Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
666 commits 1 branch 0 tags 4 MiB
Commit graph

150 commits

Author SHA1 Message Date
Spade Lee
8d61b53a50 sepolicy: removes dump_power tracking denial 
avc:  denied  { read } for  name="maxfg_history" dev="tmpfs" ino=1144 scontext=u:r:dump_power:s0 tcontext=u:object_r:battery_history_device:s0 tclass=chr_file permissive=0

Bug: 353418158
Test: atest-dev com.google.android.selinux.pts.SELinuxTest#scanBugreport => PASS
Flag: EXEMPT bugfix
Change-Id: Ie71eb273915eca6b38281a5f7a8a2b8a6bdcf4c8
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-07-18 10:19:43 +00:00
Wilson Sung
19c65ba48e Merge "Update SELinux error" into main 2024-07-17 04:31:22 +00:00
Wilson Sung
c7854c06ea Update SELinux error 
Test: scanBugreport
Bug: 353418158
Test: scanAvcDeniedLogRightAfterReboot
Bug: 353418189
Flag: EXEMPT bugfix
Change-Id: I5ce38640b68ca64749b07fd04d79e444d82ce206
 2024-07-16 06:14:01 +00:00
Mike McTernan
55bd5b089d sepolicy:tracking_denials: add btlinux vendor_aoc_prop 
Flag: EXEMPT bug fix
Bug: 353262026
Test: ABTD
Change-Id: I28a9e49eab75087aa424af1fd2cc5ead28285a2b
 2024-07-15 19:18:29 +00:00
Cheng Gu
6d465a9099 Update tracking_denials/bug_map. 
Removes denial tracking of b/322916328.

Fix: 322916328
Test: none
Flag: EXEMPT bugfix
Change-Id: Ib16f0897f3a438fe147a0919897163407b857443
 2024-07-15 05:39:33 +00:00
Wilson Sung
8b0c2f2379 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 350830429
Bug: 350830390
Test: scanBugreport
Bug: 350830756
Bug: 350830411
Bug: 350830657
Bug: 350830132
Bug: 350830796
Test: scanAvcDeniedLogRightAfterReboot
Bug: 350830879
Bug: 350830475
Bug: 350830680
Bug: 350830758
Change-Id: Id961fa8d79caea0bca4770beab722a4e1933f879
 2024-07-03 01:56:07 +00:00
Cheng Gu
5fb9dde89f Update SELinux error am: 48326b2e0b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27560145

Change-Id: I7f2898939e93b6ac6e1c2c76fb992df0ecc37f60
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-29 04:26:48 +00:00
emilchung
a9766745d1 Remove tracking denials of hal_sensors_default. 
Fix: 308381687
Test: no avc denied of hal_sensors_default
Change-Id: I19305dc921ae96752c4213cc284d4f578bac07a2
 2024-05-29 02:24:16 +00:00
Cheng Gu
48326b2e0b Update SELinux error 
Bug: 317754251
Test: adb reboot and observe log
Change-Id: I7dcf9782ce2be632410e956871f74e874ddaf3a1
 2024-05-28 22:31:47 +00:00
Wilson Sung
b65f4dacb2 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 340369535
Bug: 338347525 
Merged-In: I0d70966f03b0207388388fbc47e45de55a7385c3
Change-Id: I0d70966f03b0207388388fbc47e45de55a7385c3
(cherry picked from commit 924e6c6cd3)
 2024-05-17 03:50:29 +00:00
Wilson Sung
924e6c6cd3 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 340369535
Bug: 338347525 
Change-Id: I0d70966f03b0207388388fbc47e45de55a7385c3
 2024-05-14 03:09:03 +00:00
Enzo Liao
e4ceb50a9c Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2761dbe28b294be5199aba6ee73013427e8d627f)
Merged-In: I455630b347f9f234365fec371142582d2cc0640a
Change-Id: I455630b347f9f234365fec371142582d2cc0640a
 2024-04-22 03:03:12 +00:00
Enzo Liao
2761dbe28b Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
Change-Id: I455630b347f9f234365fec371142582d2cc0640a
 2024-04-08 19:23:52 +08:00
Spade Lee
aac2240ca4 sepolicy: allow kernel to search vendor debugfs 
audit: type=1400 audit(1710259012.824:4): avc:  denied  { search } for  pid=128 comm="kworker/3:1" name="max77779fg" dev="debugfs" ino=24204 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
audit: type=1400 audit(1710427790.680:2): avc:  denied  { search } for  pid=10 comm="kworker/u16:1" name="gvotables" dev="debugfs" ino=10582 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_votable_debugfs:s0 tclass=dir permissive=1
audit: type=1400 audit(1710427790.680:3): avc:  denied  { search } for  pid=211 comm="kworker/u16:4" name="google_charger" dev="debugfs" ino=16673 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_charger_debugfs:s0 tclass=dir permissive=1

