device_google_gs201

Author	SHA1	Message	Date
Jinting Lin	d3d4af1aac	Remove obsolete sepolicy of silentlogging Bug: 221384996 Test: adb bugreport Change-Id: I35a9dae665f11196ec900346c41a3c786bfdf5fa	2022-06-20 05:48:22 +00:00
Siarhei Vishniakou	555d8a9aca	Revert "Update avc error on ROM 8732242" This reverts commit `6e578b6825`. Bug: 236200710 Test: verified locally Reason for revert: sepolicy was fixed, no more need for the exception Change-Id: Ic343b513c5426e5caca77bcd8c56f7336834b4ec	2022-06-20 00:21:50 +00:00
sukiliu	c25afee26a	[Do not merge]Update avc error on ROM 8732242 Bug: 236200710 Test: PtsSELinuxTestCases Merged-In: I9b4b487aa78a69fe981a542aef1a7dbe368a30ce Change-Id: I9b4b487aa78a69fe981a542aef1a7dbe368a30ce	2022-06-16 03:24:58 +00:00
sukiliu	6e578b6825	Update avc error on ROM 8732242 Bug: 236200710 Test: PtsSELinuxTestCases Change-Id: I9b4b487aa78a69fe981a542aef1a7dbe368a30ce	2022-06-16 03:13:44 +00:00
Nucca Chen	1b954eef3b	Remove clatd tracking_denial Bug: 210363983 Change-Id: Ie3a38ef9cdb4447a3684912d2a65b0167c484cc6 Test: boot with no relevant error log	2022-06-14 17:37:46 +00:00
Adam Shih	2005390966	remove obsolete entry Bug: 228181404 Test: boot with no avc error log Change-Id: Ic8d71ef8ddb99eafb366929af695a50d4779ac0c	2022-06-14 11:32:27 +08:00
Adam Shih	8d011823ed	allow dumpstate to access sde partition Bug: 221384768 Test: do bugreport without relevant error log Change-Id: I26b0246f8d99a5efce8f7d1b65fa50faafb599e2	2022-06-13 13:11:12 +08:00
Adam Shih	dc339dc780	remove obsolete entry Bug: 229354991 Test: take a bug report without showing relevant logs Change-Id: I3c75ca4e79085205f50c07b8ceea9757760a8763	2022-06-13 11:09:23 +08:00
Krzysztof Kosiński	2d44b5d5d0	Add dontaudit statements to camera HAL policy. The autogenerated dontaudit statements in tracking_denials are actually the correct policy. Move them to the correct file and add comments. Bug: 218585004 Test: build & camera check Change-Id: Ie0338f0d2a6fd0c589777a82c22a014e462bd5c2 (cherry picked from commit `26b2d2e33e`)	2022-06-10 20:19:12 +00:00
Adam Shih	ec7b23cf03	remove obsolete entries Bug: 227694693 Bug: 226850644 Bug: 227121550 Bug: 229677756 Bug: 234547497 Test: adb bugreport Change-Id: I94a7466ece0a1e79dc31d737b89845343ea7d301	2022-06-09 05:35:40 +00:00
Adam Shih	b66ae2f304	update error on ROM 8666963 am: `2a7ecbdce0` am: `a038a3604c` am: `0c2906ad8f` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18683654 Change-Id: I78170999211b22a3941ca2fb5294ee84ea36afcd Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-06-01 09:48:01 +00:00
Adam Shih	2a7ecbdce0	update error on ROM 8666963 Bug: 234547497 Test: boot Change-Id: Ic5a9d39449af035a32aaea71b06d7bd33e16cf4b	2022-06-01 08:35:23 +00:00
Krzysztof Kosiński	26b2d2e33e	Add dontaudit statements to camera HAL policy. The autogenerated dontaudit statements in tracking_denials are actually the correct policy. Move them to the correct file and add comments. Bug: 205780065 Bug: 218585004 Test: build & camera check Change-Id: Ie0338f0d2a6fd0c589777a82c22a014e462bd5c2	2022-05-10 05:36:53 +00:00
George Chang	3135c26574	Remove st33spi tracking_denial Fixed by remove property access from st33spi hal aosp/2064213 Bug: 229167195 Test: PtsSELinuxTestCases Change-Id: Icee8bea36ad68e60a32cfa8c35a2ab9ff6ee515a	2022-04-21 08:27:28 +00:00
