Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
699 commits 1 branch 0 tags 4 MiB
Commit graph

92 commits

Author SHA1 Message Date
Xiaofan Jiang
69e2169248 Merge "Revert^2 "modem_svc: update sepolicy for UMI"" into main 2024-08-15 20:44:27 +00:00
Xiaofan Jiang
5e80ce8f29 Revert^2 "modem_svc: update sepolicy for UMI" 
4cc3948d52

Change-Id: I54b2b463cc98b900eb3c82d8af65efb4e3b43365
 2024-08-15 19:26:21 +00:00
Priyanka Advani (xWF)
e8c57a7c6a Merge "Revert "modem_svc: update sepolicy for UMI"" into main 2024-08-15 18:30:35 +00:00
Priyanka Advani (xWF)
4cc3948d52 Revert "modem_svc: update sepolicy for UMI" 
Revert submission 28762313

Reason for revert: Droidmonitor created revert due to b/360059249.

Reverted changes: /q/submissionid:28762313

Change-Id: I6f4407caef36b9d86f9f5246900eb30b45504da3
 2024-08-15 16:16:12 +00:00
Xiaofan Jiang
cf6aa47742 Merge "modem_svc: update sepolicy for UMI" into main 2024-08-15 04:01:13 +00:00
Xiaofan Jiang
c765607120 modem_svc: update sepolicy for UMI 
Bug: 357139752

[   68.189198] type=1400 audit(1722986580.568:59): avc:  denied  { unlink } for  comm="binder:892_2" name="modem_svc_socket" dev="dm-52" ino=20239 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1
[   68.189448] type=1400 audit(1722986580.568:60): avc:  denied  { create } for  comm="binder:892_2" name="modem_svc_socket" scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1

Flag: EXEMPT sepolicy

Change-Id: Ifb8acf20628b5c4c72c1c429216dcfac9d0eda27
 2024-08-15 03:52:58 +00:00
Treehugger Robot
1e60b2a664 Merge "fix bipchmgr sepolicy" into main 2024-08-14 02:28:12 +00:00
Tim Lin
89db879e0a fix bipchmgr sepolicy 
08-13 17:12:29.544   410   410 I auditd  : type=1400 audit(0.0:4): avc:  denied  { call } for  comm="servicemanager" scontext=u:r:servicemanager:s0 tcontext=u:r:bipchmgr:s0 tclass=binder permissive=0

Bug: 359428163
Change-Id: I49d9b02b0913b36a1cea7cf05ff2b61bee1d551f
Test: SELinuxUncheckedDenialBootTest
Flag: EXEMPT bugfix
 2024-08-13 14:27:46 +00:00
mikeyuewang
2ce93afc02 Grant the MDS assess the OemRil service AIDL interface. 
avc deny:
avc:  denied  { find } for pid=12125 uid=10269 name=vendor.samsung_slsi.telephony.hardware.radioExternal.IOemSlsiRadioExternal/default scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:hal_vendor_radio_external_service:s0 tclass=service_manager permissive=0
2024-08-09 19:48:22.634 12125-12138 ServiceManager          com.google.mds                       E

Bug: 357488411
Change-Id: I0d1381a7f63679880cdeffe5fe982007691d86fe
 2024-08-09 19:49:15 +00:00
Mike Wang
4bd4705847 Merge "Add the selinux policy to allow the gril get/set vendor log properties." into main 2024-07-26 01:15:34 +00:00
mikeyuewang
27b55923fb Add the selinux policy to allow the gril get/set vendor log properties. 
avc logs:
2024-07-17 06:00:41.024 8674-8674 binder:8674_1 com.google.android.grilservice W type=1400 audit(0.0:96): avc: denied { read } for name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=416 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0 app=com.google.android.grilservice
2024-07-17 06:00:41.024 8674-8674 binder:8674_1 com.google.android.grilservice W type=1400 audit(0.0:97): avc: denied { read } for name="u:object_r:vendor_modem_prop:s0" dev="tmpfs" ino=418 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_modem_prop:s0 tclass=file permissive=0 app=com.google.android.grilservice
2024-07-17 06:00:49.592 8674-8674 binder:8674_1 com.google.android.grilservice W type=1400 audit(0.0:99): avc: denied { write } for name="property_service" dev="tmpfs" ino=861 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 app=com.google.android.grilservice

