Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
904 commits 1 branch 0 tags 18 MiB
Commit graph

904 commits

This branch
This branch
All branches
Author SHA1 Message Date
Miranda Kephart
8cc50336c8 Fix screenshot shutter sound on P23 devices 
SystemUI didn't have permission to access media server or the audio
server. Looks like both are required (and sufficient).

Bug: 273688513
Bug: 272628174
Fix: 273688513
Test: manual; take a screenshot with ringer on and verify it
makes a sound

Change-Id: Ibbe54db8cbf78ed199cb329804221709a2822242
 2023-03-22 18:40:47 +00:00
Welly Hsu
e0adad9eb0 Remove euiccpixel_app dontaudit from gmscore_app am: a133586e4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188469

Change-Id: I48f0e1eb633c44a4c6445c6423d10e500be6f6c7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 14:41:23 +00:00
Mark Chang
9e2ce3d5c0 Add IScreenProtectorDetectorService policy for systemui_app. 
Bug: 260302317
Test: system ui app successfully started.
Change-Id: Ibbeab03e738fbbd4103bb5bf4e9f6bbd2998cd29
Signed-off-by: Mark Chang <changmark@google.com>
 2023-03-22 11:53:18 +00:00
Wilson Sung
6bf3029916 Enforce systesm_app 
Fix: 260768379
Fix: 260922048
Fix: 264490076
Test: boot-to-home, no related avc error
Change-Id: If9ead09340f5d810ec549f4c83015f3301f1113c
 2023-03-22 16:01:09 +08:00
Wilson Sung
a1739828f2 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 274727372
Bug: 274727542
Test: scanBugreport
Bug: 274727542
Bug: 268566481
Test: scanAvcDeniedLogRightAfterReboot
Bug: 274727542
Bug: 268566481
Change-Id: Ie846f2f7146e52c4e094d9fd7cfa1fa68e3e21df
 2023-03-22 15:38:52 +08:00
Wilson Sung
503ae703df Enforce bootdevice_sysdev 
Fix: 264489743
Test: boot-to-home and no avc errors
Change-Id: I14648c8d7b1b334c3d02971ffbf20b1f9b5a9354
 2023-03-22 15:35:45 +08:00
TreeHugger Robot
a112b65748 Merge "[SELinux] remove uwb remaining tracking denials" into udc-d1-dev 2023-03-22 05:30:57 +00:00
Welly Hsu
a133586e4e Remove euiccpixel_app dontaudit from gmscore_app 
bug: 265383359
Change-Id: I6ee7d37187725408e0f443a40affe4c4e50dac91
 2023-03-22 13:27:32 +08:00
Adam Shih
ee45cfea78 Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
 2023-03-22 05:06:27 +00:00
Rex Lin
e95656d6fc [SELinux] remove uwb remaining tracking denials 
- hal_uwb_vendor_default
- uwb_vendor_app

Bug: 264489190
Bug: 264489787
Test: remove denials and no avc lob observed and ranging works
Change-Id: I5fd7f5b6bed8f819b2d5812c882ac596f1f1871b
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-03-22 11:07:51 +08:00
TreeHugger Robot
03d439f0e1 Merge "change device type for /dev/stmvl53l1_ranging" into udc-d1-dev 2023-03-22 02:36:37 +00:00
Nicole Lee
f23893994b Move logger_app dontaudit items out of tracking_denials am: aa4b374120 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22173747

Change-Id: If3e54f3595eac5942175b29250ca6888471876ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 00:17:23 +00:00
Wilson Sung
e85dc12d69 Enforce untrusted_app 
Fix: 264489681
Test: boot-to-home and no untrusted_app avc error
Change-Id: Ic7a0fac4893265b4abde55d0a65372419fc09392
 2023-03-22 01:38:31 +08:00
Joerg Wagner
6351914802 Merge "Update Mali DDK to r40 : Additional SELinux settings" into udc-d1-dev 2023-03-21 14:36:16 +00:00
Kris Chen
0ea531896c Allow fingerprint hal to read sysfs_leds 
Fix the following avc denials:
avc: denied { search } for name="backlight" dev="sysfs" ino=79316
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=dir permissive=1

avc: denied { read } for name="state" dev="sysfs" ino=79365
scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_leds:s0
tclass=file permissive=1

Bug: 271072126
Test: Authenticate fingerprint.
Change-Id: Ibefbcefc005ab2cec7c417f197fd134b154ed9a1
 2023-03-21 12:18:59 +00:00
JimiChen
ee1df407be change device type for /dev/stmvl53l1_ranging 
It was a rls_device. Move to lwis_device now.

