Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2474 commits 1 branch 0 tags 63 MiB
Commit graph

324 commits

Author SHA1 Message Date
Mars Lin
a320d9b575 Add required sepolicy rules for CatEngine 
Fix:
02-15 11:55:44.005   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=activity scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:activity_service:s0 tclass=service_manager permissive=1
02-15 11:55:44.082   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=game scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:game_service:s0 tclass=service_manager permissive=1
02-15 11:55:44.087   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=netstats scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=1
02-15 11:55:44.092   431   431 E SELinux : avc:  denied  { find } for pid=3009 uid=1000 name=content_capture scontext=u:r:cat_engine_service_app:s0:c232,c259,c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=1

Bug: 219632839
Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I1db9b29e3a3c7dae782bced3427e7c24c5dee945
 2022-02-16 01:34:11 +00:00
Adam Shih
501767b174 remove bt obsolete sepolicy 
Bug: 207062775
Bug: 208721525
Test: do bt connection under enforcing mode
Change-Id: I787bfcffdb8cfcff7276d8d183c04d985296ff1c
 2022-02-15 07:45:58 +00:00
Adam Shih
027e04ab2b update error on ROM 8184037 
Bug: 219632839
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ie3a2325f2e80aea94d7ca79257f5bf3db8578259
 2022-02-15 06:59:08 +00:00
Alex Hong
58b6e68d51 Add required sepolicy rules for Sensor function 
Bug: 210067282
Bug: 214473093
Bug: 218930975
Bug: 218499995
Test: run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#checkSensors
Change-Id: I21bbbe35b8c487e9de46b03c508a483134c0b1b8
 2022-02-14 19:31:08 +08:00
Adam Shih
015d77ab54 update error on ROM 8179635 
Bug: 219369324
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Iee33b4d8cefca3b91caa0fce1ed1d4a0686a05a2
 2022-02-14 05:19:24 +00:00
Adam Shih
436106d52f Let citadel talk to system_server 
Bug: 205904322
Test: no request loop caused by citadeld
Change-Id: Ia258ed2555d82eb2ea2b139a266c8f76d3b29d06
 2022-02-11 06:54:28 +00:00
Adam Shih
e01b568cfe update error on ROM 8172195 
Bug: 218934377
Bug: 218930975
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I125453803e0c827c45ad9551616366b96cc89816
 2022-02-11 05:31:05 +00:00
Alex Hong
9cc70410c5 Add required sepolicy rules for Camera function 
Bug: 218499972
Test: Switch to Enforcing mode
      Take a picture, camera recording
Change-Id: I57f3e8454ece6906624f028b7a3771ffddcaa963
 2022-02-11 03:26:56 +00:00
Alex Hong
cd4f508c92 Grant hal_dumpstate_default access 
Bug: 208721677
Bug: 208909124
Test: pts-tradefed run pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: Ie5463e96958a95431630941c19b7888a3eea2e3e
 2022-02-11 03:26:56 +00:00
Adam Shih
08db42d941 update error on ROM 8162414 
Bug: 218585004
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I9ac82ab564eb4399a88516427f1cdc735a257da2
 2022-02-09 05:17:19 +00:00
chungkai
b1177899bd Fix avc denials for powerhal 
Test: boot to home screen
Bug: 214121738
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ic5e14f7c8d321278c2c39797126db930a0dc93f3
 2022-02-09 04:10:28 +00:00
Denny cy Lee
92d0030e6a hardwareinfo: add sepolicy for SoC 
Bug: 208721710
Test: search avc in logcat

Change-Id: I3828d39981666db98e6a34aa70ae39b7f126e495
Signed-off-by: Denny cy Lee <dennycylee@google.com>
 2022-02-08 03:33:06 +00:00
Krzysztof Kosiński
b76b5e3872 Add camera HAL sepolicy based on previous chip family. 
The camera HAL code is reused from the previous chip and needs to
perform the same operations as previously, with the following
differences:
- The interrupt affinity workaround may no longer be necessary
  due to image sensor changes, so the ability to set interrupt
  affinity is removed.
- Access to some files that were only present before the APEX
  migration is removed.
- vendor_camera_tuning_file is no longer needed.
- TEE access for face auth is removed for now.

Bug: 205904406
Bug: 205657132
Bug: 205780186
Bug: 205072921
Bug: 205657133
Bug: 205780065
Bug: 204718762
Bug: 207300298
Bug: 209889068
Bug: 210067468
Test: Ensure that the policy builds; I don't have access to target
      hardware at the moment.

