Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1024 commits 1 branch 0 tags 63 MiB
Commit graph

1024 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sandeep Dhavale
5eca847f64 Add sepolicy rules for fastboot AIDL service am: 25ea0f418a am: e1f3eb7802 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2293977

Change-Id: I0277ceac1dffc7fda32db324b68d14de6074b0ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-10 19:24:35 +00:00
Sandeep Dhavale
e1f3eb7802 Add sepolicy rules for fastboot AIDL service am: 25ea0f418a 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2293977

Change-Id: I6b2c167429aa887acb2785b3bcbc7ef93852354d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-10 18:55:35 +00:00
Rick Chen
be24daebb8 Allow CHRE to use EPOLLWAKEUP [DO NOT MERGE] am: 8140a50845 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20412548

Change-Id: I58f30ccee5a329ca8e523ab141a8c26b53eefed8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-09 16:09:12 +00:00
Rick Chen
8140a50845 Allow CHRE to use EPOLLWAKEUP [DO NOT MERGE] 
avc: denied { block_suspend } for comm="UsfTransport" capability=36 scontext=u:r:chre:s0 tcontext=u:r:chre:s0 tclass=capability2 permissive=0

Bug: 238666865
Test: Check no chre avc denied.
Change-Id: Ie936055550c6221beae394c264d664c1e76f946b
Signed-off-by: Rick Chen <rickctchen@google.com>
 2022-11-09 15:06:39 +00:00
Sandeep Dhavale
25ea0f418a Add sepolicy rules for fastboot AIDL service 
Bug: 205760652
Test: Build & Flash

Change-Id: I02fe5ca6c0276fd08cf5127b7d8b7313374f0cfe
Signed-off-by: Sandeep Dhavale <dhavale@google.com>
 2022-11-09 00:36:48 +00:00
George Lee
62ad032605 betterbug: Fixed sepolicy related to File [DO NOT MERGE] am: 8427e1db8d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20408115

Change-Id: I9f393278644f6f8075514c9ed0183e49dc23a30c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-08 15:37:55 +00:00
George Lee
8427e1db8d betterbug: Fixed sepolicy related to File [DO NOT MERGE] 
Added File Attachment sepolicy for betterbug

Bug: 237287659
Test: Attach files from local directory and confirm it can be attached.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ie2ee163794a4b955915a1b62b12d5aa625931034
 2022-11-08 15:11:18 +00:00
Roger Fang
2cbcb987d0 [DO NOT MERGE] sepolicy: add permission for CCA rate of pixelstats-vend am: 35112bba62 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20349111

Change-Id: Iec3b93d49714f78853a9b389a508e17673c2e764
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-08 10:17:32 +00:00
Roger Fang
35112bba62 [DO NOT MERGE] sepolicy: add permission for CCA rate of pixelstats-vend 
pixelstats-vend: type=1400 audit(0.0:7): avc: denied { read } for name="cca_rate_read_once" dev="sysfs" ino=100809 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 249225148
Test: Manually test passed

Change-Id: I802b79417cd9ce23386bb62eccb151610bfb8ac1
Signed-off-by: Roger Fang <rogerfang@google.com>
 2022-11-08 09:53:37 +00:00
George Lee
0cdf1cfe9b betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] am: 40be3818e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20395514

Change-Id: Idff494bb1f32381d8a1db0dd137d5abe06f2a77e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-07 04:50:02 +00:00
George Lee
40be3818e1 betterbug: Fixed sepolicy related to mediaserver [DO NOT MERGE] 
Added mediaserver sepolicy for betterbug

Bug: 237287659
Test: Run same video capture on Betterbug to confirm video can be
captured.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
 2022-11-05 18:45:08 +00:00
Star Chang
f7f9aa1304 Add sepolicy for TWT to dumpstate am: f9552297fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20118653

Change-Id: I7bb658e06b8e95be2933ac4ae45bd2e0208a851e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-04 02:10:03 +00:00
Star Chang
f9552297fa Add sepolicy for TWT to dumpstate 
Bug: 253348062
Test: dump bugreport ok
Signed-off-by: Star Chang <starchang@google.com>
Change-Id: I0958fef496302df3f5e6e188f15117de78988a62
 2022-11-04 01:31:19 +00:00
Puma Hsu
ea1be0c069 Add xhci-hcd-exynos.6 wakeup path for suspend_control am: 9877742035 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20288288

Change-Id: I2083d21b860b0c6179427cd9972eafe47f292db1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 15:09:41 +00:00
Puma Hsu
9877742035 Add xhci-hcd-exynos.6 wakeup path for suspend_control 
Bug: 255270480
Test: verified with forrest test build
Change-Id: I5e2eed4d5e20361d86f6d6be8c92ca337e4ee004
Signed-off-by: Puma Hsu <pumahsu@google.com>
 2022-11-02 07:39:53 +00:00
Amith Dsouza
7fa80e3581 Fix untracked SELinux denials on boot am: be2e1b2ede am: 5653e43b44 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: I6300bd318ffdfad334caa60b5e0ea286d0d503c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 04:49:26 +00:00
Amith Dsouza
5653e43b44 Fix untracked SELinux denials on boot am: be2e1b2ede 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: Ic521a8ea94ec22b17bf4a327c8244d0d04c269e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 04:07:20 +00:00
Amith Dsouza
be2e1b2ede Fix untracked SELinux denials on boot 
Error:
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:platform_app:s0:c512,c768 pid=2641 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 254453654
Test: Flash device, rebuild driver blobs, check logs after boot

