Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1828 commits 1 branch 0 tags 63 MiB
Commit graph

1828 commits

This branch
This branch
All branches
Author SHA1 Message Date
Matt Buckley
5bf8862b01 Allow HWC to get device_config_surface_flinger_native_boot_prop for adpf flags 
For the hardware composer and surfaceflinger to coordinate on certain features, it is necessary for the hardware composer to be able to read the surface_flinger_native_boot_prop to know what should be enabled.

Bug: b/214473134
Test: None
Change-Id: If03dae54ea17a8131c489f56092c0edd974ea41b
 2022-01-14 20:20:24 +00:00
Xu Han
9633922461 Fix rlsserive selinux denials 
Bug: 213817228
Test: check "avc denied" log with camera streaming.
Change-Id: Id255ffab3ca145cb0708b701e2afccdcd76ef4ea
 2022-01-14 10:22:40 -08:00
Adam Shih
22786d49a4 update error on ROM 8078837 
Bug: 214473134
Bug: 214473005
Bug: 214473093
Bug: 214472867
Bug: 214472869
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8a84883655b6b259b0079d947496616974beb944
 2022-01-14 05:44:13 +00:00
Siddharth Kapoor
8b241f5c35 Update selinux for init-insmod-sh needed for gpu probe 
Bug: 207062151
Test: related avc denials not noticed in the device logs
Change-Id: I87ff2251fd7d92f8b0eb3fac43889758788b702f
Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
 2022-01-14 04:24:52 +00:00
chloedai
f442239ffd Remove nfc.te 
type=1400 audit(0.0:186): avc: denied { transfer } for
scontext=u:r:nfc:s0 tcontext=u:r:zygote:s0
tclass=binder permissive=1

type=1400 audit(1636594745.812:186): avc: denied { transfer } for
comm="Binder:2617_2" scontext=u:r:nfc:s0  tcontext=u:r:zygote:s0
tclass=binder permissive=1

Bug: 205904208
Test: Run test and check "avc: denied { transfer }" error in avc log
Change-Id: I38f396de7d18eb32cc1c6ff6b30ee51122f4c3b0
 2022-01-13 13:00:14 +00:00
Jasmine Cha
431ba37038 audio: add sepolicy for getting thermal event 
type=1400 audit(0.0:15): avc: denied { call } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

type=1400 audit(0.0:16): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0
tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1

Bug: 204271308
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I73070815b1ab73a58fd776e1301a5d4a8e198109
 2022-01-12 11:32:47 +00:00
linpeter
72dc78222f update display sepolicy 
Bug: 205073165
Bug: 205656937
Bug: 205779906
Bug: 205904436
Bug: 207062172
Bug: 208721526
Bug: 204718757
Bug: 205904380
Bug: 213133646

test: check avc denied with hal_graphics_composer_default, hbmsvmanager_app
Change-Id: I964a62fa6570fd9056b420efae7bf2fcbbe9fc9f
 2022-01-12 08:10:50 +00:00
Adam Shih
673d412421 update error on ROM 8069652 
Bug: 214121738
Bug: 214122471
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8db4e1c7d5a2cf50798c63a3a1eda0fa82b89f5a
 2022-01-12 11:14:35 +08:00
Yifan Hong
d799f2f773 Implement health AIDL HAL. 
Test: VTS
Test: manual charger mode
Test: recovery
Bug: 213273090
Change-Id: I823e202f8877ad04e7fb5508358682bc6458f7c1
 2022-01-11 21:39:14 +00:00
TeYuan Wang
89bec046aa Label TMU as sysfs_thermal 
Bug: 202805103
Test: switch thermal tj property and check thermal threshold
Change-Id: Ie1d20912f6111cbb85c04fce5a39e2be803e530f
 2022-01-11 05:52:04 +00:00
Ray Chi
9b8f698ee8 Fix avc denials for USB hals 
Bug: 205073230
Bug: 207062542
Bug: 208527968
Test: no avc log for hal_usb_impl
Change-Id: I840d8cb69ed9189f2697d13ae43b4bdeb25cd616
 2022-01-10 18:33:56 +08:00
Adam Shih
af12430ab3 update error on ROM 8058425 
Bug: 213817227
Bug: 213817228
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I8d4eaf583b7b012e55705eb99684f97af2dd611f
 2022-01-10 06:56:02 +00:00
horngchuang
ebe7b7c9a5 Remove l10 specific camera component sepolicy settings 
Move these settings to L10 specific folder

Bug: 210598444
Test: build okay
Change-Id: I517d5414f64a32098fd8e5bfa6554f2272680826
 2022-01-10 05:43:46 +00:00
yawensu
4f08892ca1 Fix SELinux errors for vendor_rcs_service_app 
avc:  denied  { find } for pid=2194 uid=10193 name=isub scontext=u:r:vendor_rcs_service_app:s0:c193,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1

Bug: 205779869
Test: Manual.
Change-Id: I8589a0178500ee4ced318fbb487aad585758a3f3
 2022-01-10 11:22:15 +08:00
Jaegeuk Kim
5134bb2094 Revert converting ext4 to f2fs 
Revert the below commits:

commit bf900e2ae5 "allow to convert /efs to f2fs"
commit 54b0addb16 "convert_to_f2fs.sh: add sepolicy"

And, tracking_denials WA.

