LenovoZ5s/device_lenovo_sdm710-common
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1050 commits 6 branches 0 tags 181 MiB
Commit graph

94 commits

Author SHA1 Message Date
CakesTwix
6b9dbfe85a
Revert "sdm710-common: sepolicy: Add SELinux policy for flags_health_check" 
Output:
neverallow check failed at out/soong/.intermediates/system/sepolicy/plat_policy_for_vendor.cil/android_common/plat_policy_for_ven>
  (neverallow domain property_type (file (ioctl lock)))
    <root>
    allow at out/soong/.intermediates/system/sepolicy/plat_policy_for_vendor.cil/android_common/plat_policy_for_vendor.cil:33193
      (allow flags_health_check aac_drc_prop (file (ioctl read getattr lock map open watch watch_reads)))
    <root>
    allow at out/soong/.intermediates/system/sepolicy/plat_policy_for_vendor.cil/android_common/plat_policy_for_vendor.cil:33194
      (allow flags_health_check ab_update_gki_prop (file (ioctl read getattr lock map open watch watch_reads)))
    <root>
    allow at out/soong/.intermediates/system/sepolicy/plat_policy_for_vendor.cil/android_common/plat_policy_for_vendor.cil:33195
      (allow flags_health_check adbd_config_prop (file (ioctl read getattr lock map open watch watch_reads)))
    <root>
    allow at out/soong/.intermediates/system/sepolicy/plat_policy_for_vendor.cil/android_common/plat_policy_for_vendor.cil:33196
This reverts commit c7fb8c20d2.
 2023-11-25 22:17:59 +02:00
Chenyang Zhong
a6aa3f0e32
sdm710-common: sepolicy: allow rild to call qtidataservices_app 
avc: denied { call } for comm="DataModule-Loop" scontext=u:r:rild:s0 tcontext=u:r:qtidataservices_app:s0:c221,c256,c512,c768 tclass=binder permissive=0
Change-Id: Ibec0d6e78a823f3a90ec7e166f58dd6b2797db65
 2023-11-25 21:44:07 +02:00
Hridya Valsaraju
8803ff0740
sdm710-common: Set PRODUCT_SET_DEBUGFS_RESTRICTIONS 
Starting with Android R launched devices, debugfs cannot be mounted in
production builds. In order to avoid accidental debugfs dependencies
from creeping in during development with userdebug/eng builds, the
build flag PRODUCT_SET_DEBUGFS_RESTRICTIONS can be set by vendors to
enforce additional debugfs restrictions for userdebug/eng builds. The
same flag will be used to enable sepolicy neveallow statements to
prevent new permissions added for debugfs access.

Test: build, boot
Bug: 184381659
Change-Id: I45e6f20c886d467a215c9466f3a09965ff897d7e
 2023-11-25 20:35:07 +02:00
ShevT
f7d3923f07
sdm710-common: selinux: Resolve mediacodec denials 
avc:  denied  { read } for  comm="android.hardwar" name="u:object_r:vendor_audio_prop:s0" dev="tmpfs" ino=11552 scontext=u:r:mediacodec:s0 tcontext=u:object_r:vendor_audio_prop:s0 tclass=file permissive=0
 avc:  denied  { open } for  comm="android.hardwar" path="/dev/__properties__/u:object_r:vendor_audio_prop:s0" dev="tmpfs" ino=9526 scontext=u:r:mediacodec:s0 tcontext=u:object_r:vendor_audio_prop:s0 tclass=file permissive=0
 avc:  denied  { getattr } for  comm="android.hardwar" path="/dev/__properties__/u:object_r:vendor_audio_prop:s0" dev="tmpfs" ino=11574 scontext=u:r:mediacodec:s0 tcontext=u:object_r:vendor_audio_prop:s0 tclass=file permissive=0
 avc:  denied  { map } for  comm="android.hardwar" path="/dev/__properties__/u:object_r:vendor_audio_prop:s0" dev="tmpfs" ino=11574 scontext=u:r:mediacodec:s0 tcontext=u:object_r:vendor_audio_prop:s0 tclass=file permissive=0

