Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1232 commits 1 branch 0 tags 63 MiB
Commit graph

580 commits

Author SHA1 Message Date
Nishok Kumar S
58da081fa7 Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a am: 0cd372af58 am: 016359a231 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: I5bbdf302e9aa8dcda084703feefe0eff80affb1f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 08:53:17 +00:00
Dinesh Yadav
f66e6cedf3 Add SEPolicy settings for android logging/tracing service for GXP am: e40cd2ac42 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18155927

Change-Id: I28abf12f78287639b1314dfbdfabe09405bbb0f0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 07:58:30 +00:00
Nishok Kumar S
0cd372af58 Add label for GCA fishfood app built with debug keys - label as am: 43e827c01a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18403423

Change-Id: I0beaa21082bb2ed8faf68710846025470b1cbe9b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-19 07:58:00 +00:00
Jacqueline Wong
c169cd75ce be able to dump coredump 
Bug: 218358165
Test: adb root; adb remount -R; adb bugreport
Signed-off-by: Jacqueline Wong <jacqwong@google.com>
Change-Id: I42c2db7902064e1508676ad93def2e0e4f5c2b28
 2022-05-19 05:37:50 +00:00
Dinesh Yadav
e40cd2ac42 Add SEPolicy settings for android logging/tracing service for GXP 
This change also adds support for SEPolicy to access perfetto which was
missing in ag/17818623.

Bug: 217289052

Change-Id: Ic5599d0be783b65102b3b0ffef27e66f1f6904da
 2022-05-19 03:31:32 +00:00
George Lee
2230fc3035 dumpstate: Add BCL mitigation info to user build am: b6971e353f am: a0126d5b0f am: 0d19d65aee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: Ifa0eacde398761b6034660c300177cb4b9a8471d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 02:45:09 +00:00
Nishok Kumar S
43e827c01a Add label for GCA fishfood app built with debug keys - label as 
debug_camera_app.

Test: Build GCA-Next manually and install on device. Test with selinux
on.
Bug: 230773733

Change-Id: Ifc2fd29a74bf66444501327feac391ddf812c867
 2022-05-17 02:42:05 +00:00
George Lee
a0126d5b0f dumpstate: Add BCL mitigation info to user build am: b6971e353f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18408238

Change-Id: Id0d1772cc33c495b6ad525946b40f02a768ddc86
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-17 01:38:06 +00:00
George Lee
b6971e353f dumpstate: Add BCL mitigation info to user build 
Bug: 232793927
Test: Confirm user build bugreport has mitigation info
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I9945a0f005bee6e25580c122df4c8932607fa51a
 2022-05-17 00:42:57 +00:00
Nishok Kumar S
18eb1d466e Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 am: b4db422486 am: dd9262e2ca 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: I780108a56e43a5e81e12739c7e5c09265156ec90
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 14:30:56 +00:00
Nishok Kumar S
e6b4f216de Label GCA-Eng app am: 4a6cfb5a9c am: a96da52aca am: 52f975bec0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I51a33ed10f3997b5f8c2515947a0377668c1f923
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 14:30:55 +00:00
Austin Wang
591c086349 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 9ff2dc972a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: Ia4230c417087921de03a2239b5ff33408efd3283
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:46:47 +00:00
Jerry Huang
41fcd92bf1 Allow mediacodec to access vendor_data_file am: 95845654bf am: 33065ab679 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: Ied63122e6f9fa8de86a95aae8eeeb25fbd52f9d9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:46:39 +00:00
Austin Wang
84ae81f114 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I228618e35faf413867c6d4f6c6b1222ce8185aa1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:55 +00:00
Jerry Huang
29d8fcfa03 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I0b8c09ea5d2396af808728f468482c05bf2e3ffa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:49 +00:00
Austin Wang
53a167fcf0 Add P22 reverse wireless charging selinux policy am: e5f8377849 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I92b12dd3c05b50244e3c67667ba2296fcf62fd1a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:49:54 +00:00
Jerry Huang
dafeb57668 Allow mediacodec to access vendor_data_file am: 95845654bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I4fd8e3a631a441dfedf06300f5f619706f7b75c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:49:28 +00:00
Nishok Kumar S
b4db422486 Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: Ifd964c84766eb6cbeccf47816c6633bdb0f28d36
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:45 +00:00
Nishok Kumar S
a96da52aca Label GCA-Eng app am: 4a6cfb5a9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I539f9e1904b074f5fbf22ef52874ba0da5e6e082
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:44 +00:00
Austin Wang
e5f8377849 Add P22 reverse wireless charging selinux policy 
Allow Settings to call hal_wlc

Error:

05-13 09:28:20.508  1000  7293  7293 W ndroid.settings: type=1400 audit(0.0:29): avc: denied { call } for scontext=u:r:system_app:s0 tcontext=u:r:hal_wlc:s0 tclass=binder permissive=0

Bug: 231420451
Test: Enable battery share from settings and charge another device.
Change-Id: Ic761bee47ea41f6db8b1838fb3fc2a9f7ef7bb5c
 2022-05-13 09:28:03 +00:00
Jerry Huang
95845654bf Allow mediacodec to access vendor_data_file 
For dumping output buffer of HDR to SDR fliter.

