Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1906 commits 1 branch 0 tags 63 MiB
Commit graph

1906 commits

This branch
This branch
All branches
Author SHA1 Message Date
Adam Shih
53371742c2 update error on ROM 7900024 
Bug: 205780088
Bug: 205779872
Bug: 205779877
Bug: 205780065
Bug: 205779906
Bug: 205779737
Bug: 205779871
Bug: 205780093
Bug: 205779850
Bug: 205779736
Bug: 205780090
Bug: 205779798
Bug: 205780186
Bug: 205779849
Bug: 205779799
Bug: 205780067
Bug: 205779581
Bug: 205779869
Bug: 205780068
Test: pts-tradefed run pts -m PtsSELinuxTest

Change-Id: I979411b162c42ace670c35fcfd6ba286f0ea02fb
 2021-11-10 11:06:37 +08:00
Adam Shih
7caaa15bd9 unleash error log related to file access 
Bug: 205212735
Test: boot with error revealed
Change-Id: I7cee80913ca621e7ab19f690eeb70d79e3d692dc
 2021-11-09 14:10:25 +08:00
Adam Shih
95c4e650c8 update error on ROM 7895525 
Bug: 205657177
Bug: 205657040
Bug: 205657133
Bug: 205656936
Bug: 205656937
Bug: 205657024
Bug: 205655569
Bug: 205656951
Bug: 205657039
Bug: 205657063
Bug: 205657092
Bug: 205657025
Bug: 205655298
Bug: 205657135
Bug: 205657093
Bug: 205657132
Bug: 205657090
Bug: 205656950
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I71c27247f9a19fe23a3602bf29793b1f0efc8bc8
 2021-11-09 05:45:36 +00:00
Adam Shih
dd5b14c118 unleash error log related to device access 
Bug: 205212735
Test: boot with error revealed
Change-Id: I49a995ecf3a050174c614453725fd51e09358688
 2021-11-09 01:50:45 +00:00
Roger Wang
5f1a03bf0e Wifi: Add sepolicy files for hal_wifi_ext service 
This commit adds the sepolicy related files for hal_wifi_ext service.

avc msg:
avc: denied { set } for property=vendor.wlan.firmware.version pid=682 uid=1010 gid=1010 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=1'
avc: denied { call } for scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c143,c258,c512,c768 tclass=binder permissive=1

Bug: 205073038
Test: Check no avc_deny on hal_wifi_ext
Change-Id: I5d9b59c56b723174543c0308dd6b0235e998e76c
Signed-off-by: Roger Wang <wangroger@google.com>
 2021-11-05 11:08:11 +00:00
Adam Shih
0060a1335c let init.rc set GKI ready property 
Bug: 205070818
Test: boot with no relevant error
Change-Id: I929a9d2cfbb5267b178fde09fc5e1f3dcc9ec3d0
 2021-11-05 11:25:01 +08:00
Adam Shih
4c9dd893b8 fix platform_app property access 
Bug: 205073024
Test: boot with no relevant error log
Change-Id: Ia230b025b89981ed797c95cdf76fe7efd56d3fa7
 2021-11-05 11:24:57 +08:00
Adam Shih
64af79f39a update error on ROM 7886118 
Bug: 205202540
Bug: 205202541
Bug: 205202542
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I21db6eb0ee47a9a4d002fc897c143eae0f0b614a
 2021-11-05 10:36:11 +08:00
Adam Shih
f2353c6aed update error on ROM 7882509 
Bug: 205073232
Bug: 205072921
Bug: 205073231
Bug: 205073165
Bug: 205073003
Bug: 205073229
Bug: 205073167
Bug: 205073164
Bug: 205073230
Bug: 205073038
Bug: 205073024
Bug: 205073117
Bug: 205073023
Bug: 205072922
Bug: 205073166
Bug: 205072689
Bug: 205073025
Bug: 205070818
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: I84cc72176363ed31203b7f7afe0720c3153d2cc6
 2021-11-04 14:09:41 +08:00
Adam Shih
d43e7773ee unleash error log related to property access 
Bug: 203621307
Test: boot with error revealed
Change-Id: Id537726570bd5cce5716759316559bb792ab055b
 2021-11-01 15:15:16 +08:00
Adam Shih
c0d04c41b3 fix citadeld service access 
Bug: 204718569
Test: boot with no relevant error
Change-Id: Iba8c01f34c4453c8001e56b25089b467c4de79ea
 2021-11-01 10:45:13 +08:00
Adam Shih
8550b06ea4 update error on ROM 7870491 
Bug: 204718569
Bug: 204718762
Bug: 204718449
Bug: 204718220
Bug: 204718450
Bug: 204718757
Bug: 204718809
Bug: 204718221
Bug: 204718782
Bug: 204718864
Bug: 204718865
Bug: 204717520
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ic0b136fe876bcf67a94d7c35927c6bd0c6506005
 2021-11-01 10:39:07 +08:00
Rex Lin
d6f5c71db9 Uwb: Create a new Uwb system service 
inherit from gs101-sepolicy

