Merge "Label /sys/devices/virtual/net from device sepolicy."
diff --git a/common/base.mk b/common/base.mk
index 3468cb2..176418d 100644
--- a/common/base.mk
+++ b/common/base.mk
@@ -850,7 +850,6 @@
SystemUIGoogle \
SettingsGoogle \
NexusLauncherPrebuilt \
- GoogleCamera \
PRODUCT_LOADED_BY_PRIVILEGED_MODULES += \
qti-vzw-ims-internal \
diff --git a/device-common.mk b/device-common.mk
index 39fbc47..9032d19 100644
--- a/device-common.mk
+++ b/device-common.mk
@@ -600,30 +600,5 @@
PRODUCT_COPY_FILES += \
device/google/marlin/qti_whitelist.xml:system/etc/sysconfig/qti_whitelist.xml
-PRODUCT_PROPERTY_OVERRIDES += \
- ro.vendor.vndk.version=26.1.0 \
-
PRODUCT_PACKAGES += \
- android.hardware.renderscript@1.0.vndk-sp\
- android.hardware.graphics.allocator@2.0.vndk-sp\
- android.hardware.graphics.mapper@2.0.vndk-sp\
- android.hardware.graphics.common@1.0.vndk-sp\
- libhwbinder.vndk-sp\
- libbase.vndk-sp\
- libcutils.vndk-sp\
- libhardware.vndk-sp\
- libhidlbase.vndk-sp\
- libhidltransport.vndk-sp\
- libutils.vndk-sp\
- libc++.vndk-sp\
- libRS_internal.vndk-sp\
- libRSDriver.vndk-sp\
- libRSCpuRef.vndk-sp\
- libbcinfo.vndk-sp\
- libblas.vndk-sp\
- libcompiler_rt.vndk-sp\
- libbacktrace.vndk-sp\
- libunwind.vndk-sp\
- libunwindstack.vndk-sp\
- liblzma.vndk-sp\
- libutilscallstack.vndk-sp\
+ vndk-sp
diff --git a/manifest.xml b/manifest.xml
index fd39618..10808fb 100644
--- a/manifest.xml
+++ b/manifest.xml
@@ -83,15 +83,17 @@
<hal format="hidl">
<name>android.hardware.drm</name>
<transport>hwbinder</transport>
- <version>1.0</version>
+ <version>1.1</version>
<interface>
<name>ICryptoFactory</name>
<instance>widevine</instance>
+ <instance>clearkey</instance>
<instance>default</instance>
</interface>
<interface>
<name>IDrmFactory</name>
<instance>widevine</instance>
+ <instance>clearkey</instance>
<instance>default</instance>
</interface>
</hal>
diff --git a/nfc/libnfc-nci.conf b/nfc/libnfc-nci.conf
index 541cd05..3ea628e 100644
--- a/nfc/libnfc-nci.conf
+++ b/nfc/libnfc-nci.conf
@@ -377,3 +377,6 @@
# Bail out mode
# If set to 1, NFCC is using bail out mode for either Type A or Type B poll.
NFA_POLL_BAIL_OUT_MODE=0x01
+
+# Extended APDU length for ISO_DEP
+ISO_DEP_MAX_TRANSCEIVE=0xFEFF
diff --git a/self-extractors/extract-lists.txt b/self-extractors/extract-lists.txt
index c297181..fc164dc 100644
--- a/self-extractors/extract-lists.txt
+++ b/self-extractors/extract-lists.txt
@@ -9,19 +9,14 @@
system/etc/cne/Nexus/ATT/ATT_profiles.xml \
system/etc/cne/Nexus/ROW/ROW_profiles.xml \
system/etc/cne/Nexus/VZW/VZW_profiles.xml \
- system/etc/permissions/com.android.ims.rcsmanager.xml \
- system/framework/com.android.ims.rcsmanager.jar \
- system/lib64/libaptX_encoder.so \
- system/lib64/libaptXHD_encoder.so \
+ system/framework/qcrilhook.jar \
system/lib/libclcore_neon.bc \
system/lib64/libiperf.so \
system/lib64/libminui.so \
- system/lib/libaptX_encoder.so \
- system/lib/libaptXHD_encoder.so \
system/lib64/libbcc.so \
system/lib/libion.so \
system/lib/libiperf.so \
- system/lib64/libLLVM.so \
+ system/lib64/libLLVM_android.so \
system/lib/libminui.so \
system/xbin/iperf3 \
system/xbin/sanitizer-status \
diff --git a/self-extractors/qcom/staging/device-partial.mk b/self-extractors/qcom/staging/device-partial.mk
