Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2474 commits 1 branch 0 tags 63 MiB
Commit graph

2474 commits

This branch
This branch
All branches
Author SHA1 Message Date
Siddharth Kapoor
2d43200489 Add libgpudataproducer as sphal 
Bug: 222042714
Test: CtsGpuProfilingDataTestCases passes on User build

Signed-off-by: Siddharth Kapoor <ksiddharth@google.com>
Change-Id: I1997f3e66327486f15b1aa742aa8e82855b07e05
 2022-03-03 01:08:52 +00:00
Jinting Lin
94d7f6cce6 Fix avc denied for slsi engineermode app 
log:
avc: denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:platform_app:s0:c512,c768 pid=5111 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { call } for comm="si.engineermode" scontext=u:r:platform_app:s0:c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.samsung.slsi.engineermode
avc: denied { call } for comm="HwBinder:1016_1" scontext=u:r:rild:s0 tcontext=u:r:platform_app:s0:c512,c768 tclass=binder permissive=0
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=154 scontext=u:r:vendor_engineermode_app:s0:c225,c256,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.samsung.slsi.engineermode

Test: side load the trail build sepolicy, then check the app

Bug: 221482792
Change-Id: I84768ed128a2b8c57d6a3e0a0f0aa8c4d4b91857
 2022-03-03 01:01:08 +00:00
sukiliu
431f4747cc update error on ROM 8223177 am: b1c5fcff3d am: d0afc4ccf5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005595

Change-Id: I1796687e67345c2e3ae7d52849d36e02a511e611
 2022-03-02 07:11:09 +00:00
sukiliu
88653306ce update error on ROM 8223177 am: b1c5fcff3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005595

Change-Id: I00cb31a95f1076bd185e71c09b85ca5cb563b367
 2022-03-02 06:50:04 +00:00
sukiliu
d0afc4ccf5 update error on ROM 8223177 am: b1c5fcff3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005595

Change-Id: I43a4d7d92ba5bb868d0e9167afbb5af5dac852c9
 2022-03-02 06:49:10 +00:00
sukiliu
b1c5fcff3d update error on ROM 8223177 
Bug: 221384981
Bug: 221384939
Bug: 221384996
Bug: 221384768
Bug: 221384770
Bug: 221384860
Test: PtsSELinuxTestCases
Change-Id: I50916dca7548bce0e77d90a36ad8f9ba1ca7c711
 2022-03-02 06:30:05 +00:00
Roshan Pius
2fe3313727 gs-sepolicy: Fix legacy UWB stack sepolicy rules am: a1f0d2aa9a am: a492dff7cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17045928

Change-Id: Ie9b49694ff62287867606d6e8f31f05c85501765
 2022-03-01 19:18:41 +00:00
Roshan Pius
8dd3e0b971 gs-sepolicy: Fix legacy UWB stack sepolicy rules am: a1f0d2aa9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17045928

Change-Id: Ibf58b9ef905da9b1c8fd94beb2603f0ea7dc79b5
 2022-03-01 18:54:19 +00:00
Roshan Pius
a492dff7cc gs-sepolicy: Fix legacy UWB stack sepolicy rules am: a1f0d2aa9a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17045928

Change-Id: I4e5377239bc0ebddb388ae4de486e2e87ccea0d1
 2022-03-01 18:52:42 +00:00
Roshan Pius
a1f0d2aa9a gs-sepolicy: Fix legacy UWB stack sepolicy rules 
This rule was present on previous devices.

