Daniel Okazaki
2fd032d1c7
adding zumapro BMS sepolicy entries am: a2e02afde8 am: 29b703b93d
...
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/24576031
Change-Id: I92b898c6f7cd252c213d759d47251ec13af9b5b2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-29 03:30:23 +00:00
Zheng Pan
146021afc9
update selinux policy based on new i2c bus id am: 9d124e7ddd am: 2b6f638ebc
...
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/24541565
Change-Id: I3505c7eb5285dd590217579dd80ddfe02b79152b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-08-29 03:30:19 +00:00
Daniel Okazaki
a2e02afde8
adding zumapro BMS sepolicy entries
...
Bug: 296941196
Test: build/flash/adb bugreport
Change-Id: I97185198f0147c5e7bd836b3e1b7e23284c6fe9b
Signed-off-by: Daniel Okazaki <dtokazaki@google.com>
2023-08-28 19:36:27 +00:00
Alec Foster
8d86f12d0e
Add selinux policy for QFP UDFPS.
...
Bug: 295228935
Test: adb logcat -b events -e avc -d
Test: Fingerprint sensor works.
Change-Id: I22a92d6acdc8b4211bf84f33ab9d7c524f078ebc
2023-08-28 19:36:23 +00:00
Zheng Pan
9d124e7ddd
update selinux policy based on new i2c bus id
...
Bug: 296941196
Test: Check logcat and make sure no permission deny
Change-Id: Ib82ba45c600f940c0253b165fbe2f5676990231f
2023-08-24 22:45:23 +00:00
Wilson Sung
c7a757a4ee
Revert "Sync zuma-sepolicy to legacy folder"
...
This reverts commit 355f0df8fd
2023-08-24 08:47:01 +08:00
Vania Januar
dbe23f1ab5
Revert "Revert^2 commit 2c99c990d3""
...
This reverts commit 9bd666007d
2023-08-23 12:58:42 +00:00
Wilson Sung
9bd666007d
Revert^2 commit 2c99c990d3"
...
This reverts commit 5d2c755531
2023-08-23 17:57:57 +08:00
Chiachang Wang
5d2c755531
Revert commit 2c99c990d3
...
This reverts commit 2c99c990d3
2023-08-23 04:16:56 +00:00
Wilson Sung
355f0df8fd
Sync zuma-sepolicy to legacy folder
...
Duplicate from zuma-sepolicy 7f3e2b9
Test: make selinux_policy
Bug: 296187211
Change-Id: If686fbdcf058849479019e8b37bb1d57a0215ed6
Signed-off-by: Wilson Sung <wilsonsung@google.com>
2023-08-22 15:37:56 +08:00
Treehugger Robot
a5c98e6cb0
Merge "Add sepolicies for gcma_camera heaps" into udc-qpr-dev
2023-08-21 10:29:20 +00:00
Treehugger Robot
6368bbd757
Merge "Add missing paths for permission" into udc-qpr-dev
2023-08-21 10:15:45 +00:00
Spade Lee
31eae0600c
Add missing paths for permission
...
Bug: 296141243
Change-Id: I0905fbcad90a8d4f6cfbc881e73e6912461cf985
Signed-off-by: Spade Lee <spadelee@google.com>
2023-08-21 09:15:01 +00:00
Martin Liu
f8d4e87b03
Add sepolicies for gcma_camera heaps
...
Bug: 275481134
Test: launch camera
Change-Id: I2efe897826d3c32bb85c815207865c0db557ea9f
Signed-off-by: Martin Liu <liumartin@google.com>
2023-08-21 08:47:16 +00:00
horngchuang
c52abed728
Add sepolicy permission of new camera components
...
Bug: 296775053
Test: Build and test for sensor denials
Change-Id: I53dfbcf47b1750402af7c85f9ff67cb4c25afbd3
2023-08-21 13:07:17 +08:00
Ilya Matyukhin
dabd49dff7
Merge "zumapro: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev
2023-08-16 20:38:34 +00:00
Jason Chiu
7ae66582a0
Merge "Add sepolicy for swiftshader" into udc-qpr-dev
2023-08-16 11:30:25 +00:00
Jenny Ho
1fcea23710
Add permission to read charger online
...
