Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
657 commits 1 branch 0 tags 4 MiB
Commit graph

657 commits

This branch
This branch
All branches
Author SHA1 Message Date
Peter Lin
f88ffce8c7 add dsim wakeup labels 
Bug: 321733124
test: ls sys/devices/platform/19440000.drmdsim/19440000.drmdsim.0/wakeup -Z
Change-Id: I28bc16f23478131dfecf2ad61b306ce9ae1e2767
 2024-02-27 12:59:04 +00:00
derickhong
f77068cbe0 Update SELinux error 
Bug: 326869289
Test: adb shell dmesg | grep avc ; adb logcat -d | grep avc
Change-Id: I57090ee64cafc5c2a9d98ec02152fdc9eb495591
 2024-02-27 16:22:54 +08:00
Salmax Chang
38170d1c85 ssr_detector: remove tracking denial 
Bug: 307468827
Change-Id: I232d7afd5d002ef59311a16317e0e2b7a1ccbfb7
 2024-02-27 12:18:54 +08:00
Thiébaud Weksteen
8816a77795 Merge "Revert^2 "Remove persist.bootanim.color property definitions"" into main 2024-02-26 22:40:44 +00:00
Jack Wu
85aa1cb4b1 dontaudit on dir search for vendor_charger_debugfs 
Bug: 326869335
Test: make selinux_policy
Change-Id: I22623dd1c47a431233eb6666dbe37fa2d9aa73a3
Signed-off-by: Jack Wu <wjack@google.com>
 2024-02-26 21:10:51 +08:00
Wilson Sung
348e64ecce Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 326869289
Bug: 326869335
Test: scanBugreport
Bug: 326869823
Test: scanAvcDeniedLogRightAfterReboot
Bug: 326869239
Change-Id: I8b245d769ae91c2f3f3d2dd7cfb1b8eebb83dd22
 2024-02-26 08:37:54 +00:00
Thiébaud Weksteen
52478ef92b Revert^2 "Remove persist.bootanim.color property definitions" 
110b7705a1

Change-Id: I9e49db39f15479083e6187f1db17af084441ff04
 2024-02-25 23:59:49 +00:00
Chi Zhang
9de082ad52 Merge "Allow GRIL to get IRQ counts." into main 2024-02-23 22:07:01 +00:00
Rubin Xu
bdc3b23756 Merge "Revert "Remove persist.bootanim.color property definitions"" into main 2024-02-23 12:42:52 +00:00
Rubin Xu
110b7705a1 Revert "Remove persist.bootanim.color property definitions" 
Revert submission 26301396-bootanim_prop

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.corp.google.com/quarterdeck/?branch=git_main&target=sdk_goog3_x86_64-trunk_staging-userdebug&lkgb=11487950&lkbb=11488141&fkbb=11488141

Bug: 326521604

Reverted changes: /q/submissionid:26301396-bootanim_prop

Change-Id: Idfb848f2a4df8191c867aedfd4ec24f18de1b1ad
 2024-02-23 12:26:04 +00:00
Helen
1518455ede Allow imssvc property access for the audio path in PDK build 
Bug: 319336100
Test: build and test using the PDK build in live network
Change-Id: I2e2045cde6a4cc5c5ea52b205aea6cb6da18e0b9
 2024-02-23 08:45:53 +00:00
Thiébaud Weksteen
7c18ffbf3e Merge "Remove persist.bootanim.color property definitions" into main 2024-02-23 02:59:57 +00:00
Mahesh Kallelil
61360c6fd3 Merge "radio: Add PCIe dyn speed sysfs nodes to sysfs_modem" into main 2024-02-22 04:00:47 +00:00
Hasan Awais
3a14cdf8df Merge "Remove hal_uwb_default selinux bug map entry" into main 2024-02-21 17:35:56 +00:00
Mahesh Kallelil
4118c09b83 radio: Add PCIe dyn speed sysfs nodes to sysfs_modem 
Allow modem_svc to write to the cpif sysfs files for PCIe dynamic
speed feature control.

Test: Tested with property change on device
Bug: 256247132
Change-Id: I1117ebf15ff4546cdd3a4bf0a653a46d39a8b59c
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2024-02-20 22:56:57 -08:00
Thiébaud Weksteen
1045d8943c Remove persist.bootanim.color property definitions 
These now belong to the platform policy.

