Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1420 commits 1 branch 0 tags 18 MiB
Commit graph

1420 commits

This branch
This branch
All branches
Author SHA1 Message Date
Treehugger Robot
dcede81999 Merge changes from topic "260522202" into udc-d1-dev am: c84559a813 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22730572

Change-Id: Ibf95c8f590e37aa14370269a219ace06de9a8e82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 04:17:54 +00:00
Treehugger Robot
c84559a813 Merge changes from topic "260522202" into udc-d1-dev 
* changes:
  Remove untraceable rules
  Enforce installd
 2023-04-21 03:45:54 +00:00
Treehugger Robot
e91e9f18e0 Merge "Remove hal_uwb_default bug from bug_map" into udc-d1-dev am: a8fe91bc3c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22736521

Change-Id: Ibf78ae7f2c2d499f2f7a1a538dee1bfd856bd87c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 03:42:59 +00:00
Treehugger Robot
e2411c21e5 Merge "zuma: Allow GRIL Service to access radio_vendor_data_file" into udc-d1-dev am: c3a5e6769c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22756016

Change-Id: I3380b64ba2698e35632dabfa74ca15c9e3d1f8ad
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 03:38:54 +00:00
Wilson Sung
e4e854fcd9 Add Ims process label 
Bug: 260522282
Test: boot-to-home, no avc error
Change-Id: I8f3c7c64ecace4ca7ddd69275a093606a8492204
 2023-04-21 03:38:17 +00:00
Treehugger Robot
a8fe91bc3c Merge "Remove hal_uwb_default bug from bug_map" into udc-d1-dev 2023-04-21 03:08:00 +00:00
Treehugger Robot
c3a5e6769c Merge "zuma: Allow GRIL Service to access radio_vendor_data_file" into udc-d1-dev 2023-04-21 02:43:46 +00:00
Treehugger Robot
b9844f4b7b Merge "ril: dump radio hal from user build." into udc-d1-dev am: 0f96c2225e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22756017

Change-Id: I6beb5198003d07bad5be793dd314b22e318c9ae8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 02:34:19 +00:00
Treehugger Robot
0f96c2225e Merge "ril: dump radio hal from user build." into udc-d1-dev 2023-04-21 01:49:54 +00:00
Ankit Goyal
33999737a0 Merge "Mark video secure devices as default dmabuf heaps" into udc-d1-dev am: 2f30e8ca85 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22743596

Change-Id: Iae3c3b2e55eb6dd245beb941d2a935d695a0939c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 17:44:04 +00:00
Prasanna Prapancham
c1715483d1 add 8411 to logbuffer 
Test: Flash local build and collect bugreport
Bug: 277799048
Change-Id: I877a91999a2f17df5ea90d3d2257b93bfd67e8e6
Signed-off-by: Prasanna Prapancham <prapancham@google.com>
 2023-04-20 17:43:30 +00:00
Chung-Kai (Michael) Mei
508f8b54a9 Merge "Remove hal_power_default bug from bug_map" 2023-04-20 17:25:23 +00:00
Ankit Goyal
2f30e8ca85 Merge "Mark video secure devices as default dmabuf heaps" into udc-d1-dev 2023-04-20 17:03:32 +00:00
Bruno BELANYI
deec8fec9d Remove 'hal_neuralnetworks_armnn' '/data' access exception 
The mali driver has been configured not to look there anymore.

Bug: b/205779871
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I7bf68036522553a2919076fc6243a577086ffb3a
 2023-04-20 09:15:44 +00:00
Bruno BELANYI
2278f4d99c Merge changes from topic "armnn-sysprops" 
* changes:
  Remove 'hal_neuralnetworks_armnn' sysprop exceptions
  Add ArmNN config sysprops SELinux rules
 2023-04-20 08:14:04 +00:00
Chungkai Mei
8051a8759a Remove hal_power_default bug from bug_map 
SELinux errors are fixed and hence removing from bug map

Bug: 273638876
Test: Build and boot on device
Change-Id: I4ca6180ad286970d36ce204cd4c44e75962b26e0
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-04-20 07:47:15 +00:00
Wilson Sung
6669da5b31 Merge "Enforce odrefresh" into udc-d1-dev am: 40c682640f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22699043

Change-Id: Ib318c133136aa341627fc39da98a78d104c15578
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 04:49:40 +00:00
Wilson Sung
40c682640f Merge "Enforce odrefresh" into udc-d1-dev 2023-04-20 04:06:05 +00:00
Tim Lin
54bb68984a ril: dump radio hal from user build. 
Sync from ag/17155484

To get radio hal debug info on user build as we do on previous Pixels.