Bug: 207031989
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: Id3dd1c5b8cad962845fd7a88b9069315819e5f3d
 2022-01-06 16:44:08 +00:00
Shiyong Li
a781d5020b consolidate display sysfs nodes into one context 
Bug: 209890345
Bug: 209705194
Test: check selinux denial info
Signed-off-by: Shiyong Li <shiyongli@google.com>
Change-Id: I208f84caf0cbcd18bb3da8004362e6f996cbaba5
 2022-01-05 01:31:58 +00:00
JimiChen
bec2f8f10d Add permision for new sensors and eeproms 
sensor: imx712 and imx712-uw
eeprom: m24c64x-imx712 and m24c64x-imx712-uw

Bug: 210657475
Bug: 210569509
Test: build okay
Change-Id: Ide8429ce41a34b5c27b23eea1095bae93c5b88c4
 2022-01-04 05:49:24 +00:00
horngchuang
c8f6c81670 Add imx787 sensor entry to selinux policy 
/dev/lwis-sensor-imx787 used by rear-cam sensor

Bug: 210654152
Test: local build Pass, boot to Home
Change-Id: Ia15ad131d763190d3ecbfee397f0de33987ddb65
 2022-01-04 05:40:30 +00:00
Adam Shih
37710df1c0 remove obsolete sepolicy 
Bug: 205904207
Test: boot with no relevant errors
Change-Id: Id2baad991e43784f5b999e6ae1f0141352acdbca
 2022-01-04 03:48:25 +00:00
Adam Shih
be9bc5e2da Grant hal_weaver_citadel access to vndbinder and citadeld 
Test: boot to home under enforcing mode
Bug: 205657092
Bug: 205904286
Change-Id: Ic6f46f0c827d202fd81fb744f4ec3241b24396d6
 2022-01-04 03:48:16 +00:00
Adam Shih
70d78900fd Grant init_citadel access 
Test: boot to home under enforcing mode
Bug: 205655298
Bug: 205779736
Bug: 205904401
Change-Id: Ia7c1033240970122f3af79428bdb9012dcbc9d45
 2022-01-04 03:48:04 +00:00
Adam Shih
b627a2f18b Grant citadeld access 
Test: boot to home under enforcing mode
Bug: 205657177
Bug: 205904322
Change-Id: I49a7f14d4948f94814067e7ef137186610547033
 2022-01-04 03:47:51 +00:00
chungkai
7fe7e43582 Fix avc denials for powerhal 
Test: build pass
Bug: 208909174
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I565df75c22d66199e6966dfac4af2e19b88606a0
 2022-01-03 03:32:01 +00:00
neoyu
8b48664bdc Fix SELinux errors for rild 
avc: denied { read } for comm="rild_exynos" name="u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1
avc: denied { getattr } for path="/dev/__properties__/u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1
avc: denied { map } for path="/dev/__properties__/u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1
avc: denied { open } for path="/dev/__properties__/u:object_r:vendor_persist_config_default_prop:s0" dev="tmpfs" ino=319 scontext=u:r:rild:s0 tcontext=u:object_r:vendor_persist_config_default_prop:s0 tclass=file permissive=1

Bug: 205073023
Test: manual
Change-Id: I2687c443b2830cf08210726f5b2e266c55793d41
 2021-12-30 05:44:38 +00:00
Ted Lin
66f8039b5d HardwareInfo: Add sepolicy for battery 
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:11): avc: denied { getattr } for path="/sys/devices/platform/google,battery/power_supply/battery/serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/google,battery/power_supply/battery/serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
12-03 09:57:39.480  7907  7907 I id.hardwareinfo: type=1400 audit(0.0:9): avc: denied { read } for name="serial_number" dev="sysfs" ino=66176 scontext=u:r:hardware_info_app:s0:c512,c768 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug:208909060
Test: adb bugreport
Change-Id: Ide376401ada800718acf35db11ce79a5e63fe75d
Signed-off-by: Ted Lin <tedlin@google.com>
 2021-12-30 05:21:23 +00:00
neoyu
ad89088b6e Fix SELinux errors for rild 
avc: denied { call } for comm="rild_exynos" scontext=u:r:rild:s0 tcontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tclass=binder permissive=1
avc: denied { call } for comm="rild_exynos" scontext=u:r:rild:s0 tcontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tclass=binder permissive=1

