Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
1058 commits 1 branch 0 tags 18 MiB
Commit graph

501 commits

Author SHA1 Message Date
Safayat Ullah
ea09b155f2 display: add persist property to vendor_display_prop 
Bug: 290162920
Test: no avc denied log
Change-Id: I60747df56c6993251bc736994da828814bcdf607
Merged-In: I2497960fbc76e56dd3a9c69d3fe274f0685744f8
 2023-08-29 09:06:57 +00:00
Sebastian Pickl
ae9ab242e8 Merge "Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..."" into udc-qpr-dev 2023-08-24 10:06:57 +00:00
Sebastian Pickl
84f1209636 Revert "[DO NOT MERGE] Add selinux policy for chre vendor data d..." 
Revert submission 23834879-CHRE BT LOG

Reason for revert: fixes broken test b/297255998 verified by go/abtd: https://android-build.googleplex.com/builds/abtd/run/L30000000962735539
Bug:297255998

Reverted changes: /q/submissionid:23834879-CHRE+BT+LOG

Change-Id: I56b800260303834ed76dedf354b5a32af00b3684
 2023-08-24 09:47:19 +00:00
Yixuan Wang
0fcc802265 Merge "[DO NOT MERGE] Add selinux policy for chre vendor data directory" into udc-qpr-dev 2023-08-23 19:29:45 +00:00
Kris Chen
7f3e2b9212 Allow hal_power_default to access sysfs_scsi_devices_0000 am: c9d21c380f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24458368

Change-Id: I6a6014a9efe1d543b559bc9142766d0765468339
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-08-21 06:33:12 +00:00
Kris Chen
c9d21c380f Allow hal_power_default to access sysfs_scsi_devices_0000 
Fix the following avc denial:
avc:  denied  { write } for  name="clkgate_enable" dev="sysfs"
ino=69304 scontext=u:r:hal_power_default:s0 tcontext=u:object_r:sysfs_scsi_devices_0000:s0 tclass=file permissive=0

Bug: 290709897
Test: enroll fingerprint
Change-Id: Ib153087839d59e1839ceed4373a9be6f42e89619
 2023-08-17 12:59:19 +00:00
Ilya Matyukhin
013ec5ce54 Merge "zuma: Add sysfs_faceauth_gcma_heap type" into udc-qpr-dev 2023-08-16 20:38:34 +00:00
Ilya Matyukhin
33540f5a05 zuma: Add sysfs_faceauth_gcma_heap type 
Bug: 288156745
Test: build
Change-Id: I937b37542d8ff5a9e9e0d4d9b53c8300820a1826
 2023-08-11 05:37:59 +00:00
Wilson Sung
746bd9ad3c Supress kernel avc log before SELinux initialized 
Fix: 295430975
Change-Id: I11fe6c6705f7c4f7b3730b8f4b40229b083c0a13
 2023-08-11 12:40:55 +08:00
Wilson Sung
2d2ec40c1a Supress kernel avc log before SELinux initialized 
Fix: 281814849
Fix: 292059050
Change-Id: Ie83557668ded8ab17bf77e60ed21db33e9f4f580
 2023-08-04 07:32:39 +00:00
Jason Chiu
7aa9a5e3c0 Add hal_bootctl_default read permission to rootfs in Recovery mode am: 90a1f80488 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24143123

Change-Id: I3bc9799d166ad41bbbb547884a9993a352b3f6c3
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:19 +00:00
Jason Chiu
b9e73326ee remove rule for bootctrl hidl version 1.2 am: 54b0343059 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24146702

Change-Id: Ia4efc4cdc0cb92c62c4ddcb7b6f458c4149657a1
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:16 +00:00
Jason Chiu
cbb8fed21e Add rule for bootctrl AIDL am: 17fa2e6fe5 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/24141842

Change-Id: Idbac1303702c0845fd549564f28b20f2bf9f0a03
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-21 02:59:13 +00:00
Jason Chiu
90a1f80488 Add hal_bootctl_default read permission to rootfs in Recovery mode 
Fix the following avc denial:
avc:  denied  { read } for  pid=485 comm="android.hardwar" name="bin" dev="rootfs" ino=9529 scontext=u:r:hal_bootctl_default:s0 tcontext=u:object_r:rootfs:s0 tclass=dir permissive=0

Bug: 282670401
Change-Id: I23ab086ba21d6ffea8b48b4208933c031effc4d4
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:47 +00:00
Jason Chiu
54b0343059 remove rule for bootctrl hidl version 1.2 
Bug: 282670401
Change-Id: I25d169c335fb551cf1862fdf6e6540485a2b8016
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 12:56:38 +00:00
Jason Chiu
17fa2e6fe5 Add rule for bootctrl AIDL 
Bug: 282670401
Change-Id: I1b4c5e7ced0fe67bbbaca2b607e4ca7422e170e1
Signed-off-by: Jason Chiu <jasoncschiu@google.com>
 2023-07-20 20:53:04 +08:00
Utku Utkan
62b083db4d Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Reason for revert: Relanding the original topic after copying the certificates under `device/google` for `without-vendor` branches

