Evolution-x-devices/device_google_gs201
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_gs201 synced 2026-01-27 14:29:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,551 Commits 5 Branches 0 Tags
d1bc52d45c48960085f9f2b291d5d2ced54ab524
Commit Graph

2551 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Android Build Coastguard Worker
d1bc52d45c Snap for 12477291 from ce5420fdf4 to 25Q1-release 
Change-Id: Iade6074e262271a2cd9c2592ea1685576a1a24c9
 2024-10-09 21:02:48 +00:00
Nina Chen
ce5420fdf4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 372360090
Bug: 372359823
Bug: 372360278
Flag: EXEMPT NDK
Change-Id: I9d195d35cc58503fc7c17a8fac5fabe66026c24b
 2024-10-09 05:09:08 +00:00
Android Build Coastguard Worker
cf53f3ae99 Snap for 12465365 from 315cc63557 to 25Q1-release 
Change-Id: Id55a34550d8bea9cd311f87643e03eb3bff32760
 2024-10-07 23:03:12 +00:00
samou
315cc63557 sepolicy: allow dumpstate to execute dump_power 
10-04 19:36:47.308  7141  7141 I android.hardwar: type=1400 audit(0.0:6974): avc:  denied  { execute_no_trans } for  path="/vendor/bin/dump/dump_power" dev="overlay" ino=91 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:vendor_file:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6975): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6976): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6977): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=29227 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6978): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6979): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.332  7141  7141 I dump_power: type=1400 audit(0.0:6980): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=57472 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-04 19:36:47.336  7141  7141 I dump_power: type=1400 audit(0.0:6981): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=50604 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:25): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:26): avc:  denied  { read } for  name="version" dev="sysfs" ino=62887 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:27): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:28): avc:  denied  { read } for  name="status" dev="sysfs" ino=62888 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:29): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:24:19.640 15006 15006 W dump_power: type=1400 audit(0.0:30): avc:  denied  { read } for  name="fw_rev" dev="sysfs" ino=62915 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=file permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:29): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:30): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:31): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:32): avc:  denied  { search } for  name="power_supply" dev="sysfs" ino=79013 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:46:57.664  7194  7194 W dump_power: type=1400 audit(0.0:33): avc:  denied  { search } for  name="10d50000.hsi2c" dev="sysfs" ino=21301 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18792): avc:  denied  { search } for  name="battery" dev="sysfs" ino=63428 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18793): avc:  denied  { read } for  name="uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18794): avc:  denied  { open } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.168 14936 14936 I dump_power: type=1400 audit(0.0:18795): avc:  denied  { getattr } for  path="/sys/devices/platform/google,battery/power_supply/battery/uevent" dev="sysfs" ino=63429 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18796): avc:  denied  { search } for  name="8-003c" dev="sysfs" ino=55942 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_wlc:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18797): avc:  denied  { read } for  name="maxfg" dev="sysfs" ino=62568 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18798): avc:  denied  { read } for  name="logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 21:51:18.184 14936 14936 I dump_power: type=1400 audit(0.0:18799): avc:  denied  { open } for  path="/dev/logbuffer_tcpm" dev="tmpfs" ino=1285 scontext=u:r:dump_power:s0 tcontext=u:object_r:logbuffer_device:s0 tclass=chr_file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6191): avc:  denied  { search } for  name="mitigation" dev="dm-50" ino=3758 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6192): avc:  denied  { read } for  name="thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6193): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6194): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-50" ino=28765 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6195): avc:  denied  { search } for  name="mitigation" dev="sysfs" ino=85222 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6196): avc:  denied  { read } for  name="last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6197): avc:  denied  { open } for  path="/sys/devices/virtual/pmic/mitigation/last_triggered_count" dev="sysfs" ino=85275 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=dir permissive=1
10-04 22:01:08.400  7074  7074 I dump_power: type=1400 audit(0.0:6198): avc:  denied  { read } for  name="batoilo_count" dev="sysfs" ino=85287 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_bcl:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:875): avc:  denied  { read } for  name="thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:876): avc:  denied  { open } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-04 23:49:14.616  6976  6976 I dump_power: type=1400 audit(0.0:877): avc:  denied  { getattr } for  path="/data/vendor/mitigation/thismeal.txt" dev="dm-57" ino=15028 scontext=u:r:dump_power:s0 tcontext=u:object_r:mitigation_vendor_data_file:s0 tclass=file permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:878): avc:  denied  { read } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:879): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.540  7085  7085 I dump_power: type=1400 audit(0.0:880): avc:  denied  { search } for  name="acpm_stats" dev="sysfs" ino=25439 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=dir permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:881): avc:  denied  { read } for  name="core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:882): avc:  denied  { open } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:883): avc:  denied  { getattr } for  path="/sys/devices/platform/acpm_stats/core_stats" dev="sysfs" ino=53039 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_acpm_stats:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:884): avc:  denied  { read } for  name="time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1
10-05 00:00:44.544  7085  7085 I dump_power: type=1400 audit(0.0:885): avc:  denied  { open } for  path="/sys/devices/platform/cpupm/cpupm/time_in_state" dev="sysfs" ino=45585 scontext=u:r:dump_power:s0 tcontext=u:object_r:sysfs_cpu:s0 tclass=file permissive=1

