Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1132 commits 1 branch 0 tags 18 MiB
Commit graph

1132 commits

This branch
This branch
All branches
Author SHA1 Message Date
Wilson Sung
f22692cf2f Merge "Remove obsolete denials" into udc-d1-dev am: 1efd7ed479 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098963

Change-Id: I5ef264e899c434a9d6d39f70af1854cec7c1accc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:51:17 +00:00
Wilson Sung
1efd7ed479 Merge "Remove obsolete denials" into udc-d1-dev 2023-03-16 03:25:49 +00:00
Wilson Sung
7eaf780e42 Remove obsolete denials 
Bug: 261933310
Test: take the bugreport and no incidentd avc error
Change-Id: I84274ed4c3b8c3d373a353f879cd7001b26c1703
 2023-03-16 03:25:22 +00:00
TreeHugger Robot
18acd8cd02 Merge changes I7b641636,Iecbf6ff7 into udc-d1-dev am: 320064782b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085771

Change-Id: I211dc0a0b0fcd8031d68d833b751cbad21eef8b1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:52 +00:00
Kris Chen
8f286ce919 enforce trusty_apploader am: b2f238ff01 am: 94dbd3352f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I2592d49f2fa61270225dccef2033c0528716986d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:43 +00:00
Kris Chen
0c4c497f9e enforce trusty_apploader am: b2f238ff01 am: b8419230f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: Icb5a11c030f0d9ca2b4edfd37c902618f5819f57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:14 +00:00
Ken Yang
d9d0c0e471 Merge "SELinux: Remove charger_vendor.te" into udc-dev 2023-03-16 03:11:31 +00:00
TreeHugger Robot
320064782b Merge changes I7b641636,Iecbf6ff7 into udc-d1-dev 
* changes:
  usb: remove bug number in bug_map
  usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission
 2023-03-16 03:07:04 +00:00
Kris Chen
b8419230f2 enforce trusty_apploader am: b2f238ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I8f4e7f64b44b4c98a3ba8f75cd254f87548325da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:41:47 +00:00
Kris Chen
94dbd3352f enforce trusty_apploader am: b2f238ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I4661f365aac362da5c78070fd50d44c8198362c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:41:42 +00:00
Neo Yu
7c362daebe Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 am: c3675e5a3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I41bad4281c4ad8b4c75e6dbcf863abd48baa026e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:07:47 +00:00
Tom Huang
f58b83f480 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb am: a926b7b0f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I4dd5d95cc7b11824c4499d32386b19031ee1abc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:07:18 +00:00
Kris Chen
b2f238ff01 enforce trusty_apploader 
Bug: 264489569
Test: Boot
Change-Id: I75f73d76f535a5755a164725c606872561461487
 2023-03-16 02:06:43 +00:00
TreeHugger Robot
ae3571ee44 Merge "Remove hal_cas_default dontaudit" into udc-d1-dev am: 793698a58d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085769

Change-Id: I23841ed54392b89f3c1a1b17ce7d3d9e1c8d4fcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:06:36 +00:00
TreeHugger Robot
e338ca0f98 Merge "Enforce vendor_init" into udc-d1-dev am: 8570030518 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22100402

Change-Id: Id6e5d06dd06328a1291de963469255ed64dc99f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:05:55 +00:00
Neo Yu
541c29655d Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 am: 2ffe76d869 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I840d8d3f11742cb5eafd77416ee268dbaf25c241
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:55 +00:00
Wilson Sung
4142cecd1a Enforce init am: c0c4ee3a9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098964

