Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
441 commits 1 branch 0 tags 4 MiB
Commit graph

441 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thiébaud Weksteen
52478ef92b Revert^2 "Remove persist.bootanim.color property definitions" 
110b7705a1

Change-Id: I9e49db39f15479083e6187f1db17af084441ff04
 2024-02-25 23:59:49 +00:00
Rubin Xu
110b7705a1 Revert "Remove persist.bootanim.color property definitions" 
Revert submission 26301396-bootanim_prop

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/quarterdeck/?branch=git_main&target=sdk_goog3_x86_64-trunk_staging-userdebug&lkgb=11487950&lkbb=11488141&fkbb=11488141

Bug: 326521604

Reverted changes: /q/submissionid:26301396-bootanim_prop

Change-Id: Idfb848f2a4df8191c867aedfd4ec24f18de1b1ad
 2024-02-23 12:26:04 +00:00
Thiébaud Weksteen
1045d8943c Remove persist.bootanim.color property definitions 
These now belong to the platform policy.

Bug: 321088135
Test: build
Change-Id: I98f41827a94defc3122db88275bed51576c9f3f0
 2024-02-21 13:48:01 +11:00
Treehugger Robot
4f275afd4e Merge "moving charger nodes to user build" into main 2024-02-21 02:01:55 +00:00
Treehugger Robot
35907c0769 Merge "dontaudit on dir search for vendor_votable_debugfs" into main 2024-02-21 01:55:49 +00:00
Darren Hsu
7b65b7fb2b sepolicy: allow hal_power_stats to read GPS files 
avc:  denied  { search } for  name="gps" dev="dm-49" ino=381
scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:vendor_gps_file:s0 tclass=dir permissive=0

Bug: 309876364
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I577443effaf8c3072e05c24025ec2c9ba63639b8
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-02-19 16:37:21 +08:00
Wilson Sung
0ae4d6f09e dontaudit on dir search for vendor_votable_debugfs 
Bug: 305880925
Bug: 310539058
Bug: 318033504
Test: make selinux_policy
Change-Id: I5e13370fe5430f3dfbf73ccff787986fbe80f9ea
 2024-02-19 14:58:56 +08:00
Ken Yang
7da489c7ad SELinux: fix SELinux denials 
devices/platform/108d0000.hsi2c/i2c-6/6-0066/max77779-pmic-irq.2.auto/wakeup/wakeup69

Bug: 325680852
Change-Id: I974c65bab46f3de3bdcacb42c67257d91a3ecf8a
Signed-off-by: Ken Yang <yangken@google.com>
 2024-02-19 04:21:12 +00:00
Dinesh Yadav
e51c1e459c Merge "Remove permissive mode from gxp_logging service" into main 2024-02-19 03:23:09 +00:00
Treehugger Robot
bb48ecd1e2 Merge "Allow CccDkTimeSyncService to access bluetooth extension HAL" into main 2024-02-17 08:49:51 +00:00
Daniel Okazaki
7d46482f86 moving charger nodes to user build 
Bug: 323415060
Test: adb bugreport
Change-Id: I2f613d513b2c8a1eb5f52dbd6ba9f8381486a150
Signed-off-by: Daniel Okazaki <dtokazaki@google.com>
 2024-02-15 23:09:32 +00:00
Imo Umoren
a8ad4fb402 Merge "Add CHRE SELinux Permissions for Twoshay [Zuma Pro]" into main 2024-02-13 21:09:09 +00:00
Imo Richard Umoren
52fe3a2703 Add CHRE SELinux Permissions for Twoshay [Zuma Pro] 
Adds permissions for chre socket to SELinux policy.
Used for the Wallaby nanoapp.

Bug: b/324278826
Test: Manually tested on zuma pro devices
Change-Id: Ied113002ec0650607f657cc47d183635916ae83e
 2024-02-08 02:09:58 +00:00
Dinesh Yadav
b0aec773ff Remove permissive mode from gxp_logging service 
The permission issues have been resolved with the latest release.

Test:
Tested that no avc violations are seen after using the private build.

