Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
747 commits 1 branch 0 tags 4 MiB
Commit graph

747 commits

This branch
This branch
All branches
Author SHA1 Message Date
Dinesh Yadav
1e5b6fb9eb Allow tachyon service to make binder calls to GCA 
This permission is needed for tachyon service to call callbacks.

AVC Error seen when tachyon tries accessing GCA:
12-02 11:40:03.212  6987  6987 W com.google.edge: type=1400 audit(0.0:17): avc:  denied  { call } for  scontext=u:r:edgetpu_tachyon_server:s0 tcontext=u:r:google_camera_app:s0:c145,c256,c512,c768 tclass=binder permissive=0
12-03 07:12:26.424  4166  4166 W com.google.edge: type=1400 audit(0.0:254): avc:  denied  { call } for  scontext=u:r:edgetpu_tachyon_server:s0 tcontext=u:r:debug_camera_app:s0:c67,c257,c512,c768 tclass=binder permissive=0

Bug: 381787911
Flag: EXEMPT updates device sepolicy only
Change-Id: Iaa61d70cdffb75024c497482f4c0a6cab493bec3
 2024-12-06 04:07:23 +00:00
Xiaofan Jiang
fb4abe21a2 Merge "shamp: remove fixed bug from bugmap" into main 2024-11-15 03:17:40 +00:00
Xin Li
f82af3d25e [automerger skipped] Merge 24Q4 (ab/12406339) into aosp-main-future am: f3f28e80ff -s ours 
am skip reason: Merged-In Id4f43ba150bd476426ace22c7d866ee87d5777a0 with SHA-1 0507349a4b is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/30284032

Change-Id: Idc022dd6855b86205416341b79df6fb63b82bf0b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-11-13 22:55:20 +00:00
Xiaofan Jiang
30306a34b5 shamp: remove fixed bug from bugmap 
Bug: 360060705

Flag: NONE clean up bugmap

Change-Id: I7d71aefa766e870e8bccb100ed5ad796dbbab36b
 2024-11-13 20:35:03 +00:00
Spade Lee
1239bde036 Merge "sepolicy: add label for logbuffer" into main 2024-11-13 17:00:10 +00:00
Spade Lee
f8891af46e sepolicy: add label for logbuffer 
- Add logbuffer_device label for ln8411, dc_mains, dual_batt
- Remove from tracking_deniel

Bug: 377895720
Flag: EXEMPT bugfix
Change-Id: Ia542c089bcf0eb6bb4ea3e026d43937390720b22
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-11-12 01:46:58 +00:00
Nina Chen
2fe912350e Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 378004800
Flag: EXEMPT NDK
Change-Id: I5cdb5950053f291969b660758a3eac4deda3995c
 2024-11-08 03:37:57 +00:00
Nina Chen
31d6e22220 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 377787445
Flag: EXEMPT NDK
Change-Id: I96db3485005cdaed405c8d117b1d50b5f29b533f
 2024-11-07 06:39:17 +00:00
Xin Li
f3f28e80ff Merge 24Q4 (ab/12406339) into aosp-main-future 
Bug: 370570306
Merged-In: Id4f43ba150bd476426ace22c7d866ee87d5777a0
Change-Id: Id0521170bfe46e3be668c19df7fff74b1bffa102
 2024-11-06 10:31:21 -08:00
Nina Chen
d03f77df69 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 377412254
Flag: EXEMPT NDK
Change-Id: I1345afdb481e9f84f2dd5fe745ebf594cbc33c66
 2024-11-05 05:25:33 +00:00
Nina Chen
dde3987124 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 375564898
Bug: 375564818
Bug: 375563932
Bug: 375564360
Bug: 375521075
Flag: EXEMPT NDK
Change-Id: I582e58598cf0c89de4b9aa904c84cbb065eba36b
 2024-10-25 09:11:49 +00:00
cwkao
f1471f5d65 Share same seinfo between propsetter app and GCA. 
Bug: 375117470
Test: locally on komodo, the app functions as expected.
Flag: EXEMPT NDK
Change-Id: I60a6047835b23137391e3bd6edcfd1fb418a3e19
 2024-10-23 16:58:52 +00:00
Thiébaud Weksteen
8b8ae291d4 Merge "Remove duplicate service entries" into main 2024-10-17 06:30:19 +00:00
Juan Yescas
c6c4da00d4 Merge "Copy 16KB developer option sepolicy to zumapro" into main 2024-10-17 01:38:36 +00:00
KRIS CHEN
ecc30e501a Merge "Allow fingerprint HAL to access IGoodixFingerprintDaemon" into main 2024-10-16 08:39:00 +00:00
chenkris
0e859b87a1 Allow fingerprint HAL to access IGoodixFingerprintDaemon 
Fix the following avc denial:
E SELinux : avc:  denied  { add } for pid=6578 uid=1000 name=vendor.goodix.hardware.biometrics.fingerprint.IGoodixFingerprintDaemon/default scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:default_android_service:s0 tclass=service_manager permissive=0

Flag: EXEMPT NDK
Bug: 368993793
Test: Tested fingerprint under enforcing mode
Change-Id: Iafed80d22d40e98cb0811ca84051066360f3dff8
 2024-10-16 07:50:44 +00:00
Pawan Wagh
7c85388222 Copy 16KB developer option sepolicy to zumapro 
avc denials from logs:

