Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2005 commits 1 branch 0 tags 18 MiB
Commit graph

67 commits

Author SHA1 Message Date
Rick Chen
587903f7c4 sensors: Move USF related sepolicy to gs-common. 
Bug: 305120274
Test: Compile pass. Flash the build to ZUMA devices and no sensor
      related avc denied log.
Change-Id: I6911992b59802b62ffd206fd53e678da65ef1363
Signed-off-by: Rick Chen <rickctchen@google.com>
 2023-11-06 23:20:16 +08:00
jonerlin
5883c27036 allow hal_bluetooth_btlinux write sysfs file am: 127ca27edc am: a49aa2bdf1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24947936

Change-Id: I52e9eb48b5e73a6f388a3fb446d1e402bdca4468
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-10-13 03:14:04 +00:00
jonerlin
127ca27edc allow hal_bluetooth_btlinux write sysfs file 
Bug: 294747612
Test: v2/pixel-pts/release/bootstress/1200counts/suspend-resume
Change-Id: I62147f0b32156ede2a4e18e5a2bcb77fc2c91831
 2023-10-13 09:00:07 +08:00
yixuanwang
0a4d3c2f89 Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I33d1e73a375c86602ce632665fe96c5876347c52
 2023-09-16 02:51:45 +00:00
Yixuan Wang
adf19fcc76 Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev 2023-09-15 00:23:04 +00:00
Tai Kuo
e45cb8ef52 Allow regmap debugfs for drivers probed by insmod am: 1a65e5d5e4 am: 8cf4f20ca3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24727593

Change-Id: Id56ae9157f1fb0278d9b70641818c6dcb1629b8d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-09-13 00:32:10 +00:00
Tai Kuo
1a65e5d5e4 Allow regmap debugfs for drivers probed by insmod 
auditd  : type=1400 audit(0.0:731): avc:  denied  { search } for
comm="modprobe" name="regmap" dev="debugfs" ino=2057
scontext=u:r:insmod-sh:s0 tcontext=u:object_r:vendor_regmap_debugfs:s0
tclass=dir permissive=1 bug=b/274727542

vendor_kernel_boot and vendor_dlkm modules probe by insmod need this.
Move regmap debugfs from legacy/whitechapel_pro/ to vendor/.

Bug: 274727542
Bug: 289012421
Test: ls -d /sys/kernel/debug/regmap/*-0043
Change-Id: I2bd35a6bc942536505f62d4122f0de892f243802
 2023-09-12 16:45:09 +08:00
Yixuan Wang
bd654f00d9 Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..." 
Revert submission 24526613-revert-23834879-CHRE BT LOG-MHDBQNZAGV

Reason for revert: Fixed and tested with a followup cl

Reverted changes: /q/submissionid:24526613-revert-23834879-CHRE+BT+LOG-MHDBQNZAGV

Change-Id: I29866a91abfcfa380d772da447eb95344df43f8f
 2023-08-29 19:17:32 +00:00
Sebastian Pickl
b5491c6650 Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." am: 84f1209636 am: 7ee5ae18de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24526611

Change-Id: If8ca0317f923da98e74ff8642b97f83894206b2f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-24 11:33:41 +00:00
Sebastian Pickl
7ee5ae18de Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." am: 84f1209636 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24526611

Change-Id: I3e4c175289017c75c26df4029421b61ad4efcfbe
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-24 10:51:24 +00:00
Sebastian Pickl
ae9ab242e8 Merge "Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..."" into udc-qpr-dev 2023-08-24 10:06:57 +00:00
Sebastian Pickl
84f1209636 Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." 
Revert submission 23834879-CHRE BT LOG

Reason for revert: fixes broken test b/297255998 verified by go/abtd: https://android-build.googleplex.com/builds/abtd/run/L30000000962735539
Bug:297255998

Reverted changes: /q/submissionid:23834879-CHRE+BT+LOG

Change-Id: I56b800260303834ed76dedf354b5a32af00b3684
 2023-08-24 09:47:19 +00:00
Yixuan Wang
2058641a14 [DO NOT MERGE] Add selinux policy for chre vendor data directory am: 22d9b28316 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23834879

Change-Id: Id8058dbdf765871ba8e762ed10dd1af309642351
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-23 19:52:24 +00:00
Yixuan Wang
0fcc802265 Merge "[DO NOT MERGE] Add selinux policy for chre vendor data directory" into udc-qpr-dev 2023-08-23 19:29:45 +00:00
Ilya Matyukhin
ee710b08c1 Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev am: 013ec5ce54 am: 41056381db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24343631

