Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
257 commits 1 branch 0 tags 18 MiB
Commit graph

257 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jaegeuk Kim
0cf7210eb1 Allow mkfs/fsck for vendor partitons 
Change-Id: I425c56edf9b12f1b86994f58100ecc9a8e1b58b2
Signed-off-by: Jaegeuk Kim <jaegeuk@google.com>
 2023-01-12 09:42:16 -08:00
Suki Liu
8b58ce3b69 Merge "Update error on ROM 9481402" 2023-01-12 11:41:23 +00:00
TreeHugger Robot
7544c3c104 Merge "Wifi: Add sepolicy files for wifi_sniffer service" 2023-01-12 05:55:41 +00:00
kensun
fb69c41387 Wifi: Add sepolicy files for wifi_sniffer service 
Bug: 237465412
Test: Manual Test
Change-Id: I558b7f401c8d0da0f7f5b376165b42e1073a7900
 2023-01-12 05:47:03 +00:00
sukiliu
26aa4fa6e2 Update error on ROM 9481402 
Bug: 265220235
Test: SELinuxUncheckedDenialBootTest
Change-Id: I784b50120a7f4dd3c9ee8c0837f0ddfd8210da2a
 2023-01-12 10:47:54 +08:00
Xu Han
e8f6804674 Merge "Fix permission regarding camera HAL, raidoExt and rlsservice" 2023-01-11 23:06:17 +00:00
Hasini Gunasinghe
ab3f430aae Merge "[Port ag/20645453] Map Rust KeyMint to same SELinux policy as C++" 2023-01-10 19:52:48 +00:00
sukiliu
fdb950e96d Update error on ROM 9471410 
Bug: 264600171
Bug: 264972626
Bug: 264972745
Bug: 264972759
Test: scanBugreport
Change-Id: Ibe3bd94ce6c9c62bb6b2733cc025d0ccd9c478c5
 2023-01-10 16:12:05 +08:00
TreeHugger Robot
029f002a34 Merge "Allow dmabuf heap access to graphics allocator" 2023-01-10 01:52:35 +00:00
Hasini Gunasinghe
76c4f20434 [Port ag/20645453] Map Rust KeyMint to same SELinux policy as C++ 
Allow the Rust and C++ implementations of the KeyMint HAL service to be
toggled easily, by mapping them to the same SELinux policy.

Bug: 197891150
Bug: 225036046
Test: VtsAidlKeyMintTargetTest
Change-Id: Ic43985f32aaabb2560ef0b02573a1e587e24fc6a
 2023-01-10 01:19:17 +00:00
Ankit Goyal
344fb91207 Allow dmabuf heap access to graphics allocator 
There is no change in dmabuf heaps from pro, so these use the exact same
SEpolicy rules

Fix: 264489636
Test: Boots to home (with SELinux enforced)
Test: VtsHalGraphicsMapperV4_0TargetTest
Change-Id: I58ec8d9558fa76b805c0882cbbb20bfd08aead13
 2023-01-09 16:16:28 -08:00
George Lee
394b28b7b1 selinux: Enable lpf_power for sys_odpm 
Bug: 264929465
Test: Confirm selinux error no longer exist
Change-Id: Ibd7bfccac0d942507f3f1a9e2bf667ed1a54a9e6
Signed-off-by: George Lee <geolee@google.com>
 2023-01-09 14:54:57 -08:00
Suki Liu
67584383ca Merge "Update error on ROM 9467820" 2023-01-09 13:01:06 +00:00
Miller Liang
89bdcc93cc Merge "audio:fix AAudio API access denial" 2023-01-09 12:36:34 +00:00
millerliang
8889eb6496 audio:fix AAudio API access denial 
This commit adds the sepolicy file for AAudio API

I auditd  : type=1400 audit(0.0:113):
avc: denied { map } for comm="binder:900_7" path="/dev/snd/pcmC0D0p"
dev="tmpfs" ino=1191 scontext=u:r:audioserver:s0
tcontext=u:object_r:audio_device:s0 tclass=chr_file permissive=1

