_default to access fwk_sensor_hwservice am: 997b8974ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17288686

Change-Id: I68502cce84067dd230bec8e4b02491b5f6bb79fd
 2022-03-22 03:59:50 +00:00
Peter Csaszar
0f9c31fb33 [automerger skipped] pixel-selinux: Port PRO SJTAG policies to tm-dev am: 466adbb2da am: 0b35cf6a3b -s ours 
am skip reason: Merged-In I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff with SHA-1 4041f814be is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17299051

Change-Id: I89786ea8bd4d67e255a1c03f41fea2dbc57912a6
 2022-03-22 03:52:39 +00:00
Roshan Pius
db3c865121 gs-policy: Remove obsolete uwb vendor service rules am: 046601d414 am: d8a25b0f0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17294749

Change-Id: I662ee5a78965812848a52ecb7afbf2a57c017549
 2022-03-22 03:52:15 +00:00
Kris Chen
997b8974ef Allow hal_fingerprint_default to access fwk_sensor_hwservice 
Fix the following avc denial:
avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_fingerprint_default:s0 pid=1258 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 197789721
Test: build and test fingerprint on device.
Change-Id: I7494f28e69e5a1b660dc7fbaa528b1088048723b
(cherry picked from commit 9b54bf3665abce7a6f5f5df22069a8ef081ad80e)
 2022-03-22 03:39:35 +00:00
Peter Csaszar
0b35cf6a3b pixel-selinux: Port PRO SJTAG policies to tm-dev am: 466adbb2da 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17299051

Change-Id: If1cc0d3afa539a104b2ad99b9bebdc18c98bd622
 2022-03-22 03:30:37 +00:00
Peter Csaszar
a2a1b7f0a2 [automerger skipped] pixel-selinux: Port PRO SJTAG policies to tm-dev am: 466adbb2da -s ours 
am skip reason: Merged-In I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff with SHA-1 4041f814be is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17299051

Change-Id: Ie53882049dae4879e6420ede4961e83681bd0905
 2022-03-22 03:30:31 +00:00
Roshan Pius
d8a25b0f0c gs-policy: Remove obsolete uwb vendor service rules am: 046601d414 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17294749

Change-Id: If87ae2d622842f33f4d71568fcf8918847762ee3
 2022-03-22 03:30:17 +00:00
Roshan Pius
8eae925778 gs-policy: Remove obsolete uwb vendor service rules am: 046601d414 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17294749

Change-Id: I5562c289af945a110b2be5280170e0a5b948f6b4
 2022-03-22 03:29:57 +00:00
Peter Csaszar
466adbb2da pixel-selinux: Port PRO SJTAG policies to tm-dev 
These are the SELinux policies for the sysfs files of the SJTAG
kernel interface for WHI-PRO-based devices, now migrated to the
tm-dev branch. The files are in the following directories:

  /sys/devices/platform/sjtag_ap/interface/
  /sys/devices/platform/sjtag_gsa/interface/

Bug: 207571417
Bug: 224022297
Signed-off-by: Peter Csaszar <pcsaszar@google.com>
Merged-in: I5ec50d9ff7cd0e08ade7acce21e73751e93a0aff
Change-Id: I56da5763c31ab098859cbc633660897646fe7f3e
 2022-03-22 03:17:40 +00:00
Roshan Pius
046601d414 gs-policy: Remove obsolete uwb vendor service rules 
This service no longer exists in the UCI stack.

Bug: 186585880
Test: Manual UWB tests
Change-Id: I279824be6f51470364ad61833b797aa23cbea859
 2022-03-21 09:18:28 -07:00
Sam Dubey
a494fa5a99 Temporarily don't audit init for modem_img_file am: b92095e322 am: c84e42d3c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17268031

Change-Id: I654b3a8013673c61336f52bcc40dcfdd9eda7c70
 2022-03-21 09:01:09 +00:00
Sam Dubey
c84e42d3c9 Temporarily don't audit init for modem_img_file am: b92095e322 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17268031