Flag: EXEMPT refactor
Bug: 364989823
Change-Id: Ie4637b1295975c716f50333ad6635b9694a624b8
Signed-off-by: samou <samou@google.com>
 2024-10-04 16:07:07 +00:00
Android Build Coastguard Worker
614874e791 Snap for 12415101 from eb84e9c0a4 to 25Q1-release 
Change-Id: I238d37ceedd2add90f1fb360a14e8897fd31c8be
 2024-09-25 23:02:59 +00:00
Wilson Sung
eb84e9c0a4 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 369540701
Flag: EXEMPT NDK
Change-Id: Ib5edeaac550562b6bbb5ec35bfce1d6838245c6b
 2024-09-25 12:46:16 +00:00
Nina Chen
3aeae9b99f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 369475655
Flag: EXEMPT NDK
Change-Id: Ic8d895b33d24e998faa00b128cad4bc4fd1e14bf
 2024-09-25 06:30:59 +00:00
Android Build Coastguard Worker
7c38ed12d4 Snap for 12410317 from 077e59c64f to 25Q1-release 
Change-Id: I0346658cb91717317d12fd633188b602135aeb2b
 2024-09-24 23:02:39 +00:00
Android Build Coastguard Worker
447cc19829 Snap for 12399304 from a5eb284c4a to 25Q1-release 
Change-Id: Ic518fbe3cd47a05f3fc97f2f8a315e619e550bc7
 2024-09-21 23:01:21 +00:00
Tej Singh
077e59c64f Make android.framework.stats-v2-ndk app reachable 
For libedgetpu

Test: TH
Bug: 354763040
Flag: EXEMPT bugfix
Change-Id: If78bc951a9a4cfc223d01970ca6819fe2b5c6335
 2024-09-20 21:34:56 -07:00
Prochin Wang
a5eb284c4a Change vendor_fingerprint_prop to vendor_restricted_prop 
This is to allow the fingerprint HAL to access the property.

