Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2599 commits 1 branch 0 tags 63 MiB
Commit graph

2599 commits

This branch
This branch
All branches
Author SHA1 Message Date
chenkris
a8fbbdb7d7 gs201: Add selinux permission for fth 
Fix the following avc denials:
avc:  denied  { open } for  path="/dev/fth_fd" dev="tmpfs" ino=1575 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
avc:  denied  { read } for  name="wakeup96" dev="sysfs" ino=101698 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0

Bug: 383048849
Test: ls -lZ /sys/devices/platform/odm//odm:fps_touch_handler/wakeup
Test: authenticate fingerprint
Flag: EXEMPT NDK
Change-Id: I0516b20ea21a4aed33026b9af4a3dae6bc8defd4
 2024-12-12 18:36:53 -08:00
Nina Chen
e41a25055a Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 383438008
Flag: EXEMPT sepolicy
Change-Id: Ia2eb5910086ad0ee92d655ab39948eb47d262158
 2024-12-11 05:34:14 +00:00
Eileen Lai
d1f806c78b modem_svc: move shared_modem_platform related sepolicy to gs-common 
Bug: 372400955

Change-Id: I3e19432ab7cf6b18b277a877d1cdbc9ebf687af9
Flag: NONE local testing only
 2024-12-09 15:09:16 +00:00
Nina Chen
438a3edc88 Update SELinux error 
copy bug_map entry from gs201

Test: SELinuxUncheckedDenialBootTest
Bug: 383013727
Flag: EXEMPT sepolicy
Change-Id: I78e6c558e24cc0c444143510470151ebb3c258af
 2024-12-09 11:40:41 +08:00
Dinesh Yadav
a3d0621213 Allow tachyon service to make binder calls to GCA 
This permission is needed for tachyon service to call callbacks.

AVC Error seen when tachyon tries accessing GCA:
12-02 11:40:03.212  6987  6987 W com.google.edge: type=1400 audit(0.0:17): avc:  denied  { call } for  scontext=u:r:edgetpu_tachyon_server:s0 tcontext=u:r:google_camera_app:s0:c145,c256,c512,c768 tclass=binder permissive=0
12-03 07:12:26.424  4166  4166 W com.google.edge: type=1400 audit(0.0:254): avc:  denied  { call } for  scontext=u:r:edgetpu_tachyon_server:s0 tcontext=u:r:debug_camera_app:s0:c67,c257,c512,c768 tclass=binder permissive=0

Bug: 381787911
Flag: EXEMPT updates device sepolicy only
Change-Id: I0913bafb24f02de9090e2d02011287e4deab0d4f
 2024-12-06 16:20:35 +00:00
Nina Chen
8059774fe7 Update SELinux error 
Flag: EXEMPT sepolicy
Test: SELinuxUncheckedDenialBootTest
Bug: 382362323
Bug: 360057889
Change-Id: Ic2a2c36368039b4d95ddb9b58b630267c33660a1
 2024-12-05 06:44:08 +00:00
Xin Li
06d7b10018 [automerger skipped] Merge ab/AP4A.241205.013 into aosp-main-future am: 43ea2028f4 -s ours 
am skip reason: Merged-In Ie4637b1295975c716f50333ad6635b9694a624b8 with SHA-1 315cc63557 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/30626047

Change-Id: I91846bad8f7fb9fe540e8651f7700b694bdb7247
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-12-03 18:22:03 +00:00
Nina Chen
0c22beaf9c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 381326452
Flag: EXEMPT sepolicy
Change-Id: I02cc7a8054c274c7d487c42366270b815b7a759f
 2024-11-28 02:58:59 +00:00
Xin Li
43ea2028f4 Merge ab/AP4A.241205.013 into aosp-main-future 
Bug: 370570306
Merged-In: Ie4637b1295975c716f50333ad6635b9694a624b8
Change-Id: I68e81282aa22934dbd33ac5c9d751954e09bca17
 2024-11-27 12:53:10 -08:00
Liana Kazanova (xWF)
2c027c6288 Revert "modem_svc: move shared_modem_platform related sepolicy t..." 
Revert submission 30519089-move_modem_sepolicy

Reason for revert: DroidMonitor: Potential culprit for http://b/380274930 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.

