Cherry-pick of Change I23285c21a82748c63fbe20988af42884b9261b66
from Siarhei Vishniakou <svv@google.com>:
Currently, there's no API to read the resolution from the system domain,
so the HAL has to read this from the sysprop provided by the display
code.
Allow the HAL to do so in this CL.
Bug: 236200710
Bug: 279510160
Change-Id: I449232d91533b6b9a40f2a6c4a91c511f5b38e3c
Camera team needs to talk to aoc device in order to use libusf.
It will do this instead of talking to rlsservice. Soon, we can
remove rlsservice from the se policy for camera hal.
Bug: 277959222
Test: manual test, logs provided in comments
Change-Id: I7453fd94891dcc0c1c587bccb3bb6cff80f46e8b
The display file node, early_wakeup, just for trigger the worker for
display and it doesn't have meaningful read function. But PowerHAL read
all nodes and try to dump their valuesi while triggering bugreport. As
the read operation has been completed, so we can remove the clause.
07-02 00:53:56.888 522 522 W android.hardwar: type=1400 audit(0.0:8): avc: denied { dac_read_search } for capability=2 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
07-02 00:53:56.888 522 522 W android.hardwar: type=1400 audit(0.0:9): avc: denied { dac_override } for capability=1 scontext=u:r:hal_power_default:s0 tcontext=u:r:hal_power_default:s0 tclass=capability permissive=0
Bug: 267261305
Test: Boot to home
Change-Id: I6c058a1a85ada7e5d6eb1f8acafaac8231ae5329
Merged-In: I6c058a1a85ada7e5d6eb1f8acafaac8231ae5329
Signed-off-by: Chungkai Mei <chungkai@google.com>
(cherry picked from commit 55d41f1a3e89b1f4d2525d9925e3319ef59e2705)
(cherry picked from commit 1d966a0db9)
Sync from ag/17155484
To get radio hal debug info on user build as we do on previous Pixels.
Bug: 278477468
Test: Trigger bugreport on USERDEBUG with dumpstate.unroot set
to true and check IRadio log
Change-Id: Ic9dd8357eb326d5c5f03b16408b7ba0a5e5f5818
(cherry picked from commit e08be6ab76327511002ebd343bda13a2fcc1434d)
Mali driver (and codec HAL as well) require direct access to video
secure dmabuf devices. Mali driver being an SP-HAL cannot explicitly
write blanket rules for all the scontext. So, we piggyback on
dmabuf_system_secure_heap_device to allow all scontext to be able to use
these device nodes.
This is just as secure as dmabuf_system_secure_heap_device in that case.
There is no additional security impact. An app can still use gralloc to
allocate buffers from these heaps and disallowing access to these heaps
to the intended users.
Fix: 278823239
Fix: 278513588
Fix: 275646321
Test: dEQP-VK.memory.allocation
Change-Id: I01a2730fc222efe94d4e48e7ee4c317aa65f0064
This is to enable face authentication on P23 devices.
Bug: 278898746
Test: Build, face authentication
Change-Id: I75311770a9780e0d97a9240b589e4e4cd9e2dc56
SELinux errors are fixed and hence removing from bug map
Bug: 273639365
Test: Build and boot on device
Change-Id: I3a1ad3066840b507553b9365239673f6126b8ec6
Signed-off-by: Rex Lin <rexcylin@google.com>
This reverts commit af0ad04c3c.
Reason for revert: RescueParty crash due to com.shannon.rcsservice crash
Bug: 278735899
Change-Id: I5bf91b077c23c63de728657bd9adb5623b708d95
The fix has been merged in the topic of ag/21956466 so this dontaudit line can be removed.
Test: manual
Bug: b/275646098
Change-Id: I95c25ffc926e48e589b7636beca1bef9583861d0
Other errors mentioned in the bugs are already absent.
Fixes: 269964574
Fixes: 272628396
Fixes: 272628174
Test: built and flash device. No selinux errors printed.
Change-Id: Ic285b1f5a2ce6973899011a7c6a596e807c3e933
Addressing some review feedback on ag/22381542 about this folder being
removed in the future.
Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I8506da9b80fe060cd5093acafd58594e4db3341b
They need to be read by everything that links with libmali, but we don't
expect anybody to actually write to them.
Bug: b/272740524
Test: CtsDeqpTestCases (dEQP-VK.protected_memory.stack.stacksize_*)
Change-Id: I7f6f021378467484544cc3dbbe71a8e9e037cf98
- Found selinux violations on google_camera_app for these services which are fixed after these changes are included.
Bug: 264490031
Change-Id: Ib6f4a8a548425b0b98ed9b69edff6c973b9cbe3e
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