Labib	b4c3e55628	Let RadioExt talk to bt hal am: `2b189b45af` Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687 Change-Id: Ia79174e3f47e9cd7b1c9c2bd12c91da7543e2baf Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	2022-04-20 03:58:47 +00:00
Labib	2b189b45af	Let RadioExt talk to bt hal Bug: 227122249 Test: Manual Change-Id: I9f41615e8e862af147d6f47e5e4c4e0dde40c233	2022-04-20 03:20:39 +00:00
sukiliu	abdd44b0fd	Update avc error on ROM 8468959 Bug: 229677756 Test: PtsSELinuxTestCases Change-Id: I0423fa9c02e1e16ecf8ec32d89046704f2667d64	2022-04-20 01:53:16 +00:00
sukiliu	aa794b4e43	Update avc error on ROM 8459635 Bug: 229354991 Test: PtsSELinuxTestCases Change-Id: I6b5d7d5b1368021bd927dedf786081c600289974	2022-04-18 01:05:57 +00:00
sukiliu	81d9623cbe	Update avc error on ROM 8453400 Bug: 229209076 Test: PtsSELinuxTestCases Change-Id: I05f06fe0d62cbfbd4783ba9c57dea7d7a7a35fca	2022-04-15 00:52:48 +00:00
sukiliu	f0810342eb	Update avc error on ROM 8449600 Bug: 229167195 Test: PtsSELinuxTestCases Change-Id: I0b6cb1142aff6fbfbe828e014a5d9aad91b9817f	2022-04-14 05:58:56 +00:00
Jenny Ho	f1a9fb4da2	sepolicy: add sepolicy for disable.battery.defender Bug: 221384939 Signed-off-by: Jenny Ho <hsiufangho@google.com> Change-Id: Iba8f4e7abca98b5805eb75ba386c90581269f749	2022-04-14 01:06:58 +00:00
Adam Shih	28a0ab4015	remove obsolete error Bug: 207062833 Bug: 210363938 Bug: 220636850 Test: boot with no relevant error log Change-Id: I4901be83358e860b4a699ce44013fa1b255ceaa5	2022-04-11 11:05:15 +08:00
chungkai	2a3100de6e	sepolicy: ignore avc denial dont audit since it's debugfs Bug: 228181404 Test: forrest with boot test Signed-off-by: chungkai <chungkai@google.com> Change-Id: I77a385b73b5a9edafefa8e7d34a351594cd5cd06	2022-04-08 02:20:26 +00:00
sukiliu	97326bf38b	Update avc error on ROM 8388849 Bug: 221384939 Bug: 227694693 Bug: 227695036 Test: PtsSELinuxTestCases Change-Id: I0768e29a0a162c6f568a5186602b01f1375a1ca5	2022-04-01 11:55:09 +08:00
sukiliu	6379865b9d	Update avc error on ROM 8374246 Bug: 227286343 Test: forrest with boot test Change-Id: I44e32ac8d141dcb14c79ea4d8e78df3f88485dab	2022-03-31 02:14:40 +00:00
sukiliu	3d3ae38c43	Update avc error on ROM 8378382 Bug: 226850644 Test: PtsSELinuxTestCases Change-Id: Ie6c6d8979dc63ebda7c699f10c2abb369a048ab0	2022-03-31 02:14:00 +00:00
Adam Shih	5cc8837eb6	update error on ROM 8365560 Bug: 227121550 Bug: 227122249 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: Iab96c7644e6c99d700a5f7b42fba30032d3624b7	2022-03-28 10:59:04 +08:00
Ted Lin	4b75aab4b8	Remove the tracking for vendor_battery_defender The function is disabled. Bug: 221384939 Test: adb bugreport Change-Id: If8e8b8165329eb9ede86cb62f419a8cf06abb536 Signed-off-by: Ted Lin <tedlin@google.com>	2022-03-25 01:37:03 +00:00
Ted Lin	0adad90ab6	hal_health_default: Fix avc denials 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2270): avc: denied { search } for name="thermal" dev="tmpfs" ino=1028 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=1 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2271): avc: denied { search } for name="thermal" dev="sysfs" ino=16790 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=1 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2273): avc: denied { open } for path="/sys/devices/virtual/thermal/thermal_zone13/mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1 12-02 11:15:45.224 756 756 I health@2.1-serv: type=1400 audit(0.0:2272): avc: denied { write } for name="mode" dev="sysfs" ino=17285 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=1 Bug:208721638 Test: adb bugreport Change-Id: I4d9491862ff1bcc88f89b1478497ac569e3d1df1 Signed-off-by: Ted Lin <tedlin@google.com> (cherry picked from commit `5b6a5292c3`)	2022-03-24 05:26:09 +00:00
