Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2731 commits 1 branch 0 tags 325 MiB
Commit graph

8 commits

Author SHA1 Message Date
Wesley Lee
0649754278 mediacodec: add GPU access policy 
avc:  denied  { read write }
for  comm="binder:757_6" name="renderD128" dev="tmpfs"
ino=1566 scontext=u:r:mediacodec_google:s0
tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1

Bug: 378609071

Flag: EXEMPT bugfix

Test: run cts -m CtsMediaV2TestCases -t
android.mediav2.cts.CodecEncoderSurfaceTest#testSimpleEncodeFromSurface[26_c2.google.av1.encoder_video/av01_c2.google.av1.decoder_video/av01_512kbps_30fps_yuv420flexible_tonemapyes_persistentsurface]

Change-Id: I2af4f53c9ff8aca0d3c7fd721738f2044d4772fd
Signed-off-by: Wesley Lee <szuweilee@google.com>
 2024-11-20 06:29:09 +00:00
timmyli
df68b9bc58 Add permission for mediacodec to bindercall camera hal 
Bug: 370903762
Test: local test to check permissions
Flag: EXEMPT bug fix

10-07 01:54:59.328000  1046   768   768 I auditd  : type=1400 audit(0.0:1920): avc:  denied  { call } for  comm="binder:768_A" scontext=u:r:mediacodec_google:s0 tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=0
10-07 01:54:59.328000  1046   768   768 W binder:768_A: type=1400 audit(0.0:1920): avc:  denied  { call } for  scontext=u:r:mediacodec_google:s0 tcontext=u:r:hal_camera_default:s0 tclass=binder permissive=0

Change-Id: I437df92d99f0c31c0b5a1bdebc63f6bc7360ca90
 2024-10-07 10:01:00 +00:00
Ernie Hsu
1d9653d8c1 Add common lib for libgc2 encoders and decoders 
Flag: EXEMPT refactor
Bug: 369762843
Change-Id: Ia971c1cc7dd9c67d147cf6e173772a5bfbfd2cef
 2024-10-02 03:51:06 +00:00
Ernie Hsu
d35b61f390 mediacodec: fix perfetto trace permission 
08-28 16:33:56.280  1046   720   720 I auditd  : type=1400 audit(0.0:469): avc:  denied  { write } for  comm="TracingMuxer" name="traced_producer" dev="tmpfs" ino=1604 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:traced_producer_socket:s0 tclass=sock_file permissive=0

Flag: EXEMPT bugfix
Test: atest-dev com.google.android.selinux.pts.SELinuxTest#scanAvcDeniedLogRightAfterReboot
Bug: 361093311
Change-Id: I0aad9d771069cd0d660708e41c29c79d83e04704
 2024-08-28 10:27:52 +00:00
Ernie Hsu
13883d9a54 mediacodec: fix permission for vendor_media_data and ecoservice 
vendor_media_data:
08-27 12:07:01.540   747   747 I /vendor/bin/hw/google.hardware.media.c2@3.0-service: type=1400 audit(0.0:1785): avc:  denied  { search } for  comm=436F646563322E30204C6F6F706572 name="media" dev="dm-57" ino=399 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:vendor_media_data_file:s0 tclass=dir permissive=1
08-27 12:07:01.540   747   747 I /vendor/bin/hw/google.hardware.media.c2@3.0-service: type=1400 audit(0.0:1786): avc:  denied  { write } for  comm=436F646563322E30204C6F6F706572 name="media" dev="dm-57" ino=399 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:vendor_media_data_file:s0 tclass=dir permissive=1
08-27 12:07:01.540   747   747 I /vendor/bin/hw/google.hardware.media.c2@3.0-service: type=1400 audit(0.0:1787): avc:  denied  { add_name } for  comm=436F646563322E30204C6F6F706572 name="input_7335.bin" scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:vendor_media_data_file:s0 tclass=dir permissive=1
08-27 12:07:01.540   747   747 I /vendor/bin/hw/google.hardware.media.c2@3.0-service: type=1400 audit(0.0:1788): avc:  denied  { create } for  comm=436F646563322E30204C6F6F706572 name="input_7335.bin" scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:vendor_media_data_file:s0 tclass=file permissive=1
08-27 12:07:01.540   747   747 I /vendor/bin/hw/google.hardware.media.c2@3.0-service: type=1400 audit(0.0:1789): avc:  denied  { append open } for  comm=436F646563322E30204C6F6F706572 path="/data/vendor/media/input_7335.bin" dev="dm-57" ino=26749 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:vendor_media_data_file:s0 tclass=file permissive=1

ecoservice:
08-27 13:07:44.686   358   358 E SELinux : avc:  denied  { find } for pid=743 uid=1046 name=media.ecoservice scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:eco_service:s0 tclass=service_manager permissive=1