Reverted changes: /q/submissionid:30519089-move_modem_sepolicy

Change-Id: I90d720b8bf396f3785c00e9cfa67f55a62a020b2
 2024-11-21 17:53:59 +00:00
Eileen Lai
1b9fcdf1af modem_svc: move shared_modem_platform related sepolicy to gs-common 
Bug: 372400955 

Change-Id: Ibcdc907b7fe4e8efcbd3217700b4c62873cd124d
Flag: NONE local testing only
 2024-11-20 08:20:38 +00:00
Boon Jun
cde7e1417d Update ldaf sensor device filename 
LDAF sensor device filename changed after kernel upgrade
from v5.10 to v6.1 in some of our in-market devices.
We need to update the device filename to access the LDAF
with this new kernel version.

Bug: 378045567
Test: Open camera, and observe available LDAF sensor in logs
Flag: EXEMPT bugfix
Change-Id: I92313633fc31928ae4f3485c7e49cdd257e1c7bc
 2024-11-18 03:36:18 +00:00
Nina Chen
edc0829d75 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 379246129
Bug: 379245515
Bug: 379245738
Flag: EXEMPT NDK
Change-Id: I20793d45a89b56ecea82f425f90800d66eacfb42
 2024-11-15 11:01:56 +00:00
Nina Chen
4f11538015 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 379206608
Bug: 379206941
Flag: EXEMPT NDK
Change-Id: Ib636252a3a8eb38a56099b4e6ea14a5a4e341b4d
 2024-11-15 06:54:06 +00:00
Xin Li
43841a5ac7 [automerger skipped] Merge 24Q4 (ab/12406339) into aosp-main-future am: b51482ba59 -s ours 
am skip reason: Merged-In If78bc951a9a4cfc223d01970ca6819fe2b5c6335 with SHA-1 077e59c64f is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/30285389

Change-Id: I04bdd83048f45546e42be187d10433d2a17a62d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-11-13 23:27:05 +00:00
Spade Lee
8b6e654781 sepolicy: allow dump_power to read battery_history_device 
avc:  denied  { open } for  path="/dev/maxfg_history" dev="tmpfs" ino=1235 scontext=u:r:dump_power:s0 tcontext=u:object_r:battery_history_device:s0 tclass=chr_file permissive=0
avc:  denied  { read } for  name="maxfg_history" dev="tmpfs" ino=1250 scontext=u:r:dump_power:s0 tcontext=u:object_r:battery_history_device:s0 tclass=chr_file permissive=0

Bug: 377895720
Flag: EXEMPT bugfix
Test: /dev/maxfg_history correctly dumped
Change-Id: I766f8a21468370e69a7c11b028b2326434ad2380
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-11-07 17:41:04 +00:00
Nina Chen
d2f8dde307 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 377811773
Flag: EXEMPT NDK
Bug: 377781394
Change-Id: I6e2361b6b3500773a5cd8e5c98905a3f50513472
 2024-11-07 06:39:10 +00:00
Xin Li
b51482ba59 Merge 24Q4 (ab/12406339) into aosp-main-future 
Bug: 370570306
Merged-In: If78bc951a9a4cfc223d01970ca6819fe2b5c6335
Change-Id: I83107cc2d5b9ee104b9a5a3bf2c15c3e5f1fa3e2
 2024-11-06 10:31:19 -08:00
Spade Lee
491a1ccb19 sepolicy: allow dump_power to read debugfs 
11-01 11:59:42.836 11781 11781 W dump_power: type=1400 audit(0.0:46): avc:  denied  { search } for  name="usb" dev="debugfs" ino=2059 scontext=u:r:dump_power:s0 tcontext=u:object_r:vendor_usb_debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:47): avc:  denied  { search } for  name="google_battery" dev="debugfs" ino=18509 scontext=u:r:dump_power:s0 tcontext=u:object_r:vendor_battery_debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:48): avc:  denied  { read } for  name="maxfg" dev="debugfs" ino=16428 scontext=u:r:dump_power:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:49): avc:  denied  { read } for  name="/" dev="debugfs" ino=1 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:50): avc:  denied  { read } for  name="/" dev="debugfs" ino=1 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
11-01 11:59:42.844 11781 11781 W dump_power: type=1400 audit(0.0:51): avc:  denied  { read } for  name="/" dev="debugfs" ino=1 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0

Bug: 376080915
Test: adb bugreport without audit
Flag: EXEMPT bugfix
Change-Id: Ib0a81269edf683428720e6e380f7d7959d71decf
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-11-01 18:04:05 +00:00
Thiébaud Weksteen
1b64d05d93 Remove duplicate service entries 
These entries are defined in the platform policy.

Flag: EXEMPT bugfix
Bug: 367832910
Test: TH
Change-Id: I9e06b0c95330afa22da324e3669121d4477baa2f
 2024-10-17 02:58:49 +00:00
Krzysztof Kosiński
6497d42557 Revert "Update SELinux error" 
This reverts commit ce5420fdf4.

