Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1068 commits 1 branch 0 tags 18 MiB
Commit graph

1068 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mike Wang
fd78823dfa Merge "Grant the MDS access to the IPowerStats hal service." into udc-qpr-dev 2023-10-05 15:55:47 +00:00
mikeyuewang
1ee598d5d2 Grant the MDS access to the IPowerStats hal service. 
ref logs:
09-06 10:07:18.006   536   536 I auditd  : avc:  denied  { find } for pid=22543 uid=10225 name=android.hardware.power.stats.IPowerStats/default scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:hal_power_stats_service:s0 tclass=service_manager permissive=1
09-06 10:07:18.010 22543 22543 I auditd  : type=1400 audit(0.0:65): avc:  denied  { call } for  comm="pool-4-thread-1" scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=1 app=com.google.mds

Test: Tested with MDS app and the MDS can get IPowerStats binder and
call the interface.

Bug: 297250368
Change-Id: I7b0eeabdafb49eb33d8016666f9c02f2616f898d
 2023-09-28 15:22:00 +00:00
Brian Duddie
858f999657 bluetooth: Allow triggering AOC reset from BT HAL 
Supports debugging and recovery from fatal errors that do not trigger
AOC SSR on their own.

Bug: 300076774
Test: trigger SSR from BT HAL
Change-Id: I795b2c1830625e2cf05a9aa63c6f7ef273b01a87
 2023-09-27 00:08:19 +00:00
Yixuan Wang
adf19fcc76 Merge "Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..."" into udc-qpr-dev 2023-09-15 00:23:04 +00:00
Treehugger Robot
64c085cfab Merge "Add required sepolicy rule for Camera" into udc-qpr-dev 2023-09-14 03:20:33 +00:00
Pointer Kung
be9c098a46 Add required sepolicy rule for Camera 
Grant access for TNR max_freq to let libperfmgr can control it via powerhint.

Bug: 298595475
Test: adb shell cat cur_freq, GCA, CTS
Change-Id: Ibea9d8b60a41802ba7d685daa591471a9e8cbd91
 2023-09-12 09:16:01 +00:00
Tai Kuo
1a65e5d5e4 Allow regmap debugfs for drivers probed by insmod 
auditd  : type=1400 audit(0.0:731): avc:  denied  { search } for
comm="modprobe" name="regmap" dev="debugfs" ino=2057
scontext=u:r:insmod-sh:s0 tcontext=u:object_r:vendor_regmap_debugfs:s0
tclass=dir permissive=1 bug=b/274727542

vendor_kernel_boot and vendor_dlkm modules probe by insmod need this.
Move regmap debugfs from legacy/whitechapel_pro/ to vendor/.

Bug: 274727542
Bug: 289012421
Test: ls -d /sys/kernel/debug/regmap/*-0043
Change-Id: I2bd35a6bc942536505f62d4122f0de892f243802
 2023-09-12 16:45:09 +08:00
Treehugger Robot
4bb847b815 Merge "audio: move related sepolicy of audio to gs-common" into udc-qpr-dev 2023-08-30 16:29:24 +00:00
Yixuan Wang
bd654f00d9 Revert "Revert "[DO NOT MERGE] Add selinux policy for chre vendo..." 
Revert submission 24526613-revert-23834879-CHRE BT LOG-MHDBQNZAGV

Reason for revert: Fixed and tested with a followup cl

Reverted changes: /q/submissionid:24526613-revert-23834879-CHRE+BT+LOG-MHDBQNZAGV

Change-Id: I29866a91abfcfa380d772da447eb95344df43f8f
 2023-08-29 19:17:32 +00:00
Safayat Ullah
ea09b155f2 display: add persist property to vendor_display_prop 
Bug: 290162920
Test: no avc denied log
Change-Id: I60747df56c6993251bc736994da828814bcdf607
Merged-In: I2497960fbc76e56dd3a9c69d3fe274f0685744f8
 2023-08-29 09:06:57 +00:00
Jasmine Cha
8fb992eacb audio: move related sepolicy of audio to gs-common 
Bug: 297482504
Test: build pass

Change-Id: I9444b9e63f32bf898c845e42edbf682798bce300
Signed-off-by: Jasmine Cha <chajasmine@google.com>
 2023-08-29 16:45:47 +08:00
Sebastian Pickl
ae9ab242e8 Merge "Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..."" into udc-qpr-dev 2023-08-24 10:06:57 +00:00
Sebastian Pickl
84f1209636 Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." 
Revert submission 23834879-CHRE BT LOG

Reason for revert: fixes broken test b/297255998 verified by go/abtd: https://android-build.googleplex.com/builds/abtd/run/L30000000962735539
Bug:297255998

