Merge "Allow boot color propagation" into sc-qpr1-dev am: 555ab5abc9 Original change: https://googleplex-android-review.googlesource.com/c/device/google/redbull-sepolicy/+/15590644 Change-Id: I2f4638385d1d973d9adbce37d4d212a6a71e4d3d

commit: c789860882eb8a53bf861dc24d8d9cc9feee5876 [log] [tgz]
author: TreeHugger Robot <treehugger-gerrit@google.com> Thu Aug 19 23:12:38 2021 +0000
committer: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com> Thu Aug 19 23:12:38 2021 +0000
tree: 241e6eae94ceeed8c19ed456313aea6317245a48
parent: d618d84d0ff8196451edce137dc5c186ddbb4268 [diff]
parent: 555ab5abc943a1db1660dd721241dbe34ad47808 [diff]
diff --git a/PREUPLOAD.cfg b/PREUPLOAD.cfg
new file mode 100644
index 0000000..6544d62
--- /dev/null
+++ b/PREUPLOAD.cfg

@@ -0,0 +1,2 @@
+[Hook Scripts]
+aosp_hook = ${REPO_ROOT}/frameworks/base/tools/aosp/aosp_sha.sh ${PREUPLOAD_COMMIT} "."

diff --git a/private/compat/31.0/31.0.cil b/private/compat/31.0/31.0.cil
new file mode 100644
index 0000000..1c8f763
--- /dev/null
+++ b/private/compat/31.0/31.0.cil

@@ -0,0 +1,7 @@
+(typeattributeset dataservice_app_31_0 (dataservice_app))
+(expandtypeattribute (dataservice_app_31_0) true)
+(typeattribute dataservice_app_31_0)
+(typeattributeset google_camera_app_31_0 (google_camera_app))
+(expandtypeattribute (google_camera_app_31_0) true)
+(typeattribute google_camera_app_31_0)
+

diff --git a/private/dumpstate.te b/private/dumpstate.te
index 79a3f74..a5522fd 100644
--- a/private/dumpstate.te
+++ b/private/dumpstate.te

@@ -1,3 +1,2 @@
-# b/193084798
-dontaudit dumpstate incident:process signal;
-dontaudit dumpstate incident:process sigkill;
+# b/192197221
+dontaudit dumpstate artd:binder call;

diff --git a/private/incidentd.te b/private/incidentd.te
deleted file mode 100644
index c951dbc..0000000
--- a/private/incidentd.te
+++ /dev/null

@@ -1,2 +0,0 @@
-# b/193084909
-dontaudit incidentd odsign_prop:file read;

diff --git a/private/toolbox.te b/private/toolbox.te
new file mode 100644
index 0000000..e2676e9
--- /dev/null
+++ b/private/toolbox.te

@@ -0,0 +1,6 @@
+# b/192506182
+dontaudit toolbox toolbox:capability dac_read_search ;
+dontaudit toolbox toolbox:capability dac_override ;
+dontaudit toolbox virtualizationservice_data_file:dir setattr;
+# b/192985881
+dontaudit toolbox toolbox:capability fowner;

diff --git a/tracking_denials/cnd.te b/tracking_denials/cnd.te
deleted file mode 100644
index 2678670..0000000
--- a/tracking_denials/cnd.te
+++ /dev/null

@@ -1,2 +0,0 @@
-# b/174535021
-dontaudit cnd wifi_hal_prop:file read;

diff --git a/tracking_denials/init-insmod-sh.te b/tracking_denials/init-insmod-sh.te
deleted file mode 100644
index dc9dbc4..0000000
--- a/tracking_denials/init-insmod-sh.te
+++ /dev/null

@@ -1,2 +0,0 @@
-# b/184697586
-dontaudit init-insmod-sh debugfs_bootreceiver_tracing:dir search;

diff --git a/tracking_denials/platform_app.te b/tracking_denials/platform_app.te
index 32ac3eb..d3f4522 100644
--- a/tracking_denials/platform_app.te
+++ b/tracking_denials/platform_app.te

@@ -1,2 +1,2 @@
-# b/152624986
-dontaudit platform_app default_android_hwservice:hwservice_manager find;
+# b/194892738
+dontaudit platform_app hal_power_stats_hwservice:hwservice_manager find;

diff --git a/vendor/google/device.te b/vendor/google/device.te
index 3a88966..21282a1 100644
--- a/vendor/google/device.te
+++ b/vendor/google/device.te

