Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1237 commits 1 branch 0 tags 18 MiB
Commit graph

477 commits

Author SHA1 Message Date
martinwu
d038ba2c5d [TSV2] Add sepolicy for dumpstate to zip tcpdump into bugreport am: 09aaf3dfbc am: 149ac2a92e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22899260

Change-Id: I52c702454a0435c445b190138618b05e09d1704e
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-28 08:09:08 +00:00
martinwu
09aaf3dfbc [TSV2] Add sepolicy for dumpstate to zip tcpdump into bugreport 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I45c894fa9378a7878bc853f7723162ebd6141115
 2023-04-27 13:47:34 +00:00
Bruno BELANYI
83087bd818 Merge "Add ArmNN config sysprops SELinux rules" into udc-d1-dev 2023-04-27 08:06:48 +00:00
Carol Cheng
7d9bc8bb83 Merge "Revert "Add sepolicy for dumpstate to zip tcpdump into bugreport"" into udc-d1-dev am: bb1f0f25bb am: fd882830cc 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22891380

Change-Id: I15c39c2c43ac4266dd0791132a89dd8dff03fadb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 07:54:54 +00:00
Carol Cheng
bb1f0f25bb Merge "Revert "Add sepolicy for dumpstate to zip tcpdump into bugreport"" into udc-d1-dev 2023-04-27 06:36:48 +00:00
Andrew Chant
4f15fe1b3c Merge "Use tof sensor codenames" into udc-d1-dev am: 6641141f91 am: ffa498bd79 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22307463

Change-Id: Ia9f66a6de0435447964bbaca863318d44e0e889f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:41:14 +00:00
Treehugger Robot
4d1e793af4 Merge "Add sepolicy for dumpstate to zip tcpdump into bugreport" into udc-d1-dev am: fe27339606 am: 8a3c78df60 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22838381

Change-Id: Idec32d0bb3f3f2d738049eaedf24eca3f209b307
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:40:48 +00:00
Kamal Shafi
36cf79f233 Add sepolicy permission for new UW camera am: eb22b7d648 am: fedde4710a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22880541

Change-Id: I49afec0ddae190e345d286f2e267852a3698aef8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-27 02:38:58 +00:00
Martin Wu
4e2023c263 Revert "Add sepolicy for dumpstate to zip tcpdump into bugreport" 
Revert submission 22814097-Fix-tcpdump-sepolicy

Reason for revert: build break

Reverted changes: /q/submissionid:22814097-Fix-tcpdump-sepolicy

Change-Id: I795de89a17c5ccee702fa3a59af03d48d89fbaf2
 2023-04-27 02:21:00 +00:00
Andrew Chant
6641141f91 Merge "Use tof sensor codenames" into udc-d1-dev 2023-04-27 02:07:29 +00:00
Treehugger Robot
fe27339606 Merge "Add sepolicy for dumpstate to zip tcpdump into bugreport" into udc-d1-dev 2023-04-27 01:43:58 +00:00
martinwu
da1f9ffa79 Add sepolicy for dumpstate to zip tcpdump into bugreport 
Bug: 264490014
Test: 1. Enable tcpdump_logger always-on function
      2. Dump bugreport
      3. Pull dumpstate_board.bin and chagne it to zip
      4. Unzip dumpstate_board.zip and check if tcpdump files
         are there.
Change-Id: I04ca96860c78baf24afd7deecff7dd4d470d9539
 2023-04-26 14:17:56 +00:00
Kamal Shafi
eb22b7d648 Add sepolicy permission for new UW camera 
sepolicy including imentet camera sensor and gt24p64e EEPROM

Bug: 277988592
Bug: 279547216
Test: build pass
Change-Id: I01e2bc558eba7cf03c11818d9c806e6053808fd1
 2023-04-26 11:32:33 +00:00
Bruno BELANYI
61df5feff7 Add ArmNN config sysprops SELinux rules 
Bug: 205202540
Bug: 264489188
Test: manual - reboot device and check the absence of AVC denials
(cherry picked from https://googleplex-android-review.googlesource.com/q/commit:aac79fd4d9bec6517b2932cfca1e1c84b7711cc8)
Merged-In: I77b29468258520265e5f660452794aff068ca07d
Change-Id: I77b29468258520265e5f660452794aff068ca07d
 2023-04-26 08:12:29 +00:00
Joseph Jang
0ae77f1e35 Merge "Move recovery.te to device/google/gs-common/dauntless/sepolicy" into udc-d1-dev am: 49269dd7dc am: b777b6c4f4 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22787680

