Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1008 commits 1 branch 0 tags 18 MiB
Commit graph

1008 commits

This branch
This branch
All branches
Author SHA1 Message Date
Treehugger Robot
2a4fea9c9e Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: I03fdab2f74f5caf3b63ad5e869e2a95f43e76635
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 10:34:22 +00:00
Treehugger Robot
d8b11ef832 Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev 2023-06-21 09:59:33 +00:00
Treehugger Robot
47da87bda2 Merge "Update SELinux error" into udc-d1-dev am: 81237d3843 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736939

Change-Id: I019165c5000c529f4a4de90c20e880b3501c3fd1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 09:03:51 +00:00
Treehugger Robot
81237d3843 Merge "Update SELinux error" into udc-d1-dev 2023-06-21 08:02:49 +00:00
Wilson Sung
0b77875c4a Supress kernel avc log before SELinux initialized 
Bug: 288049349
Fix: 288049229
Change-Id: I5087a77e65ecdbaa868a7257342f5d99f424880a
 2023-06-21 16:02:29 +08:00
Wilson Sung
8818dd2de5 Update SELinux error 
Test: scanBugreport
Bug: 288049050
Bug: 288049522
Bug: 288049561
Bug: 288049349
Bug: 288049075
Test: scanAvcDeniedLogRightAfterReboot
Bug: 288049229
Change-Id: I939cd8981e64eadb0fa047b09162a02056ec2abf
 2023-06-21 06:04:23 +00:00
Treehugger Robot
c03753058f Merge "Remove unused trace_marker dontaudit" into udc-d1-dev am: 107d5bb0f9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23736932

Change-Id: Ib407f87305f84dda1edc1d440d03156ea7df90c2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 04:58:08 +00:00
Treehugger Robot
107d5bb0f9 Merge "Remove unused trace_marker dontaudit" into udc-d1-dev 2023-06-21 04:18:51 +00:00
Anthony Zhang
fbceb3b769 Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev am: a594a23554 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: Ic77f4c7fcc9ee54afdbc70880979f1a094c69828
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:10:20 +00:00
Anthony Zhang
6096b4605d [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: Ib229248e32c537641601e0d60bd223570e713883
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:10:18 +00:00
Anthony Zhang
a594a23554 Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev 2023-06-20 17:31:31 +00:00
Wilson Sung
f82fc11c11 Remove unused trace_marker dontaudit 
Fix: 260366195
Change-Id: I7ece6549a64740c878dc92ce4b011136eb313533
 2023-06-20 14:34:01 +08:00
Wilson Sung
23683d360c Update SELinux error am: 0561b1bd1e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23726793

Change-Id: I4bafe9717f682cfb0a2da65de21b414edcbc62bb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 09:35:07 +00:00
Wilson Sung
385d8910b5 Remove obsolete bug_map and dontaudit am: 94fd2403a7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23657127

Change-Id: Ic6a1f3525323749ab01b9a8d4b634e17c0df58ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 09:35:05 +00:00
Wilson Sung
0561b1bd1e Update SELinux error 
Test: scanBugreport
Bug: 287898138
Change-Id: I297e59df3774a32305d72706ee6a160f111dee7a
 2023-06-19 06:45:37 +00:00
Wilson Sung
94fd2403a7 Remove obsolete bug_map and dontaudit 
Fix: 287154997
Fix: 281815537
Fix: 279680264
Fix: 264600171
Fix: 264483456
Fix: 264600171
Fix: 264600171
Fix: 274374769
Fix: 274727372
Fix: 279680070
Fix: 280706610
Fix: 279680213
Fix: 272628762
Fix: 274374992
Fix: 283725554
Fix: 274374722
Fix: 272166737
Fix: 272166787
Fix: 264483532
Fix: 264483753
Fix: 264483754
Fix: 281815594
Fix: 269964574
Fix: 269964574
Fix: 280705998
Fix: 269964558
Fix: 264599934
Fix: 267714573
Fix: 268566481
Fix: 273143844
Fix: 275645636
Fix: 275646003
Fix: 267714573
Fix: 272166664
Fix: 267714573
Fix: 268566481
Fix: 273143844
Fix: 277155496
Fix: 267260619
Fix: 261933310
Fix: 262794429
Fix: 267261048
Change-Id: I1e6da1e43b1aaa398d496cd7b1f3b6267fd39e21
 2023-06-19 06:45:30 +00:00
Treehugger Robot
6c37bd03ee Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I796a8fd929bf0d2d76d89d8edfb397b84acb989b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 02:09:07 +00:00
Treehugger Robot
a3e9615016 Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev 2023-06-19 01:35:28 +00:00
Treehugger Robot
a8b6a0ffa6 Merge "Update SELinux error" into udc-d1-dev am: 344c7f46c1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667878

