Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
505 commits 1 branch 0 tags 18 MiB
Commit graph

505 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jasmine Cha
d4de162a4f audio: move sepolicy about audio to gs-common 
Bug: 259161622
Test: build pass and check with audio ext hidl/aidl

Change-Id: I5f537f18b33c84f30dae349880f8d00a22883b0b
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-03-09 10:09:29 +08:00
Adam Shih
5dd0fffa9a Merge "move camera dump to gs-common" into udc-dev 2023-03-06 23:29:45 +00:00
Adam Shih
51bd259bbf Move common display dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I71ad4e2e08ba19c36dc633732ce39e8086a94d6e
 2023-03-06 06:33:53 +00:00
Adam Shih
7b84f2fc56 move camera dump to gs-common 
Bug: 240530709
Test: adb bugreport
Create empty files starting with the following prefix
/data/vendor/camera/profiler/session-ended-
/data/vendor/camera/profiler/high-drop-rate-
/data/vendor/camera/profiler/watchdog-
/data/vendor/camera/profiler/camera-ended-
and do adb bugreport and make sure they end up in dumpstate_board.bin

Change-Id: I90e6d5142e7d512dafa6b8712d7fb252327359a5
 2023-03-06 02:34:48 +00:00
TreeHugger Robot
4eab0326df Merge "Allow hal_thermal_default to read iio/odpm sysfs nodes" into udc-dev 2023-03-03 12:01:40 +00:00
Donnie Pollitz
e31ad0b306 sepolicy: Fix hal_confirmationui_default avc denials 
* Allow for dumpstate

Bug: 261933368
Bug: 264489634
Test: Ran com.google.android.selinux.pts.SELinuxTest#scanBugreport
Change-Id: Id70d2a920172e649e4497f4ea1a4ecad33963edc
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-02 09:08:16 +00:00
Ernie Hsu
899ad9c1ab Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev 2023-03-02 08:38:54 +00:00
Wilson Sung
d0105abe01 Add sensor boot-to-home required policy 
Test: boot-to-home
Fix: 261105336
Change-Id: I772ff7a294cc5d2448361c164d4e671a41c92c8d
 2023-03-02 02:39:15 +00:00
Wilson Sung
fc8f4f8f24 Allow hal_thermal_default to read iio/odpm sysfs nodes 
Bug: 260366399
Bug: 261651187
Bug: 264204525
Change-Id: I7358b7740f6c30bd7b05e29e931a4c11226c6253
 2023-03-01 16:21:33 +00:00
Ernie Hsu
4d90089d25 move mediacodec_samsung build config and sepolicy to gs-common 
Bug: 263444717
Test: build pass, camera record, youtube
Change-Id: I8fa4d79495b3971429b977a63aed811ef8d62ddb
 2023-03-01 10:12:22 +00:00
Richard Chang
3c52a9ab3b Merge "sepolicy: update init.te for zram device" into udc-dev 2023-03-01 04:28:58 +00:00
Armelle Laine
d38c507ef6 Merge "Define selinux properties for /dev/block/by-name/trusty_persist" into udc-dev 2023-03-01 03:41:09 +00:00
Richard Chang
ee8c7c2df2 sepolicy: update init.te for zram device 
Bug: 269221861
Bug: 270633329
Test: Boot
Change-Id: I050e9a72006dcd0b71ba1232e38e5f96bce4c967
 2023-03-01 02:04:24 +00:00
TreeHugger Robot
627e6c1648 Merge "Update bug_map" into udc-dev 2023-02-28 23:56:31 +00:00
Xu Han
fe5bb58212 Update bug_map 
Bug: 264483024
Test: Build.
Change-Id: I9a1574b5997d9ac5d26100254c7e20b81930df50
 2023-02-28 09:34:58 -08:00
Armelle Laine
d27961dc1b Define selinux properties for /dev/block/by-name/trusty_persist 
Bug: 247013568
Test: - Verify that this change is a NOP for devices with TDP already
        created on top of the legacy f2fs partition /mnt/vendor/persist/ss
      - Verify that this change creates a valid symlink on a manually
        migrated block device
Change-Id: I226f365c6afbb5fa91ec1c9c1943f8dddac8183a
 2023-02-27 22:42:08 +00:00
Cody Heiner
dc0b4fc9e9 Allow twoshay → systemui_app binder call for zuma devices (2) 
Splitting system_app (b/264266705) caused the avc denial below,
causing b/269981541. This change allows the denied binder call
and fixes the bug.

