Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
811 commits 1 branch 0 tags 18 MiB
Commit graph

811 commits

This branch
This branch
All branches
Author SHA1 Message Date
Wilson Sung
f6813e983b Remove camera dontaudit am: 6f141a6526 am: 640d478d5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503759

Change-Id: I15e25c6faac9aaca4d1028367cc9740ddbf786b8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 06:03:35 +00:00
Ian Kasprzak
1b1fe4d3cc Partially revert commit e70b98af09. 
Remove twoshay references, with commit 9019c55645
reverted it references a non-existent file.

Bug: b/270434708
Test: Verified with go/abtd build

Reason for revert: b/270434708 - Breaks git_udc-d1-dev-plus-aosp-without-vendor builds.

Change-Id: I5705d214218107226ae3dd4959406f3ec05afa90
 2023-02-23 05:45:07 +00:00
Wilson Sung
a4ccb38798 Add chre policy am: fb2e376d26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533834

Change-Id: Iff4cde7901e7d05627e7f9f7c0d27fc457bba4dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:14:46 +00:00
Wilson Sung
640d478d5a Remove camera dontaudit am: 6f141a6526 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503759

Change-Id: I29c37dc676b4754cc1ce9f4c2620e52d278c36a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:14:45 +00:00
Wilson Sung
540f2a5803 Add chre policy am: fb2e376d26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21533834

Change-Id: Ief4f5dbb715527d079a7a5b75dd97ca552d957b4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:09:58 +00:00
Wilson Sung
d6127ccff7 Remove camera dontaudit am: 6f141a6526 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503759

Change-Id: I821bf958fcfb873e4ed4b413038a9cb456160602
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 05:09:56 +00:00
Richard Chang
e6f6cca02a sepolicy: clean up tracking_denials for zram 
The zram SELinux errors didn't exist in recent build
(9633105, 9642683).
Remove the record in tracking_denials/init.te.

Bug: 269221861
Test: Check log
Change-Id: I4057aaf960aef885d4d894ae5dc51f93e71afd83
 2023-02-23 03:57:57 +00:00
Wilson Sung
fb2e376d26 Add chre policy 
Bug: 260522435
Bug: 261105224
Test: boot-to-home
Change-Id: Icd8f1ad497357bbbcb9e34509c736f3976ff0ac7
 2023-02-23 11:05:15 +08:00
Wilson Sung
6f141a6526 Remove camera dontaudit 
Bug: 267843409
Bug: 268226491
Change-Id: Idce5518072fc266b45c2fbc5269915b19ceb19e8
 2023-02-23 11:04:47 +08:00
Ian Kasprzak
5bb246f13c Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev am: e3af6770ab am: 271f7404bc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21540614

Change-Id: I4d2749018bb251c764fa37e7d56088dea9164dc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 01:47:16 +00:00
Ian Kasprzak
271f7404bc Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev am: e3af6770ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21540614

Change-Id: Icd890d614ecec5e1b5688735fcbb8e0a49e6599f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 00:57:14 +00:00
Ian Kasprzak
ef751422ca Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev am: e3af6770ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21540614

Change-Id: I42ebdcee19667f1cce20aa704792ba5e45957dcd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-23 00:53:50 +00:00
Ian Kasprzak
e3af6770ab Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev 2023-02-22 22:28:43 +00:00
Ian Kasprzak
cbf2b3fdb2 Revert "Allow twoshay → systemui_app binder call for zuma devices" 
This reverts commit 9019c55645.

Reason for revert: b/270434708 - Breaks git_udc-d1-dev-plus-aosp-without-vendor builds.

Change-Id: Iab5bf42754760dedbe26dd684c373ba9ec3af70b
 2023-02-22 22:28:33 +00:00
Wilson Sung
11f7df1638 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev am: 2dc224c7b9 am: b41fd56de0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532246

Change-Id: Ia5f365e32eab587d4121fc7b6a05b7913f721991
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 06:33:16 +00:00
Wilson Sung
8f6a517f41 Merge "Remove touch_context_service to avoid compile error" into udc-dev am: dfd3296451 am: 0e5858d50e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532245