Bug: 274552433
Test: launch GCA
Change-Id: Id920583cc06b09063de85b160c12a5c3a5468c11
 2023-03-21 20:00:00 +08:00
Nicole Lee
aa4b374120 Move logger_app dontaudit items out of tracking_denials 
Bug: 269383459
Test: Open Pixel Logger and check logs
Change-Id: Id5b89a7eeaa5b06539113d4c86c64d6022080949
 2023-03-21 10:11:58 +00:00
TreeHugger Robot
504b4cc2eb Merge "Allow regmap debugfs permission" into udc-d1-dev 2023-03-21 08:00:49 +00:00
Donnie Pollitz
4ce51ebfba Merge "Removing audit for system_suspend tee" into udc-d1-dev 2023-03-21 07:55:13 +00:00
Robert Lee
78603ddb7e Allow regmap debugfs permission 
auditd  : type=1400 audit(0.0:7): avc: denied { search } for comm="kworker/u18:1" name="regmap" dev="debugfs" ino=1049 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_regmap_debugfs:s0 tclass=dir permissive=0

Bug: 273891639
Test: builds
Change-Id: I9700d34e4d8a9d96d904fe5119a8bf4601bf8ea6
Signed-off-by: Robert Lee <lerobert@google.com>
 2023-03-21 14:17:00 +08:00
TreeHugger Robot
7ca4d7ceb7 Merge "Allow systemui find radio_service" into udc-d1-dev 2023-03-21 03:19:59 +00:00
Chung-Kai (Michael) Mei
4766cf456b Merge "genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE]" into udc-d1-dev 2023-03-21 02:31:55 +00:00
Wilson Sung
aa45dde84e Allow systemui find radio_service 
avc:  denied  { find } for pid=1810 uid=10231 name=phone scontext=u:r:systemui_app:s0:c231,c256,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=0

Bug: 272628174
Bug: 272628396
Bug: 273674238
Test: boot-to-home and sim icon showed up
Change-Id: Ia7f84f53f131d868d356fd6d358188748c723757
 2023-03-21 02:13:46 +00:00
Chungkai Mei
5bedd6391a genfs_contexts: fix path for i2c peripheral device [DO NOT MERGE] 
correct path for i2c devices

Test: without avc denial when booting
Bug: 240641235
Change-Id: Iabb7bdac51c2877a9b254bb287361c58f16a353f
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-03-21 01:17:40 +00:00
Donnie Pollitz
8034369bdd Removing audit for system_suspend tee 
Background:
* wakelock_use(tee) was added in previous CL: http://go/ag/21082565

Bug: 263305203
Test: Ran SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I6e8a6796ef5a7156b89ba89c74430f368727e2b8
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-20 11:26:10 +01:00
Darren Hsu
0198a5224a dumpstate: Suppress avc denial for power stats 
Bug: 273639264
Test: presubmit test
Change-Id: I0b1d8b7516dc9bdfae6b8bca644b6ab52b971615
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-20 15:09:41 +08:00
TreeHugger Robot
d5ec3f993f Merge "Update SELinux error" into udc-d1-dev 2023-03-20 06:34:25 +00:00
TreeHugger Robot
155e0a8f36 Merge "Remove insmod obsolete denials" into udc-d1-dev 2023-03-20 05:25:02 +00:00
Welly Hsu
a8df97fe32 Move euiccpixel_app dontaudit items out of tracking_denials am: 97b397fc5e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22133463

