Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2005 commits 1 branch 0 tags 18 MiB
Commit graph

741 commits

Author SHA1 Message Date
Krzysztof Kosiński
35910a3e8b Remove Google Camera access to GXP firmware. 
This was originally a workaround and is not needed on Zuma.

Bug: 264489778
Test: gca_smoke.py on zuma device
Change-Id: I35d168a2f832a430ec1b782b12fb642bcea4bfd1
 2023-06-08 10:19:18 +00:00
Treehugger Robot
ba91204313 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev am: 8733772e74 am: 8d8f96f8d9 am: 10d6b74a4e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22298464

Change-Id: I23fd2b50990ef3fe0c5ecc54867897bb0a4d2c24
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-08 09:15:54 +00:00
Treehugger Robot
8733772e74 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev 2023-06-08 06:25:44 +00:00
Jörg Wagner
ce42de2ebd Prepare for Mali r44p0 UMD update 
Add selinux rule to allow new V2 interface file alongside of V1 used up to r43p0.
The V1 entry will be removed once the r44p0 UMD update completes.
This decouples small changes from large, potentially intrusive ones in
other repositories.

Bug: 284254900
Change-Id: Ia928f871d8ea1fdbfb963cecb8fc4a99947e443e
 2023-06-07 10:19:17 +00:00
Wei Wang
f1c34d8891 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev am: 55020988a0 am: 75529f8437 am: 35e6fbb0fa 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22480582

Change-Id: I925c4d4ae039a7cd73a4d90fbaf1a77ead2dbbeb
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-07 00:20:04 +00:00
Wei Wang
55020988a0 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev 2023-06-06 22:25:11 +00:00
Allen Xu
9236600765 Add sepolicy for ConnectivityMonitor am: 78b62802e4 am: ef2e13dcd1 am: 75821af430 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23575448

Change-Id: I9ee542ee1322c61ee88a93d2e2886441dad67658
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-06 08:03:08 +00:00
Allen Xu
78b62802e4 Add sepolicy for ConnectivityMonitor 
Bug: 264489520
Test: v2/pixel-pts/base
Change-Id: I669a538fe3d0a03422638d7d19fc62a793246f6b
 2023-06-06 02:01:38 +00:00
Leo Hsieh
72577756e2 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev 2023-06-01 12:40:24 +00:00
Mark su
725f5b8df8 Add video12 as hw_jpg_device and enable it for debug_camera_app am: 51c91e5bdf am: cbc15223d5 am: 870eb2484d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23053881

Change-Id: If4516eb1c6fcf0dfd20c9d04a76092fb9300a7d6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-01 09:06:22 +00:00
TreeHugger Robot
2df1fd9399 Merge "Remove old secure_element HIDL permission" into udc-d1-dev am: 23440aa9df am: ae82081798 am: 55c2250a35 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23466920

Change-Id: I0972ca583406d0dbfba0528515890bb1b0946097
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 07:57:20 +00:00
Mark su
51c91e5bdf Add video12 as hw_jpg_device and enable it for debug_camera_app 
Test: 05-05 05:07:06.652  4616  4616 W FinishThread: type=1400 audit(0.0:24): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=646 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=0 app=com.google.android.GoogleCameraEng
05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { read } for  name="lib_jpg_encoder.so"
 dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_data_file:s0 tcl
ass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { open } for  path="/vendor/lib64/lib_j
pg_encoder.so" dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_da
ta_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:46:00.260  4784  4784 I FinishThread: type=1400 audit(0.0:29): avc:  denied  { execute } for  path="/vendor/lib64/
libhwjpeg.so" dev="dm-50" ino=55596 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_d
ata_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { getattr } for  path="/vendor/lib64/
lib_jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_ca
mera_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { map } for  path="/vendor/lib64/lib_
jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera
_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

binder:7312_2: type=1400 audit(0.0:18): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1
05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:19): avc:  denied  { open } for  path="/dev/video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:20): avc:  denied  { ioctl } for  path="/dev/video12" dev="tmpfs" ino=680 ioctlcmd=0x5600 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.700  7312  7312 I binder:7312_2: type=1400 audit(0.0:21): avc:  denied  { read } for  name="u:object_r:default_prop:s0" dev="tmpfs" ino=167 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=1

