Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1515 commits 1 branch 0 tags 63 MiB
Commit graph

264 commits

Author SHA1 Message Date
chungkai
b1177899bd Fix avc denials for powerhal 
Test: boot to home screen
Bug: 214121738
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ic5e14f7c8d321278c2c39797126db930a0dc93f3
 2022-02-09 04:10:28 +00:00
Denny cy Lee
92d0030e6a hardwareinfo: add sepolicy for SoC 
Bug: 208721710
Test: search avc in logcat

Change-Id: I3828d39981666db98e6a34aa70ae39b7f126e495
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2022-02-08 03:33:06 +00:00
Krzysztof Kosiński
b76b5e3872 Add camera HAL sepolicy based on previous chip family. 
The camera HAL code is reused from the previous chip and needs to
perform the same operations as previously, with the following
differences:
- The interrupt affinity workaround may no longer be necessary
  due to image sensor changes, so the ability to set interrupt
  affinity is removed.
- Access to some files that were only present before the APEX
  migration is removed.
- vendor_camera_tuning_file is no longer needed.
- TEE access for face auth is removed for now.

Bug: 205904406
Bug: 205657132
Bug: 205780186
Bug: 205072921
Bug: 205657133
Bug: 205780065
Bug: 204718762
Bug: 207300298
Bug: 209889068
Bug: 210067468
Test: Ensure that the policy builds; I don't have access to target
      hardware at the moment.

Change-Id: Ia70b98d4e1f3a156a5e719f0d069a90579b6a247
 2022-01-27 15:36:30 +00:00
Ted Lin
2e64171fe1 Remove the tracking for regmap read on hardwareinfo 
Bug: 208909060
Test: adb bugreport
Change-Id: Id81634ccf58a984e8b9ac54e400a1f8035b1304a
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-01-26 08:08:54 +00:00
TeYuan Wang
0f6ba3f806 remove thermal_link_device tracking_denials rules 
we remove the thermal zone policy change by ag/16713094,
so we do not need this tracking_denials rules anymore

Bug: 202907037
Test: no avc denied log found
Change-Id: I5fe8b0d94c9fddac02e92fcd611b7098f0e68971
 2022-01-26 02:41:03 +00:00
Jinting Lin
6c24e3f9ba sepolicy: fix avc denied for logger app 
Bug: 205202541
Bug: 205779798
Bug: 207062780
Bug: 206045604
Bug: 207571546
Bug: 207431041
Bug: 208721679

Test: flash forrest build, no avc denied log on logger app

Change-Id: I6be694f727d619ba89eaa4d006c74ba4dc582095
 2022-01-25 08:16:48 +00:00
Adam Shih
c050b66976 update error on ROM 8101782 
Bug: 215649341
Bug: 215649571
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I1469117c6b9479fe40aa16975b00bcbe23ced015
 2022-01-24 03:56:22 +00:00
Darren Hsu
89f14a9496 sepolicy: allow PowerStats HAL to access below sysfs 
aoc, acpm_stats, cpu, edgetpu, iio_devices, odpm, wifi and ufs

(All avc logs are listed in b/207598247#comment2)

Bug: 207062210
Bug: 207571335
Bug: 207720720
Bug: 207598247
Test: dump power stats with no relevant avc error
Change-Id: I9c99af2d06461a2f86ef02d76b3aa8ea669e58e9
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-01-24 02:05:11 +00:00
Darren Hsu
a7e3b39ca4 sepolicy: allow PowerStats HAL to call BT HAL 
Bug: 205904367
Test: dump power stats with no relevant avc error
Change-Id: Idc7ecbc7e3571011c8c12c421bdce0015e78135f
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-01-24 02:04:21 +00:00
William Tai
492f8a39f4 allow android.hardware.power.stats-service.pixel to access sysfs_leds 
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:8): avc: denied { search } for name="backlight" dev="sysfs" ino=69387 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:9): avc: denied { read } for name="state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

