Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2474 commits 1 branch 0 tags 63 MiB
Commit graph

1050 commits

Author SHA1 Message Date
Inseob Kim
c420cef154 Revert "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24056607-pixel-camera-services-extensions-sepolicy

Reason for revert: build breakage on git_main-without-vendor

Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy

Change-Id: I9869874507230f59ac3b8cdc2538e4f223216b45
 2023-07-19 01:15:39 +00:00
Utku Utkan
c1f776c272 Introduce CameraServices seinfo tag for PixelCameraServices am: d45ff39442 am: 47f7d7ef72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24030396

Change-Id: Ie157ffc9d3d457df512c8c84eff1bd09634e627a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 22:35:37 +00:00
Utku Utkan
47f7d7ef72 Introduce CameraServices seinfo tag for PixelCameraServices am: d45ff39442 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/24030396

Change-Id: I1ecfa136567806f140067eaed98766c6da66d2ee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 21:49:07 +00:00
Dinesh Yadav
b29cf7645a [Cleanup]: Move gxp sepolicies to gs-common for P22 
These policies are moved to gs-common as part of ag/24002524

Bug: 288368306
Change-Id: If7466983009021c642db998e1c30071ee548846e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-07-14 04:00:23 +00:00
Utku Utkan
d45ff39442 Introduce CameraServices seinfo tag for PixelCameraServices 
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I41b435ae0a34fe9c797b9316887c4b56091a26a5
 2023-07-13 09:11:06 -07:00
David Anderson
91768e10c9 Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 am: a7e9f0a873 am: 96009e517c am: d06d2415a5 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: I74bd7c4a44e03d77acbc8207a6c848b990f1afc8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 01:31:45 +00:00
David Anderson
d06d2415a5 Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 am: a7e9f0a873 am: 96009e517c 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: I1ccfdb2e8605b5cec757b8ad8d7be6fb414cb9c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 00:52:30 +00:00
David Anderson
96009e517c Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 am: a7e9f0a873 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: Ie086b1fb169292469ec153039beee50ae782276d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 00:07:32 +00:00
David Anderson
a7e9f0a873 Allow fastbootd to flash dtbo. am: e96a14a9d2 am: 439827c49d am: a03ec9af21 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2652408

Change-Id: I29b1070280c3e88e976dab3c02b110786ca8f11b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-11 23:22:17 +00:00
David Anderson
e96a14a9d2 Allow fastbootd to flash dtbo. 
This line is copied from gs101-sepolicy, and fixes the following denial:

audit: type=1400 audit(1689093038.396:14): avc:  denied  { write } for  pid=409 comm="fastbootd" name="sda24" dev="tmpfs" ino=493 scontext=u:r:fastbootd:s0 tcontext=u:object_r:custom_ab_block_device:s0 tclass=blk_file permissive=0

Bug: N/A
Test: fastboot flashall in fastbootd
Change-Id: I765aedeb204cc862434a56a97f242640465f84b8
 2023-07-11 10:27:47 -07:00
Samuel Huang
77de7a48b1 Revert "Revert "Create telephony.ril.silent_reset system_ext pro..." am: d02a8eef29 am: e4b6e55e35 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23841769

Change-Id: I07665711913e1cddd8d8e2968bfa340f8d77f232
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-07 03:10:44 +00:00
Samuel Huang
d02a8eef29 Revert "Revert "Create telephony.ril.silent_reset system_ext pro..." 
Revert submission 23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Reason for revert: The root cause is missing property definition in gs101-sepolicy. This CL can be merged safely. Verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L48900000961646046

Reverted changes: /q/submissionid:23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Bug: 286476107
Change-Id: Ia80e4400ff555a637c42193cab3e3acf72bc36a2
 2023-07-07 01:45:23 +00:00
Sebastian Pickl
91585993ad Revert "Allow bthal to access vendor bluetooth folder" am: 41ed8e83ea am: d3ef7a804c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23874549

