Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1066 commits 1 branch 0 tags 63 MiB
Commit graph

1066 commits

This branch
This branch
All branches
Author SHA1 Message Date
Roger Fang
35112bba62 [DO NOT MERGE] sepolicy: add permission for CCA rate of pixelstats-vend 
pixelstats-vend: type=1400 audit(0.0:7): avc: denied { read } for name="cca_rate_read_once" dev="sysfs" ino=100809 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 249225148
Test: Manually test passed

Change-Id: I802b79417cd9ce23386bb62eccb151610bfb8ac1
Signed-off-by: Roger Fang <rogerfang@google.com>
 2022-11-08 09:53:37 +00:00
George Lee
0cdf1cfe9b betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] am: 40be3818e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20395514

Change-Id: Idff494bb1f32381d8a1db0dd137d5abe06f2a77e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-07 04:50:02 +00:00
George Lee
40be3818e1 betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] 
Added mediaserver sepolicy for betterbug

Bug: 237287659
Test: Run same video capture on Betterbug to confirm video can be
captured.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
 2022-11-05 18:45:08 +00:00
Star Chang
f7f9aa1304 Add sepolicy for TWT to dumpstate am: f9552297fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20118653

Change-Id: I7bb658e06b8e95be2933ac4ae45bd2e0208a851e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-04 02:10:03 +00:00
Star Chang
f9552297fa Add sepolicy for TWT to dumpstate 
Bug: 253348062
Test: dump bugreport ok
Signed-off-by: Star Chang <starchang@google.com>
Change-Id: I0958fef496302df3f5e6e188f15117de78988a62
 2022-11-04 01:31:19 +00:00
Puma Hsu
ea1be0c069 Add xhci-hcd-exynos.6 wakeup path for suspend_control am: 9877742035 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20288288

Change-Id: I2083d21b860b0c6179427cd9972eafe47f292db1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 15:09:41 +00:00
Puma Hsu
9877742035 Add xhci-hcd-exynos.6 wakeup path for suspend_control 
Bug: 255270480
Test: verified with forrest test build
Change-Id: I5e2eed4d5e20361d86f6d6be8c92ca337e4ee004
Signed-off-by: Puma Hsu <pumahsu@google.com>
 2022-11-02 07:39:53 +00:00
Amith Dsouza
7fa80e3581 Fix untracked SELinux denials on boot am: be2e1b2ede am: 5653e43b44 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: I6300bd318ffdfad334caa60b5e0ea286d0d503c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 04:49:26 +00:00
Amith Dsouza
5653e43b44 Fix untracked SELinux denials on boot am: be2e1b2ede 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: Ic521a8ea94ec22b17bf4a327c8244d0d04c269e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 04:07:20 +00:00
Amith Dsouza
be2e1b2ede Fix untracked SELinux denials on boot 
Error:
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:platform_app:s0:c512,c768 pid=2641 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 254453654
Test: Flash device, rebuild driver blobs, check logs after boot

Change-Id: I43d524f781c1dda1d3d5291f661bc549fdbb99d6
 2022-11-02 00:55:45 +00:00
pointerkung
4d803ef7d6 Add required sepolicy rule for Camera am: 0810814b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20137924

Change-Id: I520c8b5c9321a87009f430bc673eb84fb9e3a9bf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 12:18:53 +00:00
pointerkung
0810814b49 Add required sepolicy rule for Camera 
Grant access for TNR max_freq to let libperfmgr can control it via powerhint.

Bug: 243729855
Test: Build pass, GCA, Control TNR max_freq via powerhint
Change-Id: I8f8faa360d9908afe3fe0de3c322a2be356b86c8
 2022-11-01 11:33:43 +00:00
Jenny Ho
fbec30a349 Add permission for logbuffer_bd am: 441a3ad3ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20089144

Change-Id: I627644e45a2c28d6af8dd6e9493de8577bbcaee8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 06:08:54 +00:00
Jenny Ho
441a3ad3ef Add permission for logbuffer_bd 
Bug: 242679204
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ie5c9829ee1a4980689c933273a273f1f4ac612b6
 2022-11-01 05:34:18 +00:00
George Lee
0511a5b342 betterbug: Update selinux policy for betterbug am: d1e0b924ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20276308

Change-Id: I2445a6fda2fdca67b38040ea5dac95d30136b070
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-31 17:08:15 +00:00
George Lee
d1e0b924ae betterbug: Update selinux policy for betterbug 
Update startup_bugreport_requested property to vendor_public for
betterbug to access.