Bug: 264484544
Test: test_steal_exclusive -c0
Test: Check no avc_deny on audioserver
Change-Id: I9efde74c74722b1b32c1d800a4cbceea8a850bfa
 2023-01-09 14:55:32 +08:00
sukiliu
acd718f65a Update error on ROM 9467820 
Bug: 264831112
Test: SELinuxUncheckedDenialBootTest
Change-Id: I3f3ca17d3620cf3b1c6c21fc996143be25622b48
 2023-01-09 14:55:19 +08:00
Cheng Chang
67ff25f88c Merge "allow system_server binder call gpsd" 2023-01-09 06:04:41 +00:00
Neo Yu
c13eb657f9 Merge "Remove rild.te because all issues about rild are fixed." 2023-01-09 03:57:40 +00:00
KRIS CHEN
3d15476ae0 Merge "Remove tracking_denials/hal_fingerprint_default.te" 2023-01-09 03:20:16 +00:00
Kris Chen
9be7a3368a Remove tracking_denials/hal_fingerprint_default.te 
Bug: 264489559
Test: test fingerprint under enforcing mode
Change-Id: Ifd8637cba54264a1906e444b25d735c81f7037f0
 2023-01-09 03:19:57 +00:00
Cheng Chang
e83f8dcee8 allow system_server binder call gpsd 
01-05 17:56:17.416 hidl_ssvc_poll: type=1400 audit(0.0:467): avc: denied { call } for scontext=u:r:system_server:s0 tcontext=u:r:gpsd:s0 tclass=binder permissive=1

Bug: 264508279
Test: flash test build and check avc denied logs are goned
Change-Id: I6f3f27de7466cb594c192cd8339009ca6633ec6d
 2023-01-09 03:19:43 +00:00
neoyu
f2ed76a124 Remove rild.te because all issues about rild are fixed. 
Bug: 264490075
Test: build pass
Change-Id: I37e6caedb9903faa1f1f974d596753223fde0f5f
 2023-01-09 10:54:14 +08:00
Aaron Tsai
6d11fe20d0 Merge "Fix avc denied for rild" 2023-01-09 02:21:17 +00:00
TreeHugger Robot
09ba144bc6 Merge "sepolicy: remove tracking denials for hal_power_stats" 2023-01-09 01:58:14 +00:00
Aaron Tsai
93dd7a2935 Fix avc denied for rild 
original log: [  158.669951] type=1400 audit(1671200951.308:888): avc: denied { write } for comm="dumpstate" path="pipe:[227853]" dev="pipefs" ino=227853 scontext=u:r:rild:s0 tcontext=u:r:dumpstate:s0 tclass=fifo_file permissive=1
original log: [  174.593792] type=1400 audit(1671063328.232:1003): avc: denied { use } for comm="dumpstate" path="pipe:[235312]" dev="pipefs" ino=235312 scontext=u:r:rild:s0 tcontext=u:r:dumpstate:s0 tclass=fd permissive=1

Bug: 263049190
Bug: 262633094
Test: manual test and check log
Change-Id: I56b26c8dc820e00ef659844cceff45edded4d677
 2023-01-07 14:05:10 +00:00
TreeHugger Robot
f4841acd83 Merge "Wifi: Add sepolicy files for hal_wifi_ext service" 2023-01-07 07:38:08 +00:00
Darren Hsu
8eed3af1eb sepolicy: remove tracking denials for hal_power_stats 
Bug: 264489189
Test: Captured bugreport and make sure there is no any avc denails
Test: related to hal_power_stats
Change-Id: Id83022ebaca5a507873bee57363a54baf4a27310
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-01-07 15:04:35 +08:00
Randall Huang
a3c890ba1e Merge "sepolicy: remove vold tracking_denials." 2023-01-07 03:07:09 +00:00
Xu Han
b8ab0fed91 Fix permission regarding camera HAL, raidoExt and rlsservice 
Bug: 264483024
Bug: 264489641
Bug: 263185565
Test: selinux log
Change-Id: Ieb174aef18c218efdcb357245c7d5ac4953a949c
 2023-01-06 11:56:55 -08:00
Xu Han
ffdcbabbab Merge "Allow camera HAL to call radioExt HAL for desense" 2023-01-06 17:31:02 +00:00
Suki Liu
8f3cb77d1c Merge "Update error on ROM 9460470" 2023-01-06 08:31:23 +00:00
kensun
0f5b5efdd1 Wifi: Add sepolicy files for hal_wifi_ext service 
This commit adds the sepolicy related files for hal_wifi_ext service.