Bug: 321088135
Test: build
Change-Id: I98f41827a94defc3122db88275bed51576c9f3f0
 2024-02-21 13:48:01 +11:00
Treehugger Robot
4f275afd4e Merge "moving charger nodes to user build" into main 2024-02-21 02:01:55 +00:00
Treehugger Robot
35907c0769 Merge "dontaudit on dir search for vendor_votable_debugfs" into main 2024-02-21 01:55:49 +00:00
Chi Zhang
8fb2332864 Allow GRIL to get IRQ counts. 
auditd  : type=1400 audit(0.0:94): avc:  denied  { read } for  comm="TestableLooper" name="irq" dev="sysfs" ino=20470 scontext=u:r:grilservice_app:s0:c241,c256,c512,c768 tcontext=u:object_r:sysfs_irq:s0 tclass=dir permissive=0 app=com.google.android.grilservice

Bug: 322548372
Test: build and boot
Change-Id: Iffc7f49d28ccd1960e6f939375a8e42958eff8bb
 2024-02-20 10:46:37 -08:00
Hasan Awais
3a49506b92 Remove hal_uwb_default selinux bug map entry 
The selinux filesystem is no longer being read, so this property is no
longer needed.

Bug: 322916246
Change-Id: I48a08c7068904b25e30c59e2fe3a2dd74a274ba8
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2024-02-20 09:40:09 -08:00
Darren Hsu
7b65b7fb2b sepolicy: allow hal_power_stats to read GPS files 
avc:  denied  { search } for  name="gps" dev="dm-49" ino=381
scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:vendor_gps_file:s0 tclass=dir permissive=0

Bug: 309876364
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: I577443effaf8c3072e05c24025ec2c9ba63639b8
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2024-02-19 16:37:21 +08:00
Wilson Sung
0ae4d6f09e dontaudit on dir search for vendor_votable_debugfs 
Bug: 305880925
Bug: 310539058
Bug: 318033504
Test: make selinux_policy
Change-Id: I5e13370fe5430f3dfbf73ccff787986fbe80f9ea
 2024-02-19 14:58:56 +08:00
Ken Yang
7da489c7ad SELinux: fix SELinux denials 
devices/platform/108d0000.hsi2c/i2c-6/6-0066/max77779-pmic-irq.2.auto/wakeup/wakeup69

Bug: 325680852
Change-Id: I974c65bab46f3de3bdcacb42c67257d91a3ecf8a
Signed-off-by: Ken Yang <yangken@google.com>
 2024-02-19 04:21:12 +00:00
Dinesh Yadav
e51c1e459c Merge "Remove permissive mode from gxp_logging service" into main 2024-02-19 03:23:09 +00:00
Treehugger Robot
bb48ecd1e2 Merge "Allow CccDkTimeSyncService to access bluetooth extension HAL" into main 2024-02-17 08:49:51 +00:00
Daniel Okazaki
7d46482f86 moving charger nodes to user build 
Bug: 323415060
Test: adb bugreport
Change-Id: I2f613d513b2c8a1eb5f52dbd6ba9f8381486a150
Signed-off-by: Daniel Okazaki <dtokazaki@google.com>
 2024-02-15 23:09:32 +00:00
Imo Umoren
a8ad4fb402 Merge "Add CHRE SELinux Permissions for Twoshay [Zuma Pro]" into main 2024-02-13 21:09:09 +00:00
Imo Richard Umoren
52fe3a2703 Add CHRE SELinux Permissions for Twoshay [Zuma Pro] 
Adds permissions for chre socket to SELinux policy.
Used for the Wallaby nanoapp.

Bug: b/324278826
Test: Manually tested on zuma pro devices
Change-Id: Ied113002ec0650607f657cc47d183635916ae83e
 2024-02-08 02:09:58 +00:00
Dinesh Yadav
b0aec773ff Remove permissive mode from gxp_logging service 
The permission issues have been resolved with the latest release.

Test:
Tested that no avc violations are seen after using the private build.

