Evolution-X-Tensor/device_google_zuma
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
device_google_zuma/vendor
History
Liz Prucka b2f00a1549 Restrict ioctl access for appdomain to gpu_device 
Add a list of Mali-specific ioctls (ioctl_defines).
Define categories for these ioctls (ioctl_macros).
This list was gathered by the ARM GPU team.

All defined ioctls are granted access. Deprecated
ioctls and ioctls intended for GPU development are
logged to estimate the impact of their removal.

During testing, no logging was observed during the
launch of the top 100 apps. It is unlikely that such
logging would spam the device's log.

Bug: 384720119
Test: Csuite test of top 100 apps
Flag: EXEMPT uses build system flag: RELEASE_PIXEL_MALI_SEPOLICY_ENABLED
Change-Id: I49f7ffade42e1039e13601a81d814d33dfbc3e5a
2024-12-19 12:03:02 -08:00
..
certs Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 2023-07-18 20:37:42 -07:00
audioserver.te audio:fix AAudio API access denial 2023-01-09 14:55:32 +08:00
bootanim.te Suppress bootanim behavior meant for Android Wear devices 2023-04-13 00:00:38 +00:00
cccdk_timesync_app.te Add sepolicy for aidl bt extension hal 2023-04-28 04:48:33 +00:00
charger_vendor.te sepolicy: fix charger_vendor permission denied 2023-04-17 07:24:32 +00:00
chre.te Allow CHRE to access the IStats service for the zuma target 2023-10-02 20:52:36 +00:00
con_monitor_app.te Allow con_monitor_app to read/write the folder /data/vendor/radio 2024-02-02 15:42:31 +00:00
debug_camera_app.te Allow tachyon service to make binder calls to GCA 2024-12-06 04:13:42 +00:00
device.te storage: move storage related device type to common folder 2024-09-04 10:44:21 +08:00
disable-contaminant-detection-sh.te Set sepolicy for shell script of disabling contaminant detection 2023-05-19 09:54:23 +00:00
domain.te Update Mali DDK to r40 : Additional SELinux settings 2023-03-03 15:23:39 +00:00
dump_gsa.te Add GSA logs policy 2023-05-17 17:36:35 +00:00
dump_power.te Allow dump_power to read sysfs directories 2024-01-31 07:01:55 +00:00
dump_wlan.te create an empty dump file for wlan 2022-12-14 13:33:33 +08:00
dumpstate.te ril: dump radio hal from user build. 2023-04-20 03:40:59 +00:00
e2fs.te Allow mkfs/fsck for vendor partitons 2023-01-12 09:42:16 -08:00
euiccpixel_app.te Move euiccpixel_app dontaudit items out of tracking_denials 2023-03-20 10:13:05 +08:00
fastbootd.te Enforce fastbootd 2023-05-02 11:42:59 +08:00
file.te zuma: move sepolicy related to bootctrl hal to gs-common 2023-12-05 00:45:55 +08:00
file_contexts zuma: Add selinux permission for fth 2024-12-12 00:15:56 -08:00
fsck.te Allow mkfs/fsck for vendor partitons 2023-01-12 09:42:16 -08:00
genfs_contexts zuma: Add selinux permission for fth 2024-12-12 00:15:56 -08:00
google_camera_app.te Allow tachyon service to make binder calls to GCA 2024-12-06 04:13:42 +00:00
gpu.te Restrict ioctl access for appdomain to gpu_device 2024-12-19 12:03:02 -08:00
hal_bluetooth_btlinux.te Give bthal permission to read AoC version. 2024-06-28 01:15:50 +00:00
hal_camera_default.te Add sepolicy for power_state node 2024-04-24 19:10:19 +00:00
hal_contexthub_default.te Add hal_contexthub_default to zuma sepolicy; Remove dontaudit rules for 2023-04-13 06:43:41 +00:00
hal_fingerprint_default.te Add sepolicy for fingerprint HAL to check NSP file 2024-05-29 04:39:37 +00:00
hal_gnss_pixel.te gps: Move hal_gnss_pixel declaration to device folder 2024-06-11 06:23:21 +00:00
hal_graphics_allocator_default.te Add sepolicies for gcma_camera heaps 2023-05-08 23:54:55 +08:00
hal_graphics_composer_default.te add hal_graphics_composer to access thermal temperature 2024-07-23 09:05:16 +00:00
hal_health_default.te hal_health_default: allow to access persist.vendor.shutdown.* 2023-02-17 07:00:37 +00:00
hal_memtrack_default.te Add memtrack 2023-04-20 23:18:56 -07:00
hal_nfc_default.te Update sepolicy for nfc antenna selftest values 2024-09-12 20:17:39 +00:00
hal_power_default.te Allow hal_power_default to access sysfs_scsi_devices_0000 2023-08-17 12:59:19 +00:00
hal_power_stats_default.te Allow Powerstats service to access refresh rate residency node 2024-01-12 13:01:17 +00:00
hal_radioext_default.te review hal_radioext_default 2022-11-10 14:29:03 +08:00
hal_secure_element_st54spi_aidl.te Update rules for android.hardware.secure_element-service.thales 2023-04-13 11:02:49 +00:00