Flag: EXEMPT bugfix
Test: video playback and screen record
Bug: 361093311
Change-Id: I37d5081061bad2917b24e320f4e4a9c8116db6fa
 2024-08-28 07:16:06 +00:00
Ernie Hsu
a01bc1d315 mediacodec: fix vpu device sepolicy for video playback 
08-27 11:30:17.500   734   734 I binder:734_4: type=1400 audit(0.0:1288): avc:  denied  { read write } for  name="vpu" dev="tmpfs" ino=1585 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=1
08-27 11:30:17.500   734   734 I binder:734_4: type=1400 audit(0.0:1289): avc:  denied  { open } for  path="/dev/vpu" dev="tmpfs" ino=1585 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=1
08-27 11:30:17.500   734   734 I binder:734_4: type=1400 audit(0.0:1290): avc:  denied  { ioctl } for  path="/dev/vpu" dev="tmpfs" ino=1585 ioctlcmd=0x4200 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=1
08-27 11:30:17.500   734   734 I binder:734_4: type=1400 audit(0.0:1291): avc:  denied  { map } for  path="/dev/vpu" dev="tmpfs" ino=1585 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=1
08-27 11:30:18.944   734   734 I FetchThread: type=1400 audit(0.0:1292): avc:  denied  { ioctl } for  path="/dev/vpu" dev="tmpfs" ino=1585 ioctlcmd=0x4207 scontext=u:r:mediacodec_google:s0 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=1

Bug: 353638738
Flag: EXEMPT bugfix
Test: video playback
Change-Id: I8ad4507693a4a0fbbd2709bd79d25b1ef4109904
 2024-08-27 05:29:18 +00:00
Ernie Hsu
bbe999c372 mediacodec: fix sepolicy for video playback/recording 
07-18 08:46:26.420   925   925 I CodecLooper: type=1400 audit(0.0:404): avc:  denied  { use } for  path="/dev/ashmemf7003569-92c8-48c6-bfdb-b7331af5f4e9" dev="tmpfs" ino=1121 scontext=u:r:mediacodec_google:s0 tcontext=u:r:mediaserver:s0 tclass=fd permissive=1
07-18 08:46:26.468   925   925 I HwBinder:925_3: type=1400 audit(0.0:405): avc:  denied  { use } for  path="/dmabuf:system-uncached" dev="dmabuf" ino=734 scontext=u:r:mediacodec_google:s0 tcontext=u:r:hal_graphics_allocator_default:s0 tclass=fd permissive=1
07-18 08:46:26.664   925   925 I HwBinder:925_4: type=1400 audit(0.0:406): avc:  denied  { use } for  path="anon_inode:sync_file" dev="anon_inodefs" ino=52 scontext=u:r:mediacodec_google:s0 tcontext=u:r:untrusted_app_27:s0:c83,c256,c512,c768 tclass=fd permissive=1
07-18 08:46:26.668   925   925 I HwBinder:925_5: type=1400 audit(0.0:407): avc:  denied  { use } for  path="anon_inode:sync_file" dev="anon_inodefs" ino=52 scontext=u:r:mediacodec_google:s0 tcontext=u:r:surfaceflinger:s0 tclass=fd permissive=1
07-18 08:46:26.696   925   925 I HwBinder:925_5: type=1400 audit(0.0:408): avc:  denied  { use } for  path="anon_inode:sync_file" dev="anon_inodefs" ino=52 scontext=u:r:mediacodec_google:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=fd permissive=1
07-18 08:46:29.392   925   925 I HwBinder:925_6: type=1400 audit(0.0:409): avc:  denied  { use } for  path="anon_inode:sync_file" dev="anon_inodefs" ino=52 scontext=u:r:mediacodec_google:s0 tcontext=u:r:hal_graphics_composer_default:s0 tclass=fd permissive=1

Test: video playback, screen recording
Bug: 353638738
Change-Id: I071268d39cedf10b8f7c0ca0c9cb2bd33a367d09
 2024-07-19 03:26:55 +00:00
Ernie Hsu
3b4a36a573 Move mediacodec hal setting to gs-common 
Flag: EXEMPT refactor
Bug: 353638738
Change-Id: Id17997c75e7dc4f44d7ba8a3a98fa241052cbbff
 2024-07-18 09:37:16 +00:00