Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1073 commits 1 branch 0 tags 18 MiB
Commit graph

98 commits

Author SHA1 Message Date
mikeyuewang
1ee598d5d2 Grant the MDS access to the IPowerStats hal service. 
ref logs:
09-06 10:07:18.006   536   536 I auditd  : avc:  denied  { find } for pid=22543 uid=10225 name=android.hardware.power.stats.IPowerStats/default scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:hal_power_stats_service:s0 tclass=service_manager permissive=1
09-06 10:07:18.010 22543 22543 I auditd  : type=1400 audit(0.0:65): avc:  denied  { call } for  comm="pool-4-thread-1" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=1 app=com.google.mds

Test: Tested with MDS app and the MDS can get IPowerStats binder and
call the interface.

Bug: 297250368
Change-Id: I7b0eeabdafb49eb33d8016666f9c02f2616f898d
 2023-09-28 15:22:00 +00:00
Jasmine Cha
8fb992eacb audio: move related sepolicy of audio to gs-common 
Bug: 297482504
Test: build pass

Change-Id: I9444b9e63f32bf898c845e42edbf682798bce300
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-08-29 16:45:47 +08:00
Nicole Lee
3c5d001e7d Add rules for letting logger app send the command to ril 
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c3,c257,c512,c768 pid=3217 scontext=u:r:logger_app:s0:c3,c257,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 293351399
Test: Verify SetDebugTrace funciton on p23
Change-Id: I1e51954886a7ea8bf5d31213634d4df34619eb33
 2023-08-18 07:59:11 +00:00
Cheng Chang
cd3d87535f gps: maintain one solution 
Bug: 288813677
Test: compile for different devices and check binary.
Test: verification test at b/288813677.
Change-Id: I7ee13ab2641aee0256d4ddb5ba27070b51dbc5e5
 2023-07-31 02:26:40 +00:00
Samuel Huang
0166c5fe0a Revert "Revert "Create telephony.ril.silent_reset system_ext pro..." 
Revert submission 23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Reason for revert: The root cause is missing property definition in gs101-sepolicy. This CL can be merged safely. Verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L48900000961646046

Reverted changes: /q/submissionid:23817868-revert-23736941-tpsr-ril-property-WQVGKEVBKX

Bug: 286476107
Change-Id: I6dde24447cb7caae0bf35d8b0342985e8c2f434a
 2023-06-28 10:28:24 +00:00
Sebastian Pickl
a14eb4e6b5 Revert "Create telephony.ril.silent_reset system_ext property fo..." 
Revert submission 23736941-tpsr-ril-property

Reason for revert: culprit for b/289014054 verified by abtd run: https://android-build.googleplex.com/builds/abtd/run/L54800000961620143

Bug: 289014054

Reverted changes: /q/submissionid:23736941-tpsr-ril-property

Change-Id: I6bd6b1e890fa77140d2d0e33ce6ae8a8a03e16f6
 2023-06-27 10:05:32 +00:00
Samuel Huang
1f2933970f Create telephony.ril.silent_reset system_ext property for RILD restart 
RILD listens for changes to this property. If the value changes to 1, RILD will restart itself and set this property back to 0.

The TelephonyGoogle app will set this property to 1 when it receives a request from the SCONE app. Since TelephonyGoogle runs in the com.android.phone process, we also need to give the radio domain permission to set the telephony.ril.silent_reset property.

Bug: 286476107
Test: manual
Change-Id: I5ee72c7ab8e0bce75bbb23b676f515cabe40ed23
 2023-06-21 06:34:55 +00:00
Mahesh Kallelil
1f885d0bcd Allow dump_modem to read logbuffer and wakeup events 
Updating sepolicy for dump_modem to read /dev/logbuffer_cpif. This is
required as part of bugreport.

Test: Tested bugreport on P23
Bug: 278501642
Change-Id: I102583e37ec2e3852fd901a75bbb06de9ac6f77c
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-05-09 00:20:07 -07:00
Ted Wang
8831352474 Add sepolicy for aidl bt extension hal 
Bug: 274906319
Test: build pass and manual test
Change-Id: Id54796fec22e790a197255f2db4ba23b4a58212d
 2023-04-28 04:48:33 +00:00
Wilson Sung
e4e854fcd9 Add Ims process label 
Bug: 260522282
Test: boot-to-home, no avc error
Change-Id: I8f3c7c64ecace4ca7ddd69275a093606a8492204
 2023-04-21 03:38:17 +00:00
kadirpili
92636953cf zuma: Allow GRIL Service to access radio_vendor_data_file 
Bug: 274737512
Change-Id: I90c008172af7bd0d8b7bf2b214f422c4165f3769
(cherry picked from commit 5c31a6f55ac18dd941e50b455c38a37efa12354f)
 2023-04-20 03:37:22 +00:00
Wilson Sung
ab9b7f7609 Label ims_remote_app and rcs_service_app 
Bug: 260522282
Change-Id: I4bf27e30eda51794d2047da9ca17044632ec3786
 2023-04-20 00:13:52 +08:00
Kah Xuan Lim
6e8c79e7db Modem ML: Grant access to modem ML data dir 
Bug: 229801544
Change-Id: Ia2e9c5a48ad935a49f3b8a9c6bceae3f4f833b4e
 2023-04-12 08:48:57 +00:00
Adam Shih
46fd63b761 comply with VTS requirements am: 22e1c0756a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344148

