Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
666 commits 1 branch 0 tags 4 MiB
Commit graph

666 commits

This branch
This branch
All branches
Author SHA1 Message Date
Yabin Cui
af6b895528 Add SOC specific ETE sysfs paths 
Bug: 321061072
Test: run profcollectd on device
Change-Id: I7eb39a5e9f586e36edd11679b0988af2ff6b986b
 2024-03-06 11:06:13 -08:00
John Chang
0bb5c5b305 display: change vrr.enabled to xrr.version 
Bug: 328001545
Test: Test MRR Version 2 is properly configured
Change-Id: I02291bb537fe5a09ab8a1aa755426f45465883a9
 2024-03-06 16:05:43 +00:00
Kah Xuan Lim
6914e7a49b Modem ML: Add sepolicy for TFLiteService 
Add the sepolicy required to:
- Introduce modemml_tflite_service which runs on the system server.
- Allow modem_ml_svc_sit to access the new service.
- Allow system_server to access NNAPI TPU service.

Relevant logs before the sepolicy changes are made:

```
auditd  : avc:  denied  { find } for pid=1000 uid=1001 name=com.android.server.modemml.ITFLiteService/default scontext=u:r:modem_ml_svc_sit:s0 tcontext=u:object_r:modemml_tflite_service:s0 tclass=service_manager permissive=1
```

```
11-14 03:03:44.392  1064  1064 I auditd  : type=1400 audit(0.0:9): avc:  denied  { call } for  comm="modem_ml_svc_si" scontext=u:r:modem_ml_svc_sit:s0 tcontext=u:r:system_server:s0 tclass=binder permissive=1
```

```
SELinux : avc:  denied  { find } for pid=1115 uid=1000 name=android.hardware.neuralnetworks.IDevice/google-edgetpu scontext=u:r:system_server:s0 tcontext=u:object_r:edgetpu_nnapi_service:s0 tclass=service_manager permissive=1
```

Bug: 307449478

Change-Id: I14c2aa02eca08a026d100af6eea11ac9ac9e4fc7
 2024-03-06 13:35:33 +08:00
Hwayoung Helen Kim
dc37b510fa Merge "Allow imssvc property access for the audio path in PDK build" into main 2024-03-05 06:48:16 +00:00
Treehugger Robot
87c046a3bf Merge "Add AIDL media.c2 into service_contexts" into main 2024-03-05 06:17:02 +00:00
Wilson Sung
71366fa516 Merge "ssr_detector: remove tracking denial" into main 2024-03-05 03:26:01 +00:00
Derick Hong
b1a32915a4 Merge "Update SELinux error" into main 2024-03-05 03:05:10 +00:00
Treehugger Robot
4d305706a5 Merge "add dsim wakeup labels" into main 2024-02-28 03:59:20 +00:00
Sungtak Lee
f8aaa7afa0 Add AIDL media.c2 into service_contexts 
Bug: 321808716
Change-Id: Ieff24ebd4c5ce6201faecf819828f21cb598de67
 2024-02-27 18:14:13 +00:00
Peter Lin
f88ffce8c7 add dsim wakeup labels 
Bug: 321733124
test: ls sys/devices/platform/19440000.drmdsim/19440000.drmdsim.0/wakeup -Z
Change-Id: I28bc16f23478131dfecf2ad61b306ce9ae1e2767
 2024-02-27 12:59:04 +00:00
derickhong
f77068cbe0 Update SELinux error 
Bug: 326869289
Test: adb shell dmesg | grep avc ; adb logcat -d | grep avc
Change-Id: I57090ee64cafc5c2a9d98ec02152fdc9eb495591
 2024-02-27 16:22:54 +08:00
Salmax Chang
38170d1c85 ssr_detector: remove tracking denial 
Bug: 307468827
Change-Id: I232d7afd5d002ef59311a16317e0e2b7a1ccbfb7
 2024-02-27 12:18:54 +08:00
Thiébaud Weksteen
8816a77795 Merge "Revert^2 "Remove persist.bootanim.color property definitions"" into main 2024-02-26 22:40:44 +00:00
Jack Wu
85aa1cb4b1 dontaudit on dir search for vendor_charger_debugfs 
Bug: 326869335
Test: make selinux_policy
Change-Id: I22623dd1c47a431233eb6666dbe37fa2d9aa73a3
Signed-off-by: Jack Wu <wjack@google.com>
 2024-02-26 21:10:51 +08:00
Wilson Sung
348e64ecce Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 326869289
Bug: 326869335
Test: scanBugreport
Bug: 326869823
Test: scanAvcDeniedLogRightAfterReboot
Bug: 326869239
Change-Id: I8b245d769ae91c2f3f3d2dd7cfb1b8eebb83dd22
 2024-02-26 08:37:54 +00:00
Thiébaud Weksteen
52478ef92b Revert^2 "Remove persist.bootanim.color property definitions" 
110b7705a1

