Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
229 commits 1 branch 0 tags 18 MiB
Commit graph

229 commits

This branch
This branch
All branches
Author SHA1 Message Date
Darren Hsu
8eed3af1eb sepolicy: remove tracking denials for hal_power_stats 
Bug: 264489189
Test: Captured bugreport and make sure there is no any avc denails
Test: related to hal_power_stats
Change-Id: Id83022ebaca5a507873bee57363a54baf4a27310
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-01-07 15:04:35 +08:00
Randall Huang
a3c890ba1e Merge "sepolicy: remove vold tracking_denials." 2023-01-07 03:07:09 +00:00
Xu Han
ffdcbabbab Merge "Allow camera HAL to call radioExt HAL for desense" 2023-01-06 17:31:02 +00:00
Suki Liu
8f3cb77d1c Merge "Update error on ROM 9460470" 2023-01-06 08:31:23 +00:00
Randall Huang
55133b1c0c sepolicy: remove vold tracking_denials. 
Move platform-specific vold rule to common folder.

Bug: 264483567
Bug: 264483569
Bug: 264489799
Test: run atest
Change-Id: Idad799d9f536ca18a0c3b5e7eb9d0bc182015e64
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-01-06 14:04:21 +08:00
sukiliu
18257ad81e Update error on ROM 9460470 
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264606212
Bug: 264600084
Bug: 264483754
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4a281b360783032132179fd9f9b314d0a65d233a
 2023-01-06 10:46:28 +08:00
Adam Shih
9fbe949e7c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264600052
Bug: 264600084
Bug: 264483754
Test: scanBugreport
Bug: 264600171
Bug: 264600086
Bug: 264600053
Bug: 264599934
Change-Id: Idd111c69fbcebadf941f2a7cb6e0af7c8e24711d
 2023-01-06 09:32:22 +08:00
Xu Han
525acba924 Allow camera HAL to call radioExt HAL for desense 
Bug: 264204392
Test: selinux log
Change-Id: Iee7f45a649444cc6c95b8094f001645e85eb83ba
 2023-01-05 18:54:59 +00:00
Adam Shih
16452851f3 dispatch domains to owner via bugs 
Bug: 264484544
Bug: 264489606
Bug: 264489743
Bug: 264489675
Bug: 264489633
Bug: 264489777
Bug: 264489520
Bug: 264489270
Bug: 264489387
Bug: 264489745
Bug: 264489957
Bug: 264489521
Bug: 264490031
Bug: 264489388
Bug: 264489608
Bug: 264489609
Bug: 264489778
Bug: 264489634
Bug: 264489794
Bug: 264489795
Bug: 264489559
Bug: 264489636
Bug: 264489746
Bug: 264490032
Bug: 264489188
Bug: 264489676
Bug: 264489779
Bug: 264489189
Bug: 264489677
Bug: 264489780
Bug: 264489637
Bug: 264490033
Bug: 264489390
Bug: 264489561
Bug: 264489750
Bug: 264489190
Bug: 264490051
Bug: 264489958
Bug: 264489610
Bug: 264489562
Bug: 264489797
Bug: 264489781
Bug: 264490034
Bug: 264489678
Bug: 264490091
Bug: 264490035
Bug: 264490011
Bug: 264490052
Bug: 264489639
Bug: 264489961
Bug: 264490072
