device_google_gs201

Author	SHA1	Message	Date
Ruofei Ma	fded60a79e	Add SELinux policy for mediacodec_google mediacodec_google represents google av1 decoder hal service. Bug: 205657135 Signed-off-by: Ruofei Ma <ruofeim@google.com> Change-Id: Ied61107d1991a22b24170b055bf3613165cbe050	2021-11-17 00:57:08 +00:00
Adam Shih	bc651b87ce	let citadel and camera hal use binder Bug: 205904207 Test: boot with no relevant error log Change-Id: I0544f0ea645c5e594279bfda5aef4714c7929d26	2021-11-16 11:37:38 +08:00
Adam Shih	32db046e67	suppress bootanim android watch behavior on phones Bug: 205780088 Test: boot with no relevant error log Change-Id: Ic928d3212a016984ff31f358486109022d82b1ee	2021-11-16 11:02:46 +08:00
Adam Shih	af53f729cf	allow kernel to access firmware and zram Bug: 205780090 Test: boot with no relevant error log Change-Id: I272d9babfb0283e46cfc2e65e0bb85323bf8b7a2	2021-11-16 02:13:10 +00:00
Adam Shih	d66ba1bd25	allow system ui to call hal_wlc Bug: 205904327 Test: Boot with no relevant error log Change-Id: Ieeb3a27266055ead7fd8e0bb5aaa85c4137bccef	2021-11-16 02:13:04 +00:00
Adam Shih	2ef225b9c5	label oemrilservice_app and grant relevant permission 11-15 11:32:41.059 442 442 E SELinux : avc: denied { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:oemrilservice_app:s0:c195,c256,c512,c768 pid=1866 scontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=1 11-15 11:32:41.060 1013 1013 I rild_exynos: type=1400 audit(0.0:5): avc: denied { call } for scontext=u:r:rild:s0 tcontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tclass=binder permissive=1 11-15 11:32:41.368 1013 1013 I rild_exynos: type=1400 audit(0.0:6): avc: denied { call } for scontext=u:r:rild:s0 tcontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tclass=binder permissive=1 11-15 11:32:41.890 441 441 E SELinux : avc: denied { find } for pid=1866 uid=10195 name=isub scontext=u:r:oemrilservice_app:s0:c195,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=1 Bug: 205904553 Bug: 205073117 Bug: 204718782 Bug: 205904441 Test: boot with no relevant error log Change-Id: I258aa58b4d3c95b901405e9181138c0d68c2b154	2021-11-16 02:12:53 +00:00
Tommy Chiu	94f78934d9	Keymint: Fix SELinux denial Also remove -dontaudit- configuration. Bug: 205073229 Bug: 205655569 Bug: 205904323 Change-Id: If8de3b4e6ee01488fdd563b702fbba1bd7c73ef0	2021-11-15 16:12:38 +00:00
Leo Liou	8423a70e12	sepolicy: hal_health_default: fix avc denied logs avc: denied { search } for comm="health@2.1-serv" name="/" dev="sda1" ino=3 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1 avc: denied { search } for name="/" dev="sda1" ino=3 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1 avc: denied { search } for name="vendor" dev="tmpfs" ino=2 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1 avc: denied { search } for comm="health@2.1-serv" name="vendor" dev="tmpfs" ino=2 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=1 Bug: 205779737 Test: local build pass Change-Id: I2be76d97e35bff4e22075641b9031872d628e980 Signed-off-by: Leo Liou <leoliou@google.com>	2021-11-15 14:55:38 +08:00
chenpaul	1053cee419	Wifi: Add sepolicy files for hal_wifi_ext service avc denied log: avc: denied { search } for comm="wifi_ext@1.0-se" name="wifi" dev="dm-43" ino=365 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:updated_wifi_firmware_data_file:s0 tclass=dir permissive=1 Bug: 205779850 Test: pts -m PtsSELinuxTest -t com.google.android.selinux.pts.SELinuxTest #scanAvcDeniedLogRightAfterReboot Change-Id: I0c41193b2b9c6a596f142f02c6fee4665fbf2011	2021-11-15 05:25:50 +00:00
Adam Shih	8e6af6f9ad	update error on ROM 7914295 Bug: 206331617 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I3dcd875e127ff1d53554eb419259e8721c2ae628	2021-11-15 03:10:20 +00:00