[   51.554757][  T453] type=1400 audit(1728080571.804:3): avc:  denied  { write } for  comm="copy_efs_files_" path="/dev/kmsg_debug" dev="tmpfs" ino=6 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:kmsg_debug_device:s0 tclass=chr_file permissive=1
[   51.582401][  T453] type=1400 audit(1728080571.808:4): avc:  denied  { ioctl } for  comm="copy_efs_files_" path="/dev/kmsg_debug" dev="tmpfs" ino=6 ioctlcmd=0x5401 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:kmsg_debug_device:s0 tclass=chr_file permissive=1
[   51.618078][  T453] type=1400 audit(1728080571.808:5): avc:  denied  { execute_no_trans } for  comm="copy_efs_files_" path="/vendor/bin/toybox_vendor" dev="dm-10" ino=382 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:vendor_toolbox_exec:s0 tclass=file permissive=1
[   51.642465][  T453] type=1400 audit(1728080571.812:6): avc:  denied  { getattr } for  comm="mkdir" path="/dev/kmsg_debug" dev="tmpfs" ino=6 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:kmsg_debug_device:s0 tclass=chr_file permissive=1
[   51.664388][  T453] type=1400 audit(1728080571.812:7): avc:  denied  { getattr } for  comm="mkdir" path="/data/vendor/copied" dev="dm-57" ino=7569664 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   51.664405][  T453] type=1400 audit(1728080571.820:8): avc:  denied  { search } for  comm="copy_efs_files_" name="copied" dev="dm-57" ino=7569664 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   51.664429][  T453] type=1400 audit(1728080571.832:9): avc:  denied  { write } for  comm="mkdir" name="copied" dev="dm-57" ino=7569664 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   51.664448][  T453] type=1400 audit(1728080571.832:10): avc:  denied  { add_name } for  comm="mkdir" name="efs.img" scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   51.717024][  T453] type=1400 audit(1728080571.832:11): avc:  denied  { create } for  comm="mkdir" name="efs.img" scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   51.786594][  T453] type=1400 audit(1728080571.836:12): avc:  denied  { execute_no_trans } for  comm="copy_efs_files_" path="/vendor/bin/fsck.f2fs" dev="dm-10" ino=134 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=1
[   51.819515][  T453] type=1400 audit(1728080571.840:13): avc:  denied  { search } for  comm="dump.f2fs" name="bootstrap" dev="dm-6" ino=1828 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=dir permissive=1
[   51.841747][  T453] type=1400 audit(1728080571.840:14): avc:  denied  { read } for  comm="dump.f2fs" name="libc.so" dev="dm-6" ino=1831 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=file permissive=1
[   51.863729][  T453] type=1400 audit(1728080571.840:15): avc:  denied  { open } for  comm="dump.f2fs" path="/system/lib64/bootstrap/libc.so" dev="dm-6" ino=1831 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=file permissive=1
[   51.887882][  T453] type=1400 audit(1728080571.840:16): avc:  denied  { getattr } for  comm="dump.f2fs" path="/system/lib64/bootstrap/libc.so" dev="dm-6" ino=1831 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=file permissive=1
[   51.912170][  T453] type=1400 audit(1728080571.840:17): avc:  denied  { map } for  comm="dump.f2fs" path="/system/lib64/bootstrap/libc.so" dev="dm-6" ino=1831 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=file permissive=1
[   51.944437][  T453] type=1400 audit(1728080571.840:18): avc:  denied  { execute } for  comm="dump.f2fs" path="/system/lib64/bootstrap/libdl.so" dev="dm-6" ino=1833 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:system_bootstrap_lib_file:s0 tclass=file permissive=1
[   51.979656][  T453] type=1400 audit(1728080571.848:19): avc:  denied  { search } for  comm="dump.f2fs" name="block" dev="tmpfs" ino=12 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:block_device:s0 tclass=dir permissive=1
[   52.009905][  T453] type=1400 audit(1728080571.848:20): avc:  denied  { getattr } for  comm="dump.f2fs" path="/dev/block/sda5" dev="tmpfs" ino=1294 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
[   52.039894][  T453] type=1400 audit(1728080571.848:21): avc:  denied  { search } for  comm="dump.f2fs" name="0:0:0:0" dev="sysfs" ino=64449 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=dir permissive=1
[   52.075681][  T453] type=1400 audit(1728080571.848:22): avc:  denied  { getattr } for  comm="dump.f2fs" path="/sys/devices/platform/13200000.ufs/host0/target0:0:0/0:0:0:0/block/sda/sda5/partition" dev="sysfs" ino=66405 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
[   52.110042][  T453] type=1400 audit(1728080571.848:23): avc:  denied  { read } for  comm="dump.f2fs" name="zoned" dev="sysfs" ino=66240 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
[   52.151878][  T453] type=1400 audit(1728080571.848:24): avc:  denied  { open } for  comm="dump.f2fs" path="/sys/devices/platform/13200000.ufs/host0/target0:0:0/0:0:0:0/block/sda/queue/zoned" dev="sysfs" ino=66240 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=1
[   52.185339][  T453] type=1400 audit(1728080571.848:25): avc:  denied  { read write } for  comm="dump.f2fs" name="sda5" dev="tmpfs" ino=1294 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
[   52.225138][  T453] type=1400 audit(1728080571.848:26): avc:  denied  { open } for  comm="dump.f2fs" path="/dev/block/sda5" dev="tmpfs" ino=1294 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
[   52.225150][  T453] type=1400 audit(1728080571.848:27): avc:  denied  { ioctl } for  comm="dump.f2fs" path="/dev/block/sda5" dev="tmpfs" ino=1294 ioctlcmd=0x1268 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:efs_block_device:s0 tclass=blk_file permissive=1
[   52.225160][  T453] type=1400 audit(1728080571.848:28): avc:  denied  { create } for  comm="dump.f2fs" name="nv_normal.bin" scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=file permissive=1
[   52.225170][  T453] type=1400 audit(1728080571.848:29): avc:  denied  { read write open } for  comm="dump.f2fs" path="/data/vendor/copied/efs.img/nv_normal.bin" dev="dm-57" ino=7569677 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=file permissive=1
[   52.225184][  T453] type=1400 audit(1728080571.852:30): avc:  denied  { relabelfrom } for  comm="dump.f2fs" name="nv_normal.bin" dev="dm-57" ino=7569677 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=file permissive=1
[   52.225198][  T453] type=1400 audit(1728080571.852:31): avc:  denied  { relabelto } for  comm="dump.f2fs" name="nv_normal.bin" dev="dm-57" ino=7569677 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=file permissive=1
[   52.225213][  T453] type=1400 audit(1728080571.852:32): avc:  denied  { write } for  comm="dump.f2fs" name="nv_normal.bin" dev="dm-57" ino=7569677 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=file permissive=1
[   52.225227][  T453] type=1400 audit(1728080571.852:33): avc:  denied  { setattr } for  comm="dump.f2fs" name="nv_normal.bin" dev="dm-57" ino=7569677 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=file permissive=1
[   52.225240][  T453] type=1400 audit(1728080571.852:34): avc:  denied  { chown } for  comm="dump.f2fs" capability=0  scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:r:copy_efs_files_to_data:s0 tclass=capability permissive=1
[   52.264424][  T453] type=1400 audit(1728080571.852:35): avc:  denied  { relabelfrom } for  comm="dump.f2fs" name="efs.img" dev="dm-57" ino=7569676 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   52.310613][  T453] type=1400 audit(1728080571.852:36): avc:  denied  { relabelto } for  comm="dump.f2fs" name="efs.img" dev="dm-57" ino=7569676 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
[   52.356910][  T453] type=1400 audit(1728080571.852:37): avc:  denied  { search } for  comm="dump.f2fs" name="efs.img" dev="dm-57" ino=7569676 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
[   52.402344][  T453] type=1400 audit(1728080571.852:38): avc:  denied  { setattr } for  comm="dump.f2fs" name="efs.img" dev="dm-57" ino=7569676 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
[   52.446523][  T453] type=1400 audit(1728080571.868:39): avc:  denied  { write } for  comm="dump.f2fs" path="/dev/kmsg_debug" dev="tmpfs" ino=6 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:kmsg_debug_device:s0 tclass=chr_file permissive=1
[   52.481694][  T453] type=1400 audit(1728080571.876:40): avc:  denied  { remove_name } for  comm="mv" name="efs.img" dev="dm-57" ino=7569676 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   52.534169][  T453] type=1400 audit(1728080571.876:41): avc:  denied  { rename } for  comm="mv" name="efs.img" dev="dm-57" ino=7569676 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_file:s0 tclass=dir permissive=1
[   52.552872][  T453] type=1400 audit(1728080571.892:42): avc:  denied  { read } for  comm="fsync" name="copied" dev="dm-57" ino=7569664 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   52.586267][  T453] type=1400 audit(1728080571.892:43): avc:  denied  { fowner } for  comm="fsync" capability=3  scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:r:copy_efs_files_to_data:s0 tclass=capability permissive=1
[   52.586291][  T453] type=1400 audit(1728080571.892:44): avc:  denied  { open } for  comm="fsync" path="/data/vendor/copied" dev="dm-57" ino=7569664 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=dir permissive=1
[   52.636388][  T453] type=1400 audit(1728080572.012:45): avc:  denied  { getattr } for  comm="dump.f2fs" path="/dev/block/sda7" dev="tmpfs" ino=1141 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
[   52.657184][  T453] type=1400 audit(1728080572.012:46): avc:  denied  { read write } for  comm="dump.f2fs" name="sda7" dev="tmpfs" ino=1141 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
[   52.676513][  T453] type=1400 audit(1728080572.012:47): avc:  denied  { open } for  comm="dump.f2fs" path="/dev/block/sda7" dev="tmpfs" ino=1141 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
[   52.704304][  T453] type=1400 audit(1728080572.012:48): avc:  denied  { ioctl } for  comm="dump.f2fs" path="/dev/block/sda7" dev="tmpfs" ino=1141 ioctlcmd=0x1268 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_block_device:s0 tclass=blk_file permissive=1
[   52.732919][  T453] type=1400 audit(1728080572.016:49): avc:  denied  { relabelto } for  comm="dump.f2fs" name="dds.bin" dev="dm-57" ino=7569688 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=file permissive=1
[   52.767434][  T453] type=1400 audit(1728080572.016:50): avc:  denied  { write } for  comm="dump.f2fs" name="dds.bin" dev="dm-57" ino=7569688 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=file permissive=1
[   52.805716][  T453] type=1400 audit(1728080572.016:51): avc:  denied  { setattr } for  comm="dump.f2fs" name="dds.bin" dev="dm-57" ino=7569688 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=file permissive=1
[   53.034704][  T453] type=1400 audit(1728080572.016:52): avc:  denied  { relabelto } for  comm="dump.f2fs" name="replay" dev="dm-57" ino=7569687 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1
[   53.066603][  T453] type=1400 audit(1728080572.016:53): avc:  denied  { search } for  comm="dump.f2fs" name="replay" dev="dm-57" ino=7569687 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1
[   53.066613][  T453] type=1400 audit(1728080572.016:54): avc:  denied  { setattr } for  comm="dump.f2fs" name="replay" dev="dm-57" ino=7569687 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1
[   53.066624][  T453] type=1400 audit(1728080572.020:55): avc:  denied  { rename } for  comm="mv" name="modem_userdata.img" dev="dm-57" ino=7569686 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_userdata_file:s0 tclass=dir permissive=1
