Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1875 commits 1 branch 0 tags 63 MiB
Commit graph

1875 commits

This branch
This branch
All branches
Author SHA1 Message Date
Anthony Zhang
d2a2b8c339 [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Ib993337449bc5f71617649520f76ce745c487fad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:23:16 +00:00
Anthony Zhang
7f19e81d61 [DO NOT MERGE] Allow fingerprint to access persist property 
Bug: 258901849
Test: Local test on enrollment/delete, version update

Change-Id: I96acb79b3e600e0a4dd7b7a1cf494b20a876ca63
 2023-05-22 18:36:54 +00:00
Luis Delgado de Mendoza Garcia
7ac088bb18 Add chre channel sepolicy entries am: 3992c42501 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/22829545

Change-Id: I63b06a5c1132fe0c40cd47044333516f57a0de0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-18 04:31:42 +00:00
Luis Delgado de Mendoza Garcia
3992c42501 Add chre channel sepolicy entries 
Bug: 281814892
Fix: 281814892
Test: in-device verification.
Change-Id: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
Merged-In: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
 2023-05-16 22:49:12 +00:00
Wilson Sung
d19337894a Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 282096141
Change-Id: I0725e78a76436a0904205f83655755bf7c76c05f
 2023-05-12 12:09:08 +08:00
Adam Shih
2a02fe5fc5 add missing permission for gs201 power dump 
Bug: 281602658
Test: adb bugreport
Change-Id: Ibf765c9da65d2c9f6a3825c91cb22771f583457a
 2023-05-10 10:56:55 +08:00
Jinyoung Jeong
2d7181e3fc Fix LPA crash due to selinux denial 
Bug: 280336861
Test: No crash found during LPA basic tests: download eSIM,
enable/disalbe eSIM.

Change-Id: Ie4fd8fccce5ec98cf0b2afff9a41f27206e52626
 2023-05-02 14:10:00 +00:00
Hongbo Zeng
306bf73c79 Fix denials for radio service to access files under /data/venodr/radio 
Bug: 270561266
Test: get PASS result with go/ril-config-service-test and the original
      denial logs in http://b/270561266#comment8 are gone

Change-Id: I17155852bb2408b4389a86d32228292885e14c46
 2023-05-02 08:05:31 +00:00
martinwu
5f9732a97a [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
Merged-In: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
 2023-05-02 03:16:02 +00:00
Jinyoung Jeong
f265749f1d Fix SELinux error for com.google.android.euicc 
Bug: 279548423
Test: http://fusion2/b7c803be-2dca-4195-b91f-6c4939746b5b
Change-Id: Idd231c2412e8f597dea1bfa11f9d1a0fa1e17034
 2023-04-30 02:51:45 +00:00
Bruno BELANYI
a43d300aff Remove 'hal_neuralnetworks_armnn' '/data' access exception 
The mali driver has been configured not to look there anymore.

Bug: 205779871
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:bb69b32fc5b6f468561017f6bd5628626a571696)
Merged-In: Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5
Change-Id: Ie651cd788e6f057cd902d1c14880bd1ad71ec5a5
 2023-04-27 08:06:38 +00:00
Bruno BELANYI
01a2e70a17 Remove 'hal_neuralnetworks_armnn' sysprop exceptions 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:4f1ca4a7ad3895f5a5adc25fc2cf3a532eac79f6)
Merged-In: Ief9f33ea3aca3f6b0756c92feb1753462e86b894
Change-Id: Ief9f33ea3aca3f6b0756c92feb1753462e86b894
 2023-04-27 08:06:38 +00:00
Bruno BELANYI
ee3fe73de0 Add ArmNN config sysprops SELinux rules 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:9d61da55a193a12b7552e67e67d968c46d4dec86)
Merged-In: I90af8201d5fae44f73d709491f272a113b44ca67
Change-Id: I90af8201d5fae44f73d709491f272a113b44ca67
 2023-04-27 08:06:38 +00:00
Martin Wu
c6d08c1781 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." 
Revert submission 22814097-Fix-tcpdump-sepolicy

Reason for revert: build break

Reverted changes: /q/submissionid:22814097-Fix-tcpdump-sepolicy

Change-Id: I5b1c00cc6a1ae186eb51acc2c99171578c43bace
 2023-04-27 02:20:48 +00:00
martinwu
b7e90ec616 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I0eb9352e349ae8f06e469e953f137b00204f1c3b
 2023-04-27 01:38:24 +00:00
Wilson Sung
2b913d29a9 Update error on ROM 9784808 
Bug: 274727778
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I56784948658365e8c9ecdf63d163109d8f29e5c3
 2023-04-26 07:00:21 +00:00
Joseph Jang
2a5c26c9b4 Move recovery.te to device/google/gs-common/dauntless/sepolicy 
Bug: 279381809
Change-Id: I80fbd9ef0c7e988de21d07ada57fc6a038b9b585
 2023-04-24 08:05:10 +00:00
jimsun
0f6b14dc95 rild: allow rild to ptrace 
06-20 18:47:41.940000  8708  8708 I auditd  : type=1400 audit(0.0:7): avc: denied { ptrace } for comm="libmemunreachab" scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0
06-20 18:47:41.940000  8708  8708 W libmemunreachab: type=1400 audit(0.0:7): avc: denied { ptrace } for scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0

