Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1031 commits 1 branch 0 tags 18 MiB
Commit graph

1031 commits

This branch
This branch
All branches
Author SHA1 Message Date
Kris Chen
0ea531896c Allow fingerprint hal to read sysfs_leds 
Fix the following avc denials:
avc: denied { search } for name="backlight" dev="sysfs" ino=79316
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=dir permissive=1

avc: denied { read } for name="state" dev="sysfs" ino=79365
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=file permissive=1

Bug: 271072126
Test: Authenticate fingerprint.
Change-Id: Ibefbcefc005ab2cec7c417f197fd134b154ed9a1
 2023-03-21 12:18:59 +00:00
JimiChen
ee1df407be change device type for /dev/stmvl53l1_ranging 
It was a rls_device. Move to lwis_device now.

Bug: 274552433
Test: launch GCA
Change-Id: Id920583cc06b09063de85b160c12a5c3a5468c11
 2023-03-21 20:00:00 +08:00
Nicole Lee
aa4b374120 Move logger_app dontaudit items out of tracking_denials 
Bug: 269383459
Test: Open Pixel Logger and check logs
Change-Id: Id5b89a7eeaa5b06539113d4c86c64d6022080949
 2023-03-21 10:11:58 +00:00
TreeHugger Robot
d5ac6d9962 Merge "Allow regmap debugfs permission" into udc-d1-dev am: 504b4cc2eb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133445

Change-Id: I483874eb28c4db9377ce3d7b616262d81d4e70ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 08:27:11 +00:00
Donnie Pollitz
b21ac1be87 Merge "Removing audit for system_suspend tee" into udc-d1-dev am: 4ce51ebfba 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22160088

Change-Id: Icf7daf3980b75f38676632d2dad62b7c4390c27c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 08:26:45 +00:00
TreeHugger Robot
504b4cc2eb Merge "Allow regmap debugfs permission" into udc-d1-dev 2023-03-21 08:00:49 +00:00
Donnie Pollitz
4ce51ebfba Merge "Removing audit for system_suspend tee" into udc-d1-dev 2023-03-21 07:55:13 +00:00
Robert Lee
78603ddb7e Allow regmap debugfs permission 
auditd  : type=1400 audit(0.0:7): avc: denied { search } for comm="kworker/u18:1" name="regmap" dev="debugfs" ino=1049 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_regmap_debugfs:s0 tclass=dir permissive=0

Bug: 273891639
Test: builds
Change-Id: I9700d34e4d8a9d96d904fe5119a8bf4601bf8ea6
Signed-off-by: Robert Lee <lerobert@google.com>
 2023-03-21 14:17:00 +08:00
TreeHugger Robot
2ecbb84226 Merge "Allow systemui find radio_service" into udc-d1-dev am: 7ca4d7ceb7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22161791

Change-Id: I281b02bfe57536093f3fd1821ad6b2d31e2a7ba0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 03:35:10 +00:00
TreeHugger Robot
7ca4d7ceb7 Merge "Allow systemui find radio_service" into udc-d1-dev 2023-03-21 03:19:59 +00:00
Chung-Kai (Michael) Mei
d39247b7cc [automerger skipped] Merge "genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE]" into udc-d1-dev am: 4766cf456b -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133469

Change-Id: Iccf548638503bd9883d5bfe3c83587b77caf2792
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 03:18:41 +00:00
Chungkai Mei
d3d6dc3c17 [automerger skipped] genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE] am: 5bedd6391a -s ours 
am skip reason: subject contains skip directive

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133469

Change-Id: I949c40074671b51f5cbc2f6806fce7dbca93a77a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 03:18:38 +00:00
Chung-Kai (Michael) Mei
4766cf456b Merge "genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE]" into udc-d1-dev 2023-03-21 02:31:55 +00:00
Darren Hsu
ba74fadb54 dumpstate: Suppress avc denial for power stats am: 0198a5224a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22119720

Change-Id: Ic216d075f84190d5d2c66cd2c7e46efc65d40989
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-21 02:20:37 +00:00
Wilson Sung
aa45dde84e Allow systemui find radio_service 
avc:  denied  { find } for pid=1810 uid=10231 name=phone scontext=u:r:systemui_app:s0:c231,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=0

