Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1409 commits 1 branch 0 tags 18 MiB
Commit graph

1409 commits

This branch
This branch
All branches
Author SHA1 Message Date
Mingguang Xu
e283627fac Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Iac8bc11118a1c8f6f401f938039899f03bdeea95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:16:41 +00:00
Mingguang Xu
203dd313e7 Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Ib70d523bc36e1a789b003374207094f2eaf722d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:09:15 +00:00
Mingguang Xu
57e322c17c Merge "Add permissions to connect radioext to twoshay." into udc-dev 2023-03-28 23:03:46 +00:00
Feiyu Chen
65eaace67a Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 am: 719b7aae1f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: I6a52cb8f2237f500eeee0d74cfd587f31e2a500a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:47:43 +00:00
Feiyu Chen
67f06b0a3d Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 am: 02cc06b4ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: I7cd7a542c4d855dac45e34b698303e18847057f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:47:10 +00:00
Feiyu Chen
02cc06b4ab Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: Icf1b60bc90121ad358639abe52ea15b4b69bb652
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:19:09 +00:00
Feiyu Chen
719b7aae1f Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: Ia56751b481fd666dedec73f11ee2ee5ff7e4d088
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:18:37 +00:00
Feiyu Chen
2d34b0b1f6 Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev 2023-03-28 08:43:23 +00:00
Donnie Pollitz
74e0bf60c2 Allow bootctl to access trusty device 
Background:
* Boot Control needs to be able to blow AR fuses, which requires access
  to the OTP port on trusty.

Bug: 267714941
Test: AVC denial doesn't show up in log
Change-Id: I5635f2358b379ae0ffe882ca9ee162a455f554f0
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-28 09:58:16 +02:00
Jerry Huang
912984c964 Keep name "dmabuf_system_secure_heap_device" for secure playback 
Fixes the following denials:

03-13 14:31:22.796 W CodecLooper: type=1400 audit(0.0:284): avc: denied { read } for name="vstream-secure" dev="tmpfs" ino=865 scontext=u:r:untrusted_app_29:s0:c49,c257,c512,c768 tcontext=u:object_r:video_secure_heap_device:s0 tclass=chr_file permissive=0 app=com.google.android.exoplayer2.demo

03-13 14:31:22.796 I auditd  : type=1400 audit(0.0:281): avc: denied { read } for comm="CodecLooper" name="vstream-secure" dev="tmpfs" ino=865 scontext=u:r:untrusted_app_29:s0:c49,c257,c512,c768 tcontext=u:object_r:video_secure_heap_device:s0 tclass=chr_file permissive=0 app=com.google.android.exoplayer2.demo

03-14 15:01:48.069  1429  1429 W CodecLooper: type=1400 audit(0.0:1469): avc: denied { read } for name="vstream-secure" dev="tmpfs" ino=807 scontext=u:r:untrusted_app_32:s0:c65,c257,c512,c768 tcontext=u:object_r:video_secure_heap_device:s0 tclass=chr_file permissive=0 app=com.disney.disneyplus

Bug: 268197530
Test: secure playback
Change-Id: I09a24fcf03f1f66b4c85d3b3949f33ad0d0f8dac
 2023-03-28 15:04:43 +08:00
Boon Jun Soh
0a1cba518a Use tof sensor codenames 
Bug: 272224875
Test: Camera CTS + PTS + unittests
Change-Id: Iedd90e285364b28add7298bae7662efbac31474c
 2023-03-28 13:00:09 +08:00
Adam Shih
d4a7ff694a comply with VTS requirements 
Bug: 275142299
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default
Built pass on target-userdebug and aosp_target-userdebug

Change-Id: Ifd75afdf2365687eed9598f74dd4cf3241be2964
 2023-03-28 03:28:55 +00:00
RD Babiera
43d5907677 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 am: a82406ee28 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: Ied2273b7d9bffe51d3b906d760aaa954180b3227
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:59:12 +00:00
RD Babiera
ed5d613e27 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 am: 865ef1e805 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: I35b47b485ac899b13a6ca98147cc7dd2c1beff12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:57:36 +00:00
RD Babiera
a82406ee28 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: I49798505d571f538127fc5d2b9474cce3992421c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:31:37 +00:00
RD Babiera
865ef1e805 Merge "Revert "comply with VTS requirements"" into udc-dev am: 3616de2c26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298904

Change-Id: Iedb29f8ec241721e91135decf31ad53c01033766
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 22:31:05 +00:00
RD Babiera
3616de2c26 Merge "Revert "comply with VTS requirements"" into udc-dev 2023-03-27 21:52:39 +00:00
RD Babiera
8720ececf1 Revert "comply with VTS requirements" 
Revert submission 22242215-dumpstate aidl

Reason for revert: DroidMonitor-triggered revert due to breakage https://android-build.googleplex.com/builds/quarterdeck?branch=git_udc-d1-dev&target=aosp_husky-userdebug&lkgb=9826121&lkbb=9829863&fkbb=9826130, bug b/275279368.