Change-Id: I1e3fdf46b8d29354b2b231457edd9b2e90126474
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-20 04:30:27 +00:00
Wilson Sung
f19431da02 Remove insmod obsolete denials 
Fix: 260522378
Fix: 272166723
Change-Id: I70956498f66643d0abc2496d3bdcd140e7ab8f7e
 2023-03-20 12:07:21 +08:00
Wilson Sung
2eed10acc4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 274374768
Bug: 274374722
Test: scanBugreport
Bug: 274374769
Bug: 274374768
Bug: 274374992
Bug: 274374722
Bug: 268566481
Bug: 273639264
Test: scanAvcDeniedLogRightAfterReboot
Bug: 274374768
Bug: 274374722
Bug: 268566481
Change-Id: I4ebac8c48937557b8d8544ecfe4da3ac71ecf64e
 2023-03-20 12:05:59 +08:00
Welly Hsu
97b397fc5e Move euiccpixel_app dontaudit items out of tracking_denials 
bug: 265286368
bug: 269218505
Change-Id: I7dec7ad23ee48cf719d6e7442e60ddcc13c02a8f
 2023-03-20 10:13:05 +08:00
TreeHugger Robot
14c05d48e9 Merge "[SELinux] remove hal_uwb_default tracking denials" into udc-d1-dev 2023-03-20 01:41:49 +00:00
Mahesh Kallelil
6636bd227b Merge "Update selinux-policy for ModemService." into udc-d1-dev 2023-03-16 22:43:34 +00:00
Jayachandran C
a7ec5ac379 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I676634d568c0de4a029dc4609ceda2c38f56fce9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:20:07 +00:00
Jayachandran C
3cda1dd51b Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev 2023-03-16 19:51:49 +00:00
Donnie Pollitz
e8682690b2 Merge "Remove hal_bootctl_default audits" into udc-d1-dev 2023-03-16 12:03:04 +00:00
TreeHugger Robot
1605d7979d Merge "allow vendor init to set vendor_camera_prop" into udc-d1-dev 2023-03-16 11:57:14 +00:00
Rex Lin
a41dd62c1b [SELinux] remove hal_uwb_default tracking denials 
Bug: 267260951
Bug: 264489750
Bug: 273639365
Test: http://ab/I19700010140844408
Change-Id: Ife918a080a4b0c716a46c78730965b5d7eb3f757
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-03-16 14:51:12 +08:00
Mahesh Kallelil
df7ece2441 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I8361e53f4e6aa82e6dc78e94af71ee26c06fb2f5
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:35:51 +00:00
Speth Chang
3add5fbcec allow vendor init to set vendor_camera_prop 
03-16 10:29:21.324     1     1 W /system/bin/init:
type=1107 audit(0.0:5): uid=0 auid=4294967295 ses=4294967295
subj=u:r:init:s0 msg='avc: denied { set } for
property=vendor.camera.multicam.enable_p23_multicam pid=1
uid=0 gid=0 scontext=u:r:vendor_init:s0
tcontext=u:object_r:vendor_camera_prop:s0
tclass=property_service permissive=0' bug=b/267714573

Bug: 273854225
Test: check log, GCA
Change-Id: I1c5fdff3b9978c494be9f513e1770f26804ca132
 2023-03-16 13:18:17 +08:00
Ken Yang
7c2b9b482e Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: If63f0cc156d98db3ec2eb5ca4749a60e0b76a32c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:54:38 +00:00
Wilson Sung
1efd7ed479 Merge "Remove obsolete denials" into udc-d1-dev 2023-03-16 03:25:49 +00:00
Wilson Sung
7eaf780e42 Remove obsolete denials 
Bug: 261933310
Test: take the bugreport and no incidentd avc error
Change-Id: I84274ed4c3b8c3d373a353f879cd7001b26c1703
 2023-03-16 03:25:22 +00:00
Ken Yang
d9d0c0e471 Merge "SELinux: Remove charger_vendor.te" into udc-dev 2023-03-16 03:11:31 +00:00
TreeHugger Robot
320064782b Merge changes I7b641636,Iecbf6ff7 into udc-d1-dev 
* changes:
  usb: remove bug number in bug_map
  usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission
 2023-03-16 03:07:04 +00:00
Kris Chen
b8419230f2 enforce trusty_apploader am: b2f238ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I8f4e7f64b44b4c98a3ba8f75cd254f87548325da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:41:47 +00:00
Kris Chen
b2f238ff01 enforce trusty_apploader 
Bug: 264489569
Test: Boot
Change-Id: I75f73d76f535a5755a164725c606872561461487
 2023-03-16 02:06:43 +00:00
Neo Yu
c3675e5a3d Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: Ib4ef07b70d69f11f1389da85176d10d791ef5929
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:55 +00:00
Tom Huang
a926b7b0f0 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: Id18125fdfeff9c271c7b0f9a67463b4da103367f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:39 +00:00