Bug: 272628174
Bug: 272628396
Bug: 273674238
Test: boot-to-home and sim icon showed up
Change-Id: Ia7f84f53f131d868d356fd6d358188748c723757
 2023-03-21 02:13:46 +00:00
Chungkai Mei
5bedd6391a genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE] 
correct path for i2c devices

Test: without avc denial when booting
Bug: 240641235
Change-Id: Iabb7bdac51c2877a9b254bb287361c58f16a353f
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-03-21 01:17:40 +00:00
Donnie Pollitz
8034369bdd Removing audit for system_suspend tee 
Background:
* wakelock_use(tee) was added in previous CL: http://go/ag/21082565

Bug: 263305203
Test: Ran SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I6e8a6796ef5a7156b89ba89c74430f368727e2b8
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-20 11:26:10 +01:00
TreeHugger Robot
353d475c50 Merge "Update SELinux error" into udc-d1-dev am: d5ec3f993f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22155391

Change-Id: I9799ad1d8ffecc7d945b8c55455d3287191a7ef3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 07:15:41 +00:00
Darren Hsu
0198a5224a dumpstate: Suppress avc denial for power stats 
Bug: 273639264
Test: presubmit test
Change-Id: I0b1d8b7516dc9bdfae6b8bca644b6ab52b971615
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-20 15:09:41 +08:00
TreeHugger Robot
d5ec3f993f Merge "Update SELinux error" into udc-d1-dev 2023-03-20 06:34:25 +00:00
TreeHugger Robot
120feae613 Merge "Remove insmod obsolete denials" into udc-d1-dev am: 155e0a8f36 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22155392

Change-Id: I6d427fc6d2fee9ff76ecb1f20e43bb87268022ee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 06:01:36 +00:00
TreeHugger Robot
155e0a8f36 Merge "Remove insmod obsolete denials" into udc-d1-dev 2023-03-20 05:25:02 +00:00
Welly Hsu
3e9dfc011a Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e am: 7884ddda0b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: I7904d64315b40ac30fa087ceff97efeeb3840153
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 05:05:12 +00:00
Welly Hsu
7d03b1841e Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e am: a8df97fe32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: I6992f0c4bb70f9e3044fa80f8aed487fcfc1ae89
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 05:03:13 +00:00
Welly Hsu
a8df97fe32 Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: I1e3fdf46b8d29354b2b231457edd9b2e90126474
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 04:30:27 +00:00
Welly Hsu
7884ddda0b Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: Ief757562cd3634388481d299e822229455476788
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 04:30:24 +00:00
Wilson Sung
f19431da02 Remove insmod obsolete denials 
Fix: 260522378
Fix: 272166723
Change-Id: I70956498f66643d0abc2496d3bdcd140e7ab8f7e
 2023-03-20 12:07:21 +08:00
Wilson Sung
2eed10acc4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 274374768
Bug: 274374722
Test: scanBugreport
Bug: 274374769
Bug: 274374768
Bug: 274374992
Bug: 274374722
Bug: 268566481
Bug: 273639264
Test: scanAvcDeniedLogRightAfterReboot
Bug: 274374768
Bug: 274374722
Bug: 268566481
Change-Id: I4ebac8c48937557b8d8544ecfe4da3ac71ecf64e
 2023-03-20 12:05:59 +08:00
Welly Hsu
97b397fc5e Move euiccpixel_app dontaudit items out of tracking_denials 
bug: 265286368
bug: 269218505
Change-Id: I7dec7ad23ee48cf719d6e7442e60ddcc13c02a8f
 2023-03-20 10:13:05 +08:00
TreeHugger Robot
164cd42a0d Merge "[SELinux] remove hal_uwb_default tracking denials" into udc-d1-dev am: 14c05d48e9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22101146

Change-Id: Ic21ef826ea07b4341a6f0a3cc984bbade54ec0cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 02:08:46 +00:00
TreeHugger Robot
14c05d48e9 Merge "[SELinux] remove hal_uwb_default tracking denials" into udc-d1-dev 2023-03-20 01:41:49 +00:00
Mahesh Kallelil
4127a32c5f Merge "Update selinux-policy for ModemService." into udc-d1-dev am: 6636bd227b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22113396