Reverted changes: /q/submissionid:22242215-dumpstate+aidl

Change-Id: Ida32309c468074a5671c30aa28cf801c1695d786
 2023-03-27 20:58:33 +00:00
Adam Shih
036fb44a5d Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I10f98673ea507f841d9d3f33d737c4e73c1b5b19
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
(cherry picked from commit 8538fd33da)
 2023-03-27 17:57:22 +00:00
Wilson Sung
a25945ff17 Merge "Move OTA context out of legacy folder" into udc-d1-dev am: 98c7894070 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22242819

Change-Id: Ie1ea165a4183cb619dca8a669438beacfbde1009
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 14:47:06 +00:00
Wilson Sung
98c7894070 Merge "Move OTA context out of legacy folder" into udc-d1-dev 2023-03-27 14:27:28 +00:00
Wilson Sung
21226c4c24 Merge changes from topic "275143841" 
* changes:
  Merge "Move OTA context out of legacy folder" to master
  Move OTA context out of legacy folder
 2023-03-27 14:27:28 +00:00
Alan
afafafd8a4 Add permissions to connect radioext to twoshay. 
Connection through grilantennatuningservice binder call.

Test: manual
Bug: 258970389
Change-Id: I419b40042cce363428f72fa723adf89bcf269ef4
 2023-03-27 17:07:16 +08:00
Automerger Merge Worker
b6e575bbb2 Merge "Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 am: 08404c1181" 2023-03-27 06:52:04 +00:00
TreeHugger Robot
12221017f0 Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 am: 08404c1181 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I52343e61f01578236df06e1c0efba1546fbd1429
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:51:57 +00:00
TreeHugger Robot
495346b174 Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 am: 84aab225cf 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I9cb36c4f9964f2faed355e43c82c136e3672d6fa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:51:51 +00:00
TreeHugger Robot
84aab225cf Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I0b9cf28cdfb549e2c3571e144f73f59d0004bc02
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:27:52 +00:00
TreeHugger Robot
08404c1181 Merge "comply with VTS requirements" into udc-dev am: c83e5be8d9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286084

Change-Id: I989d12b888248ed584e108ab54b46023aa89d7a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 06:27:15 +00:00
TreeHugger Robot
c83e5be8d9 Merge "comply with VTS requirements" into udc-dev 2023-03-27 06:05:51 +00:00
Gina Ko
7a32ef8f12 Merge "Allow systemui to find cameraserver_service" into udc-d1-dev am: 5821d671f3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22270826

Change-Id: Id6c48fa93ffdf03e50925cec717fe971e6b63cb6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 05:57:43 +00:00
Gina Ko
5821d671f3 Merge "Allow systemui to find cameraserver_service" into udc-d1-dev 2023-03-27 05:32:14 +00:00
Neo Yu
69b786f1a1 Merge "Remove the bug of hal_radioext_default because the fix is merged." into udc-d1-dev am: e9aabf7e9e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286082

Change-Id: I66001f37eb2bf0626f14fc3b92beb34ac77f6d00
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 04:46:22 +00:00
Neo Yu
e9aabf7e9e Merge "Remove the bug of hal_radioext_default because the fix is merged." into udc-d1-dev 2023-03-27 04:17:02 +00:00
Adam Shih
e124d5aea9 comply with VTS requirements 
Bug: 275036679
Bug: 275034315
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default

Change-Id: I1c89d7662351ffae5409c3f81b4360579fdc00ae
 2023-03-27 12:07:24 +08:00
Wilson Sung
c705e81227 Merge "Move OTA context out of legacy folder" to master 
Bug: 275143841
Test: OTA
Change-Id: I4774b7c48c075afc1b02d8c34fded212cd0efffb
 2023-03-27 11:46:05 +08:00
Wilson Sung
6acea9d647 Move OTA context out of legacy folder 
Bug: 275143841
Test: OTA
Change-Id: I4774b7c48c075afc1b02d8c34fded212cd0efffb
 2023-03-27 11:44:51 +08:00
Dinesh Yadav
81ad90854c Merge "Add certificate & label for GCA-ENG & GCA-Next" into udc-d1-dev am: 4a01ae23ad 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22246482

