Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2005 commits 1 branch 0 tags 18 MiB
Commit graph

741 commits

Author SHA1 Message Date
Yixuan Wang
0fcc802265 Merge "[DO NOT MERGE] Add selinux policy for chre vendor data directory" into udc-qpr-dev 2023-08-23 19:29:45 +00:00
Kris Chen
7e2cb4f5f6 Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f am: 4a49dbceac am: 12c2d23a4b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I64a4f98723a7d5425062c5144402d60af9a55661
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 07:44:46 +00:00
Kris Chen
12c2d23a4b Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f am: 4a49dbceac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: Ibcac24727053aac68e937156421b16b9ab892200
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 07:04:41 +00:00
Kris Chen
4a49dbceac Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I9f99fc149fc832a44d45d09b563ba8bc913a12d1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 06:39:06 +00:00
Kris Chen
7f3e2b9212 Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I6a6014a9efe1d543b559bc9142766d0765468339
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 06:33:12 +00:00
Seungjae Yoo
34eb573ac9 Label dtbo partition as dtbo_block_device am: 8256e72c4a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24438745

Change-Id: Ia4dc306e5e6fdb008c890b538804fba528319806
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-18 09:28:08 +00:00
Renato Grottesi
fa4f421d41 Merge "Cleanup unused ArmNN settings." into main 2023-08-18 04:31:47 +00:00
Seungjae Yoo
8256e72c4a Label dtbo partition as dtbo_block_device 
Bug: 291191362
Test: m

Merged-In: Iccca8de440cad7e9cd12015e0271262a217c457b
Change-Id: Iccca8de440cad7e9cd12015e0271262a217c457b
 2023-08-18 00:38:06 +00:00
Seungjae Yoo
7961d4ee51 Merge "Label dtbo partition as dtbo_block_device" into main 2023-08-17 22:32:36 +00:00
Kris Chen
c9d21c380f Allow hal_power_default to access sysfs_scsi_devices_0000 
Fix the following avc denial:
avc:  denied  { write } for  name="clkgate_enable" dev="sysfs"
ino=69304 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 290709897
Test: enroll fingerprint
Change-Id: Ib153087839d59e1839ceed4373a9be6f42e89619
 2023-08-17 12:59:19 +00:00
Renato Grottesi
96f1f214a2 Cleanup unused ArmNN settings. 
Test: pre-submit
Bug: 294463729
Change-Id: Ic417154724c4ddc06925ee2de1bd419dddfa1413
 2023-08-17 09:03:35 +00:00
Ilya Matyukhin
ee710b08c1 Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev am: 013ec5ce54 am: 41056381db 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24343631

Change-Id: I43c243eff3bfbf14828f29f13789b1a3eb9f38c8
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 22:10:07 +00:00
Ilya Matyukhin
41056381db Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev am: 013ec5ce54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24343631

Change-Id: Icd84167a866d6bf8cf7fa2c0661320882acfaf6b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-16 21:26:07 +00:00
Ilya Matyukhin
013ec5ce54 Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev 2023-08-16 20:38:34 +00:00
Seungjae Yoo
3773ca269e Label dtbo partition as dtbo_block_device 
Bug: 291191362
Test: m

Change-Id: Iccca8de440cad7e9cd12015e0271262a217c457b
 2023-08-16 11:16:37 +09:00
Wilson Sung
33db592c7a Supress kernel avc log before SELinux initialized am: 746bd9ad3c am: eb6368402e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24393095

Change-Id: If9ce34cb0f0b44998215f20d1be88578f0e8f56b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-14 03:26:28 +00:00
Wilson Sung
eb6368402e Supress kernel avc log before SELinux initialized am: 746bd9ad3c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24393095