Change-Id: I43c243eff3bfbf14828f29f13789b1a3eb9f38c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 22:10:07 +00:00
Ilya Matyukhin
33540f5a05 zuma: Add sysfs_faceauth_gcma_heap type 
Bug: 288156745
Test: build
Change-Id: I937b37542d8ff5a9e9e0d4d9b53c8300820a1826
 2023-08-11 05:37:59 +00:00
Yixuan Wang
22d9b28316 [DO NOT MERGE] Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I1ac96655571f811c116540aec3a1626d5cca1b16
(cherry picked from commit 7530c4bc13)
 2023-06-28 17:16:15 +00:00
Dinesh Yadav
100dd2387d Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] 
gxp_logging service will periodically check the sysfs files exposed by
the gxp kernel driver and report stats to Suez framework.
These policies are needed to report the metrics.

Tested:
Found no violation with these policies on a P23 device

Bug: 278514198
Change-Id: I8c3e57dfe4e9a6caab425f2424d07e83f5e7b9c6
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-06-13 03:37:56 +00:00
leohsieh
458b60e5c9 Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] 
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=22035 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=0
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=106891 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=106893 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 267271482
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Change-Id: I39a2e69b1c314d52944bb16ada61e7e6761561cf
 2023-05-31 13:16:43 +08:00
Yixuan Wang
8a16687b51 Merge "Add selinux policy for chre vendor data directory" 2023-05-31 01:24:48 +00:00
Yixuan Wang
7530c4bc13 Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I1ac96655571f811c116540aec3a1626d5cca1b16
 2023-05-30 21:16:26 +00:00
Leo Hsieh
3443d6d373 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps" 2023-05-25 00:58:34 +00:00
Kenny Root
7be3a71942 Add GSA logs policy 
This adds a label to the sysfs files for GSA logs to allow dumpstate to
read them during a bugreport.

(cherry picked from commit 076591d107)

Bug: 271125313
Test: adb shell dumpstate
Change-Id: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
Merged-In: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
 2023-05-17 17:36:35 +00:00
Treehugger Robot
8768ad1049 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 am: e1766dcd82 am: a521555ae0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: Ice663723abb01c161ba1f3431d92e12fbf20711a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 18:43:50 +00:00
Treehugger Robot
05abdf9f26 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev 2023-05-15 16:54:11 +00:00
leohsieh
b7db7f8eae Allow hal_fingerprint_default to access sysfs_aoc_udfps 
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=22035 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=0
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=106891 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=106893 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 267271482
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Change-Id: I39a2e69b1c314d52944bb16ada61e7e6761561cf
 2023-05-10 14:50:56 +08:00
Hasan Awais
14b2c135bb uwb: add permissions for factory uwb calib file 
needed for copying the factory calib file from persist to
/data/vendor/uwb, along with converting the file to a valid format
for uwb HAL

Bug: 274513871
Bug: 279820265
Test: local build passed
Change-Id: I4c4286cd5c200475cac3b9d58a81724d631c49e0
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2023-05-09 00:27:47 +00:00
lukechang
35f3c85c09 sepolicy: label cpd cl2 & cl1 
Test: build and boot to home
Bug: 277390134

Change-Id: Iad525a9c556ee436afb8cbd29156b6b593329e83
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-08 08:49:45 +00:00
lukechang
9d44de7ecf sepolicy: label cpd cl2 & cl1 
Test: build and boot to home
Bug: 277390134

Merged-In: Iad525a9c556ee436afb8cbd29156b6b593329e83
Change-Id: Iad525a9c556ee436afb8cbd29156b6b593329e83
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-08 08:39:21 +00:00
Jack Wu
06bd429e9e sepolicy: allows pixelstat to access pca file nodes am: 8d45937a38 am: 923f9f2f5e am: 4b33e0e2d2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22987856

Change-Id: I79ee04faddffa909f5529a81af5fdf68c3a2a879
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-03 15:33:44 +00:00
Jack Wu
8d45937a38 sepolicy: allows pixelstat to access pca file nodes 
Bug: 262520811
Test: no Permission denied while accessing the file node
Change-Id: I0b50d85ea7002c9ee16f4c34b472b45def7f374e
Signed-off-by: Jack Wu <wjack@google.com>
 2023-05-03 09:31:08 +00:00
Joner Lin
44155e103e Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev am: edd47032af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22271813

Change-Id: Ic8fa74d729ca69d7c051c19848b9a0113e23bac3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 14:26:11 +00:00
Joner Lin
edd47032af Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev 2023-04-13 13:57:32 +00:00
Minchan Kim
a382f85f96 move vendor_cma_debugfs into gs-common 
The CMA dump is common feature for pixel devices so move
it to gs-common.

Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I46be7899939da3ae7e9323a0d3ee92f4b3759acf
Signed-off-by: Minchan Kim <minchan@google.com>
(cherry picked from commit afb8d91c5dd0df836c6c8a53963b44e23005efb7)
 2023-04-12 13:25:46 +00:00
Minchan Kim
1b4fae5ce3 remove dump_cma 
We will introduce it into gs-common

Bug: 276901078
Change-Id: I56a0c67fb09563baacbabf738625bf748ab80378
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 01:22:08 +00:00
jonerlin
940b51e1e4 allow bthal to access vendor bluetooth folder 
Bug: 240636731
Test: enable vendor btsnoop property and check the vendor snoop log
Change-Id: Ib7c36e7398bdbe7abc2f3b2dba684f95a4ce90a8
 2023-04-11 17:01:40 +00:00
Wilson Sung
c705e81227 Merge "Move OTA context out of legacy folder" to master 
Bug: 275143841
Test: OTA
Change-Id: I4774b7c48c075afc1b02d8c34fded212cd0efffb
 2023-03-27 11:46:05 +08:00
Wilson Sung
6acea9d647 Move OTA context out of legacy folder 
Bug: 275143841
Test: OTA
Change-Id: I4774b7c48c075afc1b02d8c34fded212cd0efffb
 2023-03-27 11:44:51 +08:00
Ernie Hsu
11bbec30bc Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev am: 899ad9c1ab am: fbbc198801 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21553180

Change-Id: I5e45ca88e24d8b4b67dd65326cece156cf38905d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-02 10:10:31 +00:00
Ernie Hsu
899ad9c1ab Merge "move mediacodec_samsung build config and sepolicy to gs-common" into udc-dev 2023-03-02 08:38:54 +00:00
Wilson Sung
4e36ecc334 Merge "Add sensor boot-to-home required policy" to master 
Test: boot-to-home
Fix: 261105336
Change-Id: I2a12d4cf87b00d8dc117ced7062a97016d75275c
 2023-03-02 10:42:55 +08:00
Wilson Sung
d0105abe01 Add sensor boot-to-home required policy 
Test: boot-to-home
Fix: 261105336
Change-Id: I772ff7a294cc5d2448361c164d4e671a41c92c8d
 2023-03-02 02:39:15 +00:00
Ernie Hsu
4d90089d25 move mediacodec_samsung build config and sepolicy to gs-common 
Bug: 263444717
Test: build pass, camera record, youtube
Change-Id: I8fa4d79495b3971429b977a63aed811ef8d62ddb
 2023-03-01 10:12:22 +00:00
Kenny Root
076591d107 Add GSA logs policy 
This adds a label to the sysfs files for GSA logs to allow dumpstate to
read them during a bugreport.

Bug: 271125313
Test: adb shell dumpstate
Change-Id: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
 2023-02-28 18:33:23 -08:00
Adam Shih
650b20d27f Merge "create cma dump" 2023-02-15 06:28:52 +00:00
Adam Shih
a438fce84f create cma dump 
Bug: 240530709
Test: adb bugreport
Change-Id: I1a97098d73106a16c0be675a5d8f58183d5f9531
 2023-02-15 12:41:31 +08:00
Adam Shih
efa506d012 move devfreq dump to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: Ica18fa60ed1da44eb587ffe59370e87b393e69fb
 2023-02-15 11:11:44 +08:00
Doug Zobel
bfd738a84d Move sysfs_pcie type definition to gs-common 
SELinux type declaration 'sysfs_pcie' moved to gs-common
for the PCIe dumpstate script.

Test: adb logcat "pixelstats-vendor:D *:S"
Bug: 266561593
Change-Id: Ieae65d9d3f5dbf80f60c1787a384f1aa3adef77c
Signed-off-by: Doug Zobel <zobel@google.com>
 2023-02-10 07:37:32 -06:00
Adam Shih
4f442e5055 migrate power section to its own script 
Bug: 240530709
Test: adb bugreport
Change-Id: Id7a761d61757efe55e8642553eccc84864b4a721
 2023-02-08 15:40:18 +08:00
Doug Zobel
7ea927f332 Add sepolicy for PCIe link statistics 
PCIe link statistics collected by dumpstate and pixelstats.

Test: adb logcat "pixelstats-vendor:D *:S"
Bug: 266689144
Change-Id: I9b7eef9a9e14c1be9e9e9feb3c608f7067e6fade
Signed-off-by: Doug Zobel <zobel@google.com>
 2023-02-01 07:23:15 -06:00