Change-Id: I2f57c78df9524faa34ebc8c52b4a25a4847f2864
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-17 06:55:59 +00:00
Treehugger Robot
344c7f46c1 Merge "Update SELinux error" into udc-d1-dev 2023-06-17 06:10:56 +00:00
Anthony Zhang
fb29e39ee1 [DO NOT MERGE] Allow fingerprint to access persist property 
For zuma devices.

Bug: 258901849
Test: Local test on enrollment/delete, version update
Change-Id: I2c10bde2940778e0a434c2a073eb5793efeea455
 2023-06-16 09:37:10 -07:00
Darren Hsu
f4f3f57534 sepolicy: allow hal_power_stats to read sysfs_edgetpu 
Bug: 253702169
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ica2274f6e61cc35f7baf089ecc7b6c35f0914aeb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-16 17:21:50 +08:00
Dinesh Yadav
a95fa016e1 Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: Ic93c5c244e98865bfd567238fcc916ac04d9811d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 03:53:35 +00:00
Wilson Sung
5fb350f09f Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 286508419
Test: scanBugreport
Bug: 286508419
Test: scanAvcDeniedLogRightAfterReboot
Bug: 286508419
Change-Id: I1ba324133f5f4e14c5a7d43cfea25d98bda9faa9
 2023-06-14 15:30:08 +08:00
Dinesh Yadav
100dd2387d Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] 
gxp_logging service will periodically check the sysfs files exposed by
the gxp kernel driver and report stats to Suez framework.
These policies are needed to report the metrics.

Tested:
Found no violation with these policies on a P23 device

Bug: 278514198
Change-Id: I8c3e57dfe4e9a6caab425f2424d07e83f5e7b9c6
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-06-13 03:37:56 +00:00
Ruofei Ma
a0f664f798 Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: Icc85ce19bc59035553f2902a493cb7681ace2b6e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 15:50:45 +00:00
Ruofei Ma
abd1dee381 Merge "mediacodec_google: add hal_power" into udc-d1-dev 2023-06-12 15:17:42 +00:00
TreeHugger Robot
0450d548a2 Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: I214bf272f8cd35697063ffd39501cd65a2fb9c3f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 07:14:00 +00:00
TreeHugger Robot
032d9942de Merge changes from topic "283841311" into udc-d1-dev 
* changes:
  Allow systemui_app access statsmanager_service
  Move systemui_app to system_ext
 2023-06-12 06:30:36 +00:00
Wilson Sung
5ac528406e Allow systemui_app access statsmanager_service 
Bug: 283841311
Change-Id: Id3c2838179736b42070959b3dad7c2ecd5580f22
 2023-06-12 10:26:46 +08:00
Wilson Sung
7b19701919 Move systemui_app to system_ext 
Bug: 283841311
Bug: 264266705
Change-Id: I6c2f167cda9a52da4698f3732c9fdbb13674bea8
 2023-06-12 10:26:31 +08:00
Krzysztof Kosiński
e27ecde5d5 Remove Google Camera access to GXP firmware. am: 35910a3e8b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: Ie4e1237fa5e8f18fb54bbe9733342d6cd4b83767
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 01:59:21 +00:00
Ruofei Ma
3346e879e6 mediacodec_google: add hal_power 
Add mediacodec_google as a client to hal_power for it to
do power hint.

Bug: 274736629

Change-Id: Ib07001be6ae4aaeaebf2e97439b9af0766640dc9
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2023-06-08 18:28:50 +00:00
Krzysztof Kosiński
35910a3e8b Remove Google Camera access to GXP firmware. 
This was originally a workaround and is not needed on Zuma.

