Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1087 commits 1 branch 0 tags 18 MiB
Commit graph

413 commits

Author SHA1 Message Date
Treehugger Robot
e3fcb41f40 Merge "Update rules for android.hardware.secure_element-service.thales" into udc-d1-dev am: fde5823b6f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22601631

Change-Id: Ie60f65e8ee6f88a0f4f03fdb10c3caadf7865504
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-14 01:54:41 +00:00
Treehugger Robot
fde5823b6f Merge "Update rules for android.hardware.secure_element-service.thales" into udc-d1-dev 2023-04-14 01:21:56 +00:00
Ankit Goyal
d9655a4999 Add sepolicy for framebuffer-secure heap am: 9576cfaca7 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21990547

Change-Id: I39b3df563b40fabb4ae836ecb196ca4ec3a20509
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 22:32:19 +00:00
Ankit Goyal
9576cfaca7 Add sepolicy for framebuffer-secure heap 
Bug: 245053092
Test: Secure video playback
Change-Id: I715ea5a4e9ee70ec2a022351b9e722a25bfb9f93
 2023-04-13 13:47:11 -07:00
Sayanna Chandula
e94b921ca4 Merge "thermal: enable pixelstats access to thermal metrics" into udc-d1-dev am: 34ff37262f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22559579

Change-Id: I3fb332012004c2e91b8bcc858dcfbdc12e5c8679
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:43:22 +00:00
Sayanna Chandula
34ff37262f Merge "thermal: enable pixelstats access to thermal metrics" into udc-d1-dev 2023-04-13 20:26:31 +00:00
Yixuan Wang
98bffc0a44 Merge "Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for chre" into udc-d1-dev am: 2c0e44805a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22613725

Change-Id: Ia79eb1e60a6fe53a2155874be0f83be644c1d9f6
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 20:18:36 +00:00
Yixuan Wang
2c0e44805a Merge "Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for chre" into udc-d1-dev 2023-04-13 19:38:38 +00:00
Joner Lin
44155e103e Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev am: edd47032af 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22271813

Change-Id: Ic8fa74d729ca69d7c051c19848b9a0113e23bac3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-13 14:26:11 +00:00
Joner Lin
edd47032af Merge "allow bthal to access vendor bluetooth folder" into udc-d1-dev 2023-04-13 13:57:32 +00:00
George
95d0a4b76f Update rules for android.hardware.secure_element-service.thales 
A new domain hal_secure_element_st54spi_aidl for AIDL HAL

Bug: 261566299
Test: run cts -m CtsOmapiTestCases
Test: atest VtsAidlHalNfcTargetTest
Change-Id: Id76a3f3337e2ee72031b39975eb010178855f36f
 2023-04-13 11:02:49 +00:00
Yixuan Wang
1095231e38 Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for 
chre

[ 7.760870] type=1400 audit(1669944054.440:61): avc: denied { write } for comm="android.hardwar" name="chre" dev="tmpfs" ino=1099 scontext=u:r:hal_contexthub_default:s0 tcontext=u:object_r:chre_socket:s0 tclass=sock_file permissive=1
[ 12.519414] type=1400 audit(1669944059.196:138): avc: denied {connectto } for comm="android.hardwar" path="/dev/socket/chre"scontext=u:r:hal_contexthub_default:s0 tcontext=u:r:chre:s0 tclass=unix_stream_socket permissive=1

Bug: 264489794
Bug: 261105224
Test: atest scanAvcDeniedLogRightAfterReboot
Change-Id: I7bf13913188deedc987f82e54626a18357ab84c5
 2023-04-13 06:43:41 +00:00
Minchan Kim
a382f85f96 move vendor_cma_debugfs into gs-common 
The CMA dump is common feature for pixel devices so move
it to gs-common.

Bug: 276901078
Test: dumpstate_board.txt on adb bugreport includes the info
Change-Id: I46be7899939da3ae7e9323a0d3ee92f4b3759acf
Signed-off-by: Minchan Kim <minchan@google.com>
(cherry picked from commit afb8d91c5dd0df836c6c8a53963b44e23005efb7)
 2023-04-12 13:25:46 +00:00
Minchan Kim
11e5da54ef Merge "remove dump_cma" 2023-04-12 03:25:58 +00:00
Wilson Sung
bf1baa3448 Merge "Add recovery related policy" into udc-d1-dev am: 5bee37db26 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22574699