[   27.714476] type=1400 audit(1670979557.360:29): avc: denied { call } for comm="binder:942_1" scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c215,c256,c512,c768 tclass=binder permissive=1
12-14 08:59:17.360   942   942 I binder:942_1: type=1400 audit(0.0:29): avc: denied { call } for scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c215,c256,c512,c768 tclass=binder permissive=1

Bug: 262455388
Test: Check no avc_deny on hal_wifi_ext
Change-Id: Ibc48225845b0cd10bbe88527449016daa9ef9eff
 2023-01-06 08:06:57 +00:00
Randall Huang
55133b1c0c sepolicy: remove vold tracking_denials. 
Move platform-specific vold rule to common folder.

Bug: 264483567
Bug: 264483569
Bug: 264489799
Test: run atest
Change-Id: Idad799d9f536ca18a0c3b5e7eb9d0bc182015e64
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-01-06 14:04:21 +08:00
sukiliu
18257ad81e Update error on ROM 9460470 
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264606212
Bug: 264600084
Bug: 264483754
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4a281b360783032132179fd9f9b314d0a65d233a
 2023-01-06 10:46:28 +08:00
Adam Shih
9fbe949e7c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264600052
Bug: 264600084
Bug: 264483754
Test: scanBugreport
Bug: 264600171
Bug: 264600086
Bug: 264600053
Bug: 264599934
Change-Id: Idd111c69fbcebadf941f2a7cb6e0af7c8e24711d
 2023-01-06 09:32:22 +08:00
Xu Han
525acba924 Allow camera HAL to call radioExt HAL for desense 
Bug: 264204392
Test: selinux log
Change-Id: Iee7f45a649444cc6c95b8094f001645e85eb83ba
 2023-01-05 18:54:59 +00:00
Adam Shih
16452851f3 dispatch domains to owner via bugs 
Bug: 264484544
Bug: 264489606
Bug: 264489743
Bug: 264489675
Bug: 264489633
Bug: 264489777
Bug: 264489520
Bug: 264489270
Bug: 264489387
Bug: 264489745
Bug: 264489957
Bug: 264489521
Bug: 264490031
Bug: 264489388
Bug: 264489608
Bug: 264489609
Bug: 264489778
Bug: 264489634
Bug: 264489794
Bug: 264489795
Bug: 264489559
Bug: 264489636
Bug: 264489746
Bug: 264490032
Bug: 264489188
Bug: 264489676
Bug: 264489779
Bug: 264489189
Bug: 264489677
Bug: 264489780
Bug: 264489637
Bug: 264490033
Bug: 264489390
Bug: 264489561
Bug: 264489750
Bug: 264489190
Bug: 264490051
Bug: 264489958
Bug: 264489610
Bug: 264489562
Bug: 264489797
Bug: 264489781
Bug: 264490034
Bug: 264489678
Bug: 264490091
Bug: 264490035
Bug: 264490011
Bug: 264490052
Bug: 264489639
Bug: 264489961
Bug: 264490072
Bug: 264490012
Bug: 264489523
Bug: 264489679
Bug: 264490053
Bug: 264489564
Bug: 264489783
Bug: 264490036
Bug: 264490074
Bug: 264490054
Bug: 264489565
Bug: 264490092
Bug: 264490075
Bug: 264489641
Bug: 264490093
Bug: 264489962
Bug: 264489784
Bug: 264489567
Bug: 264490076
Bug: 264489786
Bug: 264490014
Bug: 264489524
Bug: 264490055
Bug: 264489569
Bug: 264489526
Bug: 264489642
Bug: 264489681
Bug: 264489963
Bug: 264489787
Bug: 264490095
Bug: 264489799
Bug: 264490077
Test: boot to home in enforcing mode
Change-Id: I784ee1653800119308c22c85652764a99ca076e4