Bug: 328016570
Bug: 329317898
Test: check all debugfs folders are correctly mounted
Change-Id: Ib25cc13a329b40bebe87fab43e955e2e4395de9e
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-04-02 07:35:39 +00:00
Spade Lee
bac2d41b9c sepolicy: allow kernel to search vendor debugfs 
audit: type=1400 audit(1710259012.824:4): avc:  denied  { search } for  pid=128 comm="kworker/3:1" name="max77779fg" dev="debugfs" ino=24204 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_maxfg_debugfs:s0 tclass=dir permissive=0
audit: type=1400 audit(1710427790.680:2): avc:  denied  { search } for  pid=10 comm="kworker/u16:1" name="gvotables" dev="debugfs" ino=10582 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_votable_debugfs:s0 tclass=dir permissive=1
audit: type=1400 audit(1710427790.680:3): avc:  denied  { search } for  pid=211 comm="kworker/u16:4" name="google_charger" dev="debugfs" ino=16673 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_charger_debugfs:s0 tclass=dir permissive=1

Bug: 328016570
Bug: 329317898
Test: check all debugfs folders are correctly mounted
Change-Id: Ib25cc13a329b40bebe87fab43e955e2e4395de9e
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-03-20 18:13:22 +00:00
derickhong
1f38fe473a Update SELinux error 
Bug: 326869289
Test: adb shell dmesg | grep avc ; adb logcat -d | grep avc
Change-Id: I57090ee64cafc5c2a9d98ec02152fdc9eb495591
 2024-03-20 07:39:32 +00:00
John Chang
46d2322311 Move display properties from tracking_denials to vendor 
Bug: 328001545
Test: Test MRR Version 2 is properly configured
Change-Id: Ib586398670b21bb88cd122647880149daa628d0d
 2024-03-08 16:32:30 +00:00
John Chang
21601cc866 Move display properties from tracking_denials to vendor 
Bug: 328001545
Test: Test MRR Version 2 is properly configured
Change-Id: Ib586398670b21bb88cd122647880149daa628d0d
 2024-03-08 16:23:52 +00:00
John Chang
ff239639f8 display: change vrr.enabled to xrr.version 
Bug: 328001545
Test: Test MRR Version 2 is properly configured
Change-Id: I02291bb537fe5a09ab8a1aa755426f45465883a9
 2024-03-07 22:19:51 +00:00
John Chang
0bb5c5b305 display: change vrr.enabled to xrr.version 
Bug: 328001545
Test: Test MRR Version 2 is properly configured
Change-Id: I02291bb537fe5a09ab8a1aa755426f45465883a9
 2024-03-06 16:05:43 +00:00
Wilson Sung
71366fa516 Merge "ssr_detector: remove tracking denial" into main 2024-03-05 03:26:01 +00:00
Derick Hong
b1a32915a4 Merge "Update SELinux error" into main 2024-03-05 03:05:10 +00:00
Treehugger Robot
4d305706a5 Merge "add dsim wakeup labels" into main 2024-02-28 03:59:20 +00:00
Peter Lin
f88ffce8c7 add dsim wakeup labels 
Bug: 321733124
test: ls sys/devices/platform/19440000.drmdsim/19440000.drmdsim.0/wakeup -Z
Change-Id: I28bc16f23478131dfecf2ad61b306ce9ae1e2767
 2024-02-27 12:59:04 +00:00
derickhong
f77068cbe0 Update SELinux error 
Bug: 326869289
Test: adb shell dmesg | grep avc ; adb logcat -d | grep avc
Change-Id: I57090ee64cafc5c2a9d98ec02152fdc9eb495591
 2024-02-27 16:22:54 +08:00
Salmax Chang
38170d1c85 ssr_detector: remove tracking denial 
Bug: 307468827
Change-Id: I232d7afd5d002ef59311a16317e0e2b7a1ccbfb7
 2024-02-27 12:18:54 +08:00
Jack Wu
85aa1cb4b1 dontaudit on dir search for vendor_charger_debugfs 
Bug: 326869335
Test: make selinux_policy
Change-Id: I22623dd1c47a431233eb6666dbe37fa2d9aa73a3
Signed-off-by: Jack Wu <wjack@google.com>
 2024-02-26 21:10:51 +08:00
Wilson Sung
348e64ecce Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 326869289
Bug: 326869335
Test: scanBugreport
Bug: 326869823
Test: scanAvcDeniedLogRightAfterReboot
Bug: 326869239
Change-Id: I8b245d769ae91c2f3f3d2dd7cfb1b8eebb83dd22
 2024-02-26 08:37:54 +00:00
Hasan Awais
3a14cdf8df Merge "Remove hal_uwb_default selinux bug map entry" into main 2024-02-21 17:35:56 +00:00
Hasan Awais
3a49506b92 Remove hal_uwb_default selinux bug map entry 
The selinux filesystem is no longer being read, so this property is no
longer needed.