Bug: 307468752
Change-Id: I962650551c94a924f4d63a79f8a684c5440f58e9
 2024-02-07 10:37:07 +00:00
Roy Luo
0e115d4d15 hal_usb_impl: Grant read permission to usb overheat files 
Carried over from WHI PRO setting.

Bug: 307583011
Test: no audit logs
Change-Id: Icdcf36ee739f009a1e87ecd346b6178d096079b9
 2024-02-07 05:19:37 +00:00
Kuen-Han Tsai
01658d880d Merge "Set SEPolicy for the disable_contaminant_detection script" into main 2024-02-06 08:34:52 +00:00
Wiwit Rifa'i
bf3e95edb1 Allow binder call from servicemanager to composer 
This will fix below avc denial:

type=1400 audit(0.0:4): avc:  denied  { call } for
comm="servicemanager" scontext=u:r:servicemanager:s0
tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder
permissive=0

Bug: 323761837
Bug: 315497129
Test: verify this avc denial doesn't appear
Change-Id: I76d7ea9e52e7140a715e375142abd904be8fa6ce
 2024-02-05 15:40:17 +08:00
Treehugger Robot
ad3761f873 Merge changes from topic "threadbt_se_policy" into main 
* changes:
  Grant Thread HAL service to access BT HAL folder
  Grant BT HAL to access socket file
 2024-02-05 03:31:48 +00:00
shihchienc
ed3ca1e266 Grant Thread HAL service to access BT HAL folder 
02-02 14:36:00.660  2378  2378 I android.hardwar: type=1400 audit(0.0:15): avc:  denied  { read } for  name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
02-02 14:36:00.660  2378  2378 I android.hardwar: type=1400 audit(0.0:16): avc:  denied  { watch } for  path="/data/vendor/bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
02-02 14:36:02.664  2378  2378 I android.hardwar: type=1400 audit(0.0:17): avc:  denied  { search } for  name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:30): avc:  denied  { getattr } for  path="/data/vendor/bluetooth/thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1
02-02 14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:31): avc:  denied  { write } for  name="thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1
02-02 14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:32): avc:  denied  { connectto } for  path="/data/vendor/bluetooth/thread_dispatcher_socket" scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:r:hal_bluetooth_btlinux:s0 tclass=unix_stream_socket permissive=1

Bug: 318594282
Test: reboot and open bluetooth
Change-Id: Ia63ed27b732eafa2e0aa3311fc7cea9c77e7b50c
 2024-02-04 23:00:54 +00:00
Kuen-Han Tsai
25748e9d93 Set SEPolicy for the disable_contaminant_detection script 
This patch ports Zuma project SEPolicy and corrects the platform device
name.

init    : Command 'exec /vendor/bin/hw/disable_contaminant_detection.sh'
action=vendor.usb.contaminantdisable=true (/vendor/etc/init/hw/
init.zumapro.usb.rc:288) took 5ms and failed: Could not start exec
service: File /vendor/bin/hw/disable_contaminant_detection.sh(labeled
"u:object_r:vendor_file:s0") has incorrect label or no domain transition
from u:r:init:s0 to another SELinux domain defined. Have you configured
your service correctly?
https://source.android.com/security/selinux/device-policy#
label_new_services_and_address_denials. Note: this error shows up even
in permissive mode in order to make auditing denials possible.

Bug: 295127978
Test: manual test
Change-Id: I4269127f0101250615aad9218a9e2684579a653b
Signed-off-by: Kuen-Han Tsai <khtsai@google.com>
 2024-02-02 18:07:36 +08:00
Wiwit Rifa'i
24ad0c2d7f Allow binder calls between composer and powerstats 
This will fix some avc denials:

* SELinux : avc:  denied  { find } for pid=508 uid=1000
name=power.stats-vendor scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:hal_power_stats_vendor_service:s0
tclass=service_manager permissive=0

* binder:501_1: type=1400 audit(0.0:30): avc:  denied  { call } for
scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=0

* android.hardwar: type=1400 audit(0.0:10): avc:  denied  { call }
for  scontext=u:r:hal_power_stats_default:s0
tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder
permissive=0