[   53.066649][  T453] type=1400 audit(1728080572.088:56): avc:  denied  { getattr } for  comm="dump.f2fs" path="/dev/block/sda1" dev="tmpfs" ino=1382 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_block_device:s0 tclass=blk_file permissive=1
[   53.100566][  T453] type=1400 audit(1728080572.088:57): avc:  denied  { read write } for  comm="dump.f2fs" name="sda1" dev="tmpfs" ino=1382 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_block_device:s0 tclass=blk_file permissive=1
[   53.100577][  T453] type=1400 audit(1728080572.088:58): avc:  denied  { open } for  comm="dump.f2fs" path="/dev/block/sda1" dev="tmpfs" ino=1382 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_block_device:s0 tclass=blk_file permissive=1
[   53.170745][  T453] type=1400 audit(1728080572.088:59): avc:  denied  { ioctl } for  comm="dump.f2fs" path="/dev/block/sda1" dev="tmpfs" ino=1382 ioctlcmd=0x1268 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_block_device:s0 tclass=blk_file permissive=1
[   53.170754][  T453] type=1400 audit(1728080572.092:60): avc:  denied  { relabelto } for  comm="dump.f2fs" name="defender_charger_time" dev="dm-57" ino=7569692 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=file permissive=1
[   53.170765][  T453] type=1400 audit(1728080572.092:61): avc:  denied  { write } for  comm="dump.f2fs" name="defender_charger_time" dev="dm-57" ino=7569692 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=file permissive=1
[   53.170775][  T453] type=1400 audit(1728080572.092:62): avc:  denied  { setattr } for  comm="dump.f2fs" name="defender_charger_time" dev="dm-57" ino=7569692 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=file permissive=1
[   53.170785][  T453] type=1400 audit(1728080572.092:63): avc:  denied  { relabelto } for  comm="dump.f2fs" name="battery" dev="dm-57" ino=7569691 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=dir permissive=1
[   53.170797][  T453] type=1400 audit(1728080572.092:64): avc:  denied  { search } for  comm="dump.f2fs" name="battery" dev="dm-57" ino=7569691 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=dir permissive=1
[   53.170811][  T453] type=1400 audit(1728080572.092:65): avc:  denied  { setattr } for  comm="dump.f2fs" name="battery" dev="dm-57" ino=7569691 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_battery_file:s0 tclass=dir permissive=1
[   53.170825][  T453] type=1400 audit(1728080572.092:66): avc:  denied  { relabelto } for  comm="dump.f2fs" name="touch" dev="dm-57" ino=7569694 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
[   53.170839][  T453] type=1400 audit(1728080572.092:67): avc:  denied  { search } for  comm="dump.f2fs" name="touch" dev="dm-57" ino=7569694 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
[   53.207440][  T453] type=1400 audit(1728080572.092:68): avc:  denied  { setattr } for  comm="dump.f2fs" name="touch" dev="dm-57" ino=7569694 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
[   53.262539][  T453] type=1400 audit(1728080572.092:69): avc:  denied  { create } for  comm="dump.f2fs" name="0" scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=lnk_file permissive=1
[   53.291111][  T453] type=1400 audit(1728080572.092:70): avc:  denied  { relabelfrom } for  comm="dump.f2fs" name="0" dev="dm-57" ino=7569696 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=lnk_file permissive=1
[   53.314133][  T453] type=1400 audit(1728080572.092:71): avc:  denied  { relabelto } for  comm="dump.f2fs" name="0" dev="dm-57" ino=7569696 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:tee_data_file:s0 tclass=lnk_file permissive=1
[   53.351258][  T453] type=1400 audit(1728080572.092:72): avc:  denied  { setattr } for  comm="dump.f2fs" name="0" dev="dm-57" ino=7569696 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:tee_data_file:s0 tclass=lnk_file permissive=1
[   53.418367][  T453] type=1400 audit(1728080572.092:73): avc:  denied  { chown } for  comm="dump.f2fs" capability=0  scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:r:copy_efs_files_to_data:s0 tclass=capability permissive=1
[   53.461321][  T453] type=1400 audit(1728080572.092:74): avc:  denied  { relabelto } for  comm="dump.f2fs" name="nsp" dev="dm-57" ino=7569697 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=file permissive=1
[   53.467294][  T453] type=1400 audit(1728080572.092:75): avc:  denied  { write } for  comm="dump.f2fs" name="nsp" dev="dm-57" ino=7569697 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=file permissive=1
[   53.484014][  T453] type=1400 audit(1728080572.092:76): avc:  denied  { setattr } for  comm="dump.f2fs" name="nsp" dev="dm-57" ino=7569697 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=file permissive=1
[   53.510185][  T453] type=1400 audit(1728080572.092:77): avc:  denied  { relabelto } for  comm="dump.f2fs" name="ss" dev="dm-57" ino=7569695 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=dir permissive=1
[   53.527739][  T453] type=1400 audit(1728080572.092:78): avc:  denied  { search } for  comm="dump.f2fs" name="ss" dev="dm-57" ino=7569695 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=dir permissive=1
[   53.544592][  T453] type=1400 audit(1728080572.092:79): avc:  denied  { sys_admin } for  comm="dump.f2fs" capability=21  scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:r:copy_efs_files_to_data:s0 tclass=capability permissive=1
[   53.589553][  T453] type=1400 audit(1728080572.092:80): avc:  denied  { setattr } for  comm="dump.f2fs" name="ss" dev="dm-57" ino=7569695 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=dir permissive=1
[   53.660501][  T453] type=1400 audit(1728080572.092:81): avc:  denied  { relabelto } for  comm="dump.f2fs" name="qti_fp" dev="dm-57" ino=7569698 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_fingerprint_file:s0 tclass=dir permissive=1
[   53.706160][  T453] type=1400 audit(1728080572.092:82): avc:  denied  { search } for  comm="dump.f2fs" name="qti_fp" dev="dm-57" ino=7569698 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_fingerprint_file:s0 tclass=dir permissive=1
[   53.750214][  T453] type=1400 audit(1728080572.092:83): avc:  denied  { setattr } for  comm="dump.f2fs" name="qti_fp" dev="dm-57" ino=7569698 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_fingerprint_file:s0 tclass=dir permissive=1
[   53.792724][  T453] type=1400 audit(1728080572.092:84): avc:  denied  { relabelto } for  comm="dump.f2fs" name="cs40l26.cal" dev="dm-57" ino=7569700 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_haptics_file:s0 tclass=file permissive=1
[   53.833755][  T453] type=1400 audit(1728080572.092:85): avc:  denied  { write } for  comm="dump.f2fs" name="cs40l26.cal" dev="dm-57" ino=7569700 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_haptics_file:s0 tclass=file permissive=1
[   53.866130][  T453] type=1400 audit(1728080572.092:86): avc:  denied  { setattr } for  comm="dump.f2fs" name="cs40l26.cal" dev="dm-57" ino=7569700 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_haptics_file:s0 tclass=file permissive=1
[   53.933950][  T453] type=1400 audit(1728080572.092:87): avc:  denied  { relabelto } for  comm="dump.f2fs" name="haptics" dev="dm-57" ino=7569699 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_haptics_file:s0 tclass=dir permissive=1
[   53.977389][  T453] type=1400 audit(1728080572.092:88): avc:  denied  { search } for  comm="dump.f2fs" name="haptics" dev="dm-57" ino=7569699 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_haptics_file:s0 tclass=dir permissive=1
[   54.007088][  T453] type=1400 audit(1728080572.092:89): avc:  denied  { setattr } for  comm="dump.f2fs" name="haptics" dev="dm-57" ino=7569699 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_haptics_file:s0 tclass=dir permissive=1
[   54.049913][  T453] type=1400 audit(1728080572.092:90): avc:  denied  { relabelto } for  comm="dump.f2fs" name=".station_record" dev="dm-57" ino=7569701 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_file:s0 tclass=file permissive=1
[   54.102692][  T453] type=1400 audit(1728080572.092:91): avc:  denied  { write } for  comm="dump.f2fs" name=".station_record" dev="dm-57" ino=7569701 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_file:s0 tclass=file permissive=1
[   54.144176][  T453] type=1400 audit(1728080572.092:92): avc:  denied  { setattr } for  comm="dump.f2fs" name=".station_record" dev="dm-57" ino=7569701 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_file:s0 tclass=file permissive=1
[   54.187937][  T453] type=1400 audit(1728080572.092:93): avc:  denied  { relabelto } for  comm="dump.f2fs" name="icm45631_accel_fac_cal.reg" dev="dm-57" ino=7569704 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_sensor_reg_file:s0 tclass=file permissive=1
[   54.219942][  T453] type=1400 audit(1728080572.092:94): avc:  denied  { write } for  comm="dump.f2fs" name="icm45631_accel_fac_cal.reg" dev="dm-57" ino=7569704 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_sensor_reg_file:s0 tclass=file permissive=1
[   54.287284][  T453] type=1400 audit(1728080572.092:95): avc:  denied  { setattr } for  comm="dump.f2fs" name="icm45631_accel_fac_cal.reg" dev="dm-57" ino=7569704 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_sensor_reg_file:s0 tclass=file permissive=1
[   54.332099][  T453] type=1400 audit(1728080572.092:96): avc:  denied  { relabelto } for  comm="dump.f2fs" name="registry" dev="dm-57" ino=7569703 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_sensor_reg_file:s0 tclass=dir permissive=1
[   54.364108][  T453] type=1400 audit(1728080572.092:97): avc:  denied  { search } for  comm="dump.f2fs" name="registry" dev="dm-57" ino=7569703 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_sensor_reg_file:s0 tclass=dir permissive=1
[   54.411041][  T453] type=1400 audit(1728080572.092:98): avc:  denied  { setattr } for  comm="dump.f2fs" name="registry" dev="dm-57" ino=7569703 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_sensor_reg_file:s0 tclass=dir permissive=1
[   54.411050][  T453] type=1400 audit(1728080572.096:99): avc:  denied  { relabelto } for  comm="dump.f2fs" name="djinn-boitata_PDAF_Hbin_OTP.txt" dev="dm-57" ino=7569726 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_camera_file:s0 tclass=file permissive=1
[   54.411061][  T453] type=1400 audit(1728080572.096:100): avc:  denied  { write } for  comm="dump.f2fs" name="djinn-boitata_PDAF_Hbin_OTP.txt" dev="dm-57" ino=7569726 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_camera_file:s0 tclass=file permissive=1
[   54.411075][  T453] type=1400 audit(1728080572.096:101): avc:  denied  { setattr } for  comm="dump.f2fs" name="djinn-boitata_PDAF_Hbin_OTP.txt" dev="dm-57" ino=7569726 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_camera_file:s0 tclass=file permissive=1
[   54.411089][  T453] type=1400 audit(1728080572.096:102): avc:  denied  { create } for  comm="dump.f2fs" name="djinn-boitata_PDAF_Vbin_OTP.txt" scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=file permissive=1
[   54.411103][  T453] type=1400 audit(1728080572.096:103): avc:  denied  { read write open } for  comm="dump.f2fs" path="/data/vendor/copied/persist.img/camera/OTP_calibration/djinn-boitata_PDAF_Vbin_OTP.txt" dev="dm-57" ino=7569727 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=file permissive=1
[   54.411118][  T453] type=1400 audit(1728080572.096:104): avc:  denied  { relabelfrom } for  comm="dump.f2fs" name="djinn-boitata_PDAF_Vbin_OTP.txt" dev="dm-57" ino=7569727 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:modem_efs_image_file:s0 tclass=file permissive=1
[   54.411130][  T453] type=1400 audit(1728080572.096:105): avc:  denied  { relabelto } for  comm="dump.f2fs" name="OTP_calibration" dev="dm-57" ino=7569725 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_camera_file:s0 tclass=dir permissive=1
