Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2063 commits 1 branch 0 tags 18 MiB
Commit graph

2063 commits

This branch
This branch
All branches
Author SHA1 Message Date
feiyuchen
f0dc7907b0 Allow camera HAL to access edgetpu_app_service 
Today the EdgeTpu metrics logging library (used by EdgeTpu library used by camera HAL) has a dependency on edgetpu_app_service, in order to call its UserIsAuthorized API to know whether to log the metrics (We don't want to log metrics for 3P apps), see b/275016466.

This is not ideal, because strictly speaking, camera HAL doesn't need such dependency.

Still, this is fine and there is no security risk, because today even untrusted apps can call edgetpu_app_service: http://cs/android-internal/device/google/gs-common/edgetpu/sepolicy/untrusted_app_all.te;l=2;rcl=f4b62d12c171d4e294d8251e34197ab555c40673

Bug: 266084950
Test: Just mm
Change-Id: I6c0e4411370e4b300b9ceb3ad804688d873371cd
 2023-03-24 17:01:49 +00:00
Dinesh Yadav
84aa699ac8 Add certificate & label for GCA-ENG & GCA-Next 
This commit makes following changes:
- Add selinux policies for GCA-Eng & GCA-Next to access GXP device &
edgetpu services.
- Refactor code to push policies for Google Camera app from
legacy/whitechapel_pro/* to vendor/*

Tested:
- flashed both GCA-Eng & GCA-Next apps and observed no crashes due to gxp or edgetpu.
- scontext changed from "untrusted_app_32" to "debug_camera_app" in both cases.

Bug: 264490031
Change-Id: I51f69168eebd6c7e54e512b7abde8dd6bbe7c443
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-03-24 12:56:53 +00:00
Nicolas Geoffray
af3702bffd Remove old debug map entries. 
Bug: 264483352
Change-Id: Ie47107328f58dc4f1d4070e93c0cd09e88cee021
 2023-03-24 08:16:00 +00:00
Automerger Merge Worker
c9f1b9e1eb Merge changes from topic "am-d3a7fa5895ee4cec8bfdf44b308cc221" 
* changes:
  [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours am: d2ec06c722 -s ours
  [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours am: 24656c3354 -s ours
 2023-03-24 07:05:47 +00:00
Adam Shih
0253a82992 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours am: d2ec06c722 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Ibe3213924821184c0aaea408646a9fddf24fec28
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:36 +00:00
Adam Shih
a21760aee5 [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours am: 24656c3354 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Id56ab87ccba7c0554bcdf08f72d1989b3ba2204e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:35 +00:00
Adam Shih
6e634640d9 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours am: ebc5ee8dab -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: I9ac1838eccd3d571ca85855884e9542353d8e484
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:29 +00:00
Adam Shih
8ba9109c37 [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours am: 79ea18119e -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: If93f6a1a2ebba149bcb8f208a2d7bc84251876ba
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 07:05:27 +00:00
Adam Shih
ebc5ee8dab [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: I6d02ee84161d92b4b2723cf6b08ccc76bc51ab81
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:08 +00:00
Adam Shih
79ea18119e [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Ia5202a87a85fa610fc08f0b9ec8be23592c98585
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:07 +00:00
Adam Shih
d2ec06c722 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 2b921528f1 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: I0318c2e1d5b68b41634d5a51528c0322718325da
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:04 +00:00
Adam Shih
24656c3354 [automerger skipped] Move pixel dumpstate to gs-common am: 8538fd33da -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236029

Change-Id: Iadaf733efce7927fe53d7228ccd8d088717cf45a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 06:23:03 +00:00
Adam Shih
2b921528f1 Merge "Move pixel dumpstate to gs-common" into udc-dev 2023-03-24 05:54:52 +00:00
TreeHugger Robot
36dba99911 Merge "Update SELinux error" into udc-d1-dev am: b5a5ffb5e7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236036

Change-Id: I9fefd92f37973c746ad518c6f5d74d993a310fec
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 05:23:48 +00:00
Darren Hsu
fa57721d19 sepolicy: remove power stats from bug map am: 2965ba405c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22236038