Denial message:
avc: denied { call } for scontext=u:r:twoshay:s0 tcontext=u:r:systemui_app:s0:c230,c256,c512,c768 tclass=binder permissive=0

Note: this is a re-submit of ag/21529713, after sorting out the
SEPolicy issues described in b/270444888.

Test: flash P23 and Bluejay devices with this change plus ag/21591673,
  run `adb shell device_config put twoshay_native test_flag_name test_flag_value`,
  → TouchContextService.java logs corresponding property changed message.

Bug: 270444888

Change-Id: I40d70cf19930eb334ba3250d58a0cbc39b50764b
 2023-02-24 18:19:09 -08:00
Wilson Sung
546b787a40 Add SSR property access and remove obsolete denials 
Bug: 268572164
Change-Id: I5756510b2eb2696aade93dd6b15a111f5dca58ef
 2023-02-24 10:33:45 +00:00
Amy Hsu
ae4c77ebda Merge "Revise sepolicy because of refactor HbmSvManager" into udc-dev 2023-02-24 08:14:49 +00:00
Suki Liu
e476047167 Merge "Update SELinux error" into udc-dev 2023-02-24 04:59:32 +00:00
Adam Shih
9675dc064a Merge "Move HWC dump to gs-common" into udc-dev 2023-02-24 03:17:38 +00:00
Amy Hsu
c186dbd6db Revise sepolicy because of refactor HbmSvManager 
1. Set sepolicy correctly, make it the same as gs201.
2. Rename hbmsvmanager to pixeldisplayservice due to refactor.
3. Add arm_mali_platform_service for pixeldisplayservcice

Bug: 241498235
Bug: 262794939
Bug: 263185136
Bug: 264489797
Test: Verify LBE and shadow compensation functions.
      Make sure there is no avc denied.
Change-Id: I2a4bb5d6b863edc00b789fd6df8d46f90164d9f2
 2023-02-24 02:06:35 +00:00
sukiliu
362a8ac82c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 270633329
Change-Id: Ia7af3ec3ee9c8b80e22a8eb55fd61d58b6c73980
 2023-02-24 09:59:58 +08:00
TreeHugger Robot
3d1d5e0b15 Merge "Partially revert commit e70b98af09." into udc-dev 2023-02-23 16:13:11 +00:00
Richard Chang
d207b85ab3 Merge "sepolicy: clean up tracking_denials for zram" into udc-dev 2023-02-23 07:37:28 +00:00
Ian Kasprzak
1b1fe4d3cc Partially revert commit e70b98af09. 
Remove twoshay references, with commit 9019c55645
reverted it references a non-existent file.

Bug: b/270434708
Test: Verified with go/abtd build

Reason for revert: b/270434708 - Breaks git_udc-d1-dev-plus-aosp-without-vendor builds.

Change-Id: I5705d214218107226ae3dd4959406f3ec05afa90
 2023-02-23 05:45:07 +00:00
Richard Chang
e6f6cca02a sepolicy: clean up tracking_denials for zram 
The zram SELinux errors didn't exist in recent build
(9633105, 9642683).
Remove the record in tracking_denials/init.te.

