Evolution-X-Tensor/device_google_gs201
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
950 commits 1 branch 0 tags 63 MiB
Commit graph

950 commits

This branch
This branch
All branches
Author SHA1 Message Date
Stephen Crane
f70e73af58 Allow Trusty storageproxy property 
Allows the Trusty storageproxyd to set ro.vendor.trusty.storage.fs_ready
when the data filesystems are ready for use, and allows vendor init to
query and wait on this property.

Test: build, flash, test app loading
Bug: 258018785
Change-Id: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
Merged-In: I0b4f80371385bf0ddb0c44e81b1893bb80c7a63d
 2022-12-21 03:43:20 +00:00
Devin Moore
691897a0bf Allow pixelstats hal to talk to the new AIDL sensorservice 
This is being used in libsensorndkbridge now, so permissions are
required.

Test: m
Bug: 205764765
Change-Id: Ife9688c62398bef83ae5636e915568658098e12d
 2022-12-19 23:05:38 +00:00
Jack Wu
72a65a0100 ignore shell access on wlc 
Bug: 238260741
Test: boot
Change-Id: I5f1d321df2daa2ec785e2ad1ac2e02478568b688
Merged-In: I5f1d321df2daa2ec785e2ad1ac2e02478568b688
Signed-off-by: Jack Wu <wjack@google.com>
 2022-12-12 09:28:24 +08:00
Xin Li
a895073188 Merge Android 13 QPR1 
Bug: 261731544
Merged-In: Idb145723d053eb93dbae2b71f7204347253c8a50
Change-Id: I81e178b27ef30d184e5e12844c64e5b897d97168
 2022-12-09 10:24:38 -08:00
Nicolas Geoffray
99159a832b Also put .ShannonImsService in the vendor_ims_app domain. am: 123262b869 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2335385

Change-Id: I0967cfff61ba4576130772ddf66c297ea6edf508
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-08 19:32:29 +00:00
Nicolas Geoffray
123262b869 Also put .ShannonImsService in the vendor_ims_app domain. 
For consistency when running com.shannon.imsservice code.

Test: m
Bug: 260557058
Change-Id: Idb145723d053eb93dbae2b71f7204347253c8a50
 2022-12-08 14:49:22 +00:00
Nicolas Geoffray
a350889233 Allow ssr_detector_app to create files of type system_app_data_file. am: 48acf9683f 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2328073

Change-Id: I1d28a6bc1bab970eef702a8c8a0f9b3d8bfe2123
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-12-05 15:48:47 +00:00
Nicolas Geoffray
48acf9683f Allow ssr_detector_app to create files of type system_app_data_file. 
Bug: 260557058
Test: m
Change-Id: I0ff85b542a84ed7d5e5ffd1010ca1a9f7f86c8f1
 2022-12-05 13:58:36 +00:00
Nicolas Geoffray
0590da44cf Merge "Allow ssr_detector_app writes to system_app_data_file." am: 073de4fba6 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2319817

Change-Id: I0e29c8a6435b71ff567d03572606cbcba3f76c1b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-29 09:43:15 +00:00
Nicolas Geoffray
073de4fba6 Merge "Allow ssr_detector_app writes to system_app_data_file." 2022-11-29 09:00:12 +00:00
Sandeep Dhavale
6f2812426a Add fastboot sepolicy changes to allow wiping of device am: 89f5fff668 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2316638

Change-Id: Ib362d72f41b9955e46350e45250c077c703a0734
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-28 23:09:09 +00:00
Sandeep Dhavale
89f5fff668 Add fastboot sepolicy changes to allow wiping of device 
With new AIDL fastboot service, wiping permissions need to be added
for hal_fastboot_default.