Signed-off-by: Rex Lin <rexcylin@google.com>

Bug: 201232020

Test: ranging works
Change-Id: I0567e6bda78a94c12da3401444faffb36586f331
 2021-10-29 12:43:07 +08:00
Adam Shih
de48018a88 remove errors that were filed on the wrong ROM ID 
Bug: 202906903
Bug: 202906772
Bug: 202907037
Test: boot with those errors appear again
Change-Id: I5bc173c18b0d2a94ac2146e1c6e405c542e0c9ba
 2021-10-29 11:10:43 +08:00
Adam Shih
8cc3f28ac1 fix wlc_hwservice access 
10-29 10:38:01.270   440   440 E SELinux : avc:  denied  { find } for pid=1594 uid=10210 name=com.google.input.ITouchContextService/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:touch_service:s0 tclass=service_manager permissive=1
10-29 10:38:01.277   440   440 E SELinux : avc:  denied  { find } for pid=1594 uid=10210 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=1
Bug: 202906787
Test: boot with no relevant error

Change-Id: I47ea0f1dfe6f3f7b024d4512e0ccd94bc0da93a1
 2021-10-29 10:57:39 +08:00
Adam Shih
73845f7fcd fix rlsservice service access 
Bug: 202906997
Test: boot with no relevant error
Change-Id: I964d11956b5f78c410aec230289abc1f6a045023
 2021-10-29 10:21:00 +08:00
Adam Shih
c9392bd414 fix vendor_ims_app service access 
Bug: 202906888
Test: boot with no relevant error
Change-Id: I25e967bed593b017f11b647c23cfd148738227e0
 2021-10-29 10:19:38 +08:00
Adam Shih
d73b97b740 fix vendor_rcs_app service access 
Bug: 202907058
Test: boot with no relevant error
Change-Id: Ie435cdadc54cb59b09dadba890a9d1cbdb94b458
 2021-10-29 10:17:57 +08:00
Adam Shih
ee3287231f fix hal_usb_impl service access 
Bug: 202906786
Test: boot with no relevant error
Change-Id: I99178488a97aa2d0b3d7e4775c88b00321084d63
 2021-10-29 10:12:28 +08:00
Max Kogan
68217c1ae6 sepolicy: gs201: allow dumpstate access AoC stats 
Merge changes from gs101

Bug: 203827311
Change-Id: I3028e8d2c162dde74b747cbfe6458cc37a9ad759
 2021-10-28 05:14:06 +00:00
Adam Shih
23b637e260 fix mediacodec_samsung service access 
Bug: 202906949
Test: boot with no relevant errors
Change-Id: I015c58f1b223978cb0e61377f5fc6930477c9a53
 2021-10-27 13:24:52 +08:00
Adam Shih
e171a156e2 fix mediacodec_google service access 
Bug: 202906901
Test: boot with no relevant errors
Change-Id: I8ba645de225af4a25c52cc14eb05eb60a64ea202
 2021-10-27 13:24:46 +08:00
Adam Shih
5e572d5c72 fix hal_camera_default service access 
10-25 11:52:35.916   437   437 E SELinux : avc:  denied  { find } for pid=711 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
Bug: 202906784
Test: boot with no hal_camera_default errors

Change-Id: I0e21cc11808b973c859ddc2ddebc0db81f999d9f
 2021-10-27 13:24:34 +08:00
Adam Shih
abf31d56d6 fix secure element service access 
Bug: 202902683
Test: boot with no secure element errors
Change-Id: I84ee827d356e6a99af192cce9178fb4f408de5ec
 2021-10-25 11:37:10 +08:00
Adam Shih
0ae5acc904 fix graphics_composer services denials 
10-25 11:28:32.230   438   438 E SELinux : avc:  denied  { add } for pid=500 uid=1000 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=1
10-25 11:28:33.787   438   438 E SELinux : avc:  denied  { find } for pid=500 uid=1000 name=android.hardware.power.IPower/default scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=1
Bug: 202906947
Test: boot with no graphics_composer errors

