From f2a76321060290b11a659ef880de46e03e845721 Mon Sep 17 00:00:00 2001 From: chungkai Date: Fri, 29 Jul 2022 04:45:27 +0000 Subject: [PATCH 1/6] genfs_contexts: fix path for i2c peripheral device paths are changed when we enable parallel module loading and reorder the initializtaion of devices. Test: without avc denial on L10 when booting Bug: 240641235 Signed-off-by: chungkai Change-Id: I411ceaa02cb6fb36fc767937a62f945685c4a019 --- vendor/genfs_contexts | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/vendor/genfs_contexts b/vendor/genfs_contexts index 4f547fd..9f8526d 100644 --- a/vendor/genfs_contexts +++ b/vendor/genfs_contexts @@ -6,13 +6,46 @@ genfscon sysfs /devices/soc0/soc_id u:object_r:vendor_location_sysfs:s0 genfscon proc /debugdriver/driverdump u:object_r:vendor_proc_wifi_dbg:s0 # BMS +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-0/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-0/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-1/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-1/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-2/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-2/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-3/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-3/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-4/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-4/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-5/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-5/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-6/i2c-p9222 u:object_r:sysfs_wlc:s0 genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-6/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-8/i2c-p9222 u:object_r:sysfs_wlc:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-8/i2c-p9222/power_supply u:object_r:sysfs_batteryinfo:s0 # System Suspend +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-0/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-0/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-1/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-1/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-2/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-2/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-3/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-3/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-4/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-4/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-5/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-5/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-6/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-6/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-7/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-8/i2c-p9222/power_supply/wireless/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/10da0000.hsi2c/i2c-8/i2c-p9222/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/14520000.pcie/pci0001:00/0001:00:00.0/0001:01:00.0/mhi0/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/14520000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0/mhi0/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/qcom,cnss-qca6490/wakeup u:object_r:sysfs_wakeup:s0 # PowerStats From c70f56e2dfe6f45613aba527bc53925929ba45d2 Mon Sep 17 00:00:00 2001 From: Ken Yang Date: Fri, 16 Dec 2022 05:52:28 +0000 Subject: [PATCH 2/6] WLC: Add device specific sepolicy for wireless_charger Bug: 237600973 Change-Id: I9d219c3abf02266cc8200c70840a65aedb17ee7b Signed-off-by: Ken Yang --- vendor/platform_app.te | 2 ++ vendor/system_app.te | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 vendor/platform_app.te create mode 100644 vendor/system_app.te diff --git a/vendor/platform_app.te b/vendor/platform_app.te new file mode 100644 index 0000000..6ac0514 --- /dev/null +++ b/vendor/platform_app.te @@ -0,0 +1,2 @@ +allow platform_app hal_wireless_charger_service:service_manager find; +binder_call(platform_app, hal_wireless_charger) diff --git a/vendor/system_app.te b/vendor/system_app.te new file mode 100644 index 0000000..ca56668 --- /dev/null +++ b/vendor/system_app.te @@ -0,0 +1,2 @@ +allow system_app hal_wireless_charger_service:service_manager find; +binder_call(system_app, hal_wireless_charger) From e5a1cde5d486cbbd8988af8f5bc151a527de114c Mon Sep 17 00:00:00 2001 From: Myles Watson Date: Tue, 10 Jan 2023 06:28:45 -0800 Subject: [PATCH 3/6] Lynx: Use common sepolicy for bt_device Bug: 205758693 Test: build Ignore-AOSP-First: Some devices in internal define bt_device Change-Id: Ic1b7469d64c79285d9d7993befbe173c9bca34aa --- bluetooth/device.te | 1 - 1 file changed, 1 deletion(-) delete mode 100644 bluetooth/device.te diff --git a/bluetooth/device.te b/bluetooth/device.te deleted file mode 100644 index 7ed13ad..0000000 --- a/bluetooth/device.te +++ /dev/null @@ -1 +0,0 @@ -type bt_device, dev_type; From fa9c88aef83d59b8f0eca2c0cc1142c5a4fa44d8 Mon Sep 17 00:00:00 2001 From: Ken Yang Date: Fri, 6 Jan 2023 19:29:58 +0000 Subject: [PATCH 4/6] WLC: Cleanup the sysfs_wlc policies Bug: 263830018 Change-Id: I6b31c6127e01b946c51200683b511853f2d304b4 Signed-off-by: Ken Yang --- vendor/platform_app.te | 2 -- vendor/system_app.te | 2 -- 2 files changed, 4 deletions(-) delete mode 100644 vendor/platform_app.te delete mode 100644 vendor/system_app.te diff --git a/vendor/platform_app.te b/vendor/platform_app.te deleted file mode 100644 index 6ac0514..0000000 --- a/vendor/platform_app.te +++ /dev/null @@ -1,2 +0,0 @@ -allow platform_app hal_wireless_charger_service:service_manager find; -binder_call(platform_app, hal_wireless_charger) diff --git a/vendor/system_app.te b/vendor/system_app.te deleted file mode 100644 index ca56668..0000000 --- a/vendor/system_app.te +++ /dev/null @@ -1,2 +0,0 @@ -allow system_app hal_wireless_charger_service:service_manager find; -binder_call(system_app, hal_wireless_charger) From 90d58d25533b2aef11c4767641e9a868f2d31788 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Fri, 24 Mar 2023 11:11:28 +0800 Subject: [PATCH 5/6] Update SELinux error Test: SELinuxUncheckedDenialBootTest Bug: 275002086 Test: scanBugreport Bug: 239887174 Test: scanAvcDeniedLogRightAfterReboot Bug: 239887174 Change-Id: I9a0a1b3ef0642700a4555258c9e8aff7ec82e084 --- tracking_denials/bug_map | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tracking_denials/bug_map b/tracking_denials/bug_map index cc9e88c..a364f18 100644 --- a/tracking_denials/bug_map +++ b/tracking_denials/bug_map @@ -1,3 +1,5 @@ crash_dump vendor_slog_file dir b/238837168 +hal_camera_default boot_status_prop file b/275002086 +hal_camera_default edgetpu_app_service service_manager b/275002086 kernel vendor_charger_debugfs dir b/239887174 kernel vendor_regmap_debugfs dir b/238143398 From c1c6e069f6af9a202577ee4fd62909fc7128d7c7 Mon Sep 17 00:00:00 2001 From: Wilson Sung Date: Fri, 7 Apr 2023 15:08:57 +0800 Subject: [PATCH 6/6] Update error on ROM 9892479 Bug: 277155327 Bug: 277300226 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I2690bcd7b3ae0d869f39851d5fb692378cbb6e9a --- tracking_denials/dumpstate.te | 2 ++ tracking_denials/hal_vibrator_default.te | 2 ++ 2 files changed, 4 insertions(+) create mode 100644 tracking_denials/dumpstate.te create mode 100644 tracking_denials/hal_vibrator_default.te diff --git a/tracking_denials/dumpstate.te b/tracking_denials/dumpstate.te new file mode 100644 index 0000000..13af0d5 --- /dev/null +++ b/tracking_denials/dumpstate.te @@ -0,0 +1,2 @@ +# b/277155327 +dontaudit dumpstate default_android_service:service_manager { find }; diff --git a/tracking_denials/hal_vibrator_default.te b/tracking_denials/hal_vibrator_default.te new file mode 100644 index 0000000..ece806d --- /dev/null +++ b/tracking_denials/hal_vibrator_default.te @@ -0,0 +1,2 @@ +# b/277300226 +dontaudit hal_vibrator_default default_android_service:service_manager { find };