Denial logs:
02-24 09:22:08.214   427   427 E SELinux : avc:  denied  { find } for
pid=1479 uid=1000 name=uwb_vendor scontext=u:r:system_server:s0
tcontext=u:object_r:uwb_vendor_service:s0 tclass=service_manager permissive=0

Bug: 221292100
Test: Compiles
Change-Id: I6de4000a9cebf46a0d94032aade7b2d40b94ca16
 2022-03-01 18:25:00 +00:00
Tommy Chiu
024f58cc54 RKP: Add IRemotelyProvisionedComponent service am: b7790aa7a8 am: c94ef875af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17034406

Change-Id: Iecf2ba97b2f4c99d2d52be40f36babe3ab773937
 2022-03-01 07:02:37 +00:00
Tommy Chiu
7845870ddd RKP: Add IRemotelyProvisionedComponent service am: b7790aa7a8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17034406

Change-Id: Ie8a7f246dbbc26d9e64a18a831326d3aee5ed1f9
 2022-03-01 06:42:23 +00:00
Tommy Chiu
c94ef875af RKP: Add IRemotelyProvisionedComponent service am: b7790aa7a8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17034406

Change-Id: I19740f1d8d82c0ff1227709aa639bd8c2b0938db
 2022-03-01 06:39:43 +00:00
Tommy Chiu
b7790aa7a8 RKP: Add IRemotelyProvisionedComponent service 
Bug: 212643050
Bug: 221503025
Change-Id: I7932ba96d0d7dd603d360cd7319997a7c108500a
 2022-03-01 06:10:23 +00:00
Badhri Jagan Sridharan
b9268781da [automerger skipped] android.hardware.usb.IUsb AIDL migration am: fc08341bd6 am: b68d5b153c -s ours 
am skip reason: Merged-In Ia8c24610244856490c8271433710afb57d3da157 with SHA-1 fc08341bd6 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17009127

Change-Id: Id6b50ba2b3860238fa6adebad6dc974aa3b2352a
 2022-03-01 04:17:17 +00:00
Badhri Jagan Sridharan
98d92876de [automerger skipped] android.hardware.usb.IUsb AIDL migration am: fc08341bd6 -s ours 
am skip reason: Merged-In Ia8c24610244856490c8271433710afb57d3da157 with SHA-1 775523d1eb is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17009127

Change-Id: I107a850c88f445e4b91253a46a00e4197e806bf1
 2022-03-01 03:55:58 +00:00
Badhri Jagan Sridharan
b68d5b153c android.hardware.usb.IUsb AIDL migration am: fc08341bd6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17009127

Change-Id: Ib469d2785c355195621edc4a509f3db07d11ea54
 2022-03-01 03:55:10 +00:00
Badhri Jagan Sridharan
fc08341bd6 android.hardware.usb.IUsb AIDL migration 
Cherry-pick of <775523d1eb>

android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.

[   37.177042] type=1400 audit(1645536157.528:3): avc: denied { wake_alarm } for comm="android.hardwar" capability=35 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   37.177139] type=1400 audit(1645536157.528:4): avc: denied { block_suspend } for comm="android.hardwar" capability=36 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   39.936357] type=1400 audit(1645536160.292:5): avc: denied { call } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
[   39.936403] type=1400 audit(1645536160.292:6): avc: denied { transfer } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
...
[   42.845054] type=1400 audit(1645550991.268:8): avc: denied { read } for comm="HwBinder:860_1" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.877781] type=1400 audit(1645550991.268:9): avc: denied { open } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.915532] type=1400 audit(1645550991.268:10): avc: denied { getattr } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.962130] type=1400 audit(1645550991.268:11): avc: denied { map } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   43.003097] type=1400 audit(1645550991.268:12): avc: denied { watch watch_reads } for comm="HwBinder:860_1" path="/dev/usb-ffs/adb" dev="functionfs" ino=40814 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:functionfs:s0 tclass=dir permissive=1
[   43.024529] type=1400 audit(1645550991.268:13): avc: denied { write } for comm="HwBinder:860_1" name="property_service" dev="tmpfs" ino=376 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
[   43.057605] type=1400 audit(1645550991.268:14): avc: denied { connectto } for comm="HwBinder:860_1" path="/dev/socket/property_service" scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1
[   43.084549] type=1107 audit(1645550991.268:15): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.usb.dwc3_irq pid=860 uid=0 gid=0 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=1'

Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
Merged-In: Ia8c24610244856490c8271433710afb57d3da157
 2022-03-01 03:32:23 +00:00
YiHo Cheng
5b27c53dd7 thermal: Label tmu register dump sysfs am: be92764669 am: 3a13f5708b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005600

Change-Id: Iee1567b0c9563388b270f99f29dc62efdc2ae2a7
 2022-03-01 02:15:46 +00:00
YiHo Cheng
6a1e7e3340 thermal: Label tmu register dump sysfs am: be92764669 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005600

Change-Id: I5d714128eacd3e64dc44baff1e6ad295a6bf61fe
 2022-03-01 01:51:51 +00:00
YiHo Cheng
3a13f5708b thermal: Label tmu register dump sysfs am: be92764669 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17005600

Change-Id: I3b54fe773cedef0087cd9f3733b23b0dcdeb1da9
 2022-03-01 01:50:45 +00:00
YiHo Cheng
be92764669 thermal: Label tmu register dump sysfs 
Allow dumpstate to access tmu register dump sysfs

[  174.114566] type=1400 audit(1645790696.920:13): avc: denied { read }
for comm="dumpstate@1.1-s" name="tmu_reg_dump_state" dev="sysfs"
ino=65178
 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0
 tclass=file permissive=0
 [  174.115092] type=1400 audit(1645790696.920:14): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_reg_dump_current_temp" dev="sysfs"
 in
 o=65179 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
 [  174.115208] type=1400 audit(1645790696.920:15): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_rise_thres"
 dev="sysfs"
 ino=65180 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
 [  174.115398] type=1400 audit(1645790696.920:16): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_top_reg_dump_fall_thres"
 dev="sysfs"
 ino=65182 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
 [  174.115498] type=1400 audit(1645790696.920:17): avc: denied { read }
 for comm="dumpstate@1.1-s" name="tmu_sub_reg_dump_rise_thres"
 dev="sysfs"
 ino=65181 scontext=u:r:hal_dumpstate_default:s0
 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 215040856
Test: check tmu register dump sysfs output in dumpstate
Change-Id: Ica48e37344a69264d4b4367af7856ec20b566a9e
 2022-03-01 01:24:00 +00:00
Yu-Chi Cheng
7a53f0050b Allowed GCA to access EdgeTPU for P22 devices. am: 172271fdbc am: e398726310 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17016803

Change-Id: I5ac3df1ecd82d58ace49d97910168e004f416555
 2022-02-26 00:24:58 +00:00
Yu-Chi Cheng
e398726310 Allowed GCA to access EdgeTPU for P22 devices. am: 172271fdbc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17016803

Change-Id: I75df18545ece29becfff7c4eb1624c07c12eefd7
 2022-02-26 00:01:27 +00:00
Yu-Chi Cheng
b6adb75029 Allowed GCA to access EdgeTPU for P22 devices. am: 172271fdbc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17016803

Change-Id: If1a466f643e9768974cc02ed555d6cd543bad153
 2022-02-26 00:01:15 +00:00
Yu-Chi Cheng
172271fdbc Allowed GCA to access EdgeTPU for P22 devices. 
This change includes the google_camera_app domain
into the EdgeTPU selinux rules. With it the GCA
is now able to access EdgeTPU.