Bug: 237287659
Test: Load Betterbug for accessing startup bugreport reason property
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Idc07e3f4ce425c0167654743fbe1ad8b7ece5e15
 2022-10-31 16:30:39 +00:00
eddielan
234029f1cf fingerprint: Allow fingerprint to access thermal hal am: ba0eb551e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19694493

Change-Id: I4f916181746334cc68e8ed0778e95e56e427294d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-28 16:46:11 +00:00
eddielan
ba0eb551e9 fingerprint: Allow fingerprint to access thermal hal 
SELinux : avc:  denied  { find } for interface=android.hardware.thermal::IThermal
sid=u:r:hal_fingerprint_default:s0 pid=1064
scontext=u:r:hal_fingerprint_default:s0
tcontext=u:object_r:hal_thermal_hwservice:s0
tclass=hwservice_manager permissive=0

Bug: 243115023
Test: make selinux_policy -j128
Test: Check avc log on device
Change-Id: Ida1b18536468df11be5bf44fb6fb79b03a35f4b9
 2022-10-28 15:14:35 +00:00
Lucas Wei
5db7e8bdef SEPolicy: Don't audit search regmap by kernel am: 939d05cbf8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20108831

Change-Id: I890491b2994a2b703f8e85346191d9f4baf08eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-24 09:53:52 +00:00
Lucas Wei
939d05cbf8 SEPolicy: Don't audit search regmap by kernel 
Bug: 247948906
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: I8886b5c3790036a9fe2d1ed8f524a0555b900dbb
Merged-In: I8886b5c3790036a9fe2d1ed8f524a0555b900dbb
 2022-10-24 09:07:14 +00:00
Martin Liu
0a8aa66a1d allow vendor_init to acces watermark_scale_factor am: 19419cbdb3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20189607

Change-Id: Ie052c7b8c7a34ea7bd652fa56a1563506592f814
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-19 21:15:14 +00:00
Martin Liu
19419cbdb3 allow vendor_init to acces watermark_scale_factor 
Bug: 251881967
Test: boot
Signed-off-by: Martin Liu <liumartin@google.com>
Change-Id: I0840cf19f9c3120aaacc49de751fdd0a55aebf5f
 2022-10-19 20:33:22 +00:00
Krzysztof Kosiński
36df3f715f Use generic wildcard for vendor libprotobuf. 
The suffix changes on each upgrade and the newest release uses
a two-part version number instead of a three-part one. Use a regex
that will match any suffix.

Bug: 203713560
Test: presubmit, log check
Change-Id: I7a3357d11c162a9bc24196bb232f58be9ba062ec
 2022-10-14 17:18:38 +00:00
George Lee
31783a9f98 pixelstats: add bcl directory permission am: 5c48a90285 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20192928

Change-Id: Ibf3a806221d01fc7ccfd0dcf16ca933b40e4e78f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 16:51:47 +00:00
George Lee
5c48a90285 pixelstats: add bcl directory permission 
Bug: 253522156
Test: Local test
$>cmd stats print-logs
$>logcat | grep <atom id>

Signed-off-by: George Lee <geolee@google.com>
Change-Id: I934f6efb043893666dac88257619556e30d82751
 2022-10-14 15:57:59 +00:00
George Lee
87e5ce6250 betterbug: Add selinux policy for betterbug am: 39ffb227b3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20188753

Change-Id: Ifda87221614295b1bd9aafafa78c212cdd49a358
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 05:55:15 +00:00
George Lee
39ffb227b3 betterbug: Add selinux policy for betterbug 
Enable Betterbug to read reboot reason such that Betterbug can file
bugreport when *uvlo* or *ocp* is found within reboot reason.

Bug: 237287659
Test: Load Betterbug for accessing boot reason property
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Id699be34d2e060ee7827737982403fd58f133c4a
 2022-10-13 23:44:06 +00:00
George Lee
7bdbe0b215 bcl: Remove unused brownout boot reason sepolicy am: 083ba62902 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20191486

Change-Id: I7028903ecaac63a7579b0dcc1415076e0d0412df
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 23:25:35 +00:00
George Lee
083ba62902 bcl: Remove unused brownout boot reason sepolicy 
vendor_brownout_boot_reason was added under previous change.  It should
be added as part of follow on change to enable metric collection.

Bug: 246817058
Test: Confirm brownout_boot_reason non existent
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I1fed12e851750314f53a0d6517a9eff92c44e247
 2022-10-13 12:52:20 -07:00
George Lee
2c91c54d7b bcl: Add brownout boot reason sepolicy am: b72e47e1b0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20152240

Change-Id: Ieefdd8f7a446e51854835ae3bcfd0607f86ae49f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 18:31:54 +00:00
George Lee
b72e47e1b0 bcl: Add brownout boot reason sepolicy 
Lastmeal.txt may be generated from after device rebooted from IRQ
triggering.  By applying limit on the time when it generates,
lastmeal.txt will not be generated after device rebooted.

Bug: 246817058
Test: Confirm lastmeal.txt generation
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I02515fc452dbfa5c8a40041cbb8731664dace62e
 2022-10-12 19:59:58 -07:00
George Lee
ae51ebfd98 bcl: Add mitigation ready device sepolicy am: 2260099ad3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20123277

Change-Id: I5b1cd5209a52bacd524e2489bef2af866a258f4f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-10 20:15:58 +00:00
George Lee
2260099ad3 bcl: Add mitigation ready device sepolicy 
Instead of relying on vendor.thermal.link_ready property to gate write
to BCL's SYSFS node, adding mitigation ready SYSFS so that writes to
BCL's SYSFS node would not cause NULL pointer dereference.