Change-Id: I38c24e2ea5bb211f8cc379d7f7dfe2c003c6a8f1
 2023-11-21 23:43:05 +02:00
Mukul Dhir
854c54400c
sdm710-common: sepolicy: Allow init to write to proc 
01-01 02:13:02.803   344   344 I hwservicemanager: Since android.hardware.keymaster@3.0::IKeymasterDevice/default is not registered, trying to start it as a lazy HAL.
01-01 02:13:02.804   371   371 I HidlServiceManagement: getService: Trying again for android.hardware.keymaster@3.0::IKeymasterDevice/default...
01-01 02:13:02.930     1     1 I init    : type=1400 audit(0.0:37): avc: denied { write } for name="dirty_background_bytes" dev="proc" ino=12937 scontext=u:r:init:s0 tcontext=u:object_r:proc:s0 tclass=file permissive=1
01-01 02:13:02.953     1     1 I init    : type=1400 audit(0.0:38): avc: denied { write } for name="discard_max_bytes" dev="sysfs" ino=20778 scontext=u:r:init:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1
01-01 02:13:02.953     1     1 I init    : type=1400 audit(0.0:39): avc: denied { open } for path="/sys/devices/soc.0/f9824900.sdhci/mmc_host/mmc0/mmc0:0001/block/mmcblk0/queue/discard_max_bytes" dev="sysfs" ino=20778 scontext=u:r:init:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1

Change-Id: I0283d0744619d82867318879152cd6fbfca094aa
 2023-11-21 22:28:33 +02:00
asmallbit
51b24b16b4
sdm710-common: sepolicy: Add SELinux policy for odrefresh 
odrefresh: type=1400 audit(0.0:192095): avc: denied { open } for path=/dev/__properties__/u:object_r:aac_drc_prop:s0 dev=tmpfs ino=14629 scontext=u:r:odrefresh:s0 tcontext=u:object_r:aac_drc_prop:s0 tclass=file permissive=1

avc: denied { getattr } for path=/dev/__properties__/u:object_r:aac_drc_prop:s0 dev=tmpfs ino=14629 scontext=u:r:odrefresh:s0 tcontext=u:object_r:aac_drc_prop:s0 tclass=file permissive=1

Signed-off-by: Mikazuuu07 <irfn4566@gmail.com>
Signed-off-by: wulan17 <galihgustip@gmail.com>

Change-Id: I51eb0f55430673cce7e87882765aa335096c687d
 2023-11-21 20:39:52 +02:00
boedhack99
22156aae16
sdm710-common: sepolicy: Allow odrefresh to kill 
* avc: denied { kill } for comm=odrefresh capability=5
scontext=u:r:odrefresh:s0 tcontext=u:r:odrefresh:s0 tclass=capability
permissive=0

Change-Id: Id24f51e8570dcb32a6b35c57c8f4b6c2be626673
 2023-11-21 20:38:20 +02:00
tImIbreakdown
e4c27418ef
sdm710-common: sepolicy: allow tee to read persist_file link for qseecomd 
* W qseecomd: type=1400 audit(0.0:26131): avc: denied { read } for name="persist" dev="mmcblk0p27" ino=43
  scontext=u:r:tee:s0 tcontext=u:object_r:persist_file:s0 tclass=lnk_file permissive=0

Change-Id: If830be30b4f8c64c7d0260c0a009149e3aba8668
 2023-11-21 20:20:00 +02:00
jonerlin
81e3fa278b
sdm710-common: Address avc denials while vendor_init access vendor_bluetooth_prop 
* avc:  denied  { set } for  scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_bluetooth_prop:s0 tclass=property_service
* avc:  denied  { set } for  scontext=u:r:vendor_init:s0 tcontext=u:object_r:vendor_bluetooth_prop:s0 tclass=property_service

Bug: 131149718
Test: Boot up and Turn On/Off Bluetooth
Change-Id: Ifd6bf0a35eafc2513901783b35deed45eed9dac6
 2023-11-21 20:00:48 +02:00
Aflaungos
c7fb8c20d2
sdm710-common: sepolicy: Add SELinux policy for flags_health_check 
flags_health_ch: type=1400 audit(0.0:192095): avc: denied { open } for path=/dev/__properties__/u:object_r:aac_drc_prop:s0 dev=tmpfs ino=14629 scontext=u:r:flags_health_check:s0 tcontext=u:object_r:aac_drc_prop:s0 tclass=file permissive=1

avc: denied { getattr } for path=/dev/__properties__/u:object_r:aac_drc_prop:s0 dev=tmpfs ino=14629 scontext=u:r:flags_health_check:s0 tcontext=u:object_r:aac_drc_prop:s0 tclass=file permissive=1