2024-07-17 16:46:54.748 1-1 /system/bin/init init I type=1107 audit(0.0:103): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.verbose_logging_enabled pid=2152 uid=10238 gid=10238 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_logger_prop:s0 tclass=property_service permissive=1'
2024-07-17 16:49:33.256 1-1 /system/bin/init init I type=1107 audit(0.0:116): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.modem.extensive_logging_enabled pid=2152 uid=10238 gid=10238 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_modem_prop:s0 tclass=property_service permissive=1'

Bug: 293947661

Change-Id: I4c7076c9b948c8bf99a71445b4632dcd0bcb3b0b
 2024-07-17 20:24:56 +00:00
Munikrishna
5ca93e9b6c sepolicy: add rules for using aidl from GRIL Service 
allow to find hal_vendor_radio_external_service

Enable AIDL for V requirement

AVC log in b/352465089#comment1

Flag: EXEMPT HAL interface change
Bug: 341750446
Test: Physical device with atest GoogleRilServiceUnitTests
Test: Physical device VoLTE,VoWiFi Call with handover verification on HIDL and AIDL.
Test: Physical device RIL crash, modem crash HIDL/AIDL VoLTE,VoWiFi verification.
Change-Id: I800a69d9fed026c340c2b3b935feac0e0eb38c1d
 2024-07-17 05:54:45 +00:00
Tim Lin
45cf6e8e26 Revert^2 "sepolicy: sepolicy for dmd/sced AIDL HAL service" 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration
Forrest build result in go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

def1ba3ef0

Change-Id: If2c811627e6c85220a965d248a87e81a3a193dd0
 2024-07-01 08:33:31 +00:00
Tim Lin
3950f529e1 Revert^2 "sepolicy: declare hal_vendor_radio_external_service" 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration
Forrest build result in go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

01d2c24a52

Change-Id: I7ed8d164b90cb035535f27d076f4ed1f2656d623
 2024-07-01 08:33:04 +00:00
Tim Lin
1a213269f8 Revert^2 "sepolicy: add rules for using aidl from RCS Service" 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration
Forrest build result in go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

fd96edd330

Change-Id: Iab4e71a06e28fd10ae0a636b9dd38b346309f193
 2024-07-01 08:31:47 +00:00
Pechetty Sravani
fd96edd330 Revert "sepolicy: add rules for using aidl from RCS Service" 
Revert submission 27917806-v_hal_migration_phase3

Reason for revert: Droidmonitor created revert due to b/350390759. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:27917806-v_hal_migration_phase3

Change-Id: I6a91a1caee3f4e506d3dd2cfad48ceaa07731409
 2024-07-01 06:10:59 +00:00
Pechetty Sravani
01d2c24a52 Revert "sepolicy: declare hal_vendor_radio_external_service" 
Revert submission 27917806-v_hal_migration_phase3

Reason for revert: Droidmonitor created revert due to b/350390759. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:27917806-v_hal_migration_phase3

Change-Id: I58c1591607808e8ab152c759264186411641ecf5
 2024-07-01 06:10:59 +00:00
Pechetty Sravani
def1ba3ef0 Revert "sepolicy: sepolicy for dmd/sced AIDL HAL service" 
Revert submission 27917806-v_hal_migration_phase3

Reason for revert: Droidmonitor created revert due to b/350390759. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:27917806-v_hal_migration_phase3

Change-Id: I8ce8e60548c03556fb7c28e592d911809399e054
 2024-07-01 06:11:06 +00:00
Sungwoo choi
5a7d99b4a3 sepolicy: sepolicy for dmd/sced AIDL HAL service 
declare a type of service
  hal_vendor_modem_logging_service : for modem logging
  hal_vendor_tcpdump_service : for tcpdump

Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

Change-Id: I24374cdecd7c811ac80bb1b2670168c9cc15be31
Signed-off-by: Sungwoo choi <sungwoo48.choi@samsung.com>
 2024-06-28 12:56:22 +00:00
Sungwoo choi
8dd51f11ad sepolicy: declare hal_vendor_radio_external_service 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

Change-Id: Id523192adf8ab2d60f1778b97274f5357d06707c
Signed-off-by: Sungwoo choi <sungwoo48.choi@samsung.com>
 2024-06-28 12:53:44 +00:00
Daniel Trofimiuk
d44695709c sepolicy: add rules for using aidl from RCS Service 
allow to find hal_vendor_radio_external_service

Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

Change-Id: I39544e24ebe732e4ebab1044eade998ef534ebf6
Signed-off-by: Daniel Trofimiuk <d.trofimiuk@samsung.com>
 2024-06-28 12:49:25 +00:00
Cheng Chang
92c5aff54d gps: Move type declaration to device folder am: 8fa884d01c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27574819

Change-Id: I8d7cd44249f8912b9fab64d24ff53381e20fc05b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-12 07:27:17 +00:00
Cheng Chang
8fa884d01c gps: Move type declaration to device folder 
Bug: 343280252
Test: b/343280252 compile and abtd test
Change-Id: I492ea0b14953cf5b0111ac70bf82240522a15494
 2024-06-11 07:52:11 +00:00
Lynn Yeh
97d62f485d Merge "gps: maintain one solution" into 24D1-dev 2024-06-11 02:25:19 +00:00
Mike Wang
45d36ab2be Merge "Grant the Pixel Modem Service access to the SubscriptionManager." into main 2024-06-06 22:50:03 +00:00
Shinru Han
34de4a725d Merge "gps: maintain one solution" into main 2024-06-04 06:41:30 +00:00
mikeyuewang
785df18f1e Grant the Pixel Modem Service access to the SubscriptionManager. 
Bug: 344624813

avc denial: avc: denied { find } for pid=2372 uid=10303 name=isub scontext=u:r:pixel_modem_app:s0:c47,c257,c512,c768 tcontext=u:object_r:radio_service:s0 tclass=service_manager permissive=0

Change-Id: I2e74ae8b364a30895e2769504efcd604f19adfa7
 2024-06-03 18:54:26 +00:00
Frank Yu
3ef50e762f Update sepolicy for all device that use radioext 1.7 interface. 
Bug: 340791912
Test: v2/pixel-health-guard/device-boot-health-check-extra
Change-Id: Icd7b482d88f52fbde6b281ef58857bfa6a9edea8
 2024-05-20 03:17:49 +00:00
Wayne Lin
89a73294a0 gps: maintain one solution 
Bug: 315915958
Test: build pass and GPS function works
Change-Id: I15572cbfc9bc4aa5ca966a7905c6aac63bc972d5
Merged-In: I15572cbfc9bc4aa5ca966a7905c6aac63bc972d5
 2024-05-06 03:52:43 +00:00
Wayne Lin
e2546691fe gps: maintain one solution 
Bug: 315915958
Test: build pass and GPS function works
Change-Id: I15572cbfc9bc4aa5ca966a7905c6aac63bc972d5
 2024-05-06 03:09:11 +00:00
Nicole Lee
6e4b317a71 Allows modem_svc to read the logging related properties am: fc41724a97 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27176301

Change-Id: Id7b52b03bb7e09b91e73cfe3167cb87041618254
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-03 12:16:55 +00:00
Nicole Lee
fc41724a97 Allows modem_svc to read the logging related properties 
avc:  denied  { read } for  comm="modem_svc_sit" name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=417 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0

Bug: 337184337
Change-Id: I806eee53b4ed0414b08f6203fb07958d6e0e4be1
 2024-05-03 09:48:58 +00:00
Shawn Yang
0dd672a938 Merge "[PMS]Add context for PixelModemService and allow the access to shared modem service." into main 2024-05-02 22:20:10 +00:00
mikeyuewang
5ce4700d6f [PMS]Add context for PixelModemService and allow the access to shared modem service. 
Bug: 335490443
Change-Id: Ie5c6b0191775d42d402632c46c34cafe77fe5e60
 2024-04-26 17:02:26 +00:00
Enzo Liao
6b1e936fd8 Merge "Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common." into 24D1-dev 2024-04-25 08:22:07 +00:00
Frank Yu
7a43933e5c Merge "Update SEpolicy for grilservice_app register callbacks of AntennaTuningService. Remove callbacks from radioext native service to grilservice_app." into 24D1-dev am: e6295955ff 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/26783005

