Evolution-X-Tensor/device_google_gs-common
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
Common interfaces & sepolicies for tensor-based Google Pixel devices
2438 commits 1 branch 0 tags 325 MiB
Find a file
hwandy 6265f1f2eb Add sepolicy for gcam app 
Bug: b/359815606.
Bug: b/363018500.
Flag: EXEMPT bugfix.
Test: Locally built selinux policy and a local GCAEng (go/ab/12329728) and run GCAEng and saw selinux policy denial message gone.

AVC evidence from b/363018500:

    08-27 22:57:12.442   340   340 I auditd  : avc:  denied  { find } for pid=15696 uid=10286 name=activity scontext=u:r:debug_camera_app:s0:c30,c257,c512,c768 tcontext=u:object_r:activity_service:s0 tclass=service_manager permissive=0

    08-27 21:35:58.954   332   332 I auditd  : avc:  denied  { find } for pid=4055 uid=10286 name=media.audio_policy scontext=u:r:debug_camera_app:s0:c30,c257,c512,c768 tcontext=u:object_r:audioserver_service:s0 tclass=service_manager permissive=1

    08-27 21:34:50.138   332   332 I auditd  : avc:  denied  { find } for pid=4055 uid=10286 name=media.camera scontext=u:r:debug_camera_app:s0:c30,c257,c512,c768 tcontext=u:object_r:cameraserver_service:s0 tclass=service_manager permissive=1

    08-27 21:34:53.320   332   332 I auditd  : avc:  denied  { find } for pid=4055 uid=10286 name=media.extractor scontext=u:r:debug_camera_app:s0:c30,c257,c512,c768 tcontext=u:object_r:mediaextractor_service:s0 tclass=service_manager permissive=1

    08-27 21:34:51.622   332   332 I auditd  : avc:  denied  { find } for pid=4055 uid=10286 name=media.metrics scontext=u:r:debug_camera_app:s0:c30,c257,c512,c768 tcontext=u:object_r:mediametrics_service:s0 tclass=service_manager permissive=1

    08-27 21:35:59.012   332   332 I auditd  : avc:  denied  { find } for pid=4055 uid=10286 name=media.resource_manager scontext=u:r:debug_camera_app:s0:c30,c257,c512,c768 tcontext=u:object_r:mediaserver_service:s0 tclass=service_manager permissive=1

AVC evidence from go/ab/12328923:

