Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
451 commits 1 branch 0 tags 18 MiB
Commit graph

226 commits

Author SHA1 Message Date
Tai Kuo
9824759e4f Remove vibrator bug_map toward u:object_r:aac_drc_prop:s0 
u:object_r:aac_drc_prop:s0 is harmless and does not affect vibrator HAL
dumpsys.

Bug: 264483356
Test: adb shell dumpsys android.hardware.vibrator.IVibrator/default
Change-Id: Id638d7074c1a83141b6db5b2ecea0148721ded88
 2023-02-08 14:20:16 +08:00
Tai Kuo
cecd829f6f Remove hal_vibrator_default and vendor_init tracking_denials 
Build P23 CS40l26 project from
hardware/google/pixel/vibrator/cs40l26/device.mk and use the sepolicy
from hardware/google/pixel-sepolicy/vibrator/cs40l26 and
hardware/google/pixel-sepolicy/vibrator/common.

Bug: 267843409
Fix: 260366169
Fix: 264490051
Test: HAL init properly
Test: dumpsys android.hardware.vibrator.IVibrator/default
Test: m atest && atest-dev \
  com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Test: m atest && atest-dev \
  com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: I4448bbdb03b0a06080d5bccf2708c86c10d4fb26
 2023-02-08 14:11:27 +08:00
TreeHugger Robot
d33ee1d1d3 Merge "Remove dontaudit vendor_init to set ssr properties" 2023-02-08 05:52:44 +00:00
TreeHugger Robot
c1888e24fc Merge "Allow vendor_init to modify proc_sched" 2023-02-08 05:26:30 +00:00
TreeHugger Robot
a2e09c9e25 Merge "vendor_init: Add getattr to modem_img" 2023-02-08 05:22:20 +00:00
Wilson Sung
ac3c24c4f2 dontaudit kernel search allow debugfs 
Bug: 261650972
Change-Id: I39b0feb01c592c7beb30d7aa1610c39a75bb3481
 2023-02-08 13:21:48 +08:00
TreeHugger Robot
bd9251a800 Merge "Allow vendor_init to modify read_ahead_kb" 2023-02-08 05:20:57 +00:00
TreeHugger Robot
728de48e51 Merge "Add extcon related contexts" 2023-02-08 05:16:56 +00:00
Wilson Sung
5f27d9f524 Merge "Remove usb obsolete denials" 2023-02-08 05:15:48 +00:00
Wilson Sung
65575203b2 Remove usb obsolete denials 
Bug: 261651009
Change-Id: I59f376d504e82e39feef1d96bfe3ec636dcf6ca0
 2023-02-08 05:15:20 +00:00
Wilson Sung
856d2c480e Allow kernel to access firmware and zram 
Bug: 260522245
Change-Id: I964ac1e30e0181f4d6edc71f2e066b7bd515186b
 2023-02-08 05:08:04 +00:00
TreeHugger Robot
9cce214473 Merge "Add required sepolicy rules for Camera function" 2023-02-08 05:00:08 +00:00
Wilson Sung
fd39573ce5 Remove dontaudit vendor_init to set ssr properties 
Bug: 267843409
Change-Id: I74a222e90b3dd0e2dad91632b73fcad1211a7974
 2023-02-08 12:44:56 +08:00
Wilson Sung
5dbc57e7ae Allow vendor_init to modify proc_sched 
Bug: 263185566
Change-Id: I4a333ffd423e88af81e4c244cc7140ebd826a170
 2023-02-08 12:28:31 +08:00
Wilson Sung
df495af425 vendor_init: Add getattr to modem_img 
Bug: 63185566
Change-Id: I29fd72ba5e1482d629bc28edfd7782c6f24fe68f
 2023-02-08 12:26:10 +08:00
Wilson Sung
926deec5d4 Allow vendor_init to modify read_ahead_kb 
Bug: 264489786
Change-Id: I26d5682b3b056c8c8e00fc08581c96dcbaa27ef9
 2023-02-08 04:07:22 +00:00
Wilson Sung
cb79685556 Add extcon related contexts 
Bug: 260366030
Change-Id: I9b15741820ad284e50593b5467407b773ae15ec8
 2023-02-08 12:06:31 +08:00
TreeHugger Robot
4e02d08f95 Merge "[SELinux] Fix hal_uwb_default dumpstate errors" 2023-02-08 01:43:53 +00:00
George Lee
0322b923b7 Remove tracking denial for system_boot_reason 
Bug: 263525155
Test: Local boot
Change-Id: Iab1411871a66c60a604ee8b0fce0505a88973792
Signed-off-by: George Lee <geolee@google.com>
 2023-02-07 17:07:19 +00:00
Wilson Sung
5f48d4f516 Add required sepolicy rules for Camera function 
Bug: 263184920
Bug: 263305107
Change-Id: Idadf878564333a931b90da2415efe109e75e222a
 2023-02-07 21:20:12 +08:00
Rex Lin
f1f25dc94f [SELinux] Fix hal_uwb_default dumpstate errors 
Bug: 263048994
Test: http://ab/I62800010129138096
Change-Id: I4fc3dedb8e35e4d7520acded58d66f5206565afb
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-02-07 08:17:54 +00:00
Ernie Hsu
0e1559162e Merge "Fix sepolicy for mediacodec_google and mediacodec_samsung" 2023-02-07 07:57:52 +00:00
TreeHugger Robot
9f95eb9cd1 Merge "Update error on ROM 9558720" 2023-02-07 06:06:39 +00:00
Ernie Hsu
f7adc840df Fix sepolicy for mediacodec_google and mediacodec_samsung 
mediacodec_google and mediacodec_samsung could be audited

