DO NOT MERGE - Merge QQ1A.200105.003 into stage-aosp-master
Merged-In: I32e9d0ef0eb218f417d694ca9448c7b127fd897e
Change-Id: I44deee9cfe85d8603b7453b23db8c0515b63b7cf
diff --git a/Android.bp b/Android.bp
index c028497..7aedf81 100644
--- a/Android.bp
+++ b/Android.bp
@@ -1,5 +1,7 @@
soong_namespace {
imports: [
"hardware/google/pixel",
+ "hardware/qcom/bootctrl",
+ "hardware/qcom/msm8998",
],
}
diff --git a/BoardConfig.mk b/BoardConfig.mk
index 5687aba..34a761d 100644
--- a/BoardConfig.mk
+++ b/BoardConfig.mk
@@ -88,10 +88,10 @@
BOARD_ROOT_EXTRA_FOLDERS := persist firmware metadata
-BOARD_SEPOLICY_DIRS += device/google/wahoo/sepolicy/vendor
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/wahoo/sepolicy/vendor
BOARD_PLAT_PUBLIC_SEPOLICY_DIR := device/google/wahoo/sepolicy/public
BOARD_PLAT_PRIVATE_SEPOLICY_DIR := device/google/wahoo/sepolicy/private
-BOARD_SEPOLICY_DIRS += device/google/wahoo/sepolicy/verizon
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/wahoo/sepolicy/verizon
TARGET_FS_CONFIG_GEN := device/google/wahoo/config.fs
@@ -169,3 +169,12 @@
# Generate an APEX image for experiment b/119800099.
DEXPREOPT_GENERATE_APEX_IMAGE := true
+
+# Board uses A/B OTA.
+AB_OTA_UPDATER := true
+
+AB_OTA_PARTITIONS += \
+ boot \
+ system \
+ vbmeta \
+ dtbo
diff --git a/CleanSpec.mk b/CleanSpec.mk
index 4e86f77..7ef7ba0 100644
--- a/CleanSpec.mk
+++ b/CleanSpec.mk
@@ -82,6 +82,7 @@
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/permissions/android.hardware.nfc.xml)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/permissions/android.hardware.nfc.hce.xml)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/permissions/android.hardware.nfc.hcef.xml)
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/permissions/com.nxp.mifare.xml)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/permissions/android.hardware.vr.headtracking.xml)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/permissions/android.hardware.vr.high_performance.xml)
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/system/etc/permissions/android.hardware.vulkan.level.xml)
@@ -201,3 +202,6 @@
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/lib64/hw/android.hardware.graphics.mapper@2.0-impl.so)
# Rename power HAL
$(call add-clean-step, rm -rf $(PRODUCT_OUT)/vendor/etc/init/android.hardware.power@1.2-service.wahoo-libperfmgr.rc)
+
+# Remove obsolete android.hardware.boot@1.0-impl-wrapper.recovery.so
+$(call add-clean-step, rm -rf $(PRODUCT_OUT)/recovery/root/system/lib64/hw/android.hardware.boot@1.0-impl-wrapper.recovery.so)
diff --git a/bootctrl/Android.bp b/bootctrl/Android.bp
new file mode 100644
index 0000000..b420e87
--- /dev/null
+++ b/bootctrl/Android.bp
@@ -0,0 +1,21 @@
+//
+// Copyright (C) 2019 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+// http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+cc_library {
+ name: "bootctrl.msm8998",
+ defaults: ["bootctrl_hal_defaults"],
+ static_libs: ["libgptutils.msm8998"],
+}
diff --git a/device.mk b/device.mk
index 3f64ad4..31797b7 100755
--- a/device.mk
+++ b/device.mk
@@ -14,9 +14,6 @@
# limitations under the License.
#
-# Installs gsi keys into ramdisk, to boot a GSI with verified boot.
