Evolution-X-Tensor/device_google_zumapro
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
679 commits 1 branch 0 tags 4 MiB
Commit graph

679 commits

This branch
This branch
All branches
Author SHA1 Message Date
Donnie Pollitz
cb18bb48d5 trusty: Allow linking/read tdp and td 
Background:
* storageproxyd needs to be able to create and read symlinks associated
  with TDP and TD.

08-07 08:13:44.868   750   750 W binder:750_2: type=1400 audit(0.0:18): avc:  denied  { create } for  name="0" scontext=u:r:tee:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=lnk_file permissive=0
08-07 07:35:19.396   755   755 W binder:755_2: type=1400 audit(0.0:7): avc:  denied  { read } for  name="0" dev="sda1" ino=15 scontext=u:r:tee:s0 tcontext=u:object_r:persist_ss_file:s0 tclass=lnk_file permissive=0
08-07 08:34:24.956   742   742 W binder:742_2: type=1400 audit(0.0:8): avc:  denied  { read } for  name="persist" dev="dm-52" ino=406 scontext=u:r:tee:s0 tcontext=u:object_r:tee_data_file:s0 tclass=lnk_file permissive=0

Flag: EXEMPT resource only update
Bug: 357815590
Test: Tested by purging device and verifying fresh device
Change-Id: Ib239534bfb28d05de14095e84961ff0f84cde68d
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2024-08-07 08:41:32 +00:00
Treehugger Robot
cae1a2aba4 Merge "allow power hal to access vendor_mm files" into main 2024-08-05 02:55:04 +00:00
Gil Liu
b356ac167e Merge "add hal_graphics_composer to access thermal temperature" into main 2024-07-29 06:10:28 +00:00
Manali Bhutiyani
156e14bb70 Merge "DisplayPort Stats: add sysfs access permission on Zumapro devices" into main 2024-07-26 03:45:52 +00:00
Mike Wang
4bd4705847 Merge "Add the selinux policy to allow the gril get/set vendor log properties." into main 2024-07-26 01:15:34 +00:00
Carlos Rodriguez
dd5b70f378 DisplayPort Stats: add sysfs access permission on Zumapro devices 
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:21): avc:  denied  { read } for  name="fec_dsc_supported" dev="sysfs" ino=82516 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:22): avc:  denied  { read } for  name="fec_dsc_not_supported" dev="sysfs" ino=82517 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:23): avc:  denied  { read } for  name="max_res_other" dev="sysfs" ino=82515 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
07-25 14:13:16.736  5784  5784 W pixelstats-vend: type=1400 audit(0.0:24): avc:  denied  { read } for  name="max_res_1366_768" dev="sysfs" ino=82505 scontext=u:r:pixelstats_vendor:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 343602691
Bug: 317486088

Flag: EXEMPT bugfix
Test: Android built and flashed and error is gone
Change-Id: I594536581ea468d40c9153bdc1bdd6b1ab7282fd
 2024-07-25 21:14:55 +00:00
Daniel Chapin
fa8775c3d7 Merge "Revert "trusty: storageproxy: add fs_ready_rw property context"" into main 2024-07-24 21:48:56 +00:00
Daniel Chapin
c4ee95638e Revert "trusty: storageproxy: add fs_ready_rw property context" 
Revert submission 28318041-rw_storage

Reason for revert: Droidfood blocking bug b/355163562

Reverted changes: /q/submissionid:28318041-rw_storage

Change-Id: I288409c06c81b9e4be8f5af40f0afdc37e7f091e
 2024-07-24 20:17:39 +00:00
Mike McTernan
b03ccb29e1 Merge "trusty: storageproxy: add fs_ready_rw property context" into main 2024-07-23 10:02:28 +00:00
Spade Lee
1e8d564ca2 Merge "sepolicy: removes dump_power tracking denial" into main 2024-07-23 03:18:19 +00:00
gilliu
4c189644a9 add hal_graphics_composer to access thermal temperature 
type=1400 audit(0.0:77): avc:  denied  { search } for  name="thermal"
dev="tmpfs" ino=1618 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:thermal_link_device:s0 tclass=dir permissive=0

type=1400 audit(0.0:74): avc:  denied  { search } for  name="thermal"
dev="sysfs" ino=21594 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=dir permissive=0

type=1400 audit(0.0:74): avc:  denied  { read } for  name="temp"
dev="sysfs" ino=73536 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=0

type=1400 audit(0.0:74): avc:  denied  { getattr } for
path="/sys/devices/virtual/thermal/thermal_zone12/temp" dev="sysfs"
ino=73537 scontext=u:r:hal_graphics_composer_default:s0
tcontext=u:object_r:sysfs_thermal:s0 tclass=file permissive=0