Bug: 263757077
Test: manual
Change-Id: I4720650488eca100372d148313e04d6d8950ead5
 2023-04-18 07:48:20 +00:00
Wilson Sung
4cc8eec22d Update error on ROM 9954737 
Bug: 278639040
Bug: 278639040
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I0d71ec80ea0136f90336d8f80cb75b38b61ebced
 2023-04-18 11:27:57 +08:00
Bruno BELANYI
c1ee9afdef Use restricted vendor property for ARM runtime options 
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I4cd468302da02603cccd9b4b98cb95745129daf5
 2023-04-17 10:59:19 +00:00
Leo Liou
5adecc7433 gs201: add sepolicy for ufs_firmware_update process 
Allow the script to access the specified partition and sysfs.

Bug: 273305212
Test: full build and test ffu flow
Change-Id: Iefeacea2d4c07e7a5b39713c9575e86bd25ce008
Signed-off-by: Leo Liou <leoliou@google.com>
 2023-04-17 09:58:11 +00:00
kadirpili
1af348b01f gs201: Allow GRIL Service to access radio_vendor_data_file 
Bug: 274737512
Change-Id: I1c0b045f8a25c5d58be02c2036d2fcaad7d9a8e7
 2023-04-14 06:57:50 +00:00
Xin Li
551330137f [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours am: ba5a2d3863 -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: Iefd6904aee50936e373590b4d54f492986aaf4dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 20:57:09 +00:00
Xin Li
ba5a2d3863 [automerger skipped] Merge TQ2A.230405.003 am: 8cff198ae3 am: 4c44de9655 -s ours 
am skip reason: Merged-In I971732c6a40700a85df61170dcf1c3660307b96c with SHA-1 03fb0f6ceb is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: I12f4ac63bb185203b115ae3f77ade5588bd50b10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 20:23:00 +00:00
Xin Li
4c44de9655 Merge TQ2A.230405.003 am: 8cff198ae3 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2530209

Change-Id: Ibeb863ad3557474eed5f5c8a529f12ed3c8c7768
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 19:00:58 +00:00
Minchan Kim
dc35b4158b remove dump_gs201 sepolicy 
Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I39c01692d959a63c091f98969a69ab35b2debe1a
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 06:09:00 +00:00
Minchan Kim
b7393fd8d8 move vendor_cma_debugfs into gs-common 
The CMA dump is common feature for pixel devices so move
it to gs-common.

Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I3997e27e3037f013338de5bc36687c63338769aa
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 06:09:00 +00:00
Tommy Kardach
3430e752af Update sepolicy for Camera HAL 
Edit SE policay for WHI_PRO to allow
camera HAL to acquire wake locks

Bug: 249567788
Test: Flash and manual testing
Change-Id: I450b0b53000c5b9649e354350ec80af3528120fb
 2023-04-11 19:45:33 +00:00
Xin Li
8cff198ae3 Merge TQ2A.230405.003 
Bug: 271343657
Merged-In: I971732c6a40700a85df61170dcf1c3660307b96c
Change-Id: I33994bb345a46d8ac3f3a751fdff402f4ce5c68f
 2023-04-10 23:55:29 -07:00
Adam Shih
9519323a98 use dumpsate from gs-common 
Bug: 273380985
Test: adb bugreport
Change-Id: Ibd54c0049480810e2aa14074e0ec9c4d611d51ff
 2023-04-10 01:11:14 +00:00
Wilson Sung
4d92dd61f2 Update error on ROM 9890523 
Bug: 277155245
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Iffbc691cff0e3a8d19ca3acef918cb4c1243feae
 2023-04-07 07:07:40 +00:00
Victor Liu
187dcc4e08 uwb: add permission for ccc ranging 
Bug: 255649425
Change-Id: I83ce369e52f382d76723b2b045e09607483a0a6a
 2023-04-06 20:57:42 +00:00
Roy Luo
1f54dc7256 Support sending vendor command to GL852G via libusbhost 
libusbhost need access to USB device fs.