Bug: 221020793
Test: verified GCA to work on P22.
Change-Id: I69010e2a8cca1429df402ae587b939d38e20a287
 2022-02-25 23:36:01 +00:00
Jinting Lin
ee692faed2 Fix avc denied for vendor silent logging app am: e44f3c867c am: 45fcc5f934 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986448

Change-Id: I104b71459beb590797d977e18f0a0455329aee74
 2022-02-25 16:04:55 +00:00
Jinting Lin
079719c2b0 Fix avc denied for vendor silent logging app am: e44f3c867c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986448

Change-Id: I6360f039728d972f47c761e06748d6b2443ba911
 2022-02-25 08:27:05 +00:00
Jinting Lin
45fcc5f934 Fix avc denied for vendor silent logging app am: e44f3c867c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986448

Change-Id: I4a4019c4c847dbfabf4bcc985b7dba56591dc6e9
 2022-02-25 06:05:41 +00:00
Jinting Lin
e44f3c867c Fix avc denied for vendor silent logging app 
log:
avc: denied { getattr } for comm="y.silentlogging" path="/data/user/0/com.samsung.slsi.telephony.silentlogging" dev="dm-42" ino=6793 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { search } for comm="y.silentlogging" name="com.samsung.slsi.telephony.silentlogging" dev="dm-42" ino=6793 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
denied { read } for comm="y.silentlogging" name="u:object_r:vendor_slog_prop:s0" dev="tmpfs" ino=338 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_prop:s0 tclass=file permissive=0
avc: denied { search } for comm="y.silentlogging" name="slog" dev="dm-42" ino=314 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=0
avc: denied { read } for comm="y.silentlogging" name="u:object_r:default_prop:s0" dev="tmpfs" ino=150 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.oemservice::IOemService sid=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 pid=7322 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_vendor_oem_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { call } for comm="y.silentlogging" scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:r:dmd:s0 tclass=binder permissive=0
avc: denied { call } for comm="y.silentlogging" scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:r:sced:s0 tclass=binder permissive=0
avc: denied { read } for comm="getenforce" name="enforce" dev="selinuxfs" ino=4 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=0
avc: denied { set } for property=persist.vendor.modem.logging.shannon_app pid=7279 uid=1000 gid=1000 scontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_modem_prop:s0 tclass=property_service permissive=0'

avc: denied { call } for comm="HwBinder:1001_1" scontext=u:r:sced:s0 tcontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tclass=binder permissive=0

avc: denied { call } for scontext=u:r:dmd:s0 tcontext=u:r:vendor_telephony_silentlogging_app:s0:c232,c259,c512,c768 tclass=binder permissive=0

avc: denied { getattr } for comm="tlogging:remote" path="/data/user/0/com.samsung.slsi.telephony.silentlogging" dev="dm-42" ino=6793 scontext=u:r:vendor_silentlogging_remote_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="slog" dev="dm-42" ino=314 scontext=u:r:vendor_silentlogging_remote_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_slog_file:s0 tclass=dir permissive=0

Test: flash TH build then run basic test of silent logging app

Bug: 220847487
Change-Id: Ib5ac1e796e8e816d024cebc584b5699ab8ed1162
 2022-02-25 05:35:06 +00:00
Badhri Jagan Sridharan
775523d1eb android.hardware.usb.IUsb AIDL migration 
android.hardware.usb.IUsb is migrated to AIDL and runs in
its own process. android.hardware.usb.gadget.IUsbGadget
is now published in its own exclusive process
(android.hardware.usb.gadget-service). Creating
file_context and moving the selinux linux rules
for IUsbGadget implementation.