Bug: 340846691
Test: check no avc pattern on logcat from test image
Flag: NONE add permission
Change-Id: I0f327b98e32627e00be4cc0d0a99be39d1ec3bf2
 2024-07-22 12:18:58 +00:00
Spade Lee
8d61b53a50 sepolicy: removes dump_power tracking denial 
avc:  denied  { read } for  name="maxfg_history" dev="tmpfs" ino=1144 scontext=u:r:dump_power:s0 tcontext=u:object_r:battery_history_device:s0 tclass=chr_file permissive=0

Bug: 353418158
Test: atest-dev com.google.android.selinux.pts.SELinuxTest#scanBugreport => PASS
Flag: EXEMPT bugfix
Change-Id: Ie71eb273915eca6b38281a5f7a8a2b8a6bdcf4c8
Signed-off-by: Spade Lee <spadelee@google.com>
 2024-07-18 10:19:43 +00:00
mikeyuewang
27b55923fb Add the selinux policy to allow the gril get/set vendor log properties. 
avc logs:
2024-07-17 06:00:41.024 8674-8674 binder:8674_1 com.google.android.grilservice W type=1400 audit(0.0:96): avc: denied { read } for name="u:object_r:vendor_logger_prop:s0" dev="tmpfs" ino=416 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_logger_prop:s0 tclass=file permissive=0 app=com.google.android.grilservice
2024-07-17 06:00:41.024 8674-8674 binder:8674_1 com.google.android.grilservice W type=1400 audit(0.0:97): avc: denied { read } for name="u:object_r:vendor_modem_prop:s0" dev="tmpfs" ino=418 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_modem_prop:s0 tclass=file permissive=0 app=com.google.android.grilservice
2024-07-17 06:00:49.592 8674-8674 binder:8674_1 com.google.android.grilservice W type=1400 audit(0.0:99): avc: denied { write } for name="property_service" dev="tmpfs" ino=861 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0 app=com.google.android.grilservice

2024-07-17 16:46:54.748 1-1 /system/bin/init init I type=1107 audit(0.0:103): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.verbose_logging_enabled pid=2152 uid=10238 gid=10238 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_logger_prop:s0 tclass=property_service permissive=1'
2024-07-17 16:49:33.256 1-1 /system/bin/init init I type=1107 audit(0.0:116): uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { set } for property=persist.vendor.modem.extensive_logging_enabled pid=2152 uid=10238 gid=10238 scontext=u:r:grilservice_app:s0:c238,c256,c512,c768 tcontext=u:object_r:vendor_modem_prop:s0 tclass=property_service permissive=1'

Bug: 293947661

Change-Id: I4c7076c9b948c8bf99a71445b4632dcd0bcb3b0b
 2024-07-17 20:24:56 +00:00
Munikrishna J
05fdf378c0 Merge "sepolicy: add rules for using aidl from GRIL Service" into main 2024-07-17 10:33:57 +00:00
Munikrishna
5ca93e9b6c sepolicy: add rules for using aidl from GRIL Service 
allow to find hal_vendor_radio_external_service

