Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
296 commits 1 branch 0 tags 18 MiB
Commit graph

131 commits

Author SHA1 Message Date
Nicole Lee
cddb6ad619 logger_app: allow access vendor_gps_file, vendor_gps_prop, vendor_logger_prop 
Bug: 261519049
Bug: 261783031
Bug: 261933367

Test: Confirm no selinux denial for these 3 tcontexts
Change-Id: I6f919e193693f7521778321f677214ea9f3b4d84
 2023-01-31 16:32:41 +00:00
Nicole Lee
b713236048 logger_app: allow logger_app access vendor_modem_prop 
Bug: 260522268
Bug: 264600053

Test: Confirm no selinux denial for tcontext vendor_modem_prop
Change-Id: Ic4ed0cdd7fa33c1dd4c812528b26b4a19cf6537b
 2023-01-31 16:32:32 +00:00
Nicole Lee
e6975cb6e5 logger_app: allow logger_app to access vendor_ssrdump_prop 
Bug: 260366439

Test: Confirm no selinux denial for tcontext vendor_ssrdump_prop
Change-Id: I74009bdd3d8b0fa691a2d0132655dc08fcd50977
 2023-01-31 16:32:24 +00:00
Nicole Lee
30e96b25ce logger_app: allow logger_app to access radio files 
Bug: 260366439
Bug: 260522268
Bug: 260769144
Bug: 261519049
Bug: 264600084

Test: Confirm no selinux denial for tcontext radio_vendor_data_file
Change-Id: I2a917d78e685aad5608e64f4d076cc50cdb064cc
 2023-01-31 16:32:16 +00:00
sukiliu
383189e5f2 Update error on ROM 9541712 
Bug: 267260951
Bug: 267261048
Bug: 267260619
Bug: 267260716
Bug: 267261305
Bug: 267261163
Bug: 267260675
Bug: 267261265
Bug: 267260717
Test: scanBugreport
Change-Id: I293fe1bc19f5f2d8f320d4e9feea051fc623ef8d
 2023-01-31 14:18:11 +08:00
Grace Chen
82ae431064 Merge "Fix selinux denials on hal_secure_element_uicc" 2023-01-24 02:10:51 +00:00
Grace Chen
e881d9d401 Fix selinux denials on hal_secure_element_uicc 
Bug: 264489780
Test: Confirm no more selinux denials
Change-Id: Ib159acaf8701d0ac7e3325addd7baca6a41f0cee
 2023-01-23 15:36:04 -08:00
Dinesh Yadav
3de9d17052 Merge "Allow camera HAL and GCA to access GXP device." 2023-01-18 07:33:32 +00:00
TreeHugger Robot
30fe55378d Merge "Fix avc denied and remove tracking_denials for hal_usb_gadget_impl" 2023-01-17 06:07:41 +00:00
Ernie Hsu
87aa440b72 Merge "Remove tracking_denials for media related module" 2023-01-17 05:51:00 +00:00
Chung-Kai (Michael) Mei
ee6c28322a Merge "sepolicy: fix avc denial" 2023-01-17 04:53:35 +00:00
Chungkai Mei
cc0f6a604d sepolicy: fix avc denial 
fix avc denial

Test: boot passed and no avc log after boot
Bug: 264483355
Change-Id: Idd9ef9ca7c988141bffd2d9d7e561efe8066cba4
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-01-17 04:53:13 +00:00
Ray Chi
6baa4fa226 Fix avc denied and remove tracking_denials for hal_usb_gadget_impl 
Bug: 264946043
Test: no avc denied for hal_usb_gadget_impl
Change-Id: Ib52e6d089a0e3e73c619f35849af0aed478c1f65
 2023-01-17 04:37:49 +00:00
Ernie Hsu
c2a4092ee6 Remove tracking_denials for media related module 
All bugs in modified te files were already fixed

Bug: 264490072
Bug: 264489679
Bug: 264490012
Bug: 264489523
Test: test video recording/playback under enforcing mode
Change-Id: Iac7dc597f58dcc5f7bd936ddb607aa7158467a34
 2023-01-17 03:45:37 +00:00
Dinesh Yadav
b068bb3f64 Allow camera HAL and GCA to access GXP device. 
The camera HAL and Google Camera App
need selinux permission to run workloads on Aurora DSP. This
change adds the selinux rules too allow these clients to
access the GXP device in order to execute workloads on DSP.

Bug: 264321380
Test: Verified that the camera HAL service and GCA app is able to access the GXP device.
Change-Id: I125650b4841b4cbdc50077a0d80b113b02699de8
 2023-01-17 03:21:04 +00:00
TreeHugger Robot
ef4c754dc4 Merge "Fix avc denied and remove tracking_denials for hal_usb_impl" 2023-01-16 09:55:32 +00:00
Dinesh Yadav
1ac5ca8485 Merge "Add SEPolicy settings for android logging/tracing service for GXP" 2023-01-16 08:05:51 +00:00
Ray Chi
0801e5e421 Fix avc denied and remove tracking_denials for hal_usb_impl 
Fix avc denial for hal_usb_impl.