Bug: 307468752
Change-Id: I962650551c94a924f4d63a79f8a684c5440f58e9
 2024-02-07 10:37:07 +00:00
Roy Luo
0e115d4d15 hal_usb_impl: Grant read permission to usb overheat files 
Carried over from WHI PRO setting.

Bug: 307583011
Test: no audit logs
Change-Id: Icdcf36ee739f009a1e87ecd346b6178d096079b9
 2024-02-07 05:19:37 +00:00
Kuen-Han Tsai
01658d880d Merge "Set SEPolicy for the disable_contaminant_detection script" into main 2024-02-06 08:34:52 +00:00
Wiwit Rifa'i
bf3e95edb1 Allow binder call from servicemanager to composer 
This will fix below avc denial:

type=1400 audit(0.0:4): avc:  denied  { call } for
comm="servicemanager" scontext=u:r:servicemanager:s0
tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder
permissive=0

Bug: 323761837
Bug: 315497129
Test: verify this avc denial doesn't appear
Change-Id: I76d7ea9e52e7140a715e375142abd904be8fa6ce
 2024-02-05 15:40:17 +08:00
Treehugger Robot
ad3761f873 Merge changes from topic "threadbt_se_policy" into main 
* changes:
  Grant Thread HAL service to access BT HAL folder
  Grant BT HAL to access socket file
 2024-02-05 03:31:48 +00:00
shihchienc
ed3ca1e266 Grant Thread HAL service to access BT HAL folder 
02-02 14:36:00.660  2378  2378 I android.hardwar: type=1400 audit(0.0:15): avc:  denied  { read } for  name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
02-02 14:36:00.660  2378  2378 I android.hardwar: type=1400 audit(0.0:16): avc:  denied  { watch } for  path="/data/vendor/bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
02-02 14:36:02.664  2378  2378 I android.hardwar: type=1400 audit(0.0:17): avc:  denied  { search } for  name="bluetooth" dev="dm-53" ino=399 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=dir permissive=1
14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:30): avc:  denied  { getattr } for  path="/data/vendor/bluetooth/thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1
02-02 14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:31): avc:  denied  { write } for  name="thread_dispatcher_socket" dev="dm-53" ino=46090 scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:object_r:vendor_bt_data_file:s0 tclass=sock_file permissive=1
02-02 14:36:29.076  7627  7627 I android.hardwar: type=1400 audit(0.0:32): avc:  denied  { connectto } for  path="/data/vendor/bluetooth/thread_dispatcher_socket" scontext=u:r:hal_threadnetwork_default:s0 tcontext=u:r:hal_bluetooth_btlinux:s0 tclass=unix_stream_socket permissive=1

Bug: 318594282
Test: reboot and open bluetooth
Change-Id: Ia63ed27b732eafa2e0aa3311fc7cea9c77e7b50c
 2024-02-04 23:00:54 +00:00
Kuen-Han Tsai
25748e9d93 Set SEPolicy for the disable_contaminant_detection script 
This patch ports Zuma project SEPolicy and corrects the platform device
name.

init    : Command 'exec /vendor/bin/hw/disable_contaminant_detection.sh'
action=vendor.usb.contaminantdisable=true (/vendor/etc/init/hw/
init.zumapro.usb.rc:288) took 5ms and failed: Could not start exec
service: File /vendor/bin/hw/disable_contaminant_detection.sh(labeled
"u:object_r:vendor_file:s0") has incorrect label or no domain transition
from u:r:init:s0 to another SELinux domain defined. Have you configured
your service correctly?
https://source.android.com/security/selinux/device-policy#
label_new_services_and_address_denials. Note: this error shows up even
in permissive mode in order to make auditing denials possible.

