Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1146 commits 1 branch 0 tags 18 MiB
Commit graph

1146 commits

This branch
This branch
All branches
Author SHA1 Message Date
Chungkai Mei
8051a8759a Remove hal_power_default bug from bug_map 
SELinux errors are fixed and hence removing from bug map

Bug: 273638876
Test: Build and boot on device
Change-Id: I4ca6180ad286970d36ce204cd4c44e75962b26e0
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-04-20 07:47:15 +00:00
Wilson Sung
6669da5b31 Merge "Enforce odrefresh" into udc-d1-dev am: 40c682640f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22699043

Change-Id: Ib318c133136aa341627fc39da98a78d104c15578
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 04:49:40 +00:00
Wilson Sung
40c682640f Merge "Enforce odrefresh" into udc-d1-dev 2023-04-20 04:06:05 +00:00
Wilson Sung
0d1a725348 Merge changes from topic "260522282" into udc-d1-dev am: f4a5867e2a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22746525

Change-Id: I8e0630c0d343ad857d7f67d7a743ef41708ecbcf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 03:26:37 +00:00
Wilson Sung
f4a5867e2a Merge changes from topic "260522282" into udc-d1-dev 
* changes:
  Revert^2 "Enforce priv_app"
  Label ims_remote_app and rcs_service_app
 2023-04-20 02:46:06 +00:00
Treehugger Robot
6dba4fa8b3 Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev am: b51385226b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22743594

Change-Id: I0529653e75ab3bbe0815a7b9eeef4f0a5db0849f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 21:12:32 +00:00
Treehugger Robot
b51385226b Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev 2023-04-19 20:02:33 +00:00
Edmond Chung
57d920f582 Camera: Allow rw access to TEE devices 
This is to enable face authentication on P23 devices.

Bug: 278898746
Test: Build, face authentication
Change-Id: I75311770a9780e0d97a9240b589e4e4cd9e2dc56
 2023-04-19 11:18:14 -07:00
Wilson Sung
dc75da30a1 Revert^2 "Enforce priv_app" 
This reverts commit 61a95fc71a.

Fix: 260522282
Change-Id: I0d5dd994d3acacfee854ae27669358cfc2c249fc
 2023-04-20 00:14:18 +08:00
Wilson Sung
ab9b7f7609 Label ims_remote_app and rcs_service_app 
Bug: 260522282
Change-Id: I4bf27e30eda51794d2047da9ca17044632ec3786
 2023-04-20 00:13:52 +08:00
Alan Chen
37bbafbe50 Merge "Remove dontaudit for hal_radioext_default to service_manager." into udc-d1-dev am: c1f8b7a872 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22694673

Change-Id: I884961bf28e23827172fc99f0a7801069339041d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 03:38:33 +00:00
Alan Chen
c1f8b7a872 Merge "Remove dontaudit for hal_radioext_default to service_manager." into udc-d1-dev 2023-04-19 03:04:57 +00:00
Treehugger Robot
800ccb62a9 Merge "Enforce sepolicy for camera HAL." into udc-d1-dev am: 16f461a2cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22702266

Change-Id: Ie10e87182ba8bcce515b639c82addc5c8a5fada4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 23:43:23 +00:00
Treehugger Robot
16f461a2cf Merge "Enforce sepolicy for camera HAL." into udc-d1-dev 2023-04-18 23:18:00 +00:00
Dave Mankoff
73cb48bef6 Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev am: 633f19376e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22603639

Change-Id: I39974b746d4bddff960fcad6ff2ecb7047615360
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 18:30:03 +00:00
Jonglin Lee
2fb28513a0 Merge "Revert "Enforce priv_app"" into udc-d1-dev am: 8da235e022 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22714010

Change-Id: I4712310d5e88de3b4ebeef37c754f1995334c8e7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 18:25:09 +00:00
Dave Mankoff
633f19376e Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev 2023-04-18 17:50:42 +00:00
Jonglin Lee
8da235e022 Merge "Revert "Enforce priv_app"" into udc-d1-dev 2023-04-18 17:50:13 +00:00
Jonglin Lee
61a95fc71a Revert "Enforce priv_app" 
This reverts commit af0ad04c3c.

Reason for revert: RescueParty crash due to com.shannon.rcsservice crash

Bug: 278735899
Change-Id: I5bf91b077c23c63de728657bd9adb5623b708d95
 2023-04-18 17:41:27 +00:00
Alan Chen
63f54f0a3a Remove dontaudit for hal_radioext_default to service_manager. 
The fix has been merged in the topic of ag/21956466 so this dontaudit line can be removed.