Test: atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
      No fail associated with mediacodec_google and mediacodec_samsung
Bug: 262794938
Bug: 262794428
Bug: 262793919
Change-Id: I0ebac8c5c25ae89ecc8907f0f141f5ec1d8aaa0b
 2023-02-07 05:48:58 +00:00
sukiliu
341afe161d Update error on ROM 9558720 
Bug: 267843291
Bug: 267843408
Bug: 267843310
Bug: 267843409
Test: SELinuxUncheckedDenialBootTest
Change-Id: I4d8f448d9019232222f2e8385bb2f4b3cf5f5336
 2023-02-07 11:29:45 +08:00
Darren Hsu
1934546586 sepolicy: label required wakeup nodes for system suspend 
Bug: 260366031
Bug: 264204215
Test: run singleCommand pts -m PtsSELinuxTestCases
Change-Id: Icf8c4669156a0017655981fda8619ce0a75dce4d
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-02-07 10:12:30 +08:00
TreeHugger Robot
30036eeebc Merge "Remove dontaudit for nfc" 2023-02-07 02:08:28 +00:00
TreeHugger Robot
161099cfe2 Merge "Remove dontaudit for st54spi" 2023-02-07 02:08:21 +00:00
Donnie Pollitz
1fd0c782b4 sepolicy: Fix trusty_metricsd avc denials 
* Suez data collection missing

Bug: 264489526
Test: ran com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I667e35c68139a3368655cab4ea40acb529bb65ef
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-02-06 08:57:31 +00:00
Donnie Pollitz
1df4e2dde8 sepolicy: Fix trusty_apploader avc denials 
* File permissions missing

Bug: 263305034
Test: ran com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot

Change-Id: I5d0a56a4c31c66610414341118c4089d2c11f3e9
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-02-06 08:57:22 +00:00
George
aa76e6db12 Remove dontaudit for st54spi 
SELinuxUncheckedDenialBootTest
scanAvcDeniedLogRightAfterReboot
no avc denials for st54spi

Bug: 264489677
Test: manually check dumpsys secure_element
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I587caa423d3e1d23d9666fb732c0cc350934538f
 2023-02-06 07:27:12 +00:00
Jenny Ho
31f750da2b sepolicy: add sepolicy for disable.battery.defender 
[    7.536208] type=1107 audit(1671575809.144:22): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=vendor.battery.defender.disable pid=381 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_battery_defender_prop:s0 tclass=property_service permissive=1'

Bug: 263305106
Change-Id: Ia7adfe7f128c6390128447b9363ecd3615694fb1
Signed-off-by: Jenny Ho <hsiufangho@google.com>
 2023-02-05 13:09:28 +08:00
George
40b805af57 Remove dontaudit for nfc 
SELinuxUncheckedDenialBootTest
scanAvcDeniedLogRightAfterReboot
no avc denials for nfc

