Age | Commit message (Collapse) | Author |
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20922424
Change-Id: I0b77b7218028fc0566f82ecc8d9c70fd66a8ac6c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 261209932
Test: Verified SystemUI can access HAL extension.
Change-Id: Iefeca78703af30246420a55133c00769b84789f9
Merged-In: Iefeca78703af30246420a55133c00769b84789f9
|
|
c3b8cda0f5
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20619011
Change-Id: I141ec0a89718917b3a1125b0c319ef5f3ee699a8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20803963
Change-Id: I6f13e1edb662003b8ab907e0be8740aeed4d8fe9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
12-22 16:24:51.964 1000 865 865 I auditd : type=1400 audit(0.0:10): avc: denied { read } for comm="android.hardwar" name="logbuffer_maxfg_secondary" dev="tmpfs" ino=799 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
12-22 16:24:51.968 1000 865 865 I auditd : type=1400 audit(0.0:11): avc: denied { read } for comm="android.hardwar" name="logbuffer_maxfg_secondary_monitor" dev="tmpfs" ino=630 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
12-22 16:24:51.968 1000 865 865 I auditd : type=1400 audit(0.0:12): avc: denied { read } for comm="android.hardwar" name="logbuffer_dual_batt" dev="tmpfs" ino=1040 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:device:s0 tclass=chr_file permissive=0
12-22 16:23:17.056 1000 522 522 I auditd : type=1400 audit(0.0:4): avc: denied { read } for comm="binder:522_1" name="wakeup65" dev="sysfs" ino=79686 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs_batteryinfo:s0 tclass=dir permissive=0
Bug: 263496320
Test: no dual batt related denied
Change-Id: I021cd15d771524828a942fe1e4c63e3a24418ae8
Signed-off-by: Wasb Liu <wasbliu@google.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20733206
Change-Id: I51af87a6a17323a334cf3408e5dd324a097b5571
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 261151317
Test: make selinux_policy -j112
Change-Id: If098515510ac48efb7d2ea23f4aeee87869e01e6
|
|
Bug: 254164096
Change-Id: I300d092df3610f29f05ca65a89eba5459ca0063a
Signed-off-by: Jenny Ho <hsiufangho@google.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20610806
Change-Id: I558a8250352ec221945eafaaa5f1054488d94ea5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 260090235
Test: check avc error
Change-Id: I2cb9f9efe849ae6e7fb9b1b5aba2f92a3346af6d
Signed-off-by: Chase Wu <chasewu@google.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20541991
Change-Id: I0b3d46eab39ba1471b751cdd2810fa0cf27fe723
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Fix following avc denial log:
avc: denied { read } for name="driver_test" dev="proc" ino=4026535583 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { write } for name="driver_test" dev="proc" ino=4026535583 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { open } for path="/proc/fts/driver_test" dev="proc" ino=4026535583 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/appid" dev="sysfs" ino=110523 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/stm_fts_cmd" dev="sysfs" ino=110529 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { open } for path="/proc/fts_ext/driver_test" dev="proc" ino=4026535585 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { write } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="appid" dev="sysfs" ino=108992 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/240632721
Bug: 226475119
Bug: 254164096
Test: There are no above avc denial logs.
Change-Id: I0a136a7e259640e3e13ea66c945251cf26878b33
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20519118
Change-Id: I054a4a0ae0d8136e50be58276ff860294096ba7e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
This reverts commit b1d4e8ab2f5e985656b9f58801776b200ae00d8f.
Reason for revert: DroidMonitor: Potential culprit for Bug 260019672 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.
Change-Id: I8c3bf9982eb9c163e73e75624fd3265ddaa1de95
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20441648
Change-Id: I477e36aeecb337216b8bdbe656370885a2699733
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
11-11 19:57:30.203 464 464 E SELinux : avc:
denied { find } for interface=android.frameworks.sensorservice::ISensorManager
sid=u:r:hal_fingerprint_capacitance:s0 pid=903
scontext=u:r:hal_fingerprint_capacitance:s0
tcontext=u:object_r:fwk_sensor_hwservice:s0
tclass=hwservice_manager permissive=0
Bug: 258783592
Test: Build pass
Change-Id: I58a31c04cbb45ab12b0bf42a10c57ddf4f065ee7
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/18350088
Change-Id: Ib7de5bab2bda145de85e42607c0fdf32862c5431
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 181615889
Test: Run all test suites
Signed-off-by: chasewu <chasewu@google.com>
Change-Id: Ie9e3c86b01afb26557ae69ead813dd123b4df91b
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20305443
Change-Id: I0b297e88ad40f6bba61423e203be01297b486ebb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Fix following avc denial log:
avc: denied { write } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { open } for path="/sys/devices/platform/10950000.spi/spi_master/spi6/spi6.0/stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="stm_fts_cmd" dev="sysfs" ino=113133 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 bug=b/240632721
avc: denied { read } for name="driver_test" dev="proc" ino=4026535565 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=0 bug=b/240632721
avc: denied { read } for name="appid" dev="sysfs" ino=108992 scontext=u:r:hal_dumpstate_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 bug=b/240632721
Bug: 226475119
Bug: 254164096
Test: There are no above avc denial logs.