-$(call inherit-product, $(SRC_TARGET_DIR)/product/gsi_keys.mk)
-
# Enable updating of APEXes
$(call inherit-product, $(SRC_TARGET_DIR)/product/updatable_apex.mk)
@@ -38,7 +35,8 @@
PRODUCT_SOONG_NAMESPACES += \
device/google/wahoo \
vendor/google/camera \
- hardware/google/pixel
+ hardware/google/pixel \
+ hardware/qcom/msm8998
PRODUCT_COPY_FILES += \
device/google/wahoo/default-permissions.xml:$(TARGET_COPY_OUT_VENDOR)/etc/default-permissions/default-permissions.xml \
@@ -119,33 +117,18 @@
update_verifier
PRODUCT_PACKAGES += \
- bootctrl.msm8998
+ bootctrl.msm8998 \
+ bootctrl.msm8998.recovery
PRODUCT_PROPERTY_OVERRIDES += \
ro.cp_system_other_odex=1
-AB_OTA_UPDATER := true
-
-AB_OTA_PARTITIONS += \
- boot \
- system \
- vbmeta \
- dtbo
-
AB_OTA_POSTINSTALL_CONFIG += \
RUN_POSTINSTALL_system=true \
POSTINSTALL_PATH_system=system/bin/otapreopt_script \
FILESYSTEM_TYPE_system=ext4 \
POSTINSTALL_OPTIONAL_system=true
-# Enable update engine sideloading by including the static version of the
-# boot_control HAL and its dependencies.
-PRODUCT_STATIC_BOOT_CONTROL_HAL := \
- bootctrl.msm8998 \
- libgptutils \
- libz \
- libcutils
-
PRODUCT_PACKAGES += \
update_engine_sideload
@@ -194,6 +177,7 @@
frameworks/native/data/etc/android.hardware.nfc.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.nfc.xml \
frameworks/native/data/etc/android.hardware.nfc.hce.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.nfc.hce.xml \
frameworks/native/data/etc/android.hardware.nfc.hcef.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.nfc.hcef.xml \
+ frameworks/native/data/etc/com.nxp.mifare.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/com.nxp.mifare.xml \
frameworks/native/data/etc/android.hardware.vr.headtracking-0.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.vr.headtracking.xml \
frameworks/native/data/etc/android.hardware.vr.high_performance.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.vr.high_performance.xml \
frameworks/native/data/etc/android.hardware.vulkan.compute-0.xml:$(TARGET_COPY_OUT_VENDOR)/etc/permissions/android.hardware.vulkan.compute.xml \
@@ -448,6 +432,7 @@
# Boot control HAL
PRODUCT_PACKAGES += \
android.hardware.boot@1.0-impl:64 \
+ android.hardware.boot@1.0-impl.recovery:64 \
android.hardware.boot@1.0-service \
# Vibrator HAL
diff --git a/init.hardware.rc b/init.hardware.rc
index 48b91d5..8bca619 100644
--- a/init.hardware.rc
+++ b/init.hardware.rc
@@ -34,7 +34,7 @@
write /sys/class/typec/port0/port_type sink
write /sys/module/lpm_levels/parameters/sleep_disabled N
-service vendor.charger /charger
+service vendor.charger /system/bin/charger
class charger
seclabel u:r:charger:s0
@@ -302,9 +302,6 @@
chmod 0771 /persist
chown system system /persist/WCNSS_qcom_wlan_nv.bin
- # Create directory for hostapd
- mkdir /data/hostapd 0770 system wifi
-
# Trigger WLAN driver load
write /sys/kernel/boot_wlan/boot_wlan 1
diff --git a/overlay/frameworks/base/core/res/res/values/config.xml b/overlay/frameworks/base/core/res/res/values/config.xml
index 11112fd..3b05b17 100755
--- a/overlay/frameworks/base/core/res/res/values/config.xml
+++ b/overlay/frameworks/base/core/res/res/values/config.xml
@@ -264,12 +264,6 @@
backlight values -->
<bool name="config_displayBrightnessBucketsInDoze">true</bool>
- <!-- ImsService package name to bind to by default, if config_dynamic_bind_ims is true -->
