Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2895 commits 1 branch 0 tags 325 MiB
Commit graph

8 commits

Author SHA1 Message Date
Michael Bestas
797741c2bf
gs-common: Drop pixelsystemservice sepolicy 
We don't ship this app and it breaks the build since we are missing
its policies.

Change-Id: I136579fbd7c07de195b66b9f1e6b0fcb4bd3493a
 2025-06-26 06:20:40 +03:00
Michael Bestas
02b9cc144c
gs-common: Remove non-existent vendor includes 
Change-Id: I1bc76430d30259984f4eb91907be61ef39646c27
 2025-06-26 06:20:40 +03:00
Kai Hsieh
b7aa4a2742 Add SEPolicy allowing GIA to communicate with Suez service 
Attached AVC error log in commit message:
```
[   68.276362] SELinux: avc:  denied  { find } for pid=6775 uid=0 name=android.frameworks.stats.IStats/default scontext=u:r:gia:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
[   68.280115] type=1400 audit(1736239951.684:21): avc:  denied  { call } for  comm="binder:6775_3" scontext=u:r:gia:s0 tcontext=u:r:system_server:s0 tclass=binder permissive=1
```

Flag: build.RELEASE_PIXEL_GIA_ENABLED
Test: Manualy, check `dmesg` to make sure that the cooresponding service can be started normally.
Bug: 369965212
Change-Id: I26d4b324f1359b1b895ea8d3fd51c0877098c5ea
Signed-off-by: Kai Hsieh <kaihsieh@google.com>
 2025-01-16 10:47:24 +08:00
Kai Hsieh
fed627115e Include GIA only on needed, expose GIA permission only if the target service exists 
Flag: EXEMPT, bugfix only.
Bug: 388685884
Test: Factory, AOSP and Pixel build success.
Test: Pixel System Service can access GIA features on Pixel device builds.
Test: GIA exists on factory builds.
Change-Id: I12f55f1ce1c717da6d6c45edbb92854f7efa53e5
Signed-off-by: Kai Hsieh <kaihsieh@google.com>
 2025-01-13 20:01:49 -08:00
Kai Hsieh
13dcd24c48 Solve SEPolicy issue with the Troubleshooting Wizard 
- Allow pixelsystemservice_app to access GIA
- Allow GIA to execute a callback for pixelsystemservice_app

[avc error]
12-09 20:39:51.287   416   416 E SELinux : avc:  denied  { find } for pid=5454 uid=10285 name=com.google.input.gia.core.IGiaService/default scontext=u:r:pixelsystemservice_app:s0:c29,c257,c512,c768 tcontext=u:object_r:hal_gia_service:s0 tclass=service_manager permissive=1
12-09 20:39:51.280  5454  5454 I pool-4-thread-1: type=1400 audit(0.0:19): avc:  denied  { call } for  scontext=u:r:pixelsystemservice_app:s0:c29,c257,c512,c768 tcontext=u:r:gia:s0 tclass=binder permissive=1 app=com.google.android.pixelsystemservice
12-09 20:39:51.280  5454  5454 I pool-4-thread-1: type=1400 audit(0.0:20): avc:  denied  { transfer } for  scontext=u:r:pixelsystemservice_app:s0:c29,c257,c512,c768 tcontext=u:r:gia:s0 tclass=binder permissive=1 app=com.google.android.pixelsystemservice
12-09 20:39:51.280  1341  1341 I binder:1341_3: type=1400 audit(0.0:21): avc:  denied  { call } for  scontext=u:r:gia:s0 tcontext=u:r:pixelsystemservice_app:s0:c29,c257,c512,c768 tclass=binder permissive=1

Flag: EXEMPT, bug-fix only.
Bug: 379991501
Change-Id: I14942cc0df9b9032b2c054fc87d29fc8098aa455
Signed-off-by: Kai Hsieh <kaihsieh@google.com>
 2024-12-19 23:39:24 -08:00
Kai Hsieh
97586506bb Revert^2 "Add GIA (Google Input interface Abstraction laye..." 
Revert submission 30378113-revert-29512389-gia-PMLMEKURMT

Reason for revert: Revert to fix the issue that GIA cannot be started in caimen-next-userdbg

Reverted changes: /q/submissionid:30378113-revert-29512389-gia-PMLMEKURMT
Bug: 367881686
Change-Id: Iecc4738c10dfe244bea02611f1926a9f6264a46c
 2024-11-14 10:10:46 +00:00
ELIYAZ MOMIN (xWF)
c68ac049e1 Revert "Add GIA (Google Input interface Abstraction layer) relat..." 
Revert submission 29512389-gia

Reason for revert: <Potential culprit for b/378865024  - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.>

Reverted changes: /q/submissionid:29512389-gia

Change-Id: Ia4fd036130e54a5573efbd02a044631232561ea1
 2024-11-13 14:06:24 +00:00
Kai Hsieh
1f83bb110e Add GIA (Google Input interface Abstraction layer) related SEPolicy rules and AIDL compatibility matrices. 
AVC evidences:
10-29 16:53:50.756  1305  1305 I binder:1305_2: type=1400 audit(0.0:24): avc:  denied  { search } for  name="goog_touch_interface" dev="sysfs" ino=110634 scontext=u:r:gia:s0 tcontext=u:object_r:sysfs_touch_gti:s0 tclass=dir permissive=1
10-29 16:53:50.756  1305  1305 I binder:1305_2: type=1400 audit(0.0:25): avc:  denied  { read } for  name="interactive_calibrate" dev="sysfs" ino=110738 scontext=u:r:gia:s0 tcontext=u:object_r:sysfs_touch_gti:s0 tclass=file permissive=1
10-29 16:53:50.756  1305  1305 I binder:1305_2: type=1400 audit(0.0:26): avc:  denied  { open } for  path="/sys/devices/virtual/goog_touch_interface/gti.0/interactive_calibrate" dev="sysfs" ino=110738 scontext=u:r:gia:s0 tcontext=u:object_r:sysfs_touch_gti:s0 tclass=file permissive=1
10-29 16:53:50.756  1305  1305 I binder:1305_2: type=1400 audit(0.0:27): avc:  denied  { getattr } for  path="/sys/devices/virtual/goog_touch_interface/gti.0/interactive_calibrate" dev="sysfs" ino=110738 scontext=u:r:gia:s0 tcontext=u:object_r:sysfs_touch_gti:s0 tclass=file permissive=1
10-29 16:53:50.756  1305  1305 I binder:1305_2: type=1400 audit(0.0:28): avc:  denied  { write } for  name="interactive_calibrate" dev="sysfs" ino=110738 scontext=u:r:gia:s0 tcontext=u:object_r:sysfs_touch_gti:s0 tclass=file permissive=1

Test: Build succeed.
Test: Manually, checked whether GIA service is started successfully via command `service list`.
Bug: 367881686
Flag: build.RELEASE_PIXEL_GIA_ENABLED
Change-Id: I8069521425ff1e830d759252bf8bf460f4dc6f32
Signed-off-by: Kai Hsieh <kaihsieh@google.com>
 2024-10-31 00:57:56 +00:00