@@ -1,6 +1,6 @@
 type ramoops_device, dev_type;
 type rls_device, dev_type;
-type dp_block_device, dev_type;
+type dp_block_device, dev_type, bdev_type;
 type qg_device, dev_type;
 type logbuffer_device, dev_type;
 type smcinvoke_device, dev_type;

diff --git a/vendor/google/dumpstate.te b/vendor/google/dumpstate.te
index 5839064..12a6a43 100644
--- a/vendor/google/dumpstate.te
+++ b/vendor/google/dumpstate.te

@@ -3,6 +3,7 @@
 
 userdebug_or_eng(`
   allow dumpstate debugfs_dma_buf:file r_file_perms;
+  allow dumpstate media_rw_data_file:file append;
 ')
 
 # For collecting bugreports.

diff --git a/vendor/google/file_contexts b/vendor/google/file_contexts
index 00ca053..9f50ce8 100644
--- a/vendor/google/file_contexts
+++ b/vendor/google/file_contexts

@@ -46,6 +46,8 @@
 /vendor/bin/init\.twoshay\.sh                                                         u:object_r:init_twoshay_exec:s0
 /vendor/bin/init\.insmod\.sh                                                          u:object_r:init-insmod-sh_exec:s0
 /vendor/bin/twoshay                                                                   u:object_r:twoshay_exec:s0
+/vendor/bin/hw/android\.hardware\.contexthub@1\.[0-9]-service\.generic                u:object_r:hal_contexthub_default_exec:s0
+/vendor/bin/hw/vendor\.google\.wireless_charger@1\.[0-9]-service-vendor               u:object_r:hal_wlc_exec:s0
 
 # Vendor firmware
 /vendor/firmware_mnt(/.*)?                                                            u:object_r:firmware_file:s0

diff --git a/vendor/google/logger_app.te b/vendor/google/logger_app.te
index 41130f9..caa22f3 100644
--- a/vendor/google/logger_app.te
+++ b/vendor/google/logger_app.te

@@ -19,4 +19,5 @@
   set_prop(logger_app, vendor_wifi_sniffer_prop)
   set_prop(logger_app, vendor_usb_prop)
   set_prop(logger_app, vendor_logging_prop)
+  set_prop(logger_app, vendor_logger_prop)
 ')

diff --git a/vendor/google/pixelstats_vendor.te b/vendor/google/pixelstats_vendor.te
index be58c2f..bb4a9d4 100644
--- a/vendor/google/pixelstats_vendor.te
+++ b/vendor/google/pixelstats_vendor.te

@@ -1,3 +1,4 @@
 allow pixelstats_vendor sysfs_typec_info:dir search;
 allow pixelstats_vendor sysfs_typec_info:file r_file_perms;
 allow pixelstats_vendor battery_history_device:chr_file r_file_perms;
+allow pixelstats_vendor fwk_stats_hwservice:hwservice_manager find;

diff --git a/vendor/google/property.te b/vendor/google/property.te
index 2755504..5dea67a 100644
--- a/vendor/google/property.te
+++ b/vendor/google/property.te

@@ -17,3 +17,6 @@
 vendor_restricted_prop(vendor_camera_ro_prop)
 
 vendor_public_prop(vendor_hw_plat_prop)
+
+# Logger
+vendor_internal_prop(vendor_logger_prop)

diff --git a/vendor/google/property_contexts b/vendor/google/property_contexts
index 1c13ea1..119d982 100644
--- a/vendor/google/property_contexts
+++ b/vendor/google/property_contexts

@@ -76,3 +76,7 @@
 
 vendor.all.modules.ready                        u:object_r:vendor_device_prop:s0
 vendor.all.devices.ready                        u:object_r:vendor_device_prop:s0
+
+# Logger app
+vendor.pixellogger.                             u:object_r:vendor_logger_prop:s0
+persist.vendor.pixellogger.                     u:object_r:vendor_logger_prop:s0

diff --git a/vendor/qcom/common/device.te b/vendor/qcom/common/device.te
index db7a09c..43a7063 100644
--- a/vendor/qcom/common/device.te
+++ b/vendor/qcom/common/device.te