Bug: 269221861
Test: Check log
Change-Id: I4057aaf960aef885d4d894ae5dc51f93e71afd83
 2023-02-23 03:57:57 +00:00
Wilson Sung
fb2e376d26 Add chre policy 
Bug: 260522435
Bug: 261105224
Test: boot-to-home
Change-Id: Icd8f1ad497357bbbcb9e34509c736f3976ff0ac7
 2023-02-23 11:05:15 +08:00
Wilson Sung
6f141a6526 Remove camera dontaudit 
Bug: 267843409
Bug: 268226491
Change-Id: Idce5518072fc266b45c2fbc5269915b19ceb19e8
 2023-02-23 11:04:47 +08:00
Ian Kasprzak
e3af6770ab Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev 2023-02-22 22:28:43 +00:00
Ian Kasprzak
cbf2b3fdb2 Revert "Allow twoshay → systemui_app binder call for zuma devices" 
This reverts commit 9019c55645.

Reason for revert: b/270434708 - Breaks git_udc-d1-dev-plus-aosp-without-vendor builds.

Change-Id: Iab5bf42754760dedbe26dd684c373ba9ec3af70b
 2023-02-22 22:28:33 +00:00
Adam Shih
90d9b97221 Move HWC dump to gs-common 
Bug: 269212897
Test: adb bugreport
Change-Id: I616f0af4d9ba466d62d87e7fc912c8c3201f7f65
 2023-02-22 13:55:50 +08:00
Wilson Sung
2dc224c7b9 Merge "Add hal_bootctl_default write permission to devinfo_block_device" into udc-dev 2023-02-22 04:49:33 +00:00
Wilson Sung
dfd3296451 Merge "Remove touch_context_service to avoid compile error" into udc-dev 2023-02-22 04:32:18 +00:00
Wilson Sung
ca241fa76c Add hal_bootctl_default write permission to devinfo_block_device 
Bug: 270236357
Change-Id: I40219dbd726ddebb277e592353bd9f0b249dd01f
 2023-02-22 11:23:32 +08:00
Wilson Sung
328cbaaa41 Remove touch_context_service to avoid compile error 
Bug: 270157082
Change-Id: I1d5d573ddb1d7323e7c66386928074fd06cfc484
 2023-02-22 11:16:15 +08:00
Cody Heiner
9019c55645 Allow twoshay → systemui_app binder call for zuma devices 
Splitting system_app (b/264266705) caused the avc denial below,
causing b/269981541. This change allows the denied binder call
and fixes the bug.

Denial message:
avc: denied { call } for scontext=u:r:twoshay:s0 tcontext=u:r:systemui_app:s0:c230,c256,c512,c768 tclass=binder permissive=0

Test: flash P23 device with ag/21526491 along with this change
  → twoshay runs normally.

Fixes: 269981541
Change-Id: Ib3cf6f44b6288ed5c7c773e2ad670d2fd0aeee96
 2023-02-21 23:58:05 +00:00
Wilson Sung
bab5b72f86 Add hal_bootctl related policy 
Bug: 260522436
Bug: 264489609
Bug: 264483787
Change-Id: Iaa22899bb21ff41c1fa259830e5f49623ff8429b
 2023-02-21 19:59:04 +08:00
Wilson Sung
da09093d88 Enforce kernel domain 
Bug: 264490052
Test: boot-to-home
Change-Id: I383b689b5c26c08d66307b677e36b28f2ab6f7dd
 2023-02-21 19:29:15 +08:00
Wilson Sung
9457e5260e Temporary allow kernel access same_process_hal 
Add the access to unblock user build boot-to-home

Bug: 260522245
Change-Id: I98f77b2de4961120be9c6073afc18e12e2637e81
 2023-02-21 19:28:25 +08:00
Wilson Sung
86931fb2ea Remove vendor_fw_file related dontaudit 
Bug: 262794429
Bug: 261933155
Change-Id: I62b4037835a462b46b82df4059cdebf679c295b2
 2023-02-21 15:00:58 +08:00
leochuang
6747816919 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 269964558
Bug: 267714573
Bug: 269964574
Bug: 269812912
Change-Id: I61a274c01c6921b9b7e3df8814cf83f43bba342a
 2023-02-21 02:16:40 +00:00
Wilson Sung
e70b98af09 Revert "Revert "Update error on ROM 9624328"" 
This reverts commit d8572861e3.

