Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1409 commits 1 branch 0 tags 18 MiB
Commit graph

1409 commits

This branch
This branch
All branches
Author SHA1 Message Date
Treehugger Robot
cccb610bb4 Merge "allow vendor_init to acces watermark_scale_factor" into udc-d1-dev 2023-04-17 03:05:35 +00:00
Martin Liu
2c2e198e61 allow vendor_init to acces watermark_scale_factor 
Bug: 278075546
Test: boot
Change-Id: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-04-16 04:05:34 +00:00
Martin Liu
fe24903d2c allow vendor_init to acces watermark_scale_factor 
Bug: 278075546
Test: boot
Change-Id: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Merged-in: Ib5fc92b4f21ca9b1ff6fdd3a32c97117cc12aac0
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-04-16 03:59:57 +00:00
Bruno BELANYI
cd905228d1 Move ARM runtime option SELinux rules out of 'legacy/' 
Addressing some review feedback on ag/22381542 about this folder being
removed in the future.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I8506da9b80fe060cd5093acafd58594e4db3341b
 2023-04-14 09:20:40 +00:00
Bruno BELANYI
1337c54005 Use restricted vendor property for ARM runtime options 
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.

Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I7f6f021378467484544cc3dbbe71a8e9e037cf98
 2023-04-14 08:33:48 +00:00
Treehugger Robot
224c260019 Merge "Enforce servicemanager" into udc-d1-dev am: 9ea22dde19 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22574729

Change-Id: If04b8697019e9388da37addb6f65f7d025a5becf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 04:35:17 +00:00
Dinesh Yadav
b8b2445251 Add se-policies for google_camera_app from pro 
- Found selinux violations on google_camera_app for these services which are fixed after these changes are included.

Bug: 264490031
Change-Id: Ib6f4a8a548425b0b98ed9b69edff6c973b9cbe3e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-04-14 03:59:03 +00:00
Treehugger Robot
9ea22dde19 Merge "Enforce servicemanager" into udc-d1-dev 2023-04-14 03:53:11 +00:00
TreeHugger Robot
065f1c5a75 Merge "Suppress bootanim behavior meant for Android Wear devices" into udc-d1-dev am: 89d4a4df13 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22098965

Change-Id: I041686fffcd34b58026080c4e6538adfaf8a3407
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 03:46:21 +00:00
Treehugger Robot
bb79528e37 Merge changes Ie20be0af,Id9a80c47 into udc-d1-dev am: 2ac0374b22 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573649

Change-Id: Id5edbe1f2e6ef273387af77a257063a149150764
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 03:45:38 +00:00
Wilson Sung
af0ad04c3c Enforce priv_app 
Fix: 260366281
Fix: 260522282
Fix: 260768358
Fix: 260922442
Fix: 263185432
Fix: 264490074
Fix: 268572216
Change-Id: I2efbb1971c09506a7b1e0e5e0e3d22eda91018c1
 2023-04-14 03:34:46 +00:00
TreeHugger Robot
89d4a4df13 Merge "Suppress bootanim behavior meant for Android Wear devices" into udc-d1-dev 2023-04-14 03:19:53 +00:00
Treehugger Robot
2ac0374b22 Merge changes Ie20be0af,Id9a80c47 into udc-d1-dev 
* changes:
  Enforce rebalance_interrupts_vendor
  Enforce hwservicemanager
 2023-04-14 03:18:10 +00:00
Treehugger Robot
a04af8a730 Merge "Remove ofl_app selinux policy" into udc-d1-dev am: 224eebae32 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22601630

Change-Id: I64cac9c1b589c2f5be6ac74b9339d6ee5f8af42a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 02:55:52 +00:00
Treehugger Robot
224eebae32 Merge "Remove ofl_app selinux policy" into udc-d1-dev 2023-04-14 02:11:22 +00:00
Treehugger Robot
e3fcb41f40 Merge "Update rules for android.hardware.secure_element-service.thales" into udc-d1-dev am: fde5823b6f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22601631

Change-Id: Ie60f65e8ee6f88a0f4f03fdb10c3caadf7865504
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 01:54:41 +00:00
Treehugger Robot
fde5823b6f Merge "Update rules for android.hardware.secure_element-service.thales" into udc-d1-dev 2023-04-14 01:21:56 +00:00
Ankit Goyal
d9655a4999 Add sepolicy for framebuffer-secure heap am: 9576cfaca7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21990547

