summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2023-07-07Snap for 10453563 from 6ce29d087ac30fa683baf9733ff9f1ee984750a4 to ↵aml_sta_341710000aml_sta_341615000aml_sta_341511040aml_sta_341410000aml_sta_341311010aml_sta_341114000aml_sta_341111000aml_sta_341010020aml_sta_340912000aml_sta_340911000aml_net_341111030android14-mainline-os-statsd-releaseAndroid Build Coastguard Worker
mainline-os-statsd-release Change-Id: Ic5ae5c95cdd0d50bd5e7a77b22cb39025ed423e5
2023-04-10Update error on ROM 9892479 am: c1c6e069f6Wilson Sung
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/22525983 Change-Id: I741c9eac7ae7a8abbf87c18c017e70a9d2d3866e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-04-07Update error on ROM 9892479android14-devWilson Sung
Bug: 277155327 Bug: 277300226 Test: pts-tradefed run pts -m PtsSELinuxTest Change-Id: I2690bcd7b3ae0d869f39851d5fb692378cbb6e9a
2023-03-24Update SELinux error am: 90d58d2553Wilson Sung
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/22244483 Change-Id: I9cbc2d9c0e1bbb6cf54ae7811c7fa2ac3207b39a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-24Update SELinux errorWilson Sung
Test: SELinuxUncheckedDenialBootTest Bug: 275002086 Test: scanBugreport Bug: 239887174 Test: scanAvcDeniedLogRightAfterReboot Bug: 239887174 Change-Id: I9a0a1b3ef0642700a4555258c9e8aff7ec82e084
2023-03-02Suppress avc denials of sysfs am: f446026014 am: c03d408bb4 am: cf61d5959dYen-Chao Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/21570169 Change-Id: Ia0c8b12c75da13ee44cfbc9d96fb033c35ec42da Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-02Suppress avc denials of sysfs am: f446026014 am: c03d408bb4Yen-Chao Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/21570169 Change-Id: I64cc0d6b9cfd5945a6ccf7f927450c2ad9be838e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-02Suppress avc denials of sysfs am: f446026014platform-tools-34.0.5platform-tools-34.0.4main-16kYen-Chao Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/21570169 Change-Id: I478ce949320bcf89047a6bb62103b0c4a9f572e6 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-03-01Suppress avc denials of sysfsandroid-13.0.0_r82android-13.0.0_r81android-13.0.0_r80android-13.0.0_r74android-13.0.0_r73android-13.0.0_r72android-13.0.0_r66android-13.0.0_r65android-13.0.0_r64android-13.0.0_r60android-13.0.0_r59android-13.0.0_r58android13-qpr3-c-s8-releaseandroid13-qpr3-c-s7-releaseandroid13-qpr3-c-s6-releaseandroid13-qpr3-c-s5-releaseandroid13-qpr3-c-s4-releaseandroid13-qpr3-c-s3-releaseandroid13-qpr3-c-s2-releaseandroid13-qpr3-c-s12-releaseandroid13-qpr3-c-s11-releaseandroid13-qpr3-c-s10-releaseandroid13-qpr3-c-s1-releaseYen-Chao Chen
Bug: 267839070 Test: adb bugreport Change-Id: I8d4aed4aba15efa0cc38574565e4a66bc3049321 Signed-off-by: Yen-Chao Chen <davidycchen@google.com>
2023-02-17Revert "device-sepolicy: Add sepolicy for vibrator hal" am: 02be088bc5 am: ↵Tai Kuo
5925557552 Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/21455936 Change-Id: Ia68280abd245bd8bc7e1e939f82156b44919b355 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-17Revert "device-sepolicy: Add sepolicy for vibrator hal" am: 02be088bc5Tai Kuo
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/21455936 Change-Id: Ie2e3086bf535add2e1ede16e374f8a78e2780216 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-16Revert "device-sepolicy: Add sepolicy for vibrator hal"Tai Kuo
This reverts commit b5eec482fddc6f16ce368ad868ab87d83f30439d. Bug: 198239103 Test: build pass on git_tm-qpr-dev-plus-aosp Change-Id: Iee9305e6ba5abbc8df9b353ed5bbfeaa64f0b43b
2023-02-15wlan: add cnss-daemon and related libraries am: 53746d9546 am: cc2eda58a1Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/21257900 Change-Id: Ifa5b92a131372c681371a48bb8c6fec715a20b34 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-15wlan: add cnss-daemon and related libraries am: 53746d9546Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/21257900 Change-Id: I8d0b0e4ec2218b6b569e282163749c77e1c7e627 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-02-15wlan: add cnss-daemon and related librariesHsiu-Chang Chen
