Snap for 11919022 from 85ff832530 to mainline-tzdata6-release

Change-Id: I931fa0e3500b9e5d9cdf23dedad04273c22ddfb6

MK_OWNERS

@@ -0,0 +1,20 @@
+# NOTE: CHANGE THIS FILE WITH CAUTIOUS
+# - this file is referenced by other OWNERS file, e.g. device/google/*/OWNERS
+# - changing this file might break the function, check go/gerrit-code-owners-syntax first
+#
+# Makefile Review Guide for OWNERS: go/pixel-device-mk-owner-checklist
+
+aaronding@google.com
+rurumihong@google.com
+adamshih@google.com
+wilsonsung@google.com
+cyanhsieh@google.com
+cyuanjen@google.com
+robinpeng@google.com
+achant@google.com
+etam@google.com
+pattjin@google.com
+bkhalife@google.com
+lokeshgoel@google.com
+jainne@google.com
+pscovanner@google.com

OWNERS

@@ -2,5 +2,4 @@
 per-file *.te,*_contexts,te_macros,global_macros=set noparent
 per-file *.te,*_contexts,te_macros,global_macros=file:/sepolicy/OWNERS
 per-file *.mk=set noparent
-per-file *.mk=aaronding@google.com,rurumihong@google.com,adamshih@google.com,wilsonsung@google.com,cyanhsieh@google.com,cyuanjen@google.com,robinpeng@google.com,achant@google.com,etam@google.com,pattjin@google.com,bkhalife@google.com,lokeshgoel@google.com,jainne@google.com,pscovanner@google.com
-
+per-file *.mk=file:MK_OWNERS

aoc/sepolicy/file_contexts

@@ -28,7 +28,12 @@
 /dev/acd-audio_ap_offload_tx        u:object_r:aoc_device:s0
 /dev/acd-mel_processor              u:object_r:aoc_device:s0
 /dev/acd-aocx_control               u:object_r:aoc_device:s0
+/dev/acd-aocx_inject[0-9]*          u:object_r:aoc_device:s0
+/dev/acd-aocx_tapout[0-9]*          u:object_r:aoc_device:s0
 /dev/acd-mc_headpos                 u:object_r:aoc_device:s0
+/dev/acd-chre_bt_offload_ctl        u:object_r:aoc_device:s0
+/dev/acd-chre_bt_offload_data_tx    u:object_r:aoc_device:s0
+/dev/acd-chre_bt_offload_data_rx    u:object_r:aoc_device:s0
 
 # AoC vendor binaries
 /vendor/bin/aocd                    u:object_r:aocd_exec:s0

audio/aidl.mk

@@ -6,9 +6,6 @@ PRODUCT_PACKAGES += \
     android.hardware.audio.service-aidl.aoc \
     vendor.google.whitechapel.audio.hal.parserservice \
 
-# AIDL software effects. These are the effects supporting in all projects.
-# For the project-specific effects, such as haptic generator, please add them
-# to makefile in the project's device folder.
 PRODUCT_PACKAGES += \
     libvisualizeraidl \
     libbundleaidl \
@@ -16,6 +13,7 @@ PRODUCT_PACKAGES += \
     libdynamicsprocessingaidl \
     libloudnessenhanceraidl \
     libdownmixaidl \
+    libhapticgeneratoraidl \
 
 BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/audio/sepolicy/aidl
 BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/audio/sepolicy/hdmi_audio

audio/aidl/device_framework_matrix_product.xml

@@ -9,7 +9,7 @@
     </hal>
     <hal format="aidl">
         <name>vendor.google.whitechapel.audio.extension</name>
-        <version>1</version>
+        <version>2</version>
         <interface>
             <name>IAudioExtension</name>
             <instance>default</instance>

audio/sepolicy/common/property.te

@@ -1,2 +1,5 @@
 # Audio
 vendor_internal_prop(vendor_audio_prop)
+
+# The property for Audio App
+vendor_restricted_prop(vendor_audio_prop_restricted)

audio/sepolicy/common/property_contexts

@@ -9,3 +9,6 @@ vendor.audiodump.encode.disable                 u:object_r:vendor_audio_prop:s0
 vendor.audiodump.log.cca.updated                u:object_r:vendor_audio_prop:s0
 vendor.audiodump.cca.config                     u:object_r:vendor_audio_prop:s0
 vendor.audio_hal.aidl.enable                    u:object_r:vendor_audio_prop:s0
+
+# for audio app
+persist.vendor.app.audio.                       u:object_r:vendor_audio_prop_restricted:s0

audio/sepolicy/common/vendor_init.te

@@ -1,2 +1,5 @@
 # Audio property
 set_prop(vendor_init, vendor_audio_prop)
+
+# Audio App property
+set_prop(vendor_init, vendor_audio_prop_restricted)

battery_mitigation/sepolicy/vendor/battery_mitigation.te

@@ -24,6 +24,8 @@ allow battery_mitigation sysfs_bcl:lnk_file r_file_perms;
 allow battery_mitigation sysfs_thermal:lnk_file r_file_perms;
 allow battery_mitigation mitigation_vendor_data_file:dir rw_dir_perms;
 allow battery_mitigation mitigation_vendor_data_file:file create_file_perms;
+allow battery_mitigation dumpstate:fd use;
+allow battery_mitigation dumpstate:fifo_file rw_file_perms;
 
 # Allow battery_mitigation to use Binder IPC so that service manager can notify it for callbacks
 binder_use(battery_mitigation)
@@ -33,3 +35,4 @@ wakelock_use(battery_mitigation)
 add_service(battery_mitigation, hal_battery_mitigation_service)
 # Allow battery_mitigation to run audio mitigation callback
 binder_call(battery_mitigation, hal_audio_default)
+binder_call(battery_mitigation, servicemanager)

battery_mitigation/sepolicy/vendor/dumpstate.te

@@ -0,0 +1,3 @@
+# To call battery_mitigation hal
+allow dumpstate hal_battery_mitigation_service:service_manager find;
+binder_call(dumpstate, battery_mitigation);

battery_mitigation/sepolicy/vendor/service.te

@@ -1 +1 @@
-type hal_battery_mitigation_service, protected_service, hal_service_type, service_manager_type;
+type hal_battery_mitigation_service, hal_service_type, service_manager_type;

bcmbt/bluetooth.mk

@@ -1,6 +1,8 @@
 PRODUCT_SOONG_NAMESPACES += vendor/broadcom/bluetooth
 PRODUCT_PACKAGES += \
        android.hardware.bluetooth-V1-ndk.so \
+       android.hardware.bluetooth.finder-V1-ndk.so \
+       android.hardware.bluetooth.ranging-V1-ndk.so \
        android.hardware.bluetooth-service.bcmbtlinux \
        vendor.google.bluetooth_ext-V1-ndk.so \
        bt_vendor.conf \
@@ -9,6 +11,7 @@ PRODUCT_PACKAGES += \
 