Change-Id: Iee99f93a8a15d9f723d849f22565ce30ac552885
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:34:15 +00:00
Automerger Merge Worker
7f35172103 Merge "Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f am: bd22079636" 2023-03-27 03:33:59 +00:00
Neo Yu
d870375a14 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f am: bd22079636 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: Ib82e2caabcaea504cb673e1323795c728bbf3ead
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:33:56 +00:00
Neo Yu
879b137a93 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f am: 70749d1b96 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: I5d6c405caddfb607f0ab094c82e6344b1579c042
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:33:53 +00:00
Dinesh Yadav
4a01ae23ad Merge "Add certificate & label for GCA-ENG & GCA-Next" into udc-d1-dev 2023-03-27 03:13:24 +00:00
Neo Yu
58ff635b67 Remove the bug of hal_radioext_default because the fix is merged. 
Bug: 274374768
Test: verify by test rom
Change-Id: Ia9665e5223997cf498f9320dfd0b1dbdacaae0b2
 2023-03-27 11:08:25 +08:00
Neo Yu
bd22079636 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: I0fb5f8c60d68f9b33af85531c2865db2a20c1c93
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:07:44 +00:00
Neo Yu
70749d1b96 Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev am: 5b1689534f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22222570

Change-Id: I2d2a07056322f6971050e9299e17201b95773eaf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-27 03:07:31 +00:00
Neo Yu
5b1689534f Merge "sepolicy: allow hal_radioext_default binder call with servicemanager" into udc-dev 2023-03-27 02:36:56 +00:00
Gina Ko
ce85639700 Allow systemui to find cameraserver_service 
avc:  denied  { find } for pid=2435 uid=10235 name=media.camera
scontext=u:r:systemui_app:s0:c235,c256,c512,c768
tcontext=u:object_r:cameraserver_service:s0 tclass=service_manager permissive=0

Bug: 272628174
Bug: 269964574
Bug: 274734888
Test: Manual. Able to turn on/off flashlight from QS.
Change-Id: Icedf70b06bd06eb5b819a00c9157b4f475e9a126
 2023-03-25 00:18:23 -07:00
feiyuchen
f0dc7907b0 Allow camera HAL to access edgetpu_app_service 
Today the EdgeTpu metrics logging library (used by EdgeTpu library used by camera HAL) has a dependency on edgetpu_app_service, in order to call its UserIsAuthorized API to know whether to log the metrics (We don't want to log metrics for 3P apps), see b/275016466.

This is not ideal, because strictly speaking, camera HAL doesn't need such dependency.

Still, this is fine and there is no security risk, because today even untrusted apps can call edgetpu_app_service: http://cs/android-internal/device/google/gs-common/edgetpu/sepolicy/untrusted_app_all.te;l=2;rcl=f4b62d12c171d4e294d8251e34197ab555c40673

Bug: 266084950
Test: Just mm
Change-Id: I6c0e4411370e4b300b9ceb3ad804688d873371cd
 2023-03-24 17:01:49 +00:00
Dinesh Yadav
84aa699ac8 Add certificate & label for GCA-ENG & GCA-Next 
This commit makes following changes:
- Add selinux policies for GCA-Eng & GCA-Next to access GXP device &
edgetpu services.
- Refactor code to push policies for Google Camera app from
legacy/whitechapel_pro/* to vendor/*

Tested:
- flashed both GCA-Eng & GCA-Next apps and observed no crashes due to gxp or edgetpu.
- scontext changed from "untrusted_app_32" to "debug_camera_app" in both cases.

Bug: 264490031
Change-Id: I51f69168eebd6c7e54e512b7abde8dd6bbe7c443
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-03-24 12:56:53 +00:00
Nicolas Geoffray
af3702bffd Remove old debug map entries. 
Bug: 264483352
Change-Id: Ie47107328f58dc4f1d4070e93c0cd09e88cee021
 2023-03-24 08:16:00 +00:00
Automerger Merge Worker
c9f1b9e1eb Merge changes from topic "am-d3a7fa5895ee4cec8bfdf44b308cc221" 
* changes:
  [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours am: d2ec06c722 -s ours
  [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours am: 24656c3354 -s ours
 2023-03-24 07:05:47 +00:00