Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2888 commits 1 branch 0 tags 325 MiB
Commit graph

2888 commits

This branch
This branch
All branches
Author SHA1 Message Date
Meng Wang
8fb8122f3b gs-common/esim: include sysprop setupwizard.feature.provisioning_profile_mode 
So all eSIM bootstrap configs are included in one shot.

This change is no-op for devices already including esim.mk because the sysproop was already set so.

Flag: NONE no-op mk change
Bug: 380280915
Change-Id: Ic1e83e4cd2ad546ddecbef7234457559894217e1
 2024-11-21 18:19:31 +00:00
Liana Kazanova (xWF)
74283c5cbe Revert "modem_svc: move shared_modem_platform related sepolicy t..." 
Revert submission 30519089-move_modem_sepolicy

Reason for revert: DroidMonitor: Potential culprit for http://b/380274930 - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.

Reverted changes: /q/submissionid:30519089-move_modem_sepolicy

Change-Id: I241b3aba370f77c705ca3890151e760b4764beca
 2024-11-21 17:54:12 +00:00
Eileen Lai
6db7e6756d Merge "modem_svc: move shared_modem_platform related sepolicy to gs-common" into main 2024-11-21 17:03:11 +00:00
Edwin Tung
e8884c92fb dump_gps: collect gps logs in ascending order 
Bug: 359797762
Test: Check gps file in dumpstate
Flag: EXEMPT, add gps dump to bugreport
Change-Id: Ia869e634c5f526f217fd24595a6f415c30046980
 2024-11-21 10:19:39 +00:00
Eileen Lai
20bb32819d modem_svc: move shared_modem_platform related sepolicy to gs-common 
Bug: 372400955


Flag: NONE local testing only
Change-Id: Ia23ff9f43ee855c2a758714d025123c071e9c288
 2024-11-21 08:27:55 +00:00
Dinesh Yadav
acf0eb0ee5 Merge "Add sepolicy for edgetpu_tachyon_service to report metrics" into main 2024-11-21 08:25:01 +00:00
Dinesh Yadav
064b50e43b Add sepolicy for edgetpu_tachyon_service to report metrics 
This permission is needed to report errors encountered while running gxp workloads to telemetry services.

AVC Error seen while reporting errors:
11-21 09:30:05.711   406   406 E SELinux : avc:  denied  { find } for pid=1821 uid=1000 name=android.frameworks.stats.IStats/default scontext=u:r:edgetpu_tachyon_server:s0 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=0

Bug: 359404493
Flag: EXEMPT updates device sepolicy only
Change-Id: Ic282928aad6283077e183f931230f79eea49053d
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2024-11-21 06:39:00 +00:00
Boon Jun
e3df39e77c Document radioext_interface_type soong variable usage 
Bug: 377991853
Bug: 371878208
Test: None
Flag: EXEMPT DOCS_ONLY
Change-Id: Ibb722d63ee726aeead0f7c89bdfa21c0ad3ae6b3
 2024-11-21 05:38:22 +00:00
Wesley Lee
9cb50229d9 Merge "mediacodec: add GPU access policy" into main 2024-11-21 03:31:04 +00:00
Cheng Chang
90398dea27 Merge "sepolicy: Allow hal_gnss_pixel create file" into main 2024-11-21 00:39:46 +00:00
Android Build Coastguard Worker
2bf583b8c8 Snap for 12687986 from 0cf5a2a95d to 25Q1-release 
Change-Id: Ic44ddf08536c85d8c4799294930e95ab6af0e930
 2024-11-21 00:03:28 +00:00
Aleks Rozman
83e7cc5a7f Build lyric from source if prebuilt directory is missing. 
On select branches, like the camera-stability, the prebuilt directory is missing so we want to make sure that it is building from source even if the flags tell us that a prebuilt should be used.