 
 BOARD_SEPOLICY_DIRS += device/google/gs-common/bcmbt/sepolicy
+BOARD_SEPOLICY_DIRS += hardware/google/pixel-sepolicy/powerstats
 
 DEVICE_MANIFEST_FILE += device/google/gs-common/bcmbt/manifest_bluetooth.xml
 DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/bcmbt/compatibility_matrix.xml

bcmbt/compatibility_matrix.xml

@@ -6,7 +6,6 @@
             <name>IBluetoothFinder</name>
             <instance>default</instance>
         </interface>
-        <fqname>IBluetoothFinder/default</fqname>
         <interface>
             <name>IBluetoothCcc</name>
             <instance>default</instance>

bcmbt/manifest_bluetooth.xml

@@ -4,6 +4,16 @@
         <version>1</version>
         <fqname>IBluetoothHci/default</fqname>
     </hal>
+    <hal format="aidl">
+        <name>android.hardware.bluetooth.finder</name>
+        <version>1</version>
+        <fqname>IBluetoothFinder/default</fqname>
+    </hal>
+    <hal format="aidl">
+        <name>android.hardware.bluetooth.ranging</name>
+        <version>1</version>
+        <fqname>IBluetoothChannelSounding/default</fqname>
+    </hal>
     <hal format="aidl">
         <name>vendor.google.bluetooth_ext</name>
         <version>1</version>

betterbug/betterbug.mk

@@ -1,5 +1,8 @@
-PRODUCT_PACKAGES += BetterBugStub
-PRODUCT_PACKAGES_DEBUG += BetterBug
+# When neither AOSP nor factory targets
+ifeq (,$(filter aosp_% factory_%, $(TARGET_PRODUCT)))
+  PRODUCT_PACKAGES += BetterBugStub
+  PRODUCT_PACKAGES_DEBUG += BetterBug
+endif
 
 PRODUCT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/betterbug/sepolicy/product/public
 PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/betterbug/sepolicy/product/private

camera/Android.bp

@@ -12,8 +12,8 @@ cc_binary {
     ],
     shared_libs: [
         "libbase",
-	"libdump",
-	"liblog",
+        "libdump",
+        "liblog",
     ],
     vendor: true,
     relative_install_path: "dump",
@@ -26,3 +26,11 @@ prebuilt_etc {
     src: "vendor.android.hardware.camera.preview-dis.xml",
     sub_dir: "permissions",
 }
+
+prebuilt_etc {
+    name: "concurrent_foldable_dual_front_xml",
+    vendor: true,
+    filename: "com.google.pixel.camera.concurrent_foldable_dual_front.xml",
+    src: "com.google.pixel.camera.concurrent_foldable_dual_front.xml",
+    sub_dir: "permissions",
+}

camera/com.google.pixel.camera.concurrent_foldable_dual_front.xml

@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="utf-8"?>
+
+<!-- The feature on Pixel devices which supports concurrent foldable
+     dual front streaming -->
+<permissions>
+    <feature name="com.google.pixel.camera.concurrent_foldable_dual_front" />
+</permissions>

camera/dump_camera.cpp

@@ -42,12 +42,15 @@ int main() {
   // Attach multiple latest sessions (in case the user is running concurrent
   // sessions or starts a new session after the one with performance issues).
   dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 10, "session-ended-");
+  dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 10, "multicam-");
   dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "high-drop-rate-");
   dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "watchdog-");
   dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "camera-ended-");
   dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 5, "fatal-error-");
   dumpLogs(kGraphStateDumpDir.data(), cameraDestDir.c_str(), 5,
            "hal_graph_state_");
+  dumpLogs(kCameraLogDir.data(), cameraDestDir.c_str(), 10,
+           "fd_state_tracker-");
 
   return 0;
 }

camera/sepolicy/vendor/hal_camera_default.te

@@ -8,5 +8,6 @@ binder_call(hal_camera_default, vendor_pbcs_app);
 
 binder_call(hal_camera_default, vendor_pcs_app);
 
-# Allow Lyric HAL to start ISP Service
+# Allow Lyric HAL to start ISP Service and Image Processing HAL
 add_service(hal_camera_default, vendor_camera_isp_service)
+add_service(hal_camera_default, vendor_image_processing_hal_service)

camera/sepolicy/vendor/service.te

@@ -5,3 +5,5 @@ type vendor_camera_lyricconfigprovider_service, hal_service_type, protected_serv
 type vendor_camera_isp_service, hal_service_type, protected_service, service_manager_type;
 
 type vendor_camera_cameraidremapper_service, hal_service_type, protected_service, service_manager_type;
+
+type vendor_image_processing_hal_service, hal_service_type, protected_service, service_manager_type;

camera/sepolicy/vendor/service_contexts

@@ -5,3 +5,5 @@ com.google.pixel.camera.services.lyricconfigprovider.ILyricConfigProvider/defaul
 com.google.pixel.camera.isp.IIspService/default u:object_r:vendor_camera_isp_service:s0
 
 com.google.pixel.camera.services.cameraidremapper.ICameraIdRemapper/default u:object_r:vendor_camera_cameraidremapper_service:s0
+
+com.google.android.imageprocessing.IImageProcessingHal u:object_r:vendor_image_processing_hal_service:s0

dauntless/gsc.mk

@@ -9,7 +9,6 @@ PRODUCT_PACKAGES += \
     android.hardware.weaver-service.citadel \
     android.hardware.authsecret-service.citadel \
     android.hardware.oemlock-service.citadel \
-    android.hardware.identity@1.0-service.citadel \
     init_citadel \
     android.hardware.strongbox_keystore.xml \
     android.hardware.security.keymint-service.citadel \

edgetpu/sepolicy/edgetpu_tachyon_service.te

@@ -49,3 +49,14 @@ get_prop(edgetpu_tachyon_server, vendor_edgetpu_runtime_prop)
 get_prop(edgetpu_tachyon_server, vendor_hetero_runtime_prop)
 # Allow Tachyon service to read EdgeTPU CPU scheduler properties
 get_prop(edgetpu_tachyon_server, vendor_edgetpu_cpu_scheduler_prop)
+
+# Allow mlock without size restriction
+allow edgetpu_tachyon_server self:capability ipc_lock;
+
+# Need to effectively read file mapped file when mmap + mlocked.
+allow edgetpu_tachyon_server privapp_data_file:file { map read};
+
+# For shell level testing of mlock
+userdebug_or_eng(`
+    allow edgetpu_tachyon_server shell_data_file:file { map read};
+')

edgetpu/sepolicy/file_contexts

@@ -17,6 +17,8 @@
 # EdgeTPU runtime libraries
 /vendor/lib64/com\.google\.edgetpu_app_service-V[1-4]-ndk\.so              u:object_r:same_process_hal_file:s0
 /vendor/lib64/com\.google\.edgetpu_vendor_service-V[1-2]-ndk\.so           u:object_r:same_process_hal_file:s0
+# EdgeTPU Tachyon libraries
+/vendor/lib64/libedgetpu_tachyon\.google\.so                               u:object_r:same_process_hal_file:s0
 