Change-Id: I39b3df563b40fabb4ae836ecb196ca4ec3a20509
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 22:32:19 +00:00
Ankit Goyal
9576cfaca7 Add sepolicy for framebuffer-secure heap 
Bug: 245053092
Test: Secure video playback
Change-Id: I715ea5a4e9ee70ec2a022351b9e722a25bfb9f93
 2023-04-13 13:47:11 -07:00
Sayanna Chandula
e94b921ca4 Merge "thermal: enable pixelstats access to thermal metrics" into udc-d1-dev am: 34ff37262f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22559579

Change-Id: I3fb332012004c2e91b8bcc858dcfbdc12e5c8679
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:43:22 +00:00
Sayanna Chandula
34ff37262f Merge "thermal: enable pixelstats access to thermal metrics" into udc-d1-dev 2023-04-13 20:26:31 +00:00
Yixuan Wang
98bffc0a44 Merge "Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for chre" into udc-d1-dev am: 2c0e44805a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22613725

Change-Id: Ia79eb1e60a6fe53a2155874be0f83be644c1d9f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:18:36 +00:00
Yixuan Wang
2c0e44805a Merge "Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for chre" into udc-d1-dev 2023-04-13 19:38:38 +00:00
Joner Lin
44155e103e Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev am: edd47032af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22271813

Change-Id: Ic8fa74d729ca69d7c051c19848b9a0113e23bac3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 14:26:11 +00:00
Joner Lin
edd47032af Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev 2023-04-13 13:57:32 +00:00
George
95d0a4b76f Update rules for android.hardware.secure_element-service.thales 
A new domain hal_secure_element_st54spi_aidl for AIDL HAL

Bug: 261566299
Test: run cts -m CtsOmapiTestCases
Test: atest VtsAidlHalNfcTargetTest
Change-Id: Id76a3f3337e2ee72031b39975eb010178855f36f
 2023-04-13 11:02:49 +00:00
Lily Lin
6f41705151 Remove ofl_app selinux policy 
OFLAgent is deprecated in ag/22504130. This CL is to remove ofl_app
selinux policy.

Bug: 224611871
Test: adb bugreport
Change-Id: I2264d79b8fe4084c3acd65db8f5384bb08216c5f
(cherry picked from commit 0fed5cc2b6cae6aebb411a58319474798d2fb25a)
 2023-04-13 10:49:13 +00:00
Yixuan Wang
1095231e38 Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for 
chre

[ 7.760870] type=1400 audit(1669944054.440:61): avc: denied { write } for comm="android.hardwar" name="chre" dev="tmpfs" ino=1099 scontext=u:r:hal_contexthub_default:s0 tcontext=u:object_r:chre_socket:s0 tclass=sock_file permissive=1
[ 12.519414] type=1400 audit(1669944059.196:138): avc: denied {connectto } for comm="android.hardwar" path="/dev/socket/chre"scontext=u:r:hal_contexthub_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1

Bug: 264489794
Bug: 261105224
Test: atest scanAvcDeniedLogRightAfterReboot
Change-Id: I7bf13913188deedc987f82e54626a18357ab84c5
 2023-04-13 06:43:41 +00:00
Wilson Sung
3df3008917 Suppress bootanim behavior meant for Android Wear devices 
Fix: 260522279
Test: boot-to-home and no bootanim avc error
Change-Id: I29d4168720887bc2f90d5f7ad20367887f9cae51
 2023-04-13 00:00:38 +00:00
Minchan Kim
2155fd3711 move vendor_cma_debugfs into gs-common am: a382f85f96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22573601

Change-Id: I52c5fb3fe3a1d89d26fa547dd25cd57806cbfdc9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 15:53:59 +00:00
Wilson Sung
5468e420e3 Enforce rebalance_interrupts_vendor 
Fix: 264489565
Test: boot-to-home
Change-Id: Ie20be0afe1a95b8cb512b57019539eb52948a155
 2023-04-12 22:58:13 +08:00
Wilson Sung
90f838f16f Enforce hwservicemanager 
Test: boot-to-home and no avc error
Fix: 264489781
Change-Id: Id9a80c478a2eae8472023f3bbcc514f30f5bfbab
 2023-04-12 22:32:46 +08:00
Wilson Sung
527f215d20 Enforce servicemanager 
Fix: 263429985
Fix: 264489962
Test: boot-to-home, no avc error
Change-Id: Ib3b0916bdbd09638f5b7b34f2d214690eed314ab
 2023-04-12 22:14:16 +08:00
Minchan Kim
a382f85f96 move vendor_cma_debugfs into gs-common 
The CMA dump is common feature for pixel devices so move
it to gs-common.

Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I46be7899939da3ae7e9323a0d3ee92f4b3759acf
Signed-off-by: Minchan Kim <minchan@google.com>
(cherry picked from commit afb8d91c5dd0df836c6c8a53963b44e23005efb7)
 2023-04-12 13:25:46 +00:00
Kah Xuan Lim
6e8c79e7db Modem ML: Grant access to modem ML data dir 
Bug: 229801544
Change-Id: Ia2e9c5a48ad935a49f3b8a9c6bceae3f4f833b4e
 2023-04-12 08:48:57 +00:00
Minchan Kim
11e5da54ef Merge "remove dump_cma" 2023-04-12 03:25:58 +00:00
Wilson Sung
bf1baa3448 Merge "Add recovery related policy" into udc-d1-dev am: 5bee37db26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22574699

Change-Id: Iafa23558e51dbc2608ff3158cd7b1259253f25cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 01:55:36 +00:00
Wilson Sung
5bee37db26 Merge "Add recovery related policy" into udc-d1-dev 2023-04-12 01:44:17 +00:00
Treehugger Robot
eefef62f70 Merge "Add btbcm wakelock node context" into udc-d1-dev am: bc7379022a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22572817

Change-Id: Ie49fcc84a41c924558050f7d4a283a915bc68b84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 01:40:12 +00:00
Minchan Kim
1b4fae5ce3 remove dump_cma 
We will introduce it into gs-common

Bug: 276901078
Change-Id: I56a0c67fb09563baacbabf738625bf748ab80378
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 01:22:08 +00:00
Treehugger Robot
bc7379022a Merge "Add btbcm wakelock node context" into udc-d1-dev 2023-04-12 00:32:46 +00:00
Wilson Sung
c2eedff70c Add recovery related policy 
Fix: 275143841
Fix: 264490092
Test: adb sideload and no avc error
Change-Id: I52003c9417560a6c5dab815a6929681710f0b0a4
 2023-04-12 03:46:54 +08:00
Wei Wang
87214b4c2c Merge "sepolicy: label bci and dsu max frequency" into udc-d1-dev am: 4cd8d2fef9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22497095

Change-Id: I27ceda44c1a2baeb2450c56cbfed0762b68274ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 17:05:18 +00:00
jonerlin
940b51e1e4 allow bthal to access vendor bluetooth folder 
Bug: 240636731
Test: enable vendor btsnoop property and check the vendor snoop log
Change-Id: Ib7c36e7398bdbe7abc2f3b2dba684f95a4ce90a8
 2023-04-11 17:01:40 +00:00
Wei Wang
4cd8d2fef9 Merge "sepolicy: label bci and dsu max frequency" into udc-d1-dev 2023-04-11 16:14:29 +00:00
Wilson Sung
2e19e54fe5 Add btbcm wakelock node context 
avc: denied { read } for name="wakeup178" dev="sysfs" ino=119871 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0

Bug: 277717252
Test: boot-to-home and no avc error
Change-Id: I82ed45ff6bf28c0cf2237098c54b6ead59c6c284
 2023-04-11 11:02:26 +00:00
Treehugger Robot
fb28384538 Merge "remove obsolete entries" into udc-d1-dev am: 32ec77111d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22563759

Change-Id: I2754b08406869ae6843b5bec4bf2cbe256de9657
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 04:36:46 +00:00
Wilson Sung
9e250f4a12 Allow update_engine to change slot am: 79b4b329f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22563758

Change-Id: I38ef79ff33c61540b5240e31a5b2309973c41185
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 04:36:20 +00:00
Treehugger Robot
32ec77111d Merge "remove obsolete entries" into udc-d1-dev 2023-04-11 04:23:40 +00:00
Adam Shih
e188582ba8 remove obsolete entries 
Bug: 264483390
Bug: 272166771
Bug: 264482983
Bug: 264600086
Bug: 264482983
Bug: 273638940
Test: adb bugreport
Change-Id: Ia89c409a20e6a4514c57389f82c57d8c265f1e81
 2023-04-11 11:23:17 +08:00