Change-Id: I67ec25d1297413c4504f6830f766d086585667e6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 12:43:27 +00:00
Sebastian Pickl
41ed8e83ea Revert "Allow bthal to access vendor bluetooth folder" 
Revert submission 23844270-P22-vendor-log-udc-qpr

Reason for revert: causes selinux tests to fail b/289989584

go/abtd: https://android-build.googleplex.com/builds/abtd/run/L37600000961782595

Bug:289989584

Reverted changes: /q/submissionid:23844270-P22-vendor-log-udc-qpr

Change-Id: I4e9ccf17050702a6405c549340e7fe97eba0eb65
 2023-07-05 10:11:12 +00:00
Patty Huang
8bece71dbe Allow bthal to access vendor bluetooth folder am: 1a52c8b952 am: 3e1348f4fc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23854004

Change-Id: I2349fab8fc749e60ce6c2425ea4af9a4f9cbca6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-05 07:49:36 +00:00
Patty Huang
1a52c8b952 Allow bthal to access vendor bluetooth folder 
Bug:289055382
Test: enable vendor debug log and check the vendor snoop log contain the
vendor log

Change-Id: I89164330998d7fbea45dab65931c2a3db22a4c92
 2023-06-30 11:55:35 +08:00
Sebastian Pickl
706b9b4328 Revert "Create telephony.ril.silent_reset system_ext property fo..." am: 4d0eeef36f am: b617ab420a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23817869

Change-Id: I3c55e93124e9fb9b86ee4a9eeebf524d3b6e309a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 12:03:39 +00:00
Sebastian Pickl
4d0eeef36f Revert "Create telephony.ril.silent_reset system_ext property fo..." 
Revert submission 23736941-tpsr-ril-property

Reason for revert: culprit for b/289014054 verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L54800000961620143

Bug: 289014054

Reverted changes: /q/submissionid:23736941-tpsr-ril-property

Change-Id: I4fa5b2803392e0db03bb622392f3d4afab6a45ea
 2023-06-27 10:05:45 +00:00
Samuel Huang
4ad090fbed Create telephony.ril.silent_reset system_ext property for RILD restart am: 513fa361c8 am: 5e8765956e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23748040

Change-Id: I07a7f558bb96efb5fa164db6a2041883853cb948
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-27 03:55:53 +00:00
Samuel Huang
513fa361c8 Create telephony.ril.silent_reset system_ext property for RILD restart 
RILD listens for changes to this property. If the value changes to 1, RILD will restart itself and set this property back to 0.

The TelephonyGoogle app will set this property to 1 when it receives a request from the SCONE app. Since TelephonyGoogle runs in the com.android.phone process, we also need to give the radio domain permission to set the telephony.ril.silent_reset property.

Bug: 286476107
Test: manual
Change-Id: I689e75f4ebf3f44915bd7f795755f297935e7946
 2023-06-21 06:34:45 +00:00
changyan
c3c3f7fd0c Fix avc denied for cat_engine_service_app 
Test: SELinuxUncheckedDenialBootTest
Bug: 282626814
Change-Id: I742e2b20bff09812d2a3ae07903b29e8eae45915
 2023-06-15 03:31:36 +00:00
changyan
61abd02cd3 Updating sepolicy for dump_modem to read /dev/logbuffer_cpif. This is 
required as part of bugreport.

Test: Pts SELinuxTest#scanBugreport
Bug: 277300226
Fix: 282626702
Change-Id: I129116ab78ec89da1529e33be1cfd403715889af
 2023-06-14 07:58:46 +00:00
Jenny Ho
09c478e849 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 am: 34210357f5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: I7a3f5d3c2a22fdb162709c7cef370fc8882b9aba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 02:33:53 +00:00
Jenny Ho
34ee73b7f2 Add permissions for maxfg_base/maxfg_secondary am: ee160b5880 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23467290