Bug: 380099804
Change-Id: I8832451c1f7ff6d6de3c2991e9f63317966a2f83
Test: Make on camera-stability-dev and verify warning
Flag: EXEMPT (not applicable)
 2024-11-20 22:48:19 +00:00
Wesley Lee
0649754278 mediacodec: add GPU access policy 
avc:  denied  { read write }
for  comm="binder:757_6" name="renderD128" dev="tmpfs"
ino=1566 scontext=u:r:mediacodec_google:s0
tcontext=u:object_r:gpu_device:s0 tclass=chr_file permissive=1

Bug: 378609071

Flag: EXEMPT bugfix

Test: run cts -m CtsMediaV2TestCases -t
android.mediav2.cts.CodecEncoderSurfaceTest#testSimpleEncodeFromSurface[26_c2.google.av1.encoder_video/av01_c2.google.av1.decoder_video/av01_512kbps_30fps_yuv420flexible_tonemapyes_persistentsurface]

Change-Id: I2af4f53c9ff8aca0d3c7fd721738f2044d4772fd
Signed-off-by: Wesley Lee <szuweilee@google.com>
 2024-11-20 06:29:09 +00:00
Daniel Lee
0cf5a2a95d Merge "storage: turn off writebooster flags upon init" into main 2024-11-20 05:12:10 +00:00
Android Build Coastguard Worker
34b68901a2 Snap for 12680993 from fa76c993b7 to 25Q1-release 
Change-Id: I914c57ae3f13fbd031ad30e9c8edfd5870ddc200
 2024-11-20 00:04:05 +00:00
Julius Snipes
993506e4f1 GRIL sepolicy for aidl radioext v2.1 
avc:  denied  { find } for pid=2019 uid=10269 name=vendor.google.radio_ext.IRadioExt/default scontext=u:r:grilservice_app:s0:c13,c257,c512,c768 tcontext=u:object_r:hal_aidl_radio_ext_service:s0 tclass=service_manager permissive=1

avc:  denied  { find } for pid=6500 uid=10242 name=vendor.google.radio_ext.IRadioExt/default scontext=u:r:grilservice_app:s0:c242,c256,c512,c768 tcontext=u:object_r:hal_radio_ext_service:s0 tclass=service_manager permissive=0

avc:  denied  { find } for interface=vendor.google.radioext::IRadioExt sid=u:r:grilservice_app:s0:c242,c256,c512,c768 pid=6500 scontext=u:r:grilservice_app:s0:c242,c256,c512,c768 tcontext=u:object_r:default_android_hwservice:s0 tclass=hwservice_manager permissive=0

avc:  denied  { read write } for  comm="vendor.google.r" name="umts_boot0" dev="tmpfs" ino=1352 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:radio_device:s0 tclass=chr_file permissive=1

avc:  denied  { search } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=dir permissive=1

avc:  denied  { read write } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:sysfs_leds:s0 tclass=file permissive=1

avc:  denied  { read write } for  name="backlight" dev="sysfs" ino=83794 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:sysfs_display:s0 tclass=file permissive=1

avc:  denied  { create } for  name="radio" dev="dm-53" ino=379 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1

avc:  denied  { create } for  name="radio" dev="dm-53" ino=379 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1

avc:  denied  { find } for interface=hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance sid=u:r:hal_aidl_radio_ext:s0 pid=792 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:hal_bluetooth_coexistence_hwservice:s0 tclass=hwservice_manager permissive=1

avc:  denied  { find } for interface=hardware.google.bluetooth.bt_channel_avoidance::IBTChannelAvoidance sid=u:r:hal_aidl_radio_ext:s0 pid=792 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:hal_bluetooth_coexistence_service:s0 tclass=service_manager permissive=1

avc:  denied  { read } for  name="link_rate" dev="sysfs" ino=111840 scontext=u:r:hal_aidl_radio_ext:s0 tcontext=u:object_r:sysfs:s0 tclass=file permissive=0

Bug: 355774451
Change-Id: Iea5e0cdff82b140caa1e8b6717e94d6d78076b28
Test: verify with test roms
Flag: EXEMPT sepolicy
 2024-11-19 23:27:20 +00:00
Daniel Lee
350e262415 storage: turn off writebooster flags upon init 
Enabling writebooster capability for Pixel UFS (pa/2994670)
enabled the following flags in Android Common Kernel:

  - wb_flush_en
  - wb_flush_during_h8
  - wb_enable

This patch disables these writebooster-related flags to restore the
intended behavior for Pixel devices. This overrides the default Android
Common Kernel behavior.