Change-Id: I4174cbcacb7149427814ca67703799ab02b992e4
 2021-10-25 11:31:39 +08:00
Adam Shih
be8aedd6ac fix hal_fingerprint_default denails 
10-25 11:19:03.649   430   430 E SELinux : avc:  denied  { find } for pid=958 uid=1000 name=android.hardware.power.IPower/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=1
10-25 11:19:04.509   430   430 E SELinux : avc:  denied  { find } for pid=958 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
Bug: 202906981
Test: boot with no fingerprint errors

Change-Id: I95dcda0698c7fcec1e4874b95b598bc987e83e58
 2021-10-25 11:24:26 +08:00
Adam Shih
9cb1f625ba fix hal_weaver_citadel denials 
Bug: 202907040
Test: boot with nno relevant errors
Change-Id: Ieb7a57518b433cc6cd2849afb58c8616b409db13
 2021-10-25 11:09:06 +08:00
Jasmine Cha
6dea3e0842 audio: add permission to request health/sensor data 
- Add audio hal into hal_health clients
- allow audio hal to find fwk_sensor_hwservice

SELinux : avc:  denied  { find } for interface=android.frameworks.sensorservice::ISensorManager sid=u:r:hal_audio_default:s0 pid=5907 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:fwk_sensor_hwservice:s0 tclass=hwservice_manager permissive=1
SELinux : avc:  denied  { find } for interface=android.hardware.health::IHealth sid=u:r:hal_audio_default:s0 pid=9875 scontext=u:r:hal_audio_default:s0 tcontext=u:object_r:hal_health_hwservice:s0 tclass=hwservice_manager permissive=1
audio.service: type=1400 audit(0.0:14): avc: denied { call } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1
audio.service: type=1400 audit(0.0:15): avc: denied { transfer } for scontext=u:r:hal_audio_default:s0 tcontext=u:r:hal_health_default:s0 tclass=binder permissive=1


Bug: 199382564
Bug: 199801586
Test: build pass

Signed-off-by: Jasmine Cha <chajasmine@google.com>
Change-Id: I6c8d9cd73953b20905857368d740fd91e92c6928
 2021-10-20 04:12:48 +00:00
Adam Shih
fc1ec67aa4 fix init_citadel service access 
Bug: 202906904
Test: boot to home with no relevant error
Change-Id: I6729ced49cbbecbc33234e311fb81652a065fe39
 2021-10-20 10:41:56 +08:00
Adam Shih
ecc3a24449 fix identity service access 
10-20 10:32:58.701   438   438 E SELinux : avc:  denied  { find } for pid=742 uid=9999 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_identity_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1
Bug: 202906902
Test: boot to home with no relevant error

Change-Id: Ia6e09343843f9a5c96e06998ba5c50fb64948d7f
 2021-10-20 10:35:18 +08:00
Adam Shih
4c20c40f50 Fix hal_keymint_citadel service access 
10-20 10:24:31.155   432   432 E SELinux : avc:  denied  { find } for pid=481 uid=1064 name=android.hardware.citadel.ICitadeld scontext=u:r:hal_keymint_citadel:s0 tcontext=u:object_r:citadeld_service:s0 tclass=service_manager permissive=1
Bug: 202907039
Test: boot to home with no keymint errors

Change-Id: I7935fe52a9774f8fca67336be9c9d47fe2675756
 2021-10-20 10:26:18 +08:00
Adam Shih
e9d02e08f5 fix widevine drm access 
Bug: 202906980
Test: boot with no relevant logs

Change-Id: Idc37f7e1441d9fae1f570bc53ff67a7a48656ed3
 2021-10-20 10:06:10 +08:00
Adam Shih
56bef214d3 fix citadeld's service access 
Bug: 202906931
Test: boot with no relevant logs
Change-Id: Ic65c6f218f69a1afa14fcd1b6eb0feacf48ea54f
 2021-10-20 09:54:52 +08:00
Adam Shih
a39f2e902e remove unlabeled dontaudits 
The log shows up when we remount the phone, causing modem images going
back to default file contexts: "unlabeled"
Bug: 202906831
Test: Boot to home with no relevant log