Enable AIDL for V requirement

AVC log in b/352465089#comment1

Flag: EXEMPT HAL interface change
Bug: 341750446
Test: Physical device with atest GoogleRilServiceUnitTests
Test: Physical device VoLTE,VoWiFi Call with handover verification on HIDL and AIDL.
Test: Physical device RIL crash, modem crash HIDL/AIDL VoLTE,VoWiFi verification.
Change-Id: I800a69d9fed026c340c2b3b935feac0e0eb38c1d
 2024-07-17 05:54:45 +00:00
Wilson Sung
19c65ba48e Merge "Update SELinux error" into main 2024-07-17 04:31:22 +00:00
Roy Luo
71d51ce40a Merge "Add xhci-hcd-exynos.7 wakeup paths for suspend service" into main 2024-07-17 01:23:23 +00:00
Roy Luo
d1ad140faf Add xhci-hcd-exynos.7 wakeup paths for suspend service 
Bug: 334189230
Test: verified on device
Change-Id: I0adcbe0bb1aff8ff4442c16bb733603ad8c012cf
Signed-off-by: Roy Luo <royluo@google.com>
 2024-07-16 19:49:52 +00:00
Wilson Sung
c7854c06ea Update SELinux error 
Test: scanBugreport
Bug: 353418158
Test: scanAvcDeniedLogRightAfterReboot
Bug: 353418189
Flag: EXEMPT bugfix
Change-Id: I5ce38640b68ca64749b07fd04d79e444d82ce206
 2024-07-16 06:14:01 +00:00
Mike McTernan
55bd5b089d sepolicy:tracking_denials: add btlinux vendor_aoc_prop 
Flag: EXEMPT bug fix
Bug: 353262026
Test: ABTD
Change-Id: I28a9e49eab75087aa424af1fd2cc5ead28285a2b
 2024-07-15 19:18:29 +00:00
Martin Liu
0df50bf182 allow power hal to access vendor_mm files 
I auditd  : type=1400 audit(0.0:79): avc:  denied  { write } for  comm="NodeLooperThrea" name="vendor_mm" dev="sysfs" ino=56518 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_vendor_mm:s0 tclass=dir permissive=0

Bug: 351708752
Test: check avc error
Flag: EXEMPT adding avc rule
Change-Id: Ibcc22d3157c0108dfc879b906fd500e13628d293
Signed-off-by: Martin Liu <liumartin@google.com>
 2024-07-15 12:52:25 +00:00
Mike McTernan
a03bdd961a trusty: storageproxy: add fs_ready_rw property context 
Flag: EXEMPT bug fix
Bug: 350362101
Test: ABTD
Change-Id: I6c5f4a550b00f4a2de03e6313448a4918ac4a425
 2024-07-15 10:41:49 +01:00
Cheng Gu
6d465a9099 Update tracking_denials/bug_map. 
Removes denial tracking of b/322916328.

Fix: 322916328
Test: none
Flag: EXEMPT bugfix
Change-Id: Ib16f0897f3a438fe147a0919897163407b857443
 2024-07-15 05:39:33 +00:00
Liana Kazanova
9349b26f01 Merge "Revert "Delete sepolicy for legacy VR services."" into main 2024-07-11 22:40:20 +00:00
Liana Kazanova
3240bd79ed Revert "Delete sepolicy for legacy VR services." 
This reverts commit 44db75e814.

Reason for revert: Droidmonitor created revert due to b/352465601. Will be verifying through ABTD before submission

Change-Id: I47918f16fbc5745758abf906017c68ef95a708f4
 2024-07-11 20:56:16 +00:00
Jeremy DeHaan
4e0127be0e Allow HWC to access frame_rate node am: d5304a1144 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27815978

Change-Id: I1120124b8943793b3a40e390c7d243d0cc000f20
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-07-11 17:44:59 +00:00
Treehugger Robot
a61880366c Merge "Delete sepolicy for legacy VR services." into main 2024-07-11 03:56:41 +00:00
Krzysztof Kosiński
44db75e814 Delete sepolicy for legacy VR services. 
None of the zumapro devices include these services.

Bug: 234559097
Test: presubmit
Flag: EXEMPT dead code removal
Change-Id: Iad24884869a1abd5daed60ef032b3f6c016aaf2d
 2024-07-10 22:20:52 +00:00
Vishvam Mazumdar
88e0059ef0 Merge "Add SELinux policy to allow CPU Idle Histogram Stats in dumpstate." into main 2024-07-10 21:41:10 +00:00
Vishvam Mazumdar
d6b8239e73 Add SELinux policy to allow CPU Idle Histogram Stats in dumpstate. 
This change is to allow the CPU Idle Histogram Stats to be dumped in
bugreports so that there is more insight into the idle behavior of
devices in the field.

