device_google_gs-common

Evolution-X-Tensor/device_google_gs-common

History

timmyli cb2c9c91c1 Consolidate gca permissions inside gs-common SeLinux team is making an effort to have a general set of permissions inside gs-common for GCA as oppose to having a new google_camera_app.te for each device generation. Move the next gen permissions to the gs-common. Bug: 361092857 Test: manual test to check permissions Flag: EXEMPT add permissions 11-05 16:28:30.048 5720 5720 I FinishThread: type=1400 audit(0.0:665): avc: denied { read write } for name="gxp" dev="tmpfs" ino=1545 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera 11-05 16:28:30.048 5720 5720 I FinishThread: type=1400 audit(0.0:666): avc: denied { open } for path="/dev/gxp" dev="tmpfs" ino=1545 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera 11-05 16:28:30.048 5720 5720 I FinishThread: type=1400 audit(0.0:667): avc: denied { ioctl } for path="/dev/gxp" dev="tmpfs" ino=1545 ioctlcmd=0xee06 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera 11-05 16:15:05.062 332 332 E SELinux : avc: denied { find } for pid=5586 uid=10155 name=com.google.edgetpu.IEdgeTpuAppService/default scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:edgetpu_app_service:s0 tclass=service_manager permissive=1 11-05 16:15:06.356 5586 5586 I frame-quality-s: type=1400 audit(0.0:554): avc: denied { ioctl } for path="/dev/edgetpu-soc" dev="tmpfs" ino=1542 ioctlcmd=0xed23 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera Change-Id: Ie38edbf7e2fecf6bc45605a947ad6fc63d4f4378	2024-11-05 21:57:22 +00:00
..
sepolicy	Consolidate gca permissions inside gs-common	2024-11-05 21:57:22 +00:00
gcam.mk	Add sepolicy for gcam app	2024-09-07 01:16:23 +00:00

timmyli cb2c9c91c1 Consolidate gca permissions inside gs-common

SeLinux team is making an effort to have a general set of permissions
inside gs-common for GCA as oppose to having a new google_camera_app.te
for each device generation. Move the next gen permissions to the gs-common.

Bug: 361092857
Test: manual test to check permissions
Flag: EXEMPT add permissions

11-05 16:28:30.048  5720  5720 I FinishThread: type=1400 audit(0.0:665): avc:  denied  { read write } for  name="gxp" dev="tmpfs" ino=1545 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera
11-05 16:28:30.048  5720  5720 I FinishThread: type=1400 audit(0.0:666): avc:  denied  { open } for  path="/dev/gxp" dev="tmpfs" ino=1545 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera
11-05 16:28:30.048  5720  5720 I FinishThread: type=1400 audit(0.0:667): avc:  denied  { ioctl } for  path="/dev/gxp" dev="tmpfs" ino=1545 ioctlcmd=0xee06 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:gxp_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera

11-05 16:15:05.062   332   332 E SELinux : avc:  denied  { find } for pid=5586 uid=10155 name=com.google.edgetpu.IEdgeTpuAppService/default scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:edgetpu_app_service:s0 tclass=service_manager permissive=1
11-05 16:15:06.356  5586  5586 I frame-quality-s: type=1400 audit(0.0:554): avc:  denied  { ioctl } for  path="/dev/edgetpu-soc" dev="tmpfs" ino=1542 ioctlcmd=0xed23 scontext=u:r:google_camera_app:s0:c155,c256,c512,c768 tcontext=u:object_r:edgetpu_device:s0 tclass=chr_file permissive=1 app=com.google.android.GoogleCamera

Change-Id: Ie38edbf7e2fecf6bc45605a947ad6fc63d4f4378

2024-11-05 21:57:22 +00:00

sepolicy

Consolidate gca permissions inside gs-common

2024-11-05 21:57:22 +00:00

gcam.mk

Add sepolicy for gcam app

2024-09-07 01:16:23 +00:00