Bug: 264489778
Test: gca_smoke.py on zuma device
Change-Id: I35d168a2f832a430ec1b782b12fb642bcea4bfd1
 2023-06-08 10:19:18 +00:00
Treehugger Robot
8d8f96f8d9 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: Ieb5077bdd5fc38b9eed1283a31a80c4f7c0b93d0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 07:21:08 +00:00
Treehugger Robot
8733772e74 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev 2023-06-08 06:25:44 +00:00
Wei Wang
75529f8437 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: I5a14e15ddee07150b3489e9ab6502229d0508eea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 22:53:01 +00:00
Wei Wang
55020988a0 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev 2023-06-06 22:25:11 +00:00
Zixuan Lan
d98d82581c Merge "remove 280706211 from bug map" into udc-d1-dev am: bdee55bb57 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575516

Change-Id: Ie5aa4533851dfe43e9826640be2123409f51c987
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 13:36:37 +00:00
Zixuan Lan
bdee55bb57 Merge "remove 280706211 from bug map" into udc-d1-dev 2023-06-06 13:02:17 +00:00
Allen Xu
ef2e13dcd1 Add sepolicy for ConnectivityMonitor am: 78b62802e4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: I02dc07acc680587081f8c19883984d95dc9f6602
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 06:33:49 +00:00
Allen Xu
78b62802e4 Add sepolicy for ConnectivityMonitor 
Bug: 264489520
Test: v2/pixel-pts/base
Change-Id: I669a538fe3d0a03422638d7d19fc62a793246f6b
 2023-06-06 02:01:38 +00:00
Zixuan Lan
76b53940a9 remove 280706211 from bug map 
Bug: 280706211
Test: adb log
Change-Id: I167041363a27c294a3c8d2d2fb145ce751a34db7
 2023-06-06 08:30:25 +08:00
Leo Hsieh
d702116b8e Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev am: 72577756e2 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: I6f02745df01d808135acef08fc3f4f1a8de8f99d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 13:26:04 +00:00
leohsieh
70ba8a58fc Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] am: 458b60e5c9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23482807

Change-Id: Ib549e910bb1c844153ff692edbc7d6608f9a0d6f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 13:26:02 +00:00
Leo Hsieh
72577756e2 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev 2023-06-01 12:40:24 +00:00
Mark su
cbc15223d5 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: I760c9c39cf1b99340a60ccb36261dff889ce97cd
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 07:30:39 +00:00
TreeHugger Robot
ae82081798 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: Ice441b75eb029e6fe3940d3d9dd0d28eee5556b3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 06:23:08 +00:00
Mark su
51c91e5bdf Add video12 as hw_jpg_device and enable it for debug_camera_app 
Test: 05-05 05:07:06.652  4616  4616 W FinishThread: type=1400 audit(0.0:24): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=646 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=0 app=com.google.android.GoogleCameraEng
05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { read } for  name="lib_jpg_encoder.so"
 dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_data_file:s0 tcl
ass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { open } for  path="/vendor/lib64/lib_j
pg_encoder.so" dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_da
ta_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:46:00.260  4784  4784 I FinishThread: type=1400 audit(0.0:29): avc:  denied  { execute } for  path="/vendor/lib64/
libhwjpeg.so" dev="dm-50" ino=55596 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_d
ata_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { getattr } for  path="/vendor/lib64/
lib_jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_ca
mera_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { map } for  path="/vendor/lib64/lib_
jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera
_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

binder:7312_2: type=1400 audit(0.0:18): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1
05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:19): avc:  denied  { open } for  path="/dev/video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:20): avc:  denied  { ioctl } for  path="/dev/video12" dev="tmpfs" ino=680 ioctlcmd=0x5600 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.700  7312  7312 I binder:7312_2: type=1400 audit(0.0:21): avc:  denied  { read } for  name="u:object_r:default_prop:s0" dev="tmpfs" ino=167 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=1

Bug: 267820687
Change-Id: I69f502d721f683d3532038d618f5fafc83f38b6b
 2023-05-31 06:08:46 +00:00
TreeHugger Robot
23440aa9df Merge "Remove old secure_element HIDL permission" into udc-d1-dev 2023-05-31 05:27:32 +00:00