Test: build/flash
Test: adb bugreport
Bug: 344908619
Flag: EXEMPT bugfix
Change-Id: If19b9471cf91ddc6e16347e7a4ea18d3298783d5
Signed-off-by: Vishvam Mazumdar <vmazumdar@google.com>
 2024-07-10 21:39:23 +00:00
Jeremy DeHaan
d5304a1144 Allow HWC to access frame_rate node 
Flag: EXEMPT bugfix
Bug: 346461765
Change-Id: Id7b3195e76cdce3e612eb9c9d177af24145e70a2
Signed-off-by: Jeremy DeHaan <jdehaan@google.com>
(cherry picked from commit b3d863d552)
 2024-07-09 18:57:35 +00:00
Jeremy DeHaan
b3d863d552 Allow HWC to access frame_rate node 
Flag: EXEMPT bugfix
Bug: 346461765
Change-Id: Id7b3195e76cdce3e612eb9c9d177af24145e70a2
Signed-off-by: Jeremy DeHaan <jdehaan@google.com>
 2024-07-04 19:47:10 +00:00
Wilson Sung
8b0c2f2379 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 350830429
Bug: 350830390
Test: scanBugreport
Bug: 350830756
Bug: 350830411
Bug: 350830657
Bug: 350830132
Bug: 350830796
Test: scanAvcDeniedLogRightAfterReboot
Bug: 350830879
Bug: 350830475
Bug: 350830680
Bug: 350830758
Change-Id: Id961fa8d79caea0bca4770beab722a4e1933f879
 2024-07-03 01:56:07 +00:00
Madhav Iyengar
8a2f931739 Extend ag/28090723 to zumapro. 
ag/28090723 missed giving the bthal access to AoC version for zumapro
devices as well as zuma devices. This fixes that.

Bug: 349661931
Flag: com.android.bluetooth.hal.flags.pixel_bt_aoc_offload_efw_xport
Test: bthal on zumapro can read AoC version property
Change-Id: Iec6558630f7cbac7dc83bd621a9d8dbcd9bed000
 2024-07-02 00:26:55 +00:00
Tim Lin
45cf6e8e26 Revert^2 "sepolicy: sepolicy for dmd/sced AIDL HAL service" 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration
Forrest build result in go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

def1ba3ef0

Change-Id: If2c811627e6c85220a965d248a87e81a3a193dd0
 2024-07-01 08:33:31 +00:00
Tim Lin
3950f529e1 Revert^2 "sepolicy: declare hal_vendor_radio_external_service" 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration
Forrest build result in go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

01d2c24a52

Change-Id: I7ed8d164b90cb035535f27d076f4ed1f2656d623
 2024-07-01 08:33:04 +00:00
Tim Lin
1a213269f8 Revert^2 "sepolicy: add rules for using aidl from RCS Service" 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration
Forrest build result in go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

fd96edd330

Change-Id: Iab4e71a06e28fd10ae0a636b9dd38b346309f193
 2024-07-01 08:31:47 +00:00
Pechetty Sravani
fd96edd330 Revert "sepolicy: add rules for using aidl from RCS Service" 
Revert submission 27917806-v_hal_migration_phase3

Reason for revert: Droidmonitor created revert due to b/350390759. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:27917806-v_hal_migration_phase3

Change-Id: I6a91a1caee3f4e506d3dd2cfad48ceaa07731409
 2024-07-01 06:10:59 +00:00
Pechetty Sravani
01d2c24a52 Revert "sepolicy: declare hal_vendor_radio_external_service" 
Revert submission 27917806-v_hal_migration_phase3

Reason for revert: Droidmonitor created revert due to b/350390759. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:27917806-v_hal_migration_phase3

Change-Id: I58c1591607808e8ab152c759264186411641ecf5
 2024-07-01 06:10:59 +00:00
Pechetty Sravani
def1ba3ef0 Revert "sepolicy: sepolicy for dmd/sced AIDL HAL service" 
Revert submission 27917806-v_hal_migration_phase3

Reason for revert: Droidmonitor created revert due to b/350390759. Will be verifying through ABTD before submission.

