Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
620 commits 1 branch 0 tags 63 MiB
Commit graph

620 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jinting Lin
dad0dce95f Remove obsolete sepolicy of silentlogging am: d3d4af1aac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18871735

Change-Id: I7f681c030067d327fa92352e76cf8ab84127b316
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-20 06:27:47 +00:00
Jinting Lin
d3d4af1aac Remove obsolete sepolicy of silentlogging 
Bug: 221384996

Test: adb bugreport
Change-Id: I35a9dae665f11196ec900346c41a3c786bfdf5fa
 2022-06-20 05:48:22 +00:00
JimiChen
09ef70789d allow rlsservice read vendor camera property am: f90d992b0c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18844687

Change-Id: Ide381ef95ffddedf9137449dc619e4ab7c0aad20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-16 12:18:26 +00:00
JimiChen
f90d992b0c allow rlsservice read vendor camera property 
Bug: 233020488
Test: no avc denied
Change-Id: Ie7e68a6e18ba64c18e90e39cadacea5a15364eff
 2022-06-16 12:02:26 +00:00
Myung-jong Kim
189d7237ee sepolicy: add net_domain macro for vendor_rcs_app am: e2b042c307 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18799291

Change-Id: I24c5df643d88b2ea754df078313d97192d0d9d9b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-06-10 15:01:16 +00:00
Myung-jong Kim
e2b042c307 sepolicy: add net_domain macro for vendor_rcs_app 
[Problem] sepolicy denial during ShannonGbaService process
[Cause] Missing sepolicies
[Solution] Add net_domain(vendor_rcs_app) to give base set of
    permissions required for network access

Bug: 235011726
Signed-off-by: Myung-jong Kim <mj610.kim@samsung.com>
Change-Id: Iaac1d7b5a4303338ed2c763b62714e14aed7d728
 2022-06-10 14:39:59 +00:00
Badhri Jagan Sridharan
b401becb46 Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable am: 91a1f49a8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18553772

Change-Id: Iebf866721ef7f9529c848fa8ee201dfd0d021adb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-24 00:54:43 +00:00
Badhri Jagan Sridharan
91a1f49a8a Allow gadget hal to search i2c dir and write to usb_limit_accessory_enable 
auditd  : type=1400 audit(0.0:4): avc: denied { search } for comm="HwBinder:879_1"
name="10d60000.hsi2c" dev="sysfs" ino=23606 scontext=u:r:hal_usb_gadget_impl:s0
tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0

Bug: 206635552
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
Change-Id: Ibc4ec27ad7d1b7a26c9935aa0c4aff5f03a8d59c
 2022-05-23 23:59:44 +00:00
Austin Wang
9ff2dc972a Add P22 reverse wireless charging selinux policy am: e5f8377849 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I2ca2dca14d150aa5cdd05ab077001781723521d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:47:31 +00:00
Jerry Huang
33065ab679 Allow mediacodec to access vendor_data_file am: 95845654bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I55afdf2c20cc151b40c3346512b48e10c31cc1d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:47:16 +00:00
Austin Wang
e5f8377849 Add P22 reverse wireless charging selinux policy 
Allow Settings to call hal_wlc

Error:

05-13 09:28:20.508  1000  7293  7293 W ndroid.settings: type=1400 audit(0.0:29): avc: denied { call } for scontext=u:r:system_app:s0 tcontext=u:r:hal_wlc:s0 tclass=binder permissive=0

Bug: 231420451
Test: Enable battery share from settings and charge another device.
Change-Id: Ic761bee47ea41f6db8b1838fb3fc2a9f7ef7bb5c
 2022-05-13 09:28:03 +00:00
Jerry Huang
95845654bf Allow mediacodec to access vendor_data_file 
For dumping output buffer of HDR to SDR fliter.

This patch fixes the following denial:

05-10 21:42:49.427   890   890 W HwBinder:890_4: type=1400 audit(0.0:2944): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:42:49.499   890   890 W HwBinder:890_4: type=1400 audit(0.0:2946): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

05-10 21:46:27.735   885   885 W google.hardware: type=1400 audit(0.0:3198): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:46:27.795   885   885 W google.hardware: type=1400 audit(0.0:3200): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

Bug: 229360116
Test: atest android.media.decoder.cts.DecoderTest
Change-Id: I11403b20e8608f50907db561b8232b1b64bea298
 2022-05-13 09:24:38 +00:00
Labib
b68668828d Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I73645004ec900b9ca8626276859ff06341271617
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:05:00 +00:00
Labib
4c8dbb65b8 Give RadioExt permission to write to sysfs node 
Bug: 212601547
Test: Manual
Change-Id: I8c7341833aeacebfedba6e8e05d2696012043d32
 2022-04-28 16:58:34 +08:00
Chung-Kai (Michael) Mei
30daffff0f Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: Ie483649d244b63fe8b80e2f6cbd019485a53e67a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 08:01:44 +00:00
Chung-Kai (Michael) Mei
ac45672cc5 Revert "genfs_contexts: fix path for i2c peripheral device" 
This reverts commit 4db0feed32.

