Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
564 commits 1 branch 0 tags 63 MiB
Commit graph

564 commits

This branch
This branch
All branches
Author SHA1 Message Date
Austin Wang
f2336f95c4 Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 46d2740350 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: Ic2fed4e290d198298ad28a7a74112df4b73e1c89
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:40:14 +00:00
Austin Wang
eb52e384fc Add P22 reverse wireless charging selinux policy am: e5f8377849 am: 53a167fcf0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I950f1f224cd77942d3718d040f3dce41dfc157b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:59 +00:00
Automerger Merge Worker
032ce42cd3 Merge "Allow mediacodec to access vendor_data_file am: 95845654bf am: 65993e19e8" into tm-d1-dev-plus-aosp 2022-05-13 10:39:55 +00:00
Jerry Huang
b9d25e06d8 Allow mediacodec to access vendor_data_file am: 95845654bf am: dafeb57668 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: Id370dfbcc5081e085db3844edd7893ab1aa8b031
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:52 +00:00
Jerry Huang
d217f9119f Allow mediacodec to access vendor_data_file am: 95845654bf am: 65993e19e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I783c7a21ff21f490367777f05db80ea23fe4228a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 10:39:51 +00:00
Austin Wang
53a167fcf0 Add P22 reverse wireless charging selinux policy am: e5f8377849 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: I92b12dd3c05b50244e3c67667ba2296fcf62fd1a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:49:54 +00:00
Jerry Huang
dafeb57668 Allow mediacodec to access vendor_data_file am: 95845654bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: I4fd8e3a631a441dfedf06300f5f619706f7b75c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:49:28 +00:00
Austin Wang
46d2740350 Add P22 reverse wireless charging selinux policy am: e5f8377849 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18350566

Change-Id: Ic38aa173a3363c726149086343ea53903e04c235
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:48:22 +00:00
Jerry Huang
65993e19e8 Allow mediacodec to access vendor_data_file am: 95845654bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18188091

Change-Id: Ieb6ddf76f46e735e1a89c85c7221863bbe61bef9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:47:44 +00:00
Nishok Kumar S
ebb393aac0 Use google_camera_app label for GCA-Next fishfood app. am: 145f7b5b93 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18344645

Change-Id: I72867e1f8262f1868e231ef5bbd43fc154853360
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:37 +00:00
Nishok Kumar S
f021ddaf55 Label GCA-Eng app am: 4a6cfb5a9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18331264

Change-Id: I22f1a5efcc4263ae03165effa7f69e0f09f196a5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-13 09:39:36 +00:00
Austin Wang
e5f8377849 Add P22 reverse wireless charging selinux policy 
Allow Settings to call hal_wlc

Error:

05-13 09:28:20.508  1000  7293  7293 W ndroid.settings: type=1400 audit(0.0:29): avc: denied { call } for scontext=u:r:system_app:s0 tcontext=u:r:hal_wlc:s0 tclass=binder permissive=0

Bug: 231420451
Test: Enable battery share from settings and charge another device.
Change-Id: Ic761bee47ea41f6db8b1838fb3fc2a9f7ef7bb5c
 2022-05-13 09:28:03 +00:00
Jerry Huang
95845654bf Allow mediacodec to access vendor_data_file 
For dumping output buffer of HDR to SDR fliter.

This patch fixes the following denial:

05-10 21:42:49.427   890   890 W HwBinder:890_4: type=1400 audit(0.0:2944): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:42:49.499   890   890 W HwBinder:890_4: type=1400 audit(0.0:2946): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_samsung:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

05-10 21:46:27.735   885   885 W google.hardware: type=1400 audit(0.0:3198): avc: denied { search } for name="data" dev="dm-41" ino=105 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:system_data_file:s0:c512,c768 tclass=dir permissive=0

05-10 21:46:27.795   885   885 W google.hardware: type=1400 audit(0.0:3200): avc: denied { getattr } for name="/" dev="dmabuf" ino=1 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:unlabeled:s0 tclass=filesystem permissive=0

Bug: 229360116
Test: atest android.media.decoder.cts.DecoderTest
Change-Id: I11403b20e8608f50907db561b8232b1b64bea298
 2022-05-13 09:24:38 +00:00
Nishok Kumar S
145f7b5b93 Use google_camera_app label for GCA-Next fishfood app. 
Bug: 230773733
Test: Build selinux and test with GCA-Next on device.
Change-Id: I757e7de2293e25bd027262a5fbf4ece2a44f10d1
 2022-05-13 05:31:34 +00:00
Nishok Kumar S
4a6cfb5a9c Label GCA-Eng app 
- Add policies for GCA-Eng to access GXP device.
 - Allow GCA-Eng to access edgetpu service.