Bug: 322916246
Change-Id: I48a08c7068904b25e30c59e2fe3a2dd74a274ba8
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2024-02-20 09:40:09 -08:00
Wilson Sung
0ae4d6f09e dontaudit on dir search for vendor_votable_debugfs 
Bug: 305880925
Bug: 310539058
Bug: 318033504
Test: make selinux_policy
Change-Id: I5e13370fe5430f3dfbf73ccff787986fbe80f9ea
 2024-02-19 14:58:56 +08:00
Dinesh Yadav
e51c1e459c Merge "Remove permissive mode from gxp_logging service" into main 2024-02-19 03:23:09 +00:00
Treehugger Robot
bb48ecd1e2 Merge "Allow CccDkTimeSyncService to access bluetooth extension HAL" into main 2024-02-17 08:49:51 +00:00
Dinesh Yadav
b0aec773ff Remove permissive mode from gxp_logging service 
The permission issues have been resolved with the latest release.

Test:
Tested that no avc violations are seen after using the private build.

Bug: 307468752
Change-Id: I962650551c94a924f4d63a79f8a684c5440f58e9
 2024-02-07 10:37:07 +00:00
Ted Wang
b867cabc87 Allow CccDkTimeSyncService to access bluetooth extension HAL 
Bug: 308381394
Test: build and check for avc denied
Change-Id: Ic602d3caf0b0cdfb1041d339e48d4671e7150d85
 2024-01-31 02:37:19 +00:00
Wilson Sung
39a0baed3c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 318310869
Test: scanBugreport
Bug: 322917055
Bug: 322916328
Bug: 322916246
Bug: 322917075
Test: scanAvcDeniedLogRightAfterReboot
Bug: 318310869
Change-Id: I63c0cc342af0407fab6b188e982a3ea6699f3618
 2024-01-30 07:17:49 +00:00
Treehugger Robot
d951f7cb22 Merge "gps: remove hal_gnss_default.te from tracking_denials." into main 2024-01-25 14:06:08 +00:00
James Huang
80e9176588 gps: remove hal_gnss_default.te from tracking_denials. 
Bug: b/309551158
Test: confirm no hal_gnss_default avc denied.
Change-Id: I58a1d0712abfca4686a39626de8f566a5026455c
 2024-01-25 15:58:39 +08:00
Wilson Sung
5ce22b53f3 Update error on ROM 11347994 
Bug: 322035750
Test: SELinuxUncheckedDenialBootTest
Change-Id: I204fd486291b663c1fa06090225dc3890027498b
 2024-01-23 22:22:49 +00:00
Wilson Sung
e52dfde528 Update error on ROM 11340999 
Bug: 321733124
Test: SELinuxUncheckedDenialBootTest
Change-Id: I1eca905eea9854be71926750b5d898c84c4794bd
 2024-01-22 17:45:51 +00:00
Treehugger Robot
5a084bb6ba Merge "aoc: add sysfs file entry" into main 2024-01-18 04:00:25 +00:00
mikeyuewang
ebdc5d769b Remove this tracking as the denial has been fixed by b/287683516 
Bug: 287683516

Change-Id: I9a9c7ac6d226fb6a859b69f0c4eca4857f65cf84
 2024-01-17 21:22:06 +00:00
yixuanjiang
86b073086f aoc: add sysfs file entry 
Test: Local
Bug: 314719343
Change-Id: I31e08e4f86b075f52b1483c17405074928b26f70
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
 2024-01-17 18:12:27 +08:00
Allen Xu
3bfc494565 Merge "Update sepolicy for ConnectivityMonitor" into main 2024-01-12 18:52:11 +00:00
Treehugger Robot
f391978522 Merge "sepolicy: enable enforcing for hal_power_stats" into main 2024-01-11 20:56:49 +00:00
Allen Xu
1e31efbc3a Update sepolicy for ConnectivityMonitor 
Bug: 307468771
Test: v2/pixel-health-guard/device-boot-health-check-extra
Change-Id: I08caf6a8e48118151df72ad883490551af0c464c
 2024-01-11 20:18:20 +00:00
Treehugger Robot
aaaf45379c Merge "Remove system_suspend dontaudit" into main 2024-01-11 01:40:29 +00:00
Darren Hsu
31a27225de sepolicy: enable enforcing for hal_power_stats 
Bug: 307468729
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I2522e317542e441fe9cede3e314081478f8b6158
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-01-10 21:13:10 +08:00
Wilson Sung
84b93cfb16 Remove system_suspend dontaudit 
Fix: 318032188
Test: make sepolicy
Change-Id: I216fb901e5cc2ffdb3906da2d88e830e29d0e476
 2024-01-10 19:08:42 +08:00
Wilson Sung
b376cb8cd1 Update error on ROM 11294806 
Bug: 319399862
Test: SELinuxUncheckedDenialBootTest
Change-Id: I99331843251adb8f994170714e6f2c7cc28f2b2b
 2024-01-10 10:49:19 +00:00