[   37.177042] type=1400 audit(1645536157.528:3): avc: denied { wake_alarm } for comm="android.hardwar" capability=35 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   37.177139] type=1400 audit(1645536157.528:4): avc: denied { block_suspend } for comm="android.hardwar" capability=36 scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_usb_impl:s0 tclass=capability2 permissive=1
[   39.936357] type=1400 audit(1645536160.292:5): avc: denied { call } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
[   39.936403] type=1400 audit(1645536160.292:6): avc: denied { transfer } for comm="HwBinder:875_1" scontext=u:r:hal_usb_impl:s0 tcontext=u:r:hal_thermal_default:s0 tclass=binder permissive=1
...
[   42.845054] type=1400 audit(1645550991.268:8): avc: denied { read } for comm="HwBinder:860_1" name="u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.877781] type=1400 audit(1645550991.268:9): avc: denied { open } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.915532] type=1400 audit(1645550991.268:10): avc: denied { getattr } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   42.962130] type=1400 audit(1645550991.268:11): avc: denied { map } for comm="HwBinder:860_1" path="/dev/__properties__/u:object_r:vendor_usb_config_prop:s0" dev="tmpfs" ino=351 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=file permissive=1
[   43.003097] type=1400 audit(1645550991.268:12): avc: denied { watch watch_reads } for comm="HwBinder:860_1" path="/dev/usb-ffs/adb" dev="functionfs" ino=40814 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:functionfs:s0 tclass=dir permissive=1
[   43.024529] type=1400 audit(1645550991.268:13): avc: denied { write } for comm="HwBinder:860_1" name="property_service" dev="tmpfs" ino=376 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=1
[   43.057605] type=1400 audit(1645550991.268:14): avc: denied { connectto } for comm="HwBinder:860_1" path="/dev/socket/property_service" scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1
[   43.084549] type=1107 audit(1645550991.268:15): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.usb.dwc3_irq pid=860 uid=0 gid=0 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:vendor_usb_config_prop:s0 tclass=property_service permissive=1'

Bug: 200993386
Change-Id: Ia8c24610244856490c8271433710afb57d3da157
 2022-02-25 00:51:26 +00:00
SalmaxChang
d355e26031 Add missing vendor_logger_prop rule am: 7cb9cc182b am: 711eb4d39e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16996081

Change-Id: I898d40f04b1d92ba70d1a473b78142882f7f1c57
 2022-02-24 14:29:19 +00:00
SalmaxChang
6e50b6c086 Add missing vendor_logger_prop rule am: 7cb9cc182b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16996081

Change-Id: I7a0bbf078bf056c35c03f4438020a165d0eb1866
 2022-02-24 13:29:32 +00:00
SalmaxChang
711eb4d39e Add missing vendor_logger_prop rule am: 7cb9cc182b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16996081

Change-Id: If4364de5ee9fd24dcdbbd881550596456907f4eb
 2022-02-24 13:06:15 +00:00
SalmaxChang
7cb9cc182b Add missing vendor_logger_prop rule 
init    : Do not have permissions to set 'persist.vendor.verbose_logging_enabled' to 'true' in property file '/vendor/build.prop': SELinux permission check failed

Bug: 221173724
Bug: 221154649
Change-Id: Ic35e6f1d40f15efefead4530f8d320b72d7366e4
 2022-02-24 07:45:39 +00:00
Zachary Iqbal
cbd2301c12 Give gralloc access to the faceauth_heap_device. am: 4bbc6969e5 am: 0dca35958b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16995763

Change-Id: I821a83023676a3bffeb0d4dc4eda84ff3bc2418a
 2022-02-24 07:16:53 +00:00
Zachary Iqbal
d5591c285c Give gralloc access to the faceauth_heap_device. am: 4bbc6969e5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16995763

Change-Id: I4f7125f019a79f981bcdbabdf937f702705a56ab
 2022-02-24 07:09:17 +00:00
Alex Hong
b98a993585 [automerger skipped] Remove the sepolicy for tetheroffload service am: 4443c79bbb am: 1ca456915b -s ours 
am skip reason: Merged-In I5ecec46512ff4e1ae6c52147cfa0179e5fc93420 with SHA-1 4443c79bbb is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972946

Change-Id: Ibdaef3f7222496386d8b4c59f8b2bc7bdcb46955
 2022-02-24 06:54:51 +00:00
Joseph Jang
6478f87461 identity: Add sepolicy permission for hal_identity_citadel to find hal_remotelyprovisionedcomponent_service am: 5fb066e143 am: 5523e01f2c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984428