Change-Id: Ia70b98d4e1f3a156a5e719f0d069a90579b6a247
 2022-01-27 15:36:30 +00:00
Ted Lin
2e64171fe1 Remove the tracking for regmap read on hardwareinfo 
Bug: 208909060
Test: adb bugreport
Change-Id: Id81634ccf58a984e8b9ac54e400a1f8035b1304a
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-01-26 08:08:54 +00:00
TeYuan Wang
0f6ba3f806 remove thermal_link_device tracking_denials rules 
we remove the thermal zone policy change by ag/16713094,
so we do not need this tracking_denials rules anymore

Bug: 202907037
Test: no avc denied log found
Change-Id: I5fe8b0d94c9fddac02e92fcd611b7098f0e68971
 2022-01-26 02:41:03 +00:00
Jinting Lin
6c24e3f9ba sepolicy: fix avc denied for logger app 
Bug: 205202541
Bug: 205779798
Bug: 207062780
Bug: 206045604
Bug: 207571546
Bug: 207431041
Bug: 208721679

Test: flash forrest build, no avc denied log on logger app

Change-Id: I6be694f727d619ba89eaa4d006c74ba4dc582095
 2022-01-25 08:16:48 +00:00
Adam Shih
c050b66976 update error on ROM 8101782 
Bug: 215649341
Bug: 215649571
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I1469117c6b9479fe40aa16975b00bcbe23ced015
 2022-01-24 03:56:22 +00:00
Darren Hsu
89f14a9496 sepolicy: allow PowerStats HAL to access below sysfs 
aoc, acpm_stats, cpu, edgetpu, iio_devices, odpm, wifi and ufs

(All avc logs are listed in b/207598247#comment2)

Bug: 207062210
Bug: 207571335
Bug: 207720720
Bug: 207598247
Test: dump power stats with no relevant avc error
Change-Id: I9c99af2d06461a2f86ef02d76b3aa8ea669e58e9
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-01-24 02:05:11 +00:00
Darren Hsu
a7e3b39ca4 sepolicy: allow PowerStats HAL to call BT HAL 
Bug: 205904367
Test: dump power stats with no relevant avc error
Change-Id: Idc7ecbc7e3571011c8c12c421bdce0015e78135f
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-01-24 02:04:21 +00:00
William Tai
492f8a39f4 allow android.hardware.power.stats-service.pixel to access sysfs_leds 
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:8): avc: denied { search } for name="backlight" dev="sysfs" ino=69387 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:9): avc: denied { read } for name="state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1
01-20 15:26:18.272   760   760 I android.hardwar: type=1400 audit(0.0:10): avc: denied { open } for path="/sys/devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/backlight/panel0-backlight/state" dev="sysfs" ino=69419 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

