Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1684 commits 1 branch 0 tags 18 MiB
Commit graph

607 commits

Author SHA1 Message Date
Treehugger Robot
fb415c6804 Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 am: 6c37bd03ee am: 70578d9eeb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I3f38d3558d5aba1ae98c5f4cc36891a853f617b6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 03:42:55 +00:00
Treehugger Robot
70578d9eeb Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 am: 6c37bd03ee 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: I2646ed87072a5e6aebb41fee785b0281a45c3173
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 02:53:30 +00:00
Darren Hsu
f4f3f57534 sepolicy: allow hal_power_stats to read sysfs_edgetpu 
Bug: 253702169
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ica2274f6e61cc35f7baf089ecc7b6c35f0914aeb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-16 17:21:50 +08:00
Dinesh Yadav
57575e4ee2 Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d am: a95fa016e1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: I76996f49845acb4a6739b2c0d781232ceb24b44d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 04:37:29 +00:00
Darren Hsu
3f20e683b1 sepolicy: lable NFC sysfs path for hal_power_stats am: 3c8fb109b8 am: 0893338352 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23667874

Change-Id: Ib6be476ccb2948ed30ce2b108c90b32c26b958f3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-14 12:34:15 +00:00
Darren Hsu
3c8fb109b8 sepolicy: lable NFC sysfs path for hal_power_stats 
Bug: 270498656
Test: capture a bugreport and ensure that there is
no avc denials for power stats
Change-Id: Ie765f6267ceacbc0b11426f4ee81ea0670195ddb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-14 13:58:33 +08:00
Joerg Wagner
724a0cc7c5 Merge "Prepare for Mali r44p0 UMD update" into udc-qpr-dev am: d19ec7a5b6 am: 029fcb5e8a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23599640

Change-Id: Ib339b9efc10937378c5dc802fda8fb758372d90a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-13 07:35:27 +00:00
Joerg Wagner
d19ec7a5b6 Merge "Prepare for Mali r44p0 UMD update" into udc-qpr-dev 2023-06-13 06:03:15 +00:00
Dinesh Yadav
100dd2387d Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] 
gxp_logging service will periodically check the sysfs files exposed by
the gxp kernel driver and report stats to Suez framework.
These policies are needed to report the metrics.

Tested:
Found no violation with these policies on a P23 device

Bug: 278514198
Change-Id: I8c3e57dfe4e9a6caab425f2424d07e83f5e7b9c6
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-06-13 03:37:56 +00:00
Ruofei Ma
5d25af7ca0 Merge "mediacodec_google: add hal_power" into udc-d1-dev am: abd1dee381 am: a0f664f798 am: 46e587c075 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23618633

Change-Id: I245423cee724e5ddbcb3fdffc411ec6aa00b1e44
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 17:22:13 +00:00
Ruofei Ma
abd1dee381 Merge "mediacodec_google: add hal_power" into udc-d1-dev 2023-06-12 15:17:42 +00:00
TreeHugger Robot
85a335c593 Merge changes from topic "283841311" into udc-d1-dev am: 032d9942de am: 0450d548a2 am: 62ad33134c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23629344

Change-Id: If4404f2bd3f7b5ebd675b85c3a9f6fd22f909aaa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 08:42:44 +00:00
TreeHugger Robot
032d9942de Merge changes from topic "283841311" into udc-d1-dev 
* changes:
  Allow systemui_app access statsmanager_service
  Move systemui_app to system_ext
 2023-06-12 06:30:36 +00:00
Krzysztof Kosiński
523f2035e1 Remove Google Camera access to GXP firmware. am: 35910a3e8b am: e27ecde5d5 am: 3ac14e2c1a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23612126

Change-Id: I90a8198024412b9f410cff827150589c8076c5a2
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-12 03:29:04 +00:00
Wilson Sung
7b19701919 Move systemui_app to system_ext 
Bug: 283841311
Bug: 264266705
Change-Id: I6c2f167cda9a52da4698f3732c9fdbb13674bea8
 2023-06-12 10:26:31 +08:00
Ruofei Ma
3346e879e6 mediacodec_google: add hal_power 
Add mediacodec_google as a client to hal_power for it to
do power hint.

