Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
924 commits 1 branch 0 tags 18 MiB
Commit graph

452 commits

Author SHA1 Message Date
Cody Heiner
dc0b4fc9e9 Allow twoshay → systemui_app binder call for zuma devices (2) 
Splitting system_app (b/264266705) caused the avc denial below,
causing b/269981541. This change allows the denied binder call
and fixes the bug.

Denial message:
avc: denied { call } for scontext=u:r:twoshay:s0 tcontext=u:r:systemui_app:s0:c230,c256,c512,c768 tclass=binder permissive=0

Note: this is a re-submit of ag/21529713, after sorting out the
SEPolicy issues described in b/270444888.

Test: flash P23 and Bluejay devices with this change plus ag/21591673,
  run `adb shell device_config put twoshay_native test_flag_name test_flag_value`,
  → TouchContextService.java logs corresponding property changed message.

Bug: 270444888

Change-Id: I40d70cf19930eb334ba3250d58a0cbc39b50764b
 2023-02-24 18:19:09 -08:00
Wilson Sung
546b787a40 Add SSR property access and remove obsolete denials 
Bug: 268572164
Change-Id: I5756510b2eb2696aade93dd6b15a111f5dca58ef
 2023-02-24 10:33:45 +00:00
Amy Hsu
ae4c77ebda Merge "Revise sepolicy because of refactor HbmSvManager" into udc-dev 2023-02-24 08:14:49 +00:00
Amy Hsu
c186dbd6db Revise sepolicy because of refactor HbmSvManager 
1. Set sepolicy correctly, make it the same as gs201.
2. Rename hbmsvmanager to pixeldisplayservice due to refactor.
3. Add arm_mali_platform_service for pixeldisplayservcice

Bug: 241498235
Bug: 262794939
Bug: 263185136
Bug: 264489797
Test: Verify LBE and shadow compensation functions.
      Make sure there is no avc denied.
Change-Id: I2a4bb5d6b863edc00b789fd6df8d46f90164d9f2
 2023-02-24 02:06:35 +00:00
Wilson Sung
fb2e376d26 Add chre policy 
Bug: 260522435
Bug: 261105224
Test: boot-to-home
Change-Id: Icd8f1ad497357bbbcb9e34509c736f3976ff0ac7
 2023-02-23 11:05:15 +08:00
Ian Kasprzak
e3af6770ab Merge "Revert "Allow twoshay → systemui_app binder call for zuma devices"" into udc-dev 2023-02-22 22:28:43 +00:00
Ian Kasprzak
cbf2b3fdb2 Revert "Allow twoshay → systemui_app binder call for zuma devices" 
This reverts commit 9019c55645.

Reason for revert: b/270434708 - Breaks git_udc-d1-dev-plus-aosp-without-vendor builds.

Change-Id: Iab5bf42754760dedbe26dd684c373ba9ec3af70b
 2023-02-22 22:28:33 +00:00
Wilson Sung
ca241fa76c Add hal_bootctl_default write permission to devinfo_block_device 
Bug: 270236357
Change-Id: I40219dbd726ddebb277e592353bd9f0b249dd01f
 2023-02-22 11:23:32 +08:00
Cody Heiner
9019c55645 Allow twoshay → systemui_app binder call for zuma devices 
Splitting system_app (b/264266705) caused the avc denial below,
causing b/269981541. This change allows the denied binder call
and fixes the bug.

Denial message:
avc: denied { call } for scontext=u:r:twoshay:s0 tcontext=u:r:systemui_app:s0:c230,c256,c512,c768 tclass=binder permissive=0

Test: flash P23 device with ag/21526491 along with this change
  → twoshay runs normally.

Fixes: 269981541
Change-Id: Ib3cf6f44b6288ed5c7c773e2ad670d2fd0aeee96
 2023-02-21 23:58:05 +00:00
Wilson Sung
bab5b72f86 Add hal_bootctl related policy 
Bug: 260522436
Bug: 264489609
Bug: 264483787
Change-Id: Iaa22899bb21ff41c1fa259830e5f49623ff8429b
 2023-02-21 19:59:04 +08:00
Ken Yang
58a6a1e772 WLC: cleanup the unused hal_wlc policies 
Bug: 264489562
Bug: 262455719
Bug: 260366297
Bug: 260363384
Signed-off-by: Ken Yang <yangken@google.com>
(cherry picked from commit 6f9844d137)
Merged-In: I90b9e442082b8e03e76ce63aaee56e5882933449
Change-Id: I90b9e442082b8e03e76ce63aaee56e5882933449
 2023-02-20 11:05:53 +00:00
Wilson Sung
931ea0d342 allow bootctl to read devinfo 
Bug: 260522436
(cherry picked from commit 967da5da4f)
Merged-In: I41d2763ffe40d7465a11cc86612fed9f92905eff
Change-Id: I41d2763ffe40d7465a11cc86612fed9f92905eff
 2023-02-20 11:02:28 +00:00
Ken Tsou
10e84d8327 hal_health_default: allow to access persist.vendor.shutdown.* 
msg='avc: denied { set } for property=persist.vendor.shutdown.voltage_avg pid=908 uid=1000 gid=1000 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0'