Bug: 205904441
Test: manual
Change-Id: I02339f8d7ef7004091244c9c8708a759da05d751
 2021-12-28 14:32:42 +08:00
neoyu
186040a5e9 Fix SELinux errors for vendor_ims_app 
avc:  denied  { find } for pid=1813 uid=10213 name=isub scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1
avc: denied { call } for scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { transfer } for comm="nnon.imsservice" scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { transfer } for scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { call } for comm="nnon.imsservice" scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice
avc: denied { call } for comm="ImsConnectivity" scontext=u:r:vendor_ims_app:s0:c213,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.imsservice

Bug: 205780067
Bug: 205904439
Test: manual
Change-Id: I50b0861994f19801068a2559ac35521095a18339
 2021-12-27 11:58:43 +08:00
neoyu
02775432c2 Fix SELinux errors for vendor_rcs_app 
avc: denied { call } for comm="nnon.rcsservice" scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice
nnon.rcsservice: type=1400 audit(0.0:116): avc: denied { call } for scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice
avc: denied { transfer } for scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice
avc: denied { transfer } for comm="nnon.rcsservice" scontext=u:r:vendor_rcs_app:s0:c193,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=1 app=com.shannon.rcsservice

Bug: 205904435
Test: manual
Change-Id: Ia988e89ac3ccb543cefabfc289e446db09e01c2b
 2021-12-27 11:53:53 +08:00
Joel Galenson
7fd619a67c Include core policy OWNERS 
Test: None
Change-Id: Ic8704a9152985ed5046abc5abbd0890808b7fe95
 2021-12-21 07:37:30 -08:00
gwenlin
361962851f Add permission for binding rild and grilservice 
Bug: 208371668
Test: build
Change-Id: Ib5310032194fc4a13326db5002060a204d5f5b27
 2021-12-15 01:42:46 +00:00
Adam Shih
8edf4a3e83 update error on ROM 7993545 
Bug: 210363983
Bug: 210363938
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I41b6acd2513bc031efe128be8154b1e1aacfcd8b
 2021-12-13 11:45:44 +08:00
Adam Shih
233cdab535 update error on ROM 7987555 
Bug: 210067468
Bug: 210067282
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I921568297189f2c90951448a2f15f7fb8e597dfc
 2021-12-10 04:48:15 +00:00
chungkai
0d52e28b50 Fix avc denials for permissioncontroller_app 
avc: denied { search } for name="vendor_sched" dev="sysfs" ino=46151 scontext=u:r:permissioncontroller_app:s0:c240,c256,c512,c768
tcontext=u:object_r:sysfs_vendor_sched:s0 tclass=dir permissive=1 app=com.google.android.permissioncontroller

Test: boot to home
Bug: 208909174
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I4fb27d02318459546eded3cf15da380d26477ef2
 2021-12-10 03:46:34 +00:00
Krzysztof Kosiński
deb9d361cd Add sepolicy for camera persist files. 
Bug: 208866457
Test: Verified label for /mnt/vendor/persist/camera on P10
Change-Id: Id4af051ea2e783bed7cabfd2be80bdac994a11ab
 2021-12-10 01:39:26 +00:00
Shiyong Li
8bae253501 allow android.hardware.power.stats-service.pixel to access display sysfs 
Fix the follwoing violations:
avc: denied { read } for name="state" dev="sysfs" ino=68654
scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_sensors:s0
tclass=file
...
avc: denied { open } for path=
"/sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state"
dev="sysfs" ino=68654 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs_sensors:s0 tclass=file