cnss-daemon is necessary for CHRE function Bug: 264524963 Test: Regression Test Change-Id: Ic7b63617e30a9e6427b0ac280bf4763f9cc19f6e
2023-01-13WLC: Cleanup the sysfs_wlc policiesKen Yang
Bug: 263830018 Change-Id: I6b31c6127e01b946c51200683b511853f2d304b4 Signed-off-by: Ken Yang <yangken@google.com>
2023-01-12[automerger skipped] Lynx: Use common sepolicy for bt_device am: 966927efa3 ↵Myles Watson
-s ours am skip reason: Merged-In Ic1b7469d64c79285d9d7993befbe173c9bca34aa with SHA-1 e5a1cde5d4 is already in history Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20965192 Change-Id: Ic9d77aa8d816734a5f65882270eb9efa95017805 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2023-01-12Lynx: Use common sepolicy for bt_deviceMyles Watson
Bug: 205758693 Test: build Ignore-AOSP-First: Some devices in internal define bt_device Change-Id: Ic1b7469d64c79285d9d7993befbe173c9bca34aa (cherry picked from commit e5a1cde5d486cbbd8988af8f5bc151a527de114c) Merged-In: Ic1b7469d64c79285d9d7993befbe173c9bca34aa
2023-01-10Lynx: Use common sepolicy for bt_deviceMyles Watson
Bug: 205758693 Test: build Ignore-AOSP-First: Some devices in internal define bt_device Change-Id: Ic1b7469d64c79285d9d7993befbe173c9bca34aa
2022-12-20WLC: Add device specific sepolicy for wireless_chargerKen Yang
Bug: 237600973 Change-Id: I9d219c3abf02266cc8200c70840a65aedb17ee7b Signed-off-by: Ken Yang <yangken@google.com>
2022-12-02No avc denied in SELinuxUncheckedDenialBootTest am: 5b9f54e76d am: c4f1017469Vic Huang
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20615132 Change-Id: Ie45f778807057fbfb3632a92169366636f7fd5d9 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-12-02No avc denied in SELinuxUncheckedDenialBootTest am: 5b9f54e76dVic Huang
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20615132 Change-Id: I68e23620268af291bcd94c0bf8d71bcbc7bdc127 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-12-02No avc denied in SELinuxUncheckedDenialBootTestVic Huang
DeviceBootTest.DeviceBootTest.SELinuxUncheckedDenialBootTest avc: denied { call } for comm="oid.grilservice" scontext=u:r:grilservice_app:s0:c227,c256,c512,c768 tcontext=u:r:hal_bluetooth_default:s0 tclass=binder permissive=0 app=com.google.android.grilservice Bug: 259198345 Change-Id: Ie3800e3197f04b83ba8789c82518cbb721e1fe37
2022-11-16device-sepolicy: Add sepolicy for vibrator hal am: b5eec482fd am: 2c6be03c0dChris Paulo
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19981337 Change-Id: I81c821acf7f0e94f91dc32d259da8635aedb7ced Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-11-16device-sepolicy: Add sepolicy for vibrator hal am: b5eec482fdChris Paulo
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19981337 Change-Id: I379f4a0ee8e457202e70ba5cadd4a6e97c7b2e8f Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-11-15device-sepolicy: Add sepolicy for vibrator halChris Paulo
Added sepolicy for vibrator hal specific to device uid=0 auid=4294967295 ses=4294967295 subj=u:r:init:s0 msg='avc: denied { read } for property=vibrator.adaptive_haptics.enabled pid=0 uid=0 gid=0 scontext=u:r:vendor_init:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1' avc: denied { open } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 avc: denied { getattr } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 avc: denied { map } for comm="odrefresh" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:odrefresh:s0 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 avc: denied { write } for comm="android.hardwar" name="chre" dev="tmpfs" ino=1094 scontext=u:r:hal_vibrator_default:s0 tcontext=u:object_r:chre_socket:s0 tclass=sock_file permissive=1 avc: denied { connectto } for