Reverted changes: /q/submissionid:23834879-CHRE+BT+LOG

Change-Id: I56b800260303834ed76dedf354b5a32af00b3684
 2023-08-24 09:47:19 +00:00
Yixuan Wang
0fcc802265 Merge "[DO NOT MERGE] Add selinux policy for chre vendor data directory" into udc-qpr-dev 2023-08-23 19:29:45 +00:00
Kris Chen
7f3e2b9212 Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I6a6014a9efe1d543b559bc9142766d0765468339
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 06:33:12 +00:00
Nicole Lee
3c5d001e7d Add rules for letting logger app send the command to ril 
avc:  denied  { find } for interface=vendor.samsung_slsi.telephony.hardware.radioExternal::IOemSlsiRadioExternal sid=u:r:logger_app:s0:c3,c257,c512,c768 pid=3217 scontext=u:r:logger_app:s0:c3,c257,c512,c768 tcontext=u:object_r:hal_exynos_rild_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 293351399
Test: Verify SetDebugTrace funciton on p23
Change-Id: I1e51954886a7ea8bf5d31213634d4df34619eb33
 2023-08-18 07:59:11 +00:00
Kris Chen
c9d21c380f Allow hal_power_default to access sysfs_scsi_devices_0000 
Fix the following avc denial:
avc:  denied  { write } for  name="clkgate_enable" dev="sysfs"
ino=69304 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 290709897
Test: enroll fingerprint
Change-Id: Ib153087839d59e1839ceed4373a9be6f42e89619
 2023-08-17 12:59:19 +00:00
Ilya Matyukhin
013ec5ce54 Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev 2023-08-16 20:38:34 +00:00
Ilya Matyukhin
33540f5a05 zuma: Add sysfs_faceauth_gcma_heap type 
Bug: 288156745
Test: build
Change-Id: I937b37542d8ff5a9e9e0d4d9b53c8300820a1826
 2023-08-11 05:37:59 +00:00
Wilson Sung
746bd9ad3c Supress kernel avc log before SELinux initialized 
Fix: 295430975
Change-Id: I11fe6c6705f7c4f7b3730b8f4b40229b083c0a13
 2023-08-11 12:40:55 +08:00
Wilson Sung
2d2ec40c1a Supress kernel avc log before SELinux initialized 
Fix: 281814849
Fix: 292059050
Change-Id: Ie83557668ded8ab17bf77e60ed21db33e9f4f580
 2023-08-04 07:32:39 +00:00
Treehugger Robot
61939d2308 Merge "gps: maintain one solution" into udc-qpr-dev 2023-08-01 04:40:51 +00:00
Cheng Chang
cd3d87535f gps: maintain one solution 
Bug: 288813677
Test: compile for different devices and check binary.
Test: verification test at b/288813677.
Change-Id: I7ee13ab2641aee0256d4ddb5ba27070b51dbc5e5
 2023-07-31 02:26:40 +00:00
Treehugger Robot
91cd7cbad8 Merge "Revert "Update SELinux error"" into udc-d1-dev am: 0f46a31902 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24178926

Change-Id: I2aaa3eee203c5859a8f6cb57ee3612498f2d882e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-28 18:02:52 +00:00
Treehugger Robot
0f46a31902 Merge "Revert "Update SELinux error"" into udc-d1-dev 2023-07-28 00:06:22 +00:00
Yunju Lee
72f7cbe324 Revert "Update SELinux error" 
This reverts commit 8f56fc9709.

Reason for revert: b/291237127 is fixed

Bug: 291237127
Change-Id: I58e2636fb2ef1113a4305152948e07ed8a27a7d9
 2023-07-24 15:10:01 +00:00
Jason Chiu
7aa9a5e3c0 Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I3bc9799d166ad41bbbb547884a9993a352b3f6c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:19 +00:00
Jason Chiu
b9e73326ee remove rule for bootctrl hidl version 1.2 am: 54b0343059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: Ia4efc4cdc0cb92c62c4ddcb7b6f458c4149657a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:16 +00:00
Jason Chiu
cbb8fed21e Add rule for bootctrl AIDL am: 17fa2e6fe5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: Idbac1303702c0845fd549564f28b20f2bf9f0a03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:13 +00:00
Jason Chiu
90a1f80488 Add hal_bootctl_default read permission to rootfs in Recovery mode 
Fix the following avc denial:
avc:  denied  { read } for  pid=485 comm="android.hardwar" name="bin" dev="rootfs" ino=9529 scontext=u:r:hal_bootctl_default:s0 tcontext=u:object_r:rootfs:s0 tclass=dir permissive=0