While 'wb_flush_en' and 'wb_enable' have corresponding sysfs entries
('enable_wb_buf_flush' and 'wb_on') for toggling,
'wb_flush_during_h8' currently lacks this functionality in the Android
Common Kernel. Pixel provides the 'manual_gc' sysfs entry as a
workaround. Setting 'manual_gc' to 0 disables 'wb_flush_during_h8'.

Bug: 377958570
Flag: EXEMPT bugfix
Test: check if all writebooster-realated flags are false upon init
Change-Id: I918bf6939de3e208b715f554a96ccbd053f68a18
Signed-off-by: Daniel Lee <chullee@google.com>
 2024-11-19 17:22:10 +00:00
Android Build Coastguard Worker
a43871d569 Snap for 12673321 from 32569fc7e5 to 25Q1-release 
Change-Id: I392e8af4081c88356e99e13aa1876d7a91717e3d
 2024-11-19 00:07:07 +00:00
Tommy Chiu
fa76c993b7 [automerger skipped] gsc: Change the criteria for building GSC targets am: 421324351c -s ours 
am skip reason: Merged-In I96f429ec3284114868ad220ea308a6920930c065 with SHA-1 8af77ef942 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs-common/+/30467455

Change-Id: I008809abb19974fc20f8f5047d08b017d9d3ae3d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-11-18 21:45:44 +00:00
Tommy Chiu
421324351c gsc: Change the criteria for building GSC targets 
There can be a case where vendor directory exists but vendor/google_nos
does not.

Bug: 371059500
Test: manual
Flag: EXEMPT refactor
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:8af77ef94228bf37bd7be4d8db496f7084e0333d)
Merged-In: I96f429ec3284114868ad220ea308a6920930c065
Change-Id: I96f429ec3284114868ad220ea308a6920930c065
 2024-11-18 18:10:31 +00:00
Robert Lee
32569fc7e5 Merge "audio: update hdmi audio path" into main 2024-11-18 03:10:31 +00:00
Robert Lee
5a063cc17b audio: update hdmi audio path 
Add permission to read HDMI states by audio hal.

For new project is using
/devices/platform/dwc_dptx-audio/extcon/hdmi_audio

For old projects are using
/devices/platform/drmdp-adma/extcon/hdmi_audio

Bug: 328784922
Test: builds
Flag: EXEMPT update sepolocy
Change-Id: I3bd0ccf1ee804de3157e759eac275673c9fc96a2
Signed-off-by: Robert Lee <lerobert@google.com>
 2024-11-18 03:08:08 +00:00
Android Build Coastguard Worker
c607d9ae35 Snap for 12667701 from 36f37eaf3b to 25Q1-release 
Change-Id: Ieb1db54f556ba3627e888e8302b048abb3e2f414
 2024-11-16 22:52:30 +00:00
Android Build Coastguard Worker
1e71dec3fc Snap for 12664851 from 3c9ee42c23 to 25Q1-release 
Change-Id: I7ffaacb34db5dc2802c72b9d5dd9b773d397262d
 2024-11-16 02:03:51 +00:00
Madhav Iyengar
36f37eaf3b Merge "Give ContextHub HAL access to AOC version" into main 2024-11-15 21:51:42 +00:00
Kai Hsieh
3c9ee42c23 Merge "Revert^2 "Add GIA (Google Input interface Abstraction laye..."" into main 2024-11-15 05:32:43 +00:00
Android Build Coastguard Worker
9351024f1c Snap for 12658558 from efc0fc73ea to 25Q1-release 
Change-Id: Ic46f3a5bdc231051adc0f73c532ac6a507659b05
 2024-11-15 00:03:19 +00:00
Kai Hsieh
97586506bb Revert^2 "Add GIA (Google Input interface Abstraction laye..." 
Revert submission 30378113-revert-29512389-gia-PMLMEKURMT

Reason for revert: Revert to fix the issue that GIA cannot be started in caimen-next-userdbg