09-06 11:16:24.421   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=netstats scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=1
09-06 11:16:24.627   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=shortcut scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:shortcut_service:s0 tclass=service_manager permissive=1
09-06 11:16:24.812 17252 17252 I GoogleCameraEng: type=1400 audit(0.0:1091): avc:  denied  { read } for  name="enforce" dev="selinuxfs" ino=4 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:16:24.812 17252 17252 I GoogleCameraEng: type=1400 audit(0.0:1092): avc:  denied  { open } for  path="/sys/fs/selinux/enforce" dev="selinuxfs" ino=4 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:selinuxfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:16:25.222   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=content_capture scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=1
09-06 11:16:25.220 17252 17252 I RenderThread: type=1400 audit(0.0:1093): avc:  denied  { read } for  name="uevent" dev="sysfs" ino=45203 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:16:25.220 17252 17252 I RenderThread: type=1400 audit(0.0:1094): avc:  denied  { open } for  path="/sys/devices/platform/34f00000.gpu0/uevent" dev="sysfs" ino=45203 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:16:25.220 17252 17252 I RenderThread: type=1400 audit(0.0:1095): avc:  denied  { getattr } for  path="/sys/devices/platform/34f00000.gpu0/uevent" dev="sysfs" ino=45203 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:16:25.877   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=voiceinteraction scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:voiceinteraction_service:s0 tclass=service_manager permissive=1
09-06 11:16:25.902   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=autofill scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:autofill_service:s0 tclass=service_manager permissive=1
09-06 11:16:25.920   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=sensitive_content_protection_service scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sensitive_content_protection_service:s0 tclass=service_manager permissive=1
09-06 11:16:25.928   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=performance_hint scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:hint_service:s0 tclass=service_manager permissive=1
09-06 11:16:26.060   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=clipboard scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:clipboard_service:s0 tclass=service_manager permissive=1
09-06 11:16:29.417   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=backup scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:backup_service:s0 tclass=service_manager permissive=1
09-06 11:16:29.484   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=android.frameworks.stats.IStats/default scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
09-06 11:17:01.249   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 11:17:01.306   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=package_native scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:package_native_service:s0 tclass=service_manager permissive=1
09-06 11:17:01.495   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=package_native scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:package_native_service:s0 tclass=service_manager permissive=1
09-06 11:17:02.330   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 11:17:05.916   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 11:17:07.826   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 11:17:09.579   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 11:17:10.580 17252 17252 I FinishThread: type=1400 audit(0.0:1164): avc:  denied  { read } for  name="gxp" dev="tmpfs" ino=1511 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:17:10.580 17252 17252 I FinishThread: type=1400 audit(0.0:1165): avc:  denied  { open } for  path="/dev/gxp" dev="tmpfs" ino=1511 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:17:10.580 17252 17252 I FinishThread: type=1400 audit(0.0:1166): avc:  denied  { ioctl } for  path="/dev/gxp" dev="tmpfs" ino=1511 ioctlcmd=0xee1a scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:17:10.580 17252 17252 I FinishThread: type=1400 audit(0.0:1167): avc:  denied  { write } for  name="gxp" dev="tmpfs" ino=1511 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:17:11.692   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 11:17:13.696 17252 17252 I FinishThread: type=1400 audit(0.0:1177): avc:  denied  { ioctl } for  path="/dev/gxp" dev="tmpfs" ino=1511 ioctlcmd=0xee00 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:17:15.443   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 11:17:20.159   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=uimode scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:uimode_service:s0 tclass=service_manager permissive=1
09-06 11:17:21.816 17252 17252 I FinishThread: type=1400 audit(0.0:1185): avc:  denied  { ioctl } for  path="/dev/gxp" dev="tmpfs" ino=1511 ioctlcmd=0xee00 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:17:36.508 17252 17252 I FinishThread: type=1400 audit(0.0:1189): avc:  denied  { ioctl } for  path="/dev/gxp" dev="tmpfs" ino=1511 ioctlcmd=0xee00 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 11:17:54.854   328   328 E SELinux : avc:  denied  { find } for pid=17252 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1