Change-Id: Ia79d840d91cd48928db76e7514bf62c850fa980b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:47 +00:00
Tom Huang
b21bb0e25f Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb am: eada700f48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I03006441769b7712368cbe6fa2b1185c27c1c790
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:38 +00:00
Neo Yu
c3675e5a3d Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: Ib4ef07b70d69f11f1389da85176d10d791ef5929
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:55 +00:00
Neo Yu
2ffe76d869 Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I571cd2c89363b29d579483b6300731f6aa0ca89a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:48 +00:00
Tom Huang
a926b7b0f0 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: Id18125fdfeff9c271c7b0f9a67463b4da103367f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:39 +00:00
Tom Huang
eada700f48 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I522dad9cb4eb77983e5fb1783d43852950315b37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:32 +00:00
Neo Yu
ba6c42df00 Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev 2023-03-16 01:25:37 +00:00
Tom Huang
c200250bfb Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev 2023-03-16 00:56:49 +00:00
TreeHugger Robot
793698a58d Merge "Remove hal_cas_default dontaudit" into udc-d1-dev 2023-03-16 00:55:54 +00:00
TreeHugger Robot
8570030518 Merge "Enforce vendor_init" into udc-d1-dev 2023-03-16 00:55:17 +00:00
Alice Sheng
c3288bb774 Merge "Add sepolicy for RA9530 nodes." 2023-03-15 17:57:24 +00:00
Wilson Sung
9781434612 Enforce vendor_init 
Fix: 264490095
Test: boot-to-home
Change-Id: I612896a0da7e9e2fd60772cbbd4b439e4824d7bc
 2023-03-16 00:23:53 +08:00
Wilson Sung
c0c4ee3a9b Enforce init 
Fix: 264489678
Test: boot-to-home and no init avc error
Change-Id: I580f6d9af0874a1165c43a77008b43fab5d0091f
 2023-03-16 00:06:35 +08:00
Ken Yang
8ff0eed309 SELinux: Remove charger_vendor.te 
Bug: 264489675
Change-Id: I9ed521778291ea712ec4ef7f312ae890be3402e7
Signed-off-by: Ken Yang <yangken@google.com>
 2023-03-15 15:34:23 +00:00
neoyu
4701e96275 remove tracking_denials for hal_radioext_default.te 
The SELinux error has been fixed and this file could be removed.

Bug: 269813076
Test: build pass
Change-Id: I2dfcc00575a277ed7f020a9df8193a5f069d2ed9
 2023-03-15 21:30:53 +08:00
Donnie Pollitz
bef163efd5 Remove hal_bootctl_default audits 
* As of ToT, this denial is no longer occurring, removing don't audit.

Bug: 267843310
Test: Ran `adb shell dmesg | grep avc ; adb logcat -d | grep avc`

Change-Id: Id40709e436b9b21ad664148e25bed4eab1aff4ff
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-15 12:44:11 +00:00
Chien Kun Niu
8783417f2f usb: remove bug number in bug_map 
Bug: 272166827
Test: Presubmit build Pass
Change-Id: I7b641636d52995dc9c098af6e7397702f0dcf4ab
 2023-03-15 19:19:44 +08:00
Chien Kun Niu
28cc58257f usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission 
Allow hal_usb_gadget_imple sysfs_batteryinfo r_dir_perms and rw_file_perms

[    8.237410] [  T379] type=1400 audit(1678784127.396:4): avc: denied { search } for comm="HwBinder:762_1" name="power_supply" dev="sysfs" ino=73783 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
[    8.237556] [  T379] type=1400 audit(1678784127.396:5): avc: denied { read } for comm="HwBinder:762_1" name="usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237584] [  T379] type=1400 audit(1678784127.396:6): avc: denied { open } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237603] [  T379] type=1400 audit(1678784127.396:7): avc: denied { getattr } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug: 272166827
Test: Check avc denied log
Change-Id: Iecbf6ff712924b60ce186b75a76cf25f3b48e72d
 2023-03-15 19:17:14 +08:00
Wilson Sung
8141ff4e3e Remove hal_cas_default dontaudit 
Fix: 267260716
Test: take bugreport and no related avc error
Change-Id: If7a7b7f0395ef3a82d2f837ca2732e08f363e87c
 2023-03-15 19:02:58 +08:00
Jayachandran C
8d1a560bf9 Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling 
This CL fixes the following denials
auditd  : avc:  denied  { find } for interface=vendor.google.whitechapel.audio.audioext::IAudioExt sid=u:r:radio:s0 pid=2676 scontext=u:r:radio:s0 tcontext=u:object_r:hal_audio_ext_hwservice:s0 tclass=hwservice_manager permissive=0
auditd  : type=1400 audit(0.0:2983): avc: denied { call } for comm="binder:2617_3" scontext=u:r:radio:s0 tcontext=u:r:hal_audio_default:s0 tclass=binder permissive=0