Bug: 214473005
Test: no avc denied error during bootup
Change-Id: I5b8a232202a8f1c5b10878c10be9bec3329fb7ad
 2022-01-21 06:14:32 +00:00
Adam Shih
3062ac34cd allow storageproxyd to set itself to system 
Bug: 205904330
Test: boot to home under enforcing mode
Change-Id: I48272f6507f6cdb930f734b86d3b21b0e553cac0
 2022-01-20 14:48:49 +08:00
Adam Shih
26778aff7b be able to dump camera info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I90a4c971c50290c38f7913dc18404daf0270b907
 2022-01-20 14:17:00 +08:00
Adam Shih
f56dba1b24 be able to dump CPU info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I14abe138b6ad4a842edb143318cc5d867d575ec3
 2022-01-20 14:11:25 +08:00
Adam Shih
36dc06e08a be able to dump debugfs info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I4f7fc7a8f0029f1c1f398403d938bd6b7b96a43e
 2022-01-20 11:12:06 +08:00
Adam Shih
8209221242 be able to run usf dump binary 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I83687a284c4a27e723e31ce19edd2cbceaa69ab8
 2022-01-20 11:12:06 +08:00
Adam Shih
f6dd48e07b be able to dump modem silent log 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Iec520b21d904fa4119a4111fe4de659c28634826
 2022-01-20 11:12:06 +08:00
Adam Shih
0e96eb0865 be able to dump rfsd info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Idbe125d76392a8c04b3fa5f475e0c3aa2f9a199c
 2022-01-20 11:12:06 +08:00
Adam Shih
43d7a148d5 be able to dump GPS 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ied6d86090e3ae29c0b49c4880a515669940c5706
 2022-01-20 11:12:06 +08:00
Adam Shih
bfe1d014a2 be able to dump chip id 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ie539ab9afac80ea58e418a6fbe503ad822299b3f
 2022-01-20 11:12:06 +08:00
Adam Shih
8518e2e1ce be able to dump wireless charging info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ie4e19a322a312e183e23197f600a527ee5ceed4d
 2022-01-20 11:12:06 +08:00
Adam Shih
75ad9a3fcc be able to dump exynos info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I72ca4c8715130558d8dd3dccbf941dde6b9f064e
 2022-01-20 11:12:05 +08:00
Adam Shih
93000fdd06 be able to dump aoc info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I60cb5cce8b6cb7e417ee3efdeceeaafc2f071dfa
 2022-01-20 11:12:05 +08:00
Adam Shih
2417726674 be able to dump crashinfo 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Id01348da754d39f36262a7757d8c65ee746032c3
 2022-01-20 11:12:05 +08:00
Adam Shih
dee839cecd be able to dump thermal 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I6f8e2ce3b64220efba4172ef6fe05cc3fdbb6cf3
 2022-01-20 11:12:05 +08:00
Adam Shih
f884bc1f19 be able to dump wifi info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I3d0c257a20cfd6da6572cd01e76416dfa56c3c23
 2022-01-20 11:12:05 +08:00
Adam Shih
e8da0e146f be able to dump bcl in userdebug ROM only 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Id8127d495ff1b332284beda1e411b2327ec8625f
 2022-01-20 11:12:05 +08:00
Adam Shih
db22459b69 be able to dump battery info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I3705ee59b37d34c7d676943ca8f0c9995ef0262e
 2022-01-20 11:12:05 +08:00
Adam Shih
7717461bb2 be able to dump acpm 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I2435fea779977313e2f731733463c5c4313fda3c
 2022-01-20 11:12:05 +08:00
Adam Shih
7897e0f6ca Be able to dump ramdump info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I0cd8ca483df669505f11ff6fdd19cc15cb9959e1
 2022-01-19 05:38:52 +00:00
Adam Shih
03fbacc6ac Be able to dump radio info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I6a83029e9e0d0c42892b64a8acfa60cc514efba9
 2022-01-19 05:38:52 +00:00
Adam Shih
f72d021bd0 Be able to dump modem info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I0b9384ec4ddda5d3d49a451c529c03fc4d53da8f
 2022-01-19 05:38:52 +00:00
Adam Shih
5b00a6c8a2 Be able to dump logbuffer 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Ieae4d64b497e911a6c8048f789e364cd1b9d2f4b
 2022-01-19 05:38:52 +00:00
Adam Shih
b8053f6b6e Be able to dump citadel info 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: I4f76a17004b81adbddeb7557e50f488b471aa3c7
 2022-01-19 05:38:52 +00:00
Adam Shih
11d9e265ee be able to dump aoc device 
Bug: 208721677
Bug: 208909124
Test: do adb bugreport with no relevant error log
Change-Id: Icbb2364638dbabe9bcccd744413d5c679b35d058
 2022-01-19 05:38:52 +00:00
Adam Shih
b2f810f9dd sort tracking file to review it easily 
Bug: 208909124
Bug: 208721677
Test: boot with no relevant error when taking a bugreport
Change-Id: I5dc5d5cdbae329372f58f056dcf10e205ee7e02a
 2022-01-18 08:30:45 +00:00
Adam Shih
72a1bebd3d update error on ROM 8088139 
Bug: 215042694
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I741e1e101f050fe915142ec1699d2bbc553f14d7
 2022-01-18 05:42:55 +00:00
Matt Buckley
59a7bf0bb7 SEPolicy access issue for hal_graphics_composer_default should be fixed 
with ag/16631829

Bug: b/214473134
Test: pts-tradefed run pts -m PtsSELinuxTest

Change-Id: Id790bbfb9db534b86c4c5ae4564cfb2d5771ec4b
 2022-01-17 20:51:58 +00:00
Adam Shih
56df08e495 fix dumpstate permission 
Bug: 208721809
Test: run bugreport under enforcing mode and found  no relevant errors
Change-Id: I106d95fd01b321af815ef8e580305702be716021
 2022-01-17 14:54:54 +08:00
Adam Shih
d9a2fb8506 grant systemui app access to touch service 
Bug: 204718221
Test: boot with no relevant error
Change-Id: Ic320cf682e481522ef9acad6c4eb63891c84c80c
 2022-01-17 11:20:07 +08:00
Adam Shih
0b322cac3d make GPU mali firmware accessible 
Bug: 205779849
Test: boot with no relevant log.

Change-Id: I0cc1c1f84df44b5fbed239d6771937f62861bdb2
 2022-01-17 02:11:39 +00:00