Bug: 260140380
Test: fastboot -w

Change-Id: I08e98461d0697d7539e14435acdacc3cc64eab3d
Signed-off-by: Sandeep Dhavale <dhavale@google.com>
 2022-11-28 17:53:51 +00:00
Nicolas Geoffray
4293206c86 Allow ssr_detector_app writes to system_app_data_file. 
Bug: 260557058
Test: m
Change-Id: Ibd028690a9d8661be8769d1b8f0c4e3a1f0fe985
 2022-11-28 17:27:46 +00:00
Sandeep Dhavale
e1f3eb7802 Add sepolicy rules for fastboot AIDL service am: 25ea0f418a 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2293977

Change-Id: I6b2c167429aa887acb2785b3bcbc7ef93852354d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-10 18:55:35 +00:00
Sandeep Dhavale
25ea0f418a Add sepolicy rules for fastboot AIDL service 
Bug: 205760652
Test: Build & Flash

Change-Id: I02fe5ca6c0276fd08cf5127b7d8b7313374f0cfe
Signed-off-by: Sandeep Dhavale <dhavale@google.com>
 2022-11-09 00:36:48 +00:00
Amith Dsouza
5653e43b44 Fix untracked SELinux denials on boot am: be2e1b2ede 
Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/2280310

Change-Id: Ic521a8ea94ec22b17bf4a327c8244d0d04c269e5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-11-02 04:07:20 +00:00
Amith Dsouza
be2e1b2ede Fix untracked SELinux denials on boot 
Error:
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:platform_app:s0:c512,c768 pid=2641 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 254453654
Test: Flash device, rebuild driver blobs, check logs after boot

Change-Id: I43d524f781c1dda1d3d5291f661bc549fdbb99d6
 2022-11-02 00:55:45 +00:00
Vova Sharaienko
ac2e9dd662 hal_health_default: updated sepolicy am: bdf3d6abcc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20041334

Change-Id: I83ea07dbbc51fe7729172ff7e688795df312c25d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 17:17:27 +00:00
Vova Sharaienko
bdf3d6abcc hal_health_default: updated sepolicy 
This allows the android.hardware.health service to access
AIDL Stats service

Bug: 237639591
Bug: 249827340
Test: Build, flash, boot & and logcat | grep "avc"
Change-Id: I71013c0b17ee5e526387efa0afb823f97775e572
(cherry picked from commit 87bc6d189d)
Merged-In: I71013c0b17ee5e526387efa0afb823f97775e572
 2022-09-30 16:43:46 +00:00
Kyle Tso
e9137ca867 Set sepolicy for shell script of disabling contaminant detection am: c18eea71d7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/20064568

Change-Id: I910ec6dd06d432adb2de2f28cb49a663416b9b4b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-30 09:04:31 +00:00
Kyle Tso
c18eea71d7 Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 244658328
Signed-off-by: Kyle Tso <kyletso@google.com>
Change-Id: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
Merged-In: Idbfa55d4c7091ce2861600ff3881fcc7217ec662
 2022-09-29 13:33:28 +00:00
Sayanna Chandula
560dbcff4b thermal: enable pixelstats access to thermal metrics am: cbb62de10c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19706085

Change-Id: I9c3b9a0a241dd0584bbcf8eb8ad1176526052d84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-23 20:17:52 +00:00
Sayanna Chandula
cbb62de10c thermal: enable pixelstats access to thermal metrics 
Allow pixelstats daemon to access thermal metric nodes

Bug: 228247740
Test: Build and boot on device. Check thermal stats
Change-Id: Iada717b92782bc9c085928462b2e06d2db136cab
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2022-09-23 19:48:41 +00:00
jintinglin
b49b1ca9a7 Allows modem_svc to read the logging related properties am: 5acc68de3b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19981021

Change-Id: I53be3006909eeb6fa4938ceecca1299c1905412c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-22 15:35:43 +00:00
jintinglin
5acc68de3b Allows modem_svc to read the logging related properties 
avc: denied { read } for comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=347 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 243039758
Change-Id: Ib3031552faf03771f86e72e7dbd81c3610c518cc
 2022-09-22 08:15:23 +00:00
Jinhee.k
324f9b569d sepolicy: allowed permissions required for network access am: 37c32d672f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19968207

Change-Id: Idf4da54e99fa914f9297da048dec7816b0efd44d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-20 01:00:41 +00:00
Jinhee.k
37c32d672f sepolicy: allowed permissions required for network access 
: add permission to allow create, connect udp socket
Apply to add network access permissions

Bug: 242231557
Test: Verified no IMS exception and avc denied
Change-Id: I4a4bd1efb22b5538b1679aad8f543d00203e0b48
Signed-off-by: Jinhee.k <jinhee.k@samsung.com>
 2022-09-19 01:41:34 +00:00
Sherry Luo
fabbfe62fa Add network permissions for debug camera am: 9dd930e4c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19914967

Change-Id: I73f2cf441f2e52e5246074693d65a3cb6a5da3bc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 18:48:22 +00:00
Sherry Luo
9dd930e4c2 Add network permissions for debug camera 
Noticed that Estrella upload failing w/
   java.lang.SecurityException: Permission denied (missing INTERNET
   permission?)