Bug: 266181615
Change-Id: Ia87610f0363bbfbe4fe446244b44818c273841f4
Signed-off-by: Ken Tsou <kentsou@google.com>
 2023-02-17 07:00:37 +00:00
Wilson Sung
c43a6186bf Add app_domain to con_monitor_app 
Bug: 261782930
Bug: 264490077
Test: boot to home and avc gone
Change-Id: I86a0793c93549172ee60397b9735ddcfe0d20bac
 2023-02-16 13:00:39 +08:00
Wilson Sung
4ea1dcff3a Fix zram avc denied 
Bug: 260522041
Bug: 264490055
Test: boot to home and avc errors gone
Change-Id: I37532bb66c8f00f4307187e12bdab811c007b614
 2023-02-15 08:23:49 +00:00
Adam Shih
650b20d27f Merge "create cma dump" 2023-02-15 06:28:52 +00:00
Adam Shih
c80283456e Merge "move devfreq dump to gs-common" 2023-02-15 04:54:22 +00:00
Adam Shih
a438fce84f create cma dump 
Bug: 240530709
Test: adb bugreport
Change-Id: I1a97098d73106a16c0be675a5d8f58183d5f9531
 2023-02-15 12:41:31 +08:00
Adam Shih
efa506d012 move devfreq dump to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: Ica18fa60ed1da44eb587ffe59370e87b393e69fb
 2023-02-15 11:11:44 +08:00
Shashank Sharma
7cbda60f3e arm_mali_platform_service: register gpu selinux service 
Fix avc denied issues.

Bug: 261105374
Bug: 260768402
Bug: 260922162
Bug: 261105092
Bug: 264483754
Test: No AVC denied logs after reboot.
Change-Id: I6448b3e0df9b5deeb953498fa623810eadb3ff67
 2023-02-14 23:34:14 +00:00
Doug Zobel
b844ec7548 Merge "Move sysfs_pcie type definition to gs-common" 2023-02-13 16:15:21 +00:00
Ray Chi
cf818217df Fix avc denied for USB property 
Bug: 268572164
Test: reboot device and no related logs
Change-Id: I473d0ee022e9a9edc076ef479e2343d11b9ef63d
 2023-02-13 17:03:02 +08:00
Ken Yang
c6bd3ad477 Merge "WLC: Add hal_wireless_charger policies for systemui" 2023-02-13 08:13:26 +00:00
Doug Zobel
bfd738a84d Move sysfs_pcie type definition to gs-common 
SELinux type declaration 'sysfs_pcie' moved to gs-common
for the PCIe dumpstate script.

Test: adb logcat "pixelstats-vendor:D *:S"
Bug: 266561593
Change-Id: Ieae65d9d3f5dbf80f60c1787a384f1aa3adef77c
Signed-off-by: Doug Zobel <zobel@google.com>
 2023-02-10 07:37:32 -06:00
George
baa51816de Update sepolicy for streset and stpreprocess 
Allow hal_secure_element_st54spi to access nfc device
Allow hal_nfc_default to set se property
Allow vendor_init to set nfc/se property

Bug: 267838462
Test: manually trigger eSE reset without avc error
Change-Id: I0ad6a0432f4fb158186874b318b5832dddce47e6
 2023-02-10 21:01:20 +08:00
Wilson Sung
e338667584 vendor_init: Add getattr to sg 
Bug: 260522244
Change-Id: I9f447ecb635280048ca0d785f00b6c851a9dedf3
 2023-02-10 18:35:47 +08:00
Wilson Sung
6cf7ce5cc0 Allow vendor_init chown gvotables 
Bug: 267736435
Bug: 260366195
Change-Id: I0a27a7fb3719d57449fb3d7f4c4d746d09419a75
 2023-02-10 18:34:51 +08:00
Wilson Sung
594dee4dc4 Allow vendor_init create link for bootdevice_sysdev 
Bug: 263185566
Change-Id: I3a041c8dbd33c538d3971b793c64e4ea7c310190
 2023-02-10 16:24:06 +08:00
Ken Yang
b2585e3a2e WLC: Add hal_wireless_charger policies for systemui 
Bug: 268457480
Change-Id: Iadb44efc736cd6bb3c3dfe5283d5fd2a7ce3cf34
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-10 04:40:44 +00:00
Tom Huang
dfe1f3799b Merge "Add BT hal sepolicy for allowing accessing AoC device node" 2023-02-10 02:23:42 +00:00
Wilson Sung
3c27af4e58 Fix avc error from systemui 
Bug: 264266705
Change-Id: Iabc41ea7901ea99646147b133b96dd0297fd376d
 2023-02-10 02:40:36 +08:00
kuanyuhuang
3ce317ca5f Add BT hal sepolicy for allowing accessing AoC device node 
Allow BT hal to access device and aoc_device.