avc: denied { open } for path=/dev/__properties__/u:object_r:ab_update_gki_prop:s0 dev=tmpfs ino=14631 scontext=u:r:flags_health_check:s0 tcontext=u:object_r:ab_update_gki_prop:s0 tclass=file permissive=1

avc: denied { open } for path=/dev/__properties__/u:object_r:adbd_config_prop:s0 dev=tmpfs ino=14632 scontext=u:r:flags_health_check:s0 tcontext=u:object_r:adbd_config_prop:s0 tclass=file permissive=1

avc: denied { getattr } for path=/dev/__properties__/u:object_r:adbd_config_prop:s0 dev=tmpfs ino=14632 scontext=u:r:flags_health_check:s0 tcontext=u:object_r:adbd_config_prop:s0 tclass=file permissive=1

Signed-off-by: Mikazuuu07 <irfn4566@gmail.com>
Signed-off-by: wulan17 <galihgustip@gmail.com>
 2023-11-21 19:57:23 +02:00
Nippon
17e45ddf64
sdm710-common: sepolicy: Label more graphics nodes 04-18 19:38:42.837 1606 1606 E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon3/name not found 04-18 19:38:42.837 1606 1606 E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon2/name not found 04-18 19:38:42.837 1606 1606 E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon1/name not found 04-18 19:38:42.837 1606 1606 E WiredAccessoryManager: file /sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon0/name not found 
Signed-off-by: Cykeek <Cykeek@proton.me>
 2023-11-21 19:52:12 +02:00
ShevT
a4b84e2a40
sdm710-common: sepolicy: Fix avc denials related to vdc 
At reboot:
avc:  denied  { kill } for  comm="vdc" capability=5  scontext=u:r:vdc:s0 tcontext=u:r:vdc:s0 tclass=capability permissive=0

Change-Id: Id9387c43d48192d138370aad2033c5ebb61e2b35
 2023-11-21 19:42:55 +02:00
ShevT
791b9834e0
sdm710-common: sepolicy: Fix avc denials related to debugfs_tracing_debug 
Change-Id: I07967e3ad7d2b0ebedd2bf2f5b2727c935b67119
 2023-11-21 19:42:21 +02:00
ShevT
0a16af1ebf
sdm710-common: sepolicy: Fix avc denials related to fsck 
avc:  denied  { kill } for  comm="fsck.f2fs" capability=5  scontext=u:r:fsck:s0 tcontext=u:r:fsck:s0 tclass=capability permissive=0

Change-Id: I8bb2548b6635a58d2bebf0a5f1994188bcf9e3be
 2023-11-21 19:40:50 +02:00
iusmac
b77a2922a2
sdm710-common: sepolicy: Address ueventd denials 
W ueventd : type=1400 audit(0.0:9): avc: denied { read } for name="/" dev="debugfs" ino=1 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=0
W ueventd : type=1400 audit(0.0:6): avc: denied { getattr } for path="/sys/kernel/debug/show_mem_notifier" dev="debugfs" ino=2235 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
W ueventd : type=1400 audit(0.0:7): avc: denied { getattr } for path="/sys/kernel/debug/fault_around_bytes" dev="debugfs" ino=2234 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
W ueventd : type=1400 audit(0.0:8): avc: denied { getattr } for path="/sys/kernel/debug/sleep_time" dev="debugfs" ino=13337 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
W ueventd : type=1400 audit(0.0:9): avc: denied { getattr } for path="/sys/kernel/debug/suspend_stats" dev="debugfs" ino=13336 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0
W ueventd : type=1400 audit(0.0:10): avc: denied { getattr } for path="/sys/kernel/debug/sched_features" dev="debugfs" ino=12438 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs_sched_features:s0 tclass=file permissive=0
W ueventd : type=1400 audit(0.0:11): avc: denied { getattr } for path="/sys/kernel/debug/msm_apr_debug" dev="debugfs" ino=13320 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=0