 # EdgeTPU data files
 /data/vendor/hal_neuralnetworks_darwinn(/.*)?                              u:object_r:hal_neuralnetworks_darwinn_data_file:s0
@@ -27,3 +29,6 @@
 
 # Tachyon service
 /vendor/bin/hw/com\.google\.edgetpu.tachyon-service                        u:object_r:edgetpu_tachyon_server_exec:s0
+
+# libfmq.so is dynamically loaded by the Tachyon client-side library libedgetpu_tachyon.google.so
+/vendor/lib64/libfmq\.so                                                   u:object_r:same_process_hal_file:s0

edgetpu/sepolicy/hal_audio_default.te

@@ -12,7 +12,19 @@ binder_call(hal_audio_default, edgetpu_app_server)
 
 # Allow audio HAL to read tflite Darwinn delegate properties
 get_prop(hal_audio_default, vendor_tflite_delegate_prop)
+
+# Allow audio HAL to read DarwiNN runtime properties
 get_prop(hal_audio_default, vendor_edgetpu_runtime_prop)
 
+# Allow audio HAL to read hetero runtime properties
+get_prop(hal_audio_default, vendor_hetero_runtime_prop)
+
 # Allow DMA Buf access.
 allow hal_audio_default dmabuf_system_heap_device:chr_file r_file_perms;
+
+# Allow audio HAL to connect to the stats service for logging EdgeTpu metrics.
+allow hal_audio_default fwk_stats_service:service_manager find;
+
+# Allow audio HAL to send EdgeTpu trace packets to Perfetto.
+# Enable for prod devices, see: go/darwinn-perfetto-critical-events
+perfetto_producer(hal_audio_default)

edgetpu/sepolicy/priv_app.te

@@ -7,3 +7,6 @@ allow priv_app edgetpu_nnapi_service:service_manager find;
 # Allows privileged applications to access the EdgeTPU device, except open,
 # which is guarded by the EdgeTPU service.
 allow priv_app edgetpu_device:chr_file { getattr read write ioctl map };
+
+# Allows EdgeTPU Tachyon service to call the app.
+binder_call(edgetpu_tachyon_server, priv_app);

edgetpu/sepolicy/untrusted_app_all.te

@@ -5,3 +5,5 @@ allow untrusted_app_all edgetpu_app_service:service_manager find;
 # by the EdgeTPU service.
 allow untrusted_app_all edgetpu_device:chr_file { getattr read write ioctl map };
 
+# Allows EdgeTPU Tachyon service to call the app.
+binder_call(edgetpu_tachyon_server, untrusted_app_all);

gear/dumpstate_v3/Android.bp

@@ -0,0 +1,29 @@
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+cc_binary {
+    name: "android.hardware.dumpstate.3-service",
+    srcs: [
+        "Dumpstate.cpp",
+        "service.cpp",
+    ],
+    init_rc: ["android.hardware.dumpstate.3-service.rc"],
+    vintf_fragments: ["android.hardware.dumpstate.3-service.xml"],
+    cflags: [
+        "-Wall",
+        "-Werror",
+    ],
+    shared_libs: [
+        "libbase",
+        "libbinder_ndk",
+        "libcutils",
+        "libdumpstateutil",
+        "liblog",
+        "libutils",
+        "libdump",
+        "android.hardware.dumpstate-V1-ndk",
+    ],
+    vendor: true,
+    relative_install_path: "hw",
+}