Test: manual
Bug: b/275646098

Change-Id: I95c25ffc926e48e589b7636beca1bef9583861d0
 2023-04-18 17:47:09 +08:00
Krzysztof Kosiński
3f0d2fc09d Enforce sepolicy for camera HAL. 
Bug: 264489778
Test: GCA smoke test on Zuma device
Change-Id: Icaa7c94ab264d496840d33d970e5a87123b31c36
 2023-04-18 09:02:32 +00:00
Wilson Sung
c7104d20ea Enforce odrefresh 
Bug: 254378739
Test: boot-to-home, no avc error
Change-Id: I2bd8af071a7296d77f9c1d85647124cdc9835709
 2023-04-18 16:30:35 +08:00
Kah Xuan Lim
5307e11804 Merge "Modem ML: Grant access to modem ML data dir" into udc-d1-dev am: 6c2b1f2590 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573645

Change-Id: Iad41f25a9f8850a7126342c53dac4caf18c3e5c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 05:47:51 +00:00
Kah Xuan Lim
6c2b1f2590 Merge "Modem ML: Grant access to modem ML data dir" into udc-d1-dev 2023-04-18 05:15:21 +00:00
Treehugger Robot
8f087633f6 Merge "Enforce priv_app" into udc-d1-dev am: 4d7b687f9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22639490

Change-Id: I16e602f40c31fb56b2eb536f024844af955a1a4e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 17:29:48 +00:00
Treehugger Robot
4d7b687f9d Merge "Enforce priv_app" into udc-d1-dev 2023-04-17 16:56:56 +00:00
Dave Mankoff
78b9dcdb69 Give SystemUI access to necessary selinux properties. 
Other errors mentioned in the bugs are already absent.

Fixes: 269964574
Fixes: 272628396
Fixes: 272628174
Test: built and flash device. No selinux errors printed.
Change-Id: Ic285b1f5a2ce6973899011a7c6a596e807c3e933
 2023-04-17 14:28:59 +00:00
Bruno BELANYI
33c0bf3aad Merge "Move ARM runtime option SELinux rules out of 'legacy/'" into udc-d1-dev am: ac239dd97d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22627129

Change-Id: Id46dee4c6dfc14fc86748fc88dc5ef96a0b0f708
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:27:59 +00:00
Bruno BELANYI
905a545184 Merge "Use restricted vendor property for ARM runtime options" into udc-d1-dev am: d217ae19cb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22627127

Change-Id: If670a7a869d2642c96d5f89b03dda2fce22f9519
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:27:20 +00:00
Jenny Ho
cddf77cdac Merge "sepolicy: fix charger_vendor permission denied" into udc-d1-dev am: 2e3228660e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22606969

Change-Id: Ifcf4b4a1f1654519eb756d658d0d1a14c5495e16
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:26:46 +00:00
Bruno BELANYI
ac239dd97d Merge "Move ARM runtime option SELinux rules out of 'legacy/'" into udc-d1-dev 2023-04-17 11:00:08 +00:00
Bruno BELANYI
d217ae19cb Merge "Use restricted vendor property for ARM runtime options" into udc-d1-dev 2023-04-17 10:59:23 +00:00
Jenny Ho
2e3228660e Merge "sepolicy: fix charger_vendor permission denied" into udc-d1-dev 2023-04-17 10:56:58 +00:00
Dinesh Yadav
56658f83ed Merge "Add se-policies for google_camera_app from pro" into udc-d1-dev am: 39b4b20545 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22414449

Change-Id: I1a7ccce3db7dee7e1b816af6a4703baa2f03ef3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 09:05:27 +00:00
Dinesh Yadav
39b4b20545 Merge "Add se-policies for google_camera_app from pro" into udc-d1-dev 2023-04-17 08:32:26 +00:00
Jenny Ho
6f201db16a sepolicy: fix charger_vendor permission denied 
type=1400 audit(1679973171.472:14): avc: denied { search } for comm="android.hardwar" name="vendor" dev="tmpfs" ino=2 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:mnt_vendor_file:s0 tclass=dir permissive=0
type=1400 audit(1679973171.256:10): avc: denied { read } for comm="android.hardwar" name="stat" dev="sysfs" ino=67924 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0␍␊
type=1107 audit(1679973171.472:20): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.battery.defender.state pid=414 uid=1000 gid=1000 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=property_service permissive=0
type=1400 audit(1679973171.476:23): avc: denied { read } for comm="android.hardwar" name="u:object_r:vendor_battery_defender_prop:s0" dev="tmpfs" ino=356 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=file permissive=0
type=1400 audit(1679973171.472:21): avc: denied { write } for comm="android.hardwar" name="capacity" dev="sysfs" ino=74690 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=0
type=1400 audit(1679973171.476:32): avc: denied { read } for comm="android.hardwar" name="u:object_r:default_prop:s0" dev="tmpfs" ino=164 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0
type=1400 audit(1681358719.792:6): avc:  denied  { search } for  comm="android.hardwar" name="/" dev="sda1" ino=3 scontext=u:r:charger_vendor:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=0