Reverted changes: /q/submissionid:24122569-revert-24056607-pixel-camera-services-extensions-sepolicy-OFSULTXSBL

Bug: 287069860
Test: m && flashall
Change-Id: Icc801ca310c0e512769ed84d185dd6149ae5f22b
 2023-07-18 20:37:42 -07:00
Inseob Kim
1ef04d8dda Revert "Introduce CameraServices seinfo tag for PixelCameraServices" 
Revert submission 24056607-pixel-camera-services-extensions-sepolicy

Reason for revert: build breakage on git_main-without-vendor

Reverted changes: /q/submissionid:24056607-pixel-camera-services-extensions-sepolicy

Change-Id: I42e68b982d521acb9b9a088d58ff521be25beb7e
 2023-07-19 01:15:27 +00:00
Utku Utkan
c3cf1b7cf0 Introduce CameraServices seinfo tag for PixelCameraServices 
Bug: 287069860
Test: m && flashall && check against 'avc: denied' errors
Change-Id: I843c7e0577d88a7e84cb939135fe89f5923ea294
 2023-07-18 12:18:35 -07:00
Treehugger Robot
a5187246a1 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev am: 8bcc8a1242 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23643602

Change-Id: I5662604da8561e8e8729cd494ba35d1797339e82
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 19:02:40 +00:00
Treehugger Robot
8bcc8a1242 Merge "Add GPU power hint sysfs node to sepolicy for Zuma" into udc-d1-dev 2023-07-13 17:47:48 +00:00
Badhri Jagan Sridharan
5958be5bd0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev am: 20eade41f0 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23864376

Change-Id: I512b4db16ff18acc313dc0d0c94f78bf4743ddcc
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-13 17:34:05 +00:00
Badhri Jagan Sridharan
20eade41f0 Merge "Add USB wakeup sources sepolicy contexts" into udc-d1-dev 2023-07-13 16:43:18 +00:00
Hasan Awais
4640c96bb4 uwb: add permission to read SELinux state 
Allows UWB HAL to read selinuxfs to determine the state
Used for controlling access to debugfs

Bug: 288049522
Test: local build pass
Change-Id: I1237d001d27999c796bbb28629847f5a5639cd3e
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2023-07-10 17:12:33 +00:00
Yunju Lee
0a86789618 Add GPU power hint sysfs node to sepolicy for Zuma 
Bug: 228076319
Bug: 278493002
Test: Perfetto trace inspection
Change-Id: I2f78c2e9175faa3f8af4b55e93e9b0f3d6bebdf2
 2023-07-07 21:40:20 +00:00
Ruofei Ma
99ff7c4007 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev am: f3258b9e00 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23852417

Change-Id: I0976a47af9e3ccab16a391c9835885b88166ac95
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 03:33:06 +00:00
Ruofei Ma
4471c5e525 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev am: aa2084fe54 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23850445

Change-Id: I28bbba859b673990f752fed64098a8e56a9cb99a
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-07-06 03:32:45 +00:00
Ruofei Ma
f3258b9e00 Merge "Dec: SELinux policy change to allow uclamp.min set" into udc-d1-dev 2023-07-06 02:49:56 +00:00
Ruofei Ma
aa2084fe54 Merge "Revert "mediacodec_google: add hal_power"" into udc-d1-dev 2023-07-06 02:49:51 +00:00
Badhri Jagan Sridharan
62e714d81c Add USB wakeup sources sepolicy contexts 
Bug: 289376260
Change-Id: I72711aea571dad5be7ff36ca7a7c59240aaa2226
Merged-In: I72711aea571dad5be7ff36ca7a7c59240aaa2226
Signed-off-by: Badhri Jagan Sridharan <badhri@google.com>
 2023-06-30 19:36:01 +00:00
Wilson Sung
bd6892b9d3 Move sysUI contexts to system_ext am: 4862829753 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23840925

Change-Id: Iae1889fe451b09d41160689c24d2888a1a4da796
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-29 04:17:50 +00:00
Ruofei Ma
4ee8ce9cd6 Dec: SELinux policy change to allow uclamp.min set 
To get better performance for 4K60FPS HDR video, we need
to boost the cpu when the load is too heavy for Bigwave
decoder.

Bug: 274736629

Change-Id: I32d683084dd55354002d4fd4c266492df3839a35
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2023-06-29 00:22:24 +00:00
Ruofei Ma
4bb2aa413d Revert "mediacodec_google: add hal_power" 
This reverts commit 3346e879e6.