Bug: 263048760
Test: no avc denied for hal_usb_impl
Change-Id: Iaeea9d1f99f715c0f856a3a9f9fcd2e8d371f3d3
 2023-01-16 15:40:48 +08:00
Chungkai Mei
171bfb004b sepolicy: fix avc denial 
fix avc denial

Test: bott passed and no avc log after boot
Bug: 260769063
Bug: 261105028
Bug: 260366126
Bug: 261650934
Bug: 262178497
Bug: 262315567
Bug: 262633072
Change-Id: I926d535fe6871726b5cd0602e436f6b5a3a9e736
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-01-16 02:55:37 +00:00
sukiliu
3b97d74811 Update error on ROM 9492984 
Bug: 265587172
Test: SELinuxUncheckedDenialBootTest
Change-Id: I69402149121da5bbb0f2f89ca59c3ca458945d50
 2023-01-16 09:36:14 +08:00
TreeHugger Robot
71b801e2b7 Merge "Update error on ROM 9486762" 2023-01-13 09:14:49 +00:00
Welly Hsu
1f350465ce Merge "Fix euiccpixel_app SELinux error for eSIM firmware upgrade" 2023-01-13 07:46:40 +00:00
sukiliu
305330ef84 Update error on ROM 9486762 
Bug: 265384119
Bug: 265383359
Bug: 265383532
Test: SELinuxUncheckedDenialBootTest
Change-Id: I78bf39772c8f2a6b5c403ed5b113a34ff7d9dab0
 2023-01-13 15:33:02 +08:00
Welly Hsu
48ef4308be Fix euiccpixel_app SELinux error for eSIM firmware upgrade 
bug: 265286368

Test: generate test build and confirm no avc error happens
Change-Id: I2f457157d92cb48dfe328ba1520c3e598bd6d6b6
 2023-01-13 01:17:19 +08:00
sukiliu
26aa4fa6e2 Update error on ROM 9481402 
Bug: 265220235
Test: SELinuxUncheckedDenialBootTest
Change-Id: I784b50120a7f4dd3c9ee8c0837f0ddfd8210da2a
 2023-01-12 10:47:54 +08:00
Xu Han
e8f6804674 Merge "Fix permission regarding camera HAL, raidoExt and rlsservice" 2023-01-11 23:06:17 +00:00
Dinesh Yadav
7056027e71 Add SEPolicy settings for android logging/tracing service for GXP 
Test:
Checked that no "avc" violations were caused by gxp_logging after selinux has been enforced.

Bug: 264489388
Change-Id: I967b7b6d57c70804bed5c4ae94ff7b62ece23de3
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-01-11 13:54:47 +00:00
sukiliu
fdb950e96d Update error on ROM 9471410 
Bug: 264600171
Bug: 264972626
Bug: 264972745
Bug: 264972759
Test: scanBugreport
Change-Id: Ibe3bd94ce6c9c62bb6b2733cc025d0ccd9c478c5
 2023-01-10 16:12:05 +08:00
Ankit Goyal
344fb91207 Allow dmabuf heap access to graphics allocator 
There is no change in dmabuf heaps from pro, so these use the exact same
SEpolicy rules

Fix: 264489636
Test: Boots to home (with SELinux enforced)
Test: VtsHalGraphicsMapperV4_0TargetTest
Change-Id: I58ec8d9558fa76b805c0882cbbb20bfd08aead13
 2023-01-09 16:16:28 -08:00
Suki Liu
67584383ca Merge "Update error on ROM 9467820" 2023-01-09 13:01:06 +00:00
Miller Liang
89bdcc93cc Merge "audio:fix AAudio API access denial" 2023-01-09 12:36:34 +00:00
millerliang
8889eb6496 audio:fix AAudio API access denial 
This commit adds the sepolicy file for AAudio API

I auditd  : type=1400 audit(0.0:113):
avc: denied { map } for comm="binder:900_7" path="/dev/snd/pcmC0D0p"
dev="tmpfs" ino=1191 scontext=u:r:audioserver:s0
tcontext=u:object_r:audio_device:s0 tclass=chr_file permissive=1

