Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1146 commits 1 branch 0 tags 18 MiB
Commit graph

1146 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jayachandran C
a7ec5ac379 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I676634d568c0de4a029dc4609ceda2c38f56fce9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:20:07 +00:00
Jayachandran C
f99fed1f87 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I6b1ef7b352b69b4988ac6a6d29f8918b5fb3ed84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:19:53 +00:00
Jayachandran C
3cda1dd51b Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev 2023-03-16 19:51:49 +00:00
Donnie Pollitz
8ab28ee02f Merge "Remove hal_bootctl_default audits" into udc-d1-dev am: e8682690b2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21804341

Change-Id: I725ac9f6fe40d4997738dfead624d1cc24753225
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 12:27:16 +00:00
TreeHugger Robot
eccb7ad20b Merge "allow vendor init to set vendor_camera_prop" into udc-d1-dev am: 1605d7979d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22113945

Change-Id: Ibdab8601f0d98e2b11640b5434ff49c87953d05b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 12:26:53 +00:00
Donnie Pollitz
e8682690b2 Merge "Remove hal_bootctl_default audits" into udc-d1-dev 2023-03-16 12:03:04 +00:00
TreeHugger Robot
1605d7979d Merge "allow vendor init to set vendor_camera_prop" into udc-d1-dev 2023-03-16 11:57:14 +00:00
Rex Lin
a41dd62c1b [SELinux] remove hal_uwb_default tracking denials 
Bug: 267260951
Bug: 264489750
Bug: 273639365
Test: http://ab/I19700010140844408
Change-Id: Ife918a080a4b0c716a46c78730965b5d7eb3f757
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-03-16 14:51:12 +08:00
Mahesh Kallelil
df7ece2441 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I8361e53f4e6aa82e6dc78e94af71ee26c06fb2f5
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:35:51 +00:00
Speth Chang
3add5fbcec allow vendor init to set vendor_camera_prop 
03-16 10:29:21.324     1     1 W /system/bin/init:
type=1107 audit(0.0:5): uid=0 auid=4294967295 ses=4294967295
subj=u:r:init:s0 msg='avc: denied { set } for
property=vendor.camera.multicam.enable_p23_multicam pid=1
uid=0 gid=0 scontext=u:r:vendor_init:s0
tcontext=u:object_r:vendor_camera_prop:s0
tclass=property_service permissive=0' bug=b/267714573

Bug: 273854225
Test: check log, GCA
Change-Id: I1c5fdff3b9978c494be9f513e1770f26804ca132
 2023-03-16 13:18:17 +08:00
Ken Yang
8c52169f18 Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 am: 3ffebb1ce8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: I6692234b169c305dd548e557fa3d67b4d17f5304
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 04:28:57 +00:00
Ken Yang
83b44caa1c Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 am: 7c2b9b482e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: I48a36edef89a45b5ac50d209b38784cdc381da77
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 04:08:38 +00:00
Ken Yang
7c2b9b482e Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: If63f0cc156d98db3ec2eb5ca4749a60e0b76a32c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:54:38 +00:00
Ken Yang
3ffebb1ce8 Merge "SELinux: Remove charger_vendor.te" into udc-dev am: d9d0c0e471 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22099358

Change-Id: Ibfc2d7bcfc8fb713f2f73f8f181e010bf706f3c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:54:20 +00:00
Wilson Sung
f22692cf2f Merge "Remove obsolete denials" into udc-d1-dev am: 1efd7ed479 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098963

Change-Id: I5ef264e899c434a9d6d39f70af1854cec7c1accc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:51:17 +00:00
Wilson Sung
1efd7ed479 Merge "Remove obsolete denials" into udc-d1-dev 2023-03-16 03:25:49 +00:00
Wilson Sung
7eaf780e42 Remove obsolete denials 
Bug: 261933310
Test: take the bugreport and no incidentd avc error
Change-Id: I84274ed4c3b8c3d373a353f879cd7001b26c1703
 2023-03-16 03:25:22 +00:00
TreeHugger Robot
18acd8cd02 Merge changes I7b641636,Iecbf6ff7 into udc-d1-dev am: 320064782b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085771

