Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
924 commits 1 branch 0 tags 18 MiB
Commit graph

452 commits

Author SHA1 Message Date
Darren Hsu
f4f3f57534 sepolicy: allow hal_power_stats to read sysfs_edgetpu 
Bug: 253702169
Test: dumpsys android.hardware.power.stats.IPowerStats/default
Change-Id: Ica2274f6e61cc35f7baf089ecc7b6c35f0914aeb
Signed-off-by: Darren Hsu <darrenhsu@google.com>
 2023-06-16 17:21:50 +08:00
Dinesh Yadav
100dd2387d Add sepolicy for gxp_logging service to report metrics [RESTRICT AUTOMERGE] 
gxp_logging service will periodically check the sysfs files exposed by
the gxp kernel driver and report stats to Suez framework.
These policies are needed to report the metrics.

Tested:
Found no violation with these policies on a P23 device

Bug: 278514198
Change-Id: I8c3e57dfe4e9a6caab425f2424d07e83f5e7b9c6
Signed-off-by: Dinesh Yadav <dkyadav@google.com>
 2023-06-13 03:37:56 +00:00
Ruofei Ma
abd1dee381 Merge "mediacodec_google: add hal_power" into udc-d1-dev 2023-06-12 15:17:42 +00:00
TreeHugger Robot
032d9942de Merge changes from topic "283841311" into udc-d1-dev 
* changes:
  Allow systemui_app access statsmanager_service
  Move systemui_app to system_ext
 2023-06-12 06:30:36 +00:00
Wilson Sung
7b19701919 Move systemui_app to system_ext 
Bug: 283841311
Bug: 264266705
Change-Id: I6c2f167cda9a52da4698f3732c9fdbb13674bea8
 2023-06-12 10:26:31 +08:00
Ruofei Ma
3346e879e6 mediacodec_google: add hal_power 
Add mediacodec_google as a client to hal_power for it to
do power hint.

Bug: 274736629

Change-Id: Ib07001be6ae4aaeaebf2e97439b9af0766640dc9
Signed-off-by: Ruofei Ma <ruofeim@google.com>
 2023-06-08 18:28:50 +00:00
Krzysztof Kosiński
35910a3e8b Remove Google Camera access to GXP firmware. 
This was originally a workaround and is not needed on Zuma.

Bug: 264489778
Test: gca_smoke.py on zuma device
Change-Id: I35d168a2f832a430ec1b782b12fb642bcea4bfd1
 2023-06-08 10:19:18 +00:00
Treehugger Robot
8733772e74 Merge "Add sepolicies for gcma_camera heaps" into udc-d1-dev 2023-06-08 06:25:44 +00:00
Wei Wang
55020988a0 Merge "SELinux: allow to access GPU dvfs period change" into udc-d1-dev 2023-06-06 22:25:11 +00:00
Allen Xu
78b62802e4 Add sepolicy for ConnectivityMonitor 
Bug: 264489520
Test: v2/pixel-pts/base
Change-Id: I669a538fe3d0a03422638d7d19fc62a793246f6b
 2023-06-06 02:01:38 +00:00
Leo Hsieh
72577756e2 Merge "Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE]" into udc-d1-dev 2023-06-01 12:40:24 +00:00
Mark su
51c91e5bdf Add video12 as hw_jpg_device and enable it for debug_camera_app 
Test: 05-05 05:07:06.652  4616  4616 W FinishThread: type=1400 audit(0.0:24): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=646 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:video_device:s0 tclass=chr_file permissive=0 app=com.google.android.GoogleCameraEng
05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { read } for  name="lib_jpg_encoder.so"
 dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_data_file:s0 tcl
ass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:00:59.000  7323  7323 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { open } for  path="/vendor/lib64/lib_j
pg_encoder.so" dev="dm-45" ino=25639 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_da
ta_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:46:00.260  4784  4784 I FinishThread: type=1400 audit(0.0:29): avc:  denied  { execute } for  path="/vendor/lib64/
libhwjpeg.so" dev="dm-50" ino=55596 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera_d
ata_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:36): avc:  denied  { getattr } for  path="/vendor/lib64/
lib_jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_ca
mera_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