Bug: 264484544
Test: test_steal_exclusive -c0
Test: Check no avc_deny on audioserver
Change-Id: I9efde74c74722b1b32c1d800a4cbceea8a850bfa
 2023-01-09 14:55:32 +08:00
sukiliu
acd718f65a Update error on ROM 9467820 
Bug: 264831112
Test: SELinuxUncheckedDenialBootTest
Change-Id: I3f3ca17d3620cf3b1c6c21fc996143be25622b48
 2023-01-09 14:55:19 +08:00
Neo Yu
c13eb657f9 Merge "Remove rild.te because all issues about rild are fixed." 2023-01-09 03:57:40 +00:00
KRIS CHEN
3d15476ae0 Merge "Remove tracking_denials/hal_fingerprint_default.te" 2023-01-09 03:20:16 +00:00
Kris Chen
9be7a3368a Remove tracking_denials/hal_fingerprint_default.te 
Bug: 264489559
Test: test fingerprint under enforcing mode
Change-Id: Ifd8637cba54264a1906e444b25d735c81f7037f0
 2023-01-09 03:19:57 +00:00
neoyu
f2ed76a124 Remove rild.te because all issues about rild are fixed. 
Bug: 264490075
Test: build pass
Change-Id: I37e6caedb9903faa1f1f974d596753223fde0f5f
 2023-01-09 10:54:14 +08:00
Aaron Tsai
6d11fe20d0 Merge "Fix avc denied for rild" 2023-01-09 02:21:17 +00:00
TreeHugger Robot
09ba144bc6 Merge "sepolicy: remove tracking denials for hal_power_stats" 2023-01-09 01:58:14 +00:00
Aaron Tsai
93dd7a2935 Fix avc denied for rild 
original log: [  158.669951] type=1400 audit(1671200951.308:888): avc: denied { write } for comm="dumpstate" path="pipe:[227853]" dev="pipefs" ino=227853 scontext=u:r:rild:s0 tcontext=u:r:dumpstate:s0 tclass=fifo_file permissive=1
original log: [  174.593792] type=1400 audit(1671063328.232:1003): avc: denied { use } for comm="dumpstate" path="pipe:[235312]" dev="pipefs" ino=235312 scontext=u:r:rild:s0 tcontext=u:r:dumpstate:s0 tclass=fd permissive=1

Bug: 263049190
Bug: 262633094
Test: manual test and check log
Change-Id: I56b26c8dc820e00ef659844cceff45edded4d677
 2023-01-07 14:05:10 +00:00
TreeHugger Robot
f4841acd83 Merge "Wifi: Add sepolicy files for hal_wifi_ext service" 2023-01-07 07:38:08 +00:00
Darren Hsu
8eed3af1eb sepolicy: remove tracking denials for hal_power_stats 
Bug: 264489189
Test: Captured bugreport and make sure there is no any avc denails
Test: related to hal_power_stats
Change-Id: Id83022ebaca5a507873bee57363a54baf4a27310
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-01-07 15:04:35 +08:00
Randall Huang
a3c890ba1e Merge "sepolicy: remove vold tracking_denials." 2023-01-07 03:07:09 +00:00
Xu Han
b8ab0fed91 Fix permission regarding camera HAL, raidoExt and rlsservice 
Bug: 264483024
Bug: 264489641
Bug: 263185565
Test: selinux log
Change-Id: Ieb174aef18c218efdcb357245c7d5ac4953a949c
 2023-01-06 11:56:55 -08:00
Xu Han
ffdcbabbab Merge "Allow camera HAL to call radioExt HAL for desense" 2023-01-06 17:31:02 +00:00
Suki Liu
8f3cb77d1c Merge "Update error on ROM 9460470" 2023-01-06 08:31:23 +00:00
kensun
0f5b5efdd1 Wifi: Add sepolicy files for hal_wifi_ext service 
This commit adds the sepolicy related files for hal_wifi_ext service.

[   27.714476] type=1400 audit(1670979557.360:29): avc: denied { call } for comm="binder:942_1" scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c215,c256,c512,c768 tclass=binder permissive=1
12-14 08:59:17.360   942   942 I binder:942_1: type=1400 audit(0.0:29): avc: denied { call } for scontext=u:r:hal_wifi_ext:s0 tcontext=u:r:grilservice_app:s0:c215,c256,c512,c768 tclass=binder permissive=1

Bug: 262455388
Test: Check no avc_deny on hal_wifi_ext
Change-Id: Ibc48225845b0cd10bbe88527449016daa9ef9eff
 2023-01-06 08:06:57 +00:00
Randall Huang
55133b1c0c sepolicy: remove vold tracking_denials. 
Move platform-specific vold rule to common folder.

Bug: 264483567
Bug: 264483569
Bug: 264489799
Test: run atest
Change-Id: Idad799d9f536ca18a0c3b5e7eb9d0bc182015e64
Signed-off-by: Randall Huang <huangrandall@google.com>
 2023-01-06 14:04:21 +08:00
sukiliu
18257ad81e Update error on ROM 9460470 
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264606212
Bug: 264600084
Bug: 264483754
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4a281b360783032132179fd9f9b314d0a65d233a
 2023-01-06 10:46:28 +08:00
Adam Shih
9fbe949e7c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 264483456
Bug: 264483024
Bug: 264600083
Bug: 264483531
Bug: 264600052
Bug: 264600084
Bug: 264483754
Test: scanBugreport
Bug: 264600171
Bug: 264600086
Bug: 264600053
Bug: 264599934
Change-Id: Idd111c69fbcebadf941f2a7cb6e0af7c8e24711d
 2023-01-06 09:32:22 +08:00