Bug: 263185547
Bug: 264490053
Test: atest NfcNciInstrumentationTests
Test: atest NfcNciUnitTests
Test: m atest && atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: Idc9eced1ae7248cf0883a5e42db2c5e55cb65c3b
 2023-02-04 22:37:34 +08:00
Welly Hsu
a8526b30e0 Merge "Remove dontaudit in euiccpixel for SELinuxUncheckedDenialBootTest and scanAvcDeniedLogRightAfterReboot" 2023-02-04 05:55:56 +00:00
Joseph Jang
114b7b8f09 Merge "citadel: Remove citadel.te for sepolicy testing" 2023-02-03 02:08:12 +00:00
TreeHugger Robot
075f213ece Merge "hal_graphics_composer_default: fix sepolicy denials" 2023-02-02 06:11:49 +00:00
Nicole Lee
1c8be3059d Merge "logger_app: allow access vendor_gps_file, vendor_gps_prop, vendor_logger_prop" 2023-02-02 03:06:23 +00:00
Nicole Lee
227fa788cc Merge "logger_app: allow logger_app access vendor_modem_prop" 2023-02-02 03:06:14 +00:00
Nicole Lee
89a469803c Merge "logger_app: allow logger_app to access vendor_ssrdump_prop" 2023-02-02 03:06:05 +00:00
Nicole Lee
3a825a5184 Merge "logger_app: allow logger_app to access radio files" 2023-02-02 03:05:50 +00:00
Safayat Ullah
7ce9680b98 hal_graphics_composer_default: fix sepolicy denials 
Bug: 263184738
Bug: 264489746
Test: There is no AVC denied log after reboot
Change-Id: I3c5bbc55f0a676d8906ec061e3c999995d02dd3f
 2023-02-01 14:34:36 +00:00
Donnie Pollitz
eea50ca2bc Merge "sepolicy: Fix tee avc denials" 2023-02-01 09:46:16 +00:00
Welly Hsu
74b12d8455 Remove dontaudit in euiccpixel for SELinuxUncheckedDenialBootTest and scanAvcDeniedLogRightAfterReboot 
Issue: after introducing selinux rules in b/265286368
the dontaudit rules can be removed

bug: 260522413
bug: 262451641
bug: 261651113
bug: 260922186
bug: 261516808
bug: 260769064
bug: 265384119
bug: 264489745

Test: confirm SELinuxUncheckedDenialBootTest and
scanAvcDeniedLogRightAfterReboot tests can pass and no avc denials for euiccpixel

Change-Id: I07ae97d47bbb14c15da92611160b6a2a6af22a60
 2023-02-01 16:34:17 +08:00
Nicole Lee
cddb6ad619 logger_app: allow access vendor_gps_file, vendor_gps_prop, vendor_logger_prop 
Bug: 261519049
Bug: 261783031
Bug: 261933367

Test: Confirm no selinux denial for these 3 tcontexts
Change-Id: I6f919e193693f7521778321f677214ea9f3b4d84
 2023-01-31 16:32:41 +00:00
Nicole Lee
b713236048 logger_app: allow logger_app access vendor_modem_prop 
Bug: 260522268
Bug: 264600053

Test: Confirm no selinux denial for tcontext vendor_modem_prop
Change-Id: Ic4ed0cdd7fa33c1dd4c812528b26b4a19cf6537b
 2023-01-31 16:32:32 +00:00
Nicole Lee
e6975cb6e5 logger_app: allow logger_app to access vendor_ssrdump_prop 
Bug: 260366439

Test: Confirm no selinux denial for tcontext vendor_ssrdump_prop
Change-Id: I74009bdd3d8b0fa691a2d0132655dc08fcd50977
 2023-01-31 16:32:24 +00:00
Nicole Lee
30e96b25ce logger_app: allow logger_app to access radio files 
Bug: 260366439
Bug: 260522268
Bug: 260769144
Bug: 261519049
Bug: 264600084

Test: Confirm no selinux denial for tcontext radio_vendor_data_file
Change-Id: I2a917d78e685aad5608e64f4d076cc50cdb064cc
 2023-01-31 16:32:16 +00:00
sukiliu
383189e5f2 Update error on ROM 9541712 
Bug: 267260951
Bug: 267261048
Bug: 267260619
Bug: 267260716
Bug: 267261305
Bug: 267261163
Bug: 267260675
Bug: 267261265
Bug: 267260717
Test: scanBugreport
Change-Id: I293fe1bc19f5f2d8f320d4e9feea051fc623ef8d
 2023-01-31 14:18:11 +08:00
Joseph Jang
245e4205d1 citadel: Remove citadel.te for sepolicy testing 
Test: VtsHalWeaverTargetTest
      VtsAidlSharedSecretTargetTest
      VtsHalIdentityTargetTest
      VtsHalRemotelyProvisionedComponentTargetTest
      VtsAidlKeyMintTargetTest
Bug: 264489777
Change-Id: I787aef6a0a924706ba2afccefff770408bb78294
 2023-01-31 05:21:49 +00:00
Donnie Pollitz
34fe057526 sepolicy: Fix tee avc denials 
tee policies were missing

Bug: 263304957
Bug: 263429986
Bug: 264489524
Test: boot and scanAvcDeniedLogRightAfterReboot passed

Change-Id: Ia3191496be005dbbbe331a14f7d45adace34b3fc
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-01-24 15:22:57 +01:00