Note that this HAL is meant only as a workaround until the OEMs will
switch to the AIDL audio HAL.
Test: bluejay-userdebug
Bug: 257937004
Change-Id: Id01da9606f73354a01a94aace8a8966a09038fda
Widevine provisioning was causing SELinux policy issues since we need to
provision Widevine through MediaDrm framework.
Test: presubmits
Change-Id: Ia9d070309e84599ed614bbf5ba35eed558f4d463
This CL adds a new cameraservice type to allow vendor clients of
cameraservice to query and find the stable cameraservice
implementation.
Bug: 243593375
Test: Manually tested that cameraservice can register a vendor facing
instance.
Change-Id: I61499406d4811c898719abcb89c51b4b8a29f4a7
This new service is exposed by system_server and available to all apps.
Bug: 259175720
Test: atest and check the log
Change-Id: I522a3baab1631589bc86fdf706af745bb6cf9f03
aosp/2291528 should have had the `binder_call` macro in hal_can.te be a
`binder_use` macro instead. This fixes that.
Bug: 170405615
Test: AIDL CAN HAL starts up and configures
Change-Id: I7b18c25afef5a243bf0bba7c77a682f7cff092a3
Otherwise, we will encounter SELinux denials like:
W binder:6200_7: type=1400 audit(0.0:327): avc: denied { read } for name="PrebuiltGmsCoreNext_DynamiteLoader.apk" dev="dm-51" ino=2576 scontext=u:r:artd:s0 tcontext=u:object_r:privapp_data_file:s0:c512,c768 tclass=lnk_file permissive=0
Bug: 262230400
Test: No longer see such SELinux denials.
Change-Id: Iccb97b1973f8efbe859b59e729f7a0194d05ba5e
Parts of its memory map are donated to guest VMs, which crashes the
kernel when it tries to touch them.
Ideally we would fix crash_dump to skip over such memory, but in
the meantime this would avoid the kernel crash.
Bug: 236672526
Bug: 238324526
Bug: 260707149
Test: Builds
Change-Id: I6c1eb2d49263ccc391101c588e2a3e87c3f17301
Overlayfs failed to mount during second stage init because init is
lacking these permissions.
These permissions are asserted by the overlayfs driver during mount
operation, see fs/overlayfs/super.c:ovl_check_rename_whiteout
(https://source.corp.google.com/kernel-upstream/fs/overlayfs/super.c;l=1182;bpv=1;bpt=1)
Bug: 243501054
Test: adb remount && check that overlay is active after reboot
Change-Id: I258646b65a49487e6f22a6742ff59e9a0d57b5c0
This patch adds a sysprop to configure whether LE 1M PHY is the
only one used as initiating PHY in a LE Extended Create Connection
request.
Bug: 260677740
Tag: #floss
Test: Manual test - pairing with BLE mouse
Change-Id: I33dbf4093390015a17bffb25eed841d2cc2ad20a
In AIDL, there is no 'factory' interface for retrieving
modules, instead each module is registered individually
with the ServiceManager.
Bug: 205884982
Test: atest VtsHalAudioCoreTargetTest
Change-Id: I55cdae0640171379cda33de1534a8dc887583197
is_running flag signals to tests whether fuse-bpf is running
Test: Builds, runs, ro.fuse.bpf.is_running is correct, fuse-bpf works
Bug: 202785178
Change-Id: I0b02e20ab8eb340733de1138889c8f618f7a17fa
I need SIOCGIFFLAGS and SIOCSIFFLAGS in order to bring up/down
interfaces with AIDL CAN HAL.
Bug: 260592449
Test: CAN HAL can bring up interfaces
Change-Id: I67edaa857cffdf3c3fc9f3b17aad5879e09c6385
Otherwise, we will get SELinux denials like:
W binder:6098_5: type=1400 audit(0.0:138): avc: denied { search } for name="framework" dev="dm-6" ino=478 scontext=u:r:artd:s0 tcontext=u:object_r:vendor_framework_file:s0 tclass=dir permissive=0
Bug: 262230400
Test: No longer see such SELinux denials.
Change-Id: Ic31fdabb16341c51466531c88ca040698331b248
Google is added to the package names to differentiate the Google
specific modules from AOSP modules. This causes RKPD Google module to
not get proper permissions since we permit only AOSP module currently.
Test: Tested on Pixel 7 device
Change-Id: Ia7c39ef85cedf20f705c27a5944b6f87f786cc1b
Change instances of android.hardware.radio.sim.ISap to android.hardware.radio.sap.ISap
ISap is no longer going to be with IRadioSim in the sim
directory. It will be in its own sap directory.
Test: m
Bug: 241969533
Change-Id: I362a0dc6e4b81d709b24b2fa2d879814ab232ad4
Create a label for the encrypted storage. encryptedstore_file & _fs
corresponding to the file & fs type.
encryptedstore process mounts the device on /mnt/encryptedstore with
fscontext & context.
microdroid_payload will have rw & related permissions on it. Also, add a
neverallow rule to deny execute permission on all domains.
encryptedstore needs relabel permission from tmpfs to
encryptedstore_file, along with mount like permissions on the later.
Bug: 261477008
Test: atest MicrodroidTests#encryptedStorageAvailable
Change-Id: Iffa1eb400f90874169d26fc2becb1dda9a1269a9
