This reverts commit f4ab6c9f3c.
Reason for revert: CPU HAL is no longer required because the CPU frequency sysfs files are stable Linux Kernel interfaces and could be read directly from the framework.
Change-Id: I8e992a72e59832801fc0d8087e51efb379d0398f
Change-Id: Ia091bf8f597a25351b5ee33b2c2afc982f175d51
Test: Ran `m; emulator; adb logcat -b all -d > logcat.txt;`
and verified CPU HAL is running without any sepolicy violation.
Bug: 252883241
All remote access HAL needs to register itself to service manager,
so add the policy to system/sepolicy/vendor.
Test: Manually run cf_x86_64_auto, verify remote access HAL is
running.
Bug: 241483300
Change-Id: If8c1162eecfcce4792e6309ba351c498e8117687
Will add fuzzer once the service is implemented.
Test: Run remoteaccess HAL on gcar_emu. Verify the service is running.
Bug: 241483300
Change-Id: I01b31a88414536ddd90f9098f422ae43a48cf726
ro.tuner.lazyhal: system_vendor_config_prop to decide whether the lazy
tuner HAL is enabled.
tuner.server.enable: system_internal_prop to decide whether tuner server
should be enabled.
Bug: 236002754
Test: Check tuner HAL and framework behavior
Change-Id: I6a2ebced0e0261f669e7bda466f46556dedca016
Add example implementation services: IFactory under android.hardware.audio.effect.
An audio HAL AIDL example service will register with the default implementations.
Bug: 238913361
Test: m, and flash with Pixel 6a.
Change-Id: Ib331899fd47b6b334b120e20617174d01e71ddb8
Android 13 moved to using AIDL for HALs, which have different version
and naming conventions as compared to the new deprecated HIDL. This CL
updates the regex to include camera provider implementations that follow
AIDL naming conventions in the allowlist.
Bug: 219974678
Test: Manually tested that AIDL implementation is allowed to run
Change-Id: Ic005703bdaaa6376ca4714f22f89271b2a8878f2
... such as Cuttlefish (Cloud Android virtual device) which has a
DRM virtio-gpu based gralloc and (sometimes) DRM virtio-gpu based
rendering (when forwarding rendering commands to the host machine
with Mesa3D in the guest and virglrenderer on the host).
After this change is submitted, changes such as aosp/1997572 can
be submitted to removed sepolicy that is currently duplicated
across device/google/cuttlefish and device/linaro/dragonboard as
well.
Adds a sysfs_gpu type (existing replicated sysfs_gpu definitions
across several devices are removed in the attached topic). The
uses of `sysfs_gpu:file` comes from Mesa using libdrm's
`drmGetDevices2()` which calls into `drmParsePciDeviceInfo()` to
get vendor id, device id, version etc.
Bug: b/161819018
Test: launch_cvd
Test: launch_cvd --gpu_mode=gfxstream
Change-Id: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c
Merged-In: I4f7d4b0fb90bfeef72f94396ff0c5fe44d53510c
wpa_supplicant needs permission to access the Netlink Interceptor HAL.
Bug: 224844967
Test: Modified version of wpa_supplicant can access Netlink Interceptor
Change-Id: I80c6c980b6655beadfaf14535702ad8e96c2befe
This adds the two top interfaces: IConfig and IModule
to service context, allows the HAL service to call
Binder, and registers the example implementation
service executable.
Bug: 205884982
Test: m
Change-Id: I322e813c96123167ea29b6c25a08ec9677c9b4d1
This change adds selinux policies to allow EVS HAL implementations to
use cardisplayproxyd, which implements a stable AIDL version of the
automotive display proxy service interface.
Bug: 170401743
Bug: 217271351
Test: Manually confirm that evs_app renders the camera preview through
cardisplayproxyd
Change-Id: Ia301b782c6c031fe8351bdcda5ce264da6b8aa4d
This CL updates hal_evs_default to be sufficient for the defautl EVS HAL
implementation and modifies other services' policies to be able to
communicate with EVS HAL implementations
Bug: 217271351
Test: m -j selinux_policy and Treehugger
Change-Id: I2df8e10f574d62f8b84e0ff0381656ab1b18b52f
Revert submission 1956689-add rkp to identity-default
Reason for revert: Broke git-master. Will resubmit later.
Reverted Changes:
I96dcf3027:Add remote key provisioning to the IC HAL
Id686ac33a:Add dependency on keymint cpp lib
Ib368a2a00:Log to logd in the default identity service
I7d2906de0:Refactor IC support for RKP
Iae0f14f1c:Fix formatting of identity credential aidl
I01d086a4b:Allow default identity service to call keymint
Change-Id: I22a9e9bf8b7edc3d6b635b3e4a07a2efc4ff087a
This sepolicy is needed so that the vendor can launch a new HAL process,
and then this HAL process could join the servicemanager as an impl for
IInputProcessor. This HAL will be used to contain the previous impl of
InputClassifier and also new features that we are going to add.