Change-Id: If67f2b8f38c48e933628b4d411b416068a42ae8a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-22 04:03:11 +00:00
Frank Yu
e6295955ff Merge "Update SEpolicy for grilservice_app register callbacks of AntennaTuningService. Remove callbacks from radioext native service to grilservice_app." into 24D1-dev 2024-04-22 03:49:13 +00:00
Enzo Liao
e4ceb50a9c Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:2761dbe28b294be5199aba6ee73013427e8d627f)
Merged-In: I455630b347f9f234365fec371142582d2cc0640a
Change-Id: I455630b347f9f234365fec371142582d2cc0640a
 2024-04-22 03:03:12 +00:00
Hidayat Khan
ea5dc2cc1e Merge "Change get_prop to only be allowed for userdebug or eng build." into main 2024-04-16 16:24:17 +00:00
Enzo Liao
e2da6846cb Merge "Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common." into main 2024-04-11 02:03:26 +00:00
Aswin Sankar
05a3a75caf Merge "Add telephony_modemtype_prop to GRIL service" into 24D1-dev am: bab1ea9e7b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/26891013

Change-Id: Ie6955ea6f52ef74297b37b5cc5a476a265cb6aa7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-10 23:09:43 +00:00
Aswin Sankar
aa139f50d2 Add telephony_modemtype_prop to GRIL service 
Bug:315993263
Test: Manual test with GRIL changes to read out
SystemProperty("telephony.ril.modem_bin_status").

Change-Id: I67303f1410e5dfb4472185210f41437be01d473b
 2024-04-09 13:28:42 -07:00
Hidayat Khan
468011067b Change get_prop to only be allowed for userdebug or eng build. 
Bug: 329006027
Test: flashed device and tested new prop locally
Change-Id: Ifdc250cccbd43f237942dc4e11e50f3c968bf65d
 2024-04-09 01:24:40 +00:00
Enzo Liao
2761dbe28b Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 
New paths (ag/26620507):
  RamdumpService: device/google/gs-common/ramdump_app
  SSRestartDetector: device/google/gs-common/ssr_detector_app

Bug: 298102808
Design: go/sys-software-logging
Test: Manual
Change-Id: I455630b347f9f234365fec371142582d2cc0640a
 2024-04-08 19:23:52 +08:00
Frank Yu
f1b959a0ed Update SEpolicy for grilservice_app register 
callbacks of AntennaTuningService. Remove callbacks from radioext native
service to grilservice_app.

Bug: 321790599
Test: Manual test. gripservice_app receive update from callback successfully. Because moving out the callbacks from radioext to grilservice_app, we don't need antennatuningservice bind to radioext anymore.
Change-Id: I6827b506b9893e43d6d9268f623b33b848863a7c
 2024-04-03 07:08:06 +00:00
kierancyphus
e94313c494 shamp: Allow shamp to register AIDL hal 
Bug: 329367768

The `file_contexts` were modified to give the previous `modem_svc_sit`
permissions to the new `shared_modem_platform` executable.
Additionally, it was marked as a valid server for the
`ISharedModemPlaform` AIDL HAL.

Test: Build, flash and check to make sure correct logs on boot
Doc: go/shared-modem-platform-cpp-backend
Change-Id: I6bd6454f1c0b0c39c3ef6477cbec0e9f53b97038
 2024-04-01 16:20:02 +08:00
Mike Wang
2b280a43ff Merge "Add the selinux policy for MDS to access modem_state file" into main 2024-03-29 15:16:19 +00:00
Hungyen Weng
1a1679c87e Allow modem_svc to access modem files and perfetto 
Bug: 330730987

Test: Confirmed that modem_svc is able to access token db files in modem partition
Test: Confiemed that modem_svc can send traces to perfetto

Change-Id: Iaff263b1052cb565ffee30e442ee3c5824f35db9
(cherry picked from commit b5b20910e8)
 2024-03-28 01:38:00 +00:00
mikeyuewang
ed2820a221 Add the selinux policy for MDS to access modem_state file 
avc deny:
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi         com.google.mds                       I  type=1400 audit(0.0:1078): avc:  denied  { read } for  name="modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi         com.google.mds                       I  type=1400 audit(0.0:1079): avc:  denied  { open } for  path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds
2024-02-20 19:21:35.941 21780-21780 DiagnosticServi         com.google.mds                       I  type=1400 audit(0.0:1080): avc:  denied  { getattr } for  path="/sys/devices/platform/cpif/modem_state" dev="sysfs" ino=60939 scontext=u:r:modem_diagnostic_app:s0:c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.mds

Bug: 331202327

Change-Id: I49bd28e4ae3b311c7e4b98567b929d3b887e0238
 2024-03-27 17:50:05 +00:00
Hidayat Khan
5ca8ee6a0d Merge "Define new persist vendor property vendor_ims_tiss_prop" into main 2024-03-27 05:22:30 +00:00