05-08 22:33:30.504  7436  7436 I FinishThread: type=1400 audit(0.0:37): avc:  denied  { map } for  path="/vendor/lib64/lib_
jpg_encoder.so" dev="dm-50" ino=53765 scontext=u:r:debug_camera_app:s0:c32,c257,c512,c768 tcontext=u:object_r:vendor_camera
_data_file:s0 tclass=file permissive=1 app=com.google.android.GoogleCameraEng

binder:7312_2: type=1400 audit(0.0:18): avc:  denied  { read write } for  name="video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1
05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:19): avc:  denied  { open } for  path="/dev/video12" dev="tmpfs" ino=680 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.692  7312  7312 I binder:7312_2: type=1400 audit(0.0:20): avc:  denied  { ioctl } for  path="/dev/video12" dev="tmpfs" ino=680 ioctlcmd=0x5600 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:hw_jpg_device:s0 tclass=chr_file permissive=1

05-08 22:28:37.700  7312  7312 I binder:7312_2: type=1400 audit(0.0:21): avc:  denied  { read } for  name="u:object_r:default_prop:s0" dev="tmpfs" ino=167 scontext=u:r:hal_camera_default:s0 tcontext=u:object_r:default_prop:s0 tclass=file permissive=1

Bug: 267820687
Change-Id: I69f502d721f683d3532038d618f5fafc83f38b6b
 2023-05-31 06:08:46 +00:00
TreeHugger Robot
23440aa9df Merge "Remove old secure_element HIDL permission" into udc-d1-dev 2023-05-31 05:27:32 +00:00
leohsieh
458b60e5c9 Allow hal_fingerprint_default to access sysfs_aoc_udfps [DO NOT MERGE] 
Fix the following avc denial:
avc: denied { search } for name="17000000.aoc" dev="sysfs" ino=22035 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc:s0 tclass=dir permissive=0
avc: denied { write } for name="udfps_set_clock_source" dev="sysfs" ino=106891 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0
avc: denied { read } for name="udfps_get_disp_freq" dev="sysfs" ino=106893 scontext=u:r:hal_fingerprint_default:s0 tcontext=u:object_r:sysfs_aoc_udfps:s0 tclass=file permissive=0

Bug: 267271482
Test: Verify fingerprint HAL process can read/write to the sysfs node.
Change-Id: I39a2e69b1c314d52944bb16ada61e7e6761561cf
 2023-05-31 13:16:43 +08:00
Hyungjun Park
6de0a33f0a Remove old secure_element HIDL permission 
AIDL HAL is used in the new project and remove the old HIDL part.

Bug: 280530945
Test: VTS pass

Change-Id: Idd38fc59d7e89e2cafab5f4693d00abd6d4fb138
Signed-off-by: Hyungjun Park <hjun78.park@samsung.com>
 2023-05-31 03:12:02 +00:00
Dinesh Yadav
15f5afcfab Merge "Add SEPolicy for gxp_metrics_logger.so logging to stats service" into udc-d1-dev 2023-05-31 02:22:42 +00:00
Chung-Kai (Michael) Mei
ca068bf60b Merge "sepolicy: ignore avc denial" into udc-d1-dev 2023-05-29 05:47:43 +00:00
Chungkai Mei
e97101a6e8 sepolicy: ignore avc denial 
ignore avc denial since it's debugfs

Bug: 271931921
Test: device-boot-health-check-extra test show passed https://android-build.googleplex.com/builds/abtd/run/L74000000960917226
Change-Id: I5f491f02c99776251cf3893de6224fb0f02cb320
Signed-off-by: Chungkai Mei <chungkai@google.com>
 2023-05-29 03:11:41 +00:00
Donnie Pollitz
9fc92bdb28 Merge "Allow vendor_init to fix permissions of TEE data file" into udc-d1-dev 2023-05-26 07:17:41 +00:00
Dinesh Yadav
e6d2f01a89 Add SEPolicy for gxp_metrics_logger.so logging to stats service 
In order to access the gxp metrics library from the google camera
app (product partition), we need to create an SELinux exception for
the related shared library (in vendor) it uses.
This CL adds the same_process_hal_file tag to allow this exception.