[   54.411139][  T453] type=1400 audit(1728080572.096:106): avc:  denied  { search } for  comm="dump.f2fs" name="OTP_calibration" dev="dm-57" ino=7569725 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_camera_file:s0 tclass=dir permissive=1
[   54.411148][  T453] type=1400 audit(1728080572.096:107): avc:  denied  { setattr } for  comm="dump.f2fs" name="OTP_calibration" dev="dm-57" ino=7569725 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_camera_file:s0 tclass=dir permissive=1
[   54.411157][  T453] type=1400 audit(1728080572.100:108): avc:  denied  { relabelto } for  comm="dump.f2fs" name="speaker.cal" dev="dm-57" ino=7569760 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_audio_file:s0 tclass=file permissive=1
[   54.411171][  T453] type=1400 audit(1728080572.100:109): avc:  denied  { write } for  comm="dump.f2fs" name="speaker.cal" dev="dm-57" ino=7569760 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_audio_file:s0 tclass=file permissive=1
[   54.411180][  T453] type=1400 audit(1728080572.100:110): avc:  denied  { setattr } for  comm="dump.f2fs" name="speaker.cal" dev="dm-57" ino=7569760 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_audio_file:s0 tclass=file permissive=1
[   54.411189][  T453] type=1400 audit(1728080572.100:111): avc:  denied  { relabelto } for  comm="dump.f2fs" name="audio" dev="dm-57" ino=7569759 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_audio_file:s0 tclass=dir permissive=1
[   54.411198][  T453] type=1400 audit(1728080572.100:112): avc:  denied  { search } for  comm="dump.f2fs" name="audio" dev="dm-57" ino=7569759 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_audio_file:s0 tclass=dir permissive=1
[   54.411207][  T453] type=1400 audit(1728080572.100:113): avc:  denied  { setattr } for  comm="dump.f2fs" name="audio" dev="dm-57" ino=7569759 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_audio_file:s0 tclass=dir permissive=1
[   54.411216][  T453] type=1400 audit(1728080572.100:114): avc:  denied  { relabelto } for  comm="dump.f2fs" name="factory_cal0.pb" dev="dm-57" ino=7569764 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_display_file:s0 tclass=file permissive=1
[   54.411225][  T453] type=1400 audit(1728080572.100:115): avc:  denied  { write } for  comm="dump.f2fs" name="factory_cal0.pb" dev="dm-57" ino=7569764 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_display_file:s0 tclass=file permissive=1
[   54.411234][  T453] type=1400 audit(1728080572.100:116): avc:  denied  { setattr } for  comm="dump.f2fs" name="factory_cal0.pb" dev="dm-57" ino=7569764 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_display_file:s0 tclass=file permissive=1
[   54.411243][  T453] type=1400 audit(1728080572.100:117): avc:  denied  { relabelto } for  comm="dump.f2fs" name="display" dev="dm-57" ino=7569763 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_display_file:s0 tclass=dir permissive=1
[   54.411252][  T453] type=1400 audit(1728080572.100:118): avc:  denied  { search } for  comm="dump.f2fs" name="display" dev="dm-57" ino=7569763 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_display_file:s0 tclass=dir permissive=1
[   54.411262][  T453] type=1400 audit(1728080572.100:119): avc:  denied  { setattr } for  comm="dump.f2fs" name="display" dev="dm-57" ino=7569763 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_display_file:s0 tclass=dir permissive=1
[   54.411274][  T453] type=1400 audit(1728080572.120:120): avc:  denied  { rename } for  comm="mv" name="persist.img" dev="dm-57" ino=7569690 scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:object_r:persist_file:s0 tclass=dir permissive=1
[   54.411286][  T453] type=1400 audit(1728080572.132:121): avc:  denied  { fowner } for  comm="fsync" capability=3  scontext=u:r:copy_efs_files_to_data:s0 tcontext=u:r:copy_efs_files_to_data:s0 tclass=capability permissive=1
[   58.572689][  T453] type=1400 audit(1728080578.820:122): avc:  denied  { signull } for  comm="shared_modem_pl" scontext=u:r:modem_svc_sit:s0 tcontext=u:r:hal_radioext_default:s0 tclass=process permissive=1 bug=b/368187536
[   58.735984][  T453] type=1400 audit(1728080578.984:123): avc:  denied  { sendto } for  comm="binder:1143_2" path="/dev/socket/statsdw" scontext=u:r:modem_ml_svc_sit:s0 tcontext=u:r:statsd:s0 tclass=unix_dgram_socket permissive=1
[   58.844813][  T453] type=1400 audit(1728080579.092:124): avc:  denied  { sendto } for  comm="binder:1143_2" path="/dev/socket/statsdw" scontext=u:r:modem_ml_svc_sit:s0 tcontext=u:r:statsd:s0 tclass=unix_dgram_socket permissive=1
[   86.597962][  T453] type=1400 audit(1728080606.848:455): avc:  granted  { read } for  comm="rkstack.process" name="psched" dev="proc" ino=4026532082 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   86.616310][  T453] type=1400 audit(1728080606.848:456): avc:  granted  { read open } for  comm="rkstack.process" path="/proc/2394/net/psched" dev="proc" ino=4026532082 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   86.645641][  T453] type=1400 audit(1728080606.848:457): avc:  granted  { getattr } for  comm="rkstack.process" path="/proc/2394/net/psched" dev="proc" ino=4026532082 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   91.030419][  T453] type=1400 audit(1728080611.268:458): avc:  denied  { open } for  comm="ogle.android.as" path="/proc/version" dev="proc" ino=4026532093 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:proc_version:s0 tclass=file permissive=1 app=com.google.android.as
[   91.171034][  T453] type=1400 audit(1728080611.268:459): avc:  denied  { getattr } for  comm="ogle.android.as" path="/proc/version" dev="proc" ino=4026532093 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:proc_version:s0 tclass=file permissive=1 app=com.google.android.as
[   91.348507][  T453] type=1400 audit(1728080611.368:460): avc:  denied  { create } for  comm="init" name="iostats" scontext=u:r:vendor_init:s0 tcontext=u:object_r:rootdisk_sysdev:s0 tclass=file permissive=1
[   91.556216][  T453] type=1400 audit(1728080611.784:461): avc:  denied  { create } for  comm="HeapTaskDaemon" name="PersistentBackgroundCameraServices.2450.tmp" scontext=u:r:vendor_pbcs_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
[   91.591920][  T453] type=1400 audit(1728080611.784:462): avc:  denied  { open } for  comm="HeapTaskDaemon" path="/data/user/0/com.google.pixel.camera.services/cache/oat_primary/arm64/PersistentBackgroundCameraServices.2450.tmp" dev="dm-57" ino=11961224 scontext=u:r:vendor_pbcs_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
[   91.610505][  T453] type=1400 audit(1728080611.824:463): avc:  denied  { add_name } for  comm="HeapTaskDaemon" name="SecureElement.2505.tmp" scontext=u:r:secure_element:s0:c44,c260,c512,c768 tcontext=u:object_r:system_data_file:s0:c44,c260,c512,c768 tclass=dir permissive=1
[   91.615399][  T453] type=1400 audit(1728080611.824:464): avc:  denied  { create } for  comm="HeapTaskDaemon" name="SecureElement.2505.tmp" scontext=u:r:secure_element:s0:c44,c260,c512,c768 tcontext=u:object_r:system_data_file:s0:c44,c260,c512,c768 tclass=file permissive=1
[   91.668729][  T453] type=1400 audit(1728080611.824:465): avc:  denied  { write open } for  comm="HeapTaskDaemon" path="/data/user/0/com.android.se/cache/oat_primary/arm64/SecureElement.2505.tmp" dev="dm-57" ino=11961765 scontext=u:r:secure_element:s0:c44,c260,c512,c768 tcontext=u:object_r:system_data_file:s0:c44,c260,c512,c768 tclass=file permissive=1
[   91.668788][  T453] type=1400 audit(1728080611.836:466): avc:  denied  { rename } for  comm="HeapTaskDaemon" name="PersistentBackgroundCameraServices.2450.tmp" dev="dm-57" ino=11961224 scontext=u:r:vendor_pbcs_app:s0:c232,c259,c512,c768 tcontext=u:object_r:system_app_data_file:s0:c232,c259,c512,c768 tclass=file permissive=1
[   92.928109][  T453] type=1400 audit(1728080613.172:471): avc:  granted  { execute } for  comm="id.apps.tachyon" path="/data/data/com.google.android.apps.tachyon/app_lib/libjingle_peerconnection_so.so" dev="dm-57" ino=11976916 scontext=u:r:untrusted_app:s0:c201,c256,c512,c768 tcontext=u:object_r:app_data_file:s0:c201,c256,c512,c768 tclass=file app=com.google.android.apps.tachyon
[   98.286553][  T453] type=1400 audit(1728080618.536:472): avc:  granted  { read } for  comm="NetworkMonitor/" name="psched" dev="proc" ino=4026532082 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   98.288073][  T453] type=1400 audit(1728080618.536:473): avc:  granted  { read open } for  comm="NetworkMonitor/" path="/proc/2394/net/psched" dev="proc" ino=4026532082 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   98.817428][  T453] type=1400 audit(1728080618.536:474): avc:  granted  { getattr } for  comm="NetworkMonitor/" path="/proc/2394/net/psched" dev="proc" ino=4026532082 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   98.821639][  T453] type=1400 audit(1728080619.040:475): avc:  denied  { read } for  comm=424720546872656164202332 name="/" dev="sda10" ino=2 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:metadata_file:s0 tclass=dir permissive=1 app=com.google.android.googlequicksearchbox
[   99.279860][  T453] type=1400 audit(1728080619.040:476): avc:  denied  { open } for  comm=424720546872656164202332 path="/metadata" dev="sda10" ino=2 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:metadata_file:s0 tclass=dir permissive=1 app=com.google.android.googlequicksearchbox
[   99.285144][  T453] type=1400 audit(1728080619.040:477): avc:  denied  { getattr } for  comm=424720546872656164202332 path="/metadata" dev="sda10" ino=2 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:metadata_file:s0 tclass=dir permissive=1 app=com.google.android.googlequicksearchbox
10-04 15:23:52.880  5118  5118 I IntentService[D: type=1400 audit(0.0:1275): avc:  denied  { setattr } for  name="omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
10-04 15:23:52.880  5118  5118 I IntentService[D: type=1400 audit(0.0:1276): avc:  denied  { append } for  name="omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
10-04 15:23:52.880  5118  5118 I IntentService[D: type=1400 audit(0.0:1277): avc:  denied  { open } for  path="/data/vendor/radio/omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1
10-04 15:23:55.096  5118  5118 I IntentService[D: type=1400 audit(0.0:1291): avc:  denied  { search } for  name="radio" dev="dm-57" ino=7569419 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1 app=com.android.omadm.service
10-04 15:23:55.096  5118  5118 I IntentService[D: type=1400 audit(0.0:1292): avc:  denied  { getattr } for  path="/data/vendor/radio/omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
10-04 15:23:55.620  5118  5118 I IntentService[D: type=1400 audit(0.0:1297): avc:  denied  { getattr } for  path="/data/vendor/radio/omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
10-04 15:23:55.620  5118  5118 I IntentService[D: type=1400 audit(0.0:1298): avc:  denied  { setattr } for  name="omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
10-04 15:23:55.620  5118  5118 I IntentService[D: type=1400 audit(0.0:1299): avc:  denied  { append } for  name="omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
10-04 15:23:55.620  5118  5118 I IntentService[D: type=1400 audit(0.0:1300): avc:  denied  { open } for  path="/data/vendor/radio/omadm_logs.txt" dev="dm-57" ino=7569652 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0:c512,c768 tclass=file permissive=1 app=com.android.omadm.service
10-04 15:23:55.956  5118  5118 I IntentService[D: type=1400 audit(0.0:1301): avc:  denied  { search } for  name="radio" dev="dm-57" ino=7569419 scontext=u:r:platform_app:s0:c512,c768 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1 app=com.android.omadm.service