Adam Shih	de2696eb72	enforce debugfs constraint on userdebug build Bug: 225815474 Test: build pass Change-Id: If9e32d4b67c342b56eea39701518a520a62df199	2022-03-24 01:05:18 +00:00
SalmaxChang	6dd3de7813	vendor_init: fix avc error avc: denied { getattr } for comm="init" name="/" dev="sda19" ino=2 scontext=u:r:vendor_init:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=0 Bug: 225151104 Change-Id: I508aa6b85039edc4b5a8746aaa602f1131768630	2022-03-22 07:57:59 +00:00
Sam Dubey	b92095e322	Temporarily don't audit init for modem_img_file Change-Id: I2c9c788119b20b8a37e71a971997f16a7fe6165b Fix: 225279974	2022-03-21 04:42:13 +00:00
Roshan Pius	c5710ad18e	gs-sepolicy(uwb): Changes for new UCI stack 1. Rename uwb vendor app. 2. Rename uwb vendor HAL binary name & service name. 3. Allow vendor HAL to host the AOSP UWB HAL service. 4. Allow NFC HAL to access uwb calibration files. Bug: 186585880 Bug: 204718220 Bug: 206045367 Test: Manual Tests Change-Id: Ib0456617d0f5cf116d11a9412f47f36e2b8df570	2022-03-14 16:09:02 +00:00
Roshan Pius	5ddc8be4f4	gs-sepolicy(uwb): Allow uwb hal permission to net_admin This was alloed under gs101-sepolicy. There is an ongoing discussion on how to resolve this for the long term in b/190461440. But, without this uwb functionality is broken on new devices. Bug: 206045367 Bug: 222194886 Change-Id: I6729352f2b7bb93b01990a790e62aa69f60342fe	2022-03-14 16:09:02 +00:00
Ramji Jiyani	cec1d2a769	dumpstate: Remove do not audit for /system_dlkm FixedBy: http://aosp/2022375 Bug: 223332748 Test: atest SELinuxHostTest#testNoBugreportDenials Signed-off-by: Ramji Jiyani <ramjiyani@google.com> Change-Id: I46e427cccec27118fad4440dc6822196d26f4a1b	2022-03-13 18:32:07 -07:00
Adam Shih	e989d0087a	Remove obsolete sepolicy Bug: 207300335 Test: do bugreport without relevant error log showing up Change-Id: I38e4544c59c49543e746775ec686874ee8ae2473	2022-03-09 08:14:24 +00:00
sukiliu	b82a5ab98b	Update avc error on ROM 8268341 Bug: 223332748 Bug: 208721808 Test: PtsSELinuxTestCases Change-Id: Ie3c6fdb9c8f29cac41db2750e71d3163132d4951	2022-03-09 04:25:38 +00:00
Adam Shih	47b4ca882d	init: change overlayfs_file rule to dontaudit Workaround for modem_img being unlabeled after disable-verity. Bug: 193113005 Bug: 221384981 Test: remount with no avc error Change-Id: Ie2479470c095f4ee2a9508714565b1088a8d7dce	2022-03-07 21:39:11 +00:00
Adam Shih	9ba4c9120d	remove obsolete code after SELinux is enforced Bug: 207720645 Bug: 208527900 Bug: 208721673 Bug: 205072922 Test: boot with no relevant errors Change-Id: I68931cc24c55beea52c246a06f268ea2be7d1ecf	2022-03-04 08:47:59 +00:00
Adam Shih	1616b97465	grant bugreport access to camera debug system property Bug: 221384770 Test: do bugreport without seeing relevant error Change-Id: Ie27ac5f2c6e13ec31ccec2adb11762dacab1fbdf	2022-03-04 05:58:20 +00:00
sukiliu	b1c5fcff3d	update error on ROM 8223177 Bug: 221384981 Bug: 221384939 Bug: 221384996 Bug: 221384768 Bug: 221384770 Bug: 221384860 Test: PtsSELinuxTestCases Change-Id: I50916dca7548bce0e77d90a36ad8f9ba1ca7c711	2022-03-02 06:30:05 +00:00