Change-Id: I4c17a46bc4749812b0a15f19e54c48edc42bd9c0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 05:23:35 +00:00
TreeHugger Robot
b5a5ffb5e7 Merge "Update SELinux error" into udc-d1-dev 2023-03-24 05:07:42 +00:00
Darren Hsu
2965ba405c sepolicy: remove power stats from bug map 
Bug: 272166847
Test: N/A
Change-Id: If920d18418f87f14a1826dbe061cef4632a9646f
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-24 11:43:42 +08:00
Wilson Sung
599f4f5382 Update SELinux error 
Test: SELinuxUncheckedDenialBootTest
Bug: 275001641
Test: scanBugreport
Bug: 268566481
Test: scanAvcDeniedLogRightAfterReboot
Bug: 268566481
Change-Id: I5a7ea66483985b6ca99162666d155fef69d65360
 2023-03-24 11:11:17 +08:00
Automerger Merge Worker
5333bed98e Merge "Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 am: 4f15bf412d" 2023-03-24 03:09:25 +00:00
KRIS CHEN
30adddd3c0 Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 am: 4f15bf412d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: Ic65859abe754b1340d414fe471d74f959745e1ac
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 03:09:06 +00:00
KRIS CHEN
355457bf9d Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 am: 24b32ddd4c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: I0b1312780a03417859f9203ee8e1d34bca1ec2a4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 03:09:02 +00:00
Adam Shih
8538fd33da Move pixel dumpstate to gs-common 
Bug: 240530709
Test: adb bugreport
Change-Id: I10f98673ea507f841d9d3f33d737c4e73c1b5b19
Merged-In: I4c46a2495ea07b9e44f56c4c6be726621e0ebf65
 2023-03-24 02:55:51 +00:00
KRIS CHEN
24b32ddd4c Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: I6fce057e9a6aef6d370bbf820818761fee8e615b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 02:41:38 +00:00
KRIS CHEN
4f15bf412d Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev am: dba88b81d3 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22178643

Change-Id: Ic8a12d3e5a4d79ef5edbe17fc340c54760cf8998
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 02:41:26 +00:00
KRIS CHEN
dba88b81d3 Merge "Allow fingerprint hal to read sysfs_leds" into udc-dev 2023-03-24 02:06:37 +00:00
Darren Hsu
1e254e01b3 Merge "Revert "Enforce system ui app"" into udc-d1-dev am: 128550da69 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22225579

Change-Id: Ica4b4787254f02f8c7fa361b238197918d1b4404
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-24 01:30:58 +00:00
Darren Hsu
128550da69 Merge "Revert "Enforce system ui app"" into udc-d1-dev 2023-03-24 00:48:36 +00:00
Dave Mankoff
eeeae0265a Revert "Enforce system ui app" 
This reverts commit ba953cdb9a.

Reason for revert: http://b/274366326#comment22. We can check this back in once we know what's going on.

Bug: 274366326
Bug: 264266705

Change-Id: I879cdec377e71af9142c82078bd3c022295c98c5
 2023-03-23 19:44:22 +00:00
neoyu
44ee5a2fb2 sepolicy: allow hal_radioext_default binder call with servicemanager 
avc: denied { call } for comm="binder:795_2" scontext=u:r:hal_radioext_default:s0 tcontext=u:r:servicemanager:s0 tclass=binder permissive=0

Bug: 274374768
Test: verify by test rom
Change-Id: I31cfbd234756fdc41663cec766f6b3bf23063bc7
 2023-03-24 02:30:44 +08:00
TreeHugger Robot
8aa4f265eb [automerger skipped] Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b am: e12572cc98 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 9844033c0a is already in history. Merged-In was found from reverted change.

Reverted change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: I90e20e3eb64f6fca00fd5818f923a9cc5fdf2a11
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 09:01:05 +00:00
Mark Chang
75f77b7bc6 Merge "Add IScreenProtectorDetectorService policy for systemui_app." into udc-d1-dev am: 3c027fdc6e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22197842

Change-Id: I084554e9af7107be6c13aace51cab06c4bf614b0
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 09:00:24 +00:00
TreeHugger Robot
e646905a73 [automerger skipped] Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b am: 24536aa24c -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 9844033c0a is already in history. Merged-In was found from reverted change.