Change-Id: I43d524f781c1dda1d3d5291f661bc549fdbb99d6
 2022-11-02 00:55:45 +00:00
pointerkung
4d803ef7d6 Add required sepolicy rule for Camera am: 0810814b49 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20137924

Change-Id: I520c8b5c9321a87009f430bc673eb84fb9e3a9bf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 12:18:53 +00:00
pointerkung
0810814b49 Add required sepolicy rule for Camera 
Grant access for TNR max_freq to let libperfmgr can control it via powerhint.

Bug: 243729855
Test: Build pass, GCA, Control TNR max_freq via powerhint
Change-Id: I8f8faa360d9908afe3fe0de3c322a2be356b86c8
 2022-11-01 11:33:43 +00:00
Jenny Ho
fbec30a349 Add permission for logbuffer_bd am: 441a3ad3ef 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20089144

Change-Id: I627644e45a2c28d6af8dd6e9493de8577bbcaee8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-01 06:08:54 +00:00
Jenny Ho
441a3ad3ef Add permission for logbuffer_bd 
Bug: 242679204
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ie5c9829ee1a4980689c933273a273f1f4ac612b6
 2022-11-01 05:34:18 +00:00
George Lee
0511a5b342 betterbug: Update selinux policy for betterbug am: d1e0b924ae 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20276308

Change-Id: I2445a6fda2fdca67b38040ea5dac95d30136b070
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-31 17:08:15 +00:00
George Lee
d1e0b924ae betterbug: Update selinux policy for betterbug 
Update startup_bugreport_requested property to vendor_public for
betterbug to access.

Bug: 237287659
Test: Load Betterbug for accessing startup bugreport reason property
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Idc07e3f4ce425c0167654743fbe1ad8b7ece5e15
 2022-10-31 16:30:39 +00:00
eddielan
234029f1cf fingerprint: Allow fingerprint to access thermal hal am: ba0eb551e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19694493

Change-Id: I4f916181746334cc68e8ed0778e95e56e427294d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-28 16:46:11 +00:00
eddielan
ba0eb551e9 fingerprint: Allow fingerprint to access thermal hal 
SELinux : avc:  denied  { find } for interface=android.hardware.thermal::IThermal
sid=u:r:hal_fingerprint_default:s0 pid=1064
scontext=u:r:hal_fingerprint_default:s0
tcontext=u:object_r:hal_thermal_hwservice:s0
tclass=hwservice_manager permissive=0

Bug: 243115023
Test: make selinux_policy -j128
Test: Check avc log on device
Change-Id: Ida1b18536468df11be5bf44fb6fb79b03a35f4b9
 2022-10-28 15:14:35 +00:00
Lucas Wei
5db7e8bdef SEPolicy: Don't audit search regmap by kernel am: 939d05cbf8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20108831

Change-Id: I890491b2994a2b703f8e85346191d9f4baf08eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-24 09:53:52 +00:00
Lucas Wei
939d05cbf8 SEPolicy: Don't audit search regmap by kernel 
Bug: 247948906
Signed-off-by: Lucas Wei <lucaswei@google.com>
Change-Id: I8886b5c3790036a9fe2d1ed8f524a0555b900dbb
Merged-In: I8886b5c3790036a9fe2d1ed8f524a0555b900dbb
 2022-10-24 09:07:14 +00:00
Martin Liu
0a8aa66a1d allow vendor_init to acces watermark_scale_factor am: 19419cbdb3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20189607

Change-Id: Ie052c7b8c7a34ea7bd652fa56a1563506592f814
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-19 21:15:14 +00:00
Martin Liu
19419cbdb3 allow vendor_init to acces watermark_scale_factor 
Bug: 251881967
Test: boot
Signed-off-by: Martin Liu <liumartin@google.com>
Change-Id: I0840cf19f9c3120aaacc49de751fdd0a55aebf5f
 2022-10-19 20:33:22 +00:00
Krzysztof Kosiński
36df3f715f Use generic wildcard for vendor libprotobuf. 
The suffix changes on each upgrade and the newest release uses
a two-part version number instead of a three-part one. Use a regex
that will match any suffix.