Change-Id: I11ad4ebd0d2d290c5bc601309aad4509d8bd7bc1
Signed-off-by: iusmac <iusico.maxim@libero.it>
 2023-11-21 19:31:01 +02:00
baunilla
96c04024e2
sdm710-common: sepolicy: ueventd: Address debugfs denials 
avc:  denied  { open } for  pid=412 comm="ueventd" path="/sys/kernel/debug" dev="debugfs" ino=1 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=1

avc:  denied  { read } for  pid=412 comm="ueventd" name="/" dev="debugfs" ino=1 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=1

avc:  denied  { relabelfrom } for  pid=412 comm="ueventd" name="ipc_logging" dev="debugfs" ino=3 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=dir permissive=1

avc:  denied  { getattr } for  pid=412 comm="ueventd" path="/sys/kernel/debug/show_mem_notifier" dev="debugfs" ino=17459 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs:s0 tclass=file permissive=1

avc:  denied  { getattr } for  pid=412 comm="ueventd" path="/sys/kernel/debug/wakeup_sources" dev="debugfs" ino=1048 scontext=u:r:ueventd:s0 tcontext=u:object_r:debugfs_wakeup_sources:s0 tclass=file permissive=1

avc: denied  { relabelto } for  pid=411 comm="ueventd" name="ipc_logging" dev="debugfs" ino=3 scontext=u:r:ueventd:s0 tcontext=u:object_r:qti_debugfs:s0 tclass=dir permissive=1
Change-Id: Id2f04cc9d65dcc5a47fd5f14379d2630736efc0e
Signed-off-by: NFS86 <jarbull86@gmail.com>
 2023-11-14 21:45:43 +02:00
Alessandro Astone
907d7e8b6c
sdm710-common: Build and enable fastbootd mode 
Change-Id: I7f4246f3f583dcae7b3bfc0d3ae1cf4d577632cb
Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
 2023-11-12 10:42:15 +02:00
halibw
198d911563
sdm710-common: sepolicy: Allow init to relabelto logdump_partition 
Change-Id: I8a3d2c1b0ae6163eb595310e779fa0e74c505da7
 2023-11-12 10:37:06 +02:00
CakesTwix
5d41efd453
sdm710-common: Drop KProfiles 
This reverts commit f8e389999a.
 2023-11-02 11:21:05 +02:00
me-cafebabe
ade32dd8dd
sdm710-common: Setup Retrofit Dynamic Partitions 2023-10-27 22:30:18 +03:00
CrisBal
d4b624fda4
sdm710-common: Build aidl power stats and label it 
* Fix for aidl power stats errors.
* New updated legacy-um sepolicy solved the android.hardware.power@1.0::IPower/default error
- Now with this we fixing both errors:
BatteryStatsService: Unable to load Power Hal or power.stats HAL
hwservicemanager: getTransport: Cannot find entry android.hardware.power.stats@1.0::IPowerStats/default in either framework or device manifest.
hwservicemanager: getTransport: Cannot find entry android.hardware.power@1.0::IPower/default in either framework or device manifest.
 2023-09-23 17:30:27 +03:00
Chenyang Zhong
90d4d13b18
sdm710-common: sepolicy: Allow system_server to get app_zygote pgid 
* E system_server: Cannot read thread CPU times for PID 1372
 2023-06-28 20:07:01 +03:00
AndroidHQ254
5c7cc6d9d9
sdm710-common: sepolicy: Label more graphics nodes 
E WiredAccessoryManager: file
/sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon3/name not
found

E WiredAccessoryManager: file
/sys/devices/platform/soc/soc:qcom,msm-ext-disp/extcon/extcon2/name not
found
 2023-06-26 23:38:00 +03:00
iusmac
ca32a5f18f
sdm710-common: sepolicy: Adress IORap usap_pool denial 
W FinalizerDaemon: type=1400 audit(0.0:532): avc: denied { getopt } for
path="/dev/socket/usap_pool_primary" scontext=u:rradios0
tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0
 2023-06-26 23:37:59 +03:00
lupesoltec
d8f8c9232b
sdm710-common: sepolicy: Fix avc denials related to linkerconfig 
avc: denied { kill } for comm="linkerconfig" capability=5
scontext=u:r:linkerconfig:s0 tcontext=u:r:linkerconfig:s0
tclass=capability permissive=0
 2023-06-26 22:57:36 +03:00
Murat Kozan
ef80583f34
sdm710-common: sepolicy: Allow network_stack to read net psched 
[   16.649254] type=1400 audit(1664029505.494:14): avc: granted { read } for comm=rkstack.process name=psched dev=proc ino=4026532010 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   16.649335] type=1400 audit(1664029505.494:15): avc: granted { read open } for comm=rkstack.process path=/proc/2172/net/psched dev=proc ino=4026532010 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file
[   16.649367] type=1400 audit(1664029505.494:16): avc: granted { getattr } for comm=rkstack.process path=/proc/2172/net/psched dev=proc ino=4026532010 scontext=u:r:network_stack:s0 tcontext=u:object_r:proc_net:s0 tclass=file

