Evolution-x-devices/device_google_wahoo
2
0
Fork 0
mirror of https://github.com/Evolution-X-Devices/device_google_wahoo synced 2026-02-01 07:50:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,575 Commits 2 Branches 0 Tags
155dbc92aedb524f1c819d90bac3ff1a347ac710
Commit Graph

1575 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lennart Wieboldt
155dbc92ae wohoo: remove cpuset foreground boost 
am: 150af4c811

Change-Id: I5ea9a2a329cc0ed29fe1ee36520315282ed25a19
 2017-11-14 05:37:04 +00:00
Lennart Wieboldt
150af4c811 wohoo: remove cpuset foreground boost 
Cpuset foreground boost is departed since
https://android.googlesource.com/platform/frameworks/base/+/a712d4058f6f85268838

Change-Id: Iab1834dbb8cce15480b5e11968bcfff7cc80177e
Signed-off-by: Lennart Wieboldt <lennart.1997@gmx.de>
 2017-11-14 05:33:39 +00:00
Tao Bao
2959768511 Merge "sepolicy: Remove update_verifier.te." 
am: 14716fc148

Change-Id: I20feab09fc6bd12f5632bcf6adfc280000f39542
 2017-11-14 03:13:25 +00:00
Treehugger Robot
14716fc148 Merge "sepolicy: Remove update_verifier.te." 2017-11-14 03:05:16 +00:00
Tao Bao
3d4c191247 sepolicy: Remove update_verifier.te. 
It has been added into core policy through
https://android-review.googlesource.com/c/platform/system/sepolicy/+/503421.

Bug: 63440407
Test: update_verifier successfully triggers blocks verification and
      marks a sucessful boot;
Test: No sysfs_dm related denials on walleye.
Change-Id: I5605af8b10d890489c25f16f82274f828e10e751
(cherry picked from commit e2c0c287fb)
 2017-11-13 13:28:14 -08:00
Lennart Wieboldt
08424a84df wahoo: remove LOCAL_CLANG := true 
am: 8f4072e87a

Change-Id: I81725f6dcca41b4d1b316239b48d1f9f56e364a5
 2017-11-13 19:54:23 +00:00
Lennart Wieboldt
6b3695f00b wahoo: remove departed ENABLE_CPUSETS flag 
am: eaa1a041ec

Change-Id: I6a8c9b09eb3f5b6b9b0d9cfb64f41f6546b380be
 2017-11-13 19:41:27 +00:00
Lennart Wieboldt
8f4072e87a wahoo: remove LOCAL_CLANG := true 
Clang is the default compiler since nougat.

Change-Id: I565e25f9f688a979eac41de0eee4a88b24099098
Signed-off-by: Lennart Wieboldt <lennart.1997@gmx.de>
 2017-11-13 18:00:37 +00:00
Lennart Wieboldt
eaa1a041ec wahoo: remove departed ENABLE_CPUSETS flag 
It´s an runtime check now so we don´t need the build time variable anymore.
The behaviour changed with this commit:
391ab069b1

Change-Id: I41f88455a9a303a6a07cb5bce33b43578c25a5d0
Signed-off-by: Lennart Wieboldt <lennart.1997@gmx.de>
 2017-11-13 18:35:43 +01:00
Jeff Vander Stoep
0d0c712b4b Merge "Clean up commented out permissions" 
am: 64936a0238

Change-Id: I469eaaea6cb78a000a7450442378fca12de73fd7
 2017-11-11 00:39:00 +00:00
Treehugger Robot
64936a0238 Merge "Clean up commented out permissions" 2017-11-11 00:32:22 +00:00
Jeff Vander Stoep
e74598517d Clean up commented out permissions 
Test: none
Change-Id: I26f4a18ad1141a5d402ddd38505a4cdaee266c4e
 2017-11-10 14:54:10 -08:00
Chenjie Luo
8d06a43142 Allow easel to read sysfs_easel dir 
am: 3b8bac308a