Test: manual and check avc log
Bug: 265587172
Change-Id: I62e9fb3f0278af7e0365f88bb3723cb47a266b81
 2023-02-09 09:34:10 +00:00
TreeHugger Robot
c7edca28e2 Merge changes Ia32c4b01,I4746bca6 
* changes:
  Permissive systemui during bringup stage
  label SystemUI app
 2023-02-09 07:05:46 +00:00
Welly Hsu
782f4c6e6b Merge "Update ofl_app selinux policy" 2023-02-09 03:47:53 +00:00
Wilson Sung
f88300dc69 label SystemUI app 
Bug: 264266705
Bug: 262794428
Change-Id: I4746bca6291d57ee36c0565d15ee5320380e1bc0
 2023-02-09 11:33:54 +08:00
Adam Shih
e4e0bd775f Merge "migrate power section to its own script" 2023-02-09 02:51:48 +00:00
TreeHugger Robot
f43519dad8 Merge "dontaudit kernel search allow debugfs" 2023-02-09 02:12:22 +00:00
Carter Hsu
f60b740692 Merge "audio: allow the default setting of the audio persistent property" 2023-02-09 01:58:16 +00:00
Carter Hsu
9d327a161a audio: allow the default setting of the audio persistent property 
Bug: 267694116
Test: Verified on the test build
Change-Id: I0ee81de2744656b6637868953948804d4e71dc7c
Signed-off-by: Carter Hsu <carterhsu@google.com>
 2023-02-09 08:39:42 +08:00
Karuna Ramkumar
f7449ca763 Merge "zuma: Allow HWC to access graphics allocator hal" 2023-02-08 19:05:58 +00:00
Welly Hsu
b8e66572cc Update ofl_app selinux policy 
bug: 264489564

test: Use ofl_app (OFLBasicAgent app) will not face avc error
Change-Id: I55061f6b067e054ec605cd6a196406e48c1271e6
 2023-02-08 17:39:34 +08:00
TreeHugger Robot
f61bc3e16a Merge "WLC: Fix hal_wireless_charger sepolicies" 2023-02-08 09:16:22 +00:00
Ken Yang
c3048691a9 WLC: Fix hal_wireless_charger sepolicies 
Bug: 264483390
Bug: 264483533
Bug: 264483152
Bug: 263429589
Change-Id: If06e0b0c429e78e71f7be2d6418ccab0ab115414
Signed-off-by: Ken Yang <yangken@google.com>
 2023-02-08 08:14:36 +00:00
Adam Shih
4f442e5055 migrate power section to its own script 
Bug: 240530709
Test: adb bugreport
Change-Id: Id7a761d61757efe55e8642553eccc84864b4a721
 2023-02-08 15:40:18 +08:00
Wilson Sung
3c6fa1dfb5 Allow vendor_init to set vendor_logger_prop 
Bug: 267843409
Change-Id: I99a52a5d0d24f604cf3f0872d4066e1de5256e2f
 2023-02-08 15:31:36 +08:00
TreeHugger Robot
25d69cfbed Merge "Allow kernel to access firmware and zram" 2023-02-08 07:00:41 +00:00
TreeHugger Robot
c1888e24fc Merge "Allow vendor_init to modify proc_sched" 2023-02-08 05:26:30 +00:00
TreeHugger Robot
a2e09c9e25 Merge "vendor_init: Add getattr to modem_img" 2023-02-08 05:22:20 +00:00
Wilson Sung
ac3c24c4f2 dontaudit kernel search allow debugfs 
Bug: 261650972
Change-Id: I39b0feb01c592c7beb30d7aa1610c39a75bb3481
 2023-02-08 13:21:48 +08:00
TreeHugger Robot
bd9251a800 Merge "Allow vendor_init to modify read_ahead_kb" 2023-02-08 05:20:57 +00:00