Jenny Ho	014051a9f7	create hal_health_default.te for Battery Defender access file node Bug: 205073003 Signed-off-by: Jenny Ho <hsiufangho@google.com> Change-Id: I946b85e8b595601f56df26c567d31df76f7a5a5b	2021-11-15 01:53:50 +00:00
Jenny Ho	d99197dd19	enable battery information dump Bug: 205071645 Signed-off-by: Jenny Ho <hsiufangho@google.com> Change-Id: If811765d51add03d8d7a1f5e8276d2f56c7922a7	2021-11-15 01:53:30 +00:00
Long Ling	5ff0c059b3	sepolicy: gs201: update label for hwc3 service Bug: 201321174 Change-Id: I5ecce6c513eecad22a463d52b7cfb718284f3c02	2021-11-12 04:39:24 +00:00
Adam Shih	830fa53e9f	update error on ROM 7908395 Bug: 206045367 Bug: 206045604 Bug: 206045368 Bug: 206045605 Bug: 206045471 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I8b1a0ae9686f47d684428bb79650a7bb0dfe9904	2021-11-12 02:21:53 +00:00
Joseph Jang	b4393a0bf3	Fix SELinux error coming from hal_identity_citadel Bug: 205657024 Change-Id: Ic23b631eb63cf13ba7e08215590e73386d2a3126	2021-11-11 14:52:05 +08:00
Adam Shih	ab13d5a1f7	update error on ROM 7904131 Bug: 205904432 Bug: 205904322 Bug: 205904438 Bug: 205904406 Bug: 205904310 Bug: 205904436 Bug: 205904402 Bug: 205904552 Bug: 205904323 Bug: 205904442 Bug: 205904367 Bug: 205904452 Bug: 205904403 Bug: 205904379 Bug: 205904328 Bug: 205904286 Bug: 205904380 Bug: 205904401 Bug: 205904381 Bug: 205904208 Bug: 205904433 Bug: 205904327 Bug: 205904553 Bug: 205904361 Bug: 205904441 Bug: 205904324 Bug: 205904207 Bug: 205904404 Bug: 205904330 Bug: 205904439 Bug: 205904435 Bug: 205904384 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I64432a24d562d5868f21a317e5bfd6f25ad24900	2021-11-11 09:47:32 +08:00
Adam Shih	e3bb63ab1b	Make display related libraries reachable Bug: 205780068 Bug: 205779849 Test: boot with no relevant error Change-Id: I806ecb779690346674816b793a5da21acf1be59b	2021-11-11 01:15:49 +00:00
Adam Shih	e73b78bdd8	unleash the rest of error log not related to sysfs Bug: 205212735 Test: boot with error revealed Change-Id: I3e07ff8632e60cf93360907bccf5cacd16b8c5b9	2021-11-10 12:15:04 +08:00
Adam Shih	53371742c2	update error on ROM 7900024 Bug: 205780088 Bug: 205779872 Bug: 205779877 Bug: 205780065 Bug: 205779906 Bug: 205779737 Bug: 205779871 Bug: 205780093 Bug: 205779850 Bug: 205779736 Bug: 205780090 Bug: 205779798 Bug: 205780186 Bug: 205779849 Bug: 205779799 Bug: 205780067 Bug: 205779581 Bug: 205779869 Bug: 205780068 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I979411b162c42ace670c35fcfd6ba286f0ea02fb	2021-11-10 11:06:37 +08:00
Adam Shih	7caaa15bd9	unleash error log related to file access Bug: 205212735 Test: boot with error revealed Change-Id: I7cee80913ca621e7ab19f690eeb70d79e3d692dc	2021-11-09 14:10:25 +08:00
Adam Shih	95c4e650c8	update error on ROM 7895525 Bug: 205657177 Bug: 205657040 Bug: 205657133 Bug: 205656936 Bug: 205656937 Bug: 205657024 Bug: 205655569 Bug: 205656951 Bug: 205657039 Bug: 205657063 Bug: 205657092 Bug: 205657025 Bug: 205655298 Bug: 205657135 Bug: 205657093 Bug: 205657132 Bug: 205657090 Bug: 205656950 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I71c27247f9a19fe23a3602bf29793b1f0efc8bc8	2021-11-09 05:45:36 +00:00
Adam Shih	dd5b14c118	unleash error log related to device access Bug: 205212735 Test: boot with error revealed Change-Id: I49a995ecf3a050174c614453725fd51e09358688	2021-11-09 01:50:45 +00:00
Roger Wang	5f1a03bf0e	Wifi: Add sepolicy files for hal_wifi_ext service This commit adds the sepolicy related files for hal_wifi_ext service. avc msg: avc: denied { set } for property=vendor.wlan.firmware.version pid=682 uid=1010 gid=1010 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=1' avc: denied { call } for scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c143,c258,c512,c768 tclass=binder permissive=1 Bug: 205073038 Test: Check no avc_deny on hal_wifi_ext Change-Id: I5d9b59c56b723174543c0308dd6b0235e998e76c Signed-off-by: Roger Wang <wangroger@google.com>	2021-11-05 11:08:11 +00:00