Followed investigation in b/230434151. Verified that upload working once
this change is flashed.

Test: Flash build w/ local change
Test: Take a picture and upload using Estrella
Test: Verify that the upload succeeded

BUG=245995782

Change-Id: I505af355f25e9063927c946ee8af21de25758ef1
 2022-09-15 18:16:58 +00:00
Estefany Torres
9b1caac1d7 Add rules for letting logger app send the command to ril am: 6cb9f4e623 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19913309

Change-Id: Id2362cefd0aac3af1709d008bc1a102baeb16975
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-15 14:35:08 +00:00
Estefany Torres
6cb9f4e623 Add rules for letting logger app send the command to ril 
08-31 23:40:57.354   458   458 E SELinux : avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c252,c256,c512,c768 pid=2901 scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
09-01 00:08:19.600  2881  2881 W oid.pixellogger: type=1400 audit(0.0:10): avc: denied { call } for scontext=u:r:logger_app:s0:c252,c256,c512,c768 tcontext=u:r:rild:s0 tclass=binder permissive=0 app=com.android.pixellogger

Bug: 241412942
Test: tested on C10 with pixel logger change
Change-Id: I845eefc609be2b7fbc22c9b37d1eb2b3195e014f
 2022-09-15 14:09:05 +00:00
Chungjui Fan
9a70ccc6d6 Add sepolicy of dumping LED file in dumpstate am: aa55cb6f2e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19893210

Change-Id: Idb5424850f53d62e971faa9a208eaaf9e8731942
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-14 03:34:32 +00:00
Chungjui Fan
aa55cb6f2e Add sepolicy of dumping LED file in dumpstate 
Bug: 242300919
Change-Id: I14b0af18244c4a71fd7908fdb35e2e86354e02e0
 2022-09-14 02:59:20 +00:00
Jeffrey Carlyle
686c24a38f dck: allow st54spi devivce to be accessed by recovery and fastbootd am: a658683689 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19754910

Change-Id: Ic69198e22d963c26f9994689d0818bcf6e45d80f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 22:35:51 +00:00
Jeffrey Carlyle
a658683689 dck: allow st54spi devivce to be accessed by recovery and fastbootd 
This is needed so that Digital Car Keys can be cleared from the ST54
during a user data wipe.

Bug: 203234558
Test: data wipe in Android recovery mode on raven
Test: data wipe in Android recovery mode on c10
Test: data wipe in user mode fastbootd mode on raven
Test: data wipe in user mode fastbootd mode on c10
Signed-off-by: Jeffrey Carlyle <jcarlyle@google.com>
Change-Id: Icaa3d62aa6b3b88b8db6c1c11807907a06e51019
 2022-09-08 21:58:52 +00:00
JJ Lee
749dbdb873 sepolicy: add nodes for aoc memory votes stats am: 4b3ae5b9bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19712556

Change-Id: I3592111f07154b84c74de89c980679437bf71073
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 05:02:44 +00:00
JJ Lee
4b3ae5b9bf sepolicy: add nodes for aoc memory votes stats 
Bug: 223674292
Test: build pass, not blocking bugreport
Change-Id: Iae1c5dc42b3e6213d4399025cb91dc57822fd2cc
Signed-off-by: JJ Lee <leejj@google.com>
 2022-09-08 04:45:32 +00:00
Jack Wu
980e37d3df remove selinux avc error am: c252f3ffa8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19880471

Change-Id: Ib213543c3f2a3c155a1b296eea0d223dcefa4374
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-09-08 02:16:19 +00:00
Jack Wu
c252f3ffa8 remove selinux avc error 
Bug: 238398889
Test: no avc denied in TreeHugger verified
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: Icf2a89462574e2f0eea29d0601e77728d67e6e0d
 2022-09-07 11:57:09 +08:00
Robb Glasser
272b649cee Give permissions to save usf stats and dump them in bugreports. am: feba667c23 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19672405

Change-Id: I3f77d4619266c84e36586697cb79c96334abb010
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-25 03:38:28 +00:00
Robb Glasser
feba667c23 Give permissions to save usf stats and dump them in bugreports. 
Creating a mechanism to save some USF stat history to device and pipe it
to bugreports. Granting permissions so that this can work.

