Snap for 8953554 from ca6b4d4a1ae67e9d488781c482e8873d4c316f94 to mainline-tzdata4-release Change-Id: I1885689c30280df402076fb4efbef522fd94cb54

commit: f8d6d5f0382fd7e1d1717f3f744cb17e17707964 [log] [tgz]
author: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Tue Aug 16 16:46:10 2022 +0000
committer: Android Build Coastguard Worker <android-build-coastguard-worker@google.com> Tue Aug 16 16:46:10 2022 +0000
tree: 7edb776037c6d6995dd618781ee4b518085ef588
parent: 1f527f4da55a9a2198c4102052b71e9b4da76cc0 [diff]
parent: ca6b4d4a1ae67e9d488781c482e8873d4c316f94 [diff]
diff --git a/connectivity_thermal_power_manager/connectivity_thermal_power_manager.te b/connectivity_thermal_power_manager/connectivity_thermal_power_manager.te
new file mode 100644
index 0000000..54b2e8c
--- /dev/null
+++ b/connectivity_thermal_power_manager/connectivity_thermal_power_manager.te

@@ -0,0 +1,15 @@
+# platform_apps cannot access PowerHAL, so we need to define our own domain.
+# Since we're defining and moving CTPM to its own domain, we need to assign
+# all of the previous permissions that we had as a platform_app
+
+type connectivity_thermal_power_manager, domain, coredomain, system_suspend_internal_server;
+
+app_domain(connectivity_thermal_power_manager)
+
+# register previous permissions we had as a platform_app
+allow connectivity_thermal_power_manager radio_service:service_manager find;
+allow connectivity_thermal_power_manager app_api_service:service_manager find;
+allow connectivity_thermal_power_manager system_api_service:service_manager find;
+
+# access power stats
+hal_client_domain(connectivity_thermal_power_manager, hal_power_stats);

diff --git a/connectivity_thermal_power_manager/seapp_contexts b/connectivity_thermal_power_manager/seapp_contexts
new file mode 100644
index 0000000..28b2e0c
--- /dev/null
+++ b/connectivity_thermal_power_manager/seapp_contexts

@@ -0,0 +1 @@
+user=_app seinfo=platform name=com.google.android.connectivitythermalpowermanager domain=connectivity_thermal_power_manager type=app_data_file levelFrom=all

diff --git a/logger_app/logger_app.te b/logger_app/logger_app.te
index 942daba..1ab7e68 100644
--- a/logger_app/logger_app.te
+++ b/logger_app/logger_app.te

@@ -11,4 +11,5 @@
   allow logger_app wifi_logging_data_file:dir create_dir_perms;
   allow logger_app wifi_logging_data_file:file create_file_perms;
   set_prop(logger_app, vendor_wlan_logging_prop)
+  set_prop(logger_app, vendor_wifi_perf_diag_prop)
 ')

diff --git a/wifi_perf_diag/property_contexts b/wifi_perf_diag/property_contexts
index 9ddc687..a737dba 100644
--- a/wifi_perf_diag/property_contexts
+++ b/wifi_perf_diag/property_contexts

@@ -1,4 +1,6 @@
 persist.vendor.wifi.perf_diag.period              u:object_r:vendor_wifi_perf_diag_prop:s0
 persist.vendor.wifi.perf_diag.file                u:object_r:vendor_wifi_perf_diag_prop:s0
 persist.vendor.wifi.perf_diag.netperf             u:object_r:vendor_wifi_perf_diag_prop:s0
+persist.vendor.wifi.perf_diag.pid                 u:object_r:vendor_wifi_perf_diag_prop:s0
+persist.vendor.wifi.perf_diag.mode                u:object_r:vendor_wifi_perf_diag_prop:s0
 vendor.wifi.perf_diag.start                       u:object_r:vendor_wifi_perf_diag_prop:s0

diff --git a/wifi_perf_diag/wifi_perf_diag.te b/wifi_perf_diag/wifi_perf_diag.te
index 32254cd..b1f1e68 100644
--- a/wifi_perf_diag/wifi_perf_diag.te
+++ b/wifi_perf_diag/wifi_perf_diag.te

@@ -7,23 +7,34 @@
 net_domain(wifi_perf_diag)
 
 #vendor
-allow wifi_perf_diag properties_device:dir r_dir_perms;
-allow wifi_perf_diag device:dir write;
-allow wifi_perf_diag vendor_file:file execute_no_trans;
-allow wifi_perf_diag vendor_toolbox_exec:file execute_no_trans;
+allow wifi_perf_diag wifi_logging_data_file:dir create_dir_perms;
+allow wifi_perf_diag wifi_logging_data_file:file create_file_perms;
 allow wifi_perf_diag vendor_shell_exec:file execute_no_trans;
-#system proc
-allow wifi_perf_diag proc_net:file r_file_perms;
-allow wifi_perf_diag proc_stat:file r_file_perms;
-allow wifi_perf_diag proc_interrupts:file r_file_perms;
-allow wifi_perf_diag proc_timer:file r_file_perms;
+allow wifi_perf_diag wifi_perf_diag_exec:file execute_no_trans;
+allow wifi_perf_diag self:capability net_admin;
 allow wifi_perf_diag self:udp_socket ioctl;
-allow wifi_perf_diag self:capability { net_admin net_raw };
+allowxperm wifi_perf_diag self:udp_socket ioctl { SIOCETHTOOL SIOCDEVPRIVATE };
+
+#factors
+allow wifi_perf_diag device:dir rw_dir_perms;
 allow wifi_perf_diag device:file rw_file_perms;
 allow wifi_perf_diag init:dir search;
 allow wifi_perf_diag init:file r_file_perms;
+allow wifi_perf_diag kernel:dir search;
 allow wifi_perf_diag kernel:file r_file_perms;
-#perfetto
-allow wifi_perf_diag traced_consumer_socket:sock_file write;
+allow wifi_perf_diag logd:dir search;
+allow wifi_perf_diag logd:file r_file_perms;
+allow wifi_perf_diag netd:dir search;
+allow wifi_perf_diag netd:file r_file_perms;
+allow wifi_perf_diag proc_interrupts:file r_file_perms;
+allow wifi_perf_diag proc_net:file r_file_perms;
+allow wifi_perf_diag proc_stat:file r_file_perms;
+allow wifi_perf_diag proc_timer:file r_file_perms;
+allow wifi_perf_diag properties_device:dir r_file_perms;
+allow wifi_perf_diag vendor_file:file execute_no_trans;
+allow wifi_perf_diag vendor_file:dir r_dir_perms;
+allow wifi_perf_diag vendor_toolbox_exec:file execute_no_trans;
+#property
 get_prop(wifi_perf_diag, vendor_wifi_perf_diag_prop)
+set_prop(wifi_perf_diag, vendor_wifi_perf_diag_prop)
 ')
commit	f8d6d5f0382fd7e1d1717f3f744cb17e17707964	[log] [tgz]
author	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	Tue Aug 16 16:46:10 2022 +0000
committer	Android Build Coastguard Worker <android-build-coastguard-worker@google.com>	Tue Aug 16 16:46:10 2022 +0000
tree	7edb776037c6d6995dd618781ee4b518085ef588
parent	1f527f4da55a9a2198c4102052b71e9b4da76cc0 [diff]
parent	ca6b4d4a1ae67e9d488781c482e8873d4c316f94 [diff]