index 495955c..9d14348 100644
--- a/self-extractors/qcom/staging/device-partial.mk
+++ b/self-extractors/qcom/staging/device-partial.mk
@@ -12,25 +12,25 @@
# See the License for the specific language governing permissions and
# limitations under the License.
+# AOSP packages required by the blobs
+PRODUCT_PACKAGES := \
+ com.android.ims.rcsmanager.xml \
+ com.android.ims.rcsmanager
+
# blob(s) necessary for Marlin hardware
PRODUCT_COPY_FILES := \
vendor/qcom/marlin/proprietary/pktlogconf:system/bin/pktlogconf:qcom \
vendor/qcom/marlin/proprietary/ATT_profiles.xml:system/etc/cne/Nexus/ATT/ATT_profiles.xml:qcom \
vendor/qcom/marlin/proprietary/ROW_profiles.xml:system/etc/cne/Nexus/ROW/ROW_profiles.xml:qcom \
vendor/qcom/marlin/proprietary/VZW_profiles.xml:system/etc/cne/Nexus/VZW/VZW_profiles.xml:qcom \
- vendor/qcom/marlin/proprietary/com.android.ims.rcsmanager.xml:system/etc/permissions/com.android.ims.rcsmanager.xml:qcom \
- vendor/qcom/marlin/proprietary/com.android.ims.rcsmanager.jar:system/framework/com.android.ims.rcsmanager.jar:qcom \
- vendor/qcom/marlin/proprietary/lib64/libaptX_encoder.so:system/lib64/libaptX_encoder.so:qcom \
- vendor/qcom/marlin/proprietary/lib64/libaptXHD_encoder.so:system/lib64/libaptXHD_encoder.so:qcom \
+ vendor/qcom/marlin/proprietary/qcrilhook.jar:system/framework/qcrilhook.jar:qcom \
vendor/qcom/marlin/proprietary/libclcore_neon.bc:system/lib/libclcore_neon.bc:qcom \
vendor/qcom/marlin/proprietary/lib64/libiperf.so:system/lib64/libiperf.so:qcom \
vendor/qcom/marlin/proprietary/lib64/libminui.so:system/lib64/libminui.so:qcom \
- vendor/qcom/marlin/proprietary/libaptX_encoder.so:system/lib/libaptX_encoder.so:qcom \
- vendor/qcom/marlin/proprietary/libaptXHD_encoder.so:system/lib/libaptXHD_encoder.so:qcom \
vendor/qcom/marlin/proprietary/lib64/libbcc.so:system/lib64/libbcc.so:qcom \
vendor/qcom/marlin/proprietary/libion.so:system/lib/libion.so:qcom \
vendor/qcom/marlin/proprietary/libiperf.so:system/lib/libiperf.so:qcom \
- vendor/qcom/marlin/proprietary/lib64/libLLVM.so:system/lib64/libLLVM.so:qcom \
+ vendor/qcom/marlin/proprietary/lib64/libLLVM_android.so:system/lib64/libLLVM_android.so:qcom \
vendor/qcom/marlin/proprietary/libminui.so:system/lib/libminui.so:qcom \
vendor/qcom/marlin/proprietary/iperf3:system/xbin/iperf3:qcom \
vendor/qcom/marlin/proprietary/sanitizer-status:system/xbin/sanitizer-status:qcom \
diff --git a/self-extractors_sailfish/extract-lists.txt b/self-extractors_sailfish/extract-lists.txt
index c297181..b3fd437 100644
--- a/self-extractors_sailfish/extract-lists.txt
+++ b/self-extractors_sailfish/extract-lists.txt
@@ -11,17 +11,14 @@
system/etc/cne/Nexus/VZW/VZW_profiles.xml \
system/etc/permissions/com.android.ims.rcsmanager.xml \
system/framework/com.android.ims.rcsmanager.jar \
- system/lib64/libaptX_encoder.so \
- system/lib64/libaptXHD_encoder.so \