Bug: 278516358
Change-Id: I42d41243d3ee47ebff4f766cd769b5387fd20852
 2023-05-26 04:01:09 +00:00
TreeHugger Robot
df113325a5 Merge "thermal: thermal_metrics: Update selinux to reset stats" into udc-d1-dev 2023-05-25 05:28:46 +00:00
Donnie Pollitz
16440338de Allow vendor_init to fix permissions of TEE data file 
Background:
* vendor_init needs to be able to possibly fix ownership of
  tee_data_file

Bug: 280325952
Test: Changed permissions and confirmed user transitions
Change-Id: I2363f9ff695209bbf7b6661c8e9eb3b376b84ace
Signed-off-by: Donnie Pollitz <donpollitz@google.com>
 2023-05-24 16:45:28 +02:00
Jimmy Hu
86cb19bb2f Merge "Set sepolicy for shell script of disabling contaminant detection" into udc-d1-dev 2023-05-24 08:14:01 +00:00
Jin Jeong
f77e90366d Merge "Revert "[Zuma] Fix SeLinux error"" into udc-d1-dev 2023-05-24 01:07:12 +00:00
Kenny Root
107d3314a4 Merge "Add GSA logs policy" into udc-d1-dev 2023-05-22 05:14:11 +00:00
Lawrence Huang
7bf6643438 Merge "Add net_domain for GCA on zuma devices" into udc-d1-dev 2023-05-19 19:59:58 +00:00
Jimmy Hu
70e6dd395b Set sepolicy for shell script of disabling contaminant detection 
(ported from Ib2e3cf498851c0c9e5e74aacc9bf391549c0ad1a)

Bug: 263916675
Bug: 264231895
Test: setprop vendor.usb.contaminantdisable true
Change-Id: Ia451a6abc4a3c872c002efa323d06e9179bd656b
Signed-off-by: Jimmy Hu <hhhuuu@google.com>
 2023-05-19 09:54:23 +00:00
Lawrence Huang
c64c508a51 Add net_domain for GCA on zuma devices 
Bug: 277097939

Change-Id: Iadfc1be5f9e6830693aed9d9b619815c7d1f9caf
(cherry picked from commit e979543b99)
 2023-05-19 01:53:03 +00:00
Prasanna Prapancham
9138d3d1de add 8411 to logbuffer 
Test: Flash local build and collect bugreport
Bug: 277799048
Change-Id: I877a91999a2f17df5ea90d3d2257b93bfd67e8e6
Signed-off-by: Prasanna Prapancham <prapancham@google.com>
(cherry picked from commit c1715483d1)
 2023-05-17 22:52:57 +00:00
Kenny Root
7be3a71942 Add GSA logs policy 
This adds a label to the sysfs files for GSA logs to allow dumpstate to
read them during a bugreport.

(cherry picked from commit 076591d107)

Bug: 271125313
Test: adb shell dumpstate
Change-Id: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
Merged-In: I8842c0bec972c4cfad15ca689f8e4ae7fa99e179
 2023-05-17 17:36:35 +00:00
Xu Han
639d91fb93 Merge "Add permission for nautilus devices" into udc-d1-dev 2023-05-17 16:48:55 +00:00
Luke Chang
3d16072afb Merge "sepolicy: label cpd cl2 & cl1 target_residency" into udc-d1-dev 2023-05-17 10:09:06 +00:00
Xu Han
bdc91f6477 Add permission for nautilus devices 
Bug: 283015605
Test: Build
Change-Id: I986a2798a4a5ca927a1a2aaea61edca9fa59b2c5
 2023-05-17 03:59:43 +00:00
lukechang
73e88c0a83 sepolicy: label cpd cl2 & cl1 target_residency 
Test: build and boot to home
Bug: 277390134