Change-Id: I15971b1ec0fd8ddf4a74284a0ad2c6959914ce10
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 06:31:20 +00:00
Adam Shih
90d9b97221 Move HWC dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I616f0af4d9ba466d62d87e7fc912c8c3201f7f65
 2023-02-22 13:55:50 +08:00
Wilson Sung
b41fd56de0 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev am: 2dc224c7b9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532246

Change-Id: I82eda4ee49a78b35b91c0ad8f3e81e2b525c73dc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:23:46 +00:00
Wilson Sung
0e5858d50e Merge "Remove touch_context_service to avoid compile error" into udc-dev am: dfd3296451 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532245

Change-Id: I1de205b76e27cab0040e1054568a4020562e1a57
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:22:30 +00:00
Wilson Sung
e148d76c21 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev am: 2dc224c7b9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532246

Change-Id: Ia9f0aaa2adb046417417119b6517d3af854d760c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:20:07 +00:00
Wilson Sung
54928d8c4e Merge "Remove touch_context_service to avoid compile error" into udc-dev am: dfd3296451 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21532245

Change-Id: Ifa8f7f79c4c9c1e741913367d7128983008fd693
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:18:00 +00:00
Cody Heiner
7229048556 Allow twoshay → systemui_app binder call for zuma devices am: 9019c55645 am: baf09b5ab9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21529713

Change-Id: Id247eb47d54b270e994d7316685303e59d77fbc8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 05:14:01 +00:00
Wilson Sung
2dc224c7b9 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev 2023-02-22 04:49:33 +00:00
Wilson Sung
dfd3296451 Merge "Remove touch_context_service to avoid compile error" into udc-dev 2023-02-22 04:32:18 +00:00
Armelle Laine
75ec1c9470 Define selinux properties for /dev/block/by-name/trusty_persist 
Bug: 247013568
Test: - Verify that this change is a NOP for devices with TDP already
        created on top of the legacy f2fs partition /mnt/vendor/persist/ss
      - Verify that this change creates a valid symlink on a manually
        migrated block device
Change-Id: I226f365c6afbb5fa91ec1c9c1943f8dddac8183a
 2023-02-22 04:28:08 +00:00
Cody Heiner
e4c5aedc21 Allow twoshay → systemui_app binder call for zuma devices am: 9019c55645 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21529713

Change-Id: I100420439bdb38eac30b6fdb11b1aa668b687227
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 04:04:01 +00:00
Cody Heiner
baf09b5ab9 Allow twoshay → systemui_app binder call for zuma devices am: 9019c55645 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21529713

Change-Id: Id48b48c9e374dab6bf58b50bde30ea9f2387a56e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 04:04:00 +00:00
Wilson Sung
ca241fa76c Add hal_bootctl_default write permission to devinfo_block_device 
Bug: 270236357
Change-Id: I40219dbd726ddebb277e592353bd9f0b249dd01f
 2023-02-22 11:23:32 +08:00
Wilson Sung
328cbaaa41 Remove touch_context_service to avoid compile error 
Bug: 270157082
Change-Id: I1d5d573ddb1d7323e7c66386928074fd06cfc484
 2023-02-22 11:16:15 +08:00
Wilson Sung
e6485106b6 Add hal_bootctl related policy am: bab5b72f86 am: 393e31b676 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508207

Change-Id: I3a060c0fe0d6d4a2e2b516e443b792ce54c186d8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:36:44 +00:00
Wilson Sung
bfab4be3c4 Enforce kernel domain am: da09093d88 am: 06d8b16f05 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503757

Change-Id: I0012c8c383b097d56cecc624f82cacdfe5deb877
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:36:43 +00:00
Wilson Sung
9a8e9b5918 Temporary allow kernel access same_process_hal am: 9457e5260e am: 45c7bbe3cd 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503756

Change-Id: Ie3d5523b61c829f6ac1c6b895bf83668ff651830
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:36:41 +00:00
Wilson Sung
6c52227cd4 Remove vendor_fw_file related dontaudit am: 86931fb2ea am: fa379e036e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503752

Change-Id: I178aa114c7f7cd901798eaaca661c7c31100542a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-22 01:27:02 +00:00
Cody Heiner
9019c55645 Allow twoshay → systemui_app binder call for zuma devices 
Splitting system_app (b/264266705) caused the avc denial below,
causing b/269981541. This change allows the denied binder call
and fixes the bug.