- <string name="config_ims_package" translatable="false">org.codeaurora.ims</string>
-
- <!-- Flag specifying whether or not IMS will use the ImsResolver dynamically -->
- <bool name="config_dynamic_bind_ims">true</bool>
-
<!-- Specifies whether to decouple the auto-suspend state of the device from the display on/off state. -->
<bool name="config_powerDecoupleAutoSuspendModeFromDisplay">true</bool>
@@ -332,8 +326,8 @@
<item>"/system/framework/services.jar"</item>
<item>"/system/framework/arm64/boot.oat"</item>
<item>"/system/framework/arm64/boot-core-libart.oat"</item>
- <item>"/apex/com.android.runtime/javalib/core-oj.jar"</item>
- <item>"/apex/com.android.runtime/javalib/core-libart.jar"</item>
+ <item>"/apex/com.android.art/javalib/core-oj.jar"</item>
+ <item>"/apex/com.android.art/javalib/core-libart.jar"</item>
<item>"/apex/com.android.media/javalib/updatable-media.jar"</item>
</string-array>
@@ -346,8 +340,8 @@
<item>"/system/framework/services.jar"</item>
<item>"/system/framework/arm64/apex.oat"</item>
<item>"/system/framework/arm64/apex-core-libart.oat"</item>
- <item>"/apex/com.android.runtime/javalib/core-oj.jar"</item>
- <item>"/apex/com.android.runtime/javalib/core-libart.jar"</item>
+ <item>"/apex/com.android.art/javalib/core-oj.jar"</item>
+ <item>"/apex/com.android.art/javalib/core-libart.jar"</item>
<item>"/apex/com.android.media/javalib/updatable-media.jar"</item>
</string-array>
diff --git a/overlay/packages/services/Telephony/res/values/config.xml b/overlay/packages/services/Telephony/res/values/config.xml
index 297ef38..fdf5efc 100644
--- a/overlay/packages/services/Telephony/res/values/config.xml
+++ b/overlay/packages/services/Telephony/res/values/config.xml
@@ -26,4 +26,10 @@
This is used to support carriers which generate a recording tone to the remote party
when a call recording app is in use. -->
<bool name="config_support_telephony_audio_device">true</bool>
+
+ <!-- String indicating the package name of the device ImsService implementation for MMTEL. -->
+ <string name="config_ims_mmtel_package">org.codeaurora.ims</string>
+
+ <!-- String indicating the package name of the device ImsService implementation for RCS. -->
+ <string name="config_ims_rcs_package">com.android.service.ims</string>
</resources>
diff --git a/sepolicy/OWNERS b/sepolicy/OWNERS
index c2705c9..e9baa1e 100644
--- a/sepolicy/OWNERS
+++ b/sepolicy/OWNERS
@@ -4,7 +4,9 @@
jbires@google.com
jeffv@google.com
jgalenson@google.com
+jiyong@google.com
nnk@google.com
+smoreland@google.com
sspatil@google.com
tomcherry@google.com
trong@google.com
diff --git a/sepolicy/private/radio.te b/sepolicy/private/radio.te
index d187ca8..7986425 100644
--- a/sepolicy/private/radio.te
+++ b/sepolicy/private/radio.te
@@ -1,2 +1 @@
-allow radio uce_service:service_manager find;
add_service(radio, qchook_service)
diff --git a/sepolicy/private/service.te b/sepolicy/private/service.te
index e5abcaa..43044dc 100644
--- a/sepolicy/private/service.te
+++ b/sepolicy/private/service.te
@@ -1,3 +1,2 @@
type cne_service, service_manager_type;
-type uce_service, service_manager_type;
type qchook_service, service_manager_type;
diff --git a/sepolicy/private/service_contexts b/sepolicy/private/service_contexts
index 62f7248..d27bf4d 100644
--- a/sepolicy/private/service_contexts
+++ b/sepolicy/private/service_contexts