Bug: 261923350
Test: no audit log in logcat after command execution
Change-Id: I4b0c8cc750eff12d2494504f9f215d5b1bab35fd
 2023-04-06 01:54:13 +00:00
feiyuchen
0161b6fbfa Allow camera HAL to access edgetpu_app_service in gs201 
We are seeing SELinux error b/276911450. It turns out that I only added the SE policy for 2023 device ag/22248613, but I forgot to add it for gs101 and gs201. So I created this CL.

See more background in ag/22248613.

Test: For gs201, I tested on my Pixel7 and I saw no more error. For gs101, I just did mm.
Bug: 275016466
Bug: 276911450
Change-Id: I223770eb0bc7e09a5dfb4f4188b7fc605c3d1a61
 2023-04-04 21:32:06 +00:00
Wilson Sung
33b2f0043c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 276386138
Bug: 276385494
Change-Id: Idcd05416ca84e0b47629637f8d3287a40d80a6ab
 2023-03-31 10:55:21 +08:00
Adam Shih
933e6a172b Move power dump out of hal_dumpstate_default 
Bug: 273380509
Test: adb bugreport
Change-Id: I0963af3f8f90b4f05724df31017b0d21d10c59ca
 2023-03-30 02:20:37 +00:00
Wilson Sung
bb30528185 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 275645892
Change-Id: Ib6aa5d2fe4a401cadc02a60b06725156f37aaccf
 2023-03-29 10:49:39 +08:00
Adam Shih
a334895789 create a dump for gs201 
Bug: 273380509
Test: adb bugreport
Change-Id: Ic47e0d43d9a5aef4381880eabbba74633ee260a1
 2023-03-28 12:52:52 +08:00
Adam Shih
86faa5607c use radio dump in gs-common 
Bug: 273380509
Test: adb bugreport
Change-Id: I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4
Merged-In: I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4
 2023-03-27 03:19:49 +00:00
Wilson Sung
dcc7112f6f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 275001783
Change-Id: I6514b7efbd02a5ddcb65ab329f0f01cc2d61e50a
 2023-03-24 11:11:48 +08:00
Kris Chen
ba0b76de16 Allow fingerprint hal to read sysfs_leds 
Fix the following avc denials:
avc: denied { search } for name="backlight" dev="sysfs" ino=79316
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=dir permissive=1

avc: denied { read } for name="state" dev="sysfs" ino=79365
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=file permissive=1

Bug: 271072126
Test: Authenticate fingerprint.
Change-Id: I9f346cb72ef660712b2bfb610df959667958c36a
 2023-03-24 02:06:34 +00:00
Adam Shih
1cdfdb4262 use gs-common gps dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I7d5fa2f086aeab1b94fe33b3f419d5fb58bfbda5
 2023-03-22 12:26:10 +08:00
Jörg Wagner
28503a8706 Update Mali DDK to r40 : Additional SELinux settings 
Expose DDK's dynamic configuration options through the Android Sysprop
interface, following recommendations from Arm's Android Integration
Manual.

Bug: 261718474

(cherry picked from commit 4183daf7f1)
Merged-In: I75457d2d4f6e37bdd85329bac7fd81327cfff628
Change-Id: Ic40d6576537fc6699e3315040236e79aba16af18
 2023-03-21 10:32:25 +00:00
Adam Shih
831323cd81 use gxp dump in gs-common 
Bug: 273380509
Test: adb bugreport;unzip *zip;tar -xvf dumpstate_board.bin
And found gxp content

Change-Id: I5a1e77f756a0ec045a578c4ca9bced689d8d9d9c
 2023-03-21 11:19:21 +08:00
Adam Shih
0f80193c30 use gs-common camera dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I925fbbba81a92689c4590df4a8d7529cc8b57bf8
 2023-03-20 11:14:44 +08:00
Mahesh Kallelil
0e62b47df9 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I0915969bfa6354e1884088476fc59cd8027bd2f1
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:33:46 +00:00
Adam Shih
f5a068e2bf use gs-common soc dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I81cd197c1a7c9f19ad9a3c30b65b4499de04b184
 2023-03-15 05:59:09 +00:00
Enzo Liao
3ff7d6817f SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a am: 7640930323 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: I3e0cea14177bac92af9113a6aeeb9bd0970e7068
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 05:14:55 +00:00
Enzo Liao
7640930323 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Whitechapel Pro. am: b38886146a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21946204

Change-Id: I763de4896af0f56204d91b874d6aae2519c5e9db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 04:38:42 +00:00
Xin Li
79f362de88 [automerger skipped] Merge Android 13 QPR2 am: 665b8598f2 -s ours am: f61bda9e67 -s ours am: 67621bec34 -s ours 
am skip reason: Merged-In I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d with SHA-1 f70e73af58 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2486783

Change-Id: I707d83fad07144e33b6feded76fd061d19fd085e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 00:06:07 +00:00