Bug: 264490012
Bug: 264489523
Bug: 264489679
Bug: 264490053
Bug: 264489564
Bug: 264489783
Bug: 264490036
Bug: 264490074
Bug: 264490054
Bug: 264489565
Bug: 264490092
Bug: 264490075
Bug: 264489641
Bug: 264490093
Bug: 264489962
Bug: 264489784
Bug: 264489567
Bug: 264490076
Bug: 264489786
Bug: 264490014
Bug: 264489524
Bug: 264490055
Bug: 264489569
Bug: 264489526
Bug: 264489642
Bug: 264489681
Bug: 264489963
Bug: 264489787
Bug: 264490095
Bug: 264489799
Bug: 264490077
Test: boot to home in enforcing mode
Change-Id: I784ee1653800119308c22c85652764a99ca076e4
 2023-01-05 13:15:51 +08:00
Adam Shih
c858342332 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 264483752
Bug: 264483024
Bug: 264483531
Bug: 264483532
Bug: 264483567
Bug: 264483670
Bug: 264483151
Bug: 264483152
Bug: 264483352
Bug: 264483568
Bug: 264483753
Bug: 264482981
Bug: 264483754
Bug: 264483456
Bug: 264483787
Test: scanBugreport
Bug: 264483390
Bug: 264482983
Bug: 264483355
Bug: 264483356
Bug: 264483533
Bug: 264483319
Bug: 264483569
Test: scanAvcDeniedLogRightAfterReboot
Bug: 264321380
Bug: 264483357
Change-Id: I39f2a98bbbc8e416b86dd06cc99984acbab97baa
 2023-01-05 11:04:42 +08:00
TreeHugger Robot
10a6384587 Merge "label GPU as same_process_hal" 2023-01-04 06:21:24 +00:00
TreeHugger Robot
e9a315b81a Merge "set necessary domains to permissive" 2023-01-04 05:06:08 +00:00
Adam Shih
92f2edf487 label GPU as same_process_hal 
Bug: 261933250
Bug: 261933249
Bug: 261933226
Bug: 261933097
Bug: 261933428
Bug: 261933227
Bug: 260768740
Bug: 260922185
Test: boot to home under enforcing mode
Change-Id: Ied95ce0c1f851785e0848f7af788969f27e45101
 2023-01-04 12:10:27 +08:00
Adam Shih
97748d82a9 set necessary domains to permissive 
Bug: 254378739
Test: enforce and boot to home
Change-Id: I1dc8f400971e0926dbb2c5c0ac6f0ef99250e067
 2023-01-04 11:57:28 +08:00
Adam Shih
00b1421a56 Update error on ROM 9451592 
Bug: 264321380
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ibdf5acaa5898a728aac202902a1577d05f7d1f25
 2023-01-04 10:23:28 +08:00
TreeHugger Robot
bd992ad2b4 Merge "Sepolicy: Pixelstats: Battery history sepolicy" 2023-01-04 02:19:54 +00:00
TreeHugger Robot
af402f7187 Merge "Update error on ROM 9449178" 2023-01-03 03:06:21 +00:00
TreeHugger Robot
9bb06f3d46 Merge "modem_svc_sit: Grant permission to read vendor_fw_file" 2023-01-03 02:50:17 +00:00
Adam Shih
ef8da88fdc Update error on ROM 9449178 
Bug: 264204392
Bug: 264204525
Bug: 264204023
Bug: 264204215
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ice60ef7f25f549a990e3c6f006ed528b0b0beedf
 2023-01-03 10:03:13 +08:00
Wasb Liu
cefb0a621f hal_health_default: updated sepolicy 
Add necessary sepolicy.