Change-Id: Ib2e377cc811fb8f4a589fb184b8c0dd12bf8be2b
 2022-03-21 08:43:21 +00:00
Sam Dubey
b5d69e961f Temporarily don't audit init for modem_img_file am: b92095e322 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17268031

Change-Id: Ica96cf300d8b47387c95220e5571118c8d2789c2
 2022-03-21 08:41:15 +00:00
Mason Wang
500e7624e9 vendor_init: Fix touch avc denial of high_sensitivity. 
Fixed following avc denial:
avc: denied { write } for name="high_sensitivity" dev="proc" ino=4026534550 scontext=u:r:vendor_init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1
//The file node is proc/focaltech_touch/high_sensitivity


Bug: 199105136
Test: Verify pass by checking device log are w/o above errors while
switching setting/display/increase touch sensitivity.

Change-Id: I8dbe4190056767407413082580320593292725fe
 2022-03-21 07:32:49 +00:00
Sam Dubey
b92095e322 Temporarily don't audit init for modem_img_file 
Change-Id: I2c9c788119b20b8a37e71a971997f16a7fe6165b
Fix: 225279974
 2022-03-21 04:42:13 +00:00
yixuanjiang
22cbebd97a audio: sync aocdump setting from gs101 am: 9206ceb227 am: 5143119a16 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17248005

Change-Id: I2e1c65a30673c6327ea53b31f7d3904c16ff365f
 2022-03-21 03:01:58 +00:00
yixuanjiang
5143119a16 audio: sync aocdump setting from gs101 am: 9206ceb227 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17248005

Change-Id: Id7c3c9f2606fe13023a72744230adc6c7ebcc66b
 2022-03-21 02:26:21 +00:00
yixuanjiang
322733ed38 audio: sync aocdump setting from gs101 am: 9206ceb227 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17248005

Change-Id: I10e973862521a98a6e6c75781f1c474390eed175
 2022-03-21 02:25:56 +00:00
yixuanjiang
9206ceb227 audio: sync aocdump setting from gs101 
Bug: 225309469
Test: local
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
Change-Id: Ia9be16c74de666c945d76ca514423b030c0f90d0
 2022-03-21 02:08:55 +00:00
Mason Wang
2af25c514e [automerger skipped] vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] am: 296823785d am: ae166c90eb -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17229066

Change-Id: I268608821e39e87d3b7a5b86a9bc5e2724f1a998
 2022-03-18 06:44:24 +00:00
Mason Wang
ae166c90eb vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] am: 296823785d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17229066

Change-Id: I5fd10c80b5a1911818334615c4c900b858a4dae7
 2022-03-18 06:22:19 +00:00
Mason Wang
4891389afe [automerger skipped] vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] am: 296823785d -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17229066

Change-Id: I00d0b00c5564091bfce7b1b05ea3d69cfb681875
 2022-03-18 06:21:38 +00:00
Mason Wang
296823785d vendor_init: Fix touch avc denial of high_sensitivity.[DO NOT MERGE] 
Fixed following avc denial:
avc: denied { write } for name="high_sensitivity" dev="proc" ino=4026534550 scontext=u:r:vendor_init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1
//The file node is proc/focaltech_touch/high_sensitivity


Bug: 199105136
Test: Verify pass by checking device log are w/o above errors while
switching setting/display/increase touch sensitivity.

Change-Id: I8dbe4190056767407413082580320593292725fe
 2022-03-17 10:01:37 +00:00
George Lee
937f5cec07 health: Add sysfs_thermal access am: 2cc598cc9b am: 6548900ffe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17164869

Change-Id: Ia5bf090927849d2949470fc51fac34c3c8c9ede8
 2022-03-17 06:31:45 +00:00
George Lee
6548900ffe health: Add sysfs_thermal access am: 2cc598cc9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17164869

Change-Id: I92b98ee674757c4f68ea5626bff3ac9e18d9df93
 2022-03-17 05:27:52 +00:00
George Lee
c73fa1acfe health: Add sysfs_thermal access am: 2cc598cc9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17164869

Change-Id: I2d335b082919b55a430782de9b79f7037a846af1
 2022-03-17 05:27:23 +00:00
George Lee
2cc598cc9b health: Add sysfs_thermal access 
health-service has trouble accessing /dev/thermal.  This change fixes
this.