 2023-01-05 13:15:51 +08:00
Adam Shih
c858342332 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 264483752
Bug: 264483024
Bug: 264483531
Bug: 264483532
Bug: 264483567
Bug: 264483670
Bug: 264483151
Bug: 264483152
Bug: 264483352
Bug: 264483568
Bug: 264483753
Bug: 264482981
Bug: 264483754
Bug: 264483456
Bug: 264483787
Test: scanBugreport
Bug: 264483390
Bug: 264482983
Bug: 264483355
Bug: 264483356
Bug: 264483533
Bug: 264483319
Bug: 264483569
Test: scanAvcDeniedLogRightAfterReboot
Bug: 264321380
Bug: 264483357
Change-Id: I39f2a98bbbc8e416b86dd06cc99984acbab97baa
 2023-01-05 11:04:42 +08:00
TreeHugger Robot
10a6384587 Merge "label GPU as same_process_hal" 2023-01-04 06:21:24 +00:00
TreeHugger Robot
e9a315b81a Merge "set necessary domains to permissive" 2023-01-04 05:06:08 +00:00
Adam Shih
92f2edf487 label GPU as same_process_hal 
Bug: 261933250
Bug: 261933249
Bug: 261933226
Bug: 261933097
Bug: 261933428
Bug: 261933227
Bug: 260768740
Bug: 260922185
Test: boot to home under enforcing mode
Change-Id: Ied95ce0c1f851785e0848f7af788969f27e45101
 2023-01-04 12:10:27 +08:00
Adam Shih
97748d82a9 set necessary domains to permissive 
Bug: 254378739
Test: enforce and boot to home
Change-Id: I1dc8f400971e0926dbb2c5c0ac6f0ef99250e067
 2023-01-04 11:57:28 +08:00
Adam Shih
00b1421a56 Update error on ROM 9451592 
Bug: 264321380
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ibdf5acaa5898a728aac202902a1577d05f7d1f25
 2023-01-04 10:23:28 +08:00
TreeHugger Robot
bd992ad2b4 Merge "Sepolicy: Pixelstats: Battery history sepolicy" 2023-01-04 02:19:54 +00:00
TreeHugger Robot
af402f7187 Merge "Update error on ROM 9449178" 2023-01-03 03:06:21 +00:00
TreeHugger Robot
9bb06f3d46 Merge "modem_svc_sit: Grant permission to read vendor_fw_file" 2023-01-03 02:50:17 +00:00
Adam Shih
ef8da88fdc Update error on ROM 9449178 
Bug: 264204392
Bug: 264204525
Bug: 264204023
Bug: 264204215
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ice60ef7f25f549a990e3c6f006ed528b0b0beedf
 2023-01-03 10:03:13 +08:00
Wasb Liu
cefb0a621f hal_health_default: updated sepolicy 
Add necessary sepolicy.

Bug: 260366438
Bug: 261933135
Bug: 262178574
Bug: 262794970
Test: no avc denied for hal_health_default
Change-Id: I47043f64931c191063a0b3d5807ef814fa8b787f
Signed-off-by: Wasb Liu <wasbliu@google.com>
 2022-12-29 09:47:23 +00:00
Darren Hsu
3ea4ff4944 sepolicy: Allow hal_power_stats to access required sysfs 
Bug: 260366519
Bug: 260768935
Bug: 260922184
Bug: 261105152
Bug: 261363958
Bug: 261519183
Bug: 261651283
Bug: 261783107
Test: Captured bugreport and make sure there is no any avc denails
Test: related to hal_power_stats
Change-Id: Ic214dc1d8ea920b1bb8f700cd8b75918af3ab046
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-12-29 14:33:17 +08:00
Kris Chen
4963317cad zuma: fingerprint: fix SELinux denails 
Bug: 261105164
Test: boot with no relevant error on p23 device
Change-Id: I8d897693685591a042c5febfeca0121375749b8e
 2022-12-23 17:43:50 +08:00