hal_secure_element_uicc.te Fix selinux denials on hal_secure_element_uicc 2023-01-23 15:36:04 -08:00
hal_sensors_default.te sensors: Move USF related sepolicy to gs-common. 2023-11-06 23:20:16 +08:00
hal_thermal_default.te Allow hal_thermal_default to read iio/odpm sysfs nodes 2023-03-01 16:21:33 +00:00
hal_usb_gadget_impl.te usb: allow hal_usb_gadget_impl sysfs_batteryinfo permission 2023-03-15 19:17:14 +08:00
hal_usb_impl.te Add udc sysfs to udc_sysfs fs context 2024-11-22 02:07:21 +00:00
hal_uwb_vendor_default.te uwb: add permission to read SELinux state 2023-07-10 17:12:33 +00:00
hal_wifi_ext.te Wifi: Add sepolicy files for hal_wifi_ext service 2023-01-06 08:06:57 +00:00
hal_wireless_charger.te WLC: Add hal_wireless_charger policies for systemui 2023-02-10 04:40:44 +00:00
hwservice.te zuma: fingerprint: fix SELinux denails 2022-12-23 17:43:50 +08:00
hwservice_contexts zuma: fingerprint: fix SELinux denails 2022-12-23 17:43:50 +08:00
init.te sepolicy: update init.te for zram device 2023-03-01 02:04:24 +00:00
insmod-sh.te Allow regmap debugfs for drivers probed by insmod 2023-09-12 16:45:09 +08:00
installd.te Remove untraceable rules 2023-04-19 23:53:54 +08:00
ioctl_defines Restrict ioctl access for appdomain to gpu_device 2024-12-19 12:03:02 -08:00
ioctl_macros Restrict ioctl access for appdomain to gpu_device 2024-12-19 12:03:02 -08:00
kernel.te sepolicy: allow kernel to search vendor debugfs 2024-04-02 07:35:39 +00:00
keys.conf Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 2023-07-18 20:37:42 -07:00
logd.te Add logd selinux allow permissions 2023-03-29 09:24:47 +02:00
mac_permissions.xml Revert^2 "Introduce CameraServices seinfo tag for PixelCameraServices" 2023-07-18 20:37:42 -07:00
mediacodec_google.te Dec: SELinux policy change to allow uclamp.min set 2023-06-29 00:22:24 +00:00
pixeldisplayservice_app.te Move coredomain seapp contexts to system_ext 2023-08-08 15:11:08 +00:00
pixelstats_vendor.te pixelstats_vendor: add logbuffer_device r_file_perms 2024-04-25 06:11:20 +00:00
platform_app.te WLC: Cleanup the sysfs_wlc policies 2023-01-10 16:03:22 +00:00
property.te Change vendor_fingerprint_prop to vendor_restricted_prop 2024-09-16 01:45:31 +00:00
property_contexts Add necessary sepolicy for ro.vendor.persist.status 2024-04-22 10:14:12 -07:00
recovery.te Move recovery.te to device/google/gs-common/dauntless/sepolicy 2023-04-24 08:01:42 +00:00
seapp_contexts Move SELinux policies of RamdumpService and SSRestartDetector to /gs-common. 2024-04-22 03:02:53 +00:00
service.te arm_mali_platform_service: register gpu selinux service 2023-02-14 23:34:14 +00:00
service_contexts Remove duplicate service entries 2024-10-01 14:48:00 +10:00
shell.te WLC: Fix hal_wireless_charger sepolicies 2023-02-08 08:14:36 +00:00
surfaceflinger.te arm_mali_platform_service: register gpu selinux service 2023-02-14 23:34:14 +00:00
system_app.te WLC: Cleanup the sysfs_wlc policies 2023-01-10 16:03:22 +00:00
system_server.te Add sepolicy for ConnectivityMonitor 2023-06-06 02:01:38 +00:00
systemui_app.te Move systemui_app to system_ext 2023-06-12 10:26:31 +08:00
tcpdump_logger.te [TSV2] Add sepolicy for dumpstate to zip tcpdump into bugreport 2023-04-27 13:47:34 +00:00
tee.te Add necessary sepolicy for ro.vendor.persist.status 2024-04-22 10:14:12 -07:00
toolbox.te Fix zram avc denied 2023-02-15 08:23:49 +00:00
trusty_apploader.te sepolicy: Fix trusty_apploader avc denials 2023-02-06 08:57:22 +00:00
trusty_metricsd.te sepolicy: Fix trusty_metricsd avc denials 2023-02-06 08:57:31 +00:00
twoshay.te [zuma] Update chre sepolicy for socket connection 2023-12-27 00:02:57 -08:00
ufs_firmware_update.te storage: move storage related device type to common folder 2024-09-04 10:44:21 +08:00
update_engine.te Label dtbo_block_device with flag-guarding 2024-01-10 17:02:34 +09:00
uwb_vendor_app.te restart domain 2022-12-08 09:55:57 +08:00
vendor_init.te Revert "Add necessary sepolicy for convert_modem_to_ext4" 2024-05-07 08:50:45 +00:00
vendor_uwb_init.te uwb: add permissions for factory uwb calib file 2023-05-09 00:27:47 +00:00
vndservice.te Move common display dump to gs-common 2023-03-06 06:33:53 +00:00
vndservice_contexts Move common display dump to gs-common 2023-03-06 06:33:53 +00:00
wifi_sniffer.te Wifi: Add sepolicy files for wifi_sniffer service 2023-01-12 05:47:03 +00:00