Darren Hsu	8f90cf5408	Allow hal_power_stats to read UWB sysfs nodes Bug: 219369324 Test: Dump power stats and see no avc denials Change-Id: Ib1ac15867f51069bef3f68e91bf65b842b7c0734 Signed-off-by: Darren Hsu <darrenhsu@google.com>	2022-02-24 01:02:11 +00:00
Robb Glasser	727d070b13	Fix sensors_hal selinux denials. Bug: 214473093 Bug: 218930975 Bug: 210067282 Test: com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot Change-Id: Ifd865efd0544f246d1c188f3edce9f05f27313d2	2022-02-22 19:25:50 +00:00
Krzysztof Kosiński	7997d6a8a0	Camera: add setsched capability. The camera HAL needs to increase the priority of some threads to reduce frame drops. Bug: 205072921 Test: Inspected logcat on P10 Change-Id: Ife5194c780a91f32d718f8db38e41f2f47fb929f	2022-02-22 08:12:57 +00:00
Adam Shih	b322df9960	Let GPU reload 02-22 12:59:47.955 15 15 I mali 28000000.mali: reloading firmware 02-22 12:59:47.955 15 15 W mali 28000000.mali: loading /vendor/firmware/mali_csffw.bin failed with error -13 02-22 12:59:47.955 15 15 W mali 28000000.mali: Direct firmware load for mali_csffw.bin failed with error -2 02-22 12:59:47.955 15 15 E mali 28000000.mali: Failed to reload firmware image 'mali_csffw.bin' 02-22 12:59:47.920 15 15 W kworker/0:1: type=1400 audit(0.0:10): avc: denied { read } for name="mali_csffw.bin" dev="dm-4" ino=5689716 scontext=u:r:kernel:s0 tcontext=u:object_r:same_process_hal_file:s0 tclass=file permissive=0 Bug: 220801802 Test: device can resume after an hour of suspend. Change-Id: Ib252d6b1ac50ba7578a2ebf8cd8745004c385378	2022-02-22 07:05:54 +00:00
Tai Kuo	bc3924f61d	Remove hal_vibrator_default avc tracking denials Bug: 204718450 Bug: 207062207 Bug: 208721729 Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot Change-Id: Icb3d6a48fc9fbb6e6644d1d65150436f7c0c8c3f	2022-02-21 06:37:00 +00:00
Adam Shih	2b6835e404	update error on ROM 8205122 Bug: 220636850 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I201f9e84eca676b9f7aa5d09356bce384df1fa4b	2022-02-21 03:20:59 +00:00
chungkai	2d7c980fa6	Fix avc denials for powerhal selinux policy is already added by other commit "`9cc7041`", so remove the previous setting. Test: boot to home screen Bug: 218934377 Signed-off-by: chungkai <chungkai@google.com> Change-Id: Id11ee7b4ae216a54e7051190f8ca382e97a76ade	2022-02-16 02:21:04 +00:00
SalmaxChang	c5f0e9723f	cbd: fix avc errors avc: denied { search } for comm="cbd" name="/" dev="sda1" ino=3 scontext=u:r:cbd:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1 avc: denied { setuid } for comm="cbd" capability=7 scontext=u:r:cbd:s0 tcontext=u:r:cbd:s0 tclass=capability permissive=1 Bug: 205779872 Bug: 205904432 Change-Id: I09f1ac5473b728d5e6f38b01dc83f4b9c4c8fbcc	2022-02-16 01:55:39 +00:00
SalmaxChang	1420e3d5d7	rfsd: fix avc errors [ 8.024353] type=1400 audit(1636594727.560:42): avc: denied { chown } for comm="rfsd" capability=0 scontext=u:r:rfsd:s0 tcontext=u:r:rfsd:s0 tclass=capability permissive=1 [ 8.027666] type=1400 audit(1636594727.564:43): avc: denied { setuid } for comm="rfsd" capability=7 scontext=u:r:rfsd:s0 tcontext=u:r:rfsd:s0 tclass=capability permissive=1 Bug: 205904361 Change-Id: I6e30a9622b930273fbc524e6bc84f2112f79f11c	2022-02-16 01:55:31 +00:00

1 2 3 4 5 ...

324 commits