Change-Id: Ic5ea9299202a141d28d070f3c420387effef86c2
 2017-11-10 20:03:40 +00:00
Chenjie Luo
3b8bac308a Allow easel to read sysfs_easel dir 
Test: easelmanagerd_client_example
Change-Id: I494e35e8127cba0bcbfcd9ed68776268dfb42131
 2017-11-10 10:03:19 -08:00
Jeff Vander Stoep
cdfb42f233 Move platform/vendor data violations to device policy 
am: 98dd9bb659

Change-Id: Ibf51767859153a0016ef74b896233835011cfcdb
 2017-11-10 16:28:56 +00:00
Jeff Vander Stoep
98dd9bb659 Move platform/vendor data violations to device policy 
Sharing data folders by path will be disallowed because it violates
the approved API between platform and vendor components tested by
VTS. Move all violating permissions from core selinux policy to
device specific policy so that we can exempt existing devices from
the ban and enforce it on new devices.

Bug: 34980020
Test: Move permissions. Build and test wifi, wifi AP, nfc, fingerprint
    and Play movies on Marlin.
Test: build Taimen

Change-Id: I1c2f2acac02266f8d07ff1fc3c69329af0aa2f3d
 2017-11-09 14:03:32 -08:00
Jeff Vander Stoep
c4a8826ab6 Grant HALs access to diag_device 
am: 4c1bb0c66e

Change-Id: I7a37cb5ac361392498a104cfebb47c811ddb9a41
 2017-11-09 21:16:55 +00:00
Max Bires
b889c22817 Adding userdebug/eng diag access for following domains 
am: a72c9eda39

Change-Id: If9c3dacae2bc3ba26aeb092d422c8d31528455eb
 2017-11-09 21:16:41 +00:00
Ecco Park
b20f9272e1 sepolicy: change the sepolicy for cnss_diag 
am: d9bf00f0fa

Change-Id: I0ec1525576d9d3e77b09984ca7cdbe6ecc76c7ce
 2017-11-09 21:16:26 +00:00
Jeff Vander Stoep
454b33c2c6 sepolicy: domain: remove world access to /dev/diag 
am: d683b2f369

Change-Id: Iee7803681507f95533f800fc49f2bf516b6cc786
 2017-11-09 21:16:10 +00:00
Jeff Vander Stoep
4c1bb0c66e Grant HALs access to diag_device 
avc: denied { read write } for comm="imsrcsd" name="diag"
dev="tmpfs" ino=9694 scontext=u:r:hal_rcsservice:s0
tcontext=u:object_r:diag_device:s0 tclass=chr_file
avc: denied { read write } for comm="ims_rtp_daemon"
name="diag" dev="tmpfs" ino=9694 scontext=u:r:hal_imsrtp:s0
tcontext=u:object_r:diag_device:s0 tclass=chr_file

Bug: 68705274
Test: build
Change-Id: I39f21c1e01001ea83d38461b450e42db1d21991d
 2017-11-09 09:57:31 -08:00
Max Bires
a72c9eda39 Adding userdebug/eng diag access for following domains 
World access to diag_device for userdebug/eng builds was revoked due to
potential for dangerous use from 3rd party code so this
CL grants access back to the domains that requested it.

denied { read write } for pid=832 comm="qti" name="diag" dev="tmpfs" ino
=9583 scontext=u:r:qti:s0 tcontext=u:object_r:diag_device:s0 tclass=chr_
file

denied { read write } for pid=808 comm="thermal-engine" name="diag" dev=
"tmpfs" ino=9583 scontext=u:r:thermal-engine:s0 tcontext=u:object_r:diag
_device:s0 tclass=chr_file

denied { read write } for pid=877 comm="cnss_diag" name="diag" dev="tmpf
s" ino=9583 scontext=u:r:wcnss_service:s0 tcontext=u:object_r:diag_devic
e:s0 tclass=chr_file