Bug: 274736629

Change-Id: Ib07001be6ae4aaeaebf2e97439b9af0766640dc9
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2023-06-08 18:28:50 +00:00
Krzysztof Kosiński
35910a3e8b Remove Google Camera access to GXP firmware. 
This was originally a workaround and is not needed on Zuma.

Bug: 264489778
Test: gca_smoke.py on zuma device
Change-Id: I35d168a2f832a430ec1b782b12fb642bcea4bfd1
 2023-06-08 10:19:18 +00:00
Treehugger Robot
ba91204313 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 am: 8d8f96f8d9 am: 10d6b74a4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: I23fd2b50990ef3fe0c5ecc54867897bb0a4d2c24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 09:15:54 +00:00
Treehugger Robot
8733772e74 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev 2023-06-08 06:25:44 +00:00
Jörg Wagner
ce42de2ebd Prepare for Mali r44p0 UMD update 
Add selinux rule to allow new V2 interface file alongside of V1 used up to r43p0.
The V1 entry will be removed once the r44p0 UMD update completes.
This decouples small changes from large, potentially intrusive ones in
other repositories.

Bug: 284254900
Change-Id: Ia928f871d8ea1fdbfb963cecb8fc4a99947e443e
 2023-06-07 10:19:17 +00:00
Wei Wang
f1c34d8891 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 am: 75529f8437 am: 35e6fbb0fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: I925c4d4ae039a7cd73a4d90fbaf1a77ead2dbbeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-07 00:20:04 +00:00
Wei Wang
55020988a0 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev 2023-06-06 22:25:11 +00:00
Allen Xu
9236600765 Add sepolicy for ConnectivityMonitor am: 78b62802e4 am: ef2e13dcd1 am: 75821af430 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: I9ee542ee1322c61ee88a93d2e2886441dad67658
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 08:03:08 +00:00
Allen Xu
78b62802e4 Add sepolicy for ConnectivityMonitor 
Bug: 264489520
Test: v2/pixel-pts/base
Change-Id: I669a538fe3d0a03422638d7d19fc62a793246f6b
 2023-06-06 02:01:38 +00:00
Leo Hsieh
72577756e2 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev 2023-06-01 12:40:24 +00:00
Mark su
725f5b8df8 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf am: cbc15223d5 am: 870eb2484d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: If4516eb1c6fcf0dfd20c9d04a76092fb9300a7d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 09:06:22 +00:00
TreeHugger Robot
2df1fd9399 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df am: ae82081798 am: 55c2250a35 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: I0972ca583406d0dbfba0528515890bb1b0946097
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 07:57:20 +00:00
Mark su
51c91e5bdf Add video12 as hw_jpg_device and enable it for debug_camera_app 
Test: 05-05 05:07:06.652  4616  4616 W FinishThread: type=1400 audit(0.0:24): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=646 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=0 app=com.google.android.GoogleCameraEng
05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { read } for  name="lib_jpg_encoder.so"
 dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_data_file:s0 tcl
ass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { open } for  path="/vendor/lib64/lib_j
pg_encoder.so" dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_da
ta_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:46:00.260  4784  4784 I FinishThread: type=1400 audit(0.0:29): avc:  denied  { execute } for  path="/vendor/lib64/
libhwjpeg.so" dev="dm-50" ino=55596 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_d
ata_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { getattr } for  path="/vendor/lib64/
lib_jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_ca
mera_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { map } for  path="/vendor/lib64/lib_
jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera
_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

binder:7312_2: type=1400 audit(0.0:18): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1
05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:19): avc:  denied  { open } for  path="/dev/video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:20): avc:  denied  { ioctl } for  path="/dev/video12" dev="tmpfs" ino=680 ioctlcmd=0x5600 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.700  7312  7312 I binder:7312_2: type=1400 audit(0.0:21): avc:  denied  { read } for  name="u:object_r:default_prop:s0" dev="tmpfs" ino=167 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=1

Bug: 267820687
Change-Id: I69f502d721f683d3532038d618f5fafc83f38b6b
 2023-05-31 06:08:46 +00:00
TreeHugger Robot
23440aa9df Merge "Remove old secure_element HIDL permission" into udc-d1-dev 2023-05-31 05:27:32 +00:00
leohsieh
458b60e5c9 Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] 
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=22035 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=0
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=106891 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=106893 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 267271482
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Change-Id: I39a2e69b1c314d52944bb16ada61e7e6761561cf
 2023-05-31 13:16:43 +08:00
Dinesh Yadav
55064ee2f6 Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab am: 489a7de117 am: 87199f3e5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: I9db72caf2b829f6cd05b57267a12be49acdc6695
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:57:46 +00:00
Hyungjun Park
6de0a33f0a Remove old secure_element HIDL permission 
AIDL HAL is used in the new project and remove the old HIDL part.