09-06 15:38:05.817   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=netstats scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:netstats_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.000   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=shortcut scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:shortcut_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.627   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=content_capture scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:content_capture_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.634   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=gpu scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gpu_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.640   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=activity_task scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:activity_task_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.694   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=sensorservice scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sensorservice_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.695   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=virtualdevice_native scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:virtual_device_native_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.728   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=device_policy scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:device_policy_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.730   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=batterystats scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:batterystats_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.731   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=powerstats scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:powerstats_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.788   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=trust scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:trust_service:s0 tclass=service_manager permissive=1
09-06 15:38:06.869   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=device_state scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:device_state_service:s0 tclass=service_manager permissive=1
09-06 15:38:07.052   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=vibrator_manager scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:vibrator_manager_service:s0 tclass=service_manager permissive=1
09-06 15:38:07.135   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=thermalservice scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:thermal_service:s0 tclass=service_manager permissive=1
09-06 15:38:07.380   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=voiceinteraction scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:voiceinteraction_service:s0 tclass=service_manager permissive=1
09-06 15:38:07.384   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=autofill scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:autofill_service:s0 tclass=service_manager permissive=1
09-06 15:38:07.399   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=sensitive_content_protection_service scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sensitive_content_protection_service:s0 tclass=service_manager permissive=1
09-06 15:38:07.406   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=performance_hint scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:hint_service:s0 tclass=service_manager permissive=1
09-06 15:38:07.542   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=clipboard scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:clipboard_service:s0 tclass=service_manager permissive=1
09-06 15:38:10.834   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=backup scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:backup_service:s0 tclass=service_manager permissive=1
09-06 15:38:10.899   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=com.google.edgetpu.IEdgeTpuAppService/default scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_app_service:s0 tclass=service_manager permissive=1
09-06 15:38:10.913   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=android.frameworks.stats.IStats/default scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
09-06 15:38:27.247   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=android.hardware.neuralnetworks.IDevice/google-edgetpu scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_nnapi_service:s0 tclass=service_manager permissive=1
09-06 15:38:27.612   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 15:38:27.866   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=package_native scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:package_native_service:s0 tclass=service_manager permissive=1
09-06 15:38:58.145   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=uimode scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:uimode_service:s0 tclass=service_manager permissive=1
09-06 15:38:59.592 12740 12740 I SEnhWorker: type=1400 audit(0.0:430): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 ioctlcmd=0xed1a scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:39:03.375   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=storagestats scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:storagestats_service:s0 tclass=service_manager permissive=1
09-06 15:41:04.632 12740 12740 I RenderThread: type=1400 audit(0.0:470): avc:  denied  { read } for  name="uevent" dev="sysfs" ino=45203 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:41:04.632 12740 12740 I RenderThread: type=1400 audit(0.0:471): avc:  denied  { open } for  path="/sys/devices/platform/34f00000.gpu0/uevent" dev="sysfs" ino=45203 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:41:04.632 12740 12740 I RenderThread: type=1400 audit(0.0:472): avc:  denied  { getattr } for  path="/sys/devices/platform/34f00000.gpu0/uevent" dev="sysfs" ino=45203 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sysfs:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:41:04.769   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=autofill scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:autofill_service:s0 tclass=service_manager permissive=1
09-06 15:41:05.188 12740 12740 I MicrovideoQShar: type=1400 audit(0.0:474): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 ioctlcmd=0xed1a scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:41:17.532   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=legacy_permission scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:legacy_permission_service:s0 tclass=service_manager permissive=1