Reverted changes: /q/submissionid:30378113-revert-29512389-gia-PMLMEKURMT
Bug: 367881686
Change-Id: Iecc4738c10dfe244bea02611f1926a9f6264a46c
 2024-11-14 10:10:46 +00:00
Cheng Chang
303cf04de1 sepolicy: Allow hal_gnss_pixel create file 
[ 7564.504317] type=1400 audit(1731556655.872:63): avc:  denied  { create } for  comm="android.hardwar" name="android.hardware.gnss-service.pixel" scontext=u:r:hal_gnss_pixel:s0 tcontext=u:object_r:vendor_gps_file:s0 tclass=file permissive=0 bug=b/378004800

flag: EXEMPT the function has been verified at userdebug ROM.
Bug: 378004800
Bug: 377446770
Test: b/378004800 abtd to check sepolicy
Test: b/377446770#comment1 verified the coredump function on user ROM.
Change-Id: If5cbe1dfde904f7d1eb0daaa53fa6bef19161f01
 2024-11-14 09:42:15 +00:00
Android Build Coastguard Worker
5e59303ad4 Snap for 12651823 from 6e5b6a6998 to 25Q1-release 
Change-Id: I83b12f35c4e0867ffba20a3bb4e7069a8dcf0d57
 2024-11-14 00:03:03 +00:00
Xin Li
efc0fc73ea [automerger skipped] Merge 24Q4 (ab/12406339) into aosp-main-future am: 61302f297c -s ours 
am skip reason: Merged-In Idd70cf3d846fad1a25060ebfb6ae6a99599fd861 with SHA-1 d43a6e1c5a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/gs-common/+/30284589

Change-Id: I323ceafb8b8140a941b906990b0cb63e3c941515
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2024-11-13 23:00:57 +00:00
Madhav Iyengar
e546ba5bae Give ContextHub HAL access to AOC version 
Required to gate use of the new ContextHub HAL <-> CHRE transport on the
availability of a bugfix in AOC.

Bug: 378367295
Flag: android.chre.flags.efw_xport_in_context_hub
Test: ...
Change-Id: Ibd5e3d20b7e5c14ea2200d85c179a4e96eb3b65a
 2024-11-13 21:07:38 +00:00
Kai Hsieh
6e5b6a6998 Merge "Revert "Add GIA (Google Input interface Abstraction layer) relat..."" into main 2024-11-13 14:42:35 +00:00
ELIYAZ MOMIN (xWF)
c68ac049e1 Revert "Add GIA (Google Input interface Abstraction layer) relat..." 
Revert submission 29512389-gia

Reason for revert: <Potential culprit for b/378865024  - verifying through ABTD before revert submission. This is part of the standard investigation process, and does not mean your CL will be reverted.>

Reverted changes: /q/submissionid:29512389-gia

Change-Id: Ia4fd036130e54a5573efbd02a044631232561ea1
 2024-11-13 14:06:24 +00:00
Treehugger Robot
cad0ccbb94 Merge "Introduce Pixel mailbox module" into main 2024-11-13 08:49:49 +00:00
Lucas Wei
f39a955d95 Introduce Pixel mailbox module 
Introduce Pixel mailbox module to dump debugging messages and integrate
with bugreport.
This patch also create sepolicy files to avoid avc denied.

avc:  denied  { search } for  comm="dump_mailbox" name="radio" dev="dm-57" ino=375 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=dir permissive=1
avc:  denied  { search } for  comm="dump_mailbox" name="instances" dev="tracefs" ino=4203 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances:s0 tclass=dir permissive=1
avc:  denied  { read } for  comm="dump_mailbox" name="trace" dev="tracefs" ino=7250 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances:s0 tclass=file permissive=1
avc:  denied  { open } for  comm="dump_mailbox" path="/sys/kernel/tracing/instances/goog_cpm_mailbox/trace" dev="tracefs" ino=7187 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_traci
avc:  denied  { create } for  comm="dump_mailbox" name="goog_cpm_mailbox_trace" scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { write open } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=29097 scontext=u:r:dump_mailbox:s0 tcontex=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=29097 scontext=u:r:dump_mailbox:s0 tcontext=ut=5 audit_backlog_limit=64
=1
avc:  denied  { read } for  comm="dump_mailbox" name="trace" dev="tracefs" ino=5239 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances_mailbox:s0 tclass=file permissive=1
avc:  denied  { open } for  comm="dump_mailbox" path="/sys/kernel/tracing/instances/goog_cpm_mailbox/trace" dev="tracefs" ino=5239 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances_mailbox:s0 tclass=file permissive=1
avc:  denied  { create } for  comm="dump_mailbox" name="goog_cpm_mailbox_trace" scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { write open } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=30937 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/sys/kernel/tracing/instances/goog_cpm_mailbox/trace" dev="tracefs" ino=5239 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:debugfs_tracing_instances_mailbox:s0 tclass=file permissive=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=30937 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { create } for  comm="dump_mailbox" name="goog_cpm_mailbox_trace" scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclas(6 results) 15:39:41 [4796/19306]
avc:  denied  { write open } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=32864 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1
avc:  denied  { getattr } for  comm="dump_mailbox" path="/data/vendor/radio/logs/always-on/all_logs/mailbox/goog_cpm_mailbox_trace" dev="dm-52" ino=32864 scontext=u:r:dump_mailbox:s0 tcontext=u:object_r:radio_vendor_data_file:s0 tclass=file permissive=1