@@ -1,4 +1,3 @@
qti.ims.ext u:object_r:radio_service:s0
cneservice u:object_r:cne_service:s0
-uce u:object_r:uce_service:s0
qchook u:object_r:qchook_service:s0
diff --git a/sepolicy/vendor/bug_map b/sepolicy/vendor/bug_map
index 151eeab..6c304cf 100644
--- a/sepolicy/vendor/bug_map
+++ b/sepolicy/vendor/bug_map
@@ -1,30 +1,32 @@
-bootanim vendor_default_prop file 79617173
-drmserver app_data_file dir 77869200
-drmserver sdcardfs dir 77869200
-hal_audio_default default_prop file 77926553
-hal_audio_default priv_app fd 77926553
-hal_bluetooth_default ramdump_vendor_data_file dir 124682886
-hal_camera_default camera_vendor_data_file dir 77865891
-hal_camera_default debugfs dir 77865891
-hal_camera_default radio_prop file 77865891
-hal_health_default persist_file file 127303305
-hal_nfc_default default_prop file 119670542
-init_power init_power capability 77915310
-installd media_rw_data_file file 77926261
-netutils_wrapper oemfs dir 77871509
-netutils_wrapper sysfs_timestamp_switch file 77871509
-netutils_wrapper tmpfs dir 77871509
-netutils_wrapper vendor_app_file dir 77871509
-netutils_wrapper vendor_framework_file dir 77871509
-nfc vendor_default_prop file 79617173
-priv_app vendor_default_prop file 79617173
-platform_app vendor_default_prop file 79617173
-radio vendor_default_prop file 77915129
-ramdump metadata_file dir 130250133
-surfaceflinger vendor_default_prop file 79617173
-system_app vendor_default_prop file 79617173
-system_server metadata_file dir 127946548
-system_server metadata_file file 127946548
-system_server sysfs dir 124364409
-system_server vendor_default_prop file 79617173
-untrusted_app vendor_default_prop file 79617173
+bootanim vendor_default_prop file b/79617173
+drmserver app_data_file dir b/77869200
+drmserver sdcardfs dir b/77869200
+hal_audio_default default_prop file b/77926553
+hal_audio_default priv_app fd b/77926553
+hal_bluetooth_default ramdump_vendor_data_file dir b/124682886
+hal_camera_default camera_vendor_data_file dir b/77865891
+hal_camera_default debugfs dir b/77865891
+hal_camera_default radio_prop file b/77865891
+hal_health_default persist_file file b/127303305
+hal_nfc_default default_prop file b/119670542
+init_power init_power capability b/77915310
+installd media_rw_data_file file b/77926261
+netutils_wrapper oemfs dir b/77871509
+netutils_wrapper sysfs_timestamp_switch file b/77871509
+netutils_wrapper tmpfs dir b/77871509
+netutils_wrapper vendor_app_file dir b/77871509
+netutils_wrapper vendor_framework_file dir b/77871509
+nfc vendor_default_prop file b/79617173
+priv_app vendor_default_prop file b/79617173
+platform_app vendor_default_prop file b/79617173
+radio vendor_default_prop file b/77915129
+ramdump metadata_file dir b/130250133
+surfaceflinger vendor_default_prop file b/79617173
+system_app vendor_default_prop file b/79617173
+system_server metadata_file dir b/127946548
+system_server metadata_file file b/127946548
+system_server sysfs dir b/124364409
+system_server vendor_default_prop file b/79617173
+untrusted_app vendor_default_prop file b/79617173
+vold_prepare_subdirs unlabeled file b/131096543
+webview_zygote app_data_file dir b/131636647
diff --git a/sepolicy/vendor/file_contexts b/sepolicy/vendor/file_contexts
index b66f65a..1793943 100644
--- a/sepolicy/vendor/file_contexts
+++ b/sepolicy/vendor/file_contexts