Change-Id: Iee08bc43122ca6aedce39fd2a27980c90a6b42f1
 2023-06-26 22:56:30 +03:00
CakesTwix
bf630c3a23 sdm710-common: Drop android.hardware.power.stats@1.0-service.lenovo 2023-06-26 00:20:01 +03:00
Ultra119
2365925483 sdm710-common: sepolicy: Allow untrusted_app_27 to getopt zygote 
avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:untrusted_app_27:s0:c143,c256,c512,c768 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0 app=com.pluscubed.matlog
 2023-06-24 15:13:20 +03:00
Ultra119
954ce897e9 sdm710-common: sepolicy: Allow zygote to access unix_stream_socket 
*W FinalizerDaemon: type=1400 audit(0.0:232): avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:system_app:s0 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0
*W FinalizerDaemon: type=1400 audit(0.0:355): avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:platform_app:s0:c512,c768 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0 app=com.motorola.dolby.dolbyui
*W FinalizerDaemon: type=1400 audit(0.0:438): avc: denied { getopt } for path="/dev/socket/usap_pool_primary" scontext=u:r:priv_app:s0:c512,c768 tcontext=u:r:zygote:s0 tclass=unix_stream_socket permissive=0 app=com.android.wallpaper
 2023-06-24 15:13:20 +03:00
Ultra119
80eccb3178 sdm710-common: sepolicy: Allow recovery to access pstore 2023-06-24 15:13:20 +03:00
Ultra119
e6170b67a5 sdm710-common: sepolicy: Fix avc denial related to hal_graphics_composer_default 
ERROR:
avc: denied { read } for name="u:object_r:bootanim_system_prop:s0" dev="tmpfs" ino=18555 scontext=u:r:hal_graphics_composer_default:s0 tcontext=u:object_r:bootanim_system_prop:s0 tclass=file
 2023-06-24 15:13:20 +03:00
Ultra119
4d875c79a2 sdm710-common: sepolicy: Extend untrusted_app access to battery/power supply sysfs 
W/changed_service(7624): type=1400 audit(0.0:2724): avc: denied { search } for name="battery" dev="sysfs" ino=48984 scontext=u:r:untrusted_app:s0:c206,c256,c512,c768 tcontext=u:object_r:sysfs_battery_supply:s0
 2023-06-24 15:13:20 +03:00
Cyber Knight
f8e389999a
sdm710-common: Build KProfiles 
- Inherit KProfiles.
- Address sepolicy.
- Define sysfs_kprofiles as a domain.
- Fix permission of nodes relevant to KProfiles at boot.

Signed-off-by: Cyber Knight <cyberknight755@gmail.com>
 2023-06-21 14:24:45 +03:00
emufan4568
1f9b588765
sdm710-common: Allow wcnss_service to run shell 
* avc: denied { execute_no_trans } for path="/vendor/bin/sh" dev="sda16" ino=247 scontext=u:r:wcnss_service:s0 tcontext=u:object_r:vendor_shell_exec:s0 tclass=file permissive=1
 2023-06-17 17:04:00 +03:00
erikdrozina
19bb8c274d
sdm710-common: sepolicy: Label some RIL property 
W libc    : Unable to set property "ro.vendor.ril.svlte1x" to "false": error code: 0xb
W libc    : Unable to set property "ro.vendor.ril.svdo" to "false": error code: 0xb
W libc    : Unable to set property "ro.ril.supportLTE" to "1": error code: 0xb