Test: Build selinux and test GCA-Eng on device with
      adb shell setprop camera.artemis_dsp TRUE

Bug: 230773733
Change-Id: I8d04f6e1aef0899b3862ddbb80174cd086156d92
 2022-05-13 05:18:09 +00:00
Kris Chen
2f711e875f Allow hal_fingerprint_default to access hal_pixel_display_service am: 3162407210 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013067

Change-Id: I43f89e4465035e5f5aa2797007d419ae1d2040c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-05 02:35:13 +00:00
Kris Chen
3162407210 Allow hal_fingerprint_default to access hal_pixel_display_service 
Fix the following avc denial:
avc: denied { find } for pid=1158 uid=1000 name=com.google.hardware.pixel.display.IDisplay/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:hal_pixel_display_service:s0 tclass=service_manager permissive=0
avc: denied { call } for scontext=u:r:hal_fingerprint_default:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder permissive=0

Bug: 229716695
Bug: 224573604
Test: build and test fingerprint on device
Change-Id: I104af7f50715090fe0c2aa6845848bf77ab3e3ae
 2022-05-05 02:03:43 +00:00
Jenny Ho
ff33c561a8 sepolicy: allow access debugfs charger register dump am: 5e426a95d0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/18013064

Change-Id: Ie517da7264b8a3fdc7652f80f07c7a0584718cdc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 07:17:46 +00:00
Jenny Ho
5e426a95d0 sepolicy: allow access debugfs charger register dump 
Bug: 230360103
Signed-off-by: Jenny Ho <hsiufangho@google.com>
Change-Id: Ieedff4d6475706d4d932913e6d647ca401e56966
 2022-05-03 06:54:05 +00:00
Labib
22388f50f5 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 177a3796e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Iae1bb5c50d3c31c55620b5d1460260142404e1ce
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:42:07 +00:00
Labib
9a185b7f49 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 am: 7f89bf6be8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: I6033a5d87e2849d39198ba58b9889c9f07fa4895
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:30:50 +00:00
Labib
177a3796e8 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Iec721cea68d7eae8715537b887911c0f848e1e6d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:07:36 +00:00
Labib
7f89bf6be8 Give RadioExt permission to write to sysfs node am: 4c8dbb65b8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17981512

Change-Id: Ia21d71094878ef44659873ecb813e7c4dffafb8b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-05-03 05:05:01 +00:00
Labib
4c8dbb65b8 Give RadioExt permission to write to sysfs node 
Bug: 212601547
Test: Manual
Change-Id: I8c7341833aeacebfedba6e8e05d2696012043d32
 2022-04-28 16:58:34 +08:00
Wei Wang
8b0b46b1c3 allow udfps hal to access trusty am: d85f93ec30 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17992165

Change-Id: Ic4125cc7f4b34be8562db31019be2ee8d7e27b14
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-28 01:15:51 +00:00
Wei Wang
d85f93ec30 allow udfps hal to access trusty 
Bug: 229350721
Bug: 230492593
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ib1abe0e0318689528a6658f3597f1c11ad9fa1c3
 2022-04-27 13:20:02 -07:00
Stephane Lee
3237df5318 Fix permissions for ODPM permanently by adding all buses am: 85e5caf85e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966244

Change-Id: I58f62d4a9949a0c518b1f1b5f79889eda7fbcaf2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 01:27:33 +00:00
Stephane Lee
28bb996e11 Allow hal_thermal_default to read iio/odpm sysfs nodes am: a492311ba4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17966242

Change-Id: Iddd9e9e9500f5ac43d06f460b08632d9a66bd85e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-27 01:27:32 +00:00
Stephane Lee
85e5caf85e Fix permissions for ODPM permanently by adding all buses 
You don't need wildcards on genfs, just need the base path

Bug: 229895015
Test: Ensure the device boots, verify permissions with ls -AlZ
Change-Id: Ib59693f0404db4e28b9959fcdf1cc4d483c5d1b1
 2022-04-27 01:06:36 +00:00
Stephane Lee
a492311ba4 Allow hal_thermal_default to read iio/odpm sysfs nodes 
Bug: 230031671
Test: There are no errors for iio or odpm nodes
Change-Id: Ifb204fa7b535c001838c7008b30b6e41744a01d1
 2022-04-26 21:24:30 +00:00
Wei Wang
0c542ab35f Grant trusty to power hal am: 90f4106b80 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17928564

Change-Id: If11ffc0910580c59f4920b1354e6de27945feb30
Ignore-AOSP-First: this is an automerge
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-26 17:09:52 +00:00
Wei Wang
90f4106b80 Grant trusty to power hal 
Bug: 229350721
Test: UDFPS with stress
Signed-off-by: Wei Wang <wvw@google.com>
Change-Id: Ia88d6cff1d21940e22ae5122dbfcf52de27ad700
 2022-04-23 21:53:44 -07:00
Quang Luong
83129ea904 Revert "Add SEPolicy settings for android logging/tracing servic..." am: a36285b0de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17898130

Change-Id: I7b0404c8d99cbc40e8f1fc5cb1dc94987fd2187c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-22 01:47:15 +00:00
Quang Luong
a36285b0de Revert "Add SEPolicy settings for android logging/tracing servic..." 
Revert submission 17817048-gxp-firmware-log-trace-metrics-service

