Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1828 commits 1 branch 0 tags 63 MiB
Commit graph

1828 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jinhee.k
324f9b569d sepolicy: allowed permissions required for network access am: 37c32d672f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19968207

Change-Id: Idf4da54e99fa914f9297da048dec7816b0efd44d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-20 01:00:41 +00:00
Jinhee.k
37c32d672f sepolicy: allowed permissions required for network access 
: add permission to allow create, connect udp socket
Apply to add network access permissions

Bug: 242231557
Test: Verified no IMS exception and avc denied
Change-Id: I4a4bd1efb22b5538b1679aad8f543d00203e0b48
Signed-off-by: Jinhee.k <jinhee.k@samsung.com>
 2022-09-19 01:41:34 +00:00
Vova Sharaienko
87bc6d189d hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 237639591
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I71013c0b17ee5e526387efa0afb823f97775e572
 2022-09-16 18:58:26 +00:00
Ted Lin
7c6154bdce Remove the tracking denials code. 
Bug: 213817227
Test: Check the bugreport
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: I94a64f6ea05757b9c74657647ef7f0d14fa34c55
 2022-09-16 14:00:24 +08:00
Sherry Luo
540b00f63e Add network permissions for debug camera am: 9dd930e4c2 am: fabbfe62fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19914967

Change-Id: Ie566fd9c20a44368b054b09518f3b613d37eb054
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 19:53:10 +00:00
Sherry Luo
fabbfe62fa Add network permissions for debug camera am: 9dd930e4c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19914967

Change-Id: I73f2cf441f2e52e5246074693d65a3cb6a5da3bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 18:48:22 +00:00
Sherry Luo
9dd930e4c2 Add network permissions for debug camera 
Noticed that Estrella upload failing w/
   java.lang.SecurityException: Permission denied (missing INTERNET
   permission?)

Followed investigation in b/230434151. Verified that upload working once
this change is flashed.

Test: Flash build w/ local change
Test: Take a picture and upload using Estrella
Test: Verify that the upload succeeded

BUG=245995782

Change-Id: I505af355f25e9063927c946ee8af21de25758ef1
 2022-09-15 18:16:58 +00:00
Estefany Torres
3bc8385800 Add rules for letting logger app send the command to ril am: 6cb9f4e623 am: 9b1caac1d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19913309

Change-Id: I190fbc128bd77c34af604ae1fd3a89f303a4b84b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 15:03:57 +00:00
Estefany Torres
9b1caac1d7 Add rules for letting logger app send the command to ril am: 6cb9f4e623 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19913309

Change-Id: Id2362cefd0aac3af1709d008bc1a102baeb16975
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 14:35:08 +00:00
Estefany Torres
6cb9f4e623 Add rules for letting logger app send the command to ril 
08-31 23:40:57.354   458   458 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c252,c256,c512,c768 pid=2901 scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
09-01 00:08:19.600  2881  2881 W oid.pixellogger: type=1400 audit(0.0:10): avc: denied { call } for scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.android.pixellogger

Bug: 241412942
Test: tested on C10 with pixel logger change
Change-Id: I845eefc609be2b7fbc22c9b37d1eb2b3195e014f
 2022-09-15 14:09:05 +00:00
Chungjui Fan
5ea1982643 Add sepolicy of dumping LED file in dumpstate am: aa55cb6f2e am: 9a70ccc6d6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19893210

Change-Id: I5d13a2d75fd6bdc939a101b0178922a36d87f38a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-14 04:03:34 +00:00
Chungjui Fan
9a70ccc6d6 Add sepolicy of dumping LED file in dumpstate am: aa55cb6f2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19893210

Change-Id: Idb5424850f53d62e971faa9a208eaaf9e8731942
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-14 03:34:32 +00:00
Chungjui Fan
aa55cb6f2e Add sepolicy of dumping LED file in dumpstate 
Bug: 242300919
Change-Id: I14b0af18244c4a71fd7908fdb35e2e86354e02e0
 2022-09-14 02:59:20 +00:00
Adam Shih
9c9ae24f64 remove global access to firmware mali 
Bug: 220801802
Test: device can resume
Change-Id: Idf0fd84c2efa37c94e30c3f682a09e6546f50235
 2022-09-12 12:58:29 +08:00
Jeffrey Carlyle
b93bd33e4a dck: allow st54spi devivce to be accessed by recovery and fastbootd am: a658683689 am: 686c24a38f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19754910

Change-Id: I3596188e79329c44a1ba1dd920b649b7f090915c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 23:06:50 +00:00
Jeffrey Carlyle
686c24a38f dck: allow st54spi devivce to be accessed by recovery and fastbootd am: a658683689 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19754910

Change-Id: Ic69198e22d963c26f9994689d0818bcf6e45d80f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 22:35:51 +00:00
Jeffrey Carlyle
a658683689 dck: allow st54spi devivce to be accessed by recovery and fastbootd 
This is needed so that Digital Car Keys can be cleared from the ST54
during a user data wipe.