Change-Id: I9e49db39f15479083e6187f1db17af084441ff04
 2024-02-25 23:59:49 +00:00
Chi Zhang
9de082ad52 Merge "Allow GRIL to get IRQ counts." into main 2024-02-23 22:07:01 +00:00
Rubin Xu
bdc3b23756 Merge "Revert "Remove persist.bootanim.color property definitions"" into main 2024-02-23 12:42:52 +00:00
Rubin Xu
110b7705a1 Revert "Remove persist.bootanim.color property definitions" 
Revert submission 26301396-bootanim_prop

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/quarterdeck/?branch=git_main&target=sdk_goog3_x86_64-trunk_staging-userdebug&lkgb=11487950&lkbb=11488141&fkbb=11488141

Bug: 326521604

Reverted changes: /q/submissionid:26301396-bootanim_prop

Change-Id: Idfb848f2a4df8191c867aedfd4ec24f18de1b1ad
 2024-02-23 12:26:04 +00:00
Helen
1518455ede Allow imssvc property access for the audio path in PDK build 
Bug: 319336100
Test: build and test using the PDK build in live network
Change-Id: I2e2045cde6a4cc5c5ea52b205aea6cb6da18e0b9
 2024-02-23 08:45:53 +00:00
Thiébaud Weksteen
7c18ffbf3e Merge "Remove persist.bootanim.color property definitions" into main 2024-02-23 02:59:57 +00:00
Mahesh Kallelil
61360c6fd3 Merge "radio: Add PCIe dyn speed sysfs nodes to sysfs_modem" into main 2024-02-22 04:00:47 +00:00
Hasan Awais
3a14cdf8df Merge "Remove hal_uwb_default selinux bug map entry" into main 2024-02-21 17:35:56 +00:00
Mahesh Kallelil
4118c09b83 radio: Add PCIe dyn speed sysfs nodes to sysfs_modem 
Allow modem_svc to write to the cpif sysfs files for PCIe dynamic
speed feature control.

Test: Tested with property change on device
Bug: 256247132
Change-Id: I1117ebf15ff4546cdd3a4bf0a653a46d39a8b59c
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2024-02-20 22:56:57 -08:00
Thiébaud Weksteen
1045d8943c Remove persist.bootanim.color property definitions 
These now belong to the platform policy.

Bug: 321088135
Test: build
Change-Id: I98f41827a94defc3122db88275bed51576c9f3f0
 2024-02-21 13:48:01 +11:00
Treehugger Robot
4f275afd4e Merge "moving charger nodes to user build" into main 2024-02-21 02:01:55 +00:00
Treehugger Robot
35907c0769 Merge "dontaudit on dir search for vendor_votable_debugfs" into main 2024-02-21 01:55:49 +00:00
Chi Zhang
8fb2332864 Allow GRIL to get IRQ counts. 
auditd  : type=1400 audit(0.0:94): avc:  denied  { read } for  comm="TestableLooper" name="irq" dev="sysfs" ino=20470 scontext=u:r:grilservice_app:s0:c241,c256,c512,c768 tcontext=u:object_r:sysfs_irq:s0 tclass=dir permissive=0 app=com.google.android.grilservice

Bug: 322548372
Test: build and boot
Change-Id: Iffc7f49d28ccd1960e6f939375a8e42958eff8bb
 2024-02-20 10:46:37 -08:00
Hasan Awais
3a49506b92 Remove hal_uwb_default selinux bug map entry 
The selinux filesystem is no longer being read, so this property is no
longer needed.