Reason for revert: This change is not needed since the performance boost implementation has changed

Change-Id: Icda43f23354e70503d3bb2efe0631a2d754a4920
 2023-06-29 00:22:11 +00:00
Yixuan Wang
22d9b28316 [DO NOT MERGE] Add selinux policy for chre vendor data directory 
Bug: 278114604
Test: on device test
Change-Id: I1ac96655571f811c116540aec3a1626d5cca1b16
(cherry picked from commit 7530c4bc13)
 2023-06-28 17:16:15 +00:00
Wilson Sung
4862829753 Move sysUI contexts to system_ext 
Bug: 288227521
Change-Id: I3e5f2e76bf067f98b191b3b8ee6010c1abd95cb0
 2023-06-28 14:10:06 +08:00
TreeHugger Robot
62b8a1fed8 Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev am: 043ae16d5f 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753755

Change-Id: I64ce27f29959da86f4a3effdc2700c9edd12c365
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 11:02:13 +00:00
TreeHugger Robot
043ae16d5f Merge "Add kernel vendor_fw_file dir read permission" into udc-d1-dev 2023-06-21 10:47:39 +00:00
Treehugger Robot
e25310025c Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev am: d8b11ef832 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23753754

Change-Id: I7c9fa2e932b7547fee5aacf6a82177513f8d59ef
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-21 10:38:30 +00:00
Treehugger Robot
d8b11ef832 Merge "Supress kernel avc log before SELinux initialized" into udc-d1-dev 2023-06-21 09:59:33 +00:00
Wilson Sung
3657f78cb0 Add kernel vendor_fw_file dir read permission 
Fix: 288049349
Change-Id: I76751deb04e5b6a4362917c76764cddc74d0f76d
 2023-06-21 16:02:41 +08:00
Wilson Sung
0b77875c4a Supress kernel avc log before SELinux initialized 
Bug: 288049349
Fix: 288049229
Change-Id: I5087a77e65ecdbaa868a7257342f5d99f424880a
 2023-06-21 16:02:29 +08:00
Anthony Zhang
b0c6280ba5 [DO NOT MERGE] Allow fingerprint to access persist property am: fb29e39ee1 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23730231

Change-Id: I484b590b74da12bdf34de1bd84132a327d8387f7
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-20 18:12:44 +00:00
Anthony Zhang
a594a23554 Merge "[DO NOT MERGE] Allow fingerprint to access persist property" into udc-d1-dev 2023-06-20 17:31:31 +00:00
Treehugger Robot
af63d1adeb Merge "sepolicy: allow hal_power_stats to read sysfs_edgetpu" into udc-d1-dev am: a3e9615016 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23720970

Change-Id: Ia4b379de76b03ce2e4fb66b42992806e7e40965f
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-19 02:13:15 +00:00
Anthony Zhang
fb29e39ee1 [DO NOT MERGE] Allow fingerprint to access persist property 
For zuma devices.

Bug: 258901849
Test: Local test on enrollment/delete, version update
Change-Id: I2c10bde2940778e0a434c2a073eb5793efeea455
 2023-06-16 09:37:10 -07:00
Darren Hsu
f4f3f57534 sepolicy: allow hal_power_stats to read sysfs_edgetpu 
Bug: 253702169
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ica2274f6e61cc35f7baf089ecc7b6c35f0914aeb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-16 17:21:50 +08:00
Dinesh Yadav
2bd05aeaad Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] am: 100dd2387d 
Original change: https://googleplex-android-review.googlesource.com/c/device/google/zuma-sepolicy/+/23468178

Change-Id: I4bd79f57f2a063aef60e8dab049460636633ccea
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
 2023-06-15 03:57:29 +00:00
Darren Hsu
3c8fb109b8 sepolicy: lable NFC sysfs path for hal_power_stats 
Bug: 270498656
Test: capture a bugreport and ensure that there is
no avc denials for power stats
Change-Id: Ie765f6267ceacbc0b11426f4ee81ea0670195ddb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-14 13:58:33 +08:00
Joerg Wagner
d19ec7a5b6 Merge "Prepare for Mali r44p0 UMD update" into udc-qpr-dev 2023-06-13 06:03:15 +00:00
Dinesh Yadav
100dd2387d Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] 
gxp_logging service will periodically check the sysfs files exposed by
the gxp kernel driver and report stats to Suez framework.
These policies are needed to report the metrics.

Tested:
Found no violation with these policies on a P23 device

Bug: 278514198
Change-Id: I8c3e57dfe4e9a6caab425f2424d07e83f5e7b9c6
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-06-13 03:37:56 +00:00