Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
909 commits 1 branch 0 tags 18 MiB
Commit graph

909 commits

This branch
This branch
All branches
Author SHA1 Message Date
Tom Huang
c200250bfb Merge "BT: remove tracking denials hal_bluetooth_btlinux" into udc-dev 2023-03-16 00:56:49 +00:00
TreeHugger Robot
793698a58d Merge "Remove hal_cas_default dontaudit" into udc-d1-dev 2023-03-16 00:55:54 +00:00
TreeHugger Robot
8570030518 Merge "Enforce vendor_init" into udc-d1-dev 2023-03-16 00:55:17 +00:00
Alice Sheng
c3288bb774 Merge "Add sepolicy for RA9530 nodes." 2023-03-15 17:57:24 +00:00
Wilson Sung
9781434612 Enforce vendor_init 
Fix: 264490095
Test: boot-to-home
Change-Id: I612896a0da7e9e2fd60772cbbd4b439e4824d7bc
 2023-03-16 00:23:53 +08:00
Wilson Sung
c0c4ee3a9b Enforce init 
Fix: 264489678
Test: boot-to-home and no init avc error
Change-Id: I580f6d9af0874a1165c43a77008b43fab5d0091f
 2023-03-16 00:06:35 +08:00
Ken Yang
8ff0eed309 SELinux: Remove charger_vendor.te 
Bug: 264489675
Change-Id: I9ed521778291ea712ec4ef7f312ae890be3402e7
Signed-off-by: Ken Yang <yangken@google.com>
 2023-03-15 15:34:23 +00:00
neoyu
4701e96275 remove tracking_denials for hal_radioext_default.te 
The SELinux error has been fixed and this file could be removed.

Bug: 269813076
Test: build pass
Change-Id: I2dfcc00575a277ed7f020a9df8193a5f069d2ed9
 2023-03-15 21:30:53 +08:00
Donnie Pollitz
bef163efd5 Remove hal_bootctl_default audits 
* As of ToT, this denial is no longer occurring, removing don't audit.

Bug: 267843310
Test: Ran `adb shell dmesg | grep avc ; adb logcat -d | grep avc`

Change-Id: Id40709e436b9b21ad664148e25bed4eab1aff4ff
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-15 12:44:11 +00:00
Chien Kun Niu
8783417f2f usb: remove bug number in bug_map 
Bug: 272166827
Test: Presubmit build Pass
Change-Id: I7b641636d52995dc9c098af6e7397702f0dcf4ab
 2023-03-15 19:19:44 +08:00
Chien Kun Niu
28cc58257f usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission 
Allow hal_usb_gadget_imple sysfs_batteryinfo r_dir_perms and rw_file_perms

[    8.237410] [  T379] type=1400 audit(1678784127.396:4): avc: denied { search } for comm="HwBinder:762_1" name="power_supply" dev="sysfs" ino=73783 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
[    8.237556] [  T379] type=1400 audit(1678784127.396:5): avc: denied { read } for comm="HwBinder:762_1" name="usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237584] [  T379] type=1400 audit(1678784127.396:6): avc: denied { open } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
[    8.237603] [  T379] type=1400 audit(1678784127.396:7): avc: denied { getattr } for comm="HwBinder:762_1" path="/sys/devices/platform/10cb0000.hsi2c/i2c-8/8-0025/power_supply/usb/usb_type" dev="sysfs" ino=73797 scontext=u:r:hal_usb_gadget_impl:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1

Bug: 272166827
Test: Check avc denied log
Change-Id: Iecbf6ff712924b60ce186b75a76cf25f3b48e72d
 2023-03-15 19:17:14 +08:00
Wilson Sung
8141ff4e3e Remove hal_cas_default dontaudit 
Fix: 267260716
Test: take bugreport and no related avc error
Change-Id: If7a7b7f0395ef3a82d2f837ca2732e08f363e87c
 2023-03-15 19:02:58 +08:00
Jayachandran C
8d1a560bf9 Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling 
This CL fixes the following denials
auditd  : avc:  denied  { find } for interface=vendor.google.whitechapel.audio.audioext::IAudioExt sid=u:r:radio:s0 pid=2676 scontext=u:r:radio:s0 tcontext=u:object_r:hal_audio_ext_hwservice:s0 tclass=hwservice_manager permissive=0
auditd  : type=1400 audit(0.0:2983): avc: denied { call } for comm="binder:2617_3" scontext=u:r:radio:s0 tcontext=u:r:hal_audio_default:s0 tclass=binder permissive=0