Change-Id: I02d1e5a2af5bb6d3009d2b7687dff6080f56724f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:08:17 +00:00
Adam Shih
22e1c0756a comply with VTS requirements 
Bug: 275142299
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default
Built pass on target-userdebug and aosp_target-userdebug

Change-Id: I6a114aa2aa92f7b06cfd5bbd1f73d34b5477b109
 2023-03-30 13:28:43 +08:00
TreeHugger Robot
6cbdc36e1b Merge "Move pixel dumpstate to gs-common" into udc-d1-dev 2023-03-29 16:06:45 +00:00
Adam Shih
b19966b929 Merge "Revert "comply with VTS requirements"" into udc-dev am: 97c56013be 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22328024

Change-Id: Ic5841fefdd7576548fff66fc340259814e542df9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 03:12:09 +00:00
Adam Shih
97c56013be Merge "Revert "comply with VTS requirements"" into udc-dev 2023-03-29 02:49:09 +00:00
Adam Shih
a0b5162488 Revert "comply with VTS requirements" 
Revert submission 22302106-dumpstate aidl

Reason for revert: build failed on udc-d1-dev

Reverted changes: /q/submissionid:22302106-dumpstate+aidl

Change-Id: I6bd0ec81272827498ce36bee556fd89acc6b20ca
 2023-03-29 02:45:20 +00:00
Adam Shih
026cb8d935 Merge "comply with VTS requirements" into udc-dev am: 7cb203f3c2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22306662

Change-Id: I03432b1457e7b251ac5f5f9d7e10e3b4485260cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:47:11 +00:00
Adam Shih
7cb203f3c2 Merge "comply with VTS requirements" into udc-dev 2023-03-28 23:58:03 +00:00
Mingguang Xu
203dd313e7 Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Ib70d523bc36e1a789b003374207094f2eaf722d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:09:15 +00:00
Mingguang Xu
57e322c17c Merge "Add permissions to connect radioext to twoshay." into udc-dev 2023-03-28 23:03:46 +00:00
Adam Shih
d4a7ff694a comply with VTS requirements 
Bug: 275142299
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default
Built pass on target-userdebug and aosp_target-userdebug

Change-Id: Ifd75afdf2365687eed9598f74dd4cf3241be2964
 2023-03-28 03:28:55 +00:00
RD Babiera
a82406ee28 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: I49798505d571f538127fc5d2b9474cce3992421c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:31:37 +00:00
RD Babiera
3616de2c26 Merge "Revert "comply with VTS requirements"" into udc-dev 2023-03-27 21:52:39 +00:00
RD Babiera
8720ececf1 Revert "comply with VTS requirements" 
Revert submission 22242215-dumpstate aidl

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_udc-d1-dev&target=aosp_husky-userdebug&lkgb=9826121&lkbb=9829863&fkbb=9826130, bug b/275279368.

Reverted changes: /q/submissionid:22242215-dumpstate+aidl

Change-Id: Ida32309c468074a5671c30aa28cf801c1695d786
 2023-03-27 20:58:33 +00:00
Adam Shih
036fb44a5d Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I10f98673ea507f841d9d3f33d737c4e73c1b5b19
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
(cherry picked from commit 8538fd33da)
 2023-03-27 17:57:22 +00:00
Alan
afafafd8a4 Add permissions to connect radioext to twoshay. 
Connection through grilantennatuningservice binder call.

Test: manual
Bug: 258970389
Change-Id: I419b40042cce363428f72fa723adf89bcf269ef4
 2023-03-27 17:07:16 +08:00
TreeHugger Robot
84aab225cf Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I0b9cf28cdfb549e2c3571e144f73f59d0004bc02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:27:52 +00:00
TreeHugger Robot
c83e5be8d9 Merge "comply with VTS requirements" into udc-dev 2023-03-27 06:05:51 +00:00
Adam Shih
e124d5aea9 comply with VTS requirements 
Bug: 275036679
Bug: 275034315
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default