Bug: 223928339
Test: dev/thermal/tz-by-name/soc/mode error:Permission denied no longer
exist
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I6077e841d179b6cda50d578e584dd249ce970db0
 2022-03-17 04:55:59 +00:00
Adam Shih
e0c07357d8 reject mnt_vendor_file access in user ROM am: bedd866505 am: 66f8cc7ba0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213986

Change-Id: I9a957138941a2791e2a293942b32c0a059232bda
 2022-03-16 09:55:13 +00:00
Adam Shih
66f8cc7ba0 reject mnt_vendor_file access in user ROM am: bedd866505 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213986

Change-Id: Id9efbf8949047e65c36ccf33a465189aa3be6302
 2022-03-16 09:29:29 +00:00
Adam Shih
22e6a7bfbf reject mnt_vendor_file access in user ROM am: bedd866505 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17213986

Change-Id: Ia7298a8cf2cb6a601fd86ff2ab640e6b69aa92b8
 2022-03-16 09:29:16 +00:00
Adam Shih
bedd866505 reject mnt_vendor_file access in user ROM 
Bug: 224429437
Test: android.security.cts.SELinuxHostTest#testNoBugreportDenials
Change-Id: I318f11866f7b9c6cc0b7ecf151f789f35ab290cd
 2022-03-16 14:08:09 +08:00
Denny cy Lee
5133ffe91f Sepolicy: add pixelstats/HardwareInfo sepolicy am: 38c2803c54 am: cf97709e3e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118585

Change-Id: I4b166d6ca643ecd09329c6f5ee193556bc998367
 2022-03-15 03:40:06 +00:00
Darren Hsu
3b308e0f73 sepolicy: reorder genfs labels for system suspend am: 6d25430600 am: ef2662e4b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149073

Change-Id: Id0bbcf19bf7bb4f99467e4cc708d48d0d435f30c
 2022-03-15 03:39:57 +00:00
Denny cy Lee
cf97709e3e Sepolicy: add pixelstats/HardwareInfo sepolicy am: 38c2803c54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118585

Change-Id: I4188f44a34d19106ddfa4664d38e0950a4d9dcfc
 2022-03-15 03:16:24 +00:00
Denny cy Lee
1c087c848d Sepolicy: add pixelstats/HardwareInfo sepolicy am: 38c2803c54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17118585

Change-Id: Ida863d602f166dddecfd540eb354c38a8ebd0c09
 2022-03-15 03:16:12 +00:00
Darren Hsu
ef2662e4b8 sepolicy: reorder genfs labels for system suspend am: 6d25430600 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149073

Change-Id: I1d560b9316d343a6354704b1602643880fd20882
 2022-03-15 03:15:39 +00:00
Darren Hsu
356fb92bb2 sepolicy: reorder genfs labels for system suspend am: 6d25430600 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17149073

Change-Id: Id01fb5bad47786a03ef5562f14d7df6dc6856448
 2022-03-15 03:15:02 +00:00
Denny cy Lee
38c2803c54 Sepolicy: add pixelstats/HardwareInfo sepolicy 
avc denials to fix (after apply ag/17120763)
[   50.171564] type=1400 audit(1647222380.884:28): avc: denied { read } for comm="pixelstats-vend" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
[   54.519375] type=1400 audit(1647222385.228:29): avc: denied { read } for comm="id.hardwareinfo" name="battery_history" dev="tmpfs" ino=639 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0 app=com.google.android.hardwareinfo

Bug: 222019890
Test: manually check debug logcat
Change-Id: I0e4f3f3a66783383b0d1327cec4dcd145ae9a7af
 2022-03-15 03:09:18 +00:00
Darren Hsu
6d25430600 sepolicy: reorder genfs labels for system suspend 
Bug: 223683748
Test: check bugreport without relevant avc denials
Change-Id: I295d3dfb96cc87e8faaf16f949918445cc3a0d44
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-03-15 02:52:48 +00:00