Bug: 282670401
Change-Id: I23ab086ba21d6ffea8b48b4208933c031effc4d4
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:47 +00:00
Jason Chiu
54b0343059 remove rule for bootctrl hidl version 1.2 
Bug: 282670401
Change-Id: I25d169c335fb551cf1862fdf6e6540485a2b8016
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:38 +00:00
Jason Chiu
17fa2e6fe5 Add rule for bootctrl AIDL 
Bug: 282670401
Change-Id: I1b4c5e7ced0fe67bbbaca2b607e4ca7422e170e1
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 20:53:04 +08:00
Utku Utkan
62b083db4d Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Reason for revert: Relanding the original topic after copying the certificates under `device/google` for `without-vendor` branches

Reverted changes: /q/submissionid:24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Bug: 287069860
Test: m && flashall
Change-Id: Icc801ca310c0e512769ed84d185dd6149ae5f22b
 2023-07-18 20:37:42 -07:00
Inseob Kim
1ef04d8dda Revert "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24056607-pixel-camera-services-extensions-sepolicy

Reason for revert: build breakage on git_main-without-vendor

Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy

Change-Id: I42e68b982d521acb9b9a088d58ff521be25beb7e
 2023-07-19 01:15:27 +00:00
Utku Utkan
c3cf1b7cf0 Introduce CameraServices seinfo tag for PixelCameraServices 
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I843c7e0577d88a7e84cb939135fe89f5923ea294
 2023-07-18 12:18:35 -07:00
Wilson Sung
40759437ea Update SELinux error am: 8f56fc9709 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24058780

Change-Id: I0713b4a21b1df066a4c6ed72be62a50cd89050fc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-17 09:17:57 +00:00
Wilson Sung
8f56fc9709 Update SELinux error 
Test: scanBugreport
Bug: 291237127
Change-Id: Iacb47dce94f8ee2f71d382a9d0a22a6570345e2d
 2023-07-17 13:50:09 +08:00
Krzysztof Kosiński
8e0c6c3838 Remove bug map entry for unknown property reads in camera HAL. am: 583baf021c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23935721

Change-Id: I364339a11ddaeec5dc2e71b3add58b20384a532a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 22:14:09 +00:00
Krzysztof Kosiński
583baf021c Remove bug map entry for unknown property reads in camera HAL. 
Fixed by avoiding reading a property with the name "218".

Bug: 286508419
Test: check log for denials when running the camera on zuma device.
Change-Id: I3632868187d263ed787f5abf729c4e5c10a4f4c4
 2023-07-14 07:12:51 +00:00
Treehugger Robot
a5187246a1 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I5662604da8561e8e8729cd494ba35d1797339e82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 19:02:40 +00:00
Treehugger Robot
8bcc8a1242 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev 2023-07-13 17:47:48 +00:00
Badhri Jagan Sridharan
5958be5bd0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: I512b4db16ff18acc313dc0d0c94f78bf4743ddcc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 17:34:05 +00:00
Badhri Jagan Sridharan
20eade41f0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev 2023-07-13 16:43:18 +00:00
Wilson Sung
4c3281ff67 Move systemui seapp_contexts to private am: 5c63d0ef54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24018505

Change-Id: I4ca08dc42bf7ce9ff292336d3863c2152afc5145
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-12 07:05:59 +00:00
Wilson Sung
5c63d0ef54 Move systemui seapp_contexts to private 
Fix: 289480799
Bug: 288227521
Change-Id: Ifc4288125d454569a66151c3c61e000ffd3526ac
 2023-07-11 15:24:10 +08:00
Hasan Awais
4640c96bb4 uwb: add permission to read SELinux state 
Allows UWB HAL to read selinuxfs to determine the state
Used for controlling access to debugfs

Bug: 288049522
Test: local build pass
Change-Id: I1237d001d27999c796bbb28629847f5a5639cd3e
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2023-07-10 17:12:33 +00:00
Wilson Sung
01714c600b Update SELinux error am: 83671d2646 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24002585

Change-Id: I2bf029eace9344aa077b358085736df271264c5a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-10 10:23:10 +00:00
Wilson Sung
83671d2646 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 289480799
Change-Id: I6c013d99b9b004b0a39d0b1861fa89da46bc846d
 2023-07-10 14:21:22 +08:00
Yunju Lee
0a86789618 Add GPU power hint sysfs node to sepolicy for Zuma 
Bug: 228076319
Bug: 278493002
Test: Perfetto trace inspection
Change-Id: I2f78c2e9175faa3f8af4b55e93e9b0f3d6bebdf2
 2023-07-07 21:40:20 +00:00
Samuel Huang
f65918769f Merge "Revert "Revert "Create telephony.ril.silent_reset system_ext pro..."" into udc-qpr-dev 2023-07-07 01:45:24 +00:00