drgreen/android_device_google_gs-common
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
626 Commits 2 Branches 0 Tags
Commit Graph

7 Commits

Author SHA1 Message Date
malikakash
7c32a87d82 Add Sepolicy for LyricConfigProvider to use CameraService 
Bug: 280340307
Test: LyricConfigProvider can reach out to CameraService.
Change-Id: I9b1c7f82fdb1cea09b5c520684574c36be8cd15d
 2023-07-20 23:29:14 +00:00
malikakash
bdccd2c97b Add sepolicy to allow pbcs to use SysProps 
-Add custom domain for our sysprops, of the forms
  -vendor.camera.pbcs.debug.*
  -persist.vendor.camera.pbcs.debug.*
  -Example: vendor.camera.pbcs.debug.enable_lyricconfigprovider
  -This domain will be system + vendor_init writable
-Allow PBCS to read those sysprops

We should now be able to gate our features in PBCS and merge in
successfully. For local dev, we can do:

adb root && adb shell setprop <prop> 1

Bug: 280340307
Test: android.os.SystemProperties.get() works successfully in
  LyricConfigProvider for vendor.camera.pbcs.debug.* props

Change-Id: I4b151f606883c0ae32f99b5f75b70b5d4e228f1d
 2023-07-19 21:24:31 +00:00
malikakash
8a5b714f8d Add sepolicy configs for LyricConfigProvider Service 
- Introduce service_context for ILyricConfigProvider service
- Allow adding the ILyricConfigProvider to the service manager.
- Allow HAL to find ILyricConfigProvider from servicemanager
- Allow all proceses in com.google.pixel.services:* to have the same domain as the app (vendor_pbcs_app)
  -- We'll be running services in their own processes so this
     is needed.
- TODO: binder_call(vendor_pbcs_app, vendor_pcs_app);
  Allow PBCS appdomain to make binder calls into PCS appdomain
  after ag/24030784 lands.

Bug: 280340307
Test: We can successfully start and register the LyricConfigProvider service with the servicemanager.
Change-Id: Ia0a74065e98761e48aa041bf7f2f34188017cee4
 2023-07-19 21:21:39 +00:00
Utku Utkan
be42c5b12c Don't audit any system_app_data_file:dir access 
Lab devices don't do factory reset. So we see 'avc: denied' logs
everynow and then. The fix disables the related audits to avoid any
false negatives.

Bug: 287069860
Test: m && flashall && check for 'avc: denied { write }'
Change-Id: I4f98af849b99f4ece737c85a23e22b817677d917
 2023-07-18 16:10:59 -07:00
Utku Utkan
fb20bc80c4 Add SEPolicy for vendor_camera_binder_service 
Bug: 287069860
Test: lunch <device-type>-userdebug && m
Change-Id: Id993e137ebc041e583b4f6c5f6e1ab6e8cdae7b2
 2023-07-12 09:45:54 -07:00
Utku Utkan
6b44778e00 Allow vendor_pbcs_app to search system_app_data_file:dir 
Bug: 287069860
Test: m && flashall && check for 'avc: denied { search }'
Change-Id: I5d0ff960a6ad5b3359dbeedeeea3cac78471419b
 2023-07-12 09:45:48 -07:00
Utku Utkan
049b1dfb53 Add vendor_pbcs_app domain for PersistentBackgroundCameraServices 
Bug: 287069860
Test: lunch <device-type>-userdebug && m
Change-Id: I4153daaf3c8c656380333e695cc7f99ecd821e21
 2023-07-06 18:34:36 -07:00