gear/dumpstate_v3/Dumpstate.cpp

@@ -0,0 +1,230 @@
+/*
+ * Copyright 2016 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#define LOG_TAG "dumpstate_device"
+#define ATRACE_TAG ATRACE_TAG_ALWAYS
+
+#include <inttypes.h>
+
+#include <android-base/file.h>
+#include <android-base/stringprintf.h>
+#include <android-base/properties.h>
+#include <android-base/unique_fd.h>
+#include <cutils/trace.h>
+#include <log/log.h>
+#include <sys/stat.h>
+#include <dump/pixel_dump.h>
+#include "Dumpstate.h"
+
+#include "DumpstateUtil.h"
+
+#define HW_REVISION "ro.boot.hardware.revision"
+
+using android::os::dumpstate::CommandOptions;
+using android::os::dumpstate::DumpFileToFd;
+using android::os::dumpstate::PropertiesHelper;
+using android::os::dumpstate::RunCommandToFd;
+
+namespace aidl {
+namespace android {
+namespace hardware {
+namespace dumpstate {
+
+typedef std::chrono::time_point<std::chrono::steady_clock> timepoint_t;
+
+const char kVerboseLoggingProperty[] = "persist.vendor.verbose_logging_enabled";
+
+timepoint_t startSection(int fd, const std::string &sectionName) {
+    ATRACE_BEGIN(sectionName.c_str());
+    ::android::base::WriteStringToFd(
+            "\n"
+            "------ Section start: " + sectionName + " ------\n"
+            "\n", fd);
+    return std::chrono::steady_clock::now();
+}
+
+void endSection(int fd, const std::string &sectionName, timepoint_t startTime) {
+    ATRACE_END();
+    auto endTime = std::chrono::steady_clock::now();
+    auto elapsedMsec = std::chrono::duration_cast<std::chrono::milliseconds>
+            (endTime - startTime).count();
+
+    ::android::base::WriteStringToFd(
+            "\n"
+            "------ Section end: " + sectionName + " ------\n"
+            "Elapsed msec: " + std::to_string(elapsedMsec) + "\n"
+            "\n", fd);
+}
+
+// Dump data requested by an argument to the "dump" interface, or help info
+// if the specified section is not supported.
+void Dumpstate::dumpTextSection(int fd, const std::string &sectionName) {
+    bool dumpAll = (sectionName == kAllSections);
+    std::string dumpFiles;
+    struct dirent **dirent_list = NULL;
+    int num_entries = scandir("/vendor/bin/dump", &dirent_list, 0, (int (*)(const struct dirent **, const struct dirent **)) alphasort);
+    if (!dirent_list) {
+        ALOGE("Unable to scan dir: /vendor/bin/dump\n");
+        return;
+    } else if (num_entries <= 0) {
+        ALOGE("No file is found.\n");
+        return;
+    }
+    // Execute all or designated programs under vendor/bin/dump/
+    for (int i = 0; i <  num_entries; i++) {
+        if (dirent_list[i]->d_name[0] == '.') {
+            continue;
+        }
+        std::string bin(dirent_list[i]->d_name);
+        dumpFiles = dumpFiles + " " + bin;
+        if (dumpAll || sectionName == bin) {
+            auto startTime = startSection(fd, bin);
+            RunCommandToFd(fd, "/vendor/bin/dump/"+bin, {"/vendor/bin/dump/"+bin}, CommandOptions::WithTimeout(15).Build());
+            endSection(fd, bin, startTime);
+            if (!dumpAll) {
+                return;
+            }
+        }
+    }
+
+    if (dumpAll) {
+        RunCommandToFd(fd, "VENDOR PROPERTIES", {"/vendor/bin/getprop"});
+        return;
+    }
+
+    // An unsupported section was requested on the command line
+    ::android::base::WriteStringToFd("Unrecognized text section: " + sectionName + "\n", fd);
+    ::android::base::WriteStringToFd("Try \"" + kAllSections + "\" or one of the following:", fd);
+    ::android::base::WriteStringToFd(dumpFiles, fd);
+    ::android::base::WriteStringToFd("\nNote: sections with attachments (e.g. dump_soc) are"
+                                   "not available from the command line.\n", fd);
+    while (num_entries--) {
+        free(dirent_list[num_entries]);
+    }
+    free(dirent_list);
+}
+
+void Dumpstate::dumpLogSection(int fd, int fd_bin)
+{
+    std::string logDir = MODEM_LOG_DIRECTORY;
+    const std::string logCombined = logDir + "/combined_logs.tar";
+    const std::string logAllDir = logDir + "/all_logs";
+
+    RunCommandToFd(fd, "MKDIR LOG", {"/vendor/bin/mkdir", "-p", logAllDir.c_str()}, CommandOptions::WithTimeout(2).Build());
+
+    dumpTextSection(fd, kAllSections);
+
+    RunCommandToFd(fd, "TAR LOG", {"/vendor/bin/tar", "cvf", logCombined.c_str(), "-C", logAllDir.c_str(), "."}, CommandOptions::WithTimeout(20).Build());
+    RunCommandToFd(fd, "CHG PERM", {"/vendor/bin/chmod", "a+w", logCombined.c_str()}, CommandOptions::WithTimeout(2).Build());
+
+    std::vector<uint8_t> buffer(65536);
+    ::android::base::unique_fd fdLog(TEMP_FAILURE_RETRY(open(logCombined.c_str(), O_RDONLY | O_CLOEXEC | O_NONBLOCK)));
+
+    if (fdLog >= 0) {
+        while (1) {
+            ssize_t bytes_read = TEMP_FAILURE_RETRY(read(fdLog, buffer.data(), buffer.size()));
+
+            if (bytes_read == 0) {
+                break;
+            } else if (bytes_read < 0) {
+                ALOGD("read(%s): %s\n", logCombined.c_str(), strerror(errno));
+                break;
+            }
+
+            ssize_t result = TEMP_FAILURE_RETRY(write(fd_bin, buffer.data(), bytes_read));
+
+            if (result != bytes_read) {
+                ALOGD("Failed to write %zd bytes, actually written: %zd", bytes_read, result);
+                break;
+            }
+        }
+    }
+
+    RunCommandToFd(fd, "RM LOG DIR", { "/vendor/bin/rm", "-r", logAllDir.c_str()}, CommandOptions::WithTimeout(2).Build());
+    RunCommandToFd(fd, "RM LOG", { "/vendor/bin/rm", logCombined.c_str()}, CommandOptions::WithTimeout(2).Build());
+}
+
+ndk::ScopedAStatus Dumpstate::dumpstateBoard(const std::vector<::ndk::ScopedFileDescriptor>& in_fds,
+                                             IDumpstateDevice::DumpstateMode in_mode,
+                                             int64_t in_timeoutMillis) {
+    ATRACE_BEGIN("dumpstateBoard");
+    // Unused arguments.
+    (void) in_timeoutMillis;
+
+    if (in_mode < IDumpstateDevice::DumpstateMode::FULL || in_mode > IDumpstateDevice::DumpstateMode::PROTO) {
+        ALOGE("Invalid mode: %d\n", in_mode);
+        return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_ILLEGAL_ARGUMENT, "Invalid mode");
+    }
+
+    if (in_fds.size() < 1) {
+        ALOGE("no FDs\n");
+        return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_ILLEGAL_ARGUMENT,
+                                                                "No file descriptor");
+    }
+
+    int fd = in_fds[0].get();
+    if (fd < 0) {
+        ALOGE("invalid FD: %d\n", fd);
+        return ndk::ScopedAStatus::fromExceptionCodeWithMessage(EX_ILLEGAL_ARGUMENT,
+                                                                "Invalid file descriptor");
+    }
+
+    if (in_fds.size() < 2) {
+          ALOGE("no FD for dumpstate_board binary\n");
+          dumpTextSection(fd, "");
+    } else {
+          int fd_bin = in_fds[1].get();
+          dumpLogSection(fd, fd_bin);
+    }
+
+    ATRACE_END();
+    return ndk::ScopedAStatus::ok();
+}
+
+ndk::ScopedAStatus Dumpstate::setVerboseLoggingEnabled(bool in_enable) {
+    ::android::base::SetProperty(kVerboseLoggingProperty, in_enable ? "true" : "false");
+    return ndk::ScopedAStatus::ok();
+}
+
+ndk::ScopedAStatus Dumpstate::getVerboseLoggingEnabled(bool* _aidl_return) {
+    *_aidl_return = ::android::base::GetBoolProperty(kVerboseLoggingProperty, false);
+    return ndk::ScopedAStatus::ok();
+}
+
+// Since AIDLs that support the dump() interface are automatically invoked during
+// bugreport generation and we don't want to generate a second copy of the same
+// data that will go into dumpstate_board.txt, this function will only do
+// something if it is called with an option, e.g.
+//   dumpsys android.hardware.dumpstate.IDumpstateDevice/default all
+//
+// Also, note that sections which generate attachments and/or binary data when
+// included in a bugreport are not available through the dump() interface.
+binder_status_t Dumpstate::dump(int fd, const char** args, uint32_t numArgs) {
+
+    if (numArgs != 1) {
+        return STATUS_OK;
+    }
+
+    dumpTextSection(fd, static_cast<std::string>(args[0]));
+
+    fsync(fd);
+    return STATUS_OK;
+}
+
+}  // namespace dumpstate
+}  // namespace hardware
+}  // namespace android
+}  // namespace aidl

