Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
696 commits 1 branch 0 tags 4 MiB
Commit graph

309 commits

Author SHA1 Message Date
Nattharat Jariyanuntanaet
11c0bf5839 Merge "Update sepolicy for nfc antenna selftest values" into main 2024-08-30 05:06:06 +00:00
chenkris
dbc540c147 Allow fingerprint to access sysfs_lhbm 
Fix following avc denail:
android.hardwar: type=1400 audit(0.0:17): avc:  denied  { write } for  name="local_hbm_delay_frames" dev="sysfs" ino=83619 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_lhbm:s0 tclass=file permissive=0

Bug: 362149568
Test: enroll and authenticate fingerprint
Change-Id: I8c4b18b39fa5c391e9773c7780afe9e0de16e2a9
 2024-08-29 05:08:49 +00:00
Nattharat Jariyanuntanaet
4599e2be44 Update sepolicy for nfc antenna selftest values 
Allow persist.vendor.nfc.antenna. to be vendor public values for the NFC
companion app to access

avc:  denied  { read } for  name="u:object_r:vendor_nfc_antenna_prop:s0" dev="tmpfs" ino=414 scontext=u:r:untrusted_app:s0:c79,c257,c512,c768 tcontext=u:object_r:vendor_nfc_antenna_prop:s0 tclass=file permissive=0 app=com.google.android.apps.internal.nfcassistancetool

Bug: 361050657
Test: m selinux_policy
Flag: NONE add permission
Change-Id: I0e7c3580e4df332fa3d14c939eb5e588f7600601
 2024-08-23 02:42:23 +00:00
Joen Chen
e584e43da5 Merge "Label frame_interval and expected_present_time as sysfs_display" into main 2024-08-19 04:53:58 +00:00
Joen Chen
e8d646b5e6 Label frame_interval and expected_present_time as sysfs_display 
Bug: 330392550
Flag: EXEMPT bugfix
Test: Check the files label by "adb shell ls -Z"
Change-Id: Iaf8a32671bce035f5c82bd1b34b81c433638ac39
 2024-08-12 06:37:33 +00:00
Donnie Pollitz
cb18bb48d5 trusty: Allow linking/read tdp and td 
Background:
* storageproxyd needs to be able to create and read symlinks associated
  with TDP and TD.

08-07 08:13:44.868   750   750 W binder:750_2: type=1400 audit(0.0:18): avc:  denied  { create } for  name="0" scontext=u:r:tee:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=lnk_file permissive=0
08-07 07:35:19.396   755   755 W binder:755_2: type=1400 audit(0.0:7): avc:  denied  { read } for  name="0" dev="sda1" ino=15 scontext=u:r:tee:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=lnk_file permissive=0
08-07 08:34:24.956   742   742 W binder:742_2: type=1400 audit(0.0:8): avc:  denied  { read } for  name="persist" dev="dm-52" ino=406 scontext=u:r:tee:s0 tcontext=u:object_r:tee_data_file:s0 tclass=lnk_file permissive=0

Flag: EXEMPT resource only update
Bug: 357815590
Test: Tested by purging device and verifying fresh device
Change-Id: Ib239534bfb28d05de14095e84961ff0f84cde68d
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2024-08-07 08:41:32 +00:00
Gil Liu
b356ac167e Merge "add hal_graphics_composer to access thermal temperature" into main 2024-07-29 06:10:28 +00:00
Carlos Rodriguez
dd5b70f378 DisplayPort Stats: add sysfs access permission on Zumapro devices 
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:21): avc:  denied  { read } for  name="fec_dsc_supported" dev="sysfs" ino=82516 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:22): avc:  denied  { read } for  name="fec_dsc_not_supported" dev="sysfs" ino=82517 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:23): avc:  denied  { read } for  name="max_res_other" dev="sysfs" ino=82515 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:24): avc:  denied  { read } for  name="max_res_1366_768" dev="sysfs" ino=82505 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 343602691
Bug: 317486088

Flag: EXEMPT bugfix
Test: Android built and flashed and error is gone
Change-Id: I594536581ea468d40c9153bdc1bdd6b1ab7282fd
 2024-07-25 21:14:55 +00:00
gilliu
4c189644a9 add hal_graphics_composer to access thermal temperature 
type=1400 audit(0.0:77): avc:  denied  { search } for  name="thermal"
dev="tmpfs" ino=1618 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=0

type=1400 audit(0.0:74): avc:  denied  { search } for  name="thermal"
dev="sysfs" ino=21594 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=0

type=1400 audit(0.0:74): avc:  denied  { read } for  name="temp"
dev="sysfs" ino=73536 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=0

type=1400 audit(0.0:74): avc:  denied  { getattr } for
path="/sys/devices/virtual/thermal/thermal_zone12/temp" dev="sysfs"
ino=73537 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=0