Bug: 296141243
Change-Id: Ie477983e4647ad24f04dc819e2d89de38d78775c
Signed-off-by: Jenny Ho <hsiufangho@google.com>
2023-08-16 08:19:39 +00:00
Hyunki Koo
e1542f9b76
Add sepolicy for swiftshader
...
Bug: 295365113
Change-Id: Ib122cb4015bb66bdcdd00adffee36b65a46bc322
Signed-off-by: Hyunki Koo <hyunki00.koo@samsung.com>
2023-08-16 00:30:28 +00:00
Ilya Matyukhin
dc29ce7753
zumapro: Add sysfs_faceauth_gcma_heap type
...
Bug: 288156745
Test: build
Change-Id: I009e0721c09886d96a8d071afaf9244305e1a257
2023-08-11 05:32:18 +00:00
Inseob Kim
d9a89215f4
Move coredomain seapp contexts to system_ext
...
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.
Bug: 280547417
Test: TH
Change-Id: Ifcaa41df790cb2b720775563cc4cd5cdf10e5c50
Merged-In: Ifcaa41df790cb2b720775563cc4cd5cdf10e5c50
(cherry picked from commit 63200470b8
2023-08-11 05:03:50 +00:00
Jenny Ho
ad31020715
add permission for dc-mains
...
Bug: 290542674
Change-Id: I30bb1e796b1863c035b2c4b4baa7695a80a31d60
Signed-off-by: Jenny Ho <hsiufangho@google.com>
2023-07-31 16:11:10 +08:00
Jenny Ho
01401737a7
Merge "Add sepolicy to allow dump battery charger and FG data" into udc-qpr-dev
2023-07-20 08:14:28 +00:00
Jenny Ho
207d448245
Add sepolicy to allow dump battery charger and FG data
...
W cat : type=1400 audit(0.0:308): avc: denied { read } for name="registers_dump" dev="sysfs" ino=78205 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
W cat : type=1400 audit(0.0:309): avc: denied { read } for name="registers" dev="debugfs" ino=33 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
W cat : type=1400 audit(0.0:311): avc: denied { read } for name="model_ok" dev="debugfs" ino=26186 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
W cat : type=1400 audit(0.0:312): avc: denied { read } for name="registers" dev="debugfs" ino=26192 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
W cat : type=1400 audit(0.0:313): avc: denied { read } for name="debug_registers" dev="debugfs" ino=26193 scontext=u:r:dump_power:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
Bug: 290542674
Change-Id: I7d8fa1efdf9c1c233643089273ddfd786b44ce15
Signed-off-by: Jenny Ho <hsiufangho@google.com>
2023-07-19 11:51:34 +00:00
Utku Utkan
c0ed974888
Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices"
...
Revert submission 24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL
Reason for revert: Relanding the original topic after copying the certificates under `device/google` for `without-vendor` branches
Reverted changes: /q/submissionid:24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL
Bug: 287069860
Test: m && flashall
Change-Id: I01fc4a31db761cb3dbb5dc93eb9e0b4d569b82f7
2023-07-18 20:37:58 -07:00
Inseob Kim
faf722a9cd
Revert "Introduce CameraServices seinfo tag for PixelCameraServices"
...
Revert submission 24056607-pixel-camera-services-extensions-sepolicy
Reason for revert: build breakage on git_main-without-vendor
Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy
Change-Id: I61599734edc5d80ca25beb4707549502318accaa
2023-07-19 01:15:21 +00:00
Utku Utkan
5b6bd7a496
Introduce CameraServices seinfo tag for PixelCameraServices
...
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I190f58ce9bcdc5c121e9329eb34030eeaf4d8709
2023-07-18 12:18:35 -07:00
Joerg Wagner
ca2f1c7d86
Prepare for Mali r44p0 UMD update
...
Add selinux rule to allow new V2 interface file alongside of V1 used up to r43p0.