gear/dumpstate_v3/Dumpstate.h

@@ -0,0 +1,53 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+#pragma once
+
+#include <aidl/android/hardware/dumpstate/BnDumpstateDevice.h>
+#include <aidl/android/hardware/dumpstate/IDumpstateDevice.h>
+#include <android/binder_status.h>
+
+namespace aidl {
+namespace android {
+namespace hardware {
+namespace dumpstate {
+
+class Dumpstate : public BnDumpstateDevice {
+  public:
+    ::ndk::ScopedAStatus dumpstateBoard(const std::vector<::ndk::ScopedFileDescriptor>& in_fds,
+                                        IDumpstateDevice::DumpstateMode in_mode,
+                                        int64_t in_timeoutMillis) override;
+
+    ::ndk::ScopedAStatus getVerboseLoggingEnabled(bool* _aidl_return) override;
+
+    ::ndk::ScopedAStatus setVerboseLoggingEnabled(bool in_enable) override;
+
+    binder_status_t dump(int fd, const char** args, uint32_t numArgs) override;
+
+  private:
+    const std::string kAllSections = "all";
+
+    void dumpTextSection(int fd, std::string const& sectionName);
+    void dumpLogSection(int fd, int fdModem);
+
+    //bool getVerboseLoggingEnabledImpl();
+    //::ndk::ScopedAStatus dumpstateBoardImpl(const int fd, const bool full);
+};
+
+}  // namespace dumpstate
+}  // namespace hardware
+}  // namespace android
+}  // namespace aidl

gear/dumpstate_v3/aidl.mk

@@ -0,0 +1,4 @@
+PRODUCT_SOONG_NAMESPACES += device/google/gs-common/gear/dumpstate_v3
+PRODUCT_PACKAGES += android.hardware.dumpstate.3-service
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/gear/dumpstate_v3/sepolicy
+

gear/dumpstate_v3/android.hardware.dumpstate.3-service.rc

@@ -0,0 +1,5 @@
+service vendor.dumpstate-default /vendor/bin/hw/android.hardware.dumpstate.3-service
+    class hal
+    user system
+    group system shell
+    interface aidl android.hardware.dumpstate.IDumpstateDevice/default

gear/dumpstate_v3/android.hardware.dumpstate.3-service.xml

@@ -0,0 +1,9 @@
+<manifest version="1.0" type="device">
+    <hal format="aidl">
+        <name>android.hardware.dumpstate</name>
+        <interface>
+            <name>IDumpstateDevice</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+</manifest>

gear/dumpstate_v3/sepolicy/file.te

@@ -0,0 +1,6 @@
+# dumpstate packing directory
+type radio_vendor_data_file, file_type, data_file_type;
+userdebug_or_eng(`
+  typeattribute radio_vendor_data_file mlstrustedobject;
+')
+

gear/dumpstate_v3/sepolicy/file_contexts

@@ -0,0 +1,5 @@
+# generic dumpstate for pixel
+/vendor/bin/hw/android\.hardware\.dumpstate\.3-service     u:object_r:hal_dumpstate_default_exec:s0
+
+/data/vendor/radio(/.*)?                                   u:object_r:radio_vendor_data_file:s0
+

gear/dumpstate_v3/sepolicy/hal_dumpstate_default.te

@@ -0,0 +1,7 @@
+# required permission to use tar to pack dumpsate_board.bin
+allow hal_dumpstate_default vendor_toolbox_exec:file execute_no_trans;
+allow hal_dumpstate_default radio_vendor_data_file:dir create_dir_perms;
+allow hal_dumpstate_default radio_vendor_data_file:file create_file_perms;
+allow hal_dumpstate_default shell_data_file:file getattr;
+set_prop(hal_dumpstate_default, vendor_logger_prop)
+

gear/dumpstate_v3/sepolicy/property.te

@@ -0,0 +1,3 @@
+# verbose property
+vendor_internal_prop(vendor_logger_prop)
+

gear/dumpstate_v3/sepolicy/property_contexts

@@ -0,0 +1,3 @@
+# verbose property name
+persist.vendor.verbose_logging_enabled     u:object_r:vendor_logger_prop:s0
+

gear/dumpstate_v3/service.cpp

@@ -0,0 +1,37 @@
+/*
+ * Copyright (C) 2022 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+#define LOG_TAG "android.hardware.dumpstate.3-service"
+
+#include "Dumpstate.h"
+
+#include <android-base/logging.h>
+#include <android/binder_manager.h>
+#include <android/binder_process.h>
+
+using aidl::android::hardware::dumpstate::Dumpstate;
+
+int main() {
+    ABinderProcess_setThreadPoolMaxThreadCount(0);
+    std::shared_ptr<Dumpstate> dumpstate = ndk::SharedRefBase::make<Dumpstate>();
+
+    const std::string instance = std::string() + Dumpstate::descriptor + "/default";
+    binder_status_t status =
+            AServiceManager_addService(dumpstate->asBinder().get(), instance.c_str());
+    CHECK_EQ(status, STATUS_OK);
+
+    ABinderProcess_joinThreadPool();
+    return EXIT_FAILURE;  // Unreachable
+}

gps/pixel/sepolicy/file.te

@@ -1 +0,0 @@
-type sysfs_modem_state, sysfs_type, fs_type;

gps/pixel/sepolicy/hal_gnss_pixel.te

@@ -12,3 +12,14 @@ allow hal_gnss_pixel sysfs_modem_state:file r_file_perms;
 
 #Toggle coredump node
 allow hal_gnss_pixel sysfs_gps:file rw_file_perms;
+
+# Allow access to CHRE multiclient HAL.
+get_prop(hal_gnss_pixel, vendor_chre_hal_prop)
+
+# Allow binder to CHRE.
+binder_call(hal_gnss_pixel, hal_contexthub_default)
+allow hal_gnss_pixel hal_contexthub_service:service_manager find;
+
+# Allow connect to gnss service
+allow hal_gnss_pixel vendor_gps_file:dir create_dir_perms;
+allow hal_gnss_pixel vendor_gps_file:fifo_file create_file_perms;

gs_watchdogd/gs_watchdogd.cpp

@@ -14,9 +14,11 @@
  * limitations under the License.
  */
 
+#include <android-base/chrono_utils.h>
 #include <android-base/file.h>
 #include <android-base/logging.h>
 #include <android-base/stringprintf.h>
+#include <android-base/unique_fd.h>
 
 #include <errno.h>
 #include <fcntl.h>
@@ -26,21 +28,28 @@
 #include <string.h>
 #include <unistd.h>
 
-#define DEV_GLOB "/sys/devices/platform/*.watchdog_cl0/watchdog/watchdog*"
+#include <chrono>
+#include <vector>
+
+#define DEV_GLOB "/sys/devices/platform/*.watchdog_cl*/watchdog/watchdog*"
+
+#define DEFAULT_INTERVAL 10s
+#define DEFAULT_MARGIN 10s
 
 using android::base::Basename;
 using android::base::StringPrintf;
+using std::literals::chrono_literals::operator""s;
 
 int main(int argc, char** argv) {
     android::base::InitLogging(argv, &android::base::KernelLogger);
 