Bug: 315497129
Test: check no avc denied between composer & powerstats
Change-Id: I6033e088d5706a0d2a6f942f983a05e6148764a9
 2024-02-01 09:13:27 +08:00
Wiwit Rifa'i
19a720dbe0 Move hal_graphics_composer_default from legacy to vendor 
Bug: 315497129
Test: boot to home
Change-Id: I7408333a5a43a49045b66d697c71bdc89af25ff0
 2024-02-01 09:06:57 +08:00
Ted Wang
b867cabc87 Allow CccDkTimeSyncService to access bluetooth extension HAL 
Bug: 308381394
Test: build and check for avc denied
Change-Id: Ic602d3caf0b0cdfb1041d339e48d4671e7150d85
 2024-01-31 02:37:19 +00:00
Wilson Sung
39a0baed3c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 318310869
Test: scanBugreport
Bug: 322917055
Bug: 322916328
Bug: 322916246
Bug: 322917075
Test: scanAvcDeniedLogRightAfterReboot
Bug: 318310869
Change-Id: I63c0cc342af0407fab6b188e982a3ea6699f3618
 2024-01-30 07:17:49 +00:00
Wayne Lin
35176423de Merge "gps: refine iGNSS build system - sepolicy" into main 2024-01-30 05:45:58 +00:00
Kieran Cyphus
98fe007a31 Merge "liboemservice_proxy: Add sepolicy" into main 2024-01-29 05:58:46 +00:00
Wayne Lin
b89210063c gps: refine iGNSS build system - sepolicy 
Bug: 318310869
Bug: 315915958
Test: build pass, GPS works and no GPS avc denied error
Change-Id: I64d2e8971abb44d604082deaed6e90a13cac203d
 2024-01-29 05:52:15 +00:00
Treehugger Robot
d951f7cb22 Merge "gps: remove hal_gnss_default.te from tracking_denials." into main 2024-01-25 14:06:08 +00:00
kierancyphus
2fbd1edf60 liboemservice_proxy: Add sepolicy 
This was previously only configured to run on zuma devices, but should
be expanded to this device as well. Since this service should only be
present on these two devices, it's fine to just copy this here instead
of placing it in gs-common.

Test: atest vts_treble_vintf_vendor_test:DeviceManifest/SingleAidlTest
Bug: 321867236
Change-Id: I9f086df735c866ed037307574b38458434a9c486
 2024-01-25 17:53:23 +08:00
James Huang
80e9176588 gps: remove hal_gnss_default.te from tracking_denials. 
Bug: b/309551158
Test: confirm no hal_gnss_default avc denied.
Change-Id: I58a1d0712abfca4686a39626de8f566a5026455c
 2024-01-25 15:58:39 +08:00
Mark Chang
45f43f3af2 Merge "Allow systemui_app to set property." into main 2024-01-25 05:37:35 +00:00
Treehugger Robot
a886395f0e Merge "sepolicy: allow hal_power_stats to read sysfs_display" into main 2024-01-24 06:03:41 +00:00
shihchienc
a94e372811 Grant BT HAL to access socket file 
Bug: 318594713
Test: manual
Change-Id: Iba93dcd9543366e89c40bc8d0ca58dfdd69ee141
 2024-01-24 02:47:36 +00:00
Ted Wang
a446b6d3ae Merge "Allow GrilService to access bluetooth extension HAL" into main 2024-01-24 02:38:02 +00:00
Mark Chang
b434a0ecf2 Allow systemui_app to set property. 
This is to fix the denied log.
01-23 15:58:26.896     1     1 W /system/bin/init: type=1107 audit(0.0:17): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc:  denied  { set } for property=debug.touch_sensitivity_mode pid=2123 uid=10237 gid=10237 scontext=u:r:systemui_app:s0:c237,c256,c512,c768 tcontext=u:object_r:debug_prop:s0 tclass=property_service permissive=0'