@@ -3,15 +3,15 @@
 type qdsp_device, dev_type, mlstrustedobject;
 type fm_radio_device, dev_type;
 type sg_device, dev_type;
-type ssd_block_device, dev_type;
+type ssd_block_device, dev_type, bdev_type;
 type ramdump_device, dev_type;
 type ipa_dev, dev_type;
 type modem_ssr_device, dev_type;
 type qce_device, dev_type;
 type at_device, dev_type;
 type wlan_device, dev_type;
-type custom_ab_block_device, dev_type;
-type xbl_block_device, dev_type;
-type gpt_block_device, dev_type;
-type modem_block_device, dev_type;
-type persist_block_device, dev_type;
+type custom_ab_block_device, dev_type, bdev_type;
+type xbl_block_device, dev_type, bdev_type;
+type gpt_block_device, dev_type, bdev_type;
+type modem_block_device, dev_type, bdev_type;
+type persist_block_device, dev_type, bdev_type;

diff --git a/vendor/qcom/common/file.te b/vendor/qcom/common/file.te
index 1573c2d..1cfad85 100644
--- a/vendor/qcom/common/file.te
+++ b/vendor/qcom/common/file.te

@@ -51,7 +51,7 @@
 type mpss_rfs_data_file, data_file_type, file_type;
 type rfs_tombstone_data_file, data_file_type, file_type;
 type sysfs_msm_wlan, sysfs_type, fs_type;
-type sysfs_scsi_devices_0000, sysfs_type, fs_type;
+type sysfs_scsi_devices_0000, sysfs_type, fs_type, sysfs_block_type;
 type debugfs_sched_features, debugfs_type, fs_type;
 type debugfs_wlan, debugfs_type, fs_type;
 type debugfs_ipc, debugfs_type, fs_type;

diff --git a/vendor/qcom/common/hwservice_contexts b/vendor/qcom/common/hwservice_contexts
index 8fb2887..053545a 100644
--- a/vendor/qcom/common/hwservice_contexts
+++ b/vendor/qcom/common/hwservice_contexts

@@ -34,3 +34,5 @@
 vendor.qti.hardware.slmadapter::ISlmAdapter                             u:object_r:hal_slmadapter_hwservice:s0
 vendor.qti.hardware.dsp::IDspService                                    u:object_r:hal_dspmanager_hwservice:s0
 vendor.qti.hardware.mwqemadapter::IMwqemAdapter                         u:object_r:hal_mwqemadapter_hwservice:s0
+vendor.qti.hardware.bluetooth_sar::IBluetoothSar                        u:object_r:hal_bluetooth_coexistence_hwservice:s0
+vendor.qti.hardware.bt_channel_avoidance::IBTChannelAvoidance           u:object_r:hal_bluetooth_coexistence_hwservice:s0

diff --git a/vendor/qcom/common/qspmhal.te b/vendor/qcom/common/qspmhal.te
index 4f1aae6..5f2724b 100644
--- a/vendor/qcom/common/qspmhal.te
+++ b/vendor/qcom/common/qspmhal.te

@@ -25,6 +25,4 @@
 # It's not necessary to use the google camera app.
 dontaudit google_camera_app hal_qspmhal_hwservice:hwservice_manager find;
 
-dontaudit untrusted_app_29 hal_qspmhal_hwservice:hwservice_manager find;
-dontaudit untrusted_app_27 hal_qspmhal_hwservice:hwservice_manager find;
-dontaudit untrusted_app_25 hal_qspmhal_hwservice:hwservice_manager find;
+dontaudit untrusted_app_all hal_qspmhal_hwservice:hwservice_manager find;
commit	c789860882eb8a53bf861dc24d8d9cc9feee5876	[log] [tgz]
author	TreeHugger Robot <treehugger-gerrit@google.com>	Thu Aug 19 23:12:38 2021 +0000
committer	Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>	Thu Aug 19 23:12:38 2021 +0000
tree	241e6eae94ceeed8c19ed456313aea6317245a48
parent	d618d84d0ff8196451edce137dc5c186ddbb4268 [diff]
parent	555ab5abc943a1db1660dd721241dbe34ad47808 [diff]