-    int interval = 10;
-    if (argc >= 2) interval = atoi(argv[1]);
+    std::chrono::seconds interval = argc >= 2
+        ? std::chrono::seconds(atoi(argv[1])) : DEFAULT_INTERVAL;
+    std::chrono::seconds margin = argc >= 3
+        ? std::chrono::seconds(atoi(argv[2])) : DEFAULT_MARGIN;
 
-    int margin = 10;
-    if (argc >= 3) margin = atoi(argv[2]);
-
-    LOG(INFO) << "gs_watchdogd started (interval " << interval << ", margin " << margin << ")!";
+    LOG(INFO) << "gs_watchdogd started (interval " << interval.count()
+              << ", margin " << margin.count() << ")!";
 
     glob_t globbuf;
     int ret = glob(DEV_GLOB, GLOB_MARK, nullptr, &globbuf);
@@ -49,40 +58,42 @@ int main(int argc, char** argv) {
         return 1;
     }
 
-    if (globbuf.gl_pathc > 1) {
-        PLOG(WARNING) << "Multiple watchdog dev path found by " << DEV_GLOB;
-    }
+    std::vector<android::base::unique_fd> wdt_dev_fds;
 
-    std::string dev_path = StringPrintf("/dev/%s", Basename(globbuf.gl_pathv[0]).c_str());
-    globfree(&globbuf);
+    for (size_t i = 0; i < globbuf.gl_pathc; i++) {
+        std::chrono::seconds timeout = interval + margin;
+        int timeout_secs = timeout.count();
+        std::string dev_path = StringPrintf("/dev/%s", Basename(globbuf.gl_pathv[i]).c_str());
 
-    int fd = open(dev_path.c_str(), O_RDWR | O_CLOEXEC);
-    if (fd == -1) {
-        PLOG(ERROR) << "Failed to open " << dev_path;
-        return 1;
-    }
+        int fd = TEMP_FAILURE_RETRY(open(dev_path.c_str(), O_RDWR | O_CLOEXEC));
+        if (fd == -1) {
+            PLOG(ERROR) << "Failed to open " << dev_path;
+            return 1;
+        }
 
-    int timeout = interval + margin;
-    ret = ioctl(fd, WDIOC_SETTIMEOUT, &timeout);
-    if (ret) {
-        PLOG(ERROR) << "Failed to set timeout to " << timeout;
-        ret = ioctl(fd, WDIOC_GETTIMEOUT, &timeout);
+        wdt_dev_fds.emplace_back(fd);
+        ret = ioctl(fd, WDIOC_SETTIMEOUT, &timeout_secs);
         if (ret) {
-            PLOG(ERROR) << "Failed to get timeout";
-        } else {
-            if (timeout > margin) {
-                interval = timeout - margin;
+            PLOG(ERROR) << "Failed to set timeout to " << timeout_secs;
+            ret = ioctl(fd, WDIOC_GETTIMEOUT, &timeout_secs);
+            if (ret) {
+                PLOG(ERROR) << "Failed to get timeout";
             } else {
-                interval = 1;
+                interval = timeout > margin ? timeout - margin : 1s;
+                LOG(WARNING) << "Adjusted interval to timeout returned by driver: "
+                             << "timeout " << timeout_secs
+                             << ", interval " << interval.count()
+                             << ", margin " << margin.count();
             }
-            LOG(WARNING) << "Adjusted interval to timeout returned by driver: "
-                         << "timeout " << timeout << ", interval " << interval << ", margin "
-                         << margin;
         }
     }
 
+    globfree(&globbuf);
+
     while (true) {
-        write(fd, "", 1);
-        sleep(interval);
+        for (const auto& fd : wdt_dev_fds) {
+            TEMP_FAILURE_RETRY(write(fd, "", 1));
+        }
+        sleep(interval.count());
     }
 }

gxp/dump_gxp.cpp

@@ -17,7 +17,7 @@
 #include <android-base/properties.h>
 #include <android-base/file.h>
 
-#define maxGxpDebugDumps 3
+#define maxGxpDebugDumps 4
 
 int main() {
     /* TODO(b/277094681): Set default value to false around device beta milestone. */

gyotaku_app/fingerprint/gyotaku_app.te

@@ -0,0 +1,19 @@
+# Specific build for fingerprint
+type gyotaku_app, domain;
+
+app_domain(gyotaku_app)
+net_domain(gyotaku_app)
+
+# For Gyotaku app common use
+allow gyotaku_app app_api_service:service_manager find;
+allow gyotaku_app privapp_data_file:lnk_file read;
+allow gyotaku_app system_app_data_file:dir create_dir_perms;
+allow gyotaku_app system_app_data_file:file create_file_perms;
+
+# For getproperty isDebuggable use
+get_prop(gyotaku_app, userdebug_or_eng_prop)
+
+# For access /data/vendor/misc fingerprint use.
+allow gyotaku_app vendor_misc_data_file:dir search;
+allow gyotaku_app vendor_fingerprint_data_file:dir r_dir_perms;
+allow gyotaku_app vendor_fingerprint_data_file:file r_file_perms;

gyotaku_app/fingerprint/seapp_contexts

@@ -0,0 +1,2 @@
+# Gyotaku app
+user=system seinfo=platform name=com.google.android.apps.internal.gyotaku domain=gyotaku_app type=system_app_data_file levelFrom=all

gyotaku_app/gyotaku.mk

@@ -6,7 +6,7 @@ ifneq ($(TARGET_BUILD_VARIANT), user)
       BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/sepolicy/
 
       # Pixel 5a (barbet) does not support Pixel dump
-      ifneq ($(TARGET_PRODUCT), barbet)
+      ifeq (,$(filter barbet%,$(TARGET_PRODUCT)))
         PRODUCT_PACKAGES_DEBUG += dump_gyotaku
         BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/dump
       endif

gyotaku_app/gyotaku_fingerprint.mk

@@ -0,0 +1,5 @@
+# Specific build for fingerprint
+PRODUCT_PACKAGES_DEBUG += \
+   Gyotaku
+
+BOARD_SEPOLICY_DIRS += device/google/gs-common/gyotaku_app/fingerprint

insmod/16k/Android.bp

@@ -0,0 +1,14 @@
+
+soong_namespace {
+}
+
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+sh_binary {
+    name: "insmod.sh",
+    src: "insmod.sh",
+    init_rc: ["init.module.rc"],
+    vendor: true,
+}