@@ -178,6 +178,7 @@
/vendor/etc/init\.insmod\.cfg u:object_r:init-insmod-sh_exec:s0
/vendor/bin/init\.power\.sh u:object_r:init_power_exec:s0
/vendor/bin/init\.radio\.sh u:object_r:init_radio_exec:s0
+/vendor/bin/thermal_logd u:object_r:init-thermal-logging-sh_exec:s0
/vendor/bin/ramoops u:object_r:ramoops_exec:s0
/vendor/bin/init\.ramoops\.sh u:object_r:ramoops_exec:s0
/vendor/bin/init\.fingerprint\.sh u:object_r:init-fingerprint_exec:s0
@@ -242,9 +243,6 @@
/vendor/lib/rfsa/adsp/libdspCV_skel\.so u:object_r:same_process_hal_file:s0
/vendor/lib/rfsa/adsp/libapps_mem_heap\.so u:object_r:same_process_hal_file:s0
-# thermal sysfs files
-/sys/class/thermal(/.*)? u:object_r:sysfs_thermal:s0
-
# data files
/data/vendor/netmgr(/.*)? u:object_r:netmgr_data_file:s0
/data/vendor/location(/.*)? u:object_r:location_data_file:s0
diff --git a/sepolicy/vendor/genfs_contexts b/sepolicy/vendor/genfs_contexts
index 46b5aff..300db86 100644
--- a/sepolicy/vendor/genfs_contexts
+++ b/sepolicy/vendor/genfs_contexts
@@ -46,6 +46,7 @@
genfscon sysfs /devices/soc/cce0000.qcom,venus u:object_r:sysfs_msm_subsys:s0
genfscon sysfs /devices/soc/0.qcom,rmtfs_sharedmem u:object_r:sysfs_rmtfs:s0
genfscon sysfs /devices/soc/soc:fp_fpc1020 u:object_r:sysfs_fingerprint:s0
+genfscon sysfs /class/thermal u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/virtual/thermal u:object_r:sysfs_thermal:s0
genfscon sysfs /devices/virtual/wahoo_laser u:object_r:sysfs_laser:s0
genfscon sysfs /module/msm_thermal u:object_r:sysfs_thermal:s0
diff --git a/sepolicy/vendor/google_camera_app.te b/sepolicy/vendor/google_camera_app.te
index 15146ba..25b0528 100644
--- a/sepolicy/vendor/google_camera_app.te
+++ b/sepolicy/vendor/google_camera_app.te
@@ -8,7 +8,6 @@
allow google_camera_app audioserver_service:service_manager find;
allow google_camera_app cameraserver_service:service_manager find;
allow google_camera_app drmserver_service:service_manager find;
-allow google_camera_app mediacodec_service:service_manager find;
allow google_camera_app mediaextractor_service:service_manager find;
allow google_camera_app mediaserver_service:service_manager find;
allow google_camera_app mediametrics_service:service_manager find;
diff --git a/sepolicy/vendor/hal_camera.te b/sepolicy/vendor/hal_camera.te
index 2d326c8..7fd55aa 100644
--- a/sepolicy/vendor/hal_camera.te
+++ b/sepolicy/vendor/hal_camera.te
@@ -7,7 +7,6 @@
allow hal_camera input_device:chr_file r_file_perms;
set_prop(hal_camera, camera_prop)
-get_prop(hal_camera, vendor_ro_camera_prop)
#allow hal_camera sysfs_enable_ps_sensor:file w_file_perms;
r_dir_file(hal_camera, sysfs_type)
diff --git a/sepolicy/vendor/hal_drm_clearkey.te b/sepolicy/vendor/hal_drm_clearkey.te
index 1a3b4af..6d4a815 100644
--- a/sepolicy/vendor/hal_drm_clearkey.te
+++ b/sepolicy/vendor/hal_drm_clearkey.te
@@ -7,5 +7,3 @@
hal_server_domain(hal_drm_clearkey, hal_drm)
vndbinder_use(hal_drm_clearkey);
-
-allow hal_drm_clearkey { appdomain -isolated_app }:fd use;
diff --git a/sepolicy/vendor/hal_drm_widevine.te b/sepolicy/vendor/hal_drm_widevine.te
index b6c8818..bfa6a6b 100644
--- a/sepolicy/vendor/hal_drm_widevine.te
+++ b/sepolicy/vendor/hal_drm_widevine.te
@@ -8,7 +8,6 @@
vndbinder_use(hal_drm_widevine);
allow hal_drm_widevine mediacodec:fd use;
-allow hal_drm_widevine { appdomain -isolated_app }:fd use;