Change-Id: Iafa23558e51dbc2608ff3158cd7b1259253f25cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 01:55:36 +00:00
Wilson Sung
5bee37db26 Merge "Add recovery related policy" into udc-d1-dev 2023-04-12 01:44:17 +00:00
Treehugger Robot
eefef62f70 Merge "Add btbcm wakelock node context" into udc-d1-dev am: bc7379022a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22572817

Change-Id: Ie49fcc84a41c924558050f7d4a283a915bc68b84
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-12 01:40:12 +00:00
Minchan Kim
1b4fae5ce3 remove dump_cma 
We will introduce it into gs-common

Bug: 276901078
Change-Id: I56a0c67fb09563baacbabf738625bf748ab80378
Signed-off-by: Minchan Kim <minchan@google.com>
 2023-04-12 01:22:08 +00:00
Treehugger Robot
bc7379022a Merge "Add btbcm wakelock node context" into udc-d1-dev 2023-04-12 00:32:46 +00:00
Wilson Sung
c2eedff70c Add recovery related policy 
Fix: 275143841
Fix: 264490092
Test: adb sideload and no avc error
Change-Id: I52003c9417560a6c5dab815a6929681710f0b0a4
 2023-04-12 03:46:54 +08:00
Wei Wang
87214b4c2c Merge "sepolicy: label bci and dsu max frequency" into udc-d1-dev am: 4cd8d2fef9 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22497095

Change-Id: I27ceda44c1a2baeb2450c56cbfed0762b68274ab
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 17:05:18 +00:00
jonerlin
940b51e1e4 allow bthal to access vendor bluetooth folder 
Bug: 240636731
Test: enable vendor btsnoop property and check the vendor snoop log
Change-Id: Ib7c36e7398bdbe7abc2f3b2dba684f95a4ce90a8
 2023-04-11 17:01:40 +00:00
Wei Wang
4cd8d2fef9 Merge "sepolicy: label bci and dsu max frequency" into udc-d1-dev 2023-04-11 16:14:29 +00:00
Wilson Sung
2e19e54fe5 Add btbcm wakelock node context 
avc: denied { read } for name="wakeup178" dev="sysfs" ino=119871 scontext=u:r:system_suspend:s0 tcontext=u:object_r:sysfs:s0

Bug: 277717252
Test: boot-to-home and no avc error
Change-Id: I82ed45ff6bf28c0cf2237098c54b6ead59c6c284
 2023-04-11 11:02:26 +00:00
Wilson Sung
9e250f4a12 Allow update_engine to change slot am: 79b4b329f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22563758

Change-Id: I38ef79ff33c61540b5240e31a5b2309973c41185
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-11 04:36:20 +00:00
Wilson Sung
79b4b329f0 Allow update_engine to change slot 
Bug: 275143841
Change-Id: Id9e19ae74a32521ab083eff87e4e3e583f881bbb
 2023-04-11 11:03:12 +08:00
Ali K. Zadeh
1f56ec32b6 sepolicy: label bci and dsu max frequency 
Bug: 274005880
Test: powerhint is able to change the bci/dsu max frequency
Change-Id: I8d59450878ba8e349d7f797cc74f0f1cc00c6187
 2023-04-10 23:24:55 +00:00
Sayanna Chandula
0df51526da thermal: enable pixelstats access to thermal metrics 
Allow pixelstats daemon to access thermal metric nodes

Bug: 277625975
Test: Build and boot on device. Check DFS stats

Change-Id: I50d71d12f4f9d3a1b83a606ba6a7159c46ebec14
Signed-off-by: Sayanna Chandula <sayanna@google.com>
 2023-04-10 13:55:26 -07:00
Adam Shih
e3c88c1277 comply with VTS requirements am: 22e1c0756a am: 46fd63b761 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344148

Change-Id: Ia94e551d31f068ed18f3e0bbc626eb544074e000
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:20:40 +00:00
Adam Shih
46fd63b761 comply with VTS requirements am: 22e1c0756a 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22344148

Change-Id: I02d1e5a2af5bb6d3009d2b7687dff6080f56724f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:08:17 +00:00
Dinesh Yadav
0829947959 Merge "Allow google_camera_app to access edgetpu" into udc-d1-dev am: d9a75c1639 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22286148

Change-Id: I46aa0db686e57dfcf9daaf7d302ec6754c86d630
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-04-06 03:06:08 +00:00
Dinesh Yadav
478b11708f Allow google_camera_app to access edgetpu 
These permissions are needed by GCA-release & GCA-dogfood to access
edgetpu.