denied { read write } for pid=816 comm="imsqmidaemon" name="diag" dev="t
mpfs" ino=9583 scontext=u:r:ims:s0 tcontext=u:object_r:diag_device:s0 tc
lass=chr_file

denied { read write } for pid=753 comm="android.hardwar" name="diag" dev
="tmpfs" ino=9583 scontext=u:r:hal_sensors_default:s0 tcontext=u:object_
r:diag_device:s0 tclass=chr_file

denied { read write } for pid=772 comm="sensors.qcom" name="diag" dev="t
mpfs" ino=9583 scontext=u:r:sensors:s0 tcontext=u:object_r:diag_device:s
0 tclass=chr_file

denied { read write } for pid=677 comm="time_daemon" name="diag" dev="tm
pfs" ino=9583 scontext=u:r:time_daemon:s0 tcontext=u:object_r:diag_devic
e:s0 tclass=chr_file

denied { read write } for pid=618 comm="android.hardwar" name="diag" dev
="tmpfs" ino=9583 scontext=u:r:hal_graphics_composer_default:s0 tcontext
=u:object_r:diag_device:s0 tclass=chr_file

denied { read write } for pid=854 comm="rild" name="diag" dev="tmpfs" in
o=10642 scontext=u:r:rild:s0 tcontext=u:object_r:diag_device:s0 tclass=c
hr_file

denied { read write } for pid=828 comm="netmgrd" name="diag" dev="tmpfs"
ino=10642 scontext=u:r:netmgrd:s0 tcontext=u:object_r:diag_device:s0 tcl
ass=chr_file

denied { read write } for pid=826 comm="cnd" name="diag" dev="tmpfs" ino
=10642 scontext=u:r:cnd:s0 tcontext=u:object_r:diag_device:s0 tclass=chr
_file

denied { read write } for pid=1559 comm="iptables-wrappe" path="/dev/dia
g" dev="tmpfs" ino=17555 scontext=u:r:netutils_wrapper:s0 tcontext=u:obj
ect_r:diag_device:s0 tclass=chr_file

Test: domains that need diag_device access can get access to it
Change-Id: I6b2473958d10145ed981c5fbcb2ebd3232fcee0e
Merged-In: I6b2473958d10145ed981c5fbcb2ebd3232fcee0e
(cherry picked from commit c760b34307)
 2017-11-09 09:52:26 -08:00
Ecco Park
d9bf00f0fa sepolicy: change the sepolicy for cnss_diag 
cnss_diag: type=1400 audit(0.0:65):
avc: denied { search } for name="diagchar" dev="sysfs" ino=27415
scontext=u:r:wcnss_service:s0 tcontext=u:object_r:sysfs_diag:s0
tclass=dir permissive=0

audit(1502477202.513:37783): avc: denied { read
} for pid=989 comm="cnss_diag" name="timestamp_switch" dev="sysfs"
ino=27761 scontext=u:r:wcnss_service:s0
tcontext=u:object_r:sysfs_timestamp_switch:s0 tclass=file permissive=0

Bug:64604240

Change-Id: I1b882b15908241c18d694947b8de11136e6afee2
Merged-In: I1b882b15908241c18d694947b8de11136e6afee2
Signed-off-by: Ecco Park <eccopark@google.com>
(cherry picked from commit d024c1334a)
 2017-11-09 09:47:14 -08:00
Jeff Vander Stoep
d683b2f369 sepolicy: domain: remove world access to /dev/diag 
This driver is not safe for general use, particularly for third party
apps, even on debug builds.

Adding OWNERS file in a subsequent commit to prevent security violations
like this from getting checked in.