Flag: EXEMPT, add mailbox dump program to bugreport
Bug: 363168077
Change-Id: I622f37bf8f913df8d9b242ab206fc267d446753d
 2024-11-13 07:52:03 +00:00
Kai Hsieh
9c0119a3d2 Merge "Add GIA (Google Input interface Abstraction layer) related SEPolicy rules and AIDL compatibility matrices." into main 2024-11-13 07:05:58 +00:00
Android Build Coastguard Worker
7993e14af2 Snap for 12644741 from 993cd00d79 to 25Q1-release 
Change-Id: Ibff35ba4e173e93b8ee6cba694098bfea3ba7c61
 2024-11-13 00:03:21 +00:00
timmyli
cfedcac7d7 Remove bug comment 
Bug: 363018500
Test: comment only
Flag: EXEMPT remove comment
Change-Id: I86ed9f0e7ed5b3741b23afffb2d7440683f34eb0
 2024-11-12 18:40:13 +00:00
Treehugger Robot
993cd00d79 Merge "Replace many app service permission with app_api_service" into main 2024-11-12 18:36:27 +00:00
Ocean Chen
594e90f573 Merge "Revert "storage: Defer blkio class configuration"" into main 2024-11-12 02:21:33 +00:00
Ocean Chen
3330640782 Revert "storage: Defer blkio class configuration" 
This patch change the I/O schedulor back to mq-deadline before boot completed.

Bug:374905027
Test: forrest run

This reverts commit 0af034bf9f.

Change-Id: Ie49fb8a62d6fdb8da112e83d5a8e3551b0072379
 2024-11-12 02:21:23 +00:00
Android Build Coastguard Worker
a092a1d146 Snap for 12637843 from ea38f5c687 to 25Q1-release 
Change-Id: I1c8956ef66e1054578a1874c5a39695bb59f4943
 2024-11-12 00:03:06 +00:00
timmyli
872e432821 Replace many app service permission with app_api_service 
We don't need to grant permissions to all these things. Just
app_api_service is enough.

Bug: 363018500
Test: manual test with GCA Eng
Flag: EXEMPT add permissions
Change-Id: I2457b54b244b2739e89393f52442afd4544418f1

