edgetpu_service was splitted into two in previous change:
edgetpu_service and edgetpu_vendor_service, where the new
vendor service for vendor clients, and the old service keeps
serving app clients.
This change updated the SELinux policy to rename the edgetpu_service
into edgetpu_app_service to make the purpose clearer.
Bug: 188463446
Test: Oriole + GCA
Change-Id: I3a133319edc84fc02ef211934d0542575580da14
GPU nnhal needed a file update when update upgrading to 1.3 revision,
modify this so the device uses all the 1.2 rules.
Fixes: 187981206
Test: make sure hal starts
Change-Id: Ie1054fc092f1aa459cd36b6eb0f0a1a5cc032dbc
and logbuffer_btuart device node
* add sepolicy rules to let bthal can access bluetooth kernel device
nodes dev/logbuffer_btlpm and dev/logbuffer_tty16 in engineer
or user debug build
Bug: 177794127
Test: Manually
Change-Id: I5253719df82ca7ef8e64cbd3f2b0ff6d3f088edc
To comply with the GSI compliance test, this change
splits the compiler part of the edgetpu_service into a
separate edgetpu_vendor_service under vendor.
The edgetpu_service locates under /system_ext/ and used
to be connected by both applications and vendor clients.
With this change, vendor clients could talk to the vendor
part of this service directly without having to cross
the system and vendor boundary.
Applications will still talk to the system_ext one, which
will forward the requests to the vendor service.
Bug: 185432427
Test: tested on Oriole + GCA.
Change-Id: I1ee47946f1fc3694d5f8b5325c192d6bd720a76e
Vendor kernel modules were moved to /vendor_dlkm/lib/modules. Let's
remove the old directory /vendor/lib/modules from file_contexts.
Bug: 185184472
Bug: 186777291
Change-Id: I38f1b25cb2d73a804f1cdb113edc9b11f8e516f7
Provide necessary permissions to run usf_reg_edit from bugreport.
Bug: 187081112
Test: Run "adb bugreport <zip>" and verify it contains the output
from "usf_reg_edit save -".
Change-Id: Iade132d93105d461d51273d19fe570d48cce46fe
This reverts commit a346a7fa34.
Let's move back to wildcards for kernel modules. This better supports
kernel pre-submit testing and local kernel development where the script
build.sh from the kernel repo is used to create the vendor_dlkm parition
image. With build.sh, the path to a .ko file includes the kernel
version as well as additional directory components like "extra/" that
describe where in the kernel source key the module is located. Example:
/vendor_dlkm/lib/modules/5.10.33-g2f01cf4c7282-dirty/extra/ftm5.ko
Bug: 185184472
Bug: 186777291
Change-Id: I32f85dae7ca60d9063ad6c63f21ffdaecbb66039
Fix the following avc denial:
avc: denied { module_load } for comm="insmod" path="/vendor_dlkm/lib/modules/cl_dsp.ko" dev="overlay" ino=41 scontext=u:r:init-insmod-sh:s0 tcontext=u:object_r:vendor_file:s0 tclass=system permissive=1
Bug: 184610991
Test: Full built. Check if the avc denial was gone.
Signed-off-by: Tai Kuo <taikuo@google.com>
Change-Id: Ic41ea6a6add818bfdf95e71e20df77b9e06db6c1
Secure persistent storage has been moved to persist root.
The corresponding pathes on SELinux policy has to be updated.
Bug: 173971240
Bug: 173032298
Test: Trusty storage tests
Change-Id: I0e7756f3b4d5c6be705a87e1d7d80247df1ec4bb
Bug: 168013500
Test: Check that abox and rpmbd are not in ROM anywhere in oriole, raven user,
userdebug and factory ROM
Change-Id: Ie091a1036ba6c25a3c7f0ef0b8f69cc9fc4e306a
In order for AGI to work, it needs to dlopen the libgpudataproducer.so
shared object.
Bug: 185127179
Bug: 175593589
Change-Id: I9ad9c587f10e0fd6e27c4743c1d4cb85c896c41d
Copy selinux policy for tcp dump binary from previous Pixel to support
TCP logging on P21 through PixelLogger.
Bug: 184777243
Test: Check PixelLogger TCP dump works.
Change-Id: Id958c8a3e6375a7aae569d6fc94deb9f8072b57b