Bug: 267802258
Test: Live network testing and verified the AudioExt HAL message

Change-Id: Iffa2bcc9b8fa56c383cb765b7cbdf1ff667376c5
 2023-03-15 08:22:09 +00:00
TreeHugger Robot
6b71ff0ee7 Merge "Enforce isolated_app and untrusted_app" into udc-d1-dev am: b6d212049b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22090887

Change-Id: I32ec107a0f0ca3baeff4306fb4977e55c615bf1c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 06:44:13 +00:00
TreeHugger Robot
b6d212049b Merge "Enforce isolated_app and untrusted_app" into udc-d1-dev 2023-03-15 06:03:04 +00:00
kuanyuhuang
605235f79c BT: remove tracking denials hal_bluetooth_btlinux 
Local build with deleting tracking_denials/hal_bluetooth_btlinux.te
and adb shell getenforce ==> Enforcing.
Tested by BT funtions(playing music, share contacts, transfer file) and
no Bluetooth avc: denied logs.

Bug: 264489608
Test: local build
Change-Id: I1ba1868419d47b087ce96054a63a06b25484e0f5
 2023-03-15 05:13:53 +00:00
Wilson Sung
863007e89d Update SELinux error am: 389ddb027e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22085787

Change-Id: I822ea9a885cb86293384fe631a3b6ed4367e4d23
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 05:12:42 +00:00
Wilson Sung
63a66ef59e Enforce isolated_app and untrusted_app 
Fix: 264489642
Fix: 264972745
Fix: 267261265
Test: boot-to-home and no related avc error
Change-Id: I4770a076f6a5159db6ffea0661b52b449df9c55a
 2023-03-15 12:24:43 +08:00
Wilson Sung
389ddb027e Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 273638876
Test: scanBugreport
Bug: 273639365
Bug: 273143844
Bug: 273639264
Bug: 273638940
Bug: 273638876
Test: scanAvcDeniedLogRightAfterReboot
Bug: 273638876
Bug: 268566481
Change-Id: I2229a7c7e29dad303f7ef60c8d7f770b6a77a044
 2023-03-15 11:38:05 +08:00
TreeHugger Robot
e83033d9f1 Merge "sepolicy: label dsu and bci" into udc-d1-dev am: 35b10634bf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21981985

Change-Id: I0eb26b8dc03fdef37e8ff4e80d4024ce0485dfab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:15:50 +00:00
Quinn Yan
12f97aa2f6 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de am: e825edbf28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: Ifbe4b7d4486f14469060d1b3d0cf4f76988056aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:13:52 +00:00
Dai Li
1a103b9a37 Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 am: 518a025694 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: Id357ed344f5d115745069a499a2b8a57d0151d21
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:09:00 +00:00
Quinn Yan
542f3553c7 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de am: b1ebacbd43 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I17f0e8c9a9d98a0b67a2c3dbdd4fa9c7be427626
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 03:02:33 +00:00
TreeHugger Robot
35b10634bf Merge "sepolicy: label dsu and bci" into udc-d1-dev 2023-03-15 02:28:38 +00:00
Quinn Yan
b1ebacbd43 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I22986f34b83c07bd53539b092d0388180a69afc5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:57:35 +00:00
Quinn Yan
e825edbf28 Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev am: fe4ffed5de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22082013

Change-Id: I3a6e12bb4e7f9e81deb4b0cf9c1d59102370efef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:42:42 +00:00
Quinn Yan
fe4ffed5de Merge "Remove the tracking_denials for edgetpu project. Fix the wrong sysfs directory for edgetpu." into udc-dev 2023-03-15 01:26:24 +00:00
Dai Li
518a025694 Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: I32b240372f25f8ae7546daa98acadd09b96562c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 01:22:27 +00:00
Dai Li
878380aba8 Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 am: 679670bfbc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: Iaaea913a24b30a69160c62d0fb400c6a2a3a1eeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 00:57:38 +00:00
Dai Li
679670bfbc Merge "dma-heap: add dsp heap" into udc-dev am: b66e27f987 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21914488

Change-Id: Ib3af1ba8af7afd636a1ef74765c82dac81d8ed8a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-15 00:18:38 +00:00
qinyiyan
1f30d7d1f9 Remove the tracking_denials for edgetpu project. 
Fix the wrong sysfs directory for edgetpu.