Bug: 260366438
Bug: 261933135
Bug: 262178574
Bug: 262794970
Test: no avc denied for hal_health_default
Change-Id: I47043f64931c191063a0b3d5807ef814fa8b787f
Signed-off-by: Wasb Liu <wasbliu@google.com>
 2022-12-29 09:47:23 +00:00
Darren Hsu
3ea4ff4944 sepolicy: Allow hal_power_stats to access required sysfs 
Bug: 260366519
Bug: 260768935
Bug: 260922184
Bug: 261105152
Bug: 261363958
Bug: 261519183
Bug: 261651283
Bug: 261783107
Test: Captured bugreport and make sure there is no any avc denails
Test: related to hal_power_stats
Change-Id: Ic214dc1d8ea920b1bb8f700cd8b75918af3ab046
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-12-29 14:33:17 +08:00
Kris Chen
4963317cad zuma: fingerprint: fix SELinux denails 
Bug: 261105164
Test: boot with no relevant error on p23 device
Change-Id: I8d897693685591a042c5febfeca0121375749b8e
 2022-12-23 17:43:50 +08:00
Kadyr Narmamatov
3fc1ab6583 modem_svc_sit: Grant permission to read vendor_fw_file 
Bug: 260371849
Change-Id: Ia1bb3483c0d1dfcc1fc34b625f8b0eddf099cafb
 2022-12-23 04:11:01 +00:00
Timmy Li
a6fd3e2122 Merge "Add hal_camera_default se linux file for zuma" 2022-12-23 03:47:09 +00:00
TreeHugger Robot
42fb73dfeb Merge "Move the sepolicy setting of als_table to the new file." 2022-12-23 02:25:58 +00:00
Adam Shih
d045e5ac5e Update error on ROM 9431928 
Bug: 263525155
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Ie309aafff8d3772f19c28e3d3b049b642bd2c221
 2022-12-23 08:19:30 +08:00
Chia-Ching Yu
0dfdbed76e Move the sepolicy setting of als_table to the new file. 
Bug: 261111968
Test: There is no als_table avc denied log after reboot.

Change-Id: I41f9472e6a17dd7fce021d916e3e626a81fe79cf
 2022-12-23 07:05:57 +08:00
timmyli
8d061f7ebc Add hal_camera_default se linux file for zuma 
Add hal_camera_default.te for zuma. Move referenced contexts and
settings to new zuma-sepolicy folders. Add hal_camera_default type declaration
to file.te

Bug: 261651093, 260366029, 263185135
Test: Build and test for hal_camera_default denials
Change-Id: Id0246f9ca8fd399853894e9e41548976ab44ccd0
 2022-12-22 21:41:11 +00:00
Dennycy
79210088c5 Sepolicy: Pixelstats: Battery history sepolicy 
avc: denied { read } for comm="pixelstats-vend" name="battery_history"
dev="tmpfs" ino=845 scontext=u:r:pixelstats_vendor:s0 tcontext=u
:object_r:battery_history_device:s0 tclass=chr_file permissive=1

Bug: 260366322
Test: No more battery_history sepolicy found
Change-Id: Ic5d351ed0e42d08b24b5fd0af2d9ebd155086bc9
Signed-off-by: Dennycy <dennycylee@google.com>
 2022-12-22 09:21:56 +00:00
Ernie Hsu
0faf3d2c7b Merge "mediacodec_samsung: add sepolicy for mfc codec" 2022-12-22 05:25:29 +00:00
Ernie Hsu
bb7586ac03 mediacodec_samsung: add sepolicy for mfc codec 
Add necessary sepolicy. Log and reason are added in review comment
move sysfs out from legacy setting

Bug: 262633502
Bug: 263049105
Bug: 262794577
Bug: 262794578
Bug: 262794634
Test: video playback
      SELinuxTest#scanBugreport
      SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I240f3fc4672a0d3133699f76a808573e172d23f2
 2022-12-22 03:46:04 +00:00
Adam Shih
b3894c8262 Update error on ROM 9428849 
Bug: 263429589
Bug: 263429985
Bug: 263429986
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: I7387105916c4cb8ca9c6a6ab0e6d58f6c8d24d0b
 2022-12-22 10:02:41 +08:00
Kah Xuan Lim
77becc2a8f Merge "Modem ML: create selinux rules" 2022-12-21 10:04:58 +00:00
Chung-Kai (Michael) Mei
839546d2e3 Merge "Revert "Fix avc denials for powerhal"" 2022-12-21 08:39:31 +00:00
Chung-Kai (Michael) Mei
21426ea726 Revert "Fix avc denials for powerhal" 
This reverts commit 92e550d83f.