This patch fixes the following denial:

05-10 21:42:49.427   890   890 W HwBinder:890_4: type=1400 audit(0.0:2944): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:42:49.499   890   890 W HwBinder:890_4: type=1400 audit(0.0:2946): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

05-10 21:46:27.735   885   885 W google.hardware: type=1400 audit(0.0:3198): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:46:27.795   885   885 W google.hardware: type=1400 audit(0.0:3200): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

Bug: 229360116
Test: atest android.media.decoder.cts.DecoderTest
Change-Id: I11403b20e8608f50907db561b8232b1b64bea298
 2022-05-13 09:24:38 +00:00
Nishok Kumar S
145f7b5b93 Use google_camera_app label for GCA-Next fishfood app. 
Bug: 230773733
Test: Build selinux and test with GCA-Next on device.
Change-Id: I757e7de2293e25bd027262a5fbf4ece2a44f10d1
 2022-05-13 05:31:34 +00:00
Nishok Kumar S
4a6cfb5a9c Label GCA-Eng app 
- Add policies for GCA-Eng to access GXP device.
 - Allow GCA-Eng to access edgetpu service.

Test: Build selinux and test GCA-Eng on device with
      adb shell setprop camera.artemis_dsp TRUE

Bug: 230773733
Change-Id: I8d04f6e1aef0899b3862ddbb80174cd086156d92
 2022-05-13 05:18:09 +00:00
Krzysztof Kosiński
26b2d2e33e Add dontaudit statements to camera HAL policy. 
The autogenerated dontaudit statements in tracking_denials are
actually the correct policy. Move them to the correct file and
add comments.

Bug: 205780065
Bug: 218585004
Test: build & camera check
Change-Id: Ie0338f0d2a6fd0c589777a82c22a014e462bd5c2
 2022-05-10 05:36:53 +00:00
Asad Abbas Ali
417f7069c4 Allow chre to communicate with fwk_stats_service. am: 7f89d68af2 am: 300c77c7ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18184949

Change-Id: I77f7121aba052409891cf9635f829cd9c66705e1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-06 18:43:02 +00:00
Asad Abbas Ali
7f89d68af2 Allow chre to communicate with fwk_stats_service. 
Bug: 230788686
Test: Logged atoms using CHRE + log atom extension.
Change-Id: I45a207996a28bbe61bbfd4288eaf28e2257cdf52
 2022-05-06 16:15:06 +00:00
George Chang
eb1d4ec87c Update nfc from hidl to aidl service 
Bug: 216290344
Test: atest NfcNciInstrumentationTests
Test: atest VtsAidlHalNfcTargetTest
Change-Id: If1f57af334033f9bd7174c052767715c9916700f
 2022-05-06 08:50:35 +00:00
eddielan
4a8b5a4e01 sepolicy: Add SW35 HIDL factory service into sepolicy am: aeb9bd0406 am: 975157ae00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188088

Change-Id: I21ebf2a1fa936efaf92a1ef22e5518007734b0d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-06 07:09:51 +00:00
eddielan
aeb9bd0406 sepolicy: Add SW35 HIDL factory service into sepolicy 
Bug: 231549391
Test: Build Pass
Change-Id: If5c1bc5ddf6a1fa753ac65b6b4c5983775f2f704
 2022-05-06 12:22:59 +08:00
Kris Chen
ce72c2890c Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 am: c789f02906 am: ae663f1618 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I97bfe9b1d3dd7998fc1fd63ada9f78aa36a3f9c6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 04:34:42 +00:00
Kris Chen
3162407210 Allow hal_fingerprint_default to access hal_pixel_display_service 
Fix the following avc denial:
avc: denied { find } for pid=1158 uid=1000 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=0
avc: denied { call } for scontext=u:r:hal_fingerprint_default:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder permissive=0