Bug: 340846691
Test: check no avc pattern on logcat from test image
Flag: NONE add permission
Change-Id: I0f327b98e32627e00be4cc0d0a99be39d1ec3bf2
 2024-07-22 12:18:58 +00:00
Roy Luo
71d51ce40a Merge "Add xhci-hcd-exynos.7 wakeup paths for suspend service" into main 2024-07-17 01:23:23 +00:00
Roy Luo
d1ad140faf Add xhci-hcd-exynos.7 wakeup paths for suspend service 
Bug: 334189230
Test: verified on device
Change-Id: I0adcbe0bb1aff8ff4442c16bb733603ad8c012cf
Signed-off-by: Roy Luo <royluo@google.com>
 2024-07-16 19:49:52 +00:00
Vishvam Mazumdar
88e0059ef0 Merge "Add SELinux policy to allow CPU Idle Histogram Stats in dumpstate." into main 2024-07-10 21:41:10 +00:00
Vishvam Mazumdar
d6b8239e73 Add SELinux policy to allow CPU Idle Histogram Stats in dumpstate. 
This change is to allow the CPU Idle Histogram Stats to be dumped in
bugreports so that there is more insight into the idle behavior of
devices in the field.

Test: build/flash
Test: adb bugreport
Bug: 344908619
Flag: EXEMPT bugfix
Change-Id: If19b9471cf91ddc6e16347e7a4ea18d3298783d5
Signed-off-by: Vishvam Mazumdar <vmazumdar@google.com>
 2024-07-10 21:39:23 +00:00
Jeremy DeHaan
b3d863d552 Allow HWC to access frame_rate node 
Flag: EXEMPT bugfix
Bug: 346461765
Change-Id: Id7b3195e76cdce3e612eb9c9d177af24145e70a2
Signed-off-by: Jeremy DeHaan <jdehaan@google.com>
 2024-07-04 19:47:10 +00:00
Jack Wu
ee58427ea3 add permission for rt9471 sysfs 
Bug: 347914940
Test: adb bugreport
Flag: EXEMPT bugfix
Change-Id: I155c58d857f676fc3a2ff6c2fe9be6262405c7b9
Signed-off-by: Jack Wu <wjack@google.com>
 2024-06-19 16:13:33 +08:00
Kiwon Park
4e6cd49893 Merge "Revert "Add setupwizard_feature_prop as one of properties allowed to be read"" into main 2024-06-14 00:06:27 +00:00
Kiwon Park
33de53de68 Revert "Add setupwizard_feature_prop as one of properties allowed to be read" 
This reverts commit 26efc37a3d.

Reason for revert: Doesn't fix the issues in factory testing

Change-Id: I8c8473f5a9c0cf9c53a95943101976d4b7103580
 2024-06-13 17:24:30 +00:00
Cheng Chang
92c5aff54d gps: Move type declaration to device folder am: 8fa884d01c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27574819

Change-Id: I8d7cd44249f8912b9fab64d24ff53381e20fc05b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-12 07:27:17 +00:00
Cheng Chang
8fa884d01c gps: Move type declaration to device folder 
Bug: 343280252
Test: b/343280252 compile and abtd test
Change-Id: I492ea0b14953cf5b0111ac70bf82240522a15494
 2024-06-11 07:52:11 +00:00
Kiwon Park
070be283a7 Add setupwizard_feature_prop as one of properties allowed to be read 
06-05 20:45:54.890420  root   351   351 W libc    : Unable to set property "setupwizard.feature.provisioning_profile_mode" to "true": error code: 0x18
06-05 20:45:54.894967  root   350   350 E init    : Unable to set property 'setupwizard.feature.provisioning_profile_mode' from uid:0 gid:0 pid:351: SELinux permission check failed