09-06 15:41:45.676 12740 12740 I MicrovideoQShar: type=1400 audit(0.0:535): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 ioctlcmd=0xed1a scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:41:46.684 12740 12740 I GcaGeneric-4: type=1400 audit(0.0:540): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 ioctlcmd=0xed19 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:41:48.288 12740 12740 I FinishThread: type=1400 audit(0.0:544): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 ioctlcmd=0xed11 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:42:02.482   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 15:42:03.576 12740 12740 I GcaGeneric-4: type=1400 audit(0.0:565): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 ioctlcmd=0xed19 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:42:06.947   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=voiceinteraction scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:voiceinteraction_service:s0 tclass=service_manager permissive=1
09-06 15:42:06.955   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=sensitive_content_protection_service scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sensitive_content_protection_service:s0 tclass=service_manager permissive=1
09-06 15:42:07.652 12740 12740 I GcaGeneric-4: type=1400 audit(0.0:568): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 ioctlcmd=0xed12 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCameraEng
09-06 15:42:08.903   343   343 E SELinux : avc:  denied  { find } for pid=12740 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 16:58:35.741   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=gpu scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:gpu_service:s0 tclass=service_manager permissive=1
09-06 16:58:35.759   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=activity_task scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:activity_task_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.142   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=sensorservice scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sensorservice_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.142   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=virtualdevice_native scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:virtual_device_native_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.265   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=device_policy scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:device_policy_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.344   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=batterystats scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:batterystats_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.344   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=trust scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:trust_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.345   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=powerstats scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:powerstats_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.436   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=device_state scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:device_state_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.610   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=vibrator_manager scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:vibrator_manager_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.640   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=thermalservice scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:thermal_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.785   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=android.hardware.neuralnetworks.IDevice/google-edgetpu scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_nnapi_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.944   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=voiceinteraction scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:voiceinteraction_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.946   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=autofill scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:autofill_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.955   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=sensitive_content_protection_service scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:sensitive_content_protection_service:s0 tclass=service_manager permissive=1
09-06 16:58:36.962   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=performance_hint scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:hint_service:s0 tclass=service_manager permissive=1
09-06 16:58:37.147   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=clipboard scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:clipboard_service:s0 tclass=service_manager permissive=1
09-06 16:58:37.374  6263  6263 I binder:6263_6: type=1400 audit(0.0:2483): avc:  denied  { open } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=392 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 16:58:37.374  6263  6263 I binder:6263_6: type=1400 audit(0.0:2484): avc:  denied  { getattr } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=392 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 16:58:37.374  6263  6263 I binder:6263_6: type=1400 audit(0.0:2485): avc:  denied  { map } for  path="/dev/__properties__/u:object_r:vendor_default_prop:s0" dev="tmpfs" ino=392 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:vendor_default_prop:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng
09-06 16:58:37.547   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=audio scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:audio_service:s0 tclass=service_manager permissive=1
09-06 16:58:37.949   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=backup scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:backup_service:s0 tclass=service_manager permissive=1
09-06 16:58:38.733   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=android.frameworks.stats.IStats/default scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:fwk_stats_service:s0 tclass=service_manager permissive=1
09-06 16:58:38.737   338   338 E SELinux : avc:  denied  { find } for pid=6263 uid=10289 name=package_native scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:package_native_service:s0 tclass=service_manager permissive=1

