Merge "fastbootd: Add sepolicy rule for fastbootd" into rvc-qpr-dev
diff --git a/vendor/google/genfs_contexts b/vendor/google/genfs_contexts
index 9531d61..aad6cc7 100644
--- a/vendor/google/genfs_contexts
+++ b/vendor/google/genfs_contexts
@@ -108,6 +108,7 @@
genfscon debugfs /logbuffer/ssoc u:object_r:debugfs_batteryinfo:s0
genfscon debugfs /logbuffer/ttf u:object_r:debugfs_batteryinfo:s0
genfscon debugfs /logbuffer/batt_ce u:object_r:debugfs_batteryinfo:s0
+genfscon debugfs /logbuffer/maxfg u:object_r:debugfs_batteryinfo:s0
genfscon debugfs /logbuffer/wireless u:object_r:debugfs_batteryinfo:s0
genfscon debugfs /google_charger u:object_r:debugfs_batteryinfo:s0
genfscon debugfs /google_battery u:object_r:debugfs_batteryinfo:s0
diff --git a/vendor/google/grilservice_app.te b/vendor/google/grilservice_app.te
index a1adeab..68667c4 100644
--- a/vendor/google/grilservice_app.te
+++ b/vendor/google/grilservice_app.te
@@ -4,7 +4,7 @@
allow grilservice_app hal_radioext_hwservice:hwservice_manager find;
allow grilservice_app hal_wifi_ext_hwservice:hwservice_manager find;
-allow grilservice_app activity_service:service_manager find;
+allow grilservice_app app_api_service:service_manager find;
binder_call(grilservice_app, hal_radioext_default)
binder_call(grilservice_app, hal_wifi_ext)
diff --git a/vendor/google/hal_dumpstate_impl.te b/vendor/google/hal_dumpstate_impl.te
index ef49a6b..5a5bb09 100644
--- a/vendor/google/hal_dumpstate_impl.te
+++ b/vendor/google/hal_dumpstate_impl.te
@@ -65,6 +65,9 @@
allow hal_dumpstate_impl debugfs_ipa:file r_file_perms;
')
+#Dumpstats fastrpc buffer
+allow hal_dumpstate_impl sysfs_fastrpc:file r_file_perms;
+
# USB logs
allow hal_dumpstate_impl debugfs_usb:file r_file_perms;
diff --git a/vendor/google/pixelstats_vendor.te b/vendor/google/pixelstats_vendor.te
index c8b7efa..2e6b3ed 100644
--- a/vendor/google/pixelstats_vendor.te
+++ b/vendor/google/pixelstats_vendor.te
@@ -18,6 +18,7 @@
r_dir_file(pixelstats_vendor, sysfs_pixelstats)
r_dir_file(pixelstats_vendor, sysfs_batteryinfo)
+allow pixelstats_vendor sysfs_batteryinfo:file rw_file_perms;
allow pixelstats_vendor self:netlink_kobject_uevent_socket { create getopt setopt bind read };
# wlc
diff --git a/vendor/google/uv_exposure_reporter.te b/vendor/google/uv_exposure_reporter.te
index 1d9ae56..af7e0d6 100644
--- a/vendor/google/uv_exposure_reporter.te
+++ b/vendor/google/uv_exposure_reporter.te
@@ -1,13 +1,10 @@
type uv_exposure_reporter, domain;
-userdebug_or_eng(`
- app_domain(uv_exposure_reporter)
+app_domain(uv_exposure_reporter)
- allow uv_exposure_reporter app_api_service:service_manager find;
- allow uv_exposure_reporter fwk_stats_hwservice:hwservice_manager find;
- allow uv_exposure_reporter sysfs_msm_subsys:dir search;
- allow uv_exposure_reporter sysfs_msm_subsys:file r_file_perms;
- binder_call(uv_exposure_reporter, gpuservice);
- binder_call(uv_exposure_reporter, stats_service_server);
-')
+allow uv_exposure_reporter app_api_service:service_manager find;
+allow uv_exposure_reporter fwk_stats_hwservice:hwservice_manager find;
+allow uv_exposure_reporter sysfs_msm_subsys:dir search;
+allow uv_exposure_reporter sysfs_msm_subsys:file r_file_perms;
+binder_call(uv_exposure_reporter, stats_service_server);
diff --git a/vendor/qcom/common/hal_wifi_ext.te b/vendor/qcom/common/hal_wifi_ext.te
index e9750ff..3a16e2e 100644
--- a/vendor/qcom/common/hal_wifi_ext.te
+++ b/vendor/qcom/common/hal_wifi_ext.te
@@ -1,4 +1,4 @@
-allow hal_wifi_ext wlan_device:chr_file w_file_perms;
+allow hal_wifi_ext wlan_device:chr_file { w_file_perms read };
# Allow wifi hal access to LOWI
allow hal_wifi_ext location:unix_stream_socket connectto;
diff --git a/vendor/qcom/common/peripheral_manager.te b/vendor/qcom/common/peripheral_manager.te
index 5476827..c5478d1 100644
--- a/vendor/qcom/common/peripheral_manager.te
+++ b/vendor/qcom/common/peripheral_manager.te
@@ -9,6 +9,7 @@
binder_call(vendor_per_mgr, vendor_per_mgr)
binder_call(vendor_per_mgr, wcnss_service)
binder_call(vendor_per_mgr, rild)
+binder_call(vendor_per_mgr, hal_gnss)
set_prop(vendor_per_mgr, vendor_per_mgr_state_prop)
allow vendor_per_mgr self:qipcrtr_socket create_socket_perms_no_ioctl;