# The Qualcomm DRM-HAL implementation uses a vendor-binder service provided
# by the HWC HAL.
diff --git a/sepolicy/vendor/hal_nfc_default.te b/sepolicy/vendor/hal_nfc_default.te
index 7ecc5dd..f75187b 100644
--- a/sepolicy/vendor/hal_nfc_default.te
+++ b/sepolicy/vendor/hal_nfc_default.te
@@ -3,5 +3,5 @@
allow hal_nfc_default nfc_vendor_data_file:file create_file_perms;
dontaudit hal_nfc_default nxpese_hwservice:hwservice_manager find;
-dontaudit hal_nfc_default nxpnfc_hwservice:hwservice_manager add;
+dontaudit hal_nfc_default nxpnfc_hwservice:hwservice_manager { find add };
dontaudit hal_nfc_default vendor_nfc_prop:file read;
diff --git a/sepolicy/vendor/init-thermal-logging.sh.te b/sepolicy/vendor/init-thermal-logging.sh.te
new file mode 100644
index 0000000..3da540e
--- /dev/null
+++ b/sepolicy/vendor/init-thermal-logging.sh.te
@@ -0,0 +1,10 @@
+type init-thermal-logging-sh, domain;
+type init-thermal-logging-sh_exec, exec_type, vendor_file_type, file_type;
+
+init_daemon_domain(init-thermal-logging-sh)
+
+userdebug_or_eng(`
+ allow init-thermal-logging-sh vendor_toolbox_exec:file rx_file_perms;
+ allow init-thermal-logging-sh sysfs_thermal:dir r_dir_perms;
+ allow init-thermal-logging-sh sysfs_thermal:file r_file_perms;
+')
diff --git a/sepolicy/vendor/init.te b/sepolicy/vendor/init.te
index 0ecbfe5..5aaeee7 100644
--- a/sepolicy/vendor/init.te
+++ b/sepolicy/vendor/init.te
@@ -1,5 +1,3 @@
-# symlink /sdcard to backing block
-allow init tmpfs:lnk_file create;
allow init configfs:lnk_file create;
allow init firmware_file:dir mounton;
diff --git a/sepolicy/vendor/property.te b/sepolicy/vendor/property.te
index 881afb9..f6628b0 100644
--- a/sepolicy/vendor/property.te
+++ b/sepolicy/vendor/property.te
@@ -1,5 +1,4 @@
type camera_prop, property_type;
-type vendor_ro_camera_prop, property_type;
type cnd_prop, property_type;
type ims_prop, property_type;
type keymaster_prop, property_type;
diff --git a/sepolicy/vendor/property_contexts b/sepolicy/vendor/property_contexts
index 49135b0..4e1447b 100644
--- a/sepolicy/vendor/property_contexts
+++ b/sepolicy/vendor/property_contexts
@@ -1,6 +1,5 @@
persist.camera. u:object_r:camera_prop:s0
-ro.camera.req.fmq.size u:object_r:vendor_ro_camera_prop:s0
-ro.camera.res.fmq.size u:object_r:vendor_ro_camera_prop:s0
+ro.camera. u:object_r:camera_prop:s0
htc.camera. u:object_r:camera_prop:s0
persist.vendor.sys.cnd u:object_r:cnd_prop:s0
persist.sys.cnd u:object_r:cnd_prop:s0
diff --git a/sepolicy/vendor/radio.te b/sepolicy/vendor/radio.te
index 30a7838..67da70f 100644
--- a/sepolicy/vendor/radio.te
+++ b/sepolicy/vendor/radio.te
@@ -15,7 +15,6 @@
allow radio {
mediaextractor_service
- mediacodec_service
}:service_manager find;
r_dir_file(radio, sysfs_msm_subsys)
diff --git a/sepolicy/vendor/tee.te b/sepolicy/vendor/tee.te
index 98ae143..c75e4b3 100644
--- a/sepolicy/vendor/tee.te
+++ b/sepolicy/vendor/tee.te
@@ -19,7 +19,7 @@
# TODO(b/36644492): Remove data_between_core_and_vendor_violators once
# tee no longer directly accesses /data owned by the frameworks.
typeattribute tee data_between_core_and_vendor_violators;
-allow tee system_data_file:dir r_dir_perms;
+allow tee { system_data_file system_data_root_file }:dir r_dir_perms;
allow tee fingerprintd_data_file:dir rw_dir_perms;
allow tee fingerprintd_data_file:file create_file_perms;
diff --git a/sepolicy/vendor/vendor_init.te b/sepolicy/vendor/vendor_init.te
index 0953dcb..fd78611 100644
--- a/sepolicy/vendor/vendor_init.te
+++ b/sepolicy/vendor/vendor_init.te
@@ -36,3 +36,8 @@
# Write to touch vrmode node
allow vendor_init sysfs_touch:file w_file_perms;
+
+# Allow vendor_init to set property of logpersistd_logging_prop
+userdebug_or_eng(`
+ set_prop(vendor_init, logpersistd_logging_prop)
+')