Bug: 203713560
Test: presubmit, log check
Change-Id: I7a3357d11c162a9bc24196bb232f58be9ba062ec
 2022-10-14 17:18:38 +00:00
George Lee
31783a9f98 pixelstats: add bcl directory permission am: 5c48a90285 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20192928

Change-Id: Ibf3a806221d01fc7ccfd0dcf16ca933b40e4e78f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 16:51:47 +00:00
George Lee
5c48a90285 pixelstats: add bcl directory permission 
Bug: 253522156
Test: Local test
$>cmd stats print-logs
$>logcat | grep <atom id>

Signed-off-by: George Lee <geolee@google.com>
Change-Id: I934f6efb043893666dac88257619556e30d82751
 2022-10-14 15:57:59 +00:00
George Lee
87e5ce6250 betterbug: Add selinux policy for betterbug am: 39ffb227b3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20188753

Change-Id: Ifda87221614295b1bd9aafafa78c212cdd49a358
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-14 05:55:15 +00:00
George Lee
39ffb227b3 betterbug: Add selinux policy for betterbug 
Enable Betterbug to read reboot reason such that Betterbug can file
bugreport when *uvlo* or *ocp* is found within reboot reason.

Bug: 237287659
Test: Load Betterbug for accessing boot reason property
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Id699be34d2e060ee7827737982403fd58f133c4a
 2022-10-13 23:44:06 +00:00
George Lee
7bdbe0b215 bcl: Remove unused brownout boot reason sepolicy am: 083ba62902 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20191486

Change-Id: I7028903ecaac63a7579b0dcc1415076e0d0412df
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 23:25:35 +00:00
George Lee
083ba62902 bcl: Remove unused brownout boot reason sepolicy 
vendor_brownout_boot_reason was added under previous change.  It should
be added as part of follow on change to enable metric collection.

Bug: 246817058
Test: Confirm brownout_boot_reason non existent
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I1fed12e851750314f53a0d6517a9eff92c44e247
 2022-10-13 12:52:20 -07:00
George Lee
2c91c54d7b bcl: Add brownout boot reason sepolicy am: b72e47e1b0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20152240

Change-Id: Ieefdd8f7a446e51854835ae3bcfd0607f86ae49f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-13 18:31:54 +00:00
George Lee
b72e47e1b0 bcl: Add brownout boot reason sepolicy 
Lastmeal.txt may be generated from after device rebooted from IRQ
triggering.  By applying limit on the time when it generates,
lastmeal.txt will not be generated after device rebooted.

Bug: 246817058
Test: Confirm lastmeal.txt generation
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I02515fc452dbfa5c8a40041cbb8731664dace62e
 2022-10-12 19:59:58 -07:00
George Lee
ae51ebfd98 bcl: Add mitigation ready device sepolicy am: 2260099ad3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20123277

Change-Id: I5b1cd5209a52bacd524e2489bef2af866a258f4f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-10-10 20:15:58 +00:00
George Lee
2260099ad3 bcl: Add mitigation ready device sepolicy 
Instead of relying on vendor.thermal.link_ready property to gate write
to BCL's SYSFS node, adding mitigation ready SYSFS so that writes to
BCL's SYSFS node would not cause NULL pointer dereference.

Bug: 249130916
Test: Confirm property vendor.brownout.mitigation.ready is set
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I1b21a1c745e7e17f78e9d4c001032dd2c46673cf
 2022-10-10 19:49:34 +00:00
Vova Sharaienko
ac2e9dd662 hal_health_default: updated sepolicy am: bdf3d6abcc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20041334

Change-Id: I83ea07dbbc51fe7729172ff7e688795df312c25d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 17:17:27 +00:00
Vova Sharaienko
bdf3d6abcc hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 237639591
Bug: 249827340
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I71013c0b17ee5e526387efa0afb823f97775e572
(cherry picked from commit 87bc6d189d)
Merged-In: I71013c0b17ee5e526387efa0afb823f97775e572
 2022-09-30 16:43:46 +00:00
Kyle Tso
e9137ca867 Set sepolicy for shell script of disabling contaminant detection am: c18eea71d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20064568

Change-Id: I910ec6dd06d432adb2de2f28cb49a663416b9b4b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 09:04:31 +00:00
Kyle Tso
c18eea71d7 Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 244658328
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
Merged-In: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
 2022-09-29 13:33:28 +00:00
Sayanna Chandula
560dbcff4b thermal: enable pixelstats access to thermal metrics am: cbb62de10c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19706085

Change-Id: I9c3b9a0a241dd0584bbcf8eb8ad1176526052d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-23 20:17:52 +00:00
Sayanna Chandula
cbb62de10c thermal: enable pixelstats access to thermal metrics 
Allow pixelstats daemon to access thermal metric nodes

Bug: 228247740
Test: Build and boot on device. Check thermal stats
Change-Id: Iada717b92782bc9c085928462b2e06d2db136cab
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2022-09-23 19:48:41 +00:00
jintinglin
b49b1ca9a7 Allows modem_svc to read the logging related properties am: 5acc68de3b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19981021

Change-Id: I53be3006909eeb6fa4938ceecca1299c1905412c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-22 15:35:43 +00:00
jintinglin
5acc68de3b Allows modem_svc to read the logging related properties 
avc: denied { read } for comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=347 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 243039758
Change-Id: Ib3031552faf03771f86e72e7dbd81c3610c518cc
 2022-09-22 08:15:23 +00:00
Jinhee.k
324f9b569d sepolicy: allowed permissions required for network access am: 37c32d672f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19968207

Change-Id: Idf4da54e99fa914f9297da048dec7816b0efd44d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-20 01:00:41 +00:00