Change-Id: Icab142ac5838ec1a7024125e695a207b464dcfc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 23:12:13 +00:00
Mahesh Kallelil
6636bd227b Merge "Update selinux-policy for ModemService." into udc-d1-dev 2023-03-16 22:43:34 +00:00
Jayachandran C
6e45deae41 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b am: a7ec5ac379 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I3da5debafb7cfd31122b639cb234b0798eab595e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 21:23:44 +00:00
Jayachandran C
db9264e266 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b am: f99fed1f87 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: Ia54b94c99a1124dcd782a79f30eacbb31beca35a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 21:17:16 +00:00
Jayachandran C
a7ec5ac379 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I676634d568c0de4a029dc4609ceda2c38f56fce9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:20:07 +00:00
Jayachandran C
f99fed1f87 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I6b1ef7b352b69b4988ac6a6d29f8918b5fb3ed84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:19:53 +00:00
Jayachandran C
3cda1dd51b Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev 2023-03-16 19:51:49 +00:00
Donnie Pollitz
8ab28ee02f Merge "Remove hal_bootctl_default audits" into udc-d1-dev am: e8682690b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21804341

Change-Id: I725ac9f6fe40d4997738dfead624d1cc24753225
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 12:27:16 +00:00
TreeHugger Robot
eccb7ad20b Merge "allow vendor init to set vendor_camera_prop" into udc-d1-dev am: 1605d7979d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22113945

Change-Id: Ibdab8601f0d98e2b11640b5434ff49c87953d05b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 12:26:53 +00:00
Donnie Pollitz
e8682690b2 Merge "Remove hal_bootctl_default audits" into udc-d1-dev 2023-03-16 12:03:04 +00:00
TreeHugger Robot
1605d7979d Merge "allow vendor init to set vendor_camera_prop" into udc-d1-dev 2023-03-16 11:57:14 +00:00
Rex Lin
a41dd62c1b [SELinux] remove hal_uwb_default tracking denials 
Bug: 267260951
Bug: 264489750
Bug: 273639365
Test: http://ab/I19700010140844408
Change-Id: Ife918a080a4b0c716a46c78730965b5d7eb3f757
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-03-16 14:51:12 +08:00
Mahesh Kallelil
df7ece2441 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I8361e53f4e6aa82e6dc78e94af71ee26c06fb2f5
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:35:51 +00:00
Speth Chang
3add5fbcec allow vendor init to set vendor_camera_prop 
03-16 10:29:21.324     1     1 W /system/bin/init:
type=1107 audit(0.0:5): uid=0 auid=4294967295 ses=4294967295
subj=u:r:init:s0 msg='avc: denied { set } for
property=vendor.camera.multicam.enable_p23_multicam pid=1
uid=0 gid=0 scontext=u:r:vendor_init:s0
tcontext=u:object_r:vendor_camera_prop:s0
tclass=property_service permissive=0' bug=b/267714573

Bug: 273854225
Test: check log, GCA
Change-Id: I1c5fdff3b9978c494be9f513e1770f26804ca132
 2023-03-16 13:18:17 +08:00
Ken Yang
8c52169f18 Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 am: 3ffebb1ce8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: I6692234b169c305dd548e557fa3d67b4d17f5304
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 04:28:57 +00:00
Ken Yang
83b44caa1c Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 am: 7c2b9b482e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: I48a36edef89a45b5ac50d209b38784cdc381da77
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 04:08:38 +00:00
Ken Yang
7c2b9b482e Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: If63f0cc156d98db3ec2eb5ca4749a60e0b76a32c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:54:38 +00:00
Ken Yang
3ffebb1ce8 Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: Ibfc2d7bcfc8fb713f2f73f8f181e010bf706f3c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:54:20 +00:00
Wilson Sung
f22692cf2f Merge "Remove obsolete denials" into udc-d1-dev am: 1efd7ed479 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098963

Change-Id: I5ef264e899c434a9d6d39f70af1854cec7c1accc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:51:17 +00:00