Test: No avc denails seen with the selinx=enforcing
Bug: 264489387,264489676
Change-Id: I5d4d249a0b906e3e5d765ed8830fd915db8aa66e
 2023-03-14 17:01:19 -07:00
Dai Li
b66e27f987 Merge "dma-heap: add dsp heap" into udc-dev 2023-03-14 23:31:53 +00:00
TreeHugger Robot
163c2ece35 Merge "Enforce pixel_stats" into udc-d1-dev am: 15a45ce32f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21989811

Change-Id: Ic9d353fb5e10ff41a3a6d1bdebb88ff6618b7748
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 07:45:19 +00:00
Wilson Sung
9cbc46ceb0 Update SELinux error am: a37fd0cd9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21974566

Change-Id: I56079dd1e972f03fad83ab85a325b631fd897633
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 07:44:38 +00:00
TreeHugger Robot
15a45ce32f Merge "Enforce pixel_stats" into udc-d1-dev 2023-03-14 07:18:22 +00:00
Wilson Sung
9a5bb820a7 Merge "Enforce system ui app" into udc-d1-dev am: 9f8b8971db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21982250

Change-Id: I42e84eabf5b33302f1233668a048ac984c42810c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 06:14:12 +00:00
Wilson Sung
a37fd0cd9d Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 272628396
Test: scanBugreport
Bug: 272628762
Test: scanAvcDeniedLogRightAfterReboot
Bug: 272628396
Bug: 267714573
Change-Id: Ice1b62f4092a00af2f9112efa84859465fa5061d
 2023-03-14 13:46:46 +08:00
Wilson Sung
9f8b8971db Merge "Enforce system ui app" into udc-d1-dev 2023-03-14 05:44:27 +00:00
Wilson Sung
95eea9a04b Enforce pixel_stats 
Fix: 264483357
Fix: 264483319
Fix: 264483568
Fix: 264489783
Test: boot-to-home and no pixel_stats avc error
Change-Id: I0b68fa3853c65056d7da78a436a3d38888af8f19
 2023-03-14 13:40:49 +08:00
TreeHugger Robot
07073bad72 Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 am: abf3c1a7db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: I837bbee567e305a649f2cd71c2b69a7b8d3b241e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:26:07 +00:00
TreeHugger Robot
a828092dcc Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 am: d5554312e8 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: I8edf39c4bec2c95ad532d074066303e80935086f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:24:35 +00:00
Enzo Liao
bd1c609093 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 am: ab46c1cab0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Ib13ebc9aea6c3cd85abfe3ff6c21bada30d507a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:22:39 +00:00
Enzo Liao
49817f7cd4 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 am: 40dce15c10 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Ia834d46eacf58109f82a3a5013a5fd8e9147f18b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 05:20:44 +00:00
TreeHugger Robot
abf3c1a7db Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: Ib5ccad7396fa6bb59228ce1e8da1389736e59131
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:48:34 +00:00
Enzo Liao
ab46c1cab0 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Id296bffea97617defd8547a28e65ca72795521f2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:48:14 +00:00
TreeHugger Robot
d5554312e8 Merge "label systemui sub apps" into udc-dev am: 27c8c4c1e0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21988006

Change-Id: I61bb2409787130b12d75e539f369bb73a5690ea6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:48:12 +00:00
Enzo Liao
40dce15c10 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Ia65c61152f4631dc9ffeb6675d05dbc562781a40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:47:21 +00:00
TreeHugger Robot
27c8c4c1e0 Merge "label systemui sub apps" into udc-dev 2023-03-14 04:29:20 +00:00
Sayanna Chandula
eabd922aeb Merge "thermal: remove tracking denials for hal_thermal" into udc-d1-dev am: 8f8acbb026 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21995148

Change-Id: I267c9dc9ff4678eeb620bb9879b7236e435e6bc5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:26:25 +00:00
Enzo Liao
6eb86755a6 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev 2023-03-14 04:04:41 +00:00