Bug: 278477468
Test: Trigger bugreport on USERDEBUG with dumpstate.unroot set
to true and check IRadio log

Change-Id: Ic9dd8357eb326d5c5f03b16408b7ba0a5e5f5818
(cherry picked from commit e08be6ab76327511002ebd343bda13a2fcc1434d)
 2023-04-20 03:40:59 +00:00
kadirpili
92636953cf zuma: Allow GRIL Service to access radio_vendor_data_file 
Bug: 274737512
Change-Id: I90c008172af7bd0d8b7bf2b214f422c4165f3769
(cherry picked from commit 5c31a6f55ac18dd941e50b455c38a37efa12354f)
 2023-04-20 03:37:22 +00:00
Wilson Sung
0d1a725348 Merge changes from topic "260522282" into udc-d1-dev am: f4a5867e2a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22746525

Change-Id: I8e0630c0d343ad857d7f67d7a743ef41708ecbcf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 03:26:37 +00:00
Wilson Sung
f4a5867e2a Merge changes from topic "260522282" into udc-d1-dev 
* changes:
  Revert^2 "Enforce priv_app"
  Label ims_remote_app and rcs_service_app
 2023-04-20 02:46:06 +00:00
Treehugger Robot
6dba4fa8b3 Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev am: b51385226b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22743594

Change-Id: I0529653e75ab3bbe0815a7b9eeef4f0a5db0849f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 21:12:32 +00:00
Treehugger Robot
b51385226b Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev 2023-04-19 20:02:33 +00:00
Ankit Goyal
ded9266dd4 Mark video secure devices as default dmabuf heaps 
Mali driver (and codec HAL as well) require direct access to video
secure dmabuf devices. Mali driver being an SP-HAL cannot explicitly
write blanket rules for all the scontext. So, we piggyback on
dmabuf_system_secure_heap_device to allow all scontext to be able to use
these device nodes.

This is just as secure as dmabuf_system_secure_heap_device in that case.
There is no additional security impact. An app can still use gralloc to
allocate buffers from these heaps and disallowing access to these heaps
to the intended users.

Fix: 278823239
Fix: 278513588
Fix: 275646321
Test: dEQP-VK.memory.allocation
Change-Id: I01a2730fc222efe94d4e48e7ee4c317aa65f0064
 2023-04-19 19:48:38 +00:00
Edmond Chung
57d920f582 Camera: Allow rw access to TEE devices 
This is to enable face authentication on P23 devices.

Bug: 278898746
Test: Build, face authentication
Change-Id: I75311770a9780e0d97a9240b589e4e4cd9e2dc56
 2023-04-19 11:18:14 -07:00
Wilson Sung
dc75da30a1 Revert^2 "Enforce priv_app" 
This reverts commit 61a95fc71a.

Fix: 260522282
Change-Id: I0d5dd994d3acacfee854ae27669358cfc2c249fc
 2023-04-20 00:14:18 +08:00
Wilson Sung
ab9b7f7609 Label ims_remote_app and rcs_service_app 
Bug: 260522282
Change-Id: I4bf27e30eda51794d2047da9ca17044632ec3786
 2023-04-20 00:13:52 +08:00
Wilson Sung
5394ad595e Remove untraceable rules 
avc: denied  { quotaget } for  comm="binder:1312_1" scontext=u:r:installd:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=0
Test: boot to home
Bug: 196916111
Bug: 264490035
Change-Id: Iec3dd7161bb788d81fe8034f3471ece0dfde7e0d
 2023-04-19 23:53:54 +08:00
Bruno BELANYI
ee5198a28b Remove 'hal_neuralnetworks_armnn' sysprop exceptions 
Bug: b/205202540
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I8d85820cf4534b3e7d93eae6f16c750c49929c4a
 2023-04-19 11:32:52 +00:00
Bruno BELANYI
aac79fd4d9 Add ArmNN config sysprops SELinux rules 
Bug: b/205202540
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I77b29468258520265e5f660452794aff068ca07d
 2023-04-19 11:32:48 +00:00
Rex Lin
814652dc6d Remove hal_uwb_default bug from bug_map 
SELinux errors are fixed and hence removing from bug map