Co-authored-by: Master <mhmdeveloperofficial@gmail.com>
 2023-06-17 17:03:49 +03:00
dlwlrma123
40b0738403
sdm710-common: sepolicy: Give adbd sys_admin access 
07-18 06:52:22.989  1406  3348 W AdbDebuggingManager: Read failed with count -1
07-18 06:52:22.990  1406  3348 E AdbDebuggingManager: Caught an exception opening the socket: java.io.IOException: Connection refused
07-18 06:52:23.042  2380  2380 D StatusBar: Received new disable state. Old: enaihbcrso.qingr | New: enaihbcrso.qingr
07-18 06:52:23.040 12342 12342 W adbd    : type=1400 audit(0.0:728): avc: denied { sys_admin } for capability=21 scontext=u:r:adbd:s0 tcontext=u:r:adbd:s0 tclass=capability permissive=0
07-18 06:52:23.049 12342 12342 I adbd    : persist.adb.watchdog set to ''
07-18 06:52:23.049 12342 12342 I adbd    : persist.sys.test_harness set to ''
07-18 06:52:23.049 12342 12342 I adbd    : adb watchdog timeout set to 600 seconds
07-18 06:52:23.050 12342 12342 I adbd    : adbd started
07-18 06:52:23.050 12342 12344 I adbd    : Waiting for persist.adb.tls_server.enable=1
07-18 06:52:23.050 12342 12346 I adbd    : opening control endpoint /dev/usb-ffs/adb/ep0
07-18 06:52:23.051 12342 12346 I adbd    : UsbFfsConnection constructed
07-18 06:52:23.051 12342 12348 I adbd    : UsbFfs-monitor thread spawned
07-18 06:52:23.053 12342 12348 I adbd    : USB event: FUNCTIONFS_BIND
07-18 06:52:23.086  1406  1697 W Looper  : Slow dispatch took 207ms android.fg h=com.android.server.usb.UsbDeviceManager$UsbHandlerLegacy c=null m=13
 2023-06-17 17:03:44 +03:00
Ultra119
229b7a415d
sdm710-common: sepolicy: Give QCOM TEE directory access to tmpfs 
08-28 01:02:14.567   893   909 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x64000
08-28 01:02:14.568   893   909 D QSEECOMAPI: App is not loaded in QSEE
08-28 01:02:14.568   893   909 E QSEECOMAPI: Error::Cannot open the file /vendor/firmware_mnt/image/widevine.mdt errno = 2
08-28 01:02:14.568   893   909 E QSEECOMAPI: Error::Loading image failed with ret = -1
08-28 01:02:14.571   893   909 D QSEECOMAPI: QSEECom_get_handle sb_length = 0x64000
08-28 01:02:14.571   893   909 D QSEECOMAPI: App is not loaded in QSEE
08-28 01:02:14.595   893   909 D QSEECOMAPI: Loaded image: APP id = 24
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: ---------------Widevine OEMCrypto configuration-----------------
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: TA-HLOS interface                    :   QSEECOM
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Crypto Engine SMMU Virtual Address   :   Yes
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Measure elapsed time                 :   No
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Inplace decryption for clear buffer  :   Yes
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Frame Assembly                       :   Yes
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Scratch buffer size                  :   4194304
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Decrypt hash tests                   :   No
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: Secure buffer tests                  :   No
08-28 01:02:14.597   893   909 I QCOM-OEMCrypto: ----------------------------------------------------------------
08-28 01:02:14.598   624   633 D DrmLibTime: got the req here! ret=0
08-28 01:02:14.599   624   633 D DrmLibTime: command id, time_cmd_id = 770
08-28 01:02:14.599   624   633 D DrmLibTime: time_getutcsec starts!
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: time_getutcsec
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: get_utc_seconds
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: time_get_modem_time
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: Checking if ATS_MODEM is set or not.
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: pargs->base = 13
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: pargs->operation = 2
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: pargs->ts_val = 0
08-28 01:02:14.599   624   633 D QC-time-services: Lib:time_genoff_operation: Send to server  passed!!
08-28 01:02:14.599   726  1000 D QC-time-services: Daemon: Connection accepted:time_genoff
08-28 01:02:14.599   726 25387 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 2,value = 0
08-28 01:02:14.599   726 25387 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 2
08-28 01:02:14.599   726 25387 D QC-time-services: offset is: 1 for base: 13
08-28 01:02:14.599   624   633 E QC-time-services: Receive Passed == base = 13, unit = 1, operation = 2, result = 0
08-28 01:02:14.599   624   633 D DrmLibTime: QSEE Time Listener: ATS_MODEM is set. Try to retrieve it.
08-28 01:02:14.599   726  1000 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
08-28 01:02:14.599   726  1000 D QC-time-services: Daemon: Connection accepted:time_genoff
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Received base = 13, unit = 1, operation = 1,value = 0
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:genoff_opr: Base = 13, val = 0, operation = 1
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon: genoff get for 13
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from QTimer mseconds = 25504420
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from RTC mseconds on boot = 14864938000
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from QTimer mseconds = 25504420
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Value read from generic offset = 1646729299436
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Delta read on boot mseconds = 14864929606
08-28 01:02:14.600   726 25388 D QC-time-services: Daemon:Final Time = 1661619733462
08-28 01:02:14.600   624   633 D DrmLibTime: QSEE Time Listener: Time GenOff - seconds: 1661619733
08-28 01:02:14.600   624   633 D DrmLibTime: time_getutcsec returns 0, sec = 1661619733; nsec = 0
08-28 01:02:14.600   624   633 D DrmLibTime: time_getutcsec finished!
08-28 01:02:14.600   624   633 D DrmLibTime: iotcl_continue_command finished! and return 0
08-28 01:02:14.600   624   633 D DrmLibTime: before calling ioctl to read the next time_cmd
08-28 01:02:14.601   726  1000 E QC-time-services: Daemon: Time-services: Waiting to acceptconnection
08-28 01:02:14.615   624   624 W qseecomd: type=1400 audit(0.0:880): avc: denied { read } for name="/" dev="tmpfs" ino=1039 scontext=u:r:tee:s0 tcontext=u:object_r:tmpfs:s0 tclass=dir permissive=0
 2023-06-17 17:03:39 +03:00
Ultra119
712c0269bb
sdm710-common: sepolicy: Fix up libperfmgr crash on logs 
W/libperfmgr(798): Failed to write to node: /proc/sys/kernel/sched_boost with value: 0, fd: -1
 2023-06-17 17:03:33 +03:00
giasen
c69c3e3d54 fixup: sdm710-common: update power sepolicy from xiaomi-sdm845 
- remove unwanted rc file
 2022-11-12 15:09:34 +01:00
Chenyang Zhong
714988dc45 sdm710-common: sepolicy: allow apps to get aux camera prop 
Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
 2022-05-22 18:49:02 +02:00
Giammarco Senatore
c5ecd8c189
Revert "sdm710-common: Address init denial" 
This reverts commit e05b539a51.
 2022-01-04 22:07:15 +01:00
jjpprrrr
e05b539a51
sdm710-common: Address init denial 2021-11-25 20:05:41 +01:00
Chenyang Zhong
50bb739532
sdm710-common: sepolicy: allow system_server to get app_zygote pgid 
avc: denied { getpgid } for scontext=u:r:system_server:s0 tcontext=u:r:app_zygote:s0:c512,c768 tclass=process permissive=0