Change-Id: Ie01104ebfb94154584d9d466cb295095eb634f48
|
|
into tm-qpr-dev am: 9219b31d13
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20279296
Change-Id: I3e6a9c16df76bd8d859f948fe77e56a9bdf42a5e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
into tm-qpr-dev
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20271738
Change-Id: Ia4a7b299d28f6105d98e2febe1116b24a68024de
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
b/240632970 is not reproducible on TD3A.221020.001.
b/240632822 has been fixed by ag/20209545.
Bug: 240632970
Bug: 240632822
Test: Capture bugreport and check no avc denails
Change-Id: I9a2290e2857415c3edecd98b88af6382a42530ff
Signed-off-by: Darren Hsu <darrenhsu@google.com>
|
|
10-25 03:25:07.740 429 429 I auditd : type=1400 audit(0.0:4):
avc: denied { call } for comm="servicemanager"
scontext=u:r:servicemanager:s0
tcontext=u:r:hal_fingerprint_capacitance:s0
tclass=binder permissive=0
Bug: 253533883
Test: make selinux_policy -j128 && check log on device
Change-Id: Ic3007d53398eb9770466c24b3aa49c1325bdbb47
|
|
am: f2b9557796
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20209545
Change-Id: Icbdf3b3b7f721b5ef0b6222d0e18ec39cc6ca200
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Bug: 253980198
Test: run vts -m SuspendSepolicyTests
Change-Id: Ie58c35b37ad0a904d0292d2be9092f82b02d514b
Signed-off-by: Darren Hsu <darrenhsu@google.com>
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/20194455
Change-Id: I6f5973e3e41d6998a8bcbeaa822548e43eb07f54
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Patch was merged on ag/19457937
Bug: 240633068
Test: make selinux_policy -j128
Change-Id: Ic25e266701993fadc51b12c25c9a170c38e29785
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19880945
Change-Id: Iba4f8821193619d447145f8cef2148b0097dd2e9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 240632860
Test: Check the bugreport
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: Ic4c68fe39b3e7e82cf9edcb6b594b598f5ba9499
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19738804
Change-Id: Iba8252bc53919aa1f65658a84cebaa914913230c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 240632860
Test: SELinuxUncheckedDenialBootTest
Change-Id: Ie192b157e89f86fe36b99202e6ab8677a55c7cee
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19711294
Change-Id: I2483b95415b062d883bce62b25418a0920789e55
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
08-23 02:45:54.456 860 860 I auditd : type=1400 audit(0.0:4): avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs" ino=100372 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
Bug: 243491187
Test: reboot device and check the avc
Signed-off-by: Wasb Liu <wasbliu@google.com>
Change-Id: I7600c816e743fc91afaf66db00ba332229b21e28
|
|
1ef6c24de8
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19500898
Change-Id: I5ebf6cf1afb86cf4c5b0f9844d3f9262a3497a47
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19560940
Change-Id: I76f2aad0142c3baed60b188429a16aa8795fa106
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
This reverts commit 342edcb7de37428614b7e2db2839f88424e73e7c.
Reason for revert: ag/19563471 has fixed the problem
Change-Id: Iad76a9ca182e1cf3363dc58aed943ef4ae13be59
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19492695
Change-Id: I44f83fe37b39bfaef410b1a79defe2ee99915121
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Bug: 240632860
Test: Check the bugreport
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: I35c69c1289337cd40ab3511512045b986bad9388
|
|
07-29 08:18:53.464 876 876 I auditd : type=1400 audit(0.0:4): avc: denied { read } for comm="android.hardwar" name="type" dev="sysfs" ino=78463 scontext=u:r:hal_health_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0
Bug: 240632860
Test: reboot device and check the avc
Signed-off-by: Ted Lin <tedlin@google.com>
Change-Id: Ibb1f93c2003e9229c1fd2b3bd14ee022fa6539cc
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19492689
Change-Id: Icb6715418d0a731d6847b2a1ef02929efb418966
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
Test: SELinuxUncheckedDenialBootTest
Bug: 241034024
Change-Id: I712b025aef59d838773ff55b62b8fb5ecbcbb35b
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19457937
Change-Id: Ibc4c8aab78ff2ee40fb72989872440f861a26d63
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|
|
|
|
Original change: https://googleplex-android-review.googlesource.com/c/device/google/felix-sepolicy/+/19457931
Change-Id: Icdc2cf2bdd1186202d619c0f01b0cbb7a64a12c6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
|