Change-Id: I211dc0a0b0fcd8031d68d833b751cbad21eef8b1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:52 +00:00
Kris Chen
8f286ce919 enforce trusty_apploader am: b2f238ff01 am: 94dbd3352f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I2592d49f2fa61270225dccef2033c0528716986d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:43 +00:00
Kris Chen
0c4c497f9e enforce trusty_apploader am: b2f238ff01 am: b8419230f2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: Icb5a11c030f0d9ca2b4edfd37c902618f5819f57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 03:16:14 +00:00
Ken Yang
d9d0c0e471 Merge "SELinux: Remove charger_vendor.te" into udc-dev 2023-03-16 03:11:31 +00:00
TreeHugger Robot
320064782b Merge changes I7b641636,Iecbf6ff7 into udc-d1-dev 
* changes:
  usb: remove bug number in bug_map
  usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission
 2023-03-16 03:07:04 +00:00
Kris Chen
b8419230f2 enforce trusty_apploader am: b2f238ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I8f4e7f64b44b4c98a3ba8f75cd254f87548325da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:41:47 +00:00
Kris Chen
94dbd3352f enforce trusty_apploader am: b2f238ff01 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096222

Change-Id: I4661f365aac362da5c78070fd50d44c8198362c9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:41:42 +00:00
Neo Yu
7c362daebe Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 am: c3675e5a3d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I41bad4281c4ad8b4c75e6dbcf863abd48baa026e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:07:47 +00:00
Tom Huang
f58b83f480 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb am: a926b7b0f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I4dd5d95cc7b11824c4499d32386b19031ee1abc4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:07:18 +00:00
Kris Chen
b2f238ff01 enforce trusty_apploader 
Bug: 264489569
Test: Boot
Change-Id: I75f73d76f535a5755a164725c606872561461487
 2023-03-16 02:06:43 +00:00
TreeHugger Robot
ae3571ee44 Merge "Remove hal_cas_default dontaudit" into udc-d1-dev am: 793698a58d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085769

Change-Id: I23841ed54392b89f3c1a1b17ce7d3d9e1c8d4fcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:06:36 +00:00
TreeHugger Robot
e338ca0f98 Merge "Enforce vendor_init" into udc-d1-dev am: 8570030518 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22100402

Change-Id: Id6e5d06dd06328a1291de963469255ed64dc99f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:05:55 +00:00
Neo Yu
541c29655d Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 am: 2ffe76d869 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I840d8d3f11742cb5eafd77416ee268dbaf25c241
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:55 +00:00
Wilson Sung
4142cecd1a Enforce init am: c0c4ee3a9b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098964

Change-Id: Ia79d840d91cd48928db76e7514bf62c850fa980b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:47 +00:00
Tom Huang
b21bb0e25f Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb am: eada700f48 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I03006441769b7712368cbe6fa2b1185c27c1c790
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 02:02:38 +00:00
Neo Yu
c3675e5a3d Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: Ib4ef07b70d69f11f1389da85176d10d791ef5929
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:55 +00:00
Neo Yu
2ffe76d869 Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev am: ba6c42df00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22096224

Change-Id: I571cd2c89363b29d579483b6300731f6aa0ca89a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:48 +00:00
Tom Huang
a926b7b0f0 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: Id18125fdfeff9c271c7b0f9a67463b4da103367f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:39 +00:00
Tom Huang
eada700f48 Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev am: c200250bfb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085790