Change-Id: I00ffa527ead4c916ed209fed35ffb653bb77fd73
 2022-02-24 06:54:40 +00:00
Jack Yu
e6fff8063a [automerger skipped] uwb: permissions for factory uwb calibration file am: 97a25bf259 am: 769645d0c1 -s ours 
am skip reason: Merged-In I33093231577b71c24d5bf6f980c7021cc546fa98 with SHA-1 97a25bf259 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986452

Change-Id: Ic7d5107dcebc73e2278a8239cacab2d223677c17
 2022-02-24 06:54:23 +00:00
Zachary Iqbal
0dca35958b Give gralloc access to the faceauth_heap_device. am: 4bbc6969e5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16995763

Change-Id: I68667c239af8739e332082286f6004bacc0f328d
 2022-02-24 05:45:18 +00:00
Zachary Iqbal
4bbc6969e5 Give gralloc access to the faceauth_heap_device. 
Notes:
- This is required for face authentication.

Fixes: 221098313
Test: Built locally.
Change-Id: I6292c76c0809f091108ac73bef2d9e2db430a680
 2022-02-24 05:20:30 +00:00
Darren Hsu
b06dbbfdbc Allow hal_power_stats to read UWB sysfs nodes am: 8f90cf5408 am: 7306a159f7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986443

Change-Id: I1a7332a9eb0db6285209536d6c347739dda89438
 2022-02-24 04:58:13 +00:00
Jinting Lin
634a200efe [automerger skipped] Adds mnt file and batt info permissions for modem app am: e6af74a6c4 am: b9b03f61f8 -s ours 
am skip reason: Merged-In Icd02d4f8757719afed020c27a90812921d5f37ec with SHA-1 e6af74a6c4 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984429

Change-Id: Ia2c32d7d844bd19c3cbcd86a61b0f8b0077aab69
 2022-02-24 04:35:25 +00:00
Alex Hong
a44591db67 [automerger skipped] Remove the sepolicy for tetheroffload service am: 4443c79bbb -s ours 
am skip reason: Merged-In I5ecec46512ff4e1ae6c52147cfa0179e5fc93420 with SHA-1 453b37ebdc is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972946

Change-Id: I4ae413cd29ada17b91a2023027f7157b42821de9
 2022-02-24 04:34:33 +00:00
Jinting Lin
fdd73ecdd3 [automerger skipped] Adds logging related properties for logger app am: 7ba8b12bb8 am: 43dd982131 -s ours 
am skip reason: Merged-In I3917ce13f51a5ccb3304eb2db860f4da8424438b with SHA-1 7ba8b12bb8 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16983456

Change-Id: Ie53a001f9de3e6fa44e8151a6e3e8af9691a55d7
 2022-02-24 04:24:54 +00:00
Alex Hong
1ca456915b Remove the sepolicy for tetheroffload service am: 4443c79bbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16972946

Change-Id: I8ef64c6cfeb59e985cdff44fc31bd8d7f20a62d7
 2022-02-24 04:13:56 +00:00
Joseph Jang
083d19df94 identity: Add sepolicy permission for hal_identity_citadel to find hal_remotelyprovisionedcomponent_service am: 5fb066e143 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16984428

Change-Id: Id4f363c69b621d0090f02630c2fdc0d207b1e92a
 2022-02-24 04:09:44 +00:00
Jack Yu
5dce5312f8 [automerger skipped] uwb: permissions for factory uwb calibration file am: 97a25bf259 -s ours 
am skip reason: Merged-In I33093231577b71c24d5bf6f980c7021cc546fa98 with SHA-1 62d5b40d35 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986452

Change-Id: I1a412c0ca108b8f4135a862810682c46e8ee8265
 2022-02-24 04:08:05 +00:00
Darren Hsu
9b1d657510 Allow hal_power_stats to read UWB sysfs nodes am: 8f90cf5408 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/16986443

Change-Id: Iba1a0e7a804473c04b0ec9df05b5286dc316a68d
 2022-02-24 04:06:34 +00:00