Bug: 277898259
Change-Id: I055eaab6df7c4549cc3817aaec80b0f85ec3b475
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-04-17 07:24:32 +00:00
Treehugger Robot
e285b839db [automerger skipped] Merge "allow vendor_init to acces watermark_scale_factor" into udc-d1-dev am: cccb610bb4 -s ours 
am skip reason: Merged-In Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0 with SHA-1 2c2e198e61 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22624776

Change-Id: I1ece813be75b6e1efbd8232e337dd8ed83664f9a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 03:41:53 +00:00
Martin Liu
761f9a44b8 [automerger skipped] allow vendor_init to acces watermark_scale_factor am: fe24903d2c -s ours 
am skip reason: Merged-In Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0 with SHA-1 2c2e198e61 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22624776

Change-Id: I622045022a29ceddf91d3a1a26fd4133571ef8ee
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 03:41:51 +00:00
Treehugger Robot
cccb610bb4 Merge "allow vendor_init to acces watermark_scale_factor" into udc-d1-dev 2023-04-17 03:05:35 +00:00
Martin Liu
2c2e198e61 allow vendor_init to acces watermark_scale_factor 
Bug: 278075546
Test: boot
Change-Id: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-04-16 04:05:34 +00:00
Martin Liu
fe24903d2c allow vendor_init to acces watermark_scale_factor 
Bug: 278075546
Test: boot
Change-Id: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Merged-in: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-04-16 03:59:57 +00:00
Bruno BELANYI
cd905228d1 Move ARM runtime option SELinux rules out of 'legacy/' 
Addressing some review feedback on ag/22381542 about this folder being
removed in the future.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I8506da9b80fe060cd5093acafd58594e4db3341b
 2023-04-14 09:20:40 +00:00
Bruno BELANYI
1337c54005 Use restricted vendor property for ARM runtime options 
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I7f6f021378467484544cc3dbbe71a8e9e037cf98
 2023-04-14 08:33:48 +00:00
Treehugger Robot
224c260019 Merge "Enforce servicemanager" into udc-d1-dev am: 9ea22dde19 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22574729

Change-Id: If04b8697019e9388da37addb6f65f7d025a5becf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 04:35:17 +00:00
Dinesh Yadav
b8b2445251 Add se-policies for google_camera_app from pro 
- Found selinux violations on google_camera_app for these services which are fixed after these changes are included.

Bug: 264490031
Change-Id: Ib6f4a8a548425b0b98ed9b69edff6c973b9cbe3e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-04-14 03:59:03 +00:00
Treehugger Robot
9ea22dde19 Merge "Enforce servicemanager" into udc-d1-dev 2023-04-14 03:53:11 +00:00
TreeHugger Robot
065f1c5a75 Merge "Suppress bootanim behavior meant for Android Wear devices" into udc-d1-dev am: 89d4a4df13 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098965

Change-Id: I041686fffcd34b58026080c4e6538adfaf8a3407
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 03:46:21 +00:00
Treehugger Robot
bb79528e37 Merge changes Ie20be0af,Id9a80c47 into udc-d1-dev am: 2ac0374b22 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573649

Change-Id: Id5edbe1f2e6ef273387af77a257063a149150764
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 03:45:38 +00:00
Wilson Sung
af0ad04c3c Enforce priv_app 
Fix: 260366281
Fix: 260522282
Fix: 260768358
Fix: 260922442
Fix: 263185432
Fix: 264490074
Fix: 268572216
Change-Id: I2efbb1971c09506a7b1e0e5e0e3d22eda91018c1
 2023-04-14 03:34:46 +00:00
TreeHugger Robot
89d4a4df13 Merge "Suppress bootanim behavior meant for Android Wear devices" into udc-d1-dev 2023-04-14 03:19:53 +00:00