Reason for revert: Caused by b/372347927, relevant CL was reverted

Change-Id: Ifa42eb30ad3baa1b9f4b94c191bdce4901f9a135
Fix: 372360090
 2024-10-16 19:51:08 +00:00
Nina Chen
5000f8a8f9 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Flag: EXEMPT NDK
Bug: 373755350
Change-Id: I3b317eb87c60d150a6cd76a5218808146de5cccd
 2024-10-16 04:00:05 +00:00
Android Build Coastguard Worker
68f8325c91 Merge cherrypicks of ['googleplex-android-review.googlesource.com/29699057'] into 24Q4-release. 
Change-Id: I10f3511aa18c7dfda95eecfc0820afb25a110314
 2024-10-15 23:38:20 +00:00
samou
3f3827410c sepolicy: allow dumpstate to execute dump_power 
10-04 19:36:47.308  7141  7141 I android.hardwar: type=1400 audit(0.0:6974): avc:  denied  { execute_no_trans } for  path="/vendor/bin/dump/dump_power" dev="overlay" ino=91 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6975): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6976): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6977): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6978): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6979): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6980): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.336  7141  7141 I dump_power: type=1400 audit(0.0:6981): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=50604 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:25): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:26): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:27): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:28): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:29): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:30): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:29): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:30): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:31): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:32): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:33): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18792): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18793): avc:  denied  { read } for  name="uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18794): avc:  denied  { open } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18795): avc:  denied  { getattr } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18796): avc:  denied  { search } for  name="8-003c" dev="sysfs" ino=55942 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18797): avc:  denied  { read } for  name="maxfg" dev="sysfs" ino=62568 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18798): avc:  denied  { read } for  name="logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18799): avc:  denied  { open } for  path="/dev/logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6191): avc:  denied  { search } for  name="mitigation" dev="dm-50" ino=3758 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6192): avc:  denied  { read } for  name="thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6193): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6194): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6195): avc:  denied  { search } for  name="mitigation" dev="sysfs" ino=85222 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6196): avc:  denied  { read } for  name="last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6197): avc:  denied  { open } for  path="/sys/devices/virtual/pmic/mitigation/last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6198): avc:  denied  { read } for  name="batoilo_count" dev="sysfs" ino=85287 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:875): avc:  denied  { read } for  name="thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:876): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:877): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:878): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:879): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:880): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:881): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:882): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:883): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:884): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:885): avc:  denied  { open } for  path="/sys/devices/platform/cpupm/cpupm/time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1

Flag: EXEMPT refactor
Bug: 364989823
Signed-off-by: samou <samou@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:315cc63557dfd4367f8aed06858531b21b9ee073)
Merged-In: Ie4637b1295975c716f50333ad6635b9694a624b8
Change-Id: Ie4637b1295975c716f50333ad6635b9694a624b8
 2024-10-15 23:37:24 +00:00
Nick Kralevich
10dbaa11ca convert-to-ext4-sh.te: use su domain instead am: 588e82af38 am: a37bde70e7 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3308857

Change-Id: I37726c7b54dd6ce65828bfb8cbe18f31bd8c7dd7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-10-15 23:25:27 +00:00
Nick Kralevich
a37bde70e7 convert-to-ext4-sh.te: use su domain instead am: 588e82af38 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3308857

Change-Id: Id2d0ae24894dee7321bbfe5f3ee232acf083a652
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-10-15 23:06:48 +00:00
Nick Kralevich
588e82af38 convert-to-ext4-sh.te: use su domain instead 
07af2808d5 (b/239632964) added
security policy support for /system_ext/bin/convert_to_ext4.sh.
This shell script converts f2fs filesystems into ext4 filesystems
on debuggable builds (userdebug or eng) only. Ever since 2022,
the security policy for this shell script has been in permissive
mode, meaning no SELinux rules were being enforced.

  # convert-to-ext4-sh.te
  permissive convert-to-ext4-sh;

In the intervening 2 years, there has been no attempt to move
this domain into enforcing mode. And by now, this script has
likely served its purpose, by converting f2fs /persist filesystems
on engineering builds to ext4, and is probably no longer needed.

This change eliminates the use of the unenforced convert-to-ext4-sh
security domain, preferring instead to use the "su" security domain.
Like convert-to-ext4-sh, the su security domain enforces no rules
on debuggable builds, and is equivalent to traditional root on
desktop Linux systems, or running /system/xbin/su. This change
eliminates unnecessary technical complexity, and unblocks other
hardening changes, such as WIP commit
https://android-review.googlesource.com/c/platform/system/sepolicy/+/3308856

Moving from one permissive domain ("convert-to-ext4-sh") to another
permissive domain ("su") should be a no-op from a security and
functionality perspective.