Test: atest Enable16KbTest
Flag: build.RELEASE_GOOGLE_CAIMAN_16K_DEVELOPER_OPTION
Bug: 347108593
Change-Id: I67929732c9b23081f3608ac5da413adda81b6c44
 2024-10-15 22:53:30 +00:00
Chi-Wei Kao
e0c7545cd1 Merge "Add SELiunx for camera debug app (propsetter)" into main 2024-10-09 02:10:37 +00:00
cwkao
c5a7f8cc0d Add SELiunx for camera debug app (propsetter) 
Add the following avc denial:
```
10-02 19:55:46.156   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=activity scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:activity_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.258   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=netstats scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.263   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=content_capture scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.267   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=gpu scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:gpu_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.267   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=activity_task scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:activity_task_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.416   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=voiceinteraction scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:voiceinteraction_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.417   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=autofill scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:autofill_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.425   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=sensitive_content_protection_service scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:sensitive_content_protection_service:s0 tclass=service_manager permissive=1
10-02 19:55:46.427   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=performance_hint scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:hint_service:s0 tclass=service_manager permissive=1
10-02 19:55:48.156   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=audio scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
10-02 19:55:53.869   402   402 E SELinux : avc:  denied  { find } for pid=6934 uid=10311 name=textservices scontext=u:r:camera_propsetter_app:s0:c55,c257,c512,c768 tcontext=u:object_r:textservices_service:s0 tclass=service_manager permissive=1
```

