google-gs201/android_device_google_lynx
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
48 Commits 2 Branches 0 Tags
282e204a94c3874e51e63d345d44e3e9acf3fd28
Commit Graph

15 Commits

Author SHA1 Message Date
Aaron Tsai
11348d7e76 Fix avc denied for hal_radioext_default 
05-30 13:13:30.868   867   867 I auditd  : type=1400 audit(0.0:21): avc: denied { call } for comm="HwBinder:867_1" scontext=u:r:hal_radioext_default:s0 tcontext=u:r:hal_bluetooth_default:s0 tclass=binder permissive=0

Bug: 234311798
Test: verified with the forrest ROM and error log gone
Change-Id: I0195fe2d8e81ea0149255524cfc047540159281b
 2022-08-04 07:19:10 +08:00
Hsiu-Chang Chen
9ac637312b wifi: correct label wlan0/p2p0/wifi-aware0 device as sysfs_net 
Bug: 239657967
Test: NetdSELinuxTest#CheckProperMTULabels
Change-Id: I31db1d2110b2c18cf12a5cfa9b13e8c6dff09d59
 2022-08-02 08:54:18 +00:00
Darren Hsu
4e2b651fdc sepolicy: allow hal_power_stats to read wifi sysfs and property 
avc: denied { read } for name="power_stats" dev="sysfs"
ino=114517 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

avc: denied { read } for name="u:object_r:wifi_hal_prop:s0"
dev="tmpfs" ino=371 scontext=u:r:hal_power_stats_default:s0
tcontext=u:object_r:wifi_hal_prop:s0 tclass=file permissive=0

Bug: 240391946
Test: get bugreport and make sure no avc denials related to
Test: hal_power_stats
Change-Id: I3be32eb4e61926c3abd24c67e7dab9b4056bf00a
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-07-28 15:48:41 +08:00
Hsiu-Chang Chen
0c59021e58 Add sepolicy for hal_wifi_ext 
07-27 11:58:09.569   869   869 I auditd  : type=1400 audit(0.0:2682598):
avc: denied { read } for comm="wifi_ext@1.0-se" name="driverdump" dev="proc"
ino=4026535980 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:proc:s0
tclass=file permissive=0

Bug: 239656339
Test: avc error is gone
Change-Id: Icf816897780fecc1bb35696e492e6fa2661abc20
 2022-07-27 08:27:21 +00:00
Hsiu-Chang Chen
4d4fd451a6 Add sepolicy for vendor_location 
06-25 21:59:57.532  3922  3922 I auditd  : type=1400 audit(0.0:11):
avc: denied { sendto } for comm="loc_mq_clnt"
path="/dev/socket/location/mq/LOWI-SERVER"
scontext=u:r:vendor_location:s0 tcontext=u:r:lowi_server:s0
tclass=unix_dgram_socket permissive=0
06-29 04:30:11.188  8182  8182 I auditd  : type=1400 audit(0.0:1517):
avc: denied { sendto } for comm="loc_mq_clnt"
path="/dev/socket/location/mq/7b2e9924f8-LC"
scontext=u:r:vendor_location:s0 tcontext=u:r:hal_wifi_ext:s0
tclass=unix_dgram_socket permissive=0

Bug: 237467750
Test: avc error is gone
Change-Id: Ic4ff2bdf30b042c08c38b134c6af086d7033511f
 2022-06-29 15:01:15 +08:00
Hsiu-Chang Chen
101db9756d Add sepolicy for lowi-server 
06-24 16:58:55.724  9519  9519 I lowi-server: type=1400 audit(0.0:1980):
avc: denied { read write } for path="socket:[69473]" dev="sockfs" ino=69473
scontext=u:r:lowi_server:s0 tcontext=u:r:vendor_location:s0
tclass=unix_dgram_socket permissive=1