Adam Shih	0060a1335c	let init.rc set GKI ready property Bug: 205070818 Test: boot with no relevant error Change-Id: I929a9d2cfbb5267b178fde09fc5e1f3dcc9ec3d0	2021-11-05 11:25:01 +08:00
Adam Shih	4c9dd893b8	fix platform_app property access Bug: 205073024 Test: boot with no relevant error log Change-Id: Ia230b025b89981ed797c95cdf76fe7efd56d3fa7	2021-11-05 11:24:57 +08:00
Adam Shih	64af79f39a	update error on ROM 7886118 Bug: 205202540 Bug: 205202541 Bug: 205202542 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I21db6eb0ee47a9a4d002fc897c143eae0f0b614a	2021-11-05 10:36:11 +08:00
Adam Shih	f2353c6aed	update error on ROM 7882509 Bug: 205073232 Bug: 205072921 Bug: 205073231 Bug: 205073165 Bug: 205073003 Bug: 205073229 Bug: 205073167 Bug: 205073164 Bug: 205073230 Bug: 205073038 Bug: 205073024 Bug: 205073117 Bug: 205073023 Bug: 205072922 Bug: 205073166 Bug: 205072689 Bug: 205073025 Bug: 205070818 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I84cc72176363ed31203b7f7afe0720c3153d2cc6	2021-11-04 14:09:41 +08:00
Adam Shih	d43e7773ee	unleash error log related to property access Bug: 203621307 Test: boot with error revealed Change-Id: Id537726570bd5cce5716759316559bb792ab055b	2021-11-01 15:15:16 +08:00
Adam Shih	c0d04c41b3	fix citadeld service access Bug: 204718569 Test: boot with no relevant error Change-Id: Iba8c01f34c4453c8001e56b25089b467c4de79ea	2021-11-01 10:45:13 +08:00
Adam Shih	8550b06ea4	update error on ROM 7870491 Bug: 204718569 Bug: 204718762 Bug: 204718449 Bug: 204718220 Bug: 204718450 Bug: 204718757 Bug: 204718809 Bug: 204718221 Bug: 204718782 Bug: 204718864 Bug: 204718865 Bug: 204717520 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: Ic0b136fe876bcf67a94d7c35927c6bd0c6506005	2021-11-01 10:39:07 +08:00
Rex Lin	d6f5c71db9	Uwb: Create a new Uwb system service inherit from gs101-sepolicy Signed-off-by: Rex Lin <rexcylin@google.com> Bug: 201232020 Test: ranging works Change-Id: I0567e6bda78a94c12da3401444faffb36586f331	2021-10-29 12:43:07 +08:00
Adam Shih	de48018a88	remove errors that were filed on the wrong ROM ID Bug: 202906903 Bug: 202906772 Bug: 202907037 Test: boot with those errors appear again Change-Id: I5bc173c18b0d2a94ac2146e1c6e405c542e0c9ba	2021-10-29 11:10:43 +08:00
Adam Shih	8cc3f28ac1	fix wlc_hwservice access 10-29 10:38:01.270 440 440 E SELinux : avc: denied { find } for pid=1594 uid=10210 name=com.google.input.ITouchContextService/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:touch_service:s0 tclass=service_manager permissive=1 10-29 10:38:01.277 440 440 E SELinux : avc: denied { find } for pid=1594 uid=10210 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=1 Bug: 202906787 Test: boot with no relevant error Change-Id: I47ea0f1dfe6f3f7b024d4512e0ccd94bc0da93a1	2021-10-29 10:57:39 +08:00
Adam Shih	73845f7fcd	fix rlsservice service access Bug: 202906997 Test: boot with no relevant error Change-Id: I964d11956b5f78c410aec230289abc1f6a045023	2021-10-29 10:21:00 +08:00
Adam Shih	c9392bd414	fix vendor_ims_app service access Bug: 202906888 Test: boot with no relevant error Change-Id: I25e967bed593b017f11b647c23cfd148738227e0	2021-10-29 10:19:38 +08:00
Adam Shih	d73b97b740	fix vendor_rcs_app service access Bug: 202907058 Test: boot with no relevant error Change-Id: Ie435cdadc54cb59b09dadba890a9d1cbdb94b458	2021-10-29 10:17:57 +08:00
Adam Shih	ee3287231f	fix hal_usb_impl service access Bug: 202906786 Test: boot with no relevant error Change-Id: I99178488a97aa2d0b3d7e4775c88b00321084d63	2021-10-29 10:12:28 +08:00
Max Kogan	68217c1ae6	sepolicy: gs201: allow dumpstate access AoC stats Merge changes from gs101 Bug: 203827311 Change-Id: I3028e8d2c162dde74b747cbfe6458cc37a9ad759	2021-10-28 05:14:06 +00:00