Test: compiles and builds, passes treehugger.
Bug: 239632964
Change-Id: Ifd628310a923926d1a57b568c7703cb857f0871b
 2024-10-15 10:30:19 -07:00
Eileen Lai
f906b69f95 modem_svc: use shared_modem_platform to replace all modem_svc_sit 
Bug: 368257019

Flag: NONE local testing only
Change-Id: Icc258ce297b5e7ea51fa60aa2ffb09ce99b7ef18
 2024-10-14 07:27:41 +00:00
Nina Chen
ce5420fdf4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 372360090
Bug: 372359823
Bug: 372360278
Flag: EXEMPT NDK
Change-Id: I9d195d35cc58503fc7c17a8fac5fabe66026c24b
 2024-10-09 05:09:08 +00:00
samou
315cc63557 sepolicy: allow dumpstate to execute dump_power 
10-04 19:36:47.308  7141  7141 I android.hardwar: type=1400 audit(0.0:6974): avc:  denied  { execute_no_trans } for  path="/vendor/bin/dump/dump_power" dev="overlay" ino=91 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6975): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6976): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6977): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6978): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6979): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6980): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.336  7141  7141 I dump_power: type=1400 audit(0.0:6981): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=50604 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:25): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:26): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:27): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:28): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:29): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:30): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:29): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:30): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:31): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:32): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:33): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18792): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18793): avc:  denied  { read } for  name="uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18794): avc:  denied  { open } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18795): avc:  denied  { getattr } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18796): avc:  denied  { search } for  name="8-003c" dev="sysfs" ino=55942 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18797): avc:  denied  { read } for  name="maxfg" dev="sysfs" ino=62568 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18798): avc:  denied  { read } for  name="logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18799): avc:  denied  { open } for  path="/dev/logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6191): avc:  denied  { search } for  name="mitigation" dev="dm-50" ino=3758 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6192): avc:  denied  { read } for  name="thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6193): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6194): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6195): avc:  denied  { search } for  name="mitigation" dev="sysfs" ino=85222 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6196): avc:  denied  { read } for  name="last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6197): avc:  denied  { open } for  path="/sys/devices/virtual/pmic/mitigation/last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6198): avc:  denied  { read } for  name="batoilo_count" dev="sysfs" ino=85287 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:875): avc:  denied  { read } for  name="thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:876): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:877): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:878): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:879): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:880): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:881): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:882): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:883): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:884): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:885): avc:  denied  { open } for  path="/sys/devices/platform/cpupm/cpupm/time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1

Flag: EXEMPT refactor
Bug: 364989823
Change-Id: Ie4637b1295975c716f50333ad6635b9694a624b8
Signed-off-by: samou <samou@google.com>
 2024-10-04 16:07:07 +00:00
Wilson Sung
eb84e9c0a4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 369540701
Flag: EXEMPT NDK
Change-Id: Ib5edeaac550562b6bbb5ec35bfce1d6838245c6b
 2024-09-25 12:46:16 +00:00
Nina Chen
3aeae9b99f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 369475655
Flag: EXEMPT NDK
Change-Id: Ic8d895b33d24e998faa00b128cad4bc4fd1e14bf
 2024-09-25 06:30:59 +00:00
Android Build Coastguard Worker
db20648f4a Snap for 12404440 from 077e59c64f to 24Q4-release 
Change-Id: Ic2ca6c000614a4473851aa6fec5ac0e29a84fc61
 2024-09-23 23:02:29 +00:00
Tej Singh
077e59c64f Make android.framework.stats-v2-ndk app reachable 
For libedgetpu

Test: TH
Bug: 354763040
Flag: EXEMPT bugfix
Change-Id: If78bc951a9a4cfc223d01970ca6819fe2b5c6335
 2024-09-20 21:34:56 -07:00
Android Build Coastguard Worker
281f31591f Snap for 12385180 from a5eb284c4a to 24Q4-release 
Change-Id: I39e01825d37f92b2c14e01a6c108e263b5d1847b
 2024-09-18 23:02:01 +00:00
Prochin Wang
a5eb284c4a Change vendor_fingerprint_prop to vendor_restricted_prop 
This is to allow the fingerprint HAL to access the property.