Reason for revert: related patch is merged, so it's duplicated

Fix: 229940065
Change-Id: I898dd52f4857983323fec9f72e797bd2f759f724
 2022-04-21 07:28:09 +00:00
chungkai
e9b8bcee10 genfs_contexts: fix path for i2c peripheral device am: 4db0feed32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17866185

Change-Id: I7af902367308ab55c8bc1d8ab3d2191f5a97c090
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:48:10 +00:00
Stephane Lee
1b99d23ddd Fix boot issues with hal_thermal_default am: 9fdfcb53b5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17877853

Change-Id: I7c4d5c22dd3e8bf178560f3fdb9afbe6a423ec64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:48:05 +00:00
chungkai
4db0feed32 genfs_contexts: fix path for i2c peripheral device 
add original paths since we reverted enable load
module in parallel for other issues

Test: without avc denial
Bug: 229670628
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ie7a2a78eae5d6965beedc0de640ec56acb6a7b2a
 2022-04-21 06:33:21 +00:00
Stephane Lee
9fdfcb53b5 Fix boot issues with hal_thermal_default 
Bug: 229895015
Test: Ensure the device boots, verify permissions with ls -AlZ
Change-Id: I0f95bb7eb58e6ce22a0f66a70408fdf56d94b1b3
 2022-04-21 06:30:34 +00:00
Wayne Lin
a51533f041 gps: sync sepolicy from gs101 to allow gps access pps gpio am: 4d163d5b32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699358

Change-Id: I430c58245e562192949a2ce46c3f4aa22567269e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:21:26 +00:00
Wayne Lin
49f83a1e9f gps: refine gps sepolicy am: 5c9592e973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699753

Change-Id: I8e95905b9e669d9f206bea50195397ae4ec21a53
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:21:25 +00:00
Stephane Lee
012609ce74 Add hwservicemanager to pixelstats permissions am: 3a95426f78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17831450

Change-Id: I64fcba1187f7d5b74437d98b2b1580210cedc9c4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:20:41 +00:00
Wayne Lin
4d163d5b32 gps: sync sepolicy from gs101 to allow gps access pps gpio 
Bug: 228903885
Test: build pass
Change-Id: Ic555a0640872ae0dc1a69a9d4a11027d4364464a
 2022-04-21 01:47:37 +00:00
Wayne Lin
5c9592e973 gps: refine gps sepolicy 
Bug: 228903885
Test: build pass and no avc denied in gpsd
Change-Id: Id0821b1335d316899e3a32b56a0e1c0feb4ba2b6
 2022-04-21 01:47:37 +00:00
Stephane Lee
3a95426f78 Add hwservicemanager to pixelstats permissions 
Bug: 227199213
Test: Ensure there are no more selinux errors
Change-Id: I1d961096df49f82302d7ff14fec809232e5afd28
 2022-04-21 01:42:17 +00:00
Labib
8f63e40658 Let RadioExt talk to bt hal am: 2b189b45af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687

Change-Id: I41c1cd2eb48ac552fcc56cd0c83194acbd8a248f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:57:54 +00:00
Labib
2b189b45af Let RadioExt talk to bt hal 
Bug: 227122249
Test: Manual
Change-Id: I9f41615e8e862af147d6f47e5e4c4e0dde40c233
 2022-04-20 03:20:39 +00:00
chungkai
3a8df849f1 sepolicy: fix avc denials am: 32bf1ffbf7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17800453

Change-Id: Ic7f02808fc2e363ea4d30b7cab4ac6b79db0efed
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:02:19 +00:00
chungkai
32bf1ffbf7 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 226887726
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I4af39bb6e620a59e02417a06c1dabd45df360fc3
 2022-04-20 02:22:31 +00:00
Jason Macnak
5e49f73b7c Remove sysfs_gpu type definition am: a77fc2a6df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17007102

Change-Id: I621268fe203c8f2c6373ff55ad168d32bb15a2f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 16:24:57 +00:00
Jason Macnak
a77fc2a6df Remove sysfs_gpu type definition 
... as it has moved to system/sepolicy.

Bug: b/161819018
Test: presubmit
Change-Id: I107f92617bea56590b5af351341cc1c3b2844360
Merged-In: I107f92617bea56590b5af351341cc1c3b2844360
 2022-04-19 15:59:04 +00:00
Ted Lin
e5213f1820 Sepolicy: add the system_app.te for hal_wlc am: 55f4e61c8c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750775

Change-Id: I4e0ad90285d75ae8ae8b8a2ea231980fabcf1d2e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-19 06:33:45 +00:00
Ted Lin
55f4e61c8c Sepolicy: add the system_app.te for hal_wlc 
04-11 20:28:15.435   523   523 I auditd  : avc:  denied  { find } for interface=vendor.google.wireless_charger::IWirelessCharger sid=u:r:system_app:s0 pid=3755 scontext=u:r:system_app:s0 tcontext=u:object_r:hal_wlc_hwservice:s0 tclass=hwservice_manager permissive=0