Merged-In: I127ffc74aa68976de4aaa4a750b4043def4e2759
Change-Id: I127ffc74aa68976de4aaa4a750b4043def4e2759
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-17 02:11:41 +00:00
TreeHugger Robot
3203ccc21a Merge "Add chre channel sepolicy entries" into udc-d1-dev 2023-05-16 23:04:18 +00:00
Luis Delgado de Mendoza Garcia
a3f0628f68 Add chre channel sepolicy entries 
Bug: 275143652
Fix: 275143652
Test: in-device verification.
Change-Id: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
Merged-In: Iba27ad45a38b491ebdfa0191f5af02aafa9f90e2
 2023-05-16 21:43:09 +00:00
Treehugger Robot
05abdf9f26 Merge "uwb: add permissions for factory uwb calib file" into udc-d1-dev 2023-05-15 16:54:11 +00:00
Jin Jeong
b3c701b9c4 Revert "[Zuma] Fix SeLinux error" 
This reverts commit 709ad06c0e.

Reason for revert: b/279988311 we rename the vendor.modem property so we don't need to add the new rules

Change-Id: Ibe56941737506158ef963bba2ae00035c5c11069
 2023-05-12 04:20:27 +00:00
Zheng Pan
705cc4abf8 Merge "Allow systemui to find adbd" into udc-d1-dev 2023-05-09 20:21:14 +00:00
Mahesh Kallelil
1f885d0bcd Allow dump_modem to read logbuffer and wakeup events 
Updating sepolicy for dump_modem to read /dev/logbuffer_cpif. This is
required as part of bugreport.

Test: Tested bugreport on P23
Bug: 278501642
Change-Id: I102583e37ec2e3852fd901a75bbb06de9ac6f77c
Signed-off-by: Mahesh Kallelil <kallelil@google.com>
 2023-05-09 00:20:07 -07:00
Luke Chang
f86a07903b Merge "sepolicy: label cpd cl2 & cl1" into udc-d1-dev 2023-05-09 06:09:33 +00:00
Wilson Sung
fd60d077ad Allow systemui to find adbd 
Bug: 276415118
Fix: 272628396
Test: connect to adb with no avc error
Change-Id: I07496d663628f62ed975785d794854d1cdc77040
 2023-05-09 05:22:16 +00:00
Hasan Awais
14b2c135bb uwb: add permissions for factory uwb calib file 
needed for copying the factory calib file from persist to
/data/vendor/uwb, along with converting the file to a valid format
for uwb HAL

Bug: 274513871
Bug: 279820265
Test: local build passed
Change-Id: I4c4286cd5c200475cac3b9d58a81724d631c49e0
Signed-off-by: Hasan Awais <hasanawais@google.com>
 2023-05-09 00:27:47 +00:00
Jin Jeong
e22788ae78 Merge "[Zuma] Fix SeLinux error" into udc-d1-dev 2023-05-08 23:37:28 +00:00
Martin Liu
e4e930185a Add sepolicies for gcma_camera heaps 
Bug: 275481134
Test: launch camera
Change-Id: I2efe897826d3c32bb85c815207865c0db557ea9f
Signed-off-by: Martin Liu <liumartin@google.com>
 2023-05-08 23:54:55 +08:00
lukechang
9d44de7ecf sepolicy: label cpd cl2 & cl1 
Test: build and boot to home
Bug: 277390134

Merged-In: Iad525a9c556ee436afb8cbd29156b6b593329e83
Change-Id: Iad525a9c556ee436afb8cbd29156b6b593329e83
Signed-off-by: lukechang <lukechang@google.com>
 2023-05-08 08:39:21 +00:00
sashwinbalaji
771b533133 thermal: thermal_metrics: Update selinux to reset stats 
Bug: 193833982
Test: Local build and verify statsD logs
adb shell cmd stats print-logs && adb logcat -b all | grep -i 105045
Change-Id: I09afbea9386724f0abf6b9cab5838e89a060a5fd
 2023-05-08 05:15:39 +00:00
TreeHugger Robot
b417627fb8 Merge "Add tele sensor sepolicy permission" into udc-d1-dev 2023-05-08 02:00:59 +00:00
Treehugger Robot
74e0e5fc37 Merge "Add sepolicy permission of new camera components" into udc-d1-dev 2023-05-05 06:27:43 +00:00
Ted Wang
be9ee4c01d Merge "Add sepolicy for aidl bt extension hal" into udc-d1-dev 2023-05-05 06:19:10 +00:00