Appeared during UiBench.

Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
 2021-11-12 16:17:06 +01:00
jjpprrrr
14ed563a24
sdm710-common: sepolicy: specify the owner of vendor props 
vendor_fp_prop is public because apps like Alipay may access it
to enable biometrics payment authentication.
sdm710: Drop a neverallow
 2021-10-30 12:58:35 +02:00
Chenyang Zhong
ed065abb05
sdm710-common: sepolicy: allow vendor_init to read persist_debug_prop 
Signed-off-by: Chenyang Zhong <zhongcy95@gmail.com>
 2021-10-20 22:42:05 +02:00
Giammarco Senatore
c2918e4349
sdm710-common: Add file_contexts for neuralnetworks hal 2021-08-18 13:16:08 +02:00
Giammarco Senatore
09cd80eeb5
sdm710-common: Go enforcing 
- major cleanup
- sepolicy from xiaomi-sdm845-common
- label both goodix and fpc
- allystar GPS uart port and ontim nodes
 2021-08-11 22:41:19 +02:00
Giammarco Senatore
f6f497c743
sdm710-common: Initial commonized tree 
* minor cleanup in overlay and init rc
* drop dolby
 2021-07-25 21:56:17 +02:00
Ethan Chen
4efd4900c5
kunlun2: Enable Pixel atrace HAL 
Change-Id: I34691e5e909b6ca76dc97fd5c45328e3f80b67e1
Signed-off-by: Henrique Pereira <hlcpereira@pixelexperience.org>
Signed-off-by: DennySPb <dennyspb@gmail.com>
 2021-07-17 18:48:16 +02:00
Giammarco Senatore
c119216557
kunlun2: Address some initial denials 
- Nuke folder creation that breaks encryption
- Nuke permissivers and other creepy things
- Properly label light and fp HALs
- Address initial fingerprint denials
- Label camera zui prop
 2021-07-17 18:11:00 +02:00