Allow boot color propagation am: 0711d91cf0
Original change: https://googleplex-android-review.googlesource.com/c/device/google/bonito-sepolicy/+/15589978
Change-Id: I2adc7fe8eed49c8e7e1a63d5dc75bf73100af2c6
diff --git a/PREUPLOAD.cfg b/PREUPLOAD.cfg
new file mode 100644
index 0000000..3591c7f
--- /dev/null
+++ b/PREUPLOAD.cfg
@@ -0,0 +1,3 @@
+[Hook Scripts]
+aosp_hook = ${REPO_ROOT}/frameworks/base/tools/aosp/aosp_sha.sh ${PREUPLOAD_COMMIT} "."
+
diff --git a/private/toolbox.te b/private/toolbox.te
new file mode 100644
index 0000000..130a7c3
--- /dev/null
+++ b/private/toolbox.te
@@ -0,0 +1,6 @@
+# b/192310307
+dontaudit toolbox virtualizationservice_data_file:dir getattr;
+# b/193366090
+dontaudit toolbox toolbox:capability dac_override;
+dontaudit toolbox toolbox:capability dac_read_search;
+dontaudit toolbox toolbox:capability fowner;
diff --git a/vendor/google/property.te b/vendor/google/property.te
index 098fb6f..5465972 100644
--- a/vendor/google/property.te
+++ b/vendor/google/property.te
@@ -9,3 +9,6 @@
# hal_health
vendor_internal_prop(vendor_battery_defender_prop)
+
+# Logger
+vendor_internal_prop(vendor_logger_prop)
diff --git a/vendor/google/property_contexts b/vendor/google/property_contexts
index 3da57dd..9f5a7b1 100644
--- a/vendor/google/property_contexts
+++ b/vendor/google/property_contexts
@@ -15,3 +15,7 @@
persist.modem. u:object_r:vendor_modem_prop:s0
persist.vendor.modem. u:object_r:vendor_modem_prop:s0
persist.vendor.mdm. u:object_r:vendor_modem_prop:s0
+
+# Logger app
+vendor.pixellogger. u:object_r:vendor_logger_prop:s0
+persist.vendor.pixellogger. u:object_r:vendor_logger_prop:s0
diff --git a/vendor/qcom/common/device.te b/vendor/qcom/common/device.te
index 11ec49b..734a63b 100644
--- a/vendor/qcom/common/device.te
+++ b/vendor/qcom/common/device.te
@@ -1,15 +1,15 @@
-type ab_block_device, dev_type;
+type ab_block_device, dev_type, bdev_type;
type at_device, dev_type;
type avtimer_device, dev_type;
type bt_device, dev_type;
-type devinfo_block_device, dev_type;
+type devinfo_block_device, dev_type, bdev_type;
type diag_device, dev_type, mlstrustedobject;
type dsp_device, dev_type;
type easel_device, dev_type, mlstrustedobject;
-type gpt_block_device, dev_type;
+type gpt_block_device, dev_type, bdev_type;
type ipa_dev, dev_type;
-type modem_block_device, dev_type;
-type persist_block_device, dev_type;
+type modem_block_device, dev_type, bdev_type;
+type persist_block_device, dev_type, bdev_type;
type qce_device, dev_type;
type qsee_ipc_irq_spss_device, dev_type;
type qdsp_device, dev_type, mlstrustedobject;
@@ -19,10 +19,10 @@
type sg_device, dev_type;
type smd_device, dev_type;
type spcom_device, dev_type;
-type ssd_block_device, dev_type;
+type ssd_block_device, dev_type, bdev_type;
type ssr_device, dev_type;
type wlan_device, dev_type;
-type xbl_block_device, dev_type;
+type xbl_block_device, dev_type, bdev_type;
# TODO: Replace KM3 with KM4 (b/112339903)
type rpmb_device, dev_type;
diff --git a/vendor/qcom/common/dumpstate.te b/vendor/qcom/common/dumpstate.te
index 8f5ea5e..7a594f3 100644
--- a/vendor/qcom/common/dumpstate.te
+++ b/vendor/qcom/common/dumpstate.te
@@ -9,6 +9,7 @@
allow dumpstate persist_file:dir r_dir_perms;
allow dumpstate sysfs_leds:dir search;
allow dumpstate system_block_device:blk_file r_file_perms;
+ allow dumpstate media_rw_data_file:file append;
dontaudit dumpstate self:netlink_xfrm_socket create_socket_perms_no_ioctl;
diff --git a/vendor/qcom/common/file.te b/vendor/qcom/common/file.te
index 5ca58ba..e4435d1 100644
--- a/vendor/qcom/common/file.te
+++ b/vendor/qcom/common/file.te
@@ -13,7 +13,7 @@
type sysfs_poweroff, sysfs_type, fs_type;
type sysfs_rmtfs, sysfs_type, fs_type;
type sysfs_soc, sysfs_type, fs_type;
-type sysfs_scsi_devices_0000, sysfs_type, fs_type;
+type sysfs_scsi_devices_0000, sysfs_type, fs_type, sysfs_block_type;
type sysfs_scsi_devices_other, sysfs_type, fs_type;
type sysfs_mmc, sysfs_type, fs_type;
type sysfs_system_sleep_stats, sysfs_type, fs_type;
diff --git a/vendor/qcom/common/logger_app.te b/vendor/qcom/common/logger_app.te
index 9d8a58f..06b412d 100644
--- a/vendor/qcom/common/logger_app.te
+++ b/vendor/qcom/common/logger_app.te
@@ -12,6 +12,7 @@
allow logger_app tcpdump_vendor_data_file:file create_file_perms;
get_prop(logger_app, radio_prop)
+ set_prop(logger_app, vendor_logger_prop)
set_prop(logger_app, vendor_ramdump_prop)
set_prop(logger_app, logpersistd_logging_prop)
set_prop(logger_app, logd_prop)