Bug: 264490031
Change-Id: Idd9dff906c86f9e83f1dc67698c23387e174d99c
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-04-04 06:11:47 +00:00
TreeHugger Robot
b99f943900 Merge "Add logd selinux allow permissions" into udc-d1-dev am: 4bb2e02b1c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22307864

Change-Id: I7f9a2c6d4af714625fb4d347c0988052d8f77852
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-30 17:17:02 +00:00
Adam Shih
22e1c0756a comply with VTS requirements 
Bug: 275142299
Test:
atest VtsHalDumpstateTargetTest:PerInstanceAndMode/DumpstateAidlPerModeTest#TestOk/0_android_hardware_dumpstate_IDumpstateDevice_default_FULL
atest VtsHalDumpstateTargetTest:PerInstance/DumpstateAidlGeneralTest#TestInvalidModeArgument_Negative/0_android_hardware_dumpstate_IDumpstateDevice_default
Built pass on target-userdebug and aosp_target-userdebug

Change-Id: I6a114aa2aa92f7b06cfd5bbd1f73d34b5477b109
 2023-03-30 13:28:43 +08:00
TreeHugger Robot
8041addc24 Merge "sepolicy: fix VTS failure for system suspend [RESTRICT AUTOMERGE]" into udc-d1-dev 2023-03-30 01:52:41 +00:00
TreeHugger Robot
4bb2e02b1c Merge "Add logd selinux allow permissions" into udc-d1-dev 2023-03-30 01:44:29 +00:00
TreeHugger Robot
6cbdc36e1b Merge "Move pixel dumpstate to gs-common" into udc-d1-dev 2023-03-29 16:06:45 +00:00
Darren Hsu
bc15f1c8ee sepolicy: fix VTS failure for system suspend [RESTRICT AUTOMERGE] 
Bug: 275143652
Test: run vts -m SuspendSepolicyTests
Change-Id: I7cb5fdb18e7b16d98961bfed11da21496e8fa026
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-03-29 18:46:56 +08:00
Donnie Pollitz
885a790f2d Add logd selinux allow permissions 
Bug: 261105354
Bug: 264489639
Test: Ran atest SELinuxTest#scanAvcDeniedLogRightAfterReboot
Change-Id: I377dbb3bbdecd6780c1bdfb3aab53ee3c754c163
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-03-29 09:24:47 +02:00
TreeHugger Robot
b8afba5124 Merge "Keep name "dmabuf_system_secure_heap_device" for secure playback" into udc-d1-dev am: 83588e636f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22185170

Change-Id: I8ae4c6a6f1c4e63adddc3fcdea47143e0e5e22d7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 03:27:57 +00:00
TreeHugger Robot
83588e636f Merge "Keep name "dmabuf_system_secure_heap_device" for secure playback" into udc-d1-dev 2023-03-29 02:56:22 +00:00
TreeHugger Robot
a0beb1cf16 Merge "Allow bootctl to access trusty device" into udc-d1-dev am: 5d6157b523 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22307863

Change-Id: Icab0b0b06400d4b7c362813726b878d59a7d7f7c
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-29 00:56:36 +00:00
TreeHugger Robot
5d6157b523 Merge "Allow bootctl to access trusty device" into udc-d1-dev 2023-03-29 00:00:55 +00:00
Mingguang Xu
afdff68774 Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c am: e283627fac 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Id3525c06cc58f816eee7797145fbb301c4208ac7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:34:30 +00:00
Mingguang Xu
e283627fac Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Iac8bc11118a1c8f6f401f938039899f03bdeea95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:16:41 +00:00
Mingguang Xu
203dd313e7 Merge "Add permissions to connect radioext to twoshay." into udc-dev am: 57e322c17c 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/21956466

Change-Id: Ib70d523bc36e1a789b003374207094f2eaf722d5
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 23:09:15 +00:00
Mingguang Xu
57e322c17c Merge "Add permissions to connect radioext to twoshay." into udc-dev 2023-03-28 23:03:46 +00:00
Feiyu Chen
67f06b0a3d Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 am: 02cc06b4ab 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: I7cd7a542c4d855dac45e34b698303e18847057f9
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:47:10 +00:00
Feiyu Chen
02cc06b4ab Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: Icf1b60bc90121ad358639abe52ea15b4b69bb652
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:19:09 +00:00
Feiyu Chen
719b7aae1f Merge "Allow camera HAL to access edgetpu_app_service" into udc-dev am: 2d34b0b1f6 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/22248613

Change-Id: Ia56751b481fd666dedec73f11ee2ee5ff7e4d088
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-03-28 09:18:37 +00:00