comm="android.hardwar" path="/dev/socket/chre" scontext=u:r:hal_vibrator_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1 avc: denied { open } for comm="binder:8084_3" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 app=com.google.android.gms avc: denied { getattr } for comm="binder:8084_3" path="/dev/__properties__/u:object_r:adaptive_haptics_prop:s0" dev="tmpfs" ino=80 scontext=u:r:gmscore_app:s0:c512,c768 tcontext=u:object_r:adaptive_haptics_prop:s0 tclass=file permissive=1 app=com.google.android.gms Bug: 198239103 Test: Verified functionality Signed-off-by: Chris Paulo <chrispaulo@google.com> Change-Id: Ib118b553eab1db6f9fadaebeae0d57eb329294e3
2022-10-30Fix avc denied for init-insmod-sh am: cf6ebcdd6f am: 679626004dHsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20302372 Change-Id: I0d29948c32050fc893b3fc34ed46ae6810847d6b Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-10-30Fix avc denied for init-insmod-sh am: cf6ebcdd6fHsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20302372 Change-Id: If04d86a030a328552c5b3b805a0576f5296f0df3 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-10-28Fix avc denied for init-insmod-shHsiu-Chang Chen
qrtr.ko doesn't request net_admin permission now 05-30 05:12:58.524 492 492 I auditd : type=1400 audit(0.0:4): avc: denied { net_admin } for comm="modprobe" capability=12 scontext=u:r:init-insmod-sh:s0 tcontext=u:r:init-insmod-sh:s0 tclass=capability permissive=0 Bug: 234311675 Test: verified with the forrest ROM and error log gone Change-Id: I72fb5441b977b6ba67d19416049a2776c3aebd12
2022-10-17Add sepolicy rules for hal_wifi_default am: b2c724f0ed am: 32cd0dbba0Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20194047 Change-Id: I492d79005fcd85fb84f29baec08d6a95d766ea01 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-10-17Add sepolicy rules for hal_wifi_default am: b2c724f0edHsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/20194047 Change-Id: Ic9d33b41d0c656219248274c43799fd96c179730 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-10-15Add sepolicy rules for hal_wifi_defaultHsiu-Chang Chen
In PDK build, it uses default wifi hal instead wifi_ext hal. Need to add rules for hal_wifi_default as well as we added for hal_wifi_ext Bug: 253544307 Test: Wifi can be enabled in PDK builds Change-Id: I57ad330c2467ae99b9c5190fbdc2f02e998b2fc1
2022-08-26Add sepolicy for tcpdump_logger am: ea80cb5016 am: f068419777Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19739489 Change-Id: Ib7a73b5066d30e2d039abae54de1368741e043fb Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-26Add sepolicy for tcpdump_logger am: ea80cb5016Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19739489 Change-Id: I8e3b4edee868db2bc3bdd1e3f1589bc26f061fcb Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-25Add sepolicy for wifi_sniffer and wifi_perf_diag am: e465f1a856 am: 6122c700d7Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19738530 Change-Id: I30803fd319b090e50fbce8688825d4902d979699 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-25Add sepolicy for tcpdump_loggerHsiu-Chang Chen
avc: denied { search } for name="wifi" dev="dm-44" ino=329 scontext=u:r:tcpdump_logger:s0 tcontext=u:object_r:vendor_wifi_vendor_data_file:s0 tclass=dir Bug: 243764714 Test: PixelLogger works normally Change-Id: I4ee93dbe10bae08e01053656a8429c57bb3651c8
2022-08-25Add sepolicy for wifi_sniffer and wifi_perf_diag am: e465f1a856Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19738530 Change-Id: I84dc888428a7ce086b342b4f91c8300b001bc964 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-25Add sepolicy for wifi_sniffer and wifi_perf_diagHsiu-Chang Chen