Adam Shih	23b637e260	fix mediacodec_samsung service access Bug: 202906949 Test: boot with no relevant errors Change-Id: I015c58f1b223978cb0e61377f5fc6930477c9a53	2021-10-27 13:24:52 +08:00
Adam Shih	e171a156e2	fix mediacodec_google service access Bug: 202906901 Test: boot with no relevant errors Change-Id: I8ba645de225af4a25c52cc14eb05eb60a64ea202	2021-10-27 13:24:46 +08:00
Adam Shih	5e572d5c72	fix hal_camera_default service access 10-25 11:52:35.916 437 437 E SELinux : avc: denied { find } for pid=711 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1 Bug: 202906784 Test: boot with no hal_camera_default errors Change-Id: I0e21cc11808b973c859ddc2ddebc0db81f999d9f	2021-10-27 13:24:34 +08:00
Adam Shih	abf31d56d6	fix secure element service access Bug: 202902683 Test: boot with no secure element errors Change-Id: I84ee827d356e6a99af192cce9178fb4f408de5ec	2021-10-25 11:37:10 +08:00
Adam Shih	0ae5acc904	fix graphics_composer services denials 10-25 11:28:32.230 438 438 E SELinux : avc: denied { add } for pid=500 uid=1000 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=1 10-25 11:28:33.787 438 438 E SELinux : avc: denied { find } for pid=500 uid=1000 name=android.hardware.power.IPower/default scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=1 Bug: 202906947 Test: boot with no graphics_composer errors Change-Id: I4174cbcacb7149427814ca67703799ab02b992e4	2021-10-25 11:31:39 +08:00
Adam Shih	be8aedd6ac	fix hal_fingerprint_default denails 10-25 11:19:03.649 430 430 E SELinux : avc: denied { find } for pid=958 uid=1000 name=android.hardware.power.IPower/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=1 10-25 11:19:04.509 430 430 E SELinux : avc: denied { find } for pid=958 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1 Bug: 202906981 Test: boot with no fingerprint errors Change-Id: I95dcda0698c7fcec1e4874b95b598bc987e83e58	2021-10-25 11:24:26 +08:00
Adam Shih	9cb1f625ba	fix hal_weaver_citadel denials Bug: 202907040 Test: boot with nno relevant errors Change-Id: Ieb7a57518b433cc6cd2849afb58c8616b409db13	2021-10-25 11:09:06 +08:00
Jasmine Cha	6dea3e0842	audio: add permission to request health/sensor data - Add audio hal into hal_health clients - allow audio hal to find fwk_sensor_hwservice SELinux : avc: denied { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1 SELinux : avc: denied { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1 audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1 audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1 Bug: 199382564 Bug: 199801586 Test: build pass Signed-off-by: Jasmine Cha <chajasmine@google.com> Change-Id: I6c8d9cd73953b20905857368d740fd91e92c6928	2021-10-20 04:12:48 +00:00
Adam Shih	fc1ec67aa4	fix init_citadel service access Bug: 202906904 Test: boot to home with no relevant error Change-Id: I6729ced49cbbecbc33234e311fb81652a065fe39	2021-10-20 10:41:56 +08:00
Adam Shih	ecc3a24449	fix identity service access 10-20 10:32:58.701 438 438 E SELinux : avc: denied { find } for pid=742 uid=9999 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_identity_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1 Bug: 202906902 Test: boot to home with no relevant error Change-Id: Ia6e09343843f9a5c96e06998ba5c50fb64948d7f	2021-10-20 10:35:18 +08:00
Adam Shih	4c20c40f50	Fix hal_keymint_citadel service access 10-20 10:24:31.155 432 432 E SELinux : avc: denied { find } for pid=481 uid=1064 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_keymint_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1 Bug: 202907039 Test: boot to home with no keymint errors Change-Id: I7935fe52a9774f8fca67336be9c9d47fe2675756	2021-10-20 10:26:18 +08:00
Adam Shih	e9d02e08f5	fix widevine drm access Bug: 202906980 Test: boot with no relevant logs Change-Id: Idc37f7e1441d9fae1f570bc53ff67a7a48656ed3	2021-10-20 10:06:10 +08:00

... 45 46 47 48 49 ...

2474 commits