Reason for revert: breaks CTS tests: b/230031232
Reverted Changes:
I3c9574dca:Add SEPolicy settings for android logging/tracing ...
I6bced8246:Add Firmware Log/Trace service to GXP project outp...
Icfc0ca30f:Add gxp_logging_service as an android service

Change-Id: I4ae6a63b6e2b58a094f45771de87fc3799f99e67
 2022-04-22 00:11:02 +00:00
George Chang
3135c26574 Remove st33spi tracking_denial 
Fixed by remove property access from st33spi hal
aosp/2064213

Bug: 229167195
Test: PtsSELinuxTestCases
Change-Id: Icee8bea36ad68e60a32cfa8c35a2ab9ff6ee515a
 2022-04-21 08:27:28 +00:00
Chung-Kai (Michael) Mei
26b3d89302 Revert "genfs_contexts: fix path for i2c peripheral device" am: ac45672cc5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17865266

Change-Id: I5b4670792368963bd1fe1b6015523bd9dd0f00d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 08:02:41 +00:00
Chung-Kai (Michael) Mei
ac45672cc5 Revert "genfs_contexts: fix path for i2c peripheral device" 
This reverts commit 4db0feed32.

Reason for revert: related patch is merged, so it's duplicated

Fix: 229940065
Change-Id: I898dd52f4857983323fec9f72e797bd2f759f724
 2022-04-21 07:28:09 +00:00
chungkai
75b598a98b genfs_contexts: fix path for i2c peripheral device am: 4db0feed32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17866185

Change-Id: Ie6c3f511a21fa3c50af2c8a138ca81c601eb26ca
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:49:05 +00:00
Stephane Lee
adc37c2bdf Fix boot issues with hal_thermal_default am: 9fdfcb53b5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17877853

Change-Id: Ie32473dbd4dd7f663da8a7cd687ffb548a717034
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 06:48:59 +00:00
chungkai
4db0feed32 genfs_contexts: fix path for i2c peripheral device 
add original paths since we reverted enable load
module in parallel for other issues

Test: without avc denial
Bug: 229670628
Signed-off-by: chungkai <chungkai@google.com>
Change-Id: Ie7a2a78eae5d6965beedc0de640ec56acb6a7b2a
 2022-04-21 06:33:21 +00:00
Stephane Lee
9fdfcb53b5 Fix boot issues with hal_thermal_default 
Bug: 229895015
Test: Ensure the device boots, verify permissions with ls -AlZ
Change-Id: I0f95bb7eb58e6ce22a0f66a70408fdf56d94b1b3
 2022-04-21 06:30:34 +00:00
Dinesh Yadav
5f4f4de205 Add SEPolicy settings for android logging/tracing service for GXP 
Change-Id: I3c9574dca5e52356b77172c886ac8971584d3012
 2022-04-21 06:22:37 +00:00
Wayne Lin
c59744b9da gps: sync sepolicy from gs101 to allow gps access pps gpio am: 4d163d5b32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699358

Change-Id: Ifb5a5c0afac155bdaeccd7313f4ee16dd4dd9834
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:22:17 +00:00
Wayne Lin
52af682ee3 gps: refine gps sepolicy am: 5c9592e973 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17699753

Change-Id: Ic804efd9b7077145d1d12b1ec00999195a9fc5d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:22:16 +00:00
Stephane Lee
f397f35b2e Add hwservicemanager to pixelstats permissions am: 3a95426f78 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17831450

Change-Id: I7765947eb081be8869b038981d2ddfc104bdcadc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-21 02:21:48 +00:00
Wayne Lin
4d163d5b32 gps: sync sepolicy from gs101 to allow gps access pps gpio 
Bug: 228903885
Test: build pass
Change-Id: Ic555a0640872ae0dc1a69a9d4a11027d4364464a
 2022-04-21 01:47:37 +00:00
Wayne Lin
5c9592e973 gps: refine gps sepolicy 
Bug: 228903885
Test: build pass and no avc denied in gpsd
Change-Id: Id0821b1335d316899e3a32b56a0e1c0feb4ba2b6
 2022-04-21 01:47:37 +00:00
Stephane Lee
3a95426f78 Add hwservicemanager to pixelstats permissions 
Bug: 227199213
Test: Ensure there are no more selinux errors
Change-Id: I1d961096df49f82302d7ff14fec809232e5afd28
 2022-04-21 01:42:17 +00:00
Labib
b4c3e55628 Let RadioExt talk to bt hal am: 2b189b45af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/17821687

Change-Id: Ia79174e3f47e9cd7b1c9c2bd12c91da7543e2baf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-04-20 03:58:47 +00:00
Labib
2b189b45af Let RadioExt talk to bt hal 
Bug: 227122249
Test: Manual
Change-Id: I9f41615e8e862af147d6f47e5e4c4e0dde40c233
 2022-04-20 03:20:39 +00:00