Bug: 242320914
Test: Stats save and are visible in a bugreport.
Change-Id: Ie08fce80e79bd564ea58dab66ce8f0d9892d7020
 2022-08-25 02:47:58 +00:00
Jinting Lin
fbbcaeb8d2 Fix avc denied for vendor telephony debug app am: b69195ebe9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19600258

Change-Id: I26041b2e32da5bdf97c24deb1a70e1e1e594060d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-24 03:50:30 +00:00
Jinting Lin
b69195ebe9 Fix avc denied for vendor telephony debug app 
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 pid=8533 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0
avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { search } for name="com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="u:object_r:default_prop:s0" dev="tmpfs" ino=150 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
avc: denied { getattr } for path="/data/user/0/com.samsung.slsi.sysdebugmode" dev="dm-39" ino=7431 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0 tclass=dir permissive=0
avc: denied { read } for name="u:object_r:vendor_rild_prop:s0" dev="tmpfs" ino=344 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:vendor_rild_prop:s0 tclass=file permissive=0
avc: denied { write } for name="property_service" dev="tmpfs" ino=379 scontext=u:r:vendor_telephony_debug_app:s0:c232,c259,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Test: manual test

Bug: 241976048
Change-Id: I5aa49a8e243d212180c7da6f65da9021164fca44
 2022-08-24 01:54:34 +00:00
Roger Fang
f210a000be sepolicy: add permission for AMS rate of pixelstats-vend am: 74eb33d057 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19674281

Change-Id: Id9f6161c35be164ac61c5cb866a80eb3c883a77d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 21:12:53 +00:00
Roger Fang
74eb33d057 sepolicy: add permission for AMS rate of pixelstats-vend 
pixelstats-vend: type=1400 audit(0.0:618): avc: denied { read } for name="ams_rate_read_once" dev="sysfs" ino=100493 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:619): avc: denied { open } for path="/sys/devices/platform/audiometrics/ams_rate_read_once" dev="sysfs" ino=100493 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
pixelstats-vend: type=1400 audit(0.0:620): avc: denied { getattr } for path="/sys/devices/platform/audiometrics/ams_rate_read_once"

Bug: 239508478
Test: Manually test passed

Signed-off-by: Roger Fang <rogerfang@google.com>
Change-Id: I3e171b35ebdcf11b0da559361f382f1cf01b0f2f
 2022-08-23 19:56:37 +00:00
Weizhung Ding
4b26119d0e Add coredomain for hbmsvmanager am: 4e46081859 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19415495

Change-Id: Ie8966a5b2d077fc8901472721b8ad1deb7c6c0a0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-23 01:57:42 +00:00
Weizhung Ding
4e46081859 Add coredomain for hbmsvmanager 
Sync the coredomain from gs101

Bug: 239902607
Test: without denied log
Change-Id: I220ce6b2f67877637189fcfcc0f6b328c8be6eae
 2022-08-23 01:39:53 +00:00
Wei Wang
e9d5556ad2 Label GPU dvfs period setting am: b5fcd3b4db am: 4a56314a9c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I0378c43bb45f5a92b12ea16259fc59b91333619d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:34:12 +00:00
Wei Wang
33c574db0c Label GPU dvfs period setting am: b5fcd3b4db am: d28c59ec92 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I579136ad0c09962de6c067b832dfc729af1ff3a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:33:50 +00:00
Wei Wang
d28c59ec92 Label GPU dvfs period setting am: b5fcd3b4db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/19564662

Change-Id: I616aa04aa91a262e00dd0d611d486edccf463a29
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2022-08-10 23:03:28 +00:00