Bug:229036607
Test: adb bugreport
Change-Id: I40562204b3517b2861b2a52466f9cde04a5321c5
Signed-off-by: Ted Lin <tedlin@google.com>
 2022-04-19 06:11:19 +00:00
Jerry Huang
f5bbe7b88a Allow mediacodec_google to access gpu_device am: 9bc45b2d60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731167

Change-Id: Id2e4061ed41734a687dc5268da2487d99ad78763
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-18 07:19:17 +00:00
Jerry Huang
9bc45b2d60 Allow mediacodec_google to access gpu_device 
Bug: 228794372
Test: android.media.decoder.cts.DecoderTest#testAV1HdrToSdr

The change is for following error:
04-08 17:02:44.020  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70491): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0
04-08 17:02:44.028  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70492): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0
04-08 17:02:44.040  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70493): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0
04-08 17:02:44.048  1046  7284  7284 W HwBinder:7284_3: type=1400 audit(0.0:70494): avc: denied { getattr } for path="/dev/mali0" dev="tmpfs" ino=1052 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=0

Change-Id: Ie22903807fcc12d931cbdd36678ae1d4a3776a3d
 2022-04-18 13:34:04 +08:00
Joshua McCloskey
d386974cac Allow platform apps to access FP Hal am: 2dc0bbd55b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17625014

Change-Id: I0ff7aeba35e96f3ba82de61d49e9f596ff2b4f6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 22:12:14 +00:00
Joshua McCloskey
2dc0bbd55b Allow platform apps to access FP Hal 
Bug: 227247855
Test: Verified manually that the fingerprint extension is working.
Change-Id: Id5550ca770942d02ad0796ed0d4e8584c434b680
 2022-04-15 21:39:58 +00:00
chungkai
beefac99c7 sepolicy: fix avc denials am: d80900ae17 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17764688

Change-Id: Ifddf30c6372afeb5e5b36236ae4562fa8bafffda
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 06:39:39 +00:00
chungkai
d80900ae17 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 228947596
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: I2e9fa011c049e32011c5880218dd679e03316e24
 2022-04-15 02:56:55 +00:00
chungkai
e240db0a69 sepolicy: fix avc denials am: d37777dd33 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755771

Change-Id: I57d7e4a7b8d5465cad4cefb72ad258f63733ec73
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 01:06:38 +00:00
chungkai
d37777dd33 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 226887726
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: If2ac4c137c1ea074907c363424e6018a5fd646e8
 2022-04-15 01:01:47 +00:00
Harpreet Eli Sangha
559e696193 Add CccDkTimeSyncService for Digital Key Support am: 1a0b0ce0c4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17755764

Change-Id: I14defbf1ec7ad439a1b88bc34197987e51d3aa27
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-15 00:59:54 +00:00
Harpreet Eli Sangha
1a0b0ce0c4 Add CccDkTimeSyncService for Digital Key Support 
Test: Build and Run
Bug: 226659256
Signed-off-by: Harpreet Eli Sangha <eliptus@google.com>
Change-Id: I9dd53a864d53e525282bc49c13b09157fc8d2ece
 2022-04-15 00:28:13 +00:00
Anthony Stange
4e2f01d0af Update SELinux to allow CHRE to talk to the Wifi HAL am: 403643929d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17715921

Change-Id: I4e33045cec08c8c2a2d921fa22647ae6155a8968
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 16:14:07 +00:00
Anthony Stange
403643929d Update SELinux to allow CHRE to talk to the Wifi HAL 
Bug: 206614765
Test: Run locally
Change-Id: I2cab195d533e3e2c390094bd09b15b5e761eadf0
 2022-04-14 15:23:22 +00:00
chungkai
0653304229 sepolicy: fix avc denials am: fbdb09a2f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17750772

Change-Id: Ica3dbe06800cf5ce5cae0d1a6eeb1502b7d039b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 09:41:50 +00:00
chungkai
fbdb09a2f0 sepolicy: fix avc denials 
add potential paths for i2c peripheral devices
sine we enable parallel module loading

Bug: 226887726
Test: do bugreport without avc denials
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ifc618e315e9d28cab6f602ce2c99ac7fe35fc189
 2022-04-14 07:24:58 +00:00
TeYuan Wang
5389906449 sepolicy: label AUR as sysfs_thermal am: 951bad233c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17731168

Change-Id: Iaee171d0fe9e2e52b32a25b4eb9bb3ceb203c63c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-14 06:47:20 +00:00
TeYuan Wang
951bad233c sepolicy: label AUR as sysfs_thermal 
Bug: 171499494
Test: adb shell ls -Z /sys/devices/platform/100b0000.AUR
Change-Id: I0aa1b95c11d2af5fa2175c582068daad51360485
 2022-04-14 06:23:35 +00:00