Bug: 322916246
Change-Id: I48a08c7068904b25e30c59e2fe3a2dd74a274ba8
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2024-02-20 09:40:09 -08:00
Darren Hsu
7b65b7fb2b sepolicy: allow hal_power_stats to read GPS files 
avc:  denied  { search } for  name="gps" dev="dm-49" ino=381
scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:vendor_gps_file:s0 tclass=dir permissive=0

Bug: 309876364
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I577443effaf8c3072e05c24025ec2c9ba63639b8
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-02-19 16:37:21 +08:00
Wilson Sung
0ae4d6f09e dontaudit on dir search for vendor_votable_debugfs 
Bug: 305880925
Bug: 310539058
Bug: 318033504
Test: make selinux_policy
Change-Id: I5e13370fe5430f3dfbf73ccff787986fbe80f9ea
 2024-02-19 14:58:56 +08:00
Ken Yang
7da489c7ad SELinux: fix SELinux denials 
devices/platform/108d0000.hsi2c/i2c-6/6-0066/max77779-pmic-irq.2.auto/wakeup/wakeup69

Bug: 325680852
Change-Id: I974c65bab46f3de3bdcacb42c67257d91a3ecf8a
Signed-off-by: Ken Yang <yangken@google.com>
 2024-02-19 04:21:12 +00:00
Dinesh Yadav
e51c1e459c Merge "Remove permissive mode from gxp_logging service" into main 2024-02-19 03:23:09 +00:00
Treehugger Robot
bb48ecd1e2 Merge "Allow CccDkTimeSyncService to access bluetooth extension HAL" into main 2024-02-17 08:49:51 +00:00
Daniel Okazaki
7d46482f86 moving charger nodes to user build 
Bug: 323415060
Test: adb bugreport
Change-Id: I2f613d513b2c8a1eb5f52dbd6ba9f8381486a150
Signed-off-by: Daniel Okazaki <dtokazaki@google.com>
 2024-02-15 23:09:32 +00:00
Imo Umoren
a8ad4fb402 Merge "Add CHRE SELinux Permissions for Twoshay [Zuma Pro]" into main 2024-02-13 21:09:09 +00:00
Imo Richard Umoren
52fe3a2703 Add CHRE SELinux Permissions for Twoshay [Zuma Pro] 
Adds permissions for chre socket to SELinux policy.
Used for the Wallaby nanoapp.

Bug: b/324278826
Test: Manually tested on zuma pro devices
Change-Id: Ied113002ec0650607f657cc47d183635916ae83e
 2024-02-08 02:09:58 +00:00
Dinesh Yadav
b0aec773ff Remove permissive mode from gxp_logging service 
The permission issues have been resolved with the latest release.

Test:
Tested that no avc violations are seen after using the private build.

Bug: 307468752
Change-Id: I962650551c94a924f4d63a79f8a684c5440f58e9
 2024-02-07 10:37:07 +00:00
Roy Luo
0e115d4d15 hal_usb_impl: Grant read permission to usb overheat files 
Carried over from WHI PRO setting.

Bug: 307583011
Test: no audit logs
Change-Id: Icdcf36ee739f009a1e87ecd346b6178d096079b9
 2024-02-07 05:19:37 +00:00
Kuen-Han Tsai
01658d880d Merge "Set SEPolicy for the disable_contaminant_detection script" into main 2024-02-06 08:34:52 +00:00
Wiwit Rifa'i
bf3e95edb1 Allow binder call from servicemanager to composer 
This will fix below avc denial:

type=1400 audit(0.0:4): avc:  denied  { call } for
comm="servicemanager" scontext=u:r:servicemanager:s0
tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder
permissive=0

Bug: 323761837
Bug: 315497129
Test: verify this avc denial doesn't appear
Change-Id: I76d7ea9e52e7140a715e375142abd904be8fa6ce
 2024-02-05 15:40:17 +08:00
Treehugger Robot
ad3761f873 Merge changes from topic "threadbt_se_policy" into main 
* changes:
  Grant Thread HAL service to access BT HAL folder
  Grant BT HAL to access socket file
 2024-02-05 03:31:48 +00:00
shihchienc
ed3ca1e266 Grant Thread HAL service to access BT HAL folder 
02-02 14:36:00.660  2378  2378 I android.hardwar: type=1400 audit(0.0:15): avc:  denied  { read } for  name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
02-02 14:36:00.660  2378  2378 I android.hardwar: type=1400 audit(0.0:16): avc:  denied  { watch } for  path="/data/vendor/bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
02-02 14:36:02.664  2378  2378 I android.hardwar: type=1400 audit(0.0:17): avc:  denied  { search } for  name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:30): avc:  denied  { getattr } for  path="/data/vendor/bluetooth/thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1
02-02 14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:31): avc:  denied  { write } for  name="thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1
02-02 14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:32): avc:  denied  { connectto } for  path="/data/vendor/bluetooth/thread_dispatcher_socket" scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:r:hal_bluetooth_btlinux:s0 tclass=unix_stream_socket permissive=1