Bug: 366105474
Flag: build.RELEASE_PIXEL_BOOST_DATALAYER_PSA_ENABLED
Test: mm
Change-Id: I5b07acfd7599b099997d46b297e1f7400a9fe478
 2024-09-16 01:45:44 +00:00
Android Build Coastguard Worker
00e25eb130 Snap for 12370120 from c841b33df0 to 25Q1-release 
Change-Id: I410635f2fb27329db36467a0bac3a2918a0fe237
 2024-09-14 23:01:23 +00:00
Nina Chen
c841b33df0 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Flag: EXEMPT NDK
Bug: 366116786
Change-Id: I6d17ac72f8bdcc3fc54d08b7c23a0f5e0fd83d23
 2024-09-13 06:44:56 +00:00
Vic Huang
bd7fbe9a02 [BT] Define vendor_bluetooth_prop 
avc:  denied  { set } for property=persist.vendor.service.bdroid.bdaddr pid=860 uid=1002 gid=1002 scontext=u:r:hal_bluetooth_default:s0 tcontext=u:object_r:vendor_default_prop:s0 tclass=property_service permissive=0

Bug: 359428216
Test: Forest build
Flag: EXEMPT N/A
Change-Id: I1aeb04e32620b2815db02f34ee40eae94deeed3c
 2024-09-09 05:47:01 +00:00
Android Build Coastguard Worker
1d92a4c086 Snap for 12337407 from 5df951e8fd to 25Q1-release 
Change-Id: I6f75d2a96e7537366fcce7ea07032850dec9c2c7
 2024-09-07 23:01:34 +00:00
Xin Li
5df951e8fd [automerger skipped] Merge 24Q3 to AOSP main am: 06ca871143 -s ours am: 63111cc957 -s ours 
am skip reason: Merged-In I65790202886298f9862d68d65cf794e67db5a878 with SHA-1 9d3f39622c is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3257934

Change-Id: I0cc5ce5d8db326cabb0c0a7944eea178541df2af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-09-07 02:37:35 +00:00
Xin Li
63111cc957 [automerger skipped] Merge 24Q3 to AOSP main am: 06ca871143 -s ours 
am skip reason: Merged-In I65790202886298f9862d68d65cf794e67db5a878 with SHA-1 9d3f39622c is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3257934

Change-Id: Ib784443204b69a0e9275081636e2ce72f046d531
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-09-07 02:11:42 +00:00
Xin Li
06ca871143 Merge 24Q3 to AOSP main 
Bug: 357762254
Merged-In: I65790202886298f9862d68d65cf794e67db5a878
Change-Id: I733204cdf91a8f8355c79450373501fb34c47b54
 2024-09-05 17:02:37 -07:00
Randall Huang
b67284dc2f storage: move storage related device type to common folder 
Bug: 364225000
Test: forrest build
Change-Id: Iaed5b07a1d9823ebf3c7210921784d81bf6207a5
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-04 10:44:13 +08:00
Randall Huang
5e8b0722d0 Storage: label ufs firmware upgrade script 
Bug: 361093041
Test: local build
Change-Id: I312d071ecaaedb09b54976e6b3bfe05e7bc6cdea
Signed-off-by: Randall Huang <huangrandall@google.com>
 2024-09-02 22:22:44 +00:00
attis
150634f087 Label sysfs node power_mode as sysfs_display. 
Label power_mode to sysfs_panel to let it be allowed in dumpstate.

avc log:
08-26 13:07:49.660 12467 12467 W dump_display: type=1400 audit(0.0:19): avc:  denied  { read } for  name="power_mode" dev="sysfs" ino=89753 scontext=u:r:dump_display:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/350831939

Test: ls -Z, adb bugreport.
Flag: EXEMPT bugfix
Bug: 358505990
Change-Id: I9feeb2a8270f89d214f7d765893364d0e73f7d39
Signed-off-by: attis <attis@google.com>
 2024-09-02 04:54:13 +00:00
samou
a8d35041b3 sepolicy: gs201: fix bm selinux 
- add odpm scale value path
- add gpu cur_freq