Bug: 366105474
Flag: build.RELEASE_PIXEL_BOOST_DATALAYER_PSA_ENABLED
Test: mm
Change-Id: I5b07acfd7599b099997d46b297e1f7400a9fe478
 2024-09-16 01:45:44 +00:00
Android Build Coastguard Worker
6d21a59566 Snap for 12368321 from c841b33df0 to 24Q4-release 
Change-Id: Ifef90fce78a191b98ec3eca277fc985df5544448
 2024-09-14 01:01:59 +00:00
Nina Chen
c841b33df0 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Flag: EXEMPT NDK
Bug: 366116786
Change-Id: I6d17ac72f8bdcc3fc54d08b7c23a0f5e0fd83d23
 2024-09-13 06:44:56 +00:00
Android Build Coastguard Worker
67dfc514bb Snap for 12342105 from bd7fbe9a02 to 24Q4-release 
Change-Id: I3ba91c871900f02054e824c943fb560e478e7226
 2024-09-09 23:02:01 +00:00
Vic Huang
bd7fbe9a02 [BT] Define vendor_bluetooth_prop 
avc:  denied  { set } for property=persist.vendor.service.bdroid.bdaddr pid=860 uid=1002 gid=1002 scontext=u:r:hal_bluetooth_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0

Bug: 359428216
Test: Forest build
Flag: EXEMPT N/A
Change-Id: I1aeb04e32620b2815db02f34ee40eae94deeed3c
 2024-09-09 05:47:01 +00:00
Android Build Coastguard Worker
bf97c8adf1 Snap for 12337246 from 5df951e8fd to 24Q4-release 
Change-Id: I71172906db30760ec11073d3cdb98054fdeb7155
 2024-09-07 21:01:42 +00:00
Xin Li
5df951e8fd [automerger skipped] Merge 24Q3 to AOSP main am: 06ca871143 -s ours am: 63111cc957 -s ours 
am skip reason: Merged-In I65790202886298f9862d68d65cf794e67db5a878 with SHA-1 9d3f39622c is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3257934

Change-Id: I0cc5ce5d8db326cabb0c0a7944eea178541df2af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-09-07 02:37:35 +00:00
Xin Li
63111cc957 [automerger skipped] Merge 24Q3 to AOSP main am: 06ca871143 -s ours 
am skip reason: Merged-In I65790202886298f9862d68d65cf794e67db5a878 with SHA-1 9d3f39622c is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3257934

Change-Id: Ib784443204b69a0e9275081636e2ce72f046d531
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-09-07 02:11:42 +00:00
Xin Li
06ca871143 Merge 24Q3 to AOSP main 
Bug: 357762254
Merged-In: I65790202886298f9862d68d65cf794e67db5a878
Change-Id: I733204cdf91a8f8355c79450373501fb34c47b54
 2024-09-05 17:02:37 -07:00
Android Build Coastguard Worker
6860313588 Snap for 12319997 from b67284dc2f to 24Q4-release 
Change-Id: I2ec5773a1bb025950b19477e5111d57795bf645e
 2024-09-04 23:02:18 +00:00
Randall Huang
b67284dc2f storage: move storage related device type to common folder 
Bug: 364225000
Test: forrest build
Change-Id: Iaed5b07a1d9823ebf3c7210921784d81bf6207a5
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-04 10:44:13 +08:00
Android Build Coastguard Worker
31e0aae94a Snap for 12313714 from 5e8b0722d0 to 24Q4-release 
Change-Id: Ic37dd4cee8a7998ee74625ee1fac0cf1cdb6a06c
 2024-09-03 23:01:53 +00:00
Android Build Coastguard Worker
cbbda2ee92 Snap for 12309590 from 150634f087 to 24Q4-release 
Change-Id: I6c19c573381bcc0a7cb3f94955fba46a9e073b60
 2024-09-02 23:01:47 +00:00
Randall Huang
5e8b0722d0 Storage: label ufs firmware upgrade script 
Bug: 361093041
Test: local build
Change-Id: I312d071ecaaedb09b54976e6b3bfe05e7bc6cdea
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-02 22:22:44 +00:00
attis
150634f087 Label sysfs node power_mode as sysfs_display. 
Label power_mode to sysfs_panel to let it be allowed in dumpstate.

avc log:
08-26 13:07:49.660 12467 12467 W dump_display: type=1400 audit(0.0:19): avc:  denied  { read } for  name="power_mode" dev="sysfs" ino=89753 scontext=u:r:dump_display:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/350831939

Test: ls -Z, adb bugreport.
Flag: EXEMPT bugfix
Bug: 358505990
Change-Id: I9feeb2a8270f89d214f7d765893364d0e73f7d39
Signed-off-by: attis <attis@google.com>
 2024-09-02 04:54:13 +00:00