Bug: 370472903
Test: locally on komodo
Flag: EXEMPT NDK
Change-Id: Ia1a8b42697e790f27a5da9aaa1f7c83fddf2a365
 2024-10-09 02:09:57 +00:00
KRIS CHEN
522514f320 Merge "add selinux permission for fps_touch_handler wakeup" into main 2024-10-07 08:00:42 +00:00
chenkris
537bf14fe6 add selinux permission for fps_touch_handler wakeup 
Fix the following avc denial:
avc:  denied  { read } for  name="wakeup96" dev="sysfs" ino=101698 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0 tclass=dir permissive=0

Bug: 371877715
Test: ls -lZ /sys/devices/platform/odm//odm:fps_touch_handler/wakeup
Flag: EXEMPT NDK
Change-Id: I9aff36eaaec914c7a9b4939353fe88f5c0565799
 2024-10-07 06:36:52 +00:00
Nicole Lee
3c83ed0f7c Fix modem_logging_control sepolicy error 
avc: denied  { call } for  scontext=u:r:modem_logging_control:s0 tcontext=u:r:servicemanager:s0 tclass=binder permissive=0
avc: denied  { find } for pid=1124 uid=1000 name=vendor.samsung_slsi.telephony.hardware.oemservice.IOemService/dm0 scontext=u:r:modem_logging_control:s0 tcontext=u:object_r:hal_vendor_modem_logging_service:s0 tclass=service_manager permissive=0