Reverted changes: /q/submissionid:27917806-v_hal_migration_phase3

Change-Id: I8ce8e60548c03556fb7c28e592d911809399e054
 2024-07-01 06:11:06 +00:00
Sungwoo choi
5a7d99b4a3 sepolicy: sepolicy for dmd/sced AIDL HAL service 
declare a type of service
  hal_vendor_modem_logging_service : for modem logging
  hal_vendor_tcpdump_service : for tcpdump

Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

Change-Id: I24374cdecd7c811ac80bb1b2670168c9cc15be31
Signed-off-by: Sungwoo choi <sungwoo48.choi@samsung.com>
 2024-06-28 12:56:22 +00:00
Sungwoo choi
8dd51f11ad sepolicy: declare hal_vendor_radio_external_service 
Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

Change-Id: Id523192adf8ab2d60f1778b97274f5357d06707c
Signed-off-by: Sungwoo choi <sungwoo48.choi@samsung.com>
 2024-06-28 12:53:44 +00:00
Daniel Trofimiuk
d44695709c sepolicy: add rules for using aidl from RCS Service 
allow to find hal_vendor_radio_external_service

Enable AIDL for V requirement

AVC log in b/281968564#comment208 and go/v-ril-hal-migration

Bug: 281968564
Test: telephony function test
Flag: EXEMPT HAL interface change

Change-Id: I39544e24ebe732e4ebab1044eade998ef534ebf6
Signed-off-by: Daniel Trofimiuk <d.trofimiuk@samsung.com>
 2024-06-28 12:49:25 +00:00
Jack Wu
ee58427ea3 add permission for rt9471 sysfs 
Bug: 347914940
Test: adb bugreport
Flag: EXEMPT bugfix
Change-Id: I155c58d857f676fc3a2ff6c2fe9be6262405c7b9
Signed-off-by: Jack Wu <wjack@google.com>
 2024-06-19 16:13:33 +08:00
Kiwon Park
04cd87f1de [automerger skipped] Merge "Revert "Add setupwizard_feature_prop as one of properties allowe..."" into 24D1-dev am: 2af9745bc8 -s ours 
am skip reason: Merged-In I8c8473f5a9c0cf9c53a95943101976d4b7103580 with SHA-1 33de53de68 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27828775

Change-Id: I832ac558cc338607af93f062bac9d41daf49c0b5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-15 00:31:11 +00:00
Achigo Liu
c606d0cdc5 [automerger skipped] Revert "Add setupwizard_feature_prop as one of properties allowe..." am: 8a95fcc899 -s ours 
am skip reason: Merged-In I8c8473f5a9c0cf9c53a95943101976d4b7103580 with SHA-1 33de53de68 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zumapro-sepolicy/+/27828775

Change-Id: Ifdd47b2f374967d92b6bc076096e73859b2f424e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-15 00:31:07 +00:00
Kiwon Park
2af9745bc8 Merge "Revert "Add setupwizard_feature_prop as one of properties allowe..."" into 24D1-dev 2024-06-15 00:24:49 +00:00
Kiwon Park
4e6cd49893 Merge "Revert "Add setupwizard_feature_prop as one of properties allowed to be read"" into main 2024-06-14 00:06:27 +00:00
Achigo Liu
8a95fcc899 Revert "Add setupwizard_feature_prop as one of properties allowe..." 
Revert submission 27717640-bootstrap

Reason for revert: mount vendor partition failed when OTA

Reverted changes: /q/submissionid:27717640-bootstrap

Change-Id: I8602fb3b435af864061b0c0f4f742684e228f34e
Merged-In: I8c8473f5a9c0cf9c53a95943101976d4b7103580
 2024-06-13 17:36:55 +00:00
Kiwon Park
33de53de68 Revert "Add setupwizard_feature_prop as one of properties allowed to be read" 
This reverts commit 26efc37a3d.

Reason for revert: Doesn't fix the issues in factory testing

Change-Id: I8c8473f5a9c0cf9c53a95943101976d4b7103580
 2024-06-13 17:24:30 +00:00