Change-Id: I40abdc7f4ac10caf84732c63845d863480fd4ecc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 05:52:59 +00:00
Joseph Jang
49269dd7dc Merge "Move recovery.te to device/google/gs-common/dauntless/sepolicy" into udc-d1-dev 2023-04-26 04:41:05 +00:00
Treehugger Robot
57eb37c05b Merge "Add sepolicy permission for new project" into udc-d1-dev am: dd9d69e132 am: b00e740e38 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22839998

Change-Id: Id3c71d2796366c78ced9b77cc1003c32c9fb65f4
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 03:57:50 +00:00
Treehugger Robot
dd9d69e132 Merge "Add sepolicy permission for new project" into udc-d1-dev 2023-04-26 02:34:56 +00:00
Lawrence Huang
e979543b99 Add net_domain for GCA on zuma devices 
Bug: 277097939

Change-Id: Iadfc1be5f9e6830693aed9d9b619815c7d1f9caf
 2023-04-26 01:41:33 +00:00
TreeHugger Robot
0c8288d278 Merge "Add memtrack" into udc-d1-dev am: d1c31b785d am: e23db371db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22780494

Change-Id: Ida509a8cc023577b896d3df8f60e15f61421cf13
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 00:37:20 +00:00
timmyli
3a79d36619 Allow camera hal to access aoc device am: c09931ad38 am: 783a1cf431 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22735036

Change-Id: I707edf37cdecaf85e95cf459a83d97fbc583edcb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-26 00:10:16 +00:00
TreeHugger Robot
d1c31b785d Merge "Add memtrack" into udc-d1-dev 2023-04-25 21:44:08 +00:00
Prasanna Prapancham
43abed40a0 Merge "add 8411 to logbuffer" 2023-04-25 18:06:51 +00:00
horngchuang
4c3cd890be Add sepolicy permission for new project 
Bug: 279542096
Test: Build and test for sensor denials
Change-Id: I3d6b7ce33e101bd9eeacefae128239af3512b67f
 2023-04-25 08:09:29 +00:00
timmyli
c09931ad38 Allow camera hal to access aoc device 
Camera team needs to talk to aoc device in order to use libusf.
It will do this instead of talking to rlsservice. Soon, we can
remove rlsservice from the se policy for camera hal.

Bug: 277959222
Test: manual test, logs provided in comments
Change-Id: I7453fd94891dcc0c1c587bccb3bb6cff80f46e8b
 2023-04-24 20:05:57 +00:00
Joseph Jang
6d754405ff Move recovery.te to device/google/gs-common/dauntless/sepolicy 
Bug: 279381809
Change-Id: Icb4f899d76e1a5e1d6f6f2cee4c1c7f46105338c
 2023-04-24 08:01:42 +00:00
Ankit Goyal
5e4db7517c Add memtrack 
Bug: 279108265
Test: dumpsys meminfo
Change-Id: Ib46c89811aa3aa1a5573076f9dc69e7222f56ea4
 2023-04-20 23:18:56 -07:00
Treehugger Robot
dcede81999 Merge changes from topic "260522202" into udc-d1-dev am: c84559a813 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22730572

Change-Id: Ibf95c8f590e37aa14370269a219ace06de9a8e82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 04:17:54 +00:00
Treehugger Robot
c84559a813 Merge changes from topic "260522202" into udc-d1-dev 
* changes:
  Remove untraceable rules
  Enforce installd
 2023-04-21 03:45:54 +00:00
Treehugger Robot
b9844f4b7b Merge "ril: dump radio hal from user build." into udc-d1-dev am: 0f96c2225e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22756017

Change-Id: I6beb5198003d07bad5be793dd314b22e318c9ae8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-21 02:34:19 +00:00
Treehugger Robot
0f96c2225e Merge "ril: dump radio hal from user build." into udc-d1-dev 2023-04-21 01:49:54 +00:00
Ankit Goyal
33999737a0 Merge "Mark video secure devices as default dmabuf heaps" into udc-d1-dev am: 2f30e8ca85 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22743596

Change-Id: Iae3c3b2e55eb6dd245beb941d2a935d695a0939c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-20 17:44:04 +00:00
Prasanna Prapancham
c1715483d1 add 8411 to logbuffer 
Test: Flash local build and collect bugreport
Bug: 277799048
Change-Id: I877a91999a2f17df5ea90d3d2257b93bfd67e8e6
Signed-off-by: Prasanna Prapancham <prapancham@google.com>
 2023-04-20 17:43:30 +00:00
Ankit Goyal
2f30e8ca85 Merge "Mark video secure devices as default dmabuf heaps" into udc-d1-dev 2023-04-20 17:03:32 +00:00
Bruno BELANYI
2278f4d99c Merge changes from topic "armnn-sysprops" 
* changes:
  Remove 'hal_neuralnetworks_armnn' sysprop exceptions
  Add ArmNN config sysprops SELinux rules
 2023-04-20 08:14:04 +00:00
Tim Lin
54bb68984a ril: dump radio hal from user build. 
Sync from ag/17155484

To get radio hal debug info on user build as we do on previous Pixels.