Denial message:
avc: denied { call } for scontext=u:r:twoshay:s0 tcontext=u:r:systemui_app:s0:c230,c256,c512,c768 tclass=binder permissive=0

Test: flash P23 device with ag/21526491 along with this change
  → twoshay runs normally.

Fixes: 269981541
Change-Id: Ib3cf6f44b6288ed5c7c773e2ad670d2fd0aeee96
 2023-02-21 23:58:05 +00:00
Wilson Sung
0e7828c0a5 Add hal_bootctl related policy am: bab5b72f86 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508207

Change-Id: Ibcb404bff2c8d72121d4aa8e9d1ee13932d4b471
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:06:50 +00:00
Wilson Sung
722ee868e6 Enforce kernel domain am: da09093d88 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503757

Change-Id: I311c9b36ff69366af3d90e9c4ee6cc64768de951
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:06:48 +00:00
Wilson Sung
0747bf2abc Temporary allow kernel access same_process_hal am: 9457e5260e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503756

Change-Id: I6f8eac71b9743b82e7cae48a53675b9db4080f01
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:06:47 +00:00
Wilson Sung
393e31b676 Add hal_bootctl related policy am: bab5b72f86 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21508207

Change-Id: Ic3ea1d971850ee209d9cfc61ba448ff62bbde5f5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:04:44 +00:00
Wilson Sung
06d8b16f05 Enforce kernel domain am: da09093d88 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503757

Change-Id: I1afd59c7608813cf9d3b0a24cf1425bab3a12695
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:04:43 +00:00
Wilson Sung
45c7bbe3cd Temporary allow kernel access same_process_hal am: 9457e5260e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503756

Change-Id: I75ddf39c43d69ea538d4a267145512ca710b22f8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:04:42 +00:00
Wilson Sung
f5b16f4093 Remove vendor_fw_file related dontaudit am: 86931fb2ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503752

Change-Id: I88027931977acd7f0d6df4e5c6a43f427fd54ef6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:01:45 +00:00
Wilson Sung
fa379e036e Remove vendor_fw_file related dontaudit am: 86931fb2ea 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21503752

Change-Id: I7a2f5722366ee38887ecdd5d5a43db0bfd8ccd26
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 23:00:36 +00:00
Wilson Sung
bab5b72f86 Add hal_bootctl related policy 
Bug: 260522436
Bug: 264489609
Bug: 264483787
Change-Id: Iaa22899bb21ff41c1fa259830e5f49623ff8429b
 2023-02-21 19:59:04 +08:00
Wilson Sung
da09093d88 Enforce kernel domain 
Bug: 264490052
Test: boot-to-home
Change-Id: I383b689b5c26c08d66307b677e36b28f2ab6f7dd
 2023-02-21 19:29:15 +08:00
Wilson Sung
9457e5260e Temporary allow kernel access same_process_hal 
Add the access to unblock user build boot-to-home

Bug: 260522245
Change-Id: I98f77b2de4961120be9c6073afc18e12e2637e81
 2023-02-21 19:28:25 +08:00
Wilson Sung
86931fb2ea Remove vendor_fw_file related dontaudit 
Bug: 262794429
Bug: 261933155
Change-Id: I62b4037835a462b46b82df4059cdebf679c295b2
 2023-02-21 15:00:58 +08:00
leochuang
407036361c Update SELinux error am: 6747816919 am: 62d244482e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504315

Change-Id: Ie93d259107be8337eae48d9e97ea0af5138679d3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 05:44:53 +00:00
leochuang
62d244482e Update SELinux error am: 6747816919 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504315

Change-Id: I7c2a39a18128af2c47bef09340738028fea686cc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 04:32:47 +00:00
leochuang
f1eebd6ddf Update SELinux error am: 6747816919 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21504315

Change-Id: I3374070e0d2b6c30addfd6f8e33f44be0fbbcb64
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-02-21 04:30:51 +00:00
leochuang
6747816919 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 269964558
Bug: 267714573
Bug: 269964574
Bug: 269812912
Change-Id: I61a274c01c6921b9b7e3df8814cf83f43bba342a
 2023-02-21 02:16:40 +00:00