Bug: 295127978
Test: manual test
Change-Id: I4269127f0101250615aad9218a9e2684579a653b
Signed-off-by: Kuen-Han Tsai <khtsai@google.com>
 2024-02-02 18:07:36 +08:00
Wiwit Rifa'i
24ad0c2d7f Allow binder calls between composer and powerstats 
This will fix some avc denials:

* SELinux : avc:  denied  { find } for pid=508 uid=1000
name=power.stats-vendor scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:hal_power_stats_vendor_service:s0
tclass=service_manager permissive=0

* binder:501_1: type=1400 audit(0.0:30): avc:  denied  { call } for
scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:r:hal_power_stats_default:s0 tclass=binder permissive=0

* android.hardwar: type=1400 audit(0.0:10): avc:  denied  { call }
for  scontext=u:r:hal_power_stats_default:s0
tcontext=u:r:hal_graphics_composer_default:s0 tclass=binder
permissive=0

Bug: 315497129
Test: check no avc denied between composer & powerstats
Change-Id: I6033e088d5706a0d2a6f942f983a05e6148764a9
 2024-02-01 09:13:27 +08:00
Wiwit Rifa'i
19a720dbe0 Move hal_graphics_composer_default from legacy to vendor 
Bug: 315497129
Test: boot to home
Change-Id: I7408333a5a43a49045b66d697c71bdc89af25ff0
 2024-02-01 09:06:57 +08:00
Albert Wang
5c7d5fe598 usb: correct the xhci wakeup path 
Error log:
Error opening kernel wakelock stats for: wakeup146 (...xhci-hcd-exynos.8.auto/usb1/1-1/wakeup/wakeup146): Permission denied

Bug: 311087938
Test: boot to home and host mode works well
Change-Id: Ic0c11ee98779cc1e2ae60b9c2242f5cfacbb2df4
 2024-01-31 15:41:11 +08:00
Ted Wang
b867cabc87 Allow CccDkTimeSyncService to access bluetooth extension HAL 
Bug: 308381394
Test: build and check for avc denied
Change-Id: Ic602d3caf0b0cdfb1041d339e48d4671e7150d85
 2024-01-31 02:37:19 +00:00
Wilson Sung
39a0baed3c Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 318310869
Test: scanBugreport
Bug: 322917055
Bug: 322916328
Bug: 322916246
Bug: 322917075
Test: scanAvcDeniedLogRightAfterReboot
Bug: 318310869
Change-Id: I63c0cc342af0407fab6b188e982a3ea6699f3618
 2024-01-30 07:17:49 +00:00
Wayne Lin
35176423de Merge "gps: refine iGNSS build system - sepolicy" into main 2024-01-30 05:45:58 +00:00
Kieran Cyphus
98fe007a31 Merge "liboemservice_proxy: Add sepolicy" into main 2024-01-29 05:58:46 +00:00
Wayne Lin
b89210063c gps: refine iGNSS build system - sepolicy 
Bug: 318310869
Bug: 315915958
Test: build pass, GPS works and no GPS avc denied error
Change-Id: I64d2e8971abb44d604082deaed6e90a13cac203d
 2024-01-29 05:52:15 +00:00
Treehugger Robot
d951f7cb22 Merge "gps: remove hal_gnss_default.te from tracking_denials." into main 2024-01-25 14:06:08 +00:00
kierancyphus
2fbd1edf60 liboemservice_proxy: Add sepolicy 
This was previously only configured to run on zuma devices, but should
be expanded to this device as well. Since this service should only be
present on these two devices, it's fine to just copy this here instead
of placing it in gs-common.

Test: atest vts_treble_vintf_vendor_test:DeviceManifest/SingleAidlTest
Bug: 321867236
Change-Id: I9f086df735c866ed037307574b38458434a9c486
 2024-01-25 17:53:23 +08:00
James Huang
80e9176588 gps: remove hal_gnss_default.te from tracking_denials. 
Bug: b/309551158
Test: confirm no hal_gnss_default avc denied.
Change-Id: I58a1d0712abfca4686a39626de8f566a5026455c
 2024-01-25 15:58:39 +08:00
Mark Chang
45f43f3af2 Merge "Allow systemui_app to set property." into main 2024-01-25 05:37:35 +00:00
Treehugger Robot
a886395f0e Merge "sepolicy: allow hal_power_stats to read sysfs_display" into main 2024-01-24 06:03:41 +00:00
shihchienc
a94e372811 Grant BT HAL to access socket file 
Bug: 318594713
Test: manual
Change-Id: Iba93dcd9543366e89c40bc8d0ca58dfdd69ee141
 2024-01-24 02:47:36 +00:00
Ted Wang
a446b6d3ae Merge "Allow GrilService to access bluetooth extension HAL" into main 2024-01-24 02:38:02 +00:00