09-06 17:18:32.828   697   697 I binder:697_2: type=1400 audit(0.0:1275): avc:  denied  { read write } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1511 scontext=u:r:debug_camera_app:s0:c33,c257,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1

Change-Id: I243f6242968fdc24478e923e8d30e529939b8a57
2024-09-07 01:16:23 +00:00
aoc Fix aocx selinux dumpstate permissions 2024-06-14 15:36:14 -07:00
audio switch waves prebuilt version 2024-08-26 01:28:12 +00:00
battery_mitigation sepolicy: allow dumpstate to execute dump_power 2024-08-23 08:30:38 +00:00
bcmbt [BT] change # of copy file when crash 2024-07-17 03:23:38 +00:00
betterbug Apply flag RELEASE_PACKAGE_BETTER_BUG 2024-07-16 23:10:34 +00:00
bootctrl bootctrl: fixed OOB read in BootControl 2024-08-28 12:44:34 -07:00
camera Use Build-Time flag to choose build from source or use prebuilt 2024-08-13 15:05:46 +00:00
chre Allow sensor hal to connect to CHRE HAL 2024-02-07 15:36:08 -08:00
dauntless Move PRODUCT_COPY_FILES from each board>device-vendor.mk here 2024-08-30 04:28:47 +00:00
display Add dump of panel power_mode. 2024-08-26 12:13:48 +00:00
display_logbuffer dumpstate: add logbuffer support for display 2023-12-13 06:12:51 +00:00
edgetpu Merge "Allow Tachyon service to binder call a shell program" into main 2024-07-19 04:47:25 +00:00
esim Add eSIM directory and disable bootstrap when bootloader is unlocked in user build 2024-08-30 10:28:16 -07:00
fingerprint gs-common: add fingerprint dump 2024-06-11 13:35:04 +00:00
gcam_app Add sepolicy for gcam app 2024-09-07 01:16:23 +00:00
gear Create an isolated copy of vendor dumpstate from all devices 2024-05-20 01:59:27 +00:00
gps gps: Allow gnss hal access vendor_gps_prop 2024-08-30 06:05:32 +00:00
gpu Add GPU team owners for mk files am: 1d82070ee9 am: 9747c1bb8d 2024-09-04 16:49:25 +00:00
gs_watchdogd Explicitly set user root for the gs_watchdogd service. am: f25cb6895f 2024-08-30 09:29:18 +00:00
gxp Limit maxGxpDebugDumps to 4 2024-05-09 12:33:01 +00:00
gyotaku_app [dump_gyotaku] Add collect odpm logs for dump_gyotaku. 2024-06-07 03:33:43 +00:00
insmod Revert "Add a different implementation of insmod.sh" 2024-07-09 23:46:49 +00:00
led create led dump 2023-02-13 12:48:47 +08:00
mediacodec mediacodec: fix perfetto trace permission 2024-08-28 10:27:52 +00:00
misc_writer Sepolicy: allow vendor_misc_writer to get sota_prop 2023-06-29 20:47:51 +00:00
modem Move hal_radio_ext_service related policy of grilservice_app to gs-common. 2024-08-27 12:10:52 +00:00
mte Revert "Enable MTE workaround for b/324412910" 2024-03-20 14:54:04 +00:00
nfc gs-common: nfc: st21nfc: Add rules for android.hardware.nfc-service.st 2024-09-04 06:20:49 +00:00
pcie dumpstate: Collect PCIe link statistics 2023-02-10 09:08:10 -06:00
performance Move compaction_proactiveness to vendor sepolicy 2024-09-01 08:06:04 +00:00
pixel_metrics gs-common: dumpstate: Add RT Runnable stats into bugreport 2023-11-13 17:53:18 +00:00
pixel_ril pixel_ril: make VINTF target level specify by device 2023-05-10 18:43:58 +08:00
pixelsupport Add SEPolicy domain for cavalry app 2024-03-28 09:43:36 +00:00
power Create power folder and align pm_freeze_timeout settings with p22 2024-06-28 23:08:06 +00:00
powerstats powerstats: sort frequencies in descending order 2023-12-25 15:04:50 +08:00
radio Move the sysfs_modem_state from a product folder to gs-common 2024-03-28 21:10:23 +00:00
ramdump_and_coredump Remove unused apps (RamdumpService and SSRestartDetector) from factory build targets. 2024-05-06 19:58:06 +08:00
recorder Recorder: add sepolicy for Google Recorder app 2024-06-04 14:57:11 +08:00
sensors sensors: Support registry dump on DEV device. 2024-07-30 20:08:40 +08:00
sepolicy Export build flag to selinux policy for sysfs_udc fscontext 2024-08-21 01:12:43 +00:00
soc Change bash script to C++ implementation 2023-07-19 13:20:59 +08:00
sota_app Add a factoryota-watch.mk file to include the OtaClient for wearable 2024-03-27 03:11:31 +00:00
storage storage: move storage related device type to common folder 2024-09-04 10:43:47 +08:00
thermal thermal: allow thermal_hal to read sysfs_gpu 2024-04-29 05:37:09 +00:00
touch Label touch_property_type to associate with vendor_gti_prop 2024-08-28 23:20:52 +00:00
trusty rpmb_dev: add rpmb_dev package 2024-03-13 17:49:16 +01:00
tts Updates TTS voice packs in gs-common 202407 2024-07-15 04:00:32 +00:00
umfw_stat dump_umfw_stat: Reduce timeout to 0.5 seconds 2024-04-25 16:43:16 +00:00
widevine Add widevine SELinux permissions 2024-09-03 13:40:57 +00:00
wireless_charger WLC: service: update AIDL manifest version to 1-2 2024-08-08 04:58:14 +00:00
wlan create wlan dump 2023-03-31 06:28:07 +08:00
Android.bp gs-common: add device_google_gs-common_license 2023-12-05 00:46:19 +08:00
device.mk Revert^2 "Add one variable to decide if need TTS voice packs" 2024-06-13 01:37:43 +00:00
FSTAB_OWNERS Add FSTAB_OWNERS and update OWNERS to include Android.bp 2024-08-02 11:39:01 +00:00
MK_OWNERS Add MK_OWNERS as owners file for makefile 2024-05-24 08:01:37 +00:00
NOTICE gs-common: add device_google_gs-common_license 2023-12-05 00:46:19 +08:00
OWNERS Add FSTAB_OWNERS and update OWNERS to include Android.bp 2024-08-02 11:39:01 +00:00
README.txt add owners to manage gs-common 2022-08-12 09:55:21 +08:00

README.txt 

Please refer to go/pixel-recycle to modularize your code in this space.