+ system/framework/qcrilhook.jar \
system/lib/libclcore_neon.bc \
system/lib64/libiperf.so \
system/lib64/libminui.so \
- system/lib/libaptX_encoder.so \
- system/lib/libaptXHD_encoder.so \
system/lib64/libbcc.so \
system/lib/libion.so \
system/lib/libiperf.so \
- system/lib64/libLLVM.so \
+ system/lib64/libLLVM_android.so \
system/lib/libminui.so \
system/xbin/iperf3 \
system/xbin/sanitizer-status \
diff --git a/self-extractors_sailfish/qcom/staging/device-partial.mk b/self-extractors_sailfish/qcom/staging/device-partial.mk
index 70d1b4e..8a54876 100644
--- a/self-extractors_sailfish/qcom/staging/device-partial.mk
+++ b/self-extractors_sailfish/qcom/staging/device-partial.mk
@@ -20,17 +20,14 @@
vendor/qcom/sailfish/proprietary/VZW_profiles.xml:system/etc/cne/Nexus/VZW/VZW_profiles.xml:qcom \
vendor/qcom/sailfish/proprietary/com.android.ims.rcsmanager.xml:system/etc/permissions/com.android.ims.rcsmanager.xml:qcom \
vendor/qcom/sailfish/proprietary/com.android.ims.rcsmanager.jar:system/framework/com.android.ims.rcsmanager.jar:qcom \
- vendor/qcom/sailfish/proprietary/lib64/libaptX_encoder.so:system/lib64/libaptX_encoder.so:qcom \
- vendor/qcom/sailfish/proprietary/lib64/libaptXHD_encoder.so:system/lib64/libaptXHD_encoder.so:qcom \
+ vendor/qcom/sailfish/proprietary/qcrilhook.jar:system/framework/qcrilhook.jar:qcom \
vendor/qcom/sailfish/proprietary/libclcore_neon.bc:system/lib/libclcore_neon.bc:qcom \
vendor/qcom/sailfish/proprietary/lib64/libiperf.so:system/lib64/libiperf.so:qcom \
vendor/qcom/sailfish/proprietary/lib64/libminui.so:system/lib64/libminui.so:qcom \
- vendor/qcom/sailfish/proprietary/libaptX_encoder.so:system/lib/libaptX_encoder.so:qcom \
- vendor/qcom/sailfish/proprietary/libaptXHD_encoder.so:system/lib/libaptXHD_encoder.so:qcom \
vendor/qcom/sailfish/proprietary/lib64/libbcc.so:system/lib64/libbcc.so:qcom \
vendor/qcom/sailfish/proprietary/libion.so:system/lib/libion.so:qcom \
vendor/qcom/sailfish/proprietary/libiperf.so:system/lib/libiperf.so:qcom \
- vendor/qcom/sailfish/proprietary/lib64/libLLVM.so:system/lib64/libLLVM.so:qcom \
+ vendor/qcom/sailfish/proprietary/lib64/libLLVM_android.so:system/lib64/libLLVM_android.so:qcom \
vendor/qcom/sailfish/proprietary/libminui.so:system/lib/libminui.so:qcom \
vendor/qcom/sailfish/proprietary/iperf3:system/xbin/iperf3:qcom \
vendor/qcom/sailfish/proprietary/sanitizer-status:system/xbin/sanitizer-status:qcom \
diff --git a/sepolicy/file_contexts b/sepolicy/file_contexts
index 423a0eb..87fc434 100644
--- a/sepolicy/file_contexts
+++ b/sepolicy/file_contexts
@@ -112,11 +112,12 @@
/vendor/bin/nanoapp_cmd u:object_r:nanoapp_cmd_exec:s0
# files in /vendor
-/vendor/bin/hw/android\.hardware\.drm@1\.0-service.widevine u:object_r:hal_drm_widevine_exec:s0
-/vendor/bin/hw/android\.hardware\.dumpstate@1\.0-service.marlin u:object_r:hal_dumpstate_impl_exec:s0