Test: manual
Bug: 336903409
Change-Id: I7282cfdbd621dd0e77f08c8ff7287f9693fa060a
Merged-In: I7282cfdbd621dd0e77f08c8ff7287f9693fa060a
 2024-06-06 21:42:07 +00:00
Kiwon Park
26efc37a3d Add setupwizard_feature_prop as one of properties allowed to be read 
06-05 20:45:54.890420  root   351   351 W libc    : Unable to set property "setupwizard.feature.provisioning_profile_mode" to "true": error code: 0x18
06-05 20:45:54.894967  root   350   350 E init    : Unable to set property 'setupwizard.feature.provisioning_profile_mode' from uid:0 gid:0 pid:351: SELinux permission check failed

Test: manual
Bug: 336903409
Change-Id: I7282cfdbd621dd0e77f08c8ff7287f9693fa060a
 2024-06-06 21:41:56 +00:00
Roy Luo
ff802c138e Support sending vendor command to GL852G via libusbhost 
libusbhost need access to USB device fs.

Bug: 261923350
Bug: 340665903
Test: no audit log in logcat after command execution
Change-Id: I4b0c8cc750eff12d2494504f9f215d5b1bab35fd
 2024-05-22 00:49:12 +00:00
Treehugger Robot
fd7f96c57c Merge "Allow hwc to access te_rate_hz & te_option" into main 2024-05-15 01:41:45 +00:00
Donnie Pollitz
c41ed2ee7f Merge "Add permission for storageproxy to create symlinks for ss" into 24D1-dev 2024-05-14 21:59:03 +00:00
Treehugger Robot
9519db1e1b Merge "sepolicy: allow hal_gnss_pixel to connect to hal_contexthub_default" into main 2024-05-13 08:09:15 +00:00
Cheng Chang
b9181de2ea sepolicy: allow hal_gnss_pixel to connect to hal_contexthub_default 
avc:  denied  { call } for  scontext=u:r:hal_contexthub_default:s0 tcontext=u:r:hal_gnss_pixel:s0 tclass=binder permissive=0

Bug: 339391267
Test: Verified the boot health at b/339391267#comment21.
Test: Verified the boot health at b/339391267#comment22.
Change-Id: I109d03e52f6576328b92ec0b18041da8fac502eb
 2024-05-10 09:41:57 +00:00
Weizhung Ding
24015b5aeb Add HWC permission to access IStats AIDL am: 32a69c8d11 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27282714

Change-Id: Ia7f5f040fbe9b08384f5b61e398781f3fe9d3323
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-10 06:54:33 +00:00
Weizhung Ding
260af3904b add sysfs access permission on Zumapro devices. am: b5833b7ddf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27282713

Change-Id: Ibf10ea36cc1a257f0351daa7c154ba81a3d17226
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-10 06:54:30 +00:00
Weizhung Ding
32a69c8d11 Add HWC permission to access IStats AIDL 
avc:  denied  { call } for  scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:r:system_server:s0 tclass=binder permissive=0

Bug: 339598226
Test: Build and check log
Change-Id: I7e5ec165df0d397250b09f5981c1f45aea27bd4c
 2024-05-09 11:49:47 +00:00
Weizhung Ding
b5833b7ddf add sysfs access permission on Zumapro devices. 
Bug: 339598226
Test: build and check log
Change-Id: Ia7a7f0f8a5ffc63ab52f41d7a012260d73c54153
 2024-05-09 11:49:19 +00:00
Shiyong Li
f99e596498 Merge "Add sepolicy for power_state sysfs node" into 24D1-dev am: 3806937561 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27059981

Change-Id: Id35a52793ecd1d69bb8a54dc12101837f77d74e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-09 05:21:38 +00:00
Shiyong Li
3806937561 Merge "Add sepolicy for power_state sysfs node" into 24D1-dev 2024-05-09 05:16:16 +00:00
Burney Yu
85e79a0734 Allow hwc to access te_rate_hz & te_option 
Bug: 315094023
Test: can access sysfs node te_rate_hz & te_option
Change-Id: Ib2f657560dcbab5a96a26dfa98e2f3a477702e00
 2024-05-09 10:18:19 +08:00
KRIS CHEN
e8be86e6c7 Merge "Allow fingerprint to access the folder /data/vendor/fingerprint" into main 2024-05-08 08:46:30 +00:00
chenkris
bbf5ed6dbd Allow fingerprint to access the folder /data/vendor/fingerprint 
Fix the following avc denial:
android.hardwar: type=1400 audit(0.0:20): avc:  denied  { write } for  name="fingerprint" dev="dm-56" ino=36703 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 267766859
Test: Tested fingerprint under enforcing mode
Change-Id: Ib1ec4f13b24a511f056012168ff8919107c6c1dd
 2024-05-08 06:58:36 +00:00
Wei Wang
dec7c70056 Merge "zumapro: sepolicy: Update gpu available_frequencies sepolicies." into 24D1-dev am: 6c9df27593 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27088243