Bug: 267820687
Change-Id: I69f502d721f683d3532038d618f5fafc83f38b6b
 2023-05-31 06:08:46 +00:00
TreeHugger Robot
23440aa9df Merge "Remove old secure_element HIDL permission" into udc-d1-dev 2023-05-31 05:27:32 +00:00
leohsieh
458b60e5c9 Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] 
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=22035 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=0
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=106891 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=106893 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 267271482
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Change-Id: I39a2e69b1c314d52944bb16ada61e7e6761561cf
 2023-05-31 13:16:43 +08:00
Dinesh Yadav
55064ee2f6 Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev am: 15f5afcfab am: 489a7de117 am: 87199f3e5a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23265297

Change-Id: I9db72caf2b829f6cd05b57267a12be49acdc6695
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-31 04:57:46 +00:00
Hyungjun Park
6de0a33f0a Remove old secure_element HIDL permission 
AIDL HAL is used in the new project and remove the old HIDL part.

Bug: 280530945
Test: VTS pass

Change-Id: Idd38fc59d7e89e2cafab5f4693d00abd6d4fb138
Signed-off-by: Hyungjun Park <hjun78.park@samsung.com>
 2023-05-31 03:12:02 +00:00
Dinesh Yadav
15f5afcfab Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev 2023-05-31 02:22:42 +00:00
Yixuan Wang
8a16687b51 Merge "Add selinux policy for chre vendor data directory" 2023-05-31 01:24:48 +00:00
Yixuan Wang
7530c4bc13 Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I1ac96655571f811c116540aec3a1626d5cca1b16
 2023-05-30 21:16:26 +00:00
Chung-Kai (Michael) Mei
f782e8f4ac Merge "sepolicy: ignore avc denial" into udc-d1-dev am: ca068bf60b am: 3a43eaaad6 am: b6ccf1254e 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23445936

Change-Id: I9e5c466f0694b56fb3b05441e03b4cd5086f1dde
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-29 08:16:44 +00:00
Chung-Kai (Michael) Mei
ca068bf60b Merge "sepolicy: ignore avc denial" into udc-d1-dev 2023-05-29 05:47:43 +00:00
Chungkai Mei
e97101a6e8 sepolicy: ignore avc denial 
ignore avc denial since it's debugfs

Bug: 271931921
Test: device-boot-health-check-extra test show passed https://android-build.googleplex.com/builds/abtd/run/L74000000960917226
Change-Id: I5f491f02c99776251cf3893de6224fb0f02cb320
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-05-29 03:11:41 +00:00
Donnie Pollitz
260cf9cc56 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev am: 9fc92bdb28 am: 5bf2864bf3 am: 5a45fb8698 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23413076

Change-Id: Ib6f835b90e03032e515046545c5ddc41e2674baa
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-26 09:50:01 +00:00
Donnie Pollitz
9fc92bdb28 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev 2023-05-26 07:17:41 +00:00
Dinesh Yadav
e6d2f01a89 Add SEPolicy for gxp_metrics_logger.so logging to stats service 
In order to access the gxp metrics library from the google camera
app (product partition), we need to create an SELinux exception for
the related shared library (in vendor) it uses.
This CL adds the same_process_hal_file tag to allow this exception.

Bug: 278516358
Change-Id: I42d41243d3ee47ebff4f766cd769b5387fd20852
 2023-05-26 04:01:09 +00:00
TreeHugger Robot
030a33fc07 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev am: df113325a5 am: 40efb336ad am: 20e76532f1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23078038

Change-Id: I792a37eadc3c5c54ebe6b847bcb878147bfd87a3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-25 07:55:02 +00:00
TreeHugger Robot
df113325a5 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev 2023-05-25 05:28:46 +00:00
Leo Hsieh
3443d6d373 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps" 2023-05-25 00:58:34 +00:00
Donnie Pollitz
16440338de Allow vendor_init to fix permissions of TEE data file 
Background:
* vendor_init needs to be able to possibly fix ownership of
  tee_data_file

Bug: 280325952
Test: Changed permissions and confirmed user transitions
Change-Id: I2363f9ff695209bbf7b6661c8e9eb3b376b84ace
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-05-24 16:45:28 +02:00
Jimmy Hu
a6b09ce04e Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev am: 86cb19bb2f am: 9279426af4 am: 41369192ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23341842

Change-Id: Ic4b1dd6c02cffaf4ec285e49e5ba6763c020b531
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 09:34:07 +00:00
Jimmy Hu
86cb19bb2f Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev 2023-05-24 08:14:01 +00:00
Jin Jeong
e19b6070d4 Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev am: f77e90366d am: b4bac68874 am: 80af45ba72 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23167570