Change-Id: Ib00fc07da24ed16e6b77f39985724eea892a1e50
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-14 02:25:22 +00:00
Ilya Matyukhin
33540f5a05 zuma: Add sysfs_faceauth_gcma_heap type 
Bug: 288156745
Test: build
Change-Id: I937b37542d8ff5a9e9e0d4d9b53c8300820a1826
 2023-08-11 05:37:59 +00:00
Wilson Sung
746bd9ad3c Supress kernel avc log before SELinux initialized 
Fix: 295430975
Change-Id: I11fe6c6705f7c4f7b3730b8f4b40229b083c0a13
 2023-08-11 12:40:55 +08:00
Roy Luo
41a2c13c6a Merge "Support monitoring USB sysfs attributes in USB HAL" into main 2023-08-10 04:33:29 +00:00
Inseob Kim
5eb322b197 Move coredomain seapp contexts to system_ext am: ac8048a4f7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24354514

Change-Id: I94af7d6ba7a52b5747781bb763f05e5c05b65715
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-09 03:56:23 +00:00
Inseob Kim
ac8048a4f7 Move coredomain seapp contexts to system_ext 
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: Ib8d191a6c07278b51eec88cd8142adf6c1a45668
Merged-In: Ib8d191a6c07278b51eec88cd8142adf6c1a45668
 2023-08-08 15:11:08 +00:00
Inseob Kim
8f14aa12a1 Move coredomain seapp contexts to system_ext 
Coredomain apps shouldn't be labeled with vendor sepolicy, due to Treble
violation.

Bug: 280547417
Test: TH
Change-Id: Ib8d191a6c07278b51eec88cd8142adf6c1a45668
 2023-08-08 21:05:21 +09:00
Roy Luo
8849e1a49a Support monitoring USB sysfs attributes in USB HAL 
Grant access to USB sysfs attributes.

Bug: 285199434
Test: no audit log in logcat after command execution
Change-Id: Ia5f3333318b47f4e0a05140bd6b95e939197fde5
 2023-08-07 19:49:09 +00:00
Wilson Sung
2d7bfbbf4d Supress kernel avc log before SELinux initialized am: 2d2ec40c1a am: e93cda1238 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24319337

Change-Id: Ib9a60e381cd91505dbfc33335674321a696c80af
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-07 04:41:48 +00:00
Wilson Sung
2d2ec40c1a Supress kernel avc log before SELinux initialized 
Fix: 281814849
Fix: 292059050
Change-Id: Ie83557668ded8ab17bf77e60ed21db33e9f4f580
 2023-08-04 07:32:39 +00:00
Jason Chiu
a31f1a6d5c Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 am: 7aa9a5e3c0 am: fe9e70cbbb 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I3c4125d31626e02e59523a5fd4c249a3311986b7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 20:39:14 +00:00
Jason Chiu
67addf1851 remove rule for bootctrl hidl version 1.2 am: 54b0343059 am: b9e73326ee am: 8bceac530e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: I9411d0f4e94a85fd3814cf3317b560016bcd9697
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-25 20:39:12 +00:00
Jason Chiu
7aa9a5e3c0 Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I3bc9799d166ad41bbbb547884a9993a352b3f6c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:19 +00:00
Jason Chiu
b9e73326ee remove rule for bootctrl hidl version 1.2 am: 54b0343059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: Ia4efc4cdc0cb92c62c4ddcb7b6f458c4149657a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:16 +00:00
Jason Chiu
cbb8fed21e Add rule for bootctrl AIDL am: 17fa2e6fe5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: Idbac1303702c0845fd549564f28b20f2bf9f0a03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:13 +00:00
Jason Chiu
3aa432be32 Merge "Add rule for bootctrl AIDL" 
Bug: 282670401
Change-Id: I1b4c5e7ced0fe67bbbaca2b607e4ca7422e170e1
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 21:00:41 +08:00
Jason Chiu
90a1f80488 Add hal_bootctl_default read permission to rootfs in Recovery mode 
Fix the following avc denial:
avc:  denied  { read } for  pid=485 comm="android.hardwar" name="bin" dev="rootfs" ino=9529 scontext=u:r:hal_bootctl_default:s0 tcontext=u:object_r:rootfs:s0 tclass=dir permissive=0