Bug: 267802258
Test: Live network testing and verified the AudioExt HAL message

Change-Id: Iffa2bcc9b8fa56c383cb765b7cbdf1ff667376c5
 2023-03-15 08:22:09 +00:00
TreeHugger Robot
6b71ff0ee7 Merge "Enforce isolated_app and untrusted_app" into udc-d1-dev am: b6d212049b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22090887

Change-Id: I32ec107a0f0ca3baeff4306fb4977e55c615bf1c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:44:13 +00:00
TreeHugger Robot
b6d212049b Merge "Enforce isolated_app and untrusted_app" into udc-d1-dev 2023-03-15 06:03:04 +00:00
kuanyuhuang
605235f79c BT: remove tracking denials hal_bluetooth_btlinux 
Local build with deleting tracking_denials/hal_bluetooth_btlinux.te
and adb shell getenforce ==> Enforcing.
Tested by BT funtions(playing music, share contacts, transfer file) and
no Bluetooth avc: denied logs.

Bug: 264489608
Test: local build
Change-Id: I1ba1868419d47b087ce96054a63a06b25484e0f5
 2023-03-15 05:13:53 +00:00
Wilson Sung
863007e89d Update SELinux error am: 389ddb027e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085787

Change-Id: I822ea9a885cb86293384fe631a3b6ed4367e4d23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 05:12:42 +00:00
Wilson Sung
63a66ef59e Enforce isolated_app and untrusted_app 
Fix: 264489642
Fix: 264972745
Fix: 267261265
Test: boot-to-home and no related avc error
Change-Id: I4770a076f6a5159db6ffea0661b52b449df9c55a
 2023-03-15 12:24:43 +08:00
Wilson Sung
389ddb027e Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 273638876
Test: scanBugreport
Bug: 273639365
Bug: 273143844
Bug: 273639264
Bug: 273638940
Bug: 273638876
Test: scanAvcDeniedLogRightAfterReboot
Bug: 273638876
Bug: 268566481
Change-Id: I2229a7c7e29dad303f7ef60c8d7f770b6a77a044
 2023-03-15 11:38:05 +08:00
TreeHugger Robot
e83033d9f1 Merge "sepolicy: label dsu and bci" into udc-d1-dev am: 35b10634bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981985

Change-Id: I0eb26b8dc03fdef37e8ff4e80d4024ce0485dfab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:15:50 +00:00
Quinn Yan
12f97aa2f6 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de am: e825edbf28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: Ifbe4b7d4486f14469060d1b3d0cf4f76988056aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:13:52 +00:00
Dai Li
1a103b9a37 Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 am: 518a025694 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: Id357ed344f5d115745069a499a2b8a57d0151d21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:09:00 +00:00
Quinn Yan
542f3553c7 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de am: b1ebacbd43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I17f0e8c9a9d98a0b67a2c3dbdd4fa9c7be427626
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:02:33 +00:00
TreeHugger Robot
35b10634bf Merge "sepolicy: label dsu and bci" into udc-d1-dev 2023-03-15 02:28:38 +00:00
Quinn Yan
b1ebacbd43 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I22986f34b83c07bd53539b092d0388180a69afc5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:57:35 +00:00
Quinn Yan
e825edbf28 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I3a6e12bb4e7f9e81deb4b0cf9c1d59102370efef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:42:42 +00:00
Quinn Yan
fe4ffed5de Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev 2023-03-15 01:26:24 +00:00