Bug: 209704948
Change-Id: Iad586164811457d09f6c0e81c67c0f217b77ccc2
Signed-off-by: Shiyong Li <shiyongli@google.com>
 2021-12-09 20:10:44 +00:00
Midas Chien
a4f16bf147 allow hwc to access sysfs_display 
Bug: 207615889
Test: check avc denials while hwc access early wakeup node
Change-Id: I453e50de739c31b1075f81fb4c1195a5dffd4d75
 2021-12-09 12:49:06 +00:00
Adam Shih
60633eef54 update error on ROM 7982728 
Bug: 209889068
Bug: 209890345
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I6177759eeaf641c0515db9f070a20c343ee740ac
 2021-12-09 11:02:26 +08:00
Adam Shih
6004d58760 label camera app 
Bug: 209329856
Test: boot with google camera's label changed
Change-Id: Iff83bf8f42f9e6f9588fc5f45852a11608dc4445
 2021-12-08 13:20:20 +08:00
Adam Shih
4820dcfdba make libraries app-reachable 
Bug: 209703854
Test: Boot with no relevant errors
Change-Id: I5f0d6ed1b578d1684c476bc07d81baaf91005bc6
 2021-12-08 13:17:52 +08:00
Adam Shih
1fb766e7a3 update system_suspend wakeup files 
Bug: 209705335
Test: boot with no relevant errors
Change-Id: I8d9d9b72449319184167790859c655e0695c4c98
 2021-12-08 13:16:07 +08:00
Adam Shih
82e4faa61a update error on ROM 7978521 
Bug: 209705194
Bug: 209704948
Bug: 209703854
Bug: 209705394
Bug: 209705335
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Id30e22a1d210f1aabdf8014cef5c5e009e00199c
 2021-12-08 11:08:02 +08:00
Robb Glasser
3dad021ae8 Fix sensors hal selinux denials on C10. 
Bug: 205657063
Bug: 205780093
Bug: 204718449
Bug: 205904379
Bug: 207721033
Bug: 207062541
Bug: 208909175
Test: SELinuxTest#scanAvcDeniedLogRightAfterReboot on C10
Change-Id: I678ac355fc09da56bc7718c4d70fb40d4cd79de0
 2021-12-08 00:53:52 +00:00
Adam Shih
ccabcd4a24 label telephony apps 
Bug: 208721636
Test: boot with error log changed from system_app to right ones
Change-Id: Ia65b2c8f1759866eca8fcd12dcbed4cedaa61ea2
 2021-12-06 11:27:22 +08:00
Adam Shih
d69e2703f5 dump hal_graphics_composer 
Bug: 208909191
Test: do bugreport with no relevant error logs
Change-Id: I5d89e6a1a40c856d8717d07040362aec5a88fa59
 2021-12-06 10:36:11 +08:00
Adam Shih
474da130f9 remove redundant bug 
incidentd always access all system property during permissive mode
Bug: 208721673
Test: do bugreport with no relevant logs

Change-Id: I0b5395ad5639980c0793744399d27b7eb4651afb
 2021-12-06 10:24:35 +08:00
Adam Shih
d3d316704e update error on ROM 7971030 
Bug: 209329856
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I2e0c33b1fae3fcaad2ead33406d656a8a538d90d
 2021-12-06 09:33:01 +08:00
Adam Shih
b466b688e0 update error on ROM 7964913 
Bug: 208909191
Bug: 208909124
Bug: 208909174
Bug: 208909175
Bug: 208909060
Bug: 208909270
Bug: 208909232
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I7e3edb49e5a191a2fc9e34f7232d754ecd2fed00
 2021-12-03 10:08:39 +08:00
Randall Huang
abc92ffabe fix vold selinux error 
Bug: 208721768
Test: boot to home
Signed-off-by: Randall Huang <huangrandall@google.com>
Change-Id: I22060550896722e9c8eab4acdaf39dbeb12026ce
 2021-12-02 06:29:49 +00:00
George Chang
b2d162fda7 Fix SELinux error coming from hal_secure_element_uicc 
12-02 09:45:55.564   796   796 I secure_element@: type=1400 audit(0.0:3): avc: denied { call } for scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1
[   11.030503] type=1400 audit(1638409555.564:3): avc: denied { call } for comm="secure_element@" scontext=u:r:hal_secure_element_uicc:s0 tcontext=u:r:rild:s0 tclass=binder permissive=1

Bug: 208715886
Test: check avc
Change-Id: I701b36fbb58f1c071f1dbc394048dad467ac6c4c
 2021-12-02 06:17:22 +00:00
Roger Fang
ad3e880a3f sepolicy: Add suez audio sepolicy 
pixelstats-vend: type=1400 audit(0.0:30): avc: denied { read } for name="codec_state" dev="sysfs" ino=83880 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_pixelstats:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:31): avc: denied { open } for path="/sys/devices/platform/audiometrics/codec_state" dev="sysfs" ino=83880 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_pixelstats:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:32): avc: denied { getattr } for path="/sys/devices/platform/audiometrics/codec_state" dev="sysfs" ino=83880 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs_pixelstats:s0 tclass=file permissive=1

Bug: 206007421
Test: build passed and no avc deniel logs

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: Ib5f5dd248e276f470e213cc053728cbf70c20dbf
 2021-12-02 04:51:37 +00:00