Flag: EXEMPT refactor
Bug: 349935208
Change-Id: Ie053ead11eae4abdd0a30f74117d9c3e00eedf53
Signed-off-by: samou <samou@google.com>
 2024-08-23 10:58:20 +00:00
samou
5e0dca971a sepolicy: remove dump_power_gs201.sh 
Flag: EXEMPT refactor
Bug: 349935208
Change-Id: I3c0f48d00d312ef19677fe5ef9f080f063408667
Signed-off-by: samou <samou@google.com>
 2024-08-23 10:58:20 +00:00
Wilson Sung
7fd99e1b1b Update SELinux error 
Test: scanBugreport
Bug: 359428317
Bug: 361726277
Test: scanAvcDeniedLogRightAfterReboot
Bug: 359428317
Flag: EXEMPT bugFix
Change-Id: I2ce66f1431a2644076ff29b2337a97b366851d17
 2024-08-23 09:48:21 +00:00
Xiaofan Jiang
e8d359e8d4 Revert "Revert "gs201: update shared_modem_platform sepolicy for..." 
Revert submission 28822848-revert-28762313-SAYUORWKVG

Reason for revert: issue identify and fix is ready

Reverted changes: /q/submissionid:28822848-revert-28762313-SAYUORWKVG

Change-Id: Iae3ca282426fca573b4c42355e1b46eaa74d3c58
 2024-08-15 19:25:28 +00:00
Priyanka Advani (xWF)
e1a2549168 Revert "gs201: update shared_modem_platform sepolicy for UMI" 
Revert submission 28762313

Reason for revert: Droidmonitor created revert due to b/360059249.

Reverted changes: /q/submissionid:28762313

Change-Id: I0fc3d7d99b999eedf7e3948afb58fd962045f1e1
 2024-08-15 18:30:25 +00:00
Wilson Sung
4f8e79e4e5 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 360057889
Test: scanBugreport
Bug: 359428317
Test: scanAvcDeniedLogRightAfterReboot
Bug: 359428317
Flag: EXEMPT bugFix
Change-Id: I3d4a7bfbaab36136fbde6bbd56239e43cc9b012d
 2024-08-15 10:45:51 +00:00
Wilson Sung
0eae05186f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 360057889
Test: scanBugreport
Bug: 359428317
Test: scanAvcDeniedLogRightAfterReboot
Bug: 359428317
Flag: EXEMPT bugFix
Change-Id: Iaec87b719446dbef5dc3d8d8d563cf3f47a2a584
 2024-08-15 10:28:57 +00:00
Wilson Sung
84725d0c7a Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 360057889
Test: scanBugreport
Bug: 359428317
Test: scanAvcDeniedLogRightAfterReboot
Bug: 359428317
Flag: EXEMPT bugFix
Change-Id: I9d573610f24054bd6ea8bb3307d0102da077dc55
 2024-08-15 09:25:42 +00:00
Xiaofan Jiang
b958dd13ad gs201: update shared_modem_platform sepolicy for UMI 
Bug: 357139752

Flag: EXEMPT sepolicy

[   68.189198] type=1400 audit(1722986580.568:59): avc:  denied  { unlink } for  comm="binder:892_2" name="modem_svc_socket" dev="dm-52" ino=20239 scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1
[   68.189448] type=1400 audit(1722986580.568:60): avc:  denied  { create } for  comm="binder:892_2" name="modem_svc_socket" scontext=u:r:modem_svc_sit:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=sock_file permissive=1

Change-Id: I0bbef83a3915e4c0e284296bc5b59e0ce6cf6f15
 2024-08-15 04:01:03 +00:00
Wilson Sung
2b177e8120 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 359428005
Test: scanBugreport
Bug: 359427666
Test: scanAvcDeniedLogRightAfterReboot
Bug: 359428317
Flag: EXEMPT bugFix
Change-Id: Ib4a909b4f6e2bbad977ae66b722ad0de055ef5b5
 2024-08-13 08:50:52 +00:00
Kevin Ying
3c082cdefd Allow camera HAL to access power_state sysfs 
08-03 01:41:34.444   791   791 W TaskPool: type=1400 audit(0.0:178): avc:  denied  { read } for  name="power_state" dev="sysfs" ino=86770 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 339690296
Test: Open camera under SELinux enforcing mode, no display avc error
Flag: EXEMPT resource update only
Change-Id: Ic0f2d149cbcd8a3da5035f6d2788b4548523bbd6
Signed-off-by: Kevin Ying <kevinying@google.com>
 2024-08-09 17:40:00 +00:00
Wilson Sung
3e1197bafb Add kernel vendor_fw_file dir read permission 
07-31 05:35:39.208 885 885 W binder:885_5: type=1400 audit(0.0:125): avc: denied { read } for name="firmware" dev="dm-7" ino=48 scontext=u:r:kernel:s0 tcontext=u:object_r:vendor_fw_file:s0 tclass=dir