Bug: 249130916
Test: Confirm property vendor.brownout.mitigation.ready is set
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I1b21a1c745e7e17f78e9d4c001032dd2c46673cf
 2022-10-10 19:49:34 +00:00
Vova Sharaienko
ac2e9dd662 hal_health_default: updated sepolicy am: bdf3d6abcc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20041334

Change-Id: I83ea07dbbc51fe7729172ff7e688795df312c25d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 17:17:27 +00:00
Vova Sharaienko
bdf3d6abcc hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 237639591
Bug: 249827340
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I71013c0b17ee5e526387efa0afb823f97775e572
(cherry picked from commit 87bc6d189d)
Merged-In: I71013c0b17ee5e526387efa0afb823f97775e572
 2022-09-30 16:43:46 +00:00
Kyle Tso
e9137ca867 Set sepolicy for shell script of disabling contaminant detection am: c18eea71d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20064568

Change-Id: I910ec6dd06d432adb2de2f28cb49a663416b9b4b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 09:04:31 +00:00
Kyle Tso
c18eea71d7 Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 244658328
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
Merged-In: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
 2022-09-29 13:33:28 +00:00
Sayanna Chandula
560dbcff4b thermal: enable pixelstats access to thermal metrics am: cbb62de10c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19706085

Change-Id: I9c3b9a0a241dd0584bbcf8eb8ad1176526052d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-23 20:17:52 +00:00
Sayanna Chandula
cbb62de10c thermal: enable pixelstats access to thermal metrics 
Allow pixelstats daemon to access thermal metric nodes

Bug: 228247740
Test: Build and boot on device. Check thermal stats
Change-Id: Iada717b92782bc9c085928462b2e06d2db136cab
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2022-09-23 19:48:41 +00:00
jintinglin
b49b1ca9a7 Allows modem_svc to read the logging related properties am: 5acc68de3b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19981021

Change-Id: I53be3006909eeb6fa4938ceecca1299c1905412c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-22 15:35:43 +00:00
jintinglin
5acc68de3b Allows modem_svc to read the logging related properties 
avc: denied { read } for comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=347 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 243039758
Change-Id: Ib3031552faf03771f86e72e7dbd81c3610c518cc
 2022-09-22 08:15:23 +00:00
Jinhee.k
324f9b569d sepolicy: allowed permissions required for network access am: 37c32d672f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19968207

Change-Id: Idf4da54e99fa914f9297da048dec7816b0efd44d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-20 01:00:41 +00:00
Jinhee.k
37c32d672f sepolicy: allowed permissions required for network access 
: add permission to allow create, connect udp socket
Apply to add network access permissions

Bug: 242231557
Test: Verified no IMS exception and avc denied
Change-Id: I4a4bd1efb22b5538b1679aad8f543d00203e0b48
Signed-off-by: Jinhee.k <jinhee.k@samsung.com>
 2022-09-19 01:41:34 +00:00
Sherry Luo
fabbfe62fa Add network permissions for debug camera am: 9dd930e4c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19914967

Change-Id: I73f2cf441f2e52e5246074693d65a3cb6a5da3bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 18:48:22 +00:00
Sherry Luo
9dd930e4c2 Add network permissions for debug camera 
Noticed that Estrella upload failing w/
   java.lang.SecurityException: Permission denied (missing INTERNET
   permission?)

Followed investigation in b/230434151. Verified that upload working once
this change is flashed.

Test: Flash build w/ local change
Test: Take a picture and upload using Estrella
Test: Verify that the upload succeeded

BUG=245995782

Change-Id: I505af355f25e9063927c946ee8af21de25758ef1
 2022-09-15 18:16:58 +00:00
Estefany Torres
9b1caac1d7 Add rules for letting logger app send the command to ril am: 6cb9f4e623 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19913309

Change-Id: Id2362cefd0aac3af1709d008bc1a102baeb16975
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 14:35:08 +00:00
Estefany Torres
6cb9f4e623 Add rules for letting logger app send the command to ril 
08-31 23:40:57.354   458   458 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c252,c256,c512,c768 pid=2901 scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
09-01 00:08:19.600  2881  2881 W oid.pixellogger: type=1400 audit(0.0:10): avc: denied { call } for scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.android.pixellogger

Bug: 241412942
Test: tested on C10 with pixel logger change
Change-Id: I845eefc609be2b7fbc22c9b37d1eb2b3195e014f
 2022-09-15 14:09:05 +00:00
Chungjui Fan
9a70ccc6d6 Add sepolicy of dumping LED file in dumpstate am: aa55cb6f2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19893210

Change-Id: Idb5424850f53d62e971faa9a208eaaf9e8731942
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-14 03:34:32 +00:00
Chungjui Fan
aa55cb6f2e Add sepolicy of dumping LED file in dumpstate 
Bug: 242300919
Change-Id: I14b0af18244c4a71fd7908fdb35e2e86354e02e0
 2022-09-14 02:59:20 +00:00
Jeffrey Carlyle
686c24a38f dck: allow st54spi devivce to be accessed by recovery and fastbootd am: a658683689 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19754910

Change-Id: Ic69198e22d963c26f9994689d0818bcf6e45d80f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 22:35:51 +00:00