insmod/16k/insmod.sh

@@ -0,0 +1,119 @@
+#!/vendor/bin/sh
+
+#############################################################
+### init.insmod.cfg format:                               ###
+### ----------------------------------------------------- ###
+### [insmod|setprop|enable/moprobe|wait] [path|prop name] ###
+### ...                                                   ###
+#############################################################
+
+modules_dir=
+system_modules_dir=
+vendor_modules_dir=
+
+
+pagesize=$(getconf PAGESIZE)
+# bootoption=$(getprop ro.product.build.16k_page.enabled)
+# We do not need to check ro.product.build.16k_page.enabled , because this
+# version of insmod.sh will only be used if PRODUCT_16K_DEVELOPER_OPTION
+# is set to true
+
+if [ "$pagesize" != "4096" ] ; then
+    echo "Device has page size $pagesize , skip loading modules from vendor_dlkm/system_dlkm because all modules are stored on vendor_boot"
+    setprop vendor.common.modules.ready 1
+    setprop vendor.device.modules.ready 1
+    setprop vendor.all.modules.ready 1
+    setprop vendor.all.devices.ready 1
+    return 0
+fi
+
+
+for dir in system vendor; do
+  for f in /${dir}/lib/modules/*/modules.dep /${dir}/lib/modules/modules.dep; do
+    if [[ -f "$f" ]]; then
+      if [[ "${dir}" == "system" ]]; then
+        system_modules_dir="$(dirname "$f")"
+      else
+        vendor_modules_dir="$(dirname "$f")"
+        modules_dir=${vendor_modules_dir}
+      fi
+      break
+    fi
+  done
+done
+
+if [[ -z "${system_modules_dir}" ]]; then
+  echo "Unable to locate system kernel modules directory" 2>&1
+fi
+
+if [[ -z "${vendor_modules_dir}" ]]; then
+  echo "Unable to locate vendor kernel modules directory" 2>&1
+  exit 1
+fi
+
+# imitates wait_for_file() in init
+wait_for_file()
+{
+    filename="${1}"
+    timeout="${2:-5}"
+
+    expiry=$(($(date "+%s")+timeout))
+    while [[ ! -e "${filename}" ]] && [[ "$(date "+%s")" -le "${expiry}" ]]
+    do
+        sleep 0.01
+    done
+}
+
+if [ $# -eq 1 ]; then
+  cfg_file=$1
+else
+  # Set property even if there is no insmod config
+  # to unblock early-boot trigger
+  setprop vendor.common.modules.ready 1
+  setprop vendor.device.modules.ready 1
+  setprop vendor.all.modules.ready 1
+  setprop vendor.all.devices.ready 1
+  exit 1
+fi
+
+if [ -f $cfg_file ]; then
+  while IFS="|" read -r action arg
+  do
+    case $action in
+      "insmod") insmod $arg ;;
+      "setprop") setprop $arg 1 ;;
+      "enable") echo 1 > $arg ;;
+      "condinsmod")
+        prop=$(echo $arg | cut -d '|' -f 1)
+        module1=$(echo $arg | cut -d '|' -f 2)
+        module2=$(echo $arg | cut -d '|' -f 3)
+        value=$(getprop $prop)
+        if [[ ${value} == "true" ]]; then
+          insmod ${vendor_modules_dir}/${module1}
+        else
+          insmod ${vendor_modules_dir}/${module2}
+        fi
+        ;;
+      "modprobe")
+        case ${arg} in
+          "system -b *" | "system -b")
+            modules_dir=${system_modules_dir}
+            arg="-b --all=${system_modules_dir}/modules.load" ;;
+          "system *" | "system")
+            modules_dir=${system_modules_dir}
+            arg="--all=${system_modules_dir}/modules.load" ;;
+          "-b *" | "-b" | "vendor -b *" | "vendor -b")
+            modules_dir=${vendor_modules_dir}
+            arg="-b --all=${vendor_modules_dir}/modules.load" ;;
+          "*" | "" | "vendor *" | "vendor")
+            modules_dir=${vendor_modules_dir}
+            arg="--all=${vendor_modules_dir}/modules.load" ;;
+        esac
+        if [[ -d "${modules_dir}" ]]; then
+          modprobe -a -d "${modules_dir}" $arg
+        fi
+        ;;
+      "wait") wait_for_file $arg ;;
+    esac
+  done < $cfg_file
+fi

insmod/4k/Android.bp

@@ -0,0 +1,13 @@
+
+soong_namespace {
+}
+package {
+    default_applicable_licenses: ["Android-Apache-2.0"],
+}
+
+sh_binary {
+    name: "insmod.sh",
+    src: "insmod.sh",
+    init_rc: ["init.module.rc"],
+    vendor: true,
+}

insmod/4k/init.module.rc

@@ -0,0 +1,10 @@
+on init
+    # Loading common kernel modules in background
+    start insmod_sh
+
+service insmod_sh /vendor/bin/insmod.sh /vendor/etc/init.common.cfg
+    class main
+    user root
+    group root system
+    disabled
+    oneshot

insmod/Android.bp

@@ -2,13 +2,6 @@ package {
     default_applicable_licenses: ["Android-Apache-2.0"],
 }
 
-sh_binary {
-    name: "insmod.sh",
-    src: "insmod.sh",
-    init_rc: ["init.module.rc"],
-    vendor: true,
-}
-
 prebuilt_etc {
     name: "init.common.cfg",
     src: "init.common.cfg",

insmod/insmod.mk

@@ -1,3 +1,9 @@
+ifeq (true,$(PRODUCT_16K_DEVELOPER_OPTION))
+PRODUCT_SOONG_NAMESPACES += device/google/gs-common/insmod/16k
+else
+PRODUCT_SOONG_NAMESPACES += device/google/gs-common/insmod/4k
+endif
+
 BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/insmod/sepolicy
 PRODUCT_PACKAGES += \
         insmod.sh \

modem/shared_modem_platform/compatibility_matrix.xml

@@ -0,0 +1,11 @@
+<compatibility-matrix version="1.0" type="framework">
+    <!-- Optional since older devices will not register any services. -->
+    <hal format="aidl" optional="true">
+        <name>com.google.pixel.shared_modem_platform</name>
+        <version>1</version>
+        <interface>
+            <name>ISharedModemPlatform</name>
+            <instance>default</instance>
+        </interface>
+    </hal>
+</compatibility-matrix>

modem/shared_modem_platform/sepolicy/attributes

@@ -0,0 +1 @@
+hal_attribute(shared_modem_platform)

modem/shared_modem_platform/sepolicy/hal_shared_modem_platform.te

@@ -0,0 +1,8 @@
+# Allow binder connection from client to server
+binder_call(hal_shared_modem_platform_client, hal_shared_modem_platform_server)
+
+# Allow client to find the service, server to register the service
+hal_attribute_service(hal_shared_modem_platform, hal_shared_modem_platform_service)
+
+# Allow binder communication from server to service_manager
+binder_use(hal_shared_modem_platform_server)