-/vendor/bin/hw/android\.hardware\.power@1\.1-service.marlin u:object_r:hal_power_default_exec:s0
-/vendor/bin/hw/android\.hardware\.usb@1\.1-service.marlin u:object_r:hal_usb_default_exec:s0
-/vendor/bin/hw/android\.hardware\.vibrator@1\.0-service.marlin u:object_r:hal_vibrator_default_exec:s0
+/vendor/bin/hw/android\.hardware\.drm@1\.0-service\.widevine u:object_r:hal_drm_widevine_exec:s0
+/vendor/bin/hw/android\.hardware\.drm@1\.1-service\.clearkey u:object_r:hal_drm_clearkey_exec:s0
+/vendor/bin/hw/android\.hardware\.dumpstate@1\.0-service\.marlin u:object_r:hal_dumpstate_impl_exec:s0
+/vendor/bin/hw/android\.hardware\.power@1\.1-service\.marlin u:object_r:hal_power_default_exec:s0
+/vendor/bin/hw/android\.hardware\.usb@1\.1-service\.marlin u:object_r:hal_usb_default_exec:s0
+/vendor/bin/hw/android\.hardware\.vibrator@1\.0-service\.marlin u:object_r:hal_vibrator_default_exec:s0
/vendor/bin/msm_irqbalance u:object_r:irqbalance_exec:s0
/vendor/bin/nanohub_slpi u:object_r:nanohub_slpi_exec:s0
/vendor/bin/perfd u:object_r:perfd_exec:s0
diff --git a/sepolicy/hal_audio_default.te b/sepolicy/hal_audio_default.te
index 477279a..f4e1f06 100644
--- a/sepolicy/hal_audio_default.te
+++ b/sepolicy/hal_audio_default.te
@@ -12,3 +12,5 @@
allow hal_audio_default audio_vendor_data_file:dir rw_dir_perms;
allow hal_audio_default audio_vendor_data_file:file create_file_perms;
+
+dontaudit hal_audio_default hal_power_hwservice:hwservice_manager find;
diff --git a/sepolicy/hal_drm_clearkey.te b/sepolicy/hal_drm_clearkey.te
new file mode 100644
index 0000000..976b9fa
--- /dev/null
+++ b/sepolicy/hal_drm_clearkey.te
@@ -0,0 +1,11 @@
+# policy for /vendor/bin/hw/android.hardware.drm@1.1-service.clearkey
+type hal_drm_clearkey, domain;
+type hal_drm_clearkey_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(hal_drm_clearkey)
+
+hal_server_domain(hal_drm_clearkey, hal_drm)
+
+vndbinder_use(hal_drm_clearkey);
+
+allow hal_drm_clearkey { appdomain -isolated_app }:fd use;
diff --git a/sepolicy/vendor_init.te b/sepolicy/vendor_init.te
index ec405df..554e792 100644
--- a/sepolicy/vendor_init.te
+++ b/sepolicy/vendor_init.te
@@ -37,3 +37,5 @@
allow vendor_init {
location_data_file
}:sock_file setattr;
+
+set_prop(vendor_init, thermal_prop)
diff --git a/vndk/Android.mk b/vndk/Android.mk
index d903b63..eb1e048 100644
--- a/vndk/Android.mk
+++ b/vndk/Android.mk
@@ -1,55 +1,64 @@
LOCAL_PATH := $(call my-dir)
+# b/69526027: This VNDK-SP install routine must be removed. Instead, we must
+# build vendor variants of the VNDK-SP modules.
+
ifndef BOARD_VNDK_VERSION
+# The libs with "vndk: {enabled: true, support_system_process: true}" will be
+# added VNDK_SP_LIBRARIES automatically. And the core variants of the VNDK-SP
+# libs will be copied to vndk-sp directory.
+# However, some of those libs need FWK-ONLY libs, which must be listed here
+# manually.
