Since an additional check related to getting the transport of a service
before registering it is more visible (this is moving a VTS test failure
to boot time for more visibility).
When adding a 'find' check on the 'add' path, this triggered some logs
here. 'find' has always been given with 'add' for other services, but
for a dontaudit, find has to be manually added.
Bug: 139274536
Test: TH
Change-Id: Ica4266dfaf17acc8c7bc8bd83054aa02811a4a37
Because it is used by the AOSP framework.
Bug: 136023468
Test: TH
Change-Id: I62a4e92b0dac4098d640cca515d0dd8680442779
Merged-In: I62a4e92b0dac4098d640cca515d0dd8680442779
(cherry picked from commit d19df6d3bc)
This reverts commit d83c2cc22b.
The previous landing broke checkbuild targets due to namespace issue.
See the commit message for hardware/qcom/msm8998 change.
Bug: 34254109
Test: Build and boot taimen on device to home screen.
Test: Sideload on taimen.
Change-Id: I775026345eb5fc0ec580ba4ca0282835106a1d35
Merged-In: I775026345eb5fc0ec580ba4ca0282835106a1d35
(cherry picked from commit 4fa8e49020)
Most apps already have the permission to act as full producers
(isolated_app, ephemeral_app, priv_app, untrusted_app_all), but
the camera doesn't inherit that as it runs in its own domain.
Granting only the socket (i.e. ipc) permission, as:
* only that is needed at the moment.
* granting the shmem/fd permissions would require a broader change, as traced_tmpfs is declared in private/.
Specific denial:
05-20 13:56:20.303 7751 7751 W trigger_perfett: type=1400 audit(0.0:19): avc: denied { write } for name="traced_producer" dev="tmpfs" ino=7061 scontext=u:r:google_camera_app:s0:c181,c256,c512,c768 tcontext=u:object_r:traced_producer_socket:s0 tclass=sock_file permissive=0 app=com.google.android.GoogleCamera
Bug: 130543265
Tested: extrapolating from the same fix on crosshatch, tested manually on blueline-userdebug.
Change-Id: I53dc08a28d167f566b759d8f91d00a4828f4847f
The Camera HIDL wrapper needs access to
properties "ro.camera.req.fmq.size" and
"ro.camera.res.fmq.size" which control
the fast message queue size. Cases exist
where the default size is not sufficient.
The precise amount can be controlled by
the respective device configuration which
can set the previously mentioned properties.
Bug: 77865891
Test: Manual using application
Change-Id: I468bde2ee356e0d1d20f781fe6a3af48143cc4b2
The HAL is served from a system app and used by
a vendor daemon.
Test: ls /system/app/atfwd/atfwd.apk
Test: ls /vendor/bin/ATFWD-daemon
Test: lshal
Bug: 130714844
Change-Id: I87e10fa56ac84ddd7e4210ac2bc4f1338265e1e9
Merged-In: I87e10fa56ac84ddd7e4210ac2bc4f1338265e1e9
Give binder access to the stats HAL from the fingerprint HAL.
This is necessary because we're deprecating IPixelStats.
Bug: 122904980
Change-Id: I15c1a07680819f252b0e7c072598ff4fb29a1ce2
Signed-off-by: Maggie White <maggiewhite@google.com>