avc: denied { search } for name="wifi" dev="dm-38" ino=329 scontext=u:r:wifi_sniffer:s0 tcontext=u:object_r:vendor_wifi_vendor_data_file:s0 tclass=dir avc: denied { setuid } for capability=7 scontext=u:r:wifi_sniffer:s0 tcontext=u:r:wifi_sniffer:s0 tclass=capability avc: denied { setgid } for capability=6 scontext=u:r:wifi_sniffer:s0 tcontext=u:r:wifi_sniffer:s0 tclass=capability avc: denied { search } for comm="wifi_perf_diag" name="wifi" dev="dm-38" ino=329 scontext=u:r:wifi_perf_diag:s0 tcontext=u:object_r:vendor_wifi_vendor_data_file:s0 tclass=dir Bug: 243727673 Test: PixelLogger works normally Change-Id: Idd0bb1ffeb198eea855b717a745fd93fecfe2251
2022-08-15Fix avc denied for hal_radioext_default am: 11348d7e76 am: 282e204a94Aaron Tsai
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19515072 Change-Id: Ideea35242707bee69695b03c8f2db22aa171953e Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-15Fix avc denied for hal_radioext_default am: 11348d7e76Aaron Tsai
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19515072 Change-Id: I5dcb726d8e8bf6cdb5d86d5485f3a48555490657 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-04Fix avc denied for hal_radioext_defaultAaron Tsai
05-30 13:13:30.868 867 867 I auditd : type=1400 audit(0.0:21): avc: denied { call } for comm="HwBinder:867_1" scontext=u:r:hal_radioext_default:s0 tcontext=u:r:hal_bluetooth_default:s0 tclass=binder permissive=0 Bug: 234311798 Test: verified with the forrest ROM and error log gone Change-Id: I0195fe2d8e81ea0149255524cfc047540159281b
2022-08-03wifi: correct label wlan0/p2p0/wifi-aware0 device as sysfs_net am: ↵Hsiu-Chang Chen
9ac637312b am: ccea61be5a Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19493414 Change-Id: Id224eb65a530ba1cd6a4b5896b67e55e0b434c07 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-02wifi: correct label wlan0/p2p0/wifi-aware0 device as sysfs_net am: 9ac637312bHsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19493414 Change-Id: Ib49c753a7f85a1f49ae5f8641fe39f0cfd6ade98 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-08-02wifi: correct label wlan0/p2p0/wifi-aware0 device as sysfs_netHsiu-Chang Chen
Bug: 239657967 Test: NetdSELinuxTest#CheckProperMTULabels Change-Id: I31db1d2110b2c18cf12a5cfa9b13e8c6dff09d59
2022-08-02genfs_contexts: fix path for i2c peripheral devicechungkai
paths are changed when we enable parallel module loading and reorder the initializtaion of devices. Test: without avc denial on L10 when booting Bug: 240641235 Signed-off-by: chungkai <chungkai@google.com> Change-Id: I411ceaa02cb6fb36fc767937a62f945685c4a019
2022-07-29sepolicy: allow hal_power_stats to read wifi sysfs and property am: ↵Darren Hsu
4e2b651fdc am: 73723cd920 Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19453449 Change-Id: I14108fb80af8e3502c91a9ffd31c54c46031e18a Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-29sepolicy: allow hal_power_stats to read wifi sysfs and property am: 4e2b651fdcDarren Hsu
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19453449 Change-Id: I7d57b3c5a4e0db4b87f135b114fd29489b84c7f4 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-28sepolicy: allow hal_power_stats to read wifi sysfs and propertyDarren Hsu
avc: denied { read } for name="power_stats" dev="sysfs" ino=114517 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0 avc: denied { read } for name="u:object_r:wifi_hal_prop:s0" dev="tmpfs" ino=371 scontext=u:r:hal_power_stats_default:s0 tcontext=u:object_r:wifi_hal_prop:s0 tclass=file permissive=0 Bug: 240391946 Test: get bugreport and make sure no avc denials related to Test: hal_power_stats Change-Id: I3be32eb4e61926c3abd24c67e7dab9b4056bf00a Signed-off-by: Darren Hsu <darrenhsu@google.com>
2022-07-27Add sepolicy for hal_wifi_ext am: 0c59021e58 am: 0e5e41f7cdHsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19429449 Change-Id: Ib3a82241f866de668880393e4a17e54ac4d07829 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
2022-07-27Add sepolicy for hal_wifi_ext am: 0c59021e58Hsiu-Chang Chen
Original change: https://googleplex-android-review.googlesource.com/c/device/google/lynx-sepolicy/+/19429449 Change-Id: I408de5e4f42976fadc6c7bc2418e21e6ccc51564 Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-19 21:22:01 +0000