Remove hal_googlebattery related denied

Bug: 269813282
Bug: 269813059
Bug: 268566481
Bug: 269812912
Merged-In: I25b0f417af3e741719f959aed79e7e330687e117
Change-Id: I25b0f417af3e741719f959aed79e7e330687e117
 2023-02-20 11:06:17 +00:00
Ken Yang
58a6a1e772 WLC: cleanup the unused hal_wlc policies 
Bug: 264489562
Bug: 262455719
Bug: 260366297
Bug: 260363384
Signed-off-by: Ken Yang <yangken@google.com>
(cherry picked from commit 6f9844d137)
Merged-In: I90b9e442082b8e03e76ce63aaee56e5882933449
Change-Id: I90b9e442082b8e03e76ce63aaee56e5882933449
 2023-02-20 11:05:53 +00:00
Ken Yang
670b22c2c7 WLC: cleanup WLC trakcing_denials 
Bug: 268566583
Signed-off-by: Ken Yang <yangken@google.com>
(cherry picked from commit da69d2a494)
Merged-In: I2b3fda7b1b84ff4407eee4017df351f9f1d3bb51
Change-Id: I2b3fda7b1b84ff4407eee4017df351f9f1d3bb51
 2023-02-20 11:05:25 +00:00
Kah Xuan Lim
4e270f1615 modem_svc_sit: grant modem property access 
Log message gotten before adding the policy:
avc: denied { connectto } for comm="modem_svc_sit" path="/dev/socket/property_service" scontext=u:r:modem_svc_sit:s0 tcontext=u:r:init:s0 tclass=unix_stream_socket permissive=1

Bug: 247669574
(cherry picked from commit 77ce224141)
Merged-In: Id5e66d94eb14c6979d3b93d54fd73634444cdea1
Change-Id: Id5e66d94eb14c6979d3b93d54fd73634444cdea1
 2023-02-20 11:04:11 +00:00
Wilson Sung
931ea0d342 allow bootctl to read devinfo 
Bug: 260522436
(cherry picked from commit 967da5da4f)
Merged-In: I41d2763ffe40d7465a11cc86612fed9f92905eff
Change-Id: I41d2763ffe40d7465a11cc86612fed9f92905eff
 2023-02-20 11:02:28 +00:00
Wilson Sung
676c7a674c Remove proc_vendor_sched obsolete denials 
Bug: 264490054
(cherry picked from commit 6545bc156a)
Change-Id: I308df50eefe611a0a87afc9a21387465487cc6ea
Merged-In: I308df50eefe611a0a87afc9a21387465487cc6ea
 2023-02-20 11:01:42 +00:00
Nicole Lee
7706be6c71 logger_app: don't audit default_prop and fix errors 
avc: denied { read } for comm="oid.pixellogger" name="u:object_r:default_prop:s0" dev="tmpfs" ino=153 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:default_prop:s0 tclass=file permissive=0 app=com.android.pixellogger
avc: denied { search } for name="ssrdump" dev="dm-44" ino=377 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:sscoredump_vendor_data_crashinfo_file:s0 tclass=dir permissive=0 app=com.android.pixellogger
avc: denied { search } for name="coredump" dev="dm-44" ino=378 scontext=u:r:logger_app:s0:c8,c257,c512,c768 tcontext=u:object_r:sscoredump_vendor_data_coredump_file:s0 tclass=dir permissive=0 app=com.android.pixellogger

Bug: 264489961
Bug: 269383459
Test: Make sure no avc denied for logger_app when using Pixel Logger
(cherry picked from commit ef1d13d86d)
Change-Id: I8999372d243286586eb53602e167fa111d39a00f
Merged-In: I8999372d243286586eb53602e167fa111d39a00f
 2023-02-20 11:00:59 +00:00
Sean.JS Tsai
8838f4e286 Merge "Revert "Update error on ROM 9624328"" into udc-dev 2023-02-20 05:59:29 +00:00