Bug: 280530945
Test: VTS pass

Change-Id: Idd38fc59d7e89e2cafab5f4693d00abd6d4fb138
Signed-off-by: Hyungjun Park <hjun78.park@samsung.com>
 2023-05-31 03:12:02 +00:00
Dinesh Yadav
15f5afcfab Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev 2023-05-31 02:22:42 +00:00
Yixuan Wang
8a16687b51 Merge "Add selinux policy for chre vendor data directory" 2023-05-31 01:24:48 +00:00
Yixuan Wang
7530c4bc13 Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I1ac96655571f811c116540aec3a1626d5cca1b16
 2023-05-30 21:16:26 +00:00
Chung-Kai (Michael) Mei
f782e8f4ac Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b am: 3a43eaaad6 am: b6ccf1254e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: I9e5c466f0694b56fb3b05441e03b4cd5086f1dde
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 08:16:44 +00:00
Chung-Kai (Michael) Mei
ca068bf60b Merge "sepolicy: ignore avc denial" into udc-d1-dev 2023-05-29 05:47:43 +00:00
Chungkai Mei
e97101a6e8 sepolicy: ignore avc denial 
ignore avc denial since it's debugfs

Bug: 271931921
Test: device-boot-health-check-extra test show passed https://android-build.googleplex.com/builds/abtd/run/L74000000960917226
Change-Id: I5f491f02c99776251cf3893de6224fb0f02cb320
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-05-29 03:11:41 +00:00
Donnie Pollitz
260cf9cc56 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 am: 5bf2864bf3 am: 5a45fb8698 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: Ib6f835b90e03032e515046545c5ddc41e2674baa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:50:01 +00:00
Donnie Pollitz
9fc92bdb28 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev 2023-05-26 07:17:41 +00:00
Dinesh Yadav
e6d2f01a89 Add SEPolicy for gxp_metrics_logger.so logging to stats service 
In order to access the gxp metrics library from the google camera
app (product partition), we need to create an SELinux exception for
the related shared library (in vendor) it uses.
This CL adds the same_process_hal_file tag to allow this exception.

Bug: 278516358
Change-Id: I42d41243d3ee47ebff4f766cd769b5387fd20852
 2023-05-26 04:01:09 +00:00
TreeHugger Robot
030a33fc07 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 am: 40efb336ad am: 20e76532f1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: I792a37eadc3c5c54ebe6b847bcb878147bfd87a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:55:02 +00:00
TreeHugger Robot
df113325a5 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev 2023-05-25 05:28:46 +00:00
Leo Hsieh
3443d6d373 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps" 2023-05-25 00:58:34 +00:00
Donnie Pollitz
16440338de Allow vendor_init to fix permissions of TEE data file 
Background:
* vendor_init needs to be able to possibly fix ownership of
  tee_data_file

Bug: 280325952
Test: Changed permissions and confirmed user transitions
Change-Id: I2363f9ff695209bbf7b6661c8e9eb3b376b84ace
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-05-24 16:45:28 +02:00
Jimmy Hu
a6b09ce04e Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f am: 9279426af4 am: 41369192ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: Ic4b1dd6c02cffaf4ec285e49e5ba6763c020b531
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:34:07 +00:00
Jimmy Hu
86cb19bb2f Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev 2023-05-24 08:14:01 +00:00
Jin Jeong
e19b6070d4 Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d am: b4bac68874 am: 80af45ba72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: I6ac4bc6fad96365507a13b0d3bae1c3223d26b92
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:13:14 +00:00
Jin Jeong
f77e90366d Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev 2023-05-24 01:07:12 +00:00
Kenny Root
107d3314a4 Merge "Add GSA logs policy" into udc-d1-dev 2023-05-22 05:14:11 +00:00