11-08 00:33:23.429   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=activity scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:activity_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.436   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=display scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:display_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.439   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=network_management scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:network_management_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.453   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=connectivity scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:connectivity_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.457   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=netstats scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.470   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=mount scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:mount_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.488   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=jobscheduler scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:jobscheduler_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.502   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=shortcut scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:shortcut_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.604   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=notification scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:notification_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.606   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=content scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:content_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.627   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=content_capture scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.630   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=gpu scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:gpu_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.630   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=activity_task scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:activity_task_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.643   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=sensorservice scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:sensorservice_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.644   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=virtualdevice_native scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:virtual_device_native_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.652   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=device_policy scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:device_policy_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.652   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=batterystats scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:batterystats_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.653   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=powerstats scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:powerstats_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.662   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=trust scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:trust_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.677   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=device_state scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:device_state_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.718   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=vibrator_manager scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:vibrator_manager_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.724   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=input_method scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:input_method_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.732   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=power scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:power_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.733   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=thermalservice scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:thermal_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.784   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=voiceinteraction scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:voiceinteraction_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.786   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=autofill scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:autofill_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.795   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=sensitive_content_protection_service scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:sensitive_content_protection_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.798   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=graphicsstats scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:graphicsstats_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.798   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=performance_hint scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:hint_service:s0 tclass=service_manager permissive=1
11-08 00:33:23.835   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=clipboard scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:clipboard_service:s0 tclass=service_manager permissive=1
11-08 00:33:24.029   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=android.frameworks.stats.IStats/default scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
11-08 00:33:24.130   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=backup scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:backup_service:s0 tclass=service_manager permissive=1
11-08 00:33:24.160   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=audio scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
11-08 00:33:24.368   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=android.hardware.neuralnetworks.IDevice/google-edgetpu scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:edgetpu_nnapi_service:s0 tclass=service_manager permissive=1
11-08 00:33:24.364 16052 16052 I GoogleCameraEng: type=1400 audit(0.0:1555): avc:  denied  { read } for  name="enforce" dev="selinuxfs" ino=4 scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
11-08 00:33:24.364 16052 16052 I GoogleCameraEng: type=1400 audit(0.0:1556): avc:  denied  { open } for  path="/sys/fs/selinux/enforce" dev="selinuxfs" ino=4 scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
11-08 00:33:24.650   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=android.frameworks.stats.IStats/default scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
11-08 00:33:24.872   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=package_native scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:package_native_service:s0 tclass=service_manager permissive=1
11-08 00:33:26.556   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=input scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:input_service:s0 tclass=service_manager permissive=1
11-08 00:33:34.977   344   344 E SELinux : avc:  denied  { find } for pid=16052 uid=10296 name=storagestats scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:storagestats_service:s0 tclass=service_manager permissive=1
11-08 00:33:42.547   344   344 E SELinux : avc:  denied  { find } for pid=16961 uid=10296 name=activity scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:activity_service:s0 tclass=service_manager permissive=1
11-08 00:33:42.593   344   344 E SELinux : avc:  denied  { find } for pid=16961 uid=10296 name=mount scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:mount_service:s0 tclass=service_manager permissive=1
11-08 00:33:42.656 16961 16961 I GoogleCameraEng: type=1400 audit(0.0:1681): avc:  denied  { read } for  name="enforce" dev="selinuxfs" ino=4 scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
11-08 00:33:42.656 16961 16961 I GoogleCameraEng: type=1400 audit(0.0:1682): avc:  denied  { open } for  path="/sys/fs/selinux/enforce" dev="selinuxfs" ino=4 scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
11-08 00:33:42.726   344   344 E SELinux : avc:  denied  { find } for pid=16961 uid=10296 name=content scontext=u:r:debug_camera_app:s0:c40,c257,c512,c768 tcontext=u:object_r:content_service:s0 tclass=service_manager permissive=1

Change-Id: I91235f2f699fd07107eaa11174beee895559770e
 2024-11-11 18:00:58 +00:00
Snehal Koukuntla
ea38f5c687 Add widevine SELinux permissions for L1 
839   839 I android.hardwar: type=1400 audit(0.0:982): avc:  denied  { read } for  name="system" dev="tmpfs" ino=1313 scontext=u:r:hal_drm_widevine:s0 tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file permissive=1

Bug: 363181505
Flag: EXEMPT bugfix
Change-Id: Ib9391b24f03a7306b8ba42c960d4c77c5bf148e8
 2024-11-08 17:04:21 +00:00
Android Build Coastguard Worker
79c1d9921a Snap for 12623742 from ba53a62a59 to 25Q1-release 
Change-Id: Id34703b961eb399d7dc8e96a98ff4de67494048a
 2024-11-08 00:03:23 +00:00
Michael Bestas
c3bf3419ad Android 15.0.0 release 5 
-----BEGIN PGP SIGNATURE-----
 
 iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZyvedgAKCRDorT+BmrEO
 eA+nAJ9tZiVlWuLXPuOc0IS9uMDXxsYy8ACePKq1szLOcZHeCqR7vR03lDwGvWo=
 =OL20
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQJLBAABCgA1FiEEHrBYPudH862glXQBzJUERRm+ZmkFAmcsuJsXHG1rYmVzdGFz
 QGxpbmVhZ2Vvcy5vcmcACgkQzJUERRm+ZmnbJg//esX1ld+Kn51T4ah+Ha/57Fuc
 QZKalpfBmbGmRDTE+tHZnoITJ2W+bXv9TGvlhw0nSnaLWSApK3GaONOCvcajveQq
 aJgvEnyUvxfdmjtH81tt/30w/wxmdrc4h/+yaSK5Wlmc5RoNjKOQDJrAFtJFicMq
 50UAmdy4Ixd3fFEnGp600duwM4lfpnlobxflYvlMEkASM70G/zcpUqKZEv69Nuyx
 odKCt2Ext1qgFDbUODhoHRoQsbjJgm+qH6irfyOBLOKvYv7TGe/70tVVnCe6W9qy
 0tCkV53iGT4BHvfxFPjxfEE+MiypZw0BBgHS+V1t0DWzzQPLcAQ8D8PvKbmx7bE8
 K+F7A6m2FD5G7sriziZ2UzrgXV2pYSRyOwZF8j0FD7QkLC3Kla4Fe4c2Spv0BElD
 HJAlkySO6LEWxOgUJO7/8ooUV52dMtA6UfcbvsvZ3Jyeam6vdBzihbjPA/gAwlRh
 g3GwLJjmJ/BtRLen6c+vTNjOCVjyOanZYAip1RBvttpUavdgzjqLuCf8W0KWFjSh
 wAR1IKr1evu7RSbUG3H+RwVtDLlmRJ1NrdTX8166QKNHHeW+dbxXxF8BeCMX6K4Q
 Z0uMyH8Wr76IQ3BiQXsjcjNLB6sbLyE1c4sZOrHZY4krWBogQ+gBjGItbMLNhiwN
 GX/N4MFhHtLqWaJbgOM=
 =FgCE
 -----END PGP SIGNATURE-----

Merge tag 'android-15.0.0_r5' into staging/lineage-22.0_merge-android-15.0.0_r5

Android 15.0.0 release 5

# -----BEGIN PGP SIGNATURE-----
#
# iF0EABECAB0WIQRDQNE1cO+UXoOBCWTorT+BmrEOeAUCZyvedgAKCRDorT+BmrEO
# eA+nAJ9tZiVlWuLXPuOc0IS9uMDXxsYy8ACePKq1szLOcZHeCqR7vR03lDwGvWo=
# =OL20
# -----END PGP SIGNATURE-----
# gpg: Signature made Wed Nov  6 23:24:06 2024 EET
# gpg:                using DSA key 4340D13570EF945E83810964E8AD3F819AB10E78
# gpg: Good signature from "The Android Open Source Project <initial-contribution@android.com>" [marginal]
# gpg: initial-contribution@android.com: Verified 2337 signatures in the past
#      3 years.  Encrypted 4 messages in the past 2 years.
# gpg: WARNING: This key is not certified with sufficiently trusted signatures!
# gpg:          It is not certain that the signature belongs to the owner.
# Primary key fingerprint: 4340 D135 70EF 945E 8381  0964 E8AD 3F81 9AB1 0E78

# By bgkim
# Via Android Build Coastguard Worker
* tag 'android-15.0.0_r5':
  bootctrl: fixed OOB read in BootControl

Change-Id: Ia26931b9bc054f359359c41314235f9f7f1c68aa
 2024-11-07 14:54:51 +02:00
Android Build Coastguard Worker
8abc2c9922 Snap for 12616459 from 84d3523c6c to 25Q1-release 
Change-Id: I9f28c10af64d538ea66fe5f0cd258607d88312e0
 2024-11-07 00:06:14 +00:00
Zhengyuan Cui
2f08dd633a Allow command line tools to access Tachyon service in user builds. 
Bug: 377528455
Change-Id: I878e960b32af45030cebf73e9138752506c37953
Flag: tachyon
 2024-11-06 20:40:46 +00:00
Xin Li
61302f297c Merge 24Q4 (ab/12406339) into aosp-main-future 
Bug: 370570306
Merged-In: Idd70cf3d846fad1a25060ebfb6ae6a99599fd861
Change-Id: I254edf09968accebbee718cb5494612d0e5031e7
 2024-11-06 10:31:19 -08:00