Reverted change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: I95db412852e139f1ddc4f3790d1ce65adcf87eab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:59:54 +00:00
Mark Chang
3c027fdc6e Merge "Add IScreenProtectorDetectorService policy for systemui_app." into udc-d1-dev 2023-03-23 08:30:24 +00:00
TreeHugger Robot
e12572cc98 Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: Ie6930def51520969754a9f2235b02c8142b808aa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:08:01 +00:00
TreeHugger Robot
24536aa24c Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev am: 3fae47e04b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215371

Change-Id: I3b6ed885d80985c85846b1ec6627c093ba94431f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 08:07:36 +00:00
TreeHugger Robot
48b6856587 Merge "sepolicy: label odpm paths for system suspend" into udc-d1-dev am: b76a3b6257 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22189946

Change-Id: I16131bd8b5cde5325378a6f22bca3042dd1fdf05
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 07:46:35 +00:00
Andy Hsu
88d801e092 Merge "Add SELinux policy to allow GCARelease and GCADogfood to access PowerHAL." into udc-d1-dev am: 93e86449e5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22215364

Change-Id: Ic14bcd44370d4dc064537b2ac888677985d5cf12
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 07:43:50 +00:00
TreeHugger Robot
3fae47e04b Merge "Revert "Move pixel dumpstate to gs-common"" into udc-dev 2023-03-23 07:24:01 +00:00
TreeHugger Robot
b76a3b6257 Merge "sepolicy: label odpm paths for system suspend" into udc-d1-dev 2023-03-23 07:19:55 +00:00
Andy Hsu
93e86449e5 Merge "Add SELinux policy to allow GCARelease and GCADogfood to access PowerHAL." into udc-d1-dev 2023-03-23 07:01:32 +00:00
Adam Shih
7a621bab25 [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 am: cad969da74 -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 ee45cfea78 is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: I35b1da6dec44db016dc45bb659f5cff7e99dd935
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 06:48:47 +00:00
Andy Hsu
9c91ba1a2f Add SELinux policy to allow GCARelease and GCADogfood to access PowerHAL. 
Note that this only adds permission to GCARelease and GCADogfood, while GCANext and GCAEng are still untrusted app on zuma now and after this change GCANext and GCAEng will still be denied.

Bug: 264490031

Test: Portrait processing in GCARelease didn't get denial message when accessing PowerHAL after this change  (https://cnsviewer-static.corp.google.com/cns/md-d/home/pixel-camera-data-readers/acat/hwandy/ag/22215364?user=pixel-camera-data-readers).

Change-Id: Ia4a4c2f24215b9da9db7985cf67112997df355fa
 2023-03-23 06:41:13 +00:00
Adam Shih
095b07bfab [automerger skipped] Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 am: ac0bb620df -s ours 
am skip reason: Merged-In I4c46a2495ea07b9e44f56c4c6be726621e0ebf65 with SHA-1 9844033c0a is already in history

Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: Id7f5cca3a18ffad1364468aab16c456cff2c2086
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 06:27:48 +00:00
Darren Hsu
8e028f0a03 sepolicy: label odpm paths for system suspend 
Bug: 272166423
Test: run singleCommand pts -m PtsSELinuxTestCases
Change-Id: I0295cc09cd8eb46b19edcec0d74440e497440423
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-23 14:13:43 +08:00
Wilson Sung
3e68836e43 Revert "Move pixel dumpstate to gs-common" 
Revert submission 22188471-dumpstate aidl

Reason for revert: Build break

Reverted changes: /q/submissionid:22188471-dumpstate+aidl
Bug: 274858145

Change-Id: I757111541257eecd4936572376fe42a4c866a1d6
 2023-03-23 05:58:12 +00:00
Adam Shih
ac0bb620df Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: I254abc02ecf38455c75258888fd3b9c948cbcee5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 05:53:01 +00:00
Adam Shih
cad969da74 Merge "Move pixel dumpstate to gs-common" into udc-dev am: 0c17644417 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22188471

Change-Id: I58ded180038a8aa507095d31a069547b7f02efea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 05:52:55 +00:00
Adam Shih
0c17644417 Merge "Move pixel dumpstate to gs-common" into udc-dev 2023-03-23 04:39:46 +00:00
TreeHugger Robot
9cd5fd2ec8 Merge "Enforce bootdevice_sysdev" into udc-d1-dev am: 0b1499354d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22185173

Change-Id: I0765dc38aa14480ba01e067290629b2be5d392a6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 04:19:31 +00:00
TreeHugger Robot
943e5e1ba8 Merge "Enforce systesm_app" into udc-d1-dev am: 75b82f7092 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22185176

Change-Id: I5792118ba1f994613c334c8ecd056c896598d116
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-23 04:17:55 +00:00