Bug: 229716695
Bug: 224573604
Test: build and test fingerprint on device
Change-Id: I104af7f50715090fe0c2aa6845848bf77ab3e3ae
 2022-05-05 02:03:43 +00:00
Jenny Ho
b5d2b601bb sepolicy: allow access debugfs charger register dump am: 5e426a95d0 am: ff33c561a8 am: c26bb54bb0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: Ic874dc00411a152cb84a5c66742743dffd467ccc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 08:45:49 +00:00
Jenny Ho
5e426a95d0 sepolicy: allow access debugfs charger register dump 
Bug: 230360103
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ieedff4d6475706d4d932913e6d647ca401e56966
 2022-05-03 06:54:05 +00:00
Labib
ea9c058272 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: b68668828d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I1a3b4c1c894a547a2a4f4e34270124476f3b2568
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:30:34 +00:00
Labib
177a3796e8 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Iec721cea68d7eae8715537b887911c0f848e1e6d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:07:36 +00:00
George Chang
8635176437 Revert "Update nfc from hidl to aidl service" 
This reverts commit 0d31f7bcd7.

Reason for revert: Broken tests
Bug: 230834308
Change-Id: If695e38eb11b65018768f15aeb4346ba818b058a
 2022-04-29 15:38:26 +00:00
George Chang
0d31f7bcd7 Update nfc from hidl to aidl service 
Bug: 216290344
Test: atest NfcNciInstrumentationTests
Test: atest VtsAidlHalNfcTargetTest
Change-Id: I90b8499b05e0226298ee8f04d84f55390299e8c8
 2022-04-29 06:57:41 +00:00
Wei Wang
5a5e63d08b allow udfps hal to access trusty am: d85f93ec30 am: 8b0b46b1c3 am: f1981415e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: Ifd62f6632df93d79e92d28a19690f5028c73cc59
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-29 04:01:21 +00:00
Labib
4c8dbb65b8 Give RadioExt permission to write to sysfs node 
Bug: 212601547
Test: Manual
Change-Id: I8c7341833aeacebfedba6e8e05d2696012043d32
 2022-04-28 16:58:34 +08:00
Wei Wang
d85f93ec30 allow udfps hal to access trusty 
Bug: 229350721
Bug: 230492593
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ib1abe0e0318689528a6658f3597f1c11ad9fa1c3
 2022-04-27 13:20:02 -07:00
Stephane Lee
7a62941f36 Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e am: df77f4ec83 am: bd30d9e7f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: I9e510554eae6ceeb0189d390384dae21a46bf4af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:36:48 +00:00
Stephane Lee
23949fdbde Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 am: fcca6c922c am: 26842a33ec 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: I485c2620c7b0ed390da0055f95db7ec1af19d7a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 02:36:47 +00:00
Stephane Lee
85e5caf85e Fix permissions for ODPM permanently by adding all buses 
You don't need wildcards on genfs, just need the base path

Bug: 229895015
Test: Ensure the device boots, verify permissions with ls -AlZ
Change-Id: Ib59693f0404db4e28b9959fcdf1cc4d483c5d1b1
 2022-04-27 01:06:36 +00:00
Stephane Lee
a492311ba4 Allow hal_thermal_default to read iio/odpm sysfs nodes 
Bug: 230031671
Test: There are no errors for iio or odpm nodes
Change-Id: Ifb204fa7b535c001838c7008b30b6e41744a01d1
 2022-04-26 21:24:30 +00:00
Wei Wang
8307f850e0 Grant trusty to power hal am: 90f4106b80 am: 6c85eeac05 am: ae95ea381c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: Ia44c194133e280d40fa6964e933e9b43cb551423
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 18:00:44 +00:00
Wei Wang
90f4106b80 Grant trusty to power hal 
Bug: 229350721
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ia88d6cff1d21940e22ae5122dbfcf52de27ad700
 2022-04-23 21:53:44 -07:00
Quang Luong
05eccb0e94 Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de am: b051bf9b90 am: 884035435d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: I439da534dfefe9c9906f6d2dbfd4c0e0255c61db
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 02:44:13 +00:00
Quang Luong
a36285b0de Revert "Add SEPolicy settings for android logging/tracing servic..." 
Revert submission 17817048-gxp-firmware-log-trace-metrics-service

Reason for revert: breaks CTS tests: b/230031232
Reverted Changes:
I3c9574dca:Add SEPolicy settings for android logging/tracing ...
I6bced8246:Add Firmware Log/Trace service to GXP project outp...
Icfc0ca30f:Add gxp_logging_service as an android service

Change-Id: I4ae6a63b6e2b58a094f45771de87fc3799f99e67
 2022-04-22 00:11:02 +00:00
Chung-Kai (Michael) Mei
263a0fbc7d Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 am: 30daffff0f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: Ie01963871c54ed681f56929ff3dc1e0fff439db5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 09:16:04 +00:00
Chung-Kai (Michael) Mei
26b3d89302 Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: I5b4670792368963bd1fe1b6015523bd9dd0f00d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 08:02:41 +00:00