Change-Id: I522dad9cb4eb77983e5fb1783d43852950315b37
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 01:26:32 +00:00
Neo Yu
ba6c42df00 Merge "remove tracking_denials for hal_radioext_default.te" into udc-dev 2023-03-16 01:25:37 +00:00
Tom Huang
c200250bfb Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev 2023-03-16 00:56:49 +00:00
TreeHugger Robot
793698a58d Merge "Remove hal_cas_default dontaudit" into udc-d1-dev 2023-03-16 00:55:54 +00:00
TreeHugger Robot
8570030518 Merge "Enforce vendor_init" into udc-d1-dev 2023-03-16 00:55:17 +00:00
Alice Sheng
c3288bb774 Merge "Add sepolicy for RA9530 nodes." 2023-03-15 17:57:24 +00:00
Wilson Sung
9781434612 Enforce vendor_init 
Fix: 264490095
Test: boot-to-home
Change-Id: I612896a0da7e9e2fd60772cbbd4b439e4824d7bc
 2023-03-16 00:23:53 +08:00
Wilson Sung
c0c4ee3a9b Enforce init 
Fix: 264489678
Test: boot-to-home and no init avc error
Change-Id: I580f6d9af0874a1165c43a77008b43fab5d0091f
 2023-03-16 00:06:35 +08:00
Ken Yang
8ff0eed309 SELinux: Remove charger_vendor.te 
Bug: 264489675
Change-Id: I9ed521778291ea712ec4ef7f312ae890be3402e7
Signed-off-by: Ken Yang <yangken@google.com>
 2023-03-15 15:34:23 +00:00
neoyu
4701e96275 remove tracking_denials for hal_radioext_default.te 
The SELinux error has been fixed and this file could be removed.

Bug: 269813076
Test: build pass
Change-Id: I2dfcc00575a277ed7f020a9df8193a5f069d2ed9
 2023-03-15 21:30:53 +08:00
Donnie Pollitz
bef163efd5 Remove hal_bootctl_default audits 
* As of ToT, this denial is no longer occurring, removing don't audit.

Bug: 267843310
Test: Ran `adb shell dmesg | grep avc ; adb logcat -d | grep avc`

Change-Id: Id40709e436b9b21ad664148e25bed4eab1aff4ff
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-15 12:44:11 +00:00
Chien Kun Niu
8783417f2f usb: remove bug number in bug_map 
Bug: 272166827
Test: Presubmit build Pass
Change-Id: I7b641636d52995dc9c098af6e7397702f0dcf4ab
 2023-03-15 19:19:44 +08:00
Chien Kun Niu
28cc58257f usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission 
Allow hal_usb_gadget_imple sysfs_batteryinfo r_dir_perms and rw_file_perms

[    8.237410] [  T379] type=1400 audit(1678784127.396:4): avc: denied { search } for comm="HwBinder:762_1" name="power_supply" dev="sysfs" ino=73783 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
[    8.237556] [  T379] type=1400 audit(1678784127.396:5): avc: denied { read } for comm="HwBinder:762_1" name="usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237584] [  T379] type=1400 audit(1678784127.396:6): avc: denied { open } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237603] [  T379] type=1400 audit(1678784127.396:7): avc: denied { getattr } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug: 272166827
Test: Check avc denied log
Change-Id: Iecbf6ff712924b60ce186b75a76cf25f3b48e72d
 2023-03-15 19:17:14 +08:00
Wilson Sung
8141ff4e3e Remove hal_cas_default dontaudit 
Fix: 267260716
Test: take bugreport and no related avc error
Change-Id: If7a7b7f0395ef3a82d2f837ca2732e08f363e87c
 2023-03-15 19:02:58 +08:00
Jayachandran C
8d1a560bf9 Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling 
This CL fixes the following denials
auditd  : avc:  denied  { find } for interface=vendor.google.whitechapel.audio.audioext::IAudioExt sid=u:r:radio:s0 pid=2676 scontext=u:r:radio:s0 tcontext=u:object_r:hal_audio_ext_hwservice:s0 tclass=hwservice_manager permissive=0
auditd  : type=1400 audit(0.0:2983): avc: denied { call } for comm="binder:2617_3" scontext=u:r:radio:s0 tcontext=u:r:hal_audio_default:s0 tclass=binder permissive=0

Bug: 267802258
Test: Live network testing and verified the AudioExt HAL message

Change-Id: Iffa2bcc9b8fa56c383cb765b7cbdf1ff667376c5
 2023-03-15 08:22:09 +00:00