The V1 entry will be removed once the r44p0 UMD update completes.
This decouples small changes from large, potentially intrusive ones in
other repositories.
Bug: 284254900
Change-Id: Ia928f871d8ea1fdbfb963cecb8fc4a99947e443e
2023-07-18 10:10:18 +02:00
Jenny Ho
eb242f21f6
Add sepolicy for max77779fg
...
Bug: 290315763
Change-Id: I71249d99b972f7966f8b1b3a4978d62985f27d49
Signed-off-by: Jenny Ho <hsiufangho@google.com>
2023-07-07 08:03:46 +00:00
Firman Prayoga
6da1510a72
Merge "zumapro-sepolicy: Update camera device nodes" into udc-qpr-dev
2023-06-27 06:53:45 +00:00
Yixuan Wang
ea65f1e6bd
Add selinux policy for chre vendor data directory
...
Bug: 278114604
Test: on device test
Change-Id: Ic8f0256c43ab3bc7c7bd30484f47e77bb970ce56
2023-06-22 18:18:28 +00:00
Firman Prayoga
0e6e839823
zumapro-sepolicy: Update camera device nodes
...
Bug: 288215624
Test: Boot, set camera mode, no selinux error
Change-Id: I9a636d60a5352d991cd199f7c9bb227554311ef7
2023-06-21 10:46:36 +00:00
sashwinbalaji
7bf1eb8960
thermal: thermal_metrics: Update selinux to reset stats
...
Bug: 193833982
Test: Local build and verify statsD logs
adb shell cmd stats print-logs && adb logcat -b all | grep -i 105045
Change-Id: I09afbea9386724f0abf6b9cab5838e89a060a5fd
2023-05-25 12:11:12 +00:00
Robin Peng
30ab759177
Sync with device/google/zuma-sepolicy a89fbcc4aa1ae
...
fix build breakage:
device/google/zumapro-sepolicy/legacy/whitechapel_pro/file.te:4:ERROR 'Duplicate declaration of type' at token ';' on line 104436:
type tcpdump_vendor_data_file, file_type, data_file_type;
type updated_wifi_firmware_data_file, file_type, data_file_type;
Bug: 272725898
Change-Id: Ic17d18409c28760d172a4ee7a5beb6c90016a381
2023-05-01 10:04:38 +00:00
Ankit Goyal
129741a269
Mark video secure devices as default dmabuf heaps
...
Mali driver (and codec HAL as well) require direct access to video
secure dmabuf devices. Mali driver being an SP-HAL cannot explicitly
write blanket rules for all the scontext. So, we piggyback on
dmabuf_system_secure_heap_device to allow all scontext to be able to use
these device nodes.
This is just as secure as dmabuf_system_secure_heap_device in that case.
There is no additional security impact. An app can still use gralloc to
allocate buffers from these heaps and disallowing access to these heaps
to the intended users.
Bug: 278513588
Test: Trusting result of ag/22743596 (no zumapro device yet)
Change-Id: I2fd77e6694cdd4d1e51c9f01f4ae2b9f9670cea0
2023-04-19 19:53:49 +00:00
Minchan Kim
4ce6753500
Merge "remove dump_cma.sh"
2023-04-12 03:25:58 +00:00
Minchan Kim
bc5690cd84
remove dump_cma.sh
...
We will introduce it into gs-common
Bug: 276901078
Change-Id: I395e3ca45a3ad4aa346e56fd8746ffc70ae94107
Signed-off-by: Minchan Kim <minchan@google.com>
2023-04-11 22:35:22 +00:00
Robin Peng
d9e2e6aae9
Sync with device/google/zuma-sepolicy cfa00dfc881e3
...
Bug: 272725898
Change-Id: I9125ed760c0b4c688cf37720f5d4a744f2484be7
2023-04-11 10:30:07 +00:00
Robin Peng
bff99af2da
init zumapro from zuma sha 43d5907677d0f
...
Bug: 272725898
Change-Id: If35d9efdda9dd3b8d8b24008f0738a0cbbe5bd9b
2023-03-31 14:16:57 +00:00