modem/shared_modem_platform/sepolicy/service.te

@@ -0,0 +1 @@
+type hal_shared_modem_platform_service, hal_service_type, service_manager_type;

modem/shared_modem_platform/sepolicy/service_contexts

@@ -0,0 +1,2 @@
+# Bind Shared Modem Platform AIDL service name to the SELinux type.
+com.google.pixel.shared_modem_platform.ISharedModemPlatform/default u:object_r:hal_shared_modem_platform_service:s0

modem/shared_modem_platform/shared_modem_platform.mk

@@ -0,0 +1,11 @@
+# This file is not included in `modem.mk` since this is included at the
+# beginning of each `device.mk` file, and so will be called before
+# `SHARED_MODEM_PLATFORM_VENDOR` is defined later in the file.
+SOONG_CONFIG_NAMESPACES += shared_modem_platform
+SOONG_CONFIG_shared_modem_platform += \
+       vendor
+SOONG_CONFIG_shared_modem_platform_vendor := $(SHARED_MODEM_PLATFORM_VENDOR)
+
+PRODUCT_PACKAGES += shared_modem_platform
+DEVICE_PRODUCT_COMPATIBILITY_MATRIX_FILE += device/google/gs-common/modem/shared_modem_platform/compatibility_matrix.xml
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/modem/shared_modem_platform/sepolicy

performance/Android.bp

@@ -5,13 +5,14 @@ package {
 cc_binary {
     name: "dump_perf",
     srcs: ["dump_perf.cpp"],
+    init_rc: ["init.pixel-mm-gs.rc"],
     cflags: [
         "-Wall",
         "-Wextra",
         "-Werror",
     ],
     shared_libs: [
-	"libdump",
+        "libdump",
     ],
     vendor: true,
     relative_install_path: "dump",

performance/dump_perf.cpp

@@ -18,5 +18,8 @@
 
 int main() {
     dumpFileContent("VENDOR PROC DUMP", "/proc/vendor_sched/dump_task");
+    dumpFileContent("BTS scenario", "/sys/kernel/debug/bts/scenario");
+    dumpFileContent("BTS vc", "/sys/kernel/debug/bts/vc");
+    dumpFileContent("BTS status", "/sys/kernel/debug/bts/status");
     return 0;
 }

performance/init.pixel-mm-gs.rc

@@ -0,0 +1,20 @@
+# Copyright (C) 2024 The Android Open-Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+on init
+    # adjust PCP high level
+    write /proc/sys/vm/percpu_pagelist_high_fraction 430
+
+    # disable proactive compaction
+    write /proc/sys/vm/compaction_proactiveness 0

performance/sepolicy/dump_perf.te

@@ -1,3 +1,7 @@
 pixel_bugreport(dump_perf)
 
 allow dump_perf proc_vendor_sched:file r_file_perms;
+userdebug_or_eng(`
+  allow dump_perf vendor_bts_debugfs:dir r_dir_perms;
+  allow dump_perf vendor_bts_debugfs:file r_file_perms;
+')

performance/sepolicy/file.te

@@ -0,0 +1,2 @@
+type sysfs_pakills, fs_type, sysfs_type;
+type vendor_bts_debugfs, fs_type, debugfs_type;

performance/sepolicy/genfs_contexts

@@ -1 +1,3 @@
 genfscon proc /sys/kernel/sched_pelt_multiplier u:object_r:proc_sched:s0
+genfscon sysfs /kernel/vendor_mm/pa_kill u:object_r:sysfs_pakills:s0
+genfscon debugfs /bts u:object_r:vendor_bts_debugfs:s0

performance/sepolicy/hal_power_default.te

@@ -0,0 +1,2 @@
+allow hal_power_default sysfs_pakills:file rw_file_perms;
+allow hal_power_default sysfs_pakills:dir r_dir_perms;

performance/sepolicy/vendor_init.te

@@ -0,0 +1,3 @@
+# MM
+allow vendor_init proc_percpu_pagelist_high_fraction:file w_file_perms;
+

pixelsupport/pixelsupport.mk

@@ -0,0 +1,5 @@
+PRODUCT_PACKAGES += PixelSupportPrebuilt
+
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/pixelsupport/sepolicy/vendor
+PRODUCT_PUBLIC_SEPOLICY_DIRS += device/google/gs-common/pixelsupport/sepolicy/product/public
+PRODUCT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/pixelsupport/sepolicy/product/private

pixelsupport/sepolicy/product/private/certs/pixelsupport.x509.pem

@@ -0,0 +1,30 @@
+-----BEGIN CERTIFICATE-----
+MIIGBzCCA++gAwIBAgIVAJriiL3+mR75mIC8e0Xqoz59LduNMA0GCSqGSIb3DQEBCwUAMIGSMQsw
+CQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91bnRhaW4gVmlldzEU
+MBIGA1UEChMLR29vZ2xlIEluYy4xEDAOBgNVBAsTB0FuZHJvaWQxLjAsBgNVBAMMJWNvbV9nb29n
+bGVfYW5kcm9pZF9hcHBzX3BpeGVsX3N1cHBvcnQwIBcNMjIxMjEyMTM1MDA3WhgPMjA1MjEyMTIx
+MzUwMDdaMIGSMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTEWMBQGA1UEBxMNTW91
+bnRhaW4gVmlldzEUMBIGA1UEChMLR29vZ2xlIEluYy4xEDAOBgNVBAsTB0FuZHJvaWQxLjAsBgNV
+BAMMJWNvbV9nb29nbGVfYW5kcm9pZF9hcHBzX3BpeGVsX3N1cHBvcnQwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCSWvRumhZOIAZmWKcuVjc1l3OIIWc/nSRVnsfdzeRqK0jwVFcTqMDs
+kmZtEj/UTW+N91ExRzWvAQ027AcE7TGF3X2iKKAfpSB0fpVQato5RIzOrRbwgAzsIvBdVtExqSNk
+5vh8xJ0azHt6Jn77gW03Mq7AL55Si5q3vU1meeGBPD/YWeqd/oNhPfe0kAHdNnnTOnN6SBxSeO8r
+YukV4XYJ3BxgWD1sm2NI8kZ+OGAooBFflZYXoY6NVfLXm6jsqWnooAok7CrNxZc/wstiwd8yYX6f
+6R1Trox3a9xOy7E+6Rig0XhbWm4pbp3Zu0OLArUalbQ1cjd1qFy6q9maieBn14ad+UtLNOUjCx91
+hLWg/mdpYCvArQb3bBDJdjYfdoo7Q8F9QW3JrFrbIeBezM4TTdK9v/sM4+1OxEo6vwMKQM9Ata/H
+Mn89a4nFHgRqGIMKK8zh0Eob+OwiBakviVhAI1o7IONujcJ2hfuyHNPZb8sT0Rewxtw2fD/Jwj+l
+ADