Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2474 commits 1 branch 0 tags 63 MiB
Commit graph

1050 commits

Author SHA1 Message Date
Martin Wu
c6d08c1781 Revert "Remove tcpdump sepolicy from gs201 and move sepolicy to ..." 
Revert submission 22814097-Fix-tcpdump-sepolicy

Reason for revert: build break

Reverted changes: /q/submissionid:22814097-Fix-tcpdump-sepolicy

Change-Id: I5b1c00cc6a1ae186eb51acc2c99171578c43bace
 2023-04-27 02:20:48 +00:00
martinwu
b7e90ec616 Remove tcpdump sepolicy from gs201 and move sepolicy to gs-common 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I0eb9352e349ae8f06e469e953f137b00204f1c3b
 2023-04-27 01:38:24 +00:00
Joseph Jang
2a5c26c9b4 Move recovery.te to device/google/gs-common/dauntless/sepolicy 
Bug: 279381809
Change-Id: I80fbd9ef0c7e988de21d07ada57fc6a038b9b585
 2023-04-24 08:05:10 +00:00
jimsun
0f6b14dc95 rild: allow rild to ptrace 
06-20 18:47:41.940000  8708  8708 I auditd  : type=1400 audit(0.0:7): avc: denied { ptrace } for comm="libmemunreachab" scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0
06-20 18:47:41.940000  8708  8708 W libmemunreachab: type=1400 audit(0.0:7): avc: denied { ptrace } for scontext=u:r:rild:s0 tcontext=u:r:rild:s0 tclass=process permissive=0

Bug: 263757077
Test: manual
Change-Id: I4720650488eca100372d148313e04d6d8950ead5
 2023-04-18 07:48:20 +00:00
Bruno BELANYI
c1ee9afdef Use restricted vendor property for ARM runtime options 
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I4cd468302da02603cccd9b4b98cb95745129daf5
 2023-04-17 10:59:19 +00:00
Leo Liou
5adecc7433 gs201: add sepolicy for ufs_firmware_update process 
Allow the script to access the specified partition and sysfs.

Bug: 273305212
Test: full build and test ffu flow
Change-Id: Iefeacea2d4c07e7a5b39713c9575e86bd25ce008
Signed-off-by: Leo Liou <leoliou@google.com>
 2023-04-17 09:58:11 +00:00
kadirpili
1af348b01f gs201: Allow GRIL Service to access radio_vendor_data_file 
Bug: 274737512
Change-Id: I1c0b045f8a25c5d58be02c2036d2fcaad7d9a8e7
 2023-04-14 06:57:50 +00:00
Minchan Kim
dc35b4158b remove dump_gs201 sepolicy 
Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I39c01692d959a63c091f98969a69ab35b2debe1a
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 06:09:00 +00:00
Minchan Kim
b7393fd8d8 move vendor_cma_debugfs into gs-common 
The CMA dump is common feature for pixel devices so move
it to gs-common.

Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I3997e27e3037f013338de5bc36687c63338769aa
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 06:09:00 +00:00
Tommy Kardach
3430e752af Update sepolicy for Camera HAL 
Edit SE policay for WHI_PRO to allow
camera HAL to acquire wake locks

Bug: 249567788
Test: Flash and manual testing
Change-Id: I450b0b53000c5b9649e354350ec80af3528120fb
 2023-04-11 19:45:33 +00:00
Adam Shih
9519323a98 use dumpsate from gs-common 
Bug: 273380985
Test: adb bugreport
Change-Id: Ibd54c0049480810e2aa14074e0ec9c4d611d51ff
 2023-04-10 01:11:14 +00:00
Victor Liu
187dcc4e08 uwb: add permission for ccc ranging 
Bug: 255649425
Change-Id: I83ce369e52f382d76723b2b045e09607483a0a6a
 2023-04-06 20:57:42 +00:00
Roy Luo
1f54dc7256 Support sending vendor command to GL852G via libusbhost 
libusbhost need access to USB device fs.

Bug: 261923350
Test: no audit log in logcat after command execution
Change-Id: I4b0c8cc750eff12d2494504f9f215d5b1bab35fd
 2023-04-06 01:54:13 +00:00
feiyuchen
0161b6fbfa Allow camera HAL to access edgetpu_app_service in gs201 
We are seeing SELinux error b/276911450. It turns out that I only added the SE policy for 2023 device ag/22248613, but I forgot to add it for gs101 and gs201. So I created this CL.

See more background in ag/22248613.

Test: For gs201, I tested on my Pixel7 and I saw no more error. For gs101, I just did mm.
Bug: 275016466
Bug: 276911450
Change-Id: I223770eb0bc7e09a5dfb4f4188b7fc605c3d1a61
 2023-04-04 21:32:06 +00:00
Adam Shih
933e6a172b Move power dump out of hal_dumpstate_default 
Bug: 273380509
Test: adb bugreport
Change-Id: I0963af3f8f90b4f05724df31017b0d21d10c59ca
 2023-03-30 02:20:37 +00:00
Adam Shih
a334895789 create a dump for gs201 
Bug: 273380509
Test: adb bugreport
Change-Id: Ic47e0d43d9a5aef4381880eabbba74633ee260a1
 2023-03-28 12:52:52 +08:00
Adam Shih
86faa5607c use radio dump in gs-common 
Bug: 273380509
Test: adb bugreport
Change-Id: I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4
Merged-In: I5e4318a427c0b503c47fb81ddb9e813fa9a41ab4
 2023-03-27 03:19:49 +00:00
Kris Chen
ba0b76de16 Allow fingerprint hal to read sysfs_leds 
Fix the following avc denials:
avc: denied { search } for name="backlight" dev="sysfs" ino=79316
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=dir permissive=1

avc: denied { read } for name="state" dev="sysfs" ino=79365
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=file permissive=1

Bug: 271072126
Test: Authenticate fingerprint.
Change-Id: I9f346cb72ef660712b2bfb610df959667958c36a
 2023-03-24 02:06:34 +00:00
Adam Shih
1cdfdb4262 use gs-common gps dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I7d5fa2f086aeab1b94fe33b3f419d5fb58bfbda5
 2023-03-22 12:26:10 +08:00
Jörg Wagner
28503a8706 Update Mali DDK to r40 : Additional SELinux settings 
Expose DDK's dynamic configuration options through the Android Sysprop
interface, following recommendations from Arm's Android Integration
Manual.

Bug: 261718474

(cherry picked from commit 4183daf7f1)
Merged-In: I75457d2d4f6e37bdd85329bac7fd81327cfff628
Change-Id: Ic40d6576537fc6699e3315040236e79aba16af18
 2023-03-21 10:32:25 +00:00
Adam Shih
831323cd81 use gxp dump in gs-common 
Bug: 273380509
Test: adb bugreport;unzip *zip;tar -xvf dumpstate_board.bin
And found gxp content

Change-Id: I5a1e77f756a0ec045a578c4ca9bced689d8d9d9c
 2023-03-21 11:19:21 +08:00
Adam Shih
0f80193c30 use gs-common camera dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I925fbbba81a92689c4590df4a8d7529cc8b57bf8
 2023-03-20 11:14:44 +08:00
Mahesh Kallelil
0e62b47df9 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I0915969bfa6354e1884088476fc59cd8027bd2f1
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:33:46 +00:00
Adam Shih
f5a068e2bf use gs-common soc dump 
Bug: 273380509
Test: adb bugreport
Change-Id: I81cd197c1a7c9f19ad9a3c30b65b4499de04b184
 2023-03-15 05:59:09 +00:00
Jasmine Cha
915841aada audio: move set_prop to gs-common 
Bug: 259161622
Test: build pass

Change-Id: If9c6d5641a05768446a7b618e447a1d11ad5daab
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-13 10:55:25 +08:00
Adam Shih
fc86ce114c move modem operation to dump_modemlog 
Bug: 240530709
Test: adb bugreport
Change-Id: I1b5c7defc0b6cb04899d03f1f71f0ac1fe21ed80
 2023-03-10 12:14:54 +08:00
Jasmine Cha
c50fcf4794 audio: move sepolicy about audio to gs-common 
Bug: 259161622
Test: build pass and check with audio ext hidl/aidl

Change-Id: Id9fa7130db9b94a25381d10984ad245658847345
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-10 02:05:58 +00:00
Krzysztof Kosiński
3758cdb733 Clean up Google Camera App tracking_denials. 
EdgeTPU access is already allowed. Vendor property access should
be denied and is not an error (most likely from library code
that tries to access nonexistent Mediatek-specific properties).

Fix: 209889068
Test: presubmit, run GCA
Change-Id: Id200da6627ceae1ca6315ea9b4473f61fdc285d0
 2023-03-10 01:00:44 +00:00
Adam Shih
3c494301c8 Move display dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I8d2d0413987629bd3774034a5f99f5b7feb4b3ba
 2023-03-07 12:35:16 +08:00
Salmax Chang
6312c2c014 modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 am: 064f8eb40b 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: Ib71ce8f0289ccc3619d6b323e85f992fe96d6106
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 07:44:16 +00:00
Salmax Chang
064f8eb40b modem_svc_sit: grant modem property access am: 12a731b61e am: 037e986412 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: I617cb3a7d2becaaa2f0cf019fbdb9c88a92548d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 06:49:44 +00:00
Salmax Chang
037e986412 modem_svc_sit: grant modem property access am: 12a731b61e 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2459793

Change-Id: I6432be5a512e7302841b3a705bebfbf260a8e1d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-01 06:12:30 +00:00
Salmax Chang
12a731b61e modem_svc_sit: grant modem property access 
Bug: 247669574
Change-Id: I02f58f04ee0daca9cabb055ed2fb7fe2653831af
 2023-03-01 01:17:49 +08:00
Ken Tsou
e4fad2e355 hal_health_default: allow to access persist.vendor.shutdown.* am: 55d345c5e8 am: 877a01aa5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21455545

Change-Id: I7819419ef876b10affac4978f924988e8a57f024
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 15:53:32 +00:00
Ken Tsou
877a01aa5e hal_health_default: allow to access persist.vendor.shutdown.* am: 55d345c5e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/21455545

Change-Id: Ia7992178f55c2863f99474ad8e0349c3aacd1aeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-18 14:52:58 +00:00
Ken Tsou
55d345c5e8 hal_health_default: allow to access persist.vendor.shutdown.* 
msg='avc: denied { set } for property=persist.vendor.shutdown.voltage_avg pid=908 uid=1000 gid=1000 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 266181615
Change-Id: Ia87610f0363bbfbe4fe446244b44818c273841f4
Signed-off-by: Ken Tsou <kentsou@google.com>
 2023-02-16 10:37:44 +08:00
Adam Shih
8c4ca7b5a4 remove same_process_hal access from gxp firmware 
Bug: 246218258
Test: boot with no relevant SELinux errors
Change-Id: I52c82ff4c70cb16057cf719059f63c3f9c381c46
 2023-02-16 00:02:13 +00:00
Treehugger Robot
45583701ab Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 am: d67d52eb4f am: 68c7241129 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: Ic65e69e5095b5fadf7ebae056785b81d72144139
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 20:44:30 +00:00
Treehugger Robot
68c7241129 Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 am: d67d52eb4f 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: Ibf36bb7559b4a2a91dd6ce063db28828b80b90a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 19:41:21 +00:00
Treehugger Robot
d67d52eb4f Merge "Map AIDL Gatekeeper to same policy as HIDL version" am: 643a4aa018 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2424367

Change-Id: If7561935299aa965f69919dbac04fcf807bf7c7a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-14 18:56:36 +00:00
Treehugger Robot
643a4aa018 Merge "Map AIDL Gatekeeper to same policy as HIDL version" 2023-02-14 17:48:17 +00:00
Adam Shih
6defd8cbc8 Move memory dump to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I304899f1c9eb1a77ef7559194ab4cfed9daf30ef
 2023-02-14 07:22:05 +00:00
Adam Shih
333b450ee7 move tablet settings to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I2bac842aaab1737b2fcecd232e82d49f00439607
 2023-02-14 04:28:30 +00:00
Subrahmanyaman
b05ec9c753 Map AIDL Gatekeeper to same policy as HIDL version 
Bug: 268342724
Test: VtsHalGatekeeperTargetTest
Change-Id: Ic2849f8f00aea80e707a85334364f8ecfe7a64e3
 2023-02-08 18:36:45 +00:00
Ken Yang
1d9a7c5877 WLC: Add required sysfs_wlc sepolicies 
The sysfs_wlc is still required for certain services like
hal_health_default. Add these sepolicies to pass the tests.

Bug: 267171670
Change-Id: Id2687a4ac72e04e537704d036155167b68aeca7c
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-05 02:30:34 +00:00
Ray Chi
2265901763 [DO NOT MERGE] usb: Add sepolicy for extcon access am: 03fb0f6ceb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20729301

Change-Id: Icf1e3a628c4a7e040efd639e16b4a631ea7349ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-04 04:37:05 +00:00
Nicolas Geoffray
27eea9a08a Allow ssr_detector_app directory creation in system_app_data_file. am: 029a072be5 am: ad2ebe9f69 am: cee4578a87 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2421223

Change-Id: Ib99ec0b32daaada2384ffa4592c061b32df7501a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 15:38:23 +00:00
Nicolas Geoffray
cee4578a87 Allow ssr_detector_app directory creation in system_app_data_file. am: 029a072be5 am: ad2ebe9f69 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2421223

Change-Id: I50020f8d16d0ea26b0e1ca253f91ee889db68989
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 15:06:32 +00:00
Ray Chi
03fb0f6ceb [DO NOT MERGE] usb: Add sepolicy for extcon access 
USB gadget hal will access extcon folder so that this patch
will add new rule to allow USB gadget hal to access extcon.

Bug: 263435622
Test: build pass
Change-Id: I971732c6a40700a85df61170dcf1c3660307b96c
 2023-02-03 14:47:40 +00:00
Nicolas Geoffray
ad2ebe9f69 Allow ssr_detector_app directory creation in system_app_data_file. am: 029a072be5 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2421223

Change-Id: I8631d5a2cc63244c5a8ba68f177ee321d89abc91
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-03 14:39:40 +00:00