Bug:356025857
Test:Start modem logging correctly
Flag: EXEMPT bug fix
Change-Id: I0de9622957d7b7b756b178153d63e796bf45e856
 2024-10-06 17:05:16 +00:00
Mike McTernan
f43ae7b448 Revert "sepolicy:tracking_denials: add btlinux vendor_aoc_prop" 
This reverts commit 55bd5b089d.

Reason for revert: Underlying bug fixed

Flag: EXEMPT bug fix
Bug: 353262026
Change-Id: Id04ffeb508ea7450449c0934bec646e8f7f1356f
 2024-10-04 09:00:36 +00:00
Thiébaud Weksteen
f39431c3c8 Remove duplicate service entries 
These entries are defined in the platform policy.

Flag: EXEMPT bugfix
Bug: 367832910
Test: TH
Change-Id: I113222c692b971c698684f762294565b96f8d0cb
 2024-10-01 14:48:40 +10:00
Yen-Chao Chen
693260c964 remove b/350830796 and b/350830680 from bug map 
Bug: 350830796
Bug: 350830680
Test: build pass
Flag: EXEMPT bugfix
Change-Id: Ic3c163ce4dd6b97289ec22f97a0c87052b049ea4
Signed-off-by: Yen-Chao Chen <davidycchen@google.com>
 2024-09-30 09:24:36 +00:00
Treehugger Robot
0a301c6127 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps" into main 2024-09-30 09:07:14 +00:00
Leo Hsieh
ac26d97317 Allow hal_fingerprint_default to access sysfs_aoc_udfps 
Fix the following avc denial:
avc:  denied  { search } for  name="17000000.aoc" dev="sysfs" ino=26962 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=1
avc:  denied  { write } for  name="udfps_set_clock_source" dev="sysfs" ino=110484 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=file permissive=1
avc:  denied  { read } for  name="udfps_get_disp_freq" dev="sysfs" ino=110486 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=file permissive=1
avc:  denied  { write } for  name="udfps_set_clock_source" dev="sysfs" ino=109423 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 357976286
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Flag: EXEMPT NDK
Change-Id: Ia8d6288812ef47dad2018d384f43374da7005a4a
 2024-09-30 08:44:07 +00:00
YiKai Peng
bf729b7266 Update SELinux error 
solution: Ie9f8fc5cce8e62b06931b77aa8cd16a3c9516fb5