Reason for revert: here's duplicated setting

Change-Id: I4188deee0010c5dd10501fd9b36ae3876c412322
 2022-12-21 08:37:50 +00:00
Ken Yang
de0b57a913 Merge "WLC: Remove sysfs_wlc sepolicy" 2022-12-21 08:36:15 +00:00
TreeHugger Robot
aed7870cb2 Merge "Fix avc denials for powerhal" 2022-12-21 07:20:07 +00:00
TreeHugger Robot
e9868935cf Merge "mediacodec_google: updated sepolicy" 2022-12-21 04:58:31 +00:00
Chungkai Mei
92e550d83f Fix avc denials for powerhal 
Test: bott passed and no avc log after boot
Bug: 260769063
Bug: 261105028
Bug: 260366126
Bug: 261650934
Bug: 262178497
Bug: 262315567
Bug: 262633072
Change-Id: I84e5cdaeb8016bd3f5506a242ee8e3a58052ab07
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2022-12-21 02:46:39 +00:00
TreeHugger Robot
f22f38b970 Merge "Update error on ROM 9423786" 2022-12-21 02:40:11 +00:00
Taylor Nelms
9f72e56d46 Merge "Modify permissions to allow dumpstate process to access decon_counters node" 2022-12-21 01:41:40 +00:00
Adam Shih
f0d101b3e7 Update error on ROM 9423786 
Bug: 263304957
Bug: 263305034
Bug: 263305106
Bug: 263305225
Bug: 263305107
Bug: 263305203
Test: scanAvcDeniedLogRightAfterReboot
Change-Id: Iea85cf823b04f73d58ffab84f4b06dce39e80fc9
 2022-12-21 08:44:19 +08:00
Kah Xuan Lim
6ea5e4634a Modem ML: create selinux rules 
Bug: 262338662
Change-Id: I899a03a36b542bbf6b9e4b936f279f2d6b4a4c7b
 2022-12-20 08:39:35 +00:00
Sateshk Kumar Chinnappan
293813afed Merge "Add selinux rules for platform_apps to access vendor_ims_app udp socket for read/write of RTP packets." 2022-12-20 04:01:42 +00:00
Ruofei Ma
fd79c76365 mediacodec_google: updated sepolicy 
Add necessary sepolicy.

Bug: 262633230
Test: no avc denied for mediacodec_google

Change-Id: I0b2a8a12d9d9a6484cf899fabdf213b8c9a279e9
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2022-12-19 19:37:52 -08:00
TreeHugger Robot
2b5846fc4a Merge "restart domains" 2022-12-20 03:28:07 +00:00
Adam Shih
169b9143fb restart domains 
Bug: 254378739
Test: boot to home
Change-Id: I7d077b7c5edfb3bee07a05fda05e5076e515c7bf
 2022-12-20 08:50:43 +08:00
Adam Shih
2682fc7fc4 update error on ROM 9420981 
Bug: 263185135
Bug: 263184738
Bug: 263185136
Bug: 263185161
Bug: 263185431
Bug: 263185547
Bug: 263185432
Bug: 263185565
Bug: 263184920
Bug: 263185566
Test: pts-tradefed run pts -m PtsSELinuxTest
Change-Id: Ia305204ccda294f7ad38edb669c85907485e4db3
 2022-12-20 08:38:41 +08:00
Sateshk Kumar Chinnappan
ebe77e31f4 Add selinux rules for platform_apps to access vendor_ims_app udp socket for read/write of RTP packets. 
This addresses the following SE policy denial
11-11 20:51:49.388000  2167  2167 I auditd  : type=1400 audit(0.0:11): avc: denied { read write } for comm="nnon.imsservice" path="socket:[111836]" dev="sockfs" ino=111836 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:r:vendor_ims_app:s0:c228,c256,c512,c768 tclass=udp_socket permissive=0 app=com.shannon.imsservice

Bug: 262320328
Test: Manual
Change-Id: I450f1faebd6c6a67e9f904c880360e75bad3cb40
 2022-12-19 19:26:14 +00:00
Ken Yang
0656a4f24d WLC: Remove sysfs_wlc sepolicy 
Bug: 237600973
Change-Id: If0416877447c9f588d69f498f6219297392f4e55
Signed-off-by: Ken Yang <yangken@google.com>
 2022-12-19 06:17:39 +00:00