Change-Id: I1c89d7662351ffae5409c3f81b4360579fdc00ae
 2023-03-27 12:07:24 +08:00
Neo Yu
70749d1b96 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: I2d2a07056322f6971050e9299e17201b95773eaf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:07:31 +00:00
Neo Yu
5b1689534f Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev 2023-03-27 02:36:56 +00:00
Adam Shih
8538fd33da Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I10f98673ea507f841d9d3f33d737c4e73c1b5b19
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
 2023-03-24 02:55:51 +00:00
neoyu
44ee5a2fb2 sepolicy: allow hal_radioext_default binder call with servicemanager 
avc: denied { call } for comm="binder:795_2" scontext=u:r:hal_radioext_default:s0 tcontext=u:r:servicemanager:s0 tclass=binder permissive=0

Bug: 274374768
Test: verify by test rom
Change-Id: I31cfbd234756fdc41663cec766f6b3bf23063bc7
 2023-03-24 02:30:44 +08:00
TreeHugger Robot
24536aa24c Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: I3b6ed885d80985c85846b1ec6627c093ba94431f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:07:36 +00:00
Wilson Sung
3e68836e43 Revert "Move pixel dumpstate to gs-common" 
Revert submission 22188471-dumpstate aidl

Reason for revert: Build break

Reverted changes: /q/submissionid:22188471-dumpstate+aidl
Bug: 274858145

Change-Id: I757111541257eecd4936572376fe42a4c866a1d6
 2023-03-23 05:58:12 +00:00
Adam Shih
cad969da74 Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: I58ded180038a8aa507095d31a069547b7f02efea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 05:52:55 +00:00
Adam Shih
ee45cfea78 Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
 2023-03-22 05:06:27 +00:00
Nicole Lee
f23893994b Move logger_app dontaudit items out of tracking_denials am: aa4b374120 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22173747

Change-Id: If3e54f3595eac5942175b29250ca6888471876ae
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-22 00:17:23 +00:00
Nicole Lee
aa4b374120 Move logger_app dontaudit items out of tracking_denials 
Bug: 269383459
Test: Open Pixel Logger and check logs
Change-Id: Id5b89a7eeaa5b06539113d4c86c64d6022080949
 2023-03-21 10:11:58 +00:00
Mahesh Kallelil
6636bd227b Merge "Update selinux-policy for ModemService." into udc-d1-dev 2023-03-16 22:43:34 +00:00
Jayachandran C
a7ec5ac379 Merge "Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling" into udc-dev am: 3cda1dd51b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22067882

Change-Id: I676634d568c0de4a029dc4609ceda2c38f56fce9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-16 20:20:07 +00:00
Mahesh Kallelil
df7ece2441 Update selinux-policy for ModemService. 
Allowing the ModemService write access to the sysfs attribute
cp_temp which is used to update the thermal zones.

Test: Verified sysfs attribute security labels
Bug: 267485434
Change-Id: I8361e53f4e6aa82e6dc78e94af71ee26c06fb2f5
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-03-16 05:35:51 +00:00
Jayachandran C
8d1a560bf9 Allow radio to find and invoke Audio HAL for updating the network info during improved WiFi calling 
This CL fixes the following denials
auditd  : avc:  denied  { find } for interface=vendor.google.whitechapel.audio.audioext::IAudioExt sid=u:r:radio:s0 pid=2676 scontext=u:r:radio:s0 tcontext=u:object_r:hal_audio_ext_hwservice:s0 tclass=hwservice_manager permissive=0
auditd  : type=1400 audit(0.0:2983): avc: denied { call } for comm="binder:2617_3" scontext=u:r:radio:s0 tcontext=u:r:hal_audio_default:s0 tclass=binder permissive=0

Bug: 267802258
Test: Live network testing and verified the AudioExt HAL message

Change-Id: Iffa2bcc9b8fa56c383cb765b7cbdf1ff667376c5
 2023-03-15 08:22:09 +00:00
Enzo Liao
40dce15c10 Merge "SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma." into udc-dev am: 6eb86755a6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21947242

Change-Id: Ia65c61152f4631dc9ffeb6675d05dbc562781a40
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-14 04:47:21 +00:00
Enzo Liao
3f905ee1d0 SSRestarDetector: modify the SELinux policy to allow access files owned by system for Zuma. 
It needs to access a file pushed by hosts of test suites (details: http://go/pd-client-for-lab#heading=h.wtp07hbqvwgx)

Bug: 234359369
Design: http://go/pd-client-for-lab
Test: manual (http://b/271555983#comment3)
Change-Id: Id97d9c2d07197478ab8d6fcd1e9370dc794ff7d1
 2023-03-10 15:37:15 +08:00
Jasmine Cha
3e639ffa42 Merge "audio: move sepolicy about audio to gs-common" into udc-dev am: 6431ec8cfa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21912482

Change-Id: Ic05e1165722a12b41d51f4339ed817383412219f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-10 02:19:45 +00:00
Jasmine Cha
d4de162a4f audio: move sepolicy about audio to gs-common 
Bug: 259161622
Test: build pass and check with audio ext hidl/aidl

Change-Id: I5f537f18b33c84f30dae349880f8d00a22883b0b
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-09 10:09:29 +08:00