Change-Id: Ie6144135cf653d281c7bef84fb4469daefbad095
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 01:54:32 +00:00
Jenny Ho
ee160b5880 Add permissions for maxfg_base/maxfg_secondary 
Bug: 284878175
Change-Id: I3fe3030ecd36773405f0e70b767d4a28062d91ad
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-05-30 12:09:30 +08:00
Donnie Pollitz
cc3c03dae7 Allow vendor_init to fix permissions of TEE data file am: 955ae6825f am: 09318c0f8b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ibe080c2af64fb0aa76554222b030c4428cc71e79
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 08:59:27 +00:00
Donnie Pollitz
a2cb6ab6eb Allow vendor_init to fix permissions of TEE data file am: 955ae6825f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23412161

Change-Id: Ibf91aa97b122e3a5f39053c6ed01e62b3783403c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 07:53:44 +00:00
Donnie Pollitz
955ae6825f Allow vendor_init to fix permissions of TEE data file 
Background:
* vendor_init needs to be able to possibly fix ownership of
  tee_data_file

Bug: 280325952
Test: Changed permissions and confirmed user transitions
Change-Id: I27681589c9d0b0aa88463e6476fb75119ea89e8a
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-05-26 07:17:39 +00:00
sashwinbalaji
650ab4f009 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea am: 54050db789 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: If8acc782a6ad78a791aa04a832ec2e82a04a0a19
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:03:19 +00:00
sashwinbalaji
6bc46c8cd5 thermal: thermal_metrics: Update selinux to reset stats am: 1113c66dea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23078641

Change-Id: I2037d2de006c26cba1b2114f776678aca7c4a808
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 06:22:41 +00:00
sashwinbalaji
1113c66dea thermal: thermal_metrics: Update selinux to reset stats 
Bug: 193833982
Test: Local build and verify statsD logs
adb shell cmd stats print-logs && adb logcat -b all | grep -i 105045
Change-Id: I0dc1c557797d7fe97da7f0fcb2d600485526c979
 2023-05-25 05:28:45 +00:00
Jin Jeong
858a6f7cb8 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 am: bc46900137 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I008340539cac47efb8d3d377962b47e9f9bbc926
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:27:28 +00:00
Jin Jeong
234757c994 Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 am: 41cebba8d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: I24205e515e52807cec6a518fc162a78e602e3a9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 02:27:23 +00:00
Jin Jeong
5627fe6f60 Revert "Fix SELinux error for com.google.android.euicc" am: 10ef6d8619 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23163634

Change-Id: I66ec119e485273f9d1562bb272ab7c25541e98b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:47:08 +00:00
Jin Jeong
42760593ae Revert "Fix LPA crash due to selinux denial" am: 980c71bea4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23167565

Change-Id: Ib285406b29c598ab5cec6db6ab0d2f9d57343a0f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 01:47:01 +00:00
Jin Jeong
10ef6d8619 Revert "Fix SELinux error for com.google.android.euicc" 
Revert submission 22899490-euicc_selinux_fix

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Bug: 279988311
Reverted changes: /q/submissionid:22899490-euicc_selinux_fix

Change-Id: I50ff4f8e48389d034c3f6c716dad1a81e9b73e64
 2023-05-24 01:07:09 +00:00
Jin Jeong
980c71bea4 Revert "Fix LPA crash due to selinux denial" 
Revert submission 22955599-euicc_selinux_fix2

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Bug: 279988311
Reverted changes: /q/submissionid:22955599-euicc_selinux_fix2

Change-Id: I2799c61ab5464e5551168f471740afe76edd1113
 2023-05-24 01:07:09 +00:00
Anthony Zhang
f8bcbec08a [DO NOT MERGE] Allow fingerprint to access persist property am: 7f19e81d61 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23286924

Change-Id: Iefb182caafd96e46b9743e39066cb00c5d6bd933
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-22 19:23:36 +00:00
Anthony Zhang
7f19e81d61 [DO NOT MERGE] Allow fingerprint to access persist property 
Bug: 258901849
Test: Local test on enrollment/delete, version update

Change-Id: I96acb79b3e600e0a4dd7b7a1cf494b20a876ca63
 2023-05-22 18:36:54 +00:00
Samuel Gosselin
918335e2a9 genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. 
This adds the appropriate raw i2c numberings to the sepolicy
for the 6.1 kernel driver which does not use the i2c vendor
hook to rename these numberings. This is required for the
thermal hal to work.

Test:
Boot to Android Home on WHI PRO with 6.1 kernel, no
Thermal HAL crashes.

Bug: 276464780
Signed-off-by: Samuel Gosselin <sgosselin@google.com>
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:83712c5243166cafa3a057d5347515e04947cde8)
Merged-In: I8c2633b33cef8ca2b55029190fe42bd66b17390f
Change-Id: I8c2633b33cef8ca2b55029190fe42bd66b17390f
(cherry picked from commit 64111ee561)
 2023-05-17 18:09:48 +00:00
Luis Delgado de Mendoza Garcia
3992c42501 Add chre channel sepolicy entries 
Bug: 281814892
Fix: 281814892
Test: in-device verification.
Change-Id: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
Merged-In: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
 2023-05-16 22:49:12 +00:00
Adam Shih
ae82c7c7b7 add missing permission for gs201 power dump am: 2a02fe5fc5 am: 07197068f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/23125499

Change-Id: I2703ebc5b3b1186c113ed7b4caad8f53193c8464
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-11 06:15:15 +00:00
Samuel Gosselin
83712c5243 genfs_contexts: add raw s2mpg12mfd and s2mpg13mfd node. 
This adds the appropriate raw i2c numberings to the sepolicy
for the 6.1 kernel driver which does not use the i2c vendor
hook to rename these numberings. This is required for the
thermal hal to work.

Test:
Boot to Android Home on WHI PRO with 6.1 kernel, no
Thermal HAL crashes.

Change-Id: I8c2633b33cef8ca2b55029190fe42bd66b17390f
Signed-off-by: Samuel Gosselin <sgosselin@google.com>
 2023-05-10 22:13:33 +00:00
Luis Delgado de Mendoza Garcia
c2d912818c Add chre channel sepolicy entries 
Bug: 241960170
Test: in-device verification.
Change-Id: I3151d25c4a1cd7a858b84e0c8989dc160d368ca5
 2023-05-10 17:20:09 +00:00
Adam Shih
2a02fe5fc5 add missing permission for gs201 power dump 
Bug: 281602658
Test: adb bugreport
Change-Id: Ibf765c9da65d2c9f6a3825c91cb22771f583457a
 2023-05-10 10:56:55 +08:00
Jinyoung Jeong
2d7181e3fc Fix LPA crash due to selinux denial 
Bug: 280336861
Test: No crash found during LPA basic tests: download eSIM,
enable/disalbe eSIM.

Change-Id: Ie4fd8fccce5ec98cf0b2afff9a41f27206e52626
 2023-05-02 14:10:00 +00:00
Hongbo Zeng
306bf73c79 Fix denials for radio service to access files under /data/venodr/radio 
Bug: 270561266
Test: get PASS result with go/ril-config-service-test and the original
      denial logs in http://b/270561266#comment8 are gone

Change-Id: I17155852bb2408b4389a86d32228292885e14c46
 2023-05-02 08:05:31 +00:00
martinwu
5f9732a97a [TSV2] Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
Merged-In: Ic804a3a4739ec5a9604320cb8e0fdae91b8429c1
 2023-05-02 03:16:02 +00:00
Jinyoung Jeong
f265749f1d Fix SELinux error for com.google.android.euicc 
Bug: 279548423
Test: http://fusion2/b7c803be-2dca-4195-b91f-6c4939746b5b
Change-Id: Idd231c2412e8f597dea1bfa11f9d1a0fa1e17034
 2023-04-30 02:51:45 +00:00
Bruno BELANYI
ee3fe73de0 Add ArmNN config sysprops SELinux rules 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:9d61da55a193a12b7552e67e67d968c46d4dec86)
Merged-In: I90af8201d5fae44f73d709491f272a113b44ca67
Change-Id: I90af8201d5fae44f73d709491f272a113b44ca67
 2023-04-27 08:06:38 +00:00