Fix: 356530883
Flag: EXEMPT bugfix
Change-Id: I1bb8fcfc952c69c991fd978a617eb92558817267
 2024-08-02 09:18:50 +00:00
Daniel Chapin
e825da7d84 Revert "trusty: storageproxy: add fs_ready_rw property context" 
Revert submission 28318041-rw_storage

Reason for revert: Droidfood blocking bug b/355163562

Reverted changes: /q/submissionid:28318041-rw_storage

Change-Id: Ifa22c1551e75dd5161a19c5fb5cb372fe669921c
 2024-07-24 20:17:20 +00:00
Mike McTernan
27df5480c4 trusty: storageproxy: add fs_ready_rw property context 
Flag: EXEMPT bug fix
Bug: 350362101
Test: ABTD
Change-Id: I2d6d1ab8dbd60c21a16cadc26c5e4d5d290df42d
 2024-07-23 10:02:20 +00:00
Carl Tsai
e1d272f6c9 Add to allocate a security context for panel_pwr_vreg 
type=1400 audit(1719903781.812:18): avc:  denied  { read } for  comm="dump_display" name="panel_pwr_vreg" dev="sysfs" ino=87631 scontext=u:r:dump_display:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 350831939
Test: run pts -m PtsSELinuxTestCases -t com.google.android.selinux.pts.SELinuxTest#scanBugreport to check the test is Pass
Flag: EXEMPT bugfix
Change-Id: Ib03479bece87f26f48d6998dfd9b2dd84d439204
 2024-07-16 08:02:09 +00:00
Aaron Tsai
b05833237c Add permission for setting gril property 
05-22 18:00:40.443   948   948 I auditd  : type=1400 audit(0.0:854): avc:  denied  { write } for  comm="radioext@1.0-se" name="property_service" dev="tmpfs" ino=851 scontext=u:r:hal_radioext_default:s0 tcontext=u:object_r:property_socket:s0 tclass=sock_file permissive=0

Bug: 343012301
Bug: 203824024
Test: manual test
Flag: EXEMPT bugfix
Change-Id: Ie873e186d3eda618ba832164d9c9713b410977d2
 2024-07-05 08:05:01 +00:00
Wilson Sung
e3ae25faca Update SELinux error 
Test: scanBugreport
Bug: 350831939
Bug: 350832009
Change-Id: Ib8cee5cf5cb6acc734c2334e91b49aa4b7a02863
 2024-07-03 02:04:37 +00:00
Xin Li
548222aa57 [automerger skipped] Merge 24Q3 (ab/11976889) to aosp-main-future am: 88b5690472 -s ours 
am skip reason: Merged-In I65790202886298f9862d68d65cf794e67db5a878 with SHA-1 9d3f39622c is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/27908796

Change-Id: I6b8be580827f70f07b80f05b9ca9dcea00c131ef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-20 21:09:07 +00:00
Xin Li
88b5690472 Merge 24Q3 (ab/11976889) to aosp-main-future 
Bug: 347831320
Merged-In: I65790202886298f9862d68d65cf794e67db5a878
Change-Id: I807edd294c09ad0af1d37bb6e01f8b500062fdee
 2024-06-18 14:13:23 -07:00
Xin Li
db2e61924e [automerger skipped] Merge Android 14 QPR3 to AOSP main am: 04b32a1035 -s ours am: b7616414ad -s ours 
am skip reason: Merged-In I2543b8c140628545d367aeff42010369e3359cf7 with SHA-1 958d751956 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3132294