Change-Id: I1946280379f379c5566dfee2c2735734380d5769
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-06 16:41:34 +00:00
Wei Wang
6c9df27593 Merge "zumapro: sepolicy: Update gpu available_frequencies sepolicies." into 24D1-dev 2024-05-06 16:24:33 +00:00
Treehugger Robot
fb8ece30b7 Merge "sepolicy: allow hal_power_stats to read modem sysfs node" into 24D1-dev am: 3bfa8edd2d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27206477

Change-Id: Ic215eecf37588272b21a384c89550e4bacedcb6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-06 04:34:04 +00:00
Darren Hsu
ae01acb475 sepolicy: allow hal_power_stats to read modem sysfs node 
avc:  denied  { read } for  name="link_duration" dev="sysfs"
ino=50065 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 338278462
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I691955410fb2cc24f8a372c6176a4fb7490309c4
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-05-03 15:21:09 +08:00
Spade Lee
b5d740cdd1 Merge "sepolicy: add logbuffer_device r_file_perms" into 24D1-dev am: adbb0eda58 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27135775

Change-Id: I4c4cdf330cb3a702b8da08473d2f6362a10d2833
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-03 05:24:16 +00:00
Priyanka Advani
97dcd536a8 Merge "Revert "sepolicy: Allow PixelGnss to connect to Chre HAL"" into 24D1-dev am: dae4c8d652 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27192520

Change-Id: I5c9d2eb447a81a80586d7111f9dce93aca0c8f6a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-02 19:54:21 +00:00
Priyanka Advani
dae4c8d652 Merge "Revert "sepolicy: Allow PixelGnss to connect to Chre HAL"" into 24D1-dev 2024-05-02 19:42:59 +00:00
Priyanka Advani
4c6f1b0a81 Revert "sepolicy: Allow PixelGnss to connect to Chre HAL" 
Revert submission 27007604-pps_topic

Reason for revert: Droid-monitor created revert due to breakages in b/338407263. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:27007604-pps_topic

Change-Id: Ib66d30e7de4fe1880296d2c66a99c2e941c96135
 2024-05-02 16:28:07 +00:00
Treehugger Robot
cf2ee92ffc Merge "sepolicy: Allow PixelGnss to connect to Chre HAL" into 24D1-dev am: 7cdb6ff8b0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27007604

Change-Id: Ie79136497bbe8b68fd02fb768927963c906bc844
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-02 13:36:24 +00:00
Treehugger Robot
7cdb6ff8b0 Merge "sepolicy: Allow PixelGnss to connect to Chre HAL" into 24D1-dev 2024-05-02 13:12:59 +00:00
Treehugger Robot
de8e4b1133 Merge "lights: Add LED sysfs sepolicy" into main 2024-05-02 00:31:33 +00:00
Chungjui Fan
91aa5ade23 lights: Add LED sysfs sepolicy 
Bug: 307424586
Change-Id: I5b919d56a72d98c7173004b1380ca50e3691aacc
Signed-off-by: Chungjui Fan <chungjuifan@google.com>
 2024-04-30 01:21:57 +00:00
YiKai Peng
660715f1f8 Merge "selinux: label wakeup for BMS I2C 0x5B, 0x61" into main 2024-04-29 06:30:42 +00:00
Spade Lee
098fb2dabc sepolicy: add logbuffer_device r_file_perms 
avc: denied { read } for name="logbuffer_max77779fg_monitor" dev="tmpfs" ino=1034 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=0

Bug: 335934710
Test: no denied read logbuffer
Change-Id: Ie9cc3d7d0dbfc480cc8ff0bab2d600b8abf688c7
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-04-28 17:33:28 +00:00
YiKai Peng
af3f9d9d62 selinux: label wakeup for BMS I2C 0x5B, 0x61 
Bug: 335557235
Test: v2/pixel-health-guard/device-boot-health-check-extra
Change-Id: If41db4725810a851f4a6a1a05566c2547f142da9
Signed-off-by: YiKai Peng <kenpeng@google.com>
 2024-04-26 07:28:52 +00:00