Bug: 273639365
Test: Build and boot on device
Change-Id: I3a1ad3066840b507553b9365239673f6126b8ec6
Signed-off-by: Rex Lin <rexcylin@google.com>
 2023-04-19 14:54:11 +08:00
Wilson Sung
7ebc1ab0d5 Enforce installd 
Fix: 260522202
Fix: 264490035
Test: Boot-to-home, no avc error
Change-Id: I2ec5a2771c53dcc520a2ea229f093d354b5c80fd
 2023-04-19 12:41:35 +08:00
Alan Chen
37bbafbe50 Merge "Remove dontaudit for hal_radioext_default to service_manager." into udc-d1-dev am: c1f8b7a872 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22694673

Change-Id: I884961bf28e23827172fc99f0a7801069339041d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 03:38:33 +00:00
Alan Chen
c1f8b7a872 Merge "Remove dontaudit for hal_radioext_default to service_manager." into udc-d1-dev 2023-04-19 03:04:57 +00:00
Treehugger Robot
800ccb62a9 Merge "Enforce sepolicy for camera HAL." into udc-d1-dev am: 16f461a2cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22702266

Change-Id: Ie10e87182ba8bcce515b639c82addc5c8a5fada4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 23:43:23 +00:00
Treehugger Robot
16f461a2cf Merge "Enforce sepolicy for camera HAL." into udc-d1-dev 2023-04-18 23:18:00 +00:00
Dave Mankoff
73cb48bef6 Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev am: 633f19376e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22603639

Change-Id: I39974b746d4bddff960fcad6ff2ecb7047615360
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 18:30:03 +00:00
Jonglin Lee
2fb28513a0 Merge "Revert "Enforce priv_app"" into udc-d1-dev am: 8da235e022 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22714010

Change-Id: I4712310d5e88de3b4ebeef37c754f1995334c8e7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 18:25:09 +00:00
Dave Mankoff
633f19376e Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev 2023-04-18 17:50:42 +00:00
Jonglin Lee
8da235e022 Merge "Revert "Enforce priv_app"" into udc-d1-dev 2023-04-18 17:50:13 +00:00
Jonglin Lee
61a95fc71a Revert "Enforce priv_app" 
This reverts commit af0ad04c3c.

Reason for revert: RescueParty crash due to com.shannon.rcsservice crash

Bug: 278735899
Change-Id: I5bf91b077c23c63de728657bd9adb5623b708d95
 2023-04-18 17:41:27 +00:00
Alan Chen
63f54f0a3a Remove dontaudit for hal_radioext_default to service_manager. 
The fix has been merged in the topic of ag/21956466 so this dontaudit line can be removed.

Test: manual
Bug: b/275646098

Change-Id: I95c25ffc926e48e589b7636beca1bef9583861d0
 2023-04-18 17:47:09 +08:00
Krzysztof Kosiński
3f0d2fc09d Enforce sepolicy for camera HAL. 
Bug: 264489778
Test: GCA smoke test on Zuma device
Change-Id: Icaa7c94ab264d496840d33d970e5a87123b31c36
 2023-04-18 09:02:32 +00:00
Wilson Sung
c7104d20ea Enforce odrefresh 
Bug: 254378739
Test: boot-to-home, no avc error
Change-Id: I2bd8af071a7296d77f9c1d85647124cdc9835709
 2023-04-18 16:30:35 +08:00
Kah Xuan Lim
5307e11804 Merge "Modem ML: Grant access to modem ML data dir" into udc-d1-dev am: 6c2b1f2590 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573645

Change-Id: Iad41f25a9f8850a7126342c53dac4caf18c3e5c1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 05:47:51 +00:00
Kah Xuan Lim
6c2b1f2590 Merge "Modem ML: Grant access to modem ML data dir" into udc-d1-dev 2023-04-18 05:15:21 +00:00
Treehugger Robot
8f087633f6 Merge "Enforce priv_app" into udc-d1-dev am: 4d7b687f9d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22639490

Change-Id: I16e602f40c31fb56b2eb536f024844af955a1a4e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 17:29:48 +00:00
Treehugger Robot
4d7b687f9d Merge "Enforce priv_app" into udc-d1-dev 2023-04-17 16:56:56 +00:00
Dave Mankoff
78b9dcdb69 Give SystemUI access to necessary selinux properties. 
Other errors mentioned in the bugs are already absent.

Fixes: 269964574
Fixes: 272628396
Fixes: 272628174
Test: built and flash device. No selinux errors printed.
Change-Id: Ic285b1f5a2ce6973899011a7c6a596e807c3e933
 2023-04-17 14:28:59 +00:00