Bug: 203234558
Test: data wipe in Android recovery mode on raven
Test: data wipe in Android recovery mode on c10
Test: data wipe in user mode fastbootd mode on raven
Test: data wipe in user mode fastbootd mode on c10
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
Change-Id: Icaa3d62aa6b3b88b8db6c1c11807907a06e51019
 2022-09-08 21:58:52 +00:00
JJ Lee
fb1bc9baee sepolicy: add nodes for aoc memory votes stats am: 4b3ae5b9bf am: 749dbdb873 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19712556

Change-Id: I16ae2d0b127aadedfbfc7cda814487523e737e83
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 05:32:24 +00:00
JJ Lee
749dbdb873 sepolicy: add nodes for aoc memory votes stats am: 4b3ae5b9bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19712556

Change-Id: I3592111f07154b84c74de89c980679437bf71073
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 05:02:44 +00:00
JJ Lee
4b3ae5b9bf sepolicy: add nodes for aoc memory votes stats 
Bug: 223674292
Test: build pass, not blocking bugreport
Change-Id: Iae1c5dc42b3e6213d4399025cb91dc57822fd2cc
Signed-off-by: JJ Lee <leejj@google.com>
 2022-09-08 04:45:32 +00:00
Jack Wu
81ed5058d8 remove selinux avc error am: c252f3ffa8 am: 980e37d3df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19880471

Change-Id: Ie2e2563755ca25085cca72438b92743e43c53dc1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 03:16:34 +00:00
Jack Wu
980e37d3df remove selinux avc error am: c252f3ffa8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19880471

Change-Id: Ib213543c3f2a3c155a1b296eea0d223dcefa4374
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 02:16:19 +00:00
Jack Wu
c252f3ffa8 remove selinux avc error 
Bug: 238398889
Test: no avc denied in TreeHugger verified
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Icf2a89462574e2f0eea29d0601e77728d67e6e0d
 2022-09-07 11:57:09 +08:00
Adam Shih
8064010f8a use gs-common insert module script 
Bug: 243763292
Test: boot to home
Change-Id: I6f0c1a020ea2962f03df6794a6011a31d2244b1a
 2022-09-06 12:41:01 +08:00
chungkai
39570f2d03 sepolicy: ignore avc denial 
dont audit since it's debugfs

Bug: 228181404
Test: boot without avc denial
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I8c9922d71cef6eaef7d95ad2abdbeac912490ca7
 2022-09-01 02:38:26 +00:00
Adam Shih
21b6c72d26 Move dauntless settings to gs-common 
Bug: 242479757
Test: build pass on all Gchip devices
Change-Id: Ifb33ea566117392dbdf57c212db2741732abcfdb
 2022-08-30 13:30:00 +08:00
Robb Glasser
e95cf1f141 Give permissions to save usf stats and dump them in bugreports. am: feba667c23 am: 272b649cee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19672405

Change-Id: I00c4c33c0ac37eb5f6b7a488066a2d49ad6cc59a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-25 04:06:33 +00:00
Robb Glasser
272b649cee Give permissions to save usf stats and dump them in bugreports. am: feba667c23 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19672405

Change-Id: I3f77d4619266c84e36586697cb79c96334abb010
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-25 03:38:28 +00:00
Robb Glasser
feba667c23 Give permissions to save usf stats and dump them in bugreports. 
Creating a mechanism to save some USF stat history to device and pipe it
to bugreports. Granting permissions so that this can work.

Bug: 242320914
Test: Stats save and are visible in a bugreport.
Change-Id: Ie08fce80e79bd564ea58dab66ce8f0d9892d7020
 2022-08-25 02:47:58 +00:00
Adam Shih
f43976db9f modularize gsc dump 
Bug: 242479757
Test: do bugreport that has the same content as before
Change-Id: I1ca725b77f98012ebe63cf640cca18b44a5c7d57
 2022-08-24 07:13:52 +00:00
Jinting Lin
e0f6c7b035 Fix avc denied for vendor telephony debug app am: b69195ebe9 am: fbbcaeb8d2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19600258

Change-Id: Idc9f2576bda76f0699548703c83b4f84bf6376f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-24 04:30:34 +00:00
Jinting Lin
fbbcaeb8d2 Fix avc denied for vendor telephony debug app am: b69195ebe9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19600258

Change-Id: I26041b2e32da5bdf97c24deb1a70e1e1e594060d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-24 03:50:30 +00:00
Jinting Lin
b69195ebe9 Fix avc denied for vendor telephony debug app 
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 pid=8533 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { search } for name="com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=150 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=344 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0
avc: denied { write } for name="property_service" dev="tmpfs" ino=379 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Test: manual test