Bug: 318594282
Test: reboot and open bluetooth
Change-Id: Ia63ed27b732eafa2e0aa3311fc7cea9c77e7b50c
 2024-02-04 23:00:54 +00:00
Kuen-Han Tsai
25748e9d93 Set SEPolicy for the disable_contaminant_detection script 
This patch ports Zuma project SEPolicy and corrects the platform device
name.

init    : Command 'exec /vendor/bin/hw/disable_contaminant_detection.sh'
action=vendor.usb.contaminantdisable=true (/vendor/etc/init/hw/
init.zumapro.usb.rc:288) took 5ms and failed: Could not start exec
service: File /vendor/bin/hw/disable_contaminant_detection.sh(labeled
"u:object_r:vendor_file:s0") has incorrect label or no domain transition
from u:r:init:s0 to another SELinux domain defined. Have you configured
your service correctly?
https://source.android.com/security/selinux/device-policy#
label_new_services_and_address_denials. Note: this error shows up even
in permissive mode in order to make auditing denials possible.

Bug: 295127978
Test: manual test
Change-Id: I4269127f0101250615aad9218a9e2684579a653b
Signed-off-by: Kuen-Han Tsai <khtsai@google.com>
 2024-02-02 18:07:36 +08:00
Wiwit Rifa'i
24ad0c2d7f Allow binder calls between composer and powerstats 
This will fix some avc denials:

* SELinux : avc:  denied  { find } for pid=508 uid=1000
name=power.stats-vendor scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:hal_power_stats_vendor_service:s0
tclass=service_manager permissive=0

* binder:501_1: type=1400 audit(0.0:30): avc:  denied  { call } for
scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=0

* android.hardwar: type=1400 audit(0.0:10): avc:  denied  { call }
for  scontext=u:r:hal_power_stats_default:s0
tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder
permissive=0

Bug: 315497129
Test: check no avc denied between composer & powerstats
Change-Id: I6033e088d5706a0d2a6f942f983a05e6148764a9
 2024-02-01 09:13:27 +08:00
Wiwit Rifa'i
19a720dbe0 Move hal_graphics_composer_default from legacy to vendor 
Bug: 315497129
Test: boot to home
Change-Id: I7408333a5a43a49045b66d697c71bdc89af25ff0
 2024-02-01 09:06:57 +08:00
Albert Wang
5c7d5fe598 usb: correct the xhci wakeup path 
Error log:
Error opening kernel wakelock stats for: wakeup146 (...xhci-hcd-exynos.8.auto/usb1/1-1/wakeup/wakeup146): Permission denied

Bug: 311087938
Test: boot to home and host mode works well
Change-Id: Ic0c11ee98779cc1e2ae60b9c2242f5cfacbb2df4
 2024-01-31 15:41:11 +08:00
Ted Wang
b867cabc87 Allow CccDkTimeSyncService to access bluetooth extension HAL 
Bug: 308381394
Test: build and check for avc denied
Change-Id: Ic602d3caf0b0cdfb1041d339e48d4671e7150d85
 2024-01-31 02:37:19 +00:00
Wilson Sung
39a0baed3c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 318310869
Test: scanBugreport
Bug: 322917055
Bug: 322916328
Bug: 322916246
Bug: 322917075
Test: scanAvcDeniedLogRightAfterReboot
Bug: 318310869
Change-Id: I63c0cc342af0407fab6b188e982a3ea6699f3618
 2024-01-30 07:17:49 +00:00
Wayne Lin
35176423de Merge "gps: refine iGNSS build system - sepolicy" into main 2024-01-30 05:45:58 +00:00