Change-Id: I69baced268782d9b38c1a56c62b3c63ae55733e4
 2021-10-20 09:46:02 +08:00
Adam Shih
a5f61547cf remove legacy folder 
Bug: 196916111
Test: boot to home
Change-Id: I33e4cf4a339092a31c951098e982c0bd38e53852
 2021-10-20 09:33:29 +08:00
Adam Shih
862eca1510 remove redundant bluetooth sepolicy 
Bug: 202790744
Test: boot with bluetooth hal started

Change-Id: Ie78cb9caeabd6b202ff99f9896fe0ae6e57cabfe
 2021-10-18 12:02:08 +08:00
Adam Shih
e0107f4952 remove legacy sepolicy to have a clean start 
Bug: 196916111
Test: build pass and boot to home
Change-Id: Idb220db3c1f8b35a9dfac15caf6114fa2e6737fe
 2021-10-18 12:01:54 +08:00
Adam Shih
90068020c3 review property settings 
Bug: 203025336
Test: build pass
Change-Id: I48bc1b0a5ffc4631fec04750c9b58bed8f15d39d
 2021-10-18 12:01:42 +08:00
Adam Shih
503d402cb2 review the rest of file declaration 
Bug: 203025336
Test: build pass
Change-Id: I330a8dd46bdf6b731d4f7f61544e1d1f1e59876c
 2021-10-18 12:01:13 +08:00
Adam Shih
37e4973df6 review file declaration 
Bug: 203025336
Test: build pass
Change-Id: I8cfec54ac035f41ccafc58f1ec0b125613e0742b
 2021-10-18 10:31:31 +08:00
Adam Shih
11c3b49e36 review file_contexts 
Bug: 203025336
Test: check if every path exists
Change-Id: I156c4953a50d888e54249038b45992d134b4aaca
 2021-10-18 00:46:45 +00:00
Adam Shih
e5b1c96b00 review genfs_contexts besides bluetooth 
Bug: 203025336
Test: check each path's existence
Change-Id: I0b45434f544fb243bd2810ea7abdb896056aed0e
 2021-10-15 03:45:59 +00:00
Adam Shih
37a0cb7547 review sys file nodes 
Bug: 203025336
Test: check if the paths exist
Change-Id: I5141545211e19d3c18b2c3bb315c10d33d5e3774
 2021-10-15 03:45:59 +00:00
Adam Shih
cf06f9ccbf review proc, tracefs, and system_suspend nodes 
Bug: 203025336
Test: check if each file path exists
Change-Id: I980742978599c162a6c0d09fa2a3a07d97434981
 2021-10-15 03:45:59 +00:00
Bart Van Assche
c6a7058dc3 Stop using the bdev_type SELinux attribute 
The bdev_type is being removed from all SELinux policy files. Hence this
patch.

Bug: 202520796
Test: Treehugger
Change-Id: I475ff63b3f77f1bfe49519b76bb31b90c3216105
Signed-off-by: Bart Van Assche <bvanassche@google.com>
 2021-10-15 01:52:10 +00:00
Adam Shih
0b4e85afe7 review debugfs 
Bug: 203025336
Test: Boot to home with those files labeled
Change-Id: Ibe758555512417953eb9726bdba05c4ac2ff2ccf
 2021-10-14 13:57:18 +08:00
Adam Shih
0b42f3ba82 review file_contexts 
Bug: 203025336
Test: boot to home and check if the files are there
Change-Id: I2b748b18cca389d7fdd8b1b472dcb1605e0ddaaa
 2021-10-14 13:34:33 +08:00
Adam Shih
0a570d1bc1 review hw service settings 
Bug: 196916111
Test: boot to home
Change-Id: I63bc13119cee3564fd577b12aba9042f484ec18f
 2021-10-14 04:01:42 +00:00
Adam Shih
bfd5097be2 dispatch service related error 
Bug: 202906787
Test: pts-tradefed run pts -m PtsSELinuxTest

Change-Id: Ifbdf1de156994572b8fedfd18180d3821ef1594c
 2021-10-14 10:50:12 +08:00
Jaegeuk Kim
bf900e2ae5 allow to convert /efs to f2fs 
Bug: 201348703
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
Change-Id: If69f1443a0ee4d46a468a33524e8a51f774b2d28
 2021-10-14 02:17:56 +00:00