You can check where devices like the Hexagon DSP are accessible from device SELinux policies.
android.googlesource.com/device/google/
QDSP is accessible to the camera, sensors and neural network HALs and CHRE (android.googlesource.com/platform/syste). Google Camera is the only app with direct access to it.
Conversation
Pixels have a dedicated SELinux domain for Google Camera extending the standard untrusted app domain with access to the Hexagon DSP (qdsp_device label) and Pixel Neural Core (airbrush_device). Neural Core is a TPU + IPU combo developed in some kind of collaboration with Samsung.
1
1
4
Kernel driver for airbrush is at android.googlesource.com/kernel/msm.git. Mostly developed by Samsung other than the thermal throttling portions.
In AOSP or the stock OS on Pixels, apps only have indirect access to QDSP or the Neural Core is via the high-level NN API: developer.android.com/ndk/guides/neu.
1
1
4
Since we don't have Google Camera in GrapheneOS like the stock OS, we've been considering removing the special SELinux domain for a while now. Can look back at our past tweets about it. It's useful for testing purposes but it's not something we intend to support or keep working.
2
9
You’re unable to view this Tweet because this account owner limits who can view their Tweets. Learn more
Replying to
microG won't work without being built into the OS. The most it would do is make apps think that Play Services is available but it's not going to work. GrapheneOS doesn't and won't support microG. Google Camera may work right now but it isn't supported and it can't be expected.
1
This Tweet was deleted by the Tweet author. Learn more
Replying to
You aren't using GrapheneOS, so what does or doesn't work isn't relevant. Even if you started from the official GrapheneOS releases, you modified the OS and made substantial changes incompatible with the core security features like verified boot and the official update system.
GrapheneOS doesn't include Play Services. It doesn't include an alternative implementation providing a subset of the APIs and if it did that could not be relied upon to keep apps working. As soon as they grow hard dependencies on APIs beyond that subset, they'll stop working.
1
This Tweet was deleted by the Tweet author. Learn more
Show replies
This Tweet was deleted by the Tweet author. Learn more
Replying to
No, you aren't using GrapheneOS. You created a derivative of GrapheneOS with substantial modifications. It's not GrapheneOS and you aren't a GrapheneOS user. You're responding to a thread about SELinux policies when you don't use our SELinux policies. It's really not relevant.
1
Show replies