Bug: 214473005
Test: no avc denied error during bootup
Change-Id: I5b8a232202a8f1c5b10878c10be9bec3329fb7ad
 2022-01-21 06:14:32 +00:00
Adam Shih
3062ac34cd allow storageproxyd to set itself to system 
Bug: 205904330
Test: boot to home under enforcing mode
Change-Id: I48272f6507f6cdb930f734b86d3b21b0e553cac0
 2022-01-20 14:48:49 +08:00
Adam Shih
26778aff7b be able to dump camera info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I90a4c971c50290c38f7913dc18404daf0270b907
 2022-01-20 14:17:00 +08:00
Adam Shih
f56dba1b24 be able to dump CPU info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I14abe138b6ad4a842edb143318cc5d867d575ec3
 2022-01-20 14:11:25 +08:00
Adam Shih
36dc06e08a be able to dump debugfs info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I4f7fc7a8f0029f1c1f398403d938bd6b7b96a43e
 2022-01-20 11:12:06 +08:00
Adam Shih
8209221242 be able to run usf dump binary 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I83687a284c4a27e723e31ce19edd2cbceaa69ab8
 2022-01-20 11:12:06 +08:00
Adam Shih
f6dd48e07b be able to dump modem silent log 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Iec520b21d904fa4119a4111fe4de659c28634826
 2022-01-20 11:12:06 +08:00
Adam Shih
0e96eb0865 be able to dump rfsd info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Idbe125d76392a8c04b3fa5f475e0c3aa2f9a199c
 2022-01-20 11:12:06 +08:00
Adam Shih
43d7a148d5 be able to dump GPS 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ied6d86090e3ae29c0b49c4880a515669940c5706
 2022-01-20 11:12:06 +08:00
Adam Shih
bfe1d014a2 be able to dump chip id 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ie539ab9afac80ea58e418a6fbe503ad822299b3f
 2022-01-20 11:12:06 +08:00
Adam Shih
8518e2e1ce be able to dump wireless charging info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ie4e19a322a312e183e23197f600a527ee5ceed4d
 2022-01-20 11:12:06 +08:00
Adam Shih
75ad9a3fcc be able to dump exynos info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I72ca4c8715130558d8dd3dccbf941dde6b9f064e
 2022-01-20 11:12:05 +08:00
Adam Shih
93000fdd06 be able to dump aoc info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I60cb5cce8b6cb7e417ee3efdeceeaafc2f071dfa
 2022-01-20 11:12:05 +08:00
Adam Shih
2417726674 be able to dump crashinfo 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Id01348da754d39f36262a7757d8c65ee746032c3
 2022-01-20 11:12:05 +08:00
Adam Shih
dee839cecd be able to dump thermal 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I6f8e2ce3b64220efba4172ef6fe05cc3fdbb6cf3
 2022-01-20 11:12:05 +08:00
Adam Shih
f884bc1f19 be able to dump wifi info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I3d0c257a20cfd6da6572cd01e76416dfa56c3c23
 2022-01-20 11:12:05 +08:00
Adam Shih
e8da0e146f be able to dump bcl in userdebug ROM only 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Id8127d495ff1b332284beda1e411b2327ec8625f
 2022-01-20 11:12:05 +08:00
Adam Shih
db22459b69 be able to dump battery info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I3705ee59b37d34c7d676943ca8f0c9995ef0262e
 2022-01-20 11:12:05 +08:00
Adam Shih
7717461bb2 be able to dump acpm 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I2435fea779977313e2f731733463c5c4313fda3c
 2022-01-20 11:12:05 +08:00
Adam Shih
7897e0f6ca Be able to dump ramdump info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I0cd8ca483df669505f11ff6fdd19cc15cb9959e1
 2022-01-19 05:38:52 +00:00
Adam Shih
03fbacc6ac Be able to dump radio info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I6a83029e9e0d0c42892b64a8acfa60cc514efba9
 2022-01-19 05:38:52 +00:00
Adam Shih
f72d021bd0 Be able to dump modem info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I0b9384ec4ddda5d3d49a451c529c03fc4d53da8f
 2022-01-19 05:38:52 +00:00
Adam Shih
5b00a6c8a2 Be able to dump logbuffer 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ieae4d64b497e911a6c8048f789e364cd1b9d2f4b
 2022-01-19 05:38:52 +00:00
Adam Shih
b8053f6b6e Be able to dump citadel info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I4f76a17004b81adbddeb7557e50f488b471aa3c7
 2022-01-19 05:38:52 +00:00
Adam Shih
11d9e265ee be able to dump aoc device 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Icbb2364638dbabe9bcccd744413d5c679b35d058
 2022-01-19 05:38:52 +00:00
Adam Shih
b2f810f9dd sort tracking file to review it easily 
Bug: 208909124
Bug: 208721677
Test: boot with no relevant error when taking a bugreport
Change-Id: I5dc5d5cdbae329372f58f056dcf10e205ee7e02a
 2022-01-18 08:30:45 +00:00
Adam Shih
72a1bebd3d update error on ROM 8088139 
Bug: 215042694
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I741e1e101f050fe915142ec1699d2bbc553f14d7
 2022-01-18 05:42:55 +00:00
Matt Buckley
59a7bf0bb7 SEPolicy access issue for hal_graphics_composer_default should be fixed 
with ag/16631829