Bug: 210158587
Test: use together with a HAL implementation, make sure HAL runs
Change-Id: I476c215ad622ea18b4ce5cba9c07ae3257a65817
The identity service must be able to return a binder handle to an
IRemotelyProvisionableComponent for remote key provisioning support.
Since the default identity service works with the default keymint
service, allow calling into service manager to get an
IRemotelyProvisionableComponent binder handle.
Bug: 194696876
Test: VtsHalIdentityTargetTest
Change-Id: I01d086a4b38c23a6567fd36bcbb9421ea072caab
IR interface is converted to AIDL and this contains the necessary
permissions for the default service to serve the interface.
Test: atest VtsHalIrTargetTest hal_implementation_test
Test: check for permission issues after tests
Bug: 205000342
Change-Id: I8d9d81d957bf6ef3c6d815ce089549f8f5337555
Add selinux policy for AIDL Vehicel HAL service.
This CL mostly follows https://android-review.googlesource.com/c/platform/system/sepolicy/+/1541205/.
Test: Manually test on emulator, verify AIDL VHAL service is up and
accessible by client.
Bug: 209718034
Change-Id: Icad92e357dacea681b8539f6ebe6110a8ca8b357
This is the context when health HAL runs in offline
charging mode.
This has the same permissions as the health HAL, but
is also able to do charger specific things.
Also restrict neverallow rules in charger_type.
Test: manual in offline charging mode
Bug: 203246116
Change-Id: I6034853c113dff95b26461153501ad0528d10279
- Add hal_dumpstate_service AIDL service to hal_dumpstate.te,
service.te
- Add default example hal_dumpstate service to file_contexts,
service_contexts
- Adde hal_dumpstate_service to API level 31 compatibility
ignore list (31.0.ignore.cil)
Bug: 205760700
Test: VtsHalDumpstateTargetTest, dumpstate, dumpstate_test, dumpsys
Change-Id: If49fa16ac5ab1d3a1930bb800d530cbd32c5dec1
This reverts commit 231c04b2b9.
Now that b/186727553 is fixed, it should be safe to revert this revert.
Test: build
Bug: 184381659
Change-Id: If26ba23df19e9854a121bbcf10a027c738006515
Revert submission 1668411
Reason for revert: Suspect for b/186173384
Reverted Changes:
Iaa4fce9f0:Check that tracefs files are labelled as tracefs_t...
I743a81489:Exclude vendor_modprobe from debugfs neverallow re...
I63a22402c:Add neverallows for debugfs access
I289f2d256:Add a neverallow for debugfs mounting
Change-Id: I04f8bfdc0e5fe8d2f7d6596ed7b840332d611485
vendor_modprobe loads kernel modules which may create files in
debugfs during module_init().
Bug: 179760914
Test: build
Change-Id: I743a81489f469d52f94a88166f8583a7d797db16
The type is declared in vendor policy, so the mapping should live
there as well.
Fixes: 185288751
Test: TH
Change-Id: Ia446d7b5eb0444cdbd48d3628f54792d8a6b2786
Grant ReadDefaultFstab() callers
allow scontext { metadata_file gsi_metadata_file_type }:dir search;
allow scontext gsi_public_metadata_file:file r_file_perms;
so they can search / read DSU metadata files.
The DSU metadata files are required to deduce the correct fstab.
Also tighten the neverallow rules in gsid.te.
Bug: 181110285
Test: Build pass, presubmit test
Test: Boot and check avc denials
Test: Boot with DSU and check avc denials
Change-Id: Ie464b9a8f7a89f9cf8f4e217dad1322ba3ad0633
Test: Rebuild, execute and run atest VtsAidlSharedSecretTargetTest and atest VtsAidlSecureClockTargetTest.
Bug: b/171844725, b/168673523.
Change-Id: I8b81ec12c45566d31edcd117e41fd559df32c37d
mediacodec currently only has permissions to allocate from ION heaps.
The following permission is required for it to allocate from the
DMA-BUF system heap via the the codec2 allocator.
It resolves the following denial in the sdk_gphone_x86_64-userdebug
target:
01-08 22:43:48.712 337 337 I auditd : type=1400 audit(0.0:6): avc:
denied { getattr } for comm="android.hardwar"
path="/dev/dma_heap/system-uncached" dev="tmpfs" ino=311
scontext=u:r:mediacodec:s0
tcontext=u:object_r:dmabuf_system_heap_device:s0 tclass=chr_file
permissive=0
Bug: 170887642
Test: make and boot
Change-Id: I5503ed6ffa47a84f614792de866ddafbec0cdcda
This macro creates the necessary neverallow to assert the
hal_can_*_{client,server} attribute has exclusive ownership of
the service.
Bug: 176180039
Test: build/TH
Change-Id: I876b50e4184ef787117d5ca67c7fbd522d82687c