Bug: 235281415
Test: avc error is gone
Change-Id: I93615b98c08f6e6e5c3cc182bddcff30e452e103
 2022-06-24 17:07:25 +08:00
timothywang
9a67905169 Add sepolicy to enable camera vendor property 
Bug: 234324271
Test: adb shell getprop
Change-Id: I6a0b344880deeb767df97136c42b2fb86668f39d
 2022-06-14 10:30:10 +08:00
Darren Hsu
07f8ea39a1 sepolicy: label more paths for sysfs_wakeup 
Bug: 234311758
Test: forrest apct/device_boot_health_check_extra
Change-Id: I6dab109733062b32e09cfddcbf43cbdc515c07ba
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2022-06-06 11:13:06 +08:00
Jack Wu
2d50edbc64 Add sepolicy for P9222 WLC power_supply 
05-30 05:13:03.096   836   836 I auditd  : type=1400 audit(0.0:6): avc: denied { getattr } for comm="android.hardwar" path="/sys/devices/platform/10da0000.hsi2c/i2c-6/i2c-p9222/power_supply/wireless/capacity" dev="sysfs" ino=71270 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
05-30 05:13:03.100   836   836 I auditd  : type=1400 audit(0.0:7): avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs" ino=71272 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 234311757
Test: build ok, no avc denied
Signed-off-by: Jack Wu <wjack@google.com>
Change-Id: I0fb296a9472eda7ff5f2babfea1c769caea525e1
 2022-05-31 13:08:07 +08:00
Hsiu-Chang Chen
63cd5c6143 Add sepolicy for pixellogger 
04-25 11:36:17.795  4101  4101 I auditd  : type=1400 audit(0.0:6339): avc: denied { search } for comm="LoggingService" name="wifi" dev="dm-40" ino=338 scontext=u:r:logger_app:s0:c229,c256,c512,c768 tcontext=u:object_r:vendor_wifi_vendor_data_file:s0 tclass=dir permissive=1 app=com.android.pixellogger
04-25 11:36:17.799   863   863 I auditd  : type=1400 audit(0.0:6340): avc: denied { search } for comm="wifi_ext@1.0-se" name="wifi" dev="dm-40" ino=338 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:vendor_wifi_vendor_data_file:s0 tclass=dir permissive=1

Bug: 230280450
Test: Pixelloger can collect WLAN logs
Change-Id: Id95e4132f2814deb1fbfb307568a4ece87a28611
 2022-04-25 11:49:43 +08:00
Hsiu-Chang Chen
374602a559 wifi: Add sepolicy for LOWI tools 
Add sepolicy rules for LOWI tools including loc_launcher and
lowi-server which are necessary for NAN and RTT

Bug: 223296149
Test: loc_launcher and lowi-server start automatically
Change-Id: I915be13fa715de85de91c30e0605f1e8e9d578f4
 2022-03-15 09:37:05 +00:00
Tai Kuo
1663eff382 Setup sysfs_vibrator 
Bug: 220068530
Test: dumpsys android.hardware.vibrator.IVibrator/default
Change-Id: Icd8a7d5db2277c72be9a72723434145db4eecb02
 2022-03-07 11:27:09 +08:00
Hsiu-Chang Chen
069de3333d wifi: Add sepolicy for qcom driver control interface 
01-06 11:55:38.816   796   796 I auditd  : type=1400 audit(0.0:281): avc: denied { write } for comm="wifi_ext@1.0-se" name="wlan" dev="tmpfs" ino=984 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1
01-06 11:55:38.820   796   796 I auditd  : type=1400 audit(0.0:282): avc: denied { open } for comm="wifi_ext@1.0-se" path="/dev/wlan" dev="tmpfs" ino=984 scontext=u:r:hal_wifi_ext:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=1

Bug: 209934729
Test: Basic function tests, SSR tests
Change-Id: Id6afd0580f8792eeb7ef8a25d42724ec79696875
 2022-01-10 14:45:30 +08:00
horngchuang
a069c07972 Add l10 specific camera component sepolicy settings 
Also, move those settings from whitechapel_pro common folder

Bug: 210598444
Test: build okay
Change-Id: Ie96dd9e6da5bdddd62d2ed9f920cb49daa1d74eb
 2022-01-10 10:52:06 +08:00
Cyan_Hsieh
401c431fcd Initial device lynx sepolicy 
Bug: 202250383
Change-Id: I7b096bdb87ea45760bbcf929cd5757e159952e75
 2021-11-01 15:28:54 +08:00