Test: NA
Bug: 350830879
Flag: EXEMPT bugfix
Change-Id: I390af5bde405dc35f2cf37163975a851250c7dd2
Signed-off-by: YiKai Peng <kenpeng@google.com>
 2024-09-27 05:11:22 +00:00
Feiyu Chen
80af57220f Merge "Remove b/340369535 hal_audio_default from bug map" into main 2024-09-27 00:41:38 +00:00
Feiyu Chen
a0407eaeae Remove b/340369535 hal_audio_default from bug map 
It's fixed 4 months ago

Bug: 340369535
Flag: DOCS_ONLY
Change-Id: If4a6f41703686620dd9614a5fbcbf837127c3173
 2024-09-26 19:24:00 +00:00
Xiaofan Jiang
4c1f2555d0 Merge "modem_svc: update sepolicy for UMI" into main 2024-09-26 18:12:25 +00:00
Treehugger Robot
abb1298206 Merge "Fix error in systemui when toggling airplane mode" into main 2024-09-26 16:11:38 +00:00
weichinweng
644a742ac7 Remove SELinux error tracing bug 
Bug: 350830390
Bug: 350830756
Bug: 350830758
Test: None
Change-Id: Ib33ceebb66573dbb38c87b120daa481b3756090d
 2024-09-26 07:51:52 +00:00
Xiaofan Jiang
81f027f9a1 modem_svc: update sepolicy for UMI 
Bug: 357139752

09-12 14:58:18.412 21402 21402 W shared_modem_pl: type=1400 audit(0.0:445): avc:  denied  { write } for  name="modem_svc_socket" dev="dm-53" ino=55074 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=0

Flag: EXEMPT sepolicy change only

Change-Id: I0f465e6a3039cc9781142c2b0f3fc433eaa1c9dc
 2024-09-25 23:32:04 +00:00
Wilson Sung
a59097a64a Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 369539751
Test: scanBugreport
Bug: 369539798
Bug: 369540515
Flag: EXEMPT NDK
Change-Id: Ib294a4c50801ddbd791ff3d05fe332f70bf17283
 2024-09-25 12:46:13 +00:00
Wilson Sung
ad0fc36b80 Fix error in systemui when toggling airplane mode 
avc:  denied  { read } for  name="u:object_r:radio_cdma_ecm_prop:s0" dev="tmpfs" ino=321 scontext=u:r:systemui_app:s0:c3,c257,c512,c768 tcontext=u:object_r:radio_cdma_ecm_prop:s0 tclass=file

Bug: 197722115
Bug: 359381748
Test: make selinux_policy
Flag: EXEMPT bugfix
Change-Id: I56021bacf311c7ce7e7e2f2b44b2078cedc16f1c
 2024-09-25 08:39:17 +00:00
Nina Chen
1ded01dd86 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 369475712
Flag: EXEMPT NDK
Change-Id: Ib2752c70f24cd0ea35b13836556dc634d2721413
 2024-09-25 06:30:45 +00:00
Tej Singh
0507349a4b Make android.framework.stats-v2-ndk app reachable 
For libedgetpu

Test: TH
Bug: 354763040
Flag: EXEMPT bugfix
Change-Id: Id4f43ba150bd476426ace22c7d866ee87d5777a0
 2024-09-20 21:41:23 -07:00
Treehugger Robot
a1a07140ce Merge "Update SELinux error" into main 2024-09-20 10:12:17 +00:00
chenkris
ab3bd433f8 Allow fingerprint to access /dev/fth_fd 
Fix the following avc denial:
avc:  denied  { open } for  path="/dev/fth_fd" dev="tmpfs" ino=1575 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1

Bug: 368517769
Test: enroll and authenticate fingerprint.
Change-Id: I46e59d0fb4526586ce6e95e1d715b22e08b4347d
 2024-09-20 09:15:44 +00:00
Nina Chen
2a4cb7b0a3 Update SELinux error 
Test: scanBugreport
Bug: 368188020
Test: scanAvcDeniedLogRightAfterReboot
Bug: 368187536
Flag: EXEMPT NDK
Change-Id: I0cb8cf650332bf2d518871f87c2175a4f3a20678
 2024-09-19 04:07:52 +00:00
Prochin Wang
90453768c7 Change vendor_fingerprint_prop to vendor_restricted_prop 
This is to allow the fingerprint HAL to access the property.

Bug: 366105474
Flag: build.RELEASE_PIXEL_BOOST_DATALAYER_PSA_ENABLED
Test: mm
Change-Id: Iba81a714af741edabdb587d8e5f9d6060dd133c5
 2024-09-16 02:12:26 +00:00
Nina Chen
2c4cebf4d5 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 366116096
Change-Id: I202f9031b89dbfbbce9d7fda6f8f50120df1698f
 2024-09-12 14:24:29 +08:00
Neo Yu
696b8a5777 Merge "Move sepolicy about hal_radioext_default to gs-common" into main 2024-09-06 01:41:13 +00:00
Wilson Sung
42fee8809a Move euiccpixel_app to vendor 
Bug: 312143882
Test: make selinux_policy
Flag: EXEMPT sepolicy refactor
Change-Id: I0f6ac76860c90b8022a85cafb80350a708d278c1
 2024-09-04 15:10:03 +00:00
Treehugger Robot
c5a02b45d4 Merge "Allow systemui_app to set 'debug.tracing.desktop_mode_visible_tasks' system property" into main 2024-09-04 12:20:22 +00:00
Ben Murdoch
88ed5f562f Allow systemui_app to set 'debug.tracing.desktop_mode_visible_tasks' system property 
See also: Iad8dc7a66765856ee7affb707f2dba6c1bbfbf49

Bug: 363893429
Flag: EXEMPT, SEPolicy
Test: Verified on device.
Change-Id: I6c68f97a7d42e635cadd2380cce7c64e812c1ffd
 2024-09-04 09:39:13 +00:00
Randall Huang
21194d2dc3 storage: move storage related device type to common folder 
Bug: 364225000
Test: forrest build
Change-Id: I3fb2a9a46d00ac27931ee8c1ad7b3ceef0920cdb
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-04 10:44:29 +08:00
Attis Chen
2f8ab31157 Merge "Label sysfs node power_mode as sysfs_display." into main 2024-09-02 04:54:18 +00:00
Neo Yu
d5626145f3 Move sepolicy about hal_radioext_default to gs-common 
Bug: 363665676
Test: verify with test roms
Flag: EXEMPT sepolicy refactor
Change-Id: I618742012138123329ae47c05c958e77f5573956
 2024-09-01 14:25:00 +08:00