Bug: 278477468
Test: Trigger bugreport on USERDEBUG with dumpstate.unroot set
to true and check IRadio log

Change-Id: Ic9dd8357eb326d5c5f03b16408b7ba0a5e5f5818
(cherry picked from commit e08be6ab76327511002ebd343bda13a2fcc1434d)
 2023-04-20 03:40:59 +00:00
Treehugger Robot
6dba4fa8b3 Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev am: b51385226b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22743594

Change-Id: I0529653e75ab3bbe0815a7b9eeef4f0a5db0849f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-19 21:12:32 +00:00
Treehugger Robot
b51385226b Merge "Camera: Allow rw access to TEE devices" into udc-d1-dev 2023-04-19 20:02:33 +00:00
Ankit Goyal
ded9266dd4 Mark video secure devices as default dmabuf heaps 
Mali driver (and codec HAL as well) require direct access to video
secure dmabuf devices. Mali driver being an SP-HAL cannot explicitly
write blanket rules for all the scontext. So, we piggyback on
dmabuf_system_secure_heap_device to allow all scontext to be able to use
these device nodes.

This is just as secure as dmabuf_system_secure_heap_device in that case.
There is no additional security impact. An app can still use gralloc to
allocate buffers from these heaps and disallowing access to these heaps
to the intended users.

Fix: 278823239
Fix: 278513588
Fix: 275646321
Test: dEQP-VK.memory.allocation
Change-Id: I01a2730fc222efe94d4e48e7ee4c317aa65f0064
 2023-04-19 19:48:38 +00:00
Edmond Chung
57d920f582 Camera: Allow rw access to TEE devices 
This is to enable face authentication on P23 devices.

Bug: 278898746
Test: Build, face authentication
Change-Id: I75311770a9780e0d97a9240b589e4e4cd9e2dc56
 2023-04-19 11:18:14 -07:00
Wilson Sung
5394ad595e Remove untraceable rules 
avc: denied  { quotaget } for  comm="binder:1312_1" scontext=u:r:installd:s0 tcontext=u:object_r:modem_img_file:s0 tclass=filesystem permissive=0
Test: boot to home
Bug: 196916111
Bug: 264490035
Change-Id: Iec3dd7161bb788d81fe8034f3471ece0dfde7e0d
 2023-04-19 23:53:54 +08:00
Bruno BELANYI
aac79fd4d9 Add ArmNN config sysprops SELinux rules 
Bug: b/205202540
Test: manual - reboot device and check the absence of AVC denials
Change-Id: I77b29468258520265e5f660452794aff068ca07d
 2023-04-19 11:32:48 +00:00
Dave Mankoff
73cb48bef6 Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev am: 633f19376e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22603639

Change-Id: I39974b746d4bddff960fcad6ff2ecb7047615360
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-18 18:30:03 +00:00
Dave Mankoff
633f19376e Merge "Give SystemUI access to necessary selinux properties." into udc-d1-dev 2023-04-18 17:50:42 +00:00
Dave Mankoff
78b9dcdb69 Give SystemUI access to necessary selinux properties. 
Other errors mentioned in the bugs are already absent.

Fixes: 269964574
Fixes: 272628396
Fixes: 272628174
Test: built and flash device. No selinux errors printed.
Change-Id: Ic285b1f5a2ce6973899011a7c6a596e807c3e933
 2023-04-17 14:28:59 +00:00
Bruno BELANYI
33c0bf3aad Merge "Move ARM runtime option SELinux rules out of 'legacy/'" into udc-d1-dev am: ac239dd97d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22627129

Change-Id: Id46dee4c6dfc14fc86748fc88dc5ef96a0b0f708
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:27:59 +00:00
Jenny Ho
cddf77cdac Merge "sepolicy: fix charger_vendor permission denied" into udc-d1-dev am: 2e3228660e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22606969

Change-Id: Ifcf4b4a1f1654519eb756d658d0d1a14c5495e16
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 11:26:46 +00:00
Bruno BELANYI
ac239dd97d Merge "Move ARM runtime option SELinux rules out of 'legacy/'" into udc-d1-dev 2023-04-17 11:00:08 +00:00
Jenny Ho
2e3228660e Merge "sepolicy: fix charger_vendor permission denied" into udc-d1-dev 2023-04-17 10:56:58 +00:00
Dinesh Yadav
56658f83ed Merge "Add se-policies for google_camera_app from pro" into udc-d1-dev am: 39b4b20545 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22414449

Change-Id: I1a7ccce3db7dee7e1b816af6a4703baa2f03ef3a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-17 09:05:27 +00:00