Bug: 282670401
Change-Id: I23ab086ba21d6ffea8b48b4208933c031effc4d4
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:47 +00:00
Jason Chiu
54b0343059 remove rule for bootctrl hidl version 1.2 
Bug: 282670401
Change-Id: I25d169c335fb551cf1862fdf6e6540485a2b8016
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:38 +00:00
Jason Chiu
17fa2e6fe5 Add rule for bootctrl AIDL 
Bug: 282670401
Change-Id: I1b4c5e7ced0fe67bbbaca2b607e4ca7422e170e1
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 20:53:04 +08:00
Utku Utkan
c2e654730b Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" am: 62b083db4d am: 4f7d7213fe 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24124264

Change-Id: Ie2bb0cfcf9613d1e12da3fea6887000c4761fb5b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 19:58:33 +00:00
Utku Utkan
62b083db4d Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Reason for revert: Relanding the original topic after copying the certificates under `device/google` for `without-vendor` branches

Reverted changes: /q/submissionid:24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Bug: 287069860
Test: m && flashall
Change-Id: Icc801ca310c0e512769ed84d185dd6149ae5f22b
 2023-07-18 20:37:42 -07:00
Inseob Kim
ffec72585d Revert "Introduce CameraServices seinfo tag for PixelCameraServices" am: 1ef04d8dda am: ef514a009d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24122567

Change-Id: I11407eb1d65424f34d3ebe601a6c16e660dd8e4d
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-19 03:33:46 +00:00
Inseob Kim
1ef04d8dda Revert "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24056607-pixel-camera-services-extensions-sepolicy

Reason for revert: build breakage on git_main-without-vendor

Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy

Change-Id: I42e68b982d521acb9b9a088d58ff521be25beb7e
 2023-07-19 01:15:27 +00:00
Utku Utkan
ed8790420e Introduce CameraServices seinfo tag for PixelCameraServices am: c3cf1b7cf0 am: 5dfb9ad64d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24030833

Change-Id: I628cb17d6053851612608f82700e518a043c2884
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-18 22:35:36 +00:00
Utku Utkan
c3cf1b7cf0 Introduce CameraServices seinfo tag for PixelCameraServices 
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I843c7e0577d88a7e84cb939135fe89f5923ea294
 2023-07-18 12:18:35 -07:00
Dinesh Yadav
67b64c50b4 Merge "[Cleanup]: Move gxp sepolicies to gs-common for P23" into main 2023-07-14 04:00:25 +00:00
Treehugger Robot
00cc329f1c Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 am: a5187246a1 am: d079eb063f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I2c9fe5900fcdaa1fbbfa0bf0ee923cc68819c4b9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-14 01:16:08 +00:00
Treehugger Robot
a5187246a1 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I5662604da8561e8e8729cd494ba35d1797339e82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 19:02:40 +00:00
Treehugger Robot
8bcc8a1242 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev 2023-07-13 17:47:48 +00:00
Badhri Jagan Sridharan
5958be5bd0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: I512b4db16ff18acc313dc0d0c94f78bf4743ddcc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 17:34:05 +00:00
Badhri Jagan Sridharan
20eade41f0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev 2023-07-13 16:43:18 +00:00
Hasan Awais
ab0cc41a0d uwb: add permission to read SELinux state am: 4640c96bb4 am: 484e16d61b 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24007918

Change-Id: I00b3af162bc57f840ac55d8ff881fa55034bc238
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-11 18:10:26 +00:00
Hasan Awais
4640c96bb4 uwb: add permission to read SELinux state 
Allows UWB HAL to read selinuxfs to determine the state
Used for controlling access to debugfs

Bug: 288049522
Test: local build pass
Change-Id: I1237d001d27999c796bbb28629847f5a5639cd3e
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2023-07-10 17:12:33 +00:00
Dinesh Yadav
1278d8fc59 [Cleanup]: Move gxp sepolicies to gs-common for P23 
These policies are moved to gs-common as part of ag/24002524

Bug: 288368306
Change-Id: Iaa15e497eafd54b1b702192a3c8f7fe0c908f8a1
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-07-10 05:13:16 +00:00