Change-Id: I816ede9a7a2c65cace5f1a23b44e394905a1289c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-18 05:55:20 +00:00
Xin Li
b7616414ad [automerger skipped] Merge Android 14 QPR3 to AOSP main am: 04b32a1035 -s ours 
am skip reason: Merged-In I2543b8c140628545d367aeff42010369e3359cf7 with SHA-1 958d751956 is already in history

Original change: https://android-review.googlesource.com/c/device/google/gs201-sepolicy/+/3132294

Change-Id: Ibe4946b0330c461d66abbf6ec4eaf44932e73690
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-06-17 20:41:49 +00:00
Xin Li
04b32a1035 Merge Android 14 QPR3 to AOSP main 
Bug: 346855327
Merged-In: I2543b8c140628545d367aeff42010369e3359cf7
Change-Id: I79097f05ad471c387d5d62b6d31f3ef390e43f94
 2024-06-13 10:48:23 -07:00
Xin Li
d279e5fbfd [automerger skipped] Merge Android 24Q2 Release (ab/11526283) to aosp-main-future am: 958d751956 -s ours 
am skip reason: Merged-In Ifcf73176620f44743a8aa252f8afed85c3af475c with SHA-1 1c7d8f80f2 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/27273660

Change-Id: I629080ea20475918f6c7b4efdf12b6754b4be4a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-29 21:59:13 +00:00
Xin Li
57a28fc4fb [automerger skipped] Merge Android 24Q2 Release (ab/11526283) to aosp-main-future am: 958d751956 -s ours 
am skip reason: Merged-In Ifcf73176620f44743a8aa252f8afed85c3af475c with SHA-1 1c7d8f80f2 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/27273660

Change-Id: Ib8ab6854fd050ae94bc197debbce33b11345f03b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-05-29 19:45:56 +00:00
Chaitanya Cheemala
9d3f39622c Revert "SELinux: fix avc denials" 
This reverts commit d1fe9f8f80.

Reason for revert: Likely culprit for b/340511525  - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.

Change-Id: I65790202886298f9862d68d65cf794e67db5a878
 2024-05-14 15:07:58 +00:00
Ken Yang
d1fe9f8f80 SELinux: fix avc denials 
Bug: 338332877
Change-Id: I5fb0a73cdc0d276ec14e55906c9bbd9c6875c786
Signed-off-by: Ken Yang <yangken@google.com>
 2024-05-14 05:14:55 +00:00
chenkris
5a1bb0df6e Allow fingerprint to access the folder /data/vendor/fingerprint 
Fix the following avc denial:
android.hardwar: type=1400 audit(0.0:20): avc:  denied  { write } for  name="fingerprint" dev="dm-56" ino=36703 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:vendor_data_file:s0 tclass=dir permissive=0

Bug: 267766859
Test: Tested fingerprint under enforcing mode
Change-Id: I11c465fe89fcbfa7d9132ccee1c7666d1cd75a24
 2024-05-08 08:46:26 +00:00
Xin Li
958d751956 Merge Android 24Q2 Release (ab/11526283) to aosp-main-future 
Bug: 337098550
Merged-In: Ifcf73176620f44743a8aa252f8afed85c3af475c
Change-Id: I2543b8c140628545d367aeff42010369e3359cf7
 2024-05-06 12:18:07 -07:00
Enzo Liao
a4536fa426 [automerger skipped] Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. am: ceab5d1740 -s ours 
am skip reason: Merged-In I57f9b8b77aa070ad2216cae1e84630a26a03618d with SHA-1 66254ad14d is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs201-sepolicy/+/27046444

Change-Id: Ic36d68f2a6402a9d8c16b12fb0157b7c591000e4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-04-26 08:08:35 +00:00