Test: build
Change-Id: I245244e924ae247b6fbd48aa033bb71cca6067de
Merged-In: I245244e924ae247b6fbd48aa033bb71cca6067de
(cherry picked from commit 23ea15a12a)
 2017-11-09 09:39:51 -08:00
Chenjie Luo
da4568815d Add easel sepolicy. 
am: 8843e8e1f9

Change-Id: Ib7d3a27f37d94067d790f9fc3787bb853f38a5ef
 2017-11-09 04:01:54 +00:00
Chenjie Luo
8843e8e1f9 Add easel sepolicy. 
Test: easelmanager_client_example
Change-Id: Iaed2e346b469ce907f7f1ffe0012d8c5840af385
 2017-11-09 03:58:02 +00:00
Jeff Vander Stoep
69cea20710 Merge "Ban sharing data between platform and vendor processes" 
am: ea46f456cd

Change-Id: Id65ac51c8ecd923555b3074f9a888dc2df065273
 2017-11-08 21:40:30 +00:00
Treehugger Robot
ea46f456cd Merge "Ban sharing data between platform and vendor processes" 2017-11-08 21:35:50 +00:00
Jeff Vander Stoep
87529b3f4b Ban sharing data between platform and vendor processes 
Annotate processes that violate the ban including fingerprint and
widevine HALs.

Bug: 34980020
Test: build
Change-Id: I4afa03841e1648d4624e66bbd5ed21d09d357547
Merged-In: I4afa03841e1648d4624e66bbd5ed21d09d357547
(cherry picked from commit 458d1f6a6e)
 2017-11-08 20:20:09 +00:00
Mikhail Naganov
a91b22865d Use /data/vendor/audio for Audio HAL data 
am: 943161347d

Change-Id: I2ae18937b1842eeb0d83669f20e950dbd40e2f14
 2017-11-08 19:48:09 +00:00
Mikhail Naganov
943161347d Use /data/vendor/audio for Audio HAL data 
This separates the data of audioserver from the data of the
hal_audio.

Bug: 35042759
Test: no SELinux denials for hal_audio
Change-Id: I2eafed4d8a620507e27cab3a9b84d829d003bcec
Merged-In: I1815c5debaa6d6d2076cebf8beb5acd36c6fe891
 2017-11-08 10:31:55 -08:00
Tri Vo
661aca373a Merge "Label /sys/devices/soc/{ c179000.i2c c1b5000.i2c } as sysfs_msm_subsys" 
am: 2d2cd9670a

Change-Id: I9af2154a94df8cf8f928ec6e971413b0f0e74b9e
 2017-11-08 03:01:19 +00:00
Treehugger Robot
2d2cd9670a Merge "Label /sys/devices/soc/{ c179000.i2c c1b5000.i2c } as sysfs_msm_subsys" 2017-11-08 02:56:32 +00:00
Tri Vo
cf5550fe6a Label /sys/devices/soc/{ c179000.i2c c1b5000.i2c } as sysfs_msm_subsys 
On taimen some of the files under /sys/class/power_supply are symlinks
to these dirs.

Addresses these denials on taimen:
avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs"
ino=50110 scontext=u:r:hal_health_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs"
ino=48182 scontext=u:r:hal_health_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 68962942
Test: builds, boots, files are correctly labeled.

Change-Id: I2b972f4f471b54097354d3e490a02300182a8e9a
 2017-11-07 14:31:18 -08:00
Chih-Hung Hsieh
8d60677ea0 Use -Werror in device/google/wahoo 
am: 20197b4ece

Change-Id: Ib285db2339bbf4a29267539bc3ad371d97d9143d
 2017-11-07 02:03:28 +00:00
Chih-Hung Hsieh
20197b4ece Use -Werror in device/google/wahoo 
* Remove unused local variable.

Bug: 66996870
Test: build with WITH_TIDY=1
Change-Id: I96228277b9c81b71e73e4e376d86cdea6cbcb647
 2017-11-06 15:06:45 -08:00
Chih-Hung Hsieh
3d6511ce09 Use -Werror in device/google/wahoo 
am: 7d0bdbefcd

Change-Id: Ifb7e67027206bbc578453a869a6fcc1987caa902
 2017-11-06 19:20:22 +00:00
Chih-Hung Hsieh
7d0bdbefcd Use -Werror in device/google/wahoo 
* Remove unused variables.
* Return result of registerAsService().