VNDK_SP_LIBRARIES := \
- android.hardware.renderscript@1.0\
- android.hardware.graphics.mapper@2.0\
- android.hardware.graphics.common@1.0\
- libhwbinder\
- libbase\
- libcutils\
- libhardware\
- libhidlbase\
- libhidltransport\
- libutils\
- libc++\
- libRS_internal\
- libRSDriver\
- libRSCpuRef\
- libbcinfo\
- libblas\
- libcompiler_rt\
- libbacktrace\
- libunwind\
- libunwindstack\
- liblzma\
- libutilscallstack\
+ libdexfile
-endif
+install_in_hw_dir := \
+ android.hidl.memory@1.0-impl
-define add-vndk-sp-lib
+define define-vndk-sp-lib
include $$(CLEAR_VARS)
-LOCAL_MODULE := $1.vndk-sp
+LOCAL_MODULE := $1.vndk-sp-gen
LOCAL_MODULE_CLASS := SHARED_LIBRARIES
-LOCAL_PREBUILT_MODULE_FILE := $$(TARGET_OUT)/lib/$1.so
+LOCAL_PREBUILT_MODULE_FILE := $$(call intermediates-dir-for,SHARED_LIBRARIES,$1,,,,)/$1.so
+LOCAL_STRIP_MODULE := false
+LOCAL_MULTILIB := first
+LOCAL_MODULE_TAGS := optional
+LOCAL_INSTALLED_MODULE_STEM := $1.so
+LOCAL_MODULE_SUFFIX := .so
+LOCAL_MODULE_RELATIVE_PATH := vndk-sp$(if $(filter $1,$(install_in_hw_dir)),/hw)
+include $$(BUILD_PREBUILT)
+
+ifneq ($$(TARGET_2ND_ARCH),)
+ifneq ($$(TARGET_TRANSLATE_2ND_ARCH),true)
+include $$(CLEAR_VARS)
+LOCAL_MODULE := $1.vndk-sp-gen
+LOCAL_MODULE_CLASS := SHARED_LIBRARIES
+LOCAL_PREBUILT_MODULE_FILE := $$(call intermediates-dir-for,SHARED_LIBRARIES,$1,,,$$(TARGET_2ND_ARCH_VAR_PREFIX),)/$1.so
+LOCAL_STRIP_MODULE := false
LOCAL_MULTILIB := 32
LOCAL_MODULE_TAGS := optional
LOCAL_INSTALLED_MODULE_STEM := $1.so
LOCAL_MODULE_SUFFIX := .so
-LOCAL_MODULE_RELATIVE_PATH := vndk-sp
+LOCAL_MODULE_RELATIVE_PATH := vndk-sp$(if $(filter $1,$(install_in_hw_dir)),/hw)
include $$(BUILD_PREBUILT)
-
-include $$(CLEAR_VARS)
-LOCAL_MODULE := $1.vndk-sp
-LOCAL_MODULE_CLASS := SHARED_LIBRARIES
-LOCAL_PREBUILT_MODULE_FILE := $$(TARGET_OUT)/lib64/$1.so
-LOCAL_MULTILIB := 64
-LOCAL_MODULE_TAGS := optional
-LOCAL_INSTALLED_MODULE_STEM := $1.so
-LOCAL_MODULE_SUFFIX := .so
-LOCAL_MODULE_RELATIVE_PATH := vndk-sp
-include $$(BUILD_PREBUILT)
+endif # TARGET_TRANSLATE_2ND_ARCH is not true
+endif # TARGET_2ND_ARCH is not empty
endef
+# Add VNDK-SP libs to the list if they are missing
+$(foreach lib,$(VNDK_SAMEPROCESS_LIBRARIES),\
+ $(if $(filter $(lib),$(VNDK_SP_LIBRARIES)),,\
+ $(eval VNDK_SP_LIBRARIES += $(lib))))
+
$(foreach lib,$(VNDK_SP_LIBRARIES),\
- $(eval $(call add-vndk-sp-lib,$(lib))))
+ $(eval $(call define-vndk-sp-lib,$(lib))))
+
+install_in_hw_dir :=
+
+include $(CLEAR_VARS)
+LOCAL_MODULE := vndk-sp
+LOCAL_MODULE_OWNER := google
+LOCAL_MODULE_TAGS := optional
+LOCAL_REQUIRED_MODULES := $(addsuffix .vndk-sp-gen,$(VNDK_SP_LIBRARIES))
+include $(BUILD_PHONY_PACKAGE)
+endif