Change-Id: I6ac4bc6fad96365507a13b0d3bae1c3223d26b92
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-24 03:13:14 +00:00
Jin Jeong
f77e90366d Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev 2023-05-24 01:07:12 +00:00
Kenny Root
107d3314a4 Merge "Add GSA logs policy" into udc-d1-dev 2023-05-22 05:14:11 +00:00
Lawrence Huang
7bf6643438 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev 2023-05-19 19:59:58 +00:00
Jimmy Hu
70e6dd395b Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 263916675
Bug: 264231895
Test: setprop vendor.usb.contaminantdisable true
Change-Id: Ia451a6abc4a3c872c002efa323d06e9179bd656b
Signed-off-by: Jimmy Hu <hhhuuu@google.com>
 2023-05-19 09:54:23 +00:00
Lawrence Huang
c64c508a51 Add net_domain for GCA on zuma devices 
Bug: 277097939

Change-Id: Iadfc1be5f9e6830693aed9d9b619815c7d1f9caf
(cherry picked from commit e979543b99)
 2023-05-19 01:53:03 +00:00
Prasanna Prapancham
9138d3d1de add 8411 to logbuffer 
Test: Flash local build and collect bugreport
Bug: 277799048
Change-Id: I877a91999a2f17df5ea90d3d2257b93bfd67e8e6
Signed-off-by: Prasanna Prapancham <prapancham@google.com>
(cherry picked from commit c1715483d1)
 2023-05-17 22:52:57 +00:00
Xu Han
01b692295a Merge "Add permission for nautilus devices" into udc-d1-dev am: 639d91fb93 am: cb92b8fcdc am: 6c5f7b4982 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23279761

Change-Id: I0e08457034c3abb712d3abf9bd0eb2f75c3a526b
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-17 19:02:42 +00:00
Kenny Root
7be3a71942 Add GSA logs policy 
This adds a label to the sysfs files for GSA logs to allow dumpstate to
read them during a bugreport.

(cherry picked from commit 076591d107)

Bug: 271125313
Test: adb shell dumpstate
Change-Id: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
Merged-In: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
 2023-05-17 17:36:35 +00:00
Xu Han
639d91fb93 Merge "Add permission for nautilus devices" into udc-d1-dev 2023-05-17 16:48:55 +00:00
Luke Chang
3d16072afb Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev 2023-05-17 10:09:06 +00:00
Xu Han
bdc91f6477 Add permission for nautilus devices 
Bug: 283015605
Test: Build
Change-Id: I986a2798a4a5ca927a1a2aaea61edca9fa59b2c5
 2023-05-17 03:59:43 +00:00
lukechang
73e88c0a83 sepolicy: label cpd cl2 & cl1 target_residency 
Test: build and boot to home
Bug: 277390134

Merged-In: I127ffc74aa68976de4aaa4a750b4043def4e2759
Change-Id: I127ffc74aa68976de4aaa4a750b4043def4e2759
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-17 02:11:41 +00:00
Luke Chang
c371a4da4a Merge "sepolicy: label cpd cl2 & cl1 target_residency" 2023-05-17 02:05:30 +00:00
TreeHugger Robot
3203ccc21a Merge "Add chre channel sepolicy entries" into udc-d1-dev 2023-05-16 23:04:18 +00:00
Luis Delgado de Mendoza Garcia
a3f0628f68 Add chre channel sepolicy entries 
Bug: 275143652
Fix: 275143652
Test: in-device verification.
Change-Id: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
Merged-In: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
 2023-05-16 21:43:09 +00:00
lukechang
b7f556c9cb sepolicy: label cpd cl2 & cl1 target_residency 
Test: build and boot to home
Bug: 277390134

Change-Id: I127ffc74aa68976de4aaa4a750b4043def4e2759
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-16 09:11:25 +00:00
Treehugger Robot
8768ad1049 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 am: e1766dcd82 am: a521555ae0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: Ice663723abb01c161ba1f3431d92e12fbf20711a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 18:43:50 +00:00
Treehugger Robot
a521555ae0 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev am: 05abdf9f26 am: e1766dcd82 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22980180

Change-Id: I9ddf2be0e89f66a08ef9b559f30706369df180cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-05-15 17:57:47 +00:00