Bug: b/214473134
Test: pts-tradefed run pts -m PtsSELinuxTest

Change-Id: Id790bbfb9db534b86c4c5ae4564cfb2d5771ec4b
 2022-01-17 20:51:58 +00:00
Adam Shih
56df08e495 fix dumpstate permission 
Bug: 208721809
Test: run bugreport under enforcing mode and found  no relevant errors
Change-Id: I106d95fd01b321af815ef8e580305702be716021
 2022-01-17 14:54:54 +08:00
Adam Shih
d9a2fb8506 grant systemui app access to touch service 
Bug: 204718221
Test: boot with no relevant error
Change-Id: Ic320cf682e481522ef9acad6c4eb63891c84c80c
 2022-01-17 11:20:07 +08:00
Adam Shih
0b322cac3d make GPU mali firmware accessible 
Bug: 205779849
Test: boot with no relevant log.

Change-Id: I0cc1c1f84df44b5fbed239d6771937f62861bdb2
 2022-01-17 02:11:39 +00:00
Xu Han
9633922461 Fix rlsserive selinux denials 
Bug: 213817228
Test: check "avc denied" log with camera streaming.
Change-Id: Id255ffab3ca145cb0708b701e2afccdcd76ef4ea
 2022-01-14 10:22:40 -08:00
Adam Shih
22786d49a4 update error on ROM 8078837 
Bug: 214473134
Bug: 214473005
Bug: 214473093
Bug: 214472867
Bug: 214472869
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8a84883655b6b259b0079d947496616974beb944
 2022-01-14 05:44:13 +00:00
Siddharth Kapoor
8b241f5c35 Update selinux for init-insmod-sh needed for gpu probe 
Bug: 207062151
Test: related avc denials not noticed in the device logs
Change-Id: I87ff2251fd7d92f8b0eb3fac43889758788b702f
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2022-01-14 04:24:52 +00:00
chloedai
f442239ffd Remove nfc.te 
type=1400 audit(0.0:186): avc: denied { transfer } for
scontext=u:r:nfc:s0 tcontext=u:r:zygote:s0
tclass=binder permissive=1

type=1400 audit(1636594745.812:186): avc: denied { transfer } for
comm="Binder:2617_2" scontext=u:r:nfc:s0  tcontext=u:r:zygote:s0
tclass=binder permissive=1

Bug: 205904208
Test: Run test and check "avc: denied { transfer }" error in avc log
Change-Id: I38f396de7d18eb32cc1c6ff6b30ee51122f4c3b0
 2022-01-13 13:00:14 +00:00
linpeter
72dc78222f update display sepolicy 
Bug: 205073165
Bug: 205656937
Bug: 205779906
Bug: 205904436
Bug: 207062172
Bug: 208721526
Bug: 204718757
Bug: 205904380
Bug: 213133646

test: check avc denied with hal_graphics_composer_default, hbmsvmanager_app
Change-Id: I964a62fa6570fd9056b420efae7bf2fcbbe9fc9f
 2022-01-12 08:10:50 +00:00
Adam Shih
673d412421 update error on ROM 8069652 
Bug: 214121738
Bug: 214122471
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8db4e1c7d5a2cf50798c63a3a1eda0fa82b89f5a
 2022-01-12 11:14:35 +08:00
Ray Chi
9b8f698ee8 Fix avc denials for USB hals 
Bug: 205073230
Bug: 207062542
Bug: 208527968
Test: no avc log for hal_usb_impl
Change-Id: I840d8cb69ed9189f2697d13ae43b4bdeb25cd616
 2022-01-10 18:33:56 +08:00
Adam Shih
af12430ab3 update error on ROM 8058425 
Bug: 213817227
Bug: 213817228
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8d4eaf583b7b012e55705eb99684f97af2dd611f
 2022-01-10 06:56:02 +00:00
yawensu
4f08892ca1 Fix SELinux errors for vendor_rcs_service_app 
avc:  denied  { find } for pid=2194 uid=10193 name=isub scontext=u:r:vendor_rcs_service_app:s0:c193,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1

Bug: 205779869
Test: Manual.
Change-Id: I8589a0178500ee4ced318fbb487aad585758a3f3
 2022-01-10 11:22:15 +08:00
Jaegeuk Kim
5134bb2094 Revert converting ext4 to f2fs 
Revert the below commits:

commit bf900e2ae5 "allow to convert /efs to f2fs"
commit 54b0addb16 "convert_to_f2fs.sh: add sepolicy"

And, tracking_denials WA.

Bug: 207031989
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Id3dd1c5b8cad962845fd7a88b9069315819e5f3d
 2022-01-06 16:44:08 +00:00