Bug: 241976048
Change-Id: I5aa49a8e243d212180c7da6f65da9021164fca44
 2022-08-24 01:54:34 +00:00
Roger Fang
ef685e8439 sepolicy: add permission for AMS rate of pixelstats-vend am: 74eb33d057 am: f210a000be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19674281

Change-Id: Ice4bb2b9a9b12888fce9562e03b7745f44ba199c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 22:15:08 +00:00
Roger Fang
f210a000be sepolicy: add permission for AMS rate of pixelstats-vend am: 74eb33d057 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19674281

Change-Id: Id9f6161c35be164ac61c5cb866a80eb3c883a77d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 21:12:53 +00:00
Roger Fang
74eb33d057 sepolicy: add permission for AMS rate of pixelstats-vend 
pixelstats-vend: type=1400 audit(0.0:618): avc: denied { read } for name="ams_rate_read_once" dev="sysfs" ino=100493 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:619): avc: denied { open } for path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs" ino=100493 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:620): avc: denied { getattr } for path="/sys/devices/platform/audiometrics/ams_rate_read_once"

Bug: 239508478
Test: Manually test passed

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: I3e171b35ebdcf11b0da559361f382f1cf01b0f2f
 2022-08-23 19:56:37 +00:00
Weizhung Ding
c3b34d2481 Add coredomain for hbmsvmanager am: 4e46081859 am: 4b26119d0e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19415495

Change-Id: Ic6e47c45ce9adb8ed2047c92ea1e6b654ae92777
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 02:17:35 +00:00
Weizhung Ding
4b26119d0e Add coredomain for hbmsvmanager am: 4e46081859 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19415495

Change-Id: Ie8966a5b2d077fc8901472721b8ad1deb7c6c0a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 01:57:42 +00:00
Weizhung Ding
4e46081859 Add coredomain for hbmsvmanager 
Sync the coredomain from gs101

Bug: 239902607
Test: without denied log
Change-Id: I220ce6b2f67877637189fcfcc0f6b328c8be6eae
 2022-08-23 01:39:53 +00:00
Thiébaud Weksteen
8deeec1a30 Revert "Update SELinux error" 
This reverts commit 03f0070359.
Remove duplicate entry for dumpstate. These are ignored by auditd.

Bug: 241172220
Bug: 241172186
Test: TH
Change-Id: Ia72eecbb6055876aa7903e13cd4dc72952d3125e
 2022-08-22 04:32:32 +00:00
Wei Wang
4dc616e59b Label GPU dvfs period setting am: b5fcd3b4db am: 4a56314a9c am: e9d5556ad2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: If1288c14a1b7741da5e6bc82cbadcd20545ec7ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-11 00:33:52 +00:00
Wei Wang
099b5bfb9e Label GPU dvfs period setting am: b5fcd3b4db am: d28c59ec92 am: 33c574db0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: If02b21c9a081674c9e57fa59db19da618bb8cc6c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-11 00:33:24 +00:00
Wei Wang
e9d5556ad2 Label GPU dvfs period setting am: b5fcd3b4db am: 4a56314a9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I0378c43bb45f5a92b12ea16259fc59b91333619d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:34:12 +00:00
Wei Wang
33c574db0c Label GPU dvfs period setting am: b5fcd3b4db am: d28c59ec92 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I579136ad0c09962de6c067b832dfc729af1ff3a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:33:50 +00:00
Wei Wang
d28c59ec92 Label GPU dvfs period setting am: b5fcd3b4db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I616aa04aa91a262e00dd0d611d486edccf463a29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:03:28 +00:00
Wei Wang
4a56314a9c Label GPU dvfs period setting am: b5fcd3b4db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: Ia58bb1e41f2c4e1f8330672545d91779f96daa8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:02:35 +00:00
Wei Wang
b5fcd3b4db Label GPU dvfs period setting 
Bug: 239887528
Test: Build
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: I35766555f13f586e37d03843dae153d02f189976
 2022-08-09 23:52:57 +00:00
Konstantin Vyshetsky
f3ef39bd77 convert_to_ext4.sh: suppress test error am: 27f55d7da7 am: 537e037e9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19563471

Change-Id: I84eba7c433b8bf7a83440957ac2787bb71610688
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 05:59:44 +00:00
Konstantin Vyshetsky
537e037e9a convert_to_ext4.sh: suppress test error am: 27f55d7da7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19563471

Change-Id: Id4814a8d1e5f06f1ccba3d8ba1f5de3fb798174f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-09 05:41:27 +00:00
Konstantin Vyshetsky
27f55d7da7 convert_to_ext4.sh: suppress test error 
Add exclusion to fix issue with SELinuxUncheckedDenialBootTest

Bug: 241072524
Signed-off-by: Konstantin Vyshetsky <vkon@google.com>
Change-Id: Id9088f728c34d3c764e1aef66a5e1a126f6243e9
 2022-08-09 05:27:21 +00:00