Bug: 66996870
Test: build with WITH_TIDY=1
Change-Id: I79d1add6190e835de20a0b0c247bbbb259096c14
 2017-11-02 15:26:20 -07:00
Tri Vo
23b51fb05a Remove obdm_app access to proc label. 
am: 1898ea64c2

Change-Id: I1031b37b4a016220939f9686ccee7476ab6f86ca
 2017-11-02 06:38:33 +00:00
Tri Vo
1898ea64c2 Remove obdm_app access to proc label. 
Instead give obdm_app read access to /proc/stat.

Bug: 65643247
Test: can login to obdm app without selinux denials

Merged-In: I368c018f883610364cd026da68085935aefd69c1
Change-Id: I368c018f883610364cd026da68085935aefd69c1
(cherry picked from commit 036ef1ebc2)
 2017-11-01 22:11:45 -07:00
Bill Yi
acc35ff87f Merge remote-tracking branch 'goog/stage-aosp-master' into HEAD 
am: 31411fcf06

Change-Id: I4bf4649f152ddece35a734f8d6e4432f524b5fbe
 2017-10-24 20:19:40 +00:00
Bill Yi
31411fcf06 Merge remote-tracking branch 'goog/stage-aosp-master' into HEAD 2017-10-24 12:04:12 -07:00
Bill Yi
f0a717ba34 Initial empty repository 2017-10-23 16:07:28 +00:00
Tri Vo
f9ae2b0511 Move device-agnostic netd rules to fwk policy. 
These were moved from vendor to fwk policy:
1. sysfs_net type declaration
2. labeling of /sys/devices/virtual/net with sysfs_net
3. netd access to sysfs_net

Bug: 65643247
Test: can browse internet without netd denials
Test: netd_unit_test, netd_integration_test without netd denials

Merged-In: I9e6ec7ab24039bc74a7e47f423222334fed8bf3a
Change-Id: I9e6ec7ab24039bc74a7e47f423222334fed8bf3a
(cherry picked from commit 661dbb6d30)
 2017-10-20 23:08:03 +00:00
Dan Albert
28dfa2c208 Add missing includes. 
Change-Id: I74ce25b3b5c918e371140b91f82ec00ff571f9fe
Exempt-From-Owner-Approval: trivial cleanup
Test: mma
Bug: None
 2017-10-17 18:03:22 +00:00
Tom Cherry
a619805eda add libcutils to PRODUCT_STATIC_BOOT_CONTROL_HAL 
This was picked up transitively previously, but that transitive
include is removed, so we include it explicitly here.

Test: build
Change-Id: I023831d0fbe474d363201f792bbfb3f7ea38cd9b
(cherry picked from commit c2b4ce4e0a)
 2017-10-11 23:40:57 +00:00
Dan Cashman
93e9a16bcb Fix build. Revert "Move mediaprovider domain to wahoo" 
This policy belongs in global policy.

(cherry-pick of commit: e498eb7ee2)

Bug: 62102757
Test: Builds and boots.
Change-Id: I099e1fbed6e1c648d0d5f1570ba3207c197f3233
 2017-09-27 12:48:06 -07:00
Jeff Vander Stoep
c16eac8767 Fix build. Remove dup file_contexts label 
/dev/input(/.*)? u:object_r:input_device:s0

Is now in core policy. Remove from device specific policy.

(cherry-pick of commit: 1fa31288a0)

Bug: 64954704
Test: build
Change-Id: Id16dccff58843e619e5197661f7ffabc22c3e213
 2017-09-27 12:11:04 -07:00
Vineeta Srivastava
6f34234b50 Merge "Make brightness ramp rates multiples of 60." into oc-dr1-dev 
am: 450b68d7ff

Change-Id: I916ef831c9bcbed288d3d78b4b198254e9fe4db7
 2017-08-17 03:26:16 +00:00
Vineeta Srivastava
450b68d7ff Merge "Make brightness ramp rates multiples of 60." into oc-dr1-dev 2017-08-17 03:07:47 +00:00