Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.
Bug: 280547417
Test: TH
Change-Id: If768b5cb9f3b4024893117d8e3bf49adb7c5b070
These policies are moved to gs-common as part of ag/24002524
Bug: 288368306
Change-Id: If7466983009021c642db998e1c30071ee548846e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
EdgeTPU access is already allowed. Vendor property access should
be denied and is not an error (most likely from library code
that tries to access nonexistent Mediatek-specific properties).
Fix: 209889068
Test: presubmit, run GCA
Change-Id: Id200da6627ceae1ca6315ea9b4473f61fdc285d0
To fix the denial message:
avc: denied { find } for pid=4646 uid=10134 name=android.hardware.power.IPower/default scontext=u:r:google_camera_app:s0:c134,c256,c512,c768 tcontext=u:object_r:hal_power_service:s0 tclass=service_manager permissive=0
Reference: go/sepolicy.
On P21, we have ag/14692156 to access PowerHAL in GCA. On P22, we currently don't have the permission (b/233998391#comment10). This change fixes this issue.
Bug: 233998391
Bug: 232184722
Bug: 232022128
Test: Boost is applied successfully b/233998391#comment11. GCA.
Change-Id: Id1a938fc0af0ad9280aa49e7f6cbdf45c16f8b38
The camera HAL and Google Camera App
need selinux permission to run workloads on Aurora DSP. This
change adds the selinux rules too allow these clients to
access the GXP device and load firmware onto DSP cores
in order to execute workloads on DSP.
Bug: 220086991
Test: Verified that the camera HAL service and GCA app is able to access the GXP device and load GXP firmware.
Change-Id: I1bd327cfbe5b37c88154acda54bf6c396e939289