Bug: 309912697
Test: Setting property was successful.
Change-Id: Id841d2d45de8d8d57366faf71f5ee60da74ce111
Signed-off-by: Mark Chang <changmark@google.com>
 2024-01-24 02:09:07 +00:00
Wilson Sung
5ce22b53f3 Update error on ROM 11347994 
Bug: 322035750
Test: SELinuxUncheckedDenialBootTest
Change-Id: I204fd486291b663c1fa06090225dc3890027498b
 2024-01-23 22:22:49 +00:00
Chungro Lee
76d4aef727 google_battery: support BC79 firmware update 
Bug: 319306735
Test: override flags via turboapp
Change-Id: I7f81574e09534052f870f0bedd1cd412485211f0
Signed-off-by: Chungro Lee <chungro@google.com>
 2024-01-23 18:48:23 +00:00
Megha Patil
3b48faef9c Merge "Add System Property to Specify NTN Demo Mode Enabled" into main 2024-01-23 10:35:10 +00:00
Megha Patil
ab78d95fb8 Add System Property to Specify NTN Demo Mode Enabled 
"telephony.ril.ntn_demo_mode" Property is added which specifies
RIL about NTN Demo Mode.

BUG: b/321178074
Test: Set the property in the service.
Change-Id: I8baca9ceaf364b579293679cabe26c33e0a4ec1e
 2024-01-23 10:34:57 +00:00
Darren Hsu
16453defb3 sepolicy: allow hal_power_stats to read sysfs_display 
avc:  denied  { read } for  name="available_disp_stats"
dev="sysfs" ino=76162 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 321871433
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I84e3a561f60bec7f75c14359dc0a31216590a335
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-01-23 17:42:11 +08:00
Wilson Sung
e52dfde528 Update error on ROM 11340999 
Bug: 321733124
Test: SELinuxUncheckedDenialBootTest
Change-Id: I1eca905eea9854be71926750b5d898c84c4794bd
 2024-01-22 17:45:51 +00:00
Ted Wang
4f5d6c7812 Allow GrilService to access bluetooth extension HAL 
Bug: 320403892
Test: Manual
Change-Id: I83834154563f9e77aaaf5ed786259a331497a378
 2024-01-19 08:11:41 +00:00
Treehugger Robot
52ef38dcf1 Merge "fingerprint: fix SELinux denials" into main 2024-01-18 17:31:31 +00:00
Kadi Narmamatov
d9634912a6 Merge "rfsd: add new property to sepolicy" into main 2024-01-18 10:01:47 +00:00
kadirpili
8f0acd4186 rfsd: add new property to sepolicy 
Avoid Access denied finding property "vendor.cbd.modem_bin_type" error message and give access for rfsd to access the property

Bug: 307481296
Bug: 317735109

Change-Id: Icd287f863fd6d309297ce984f4ce387fb5d3ae24
 2024-01-18 08:30:02 +00:00
Treehugger Robot
5a084bb6ba Merge "aoc: add sysfs file entry" into main 2024-01-18 04:00:25 +00:00
chenkris
e01b41b519 fingerprint: fix SELinux denials 
Fix following AVC denials:
1. SELinux : avc:  denied  { find } for interface=vendor.goodix.hardware.biometrics.fingerprint::IGoodixFingerprintDaemon sid=u:r:hal_fingerprint_default:s0 pid=2948 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:default_android_hwservice:s0 tclass=hwservice_manager permissive=0

Bug: 315737323
Test: boot with no relevant error
Change-Id: I9f32e2bc771c5bfd8ebf26344342b8813f0b4930
 2024-01-18 02:12:10 +00:00
mikeyuewang
ebdc5d769b Remove this tracking as the denial has been fixed by b/287683516 
Bug: 287683516

Change-Id: I9a9c7ac6d226fb6a859b69f0c4eca4857f65cf84
 2024-01-17 21:22:06 +00:00
yixuanjiang
86b073086f aoc: add sysfs file entry 
Test: Local
Bug: 314719343
Change-Id: I31e08e4f86b075f52b1483c17405074928b26f70
Signed-off-by: yixuanjiang <yixuanjiang@google.com>
 2024-01-17 18:12:27 +08:00
Angela Wu
365355875e Merge "Set up zumapro selinux policy for /dev/video12 access for hardware JPG encoder. (cherry picked from https://googleplex-android-review.googlesource.com/q/commit:ea768217f5f8f2ab32a3f76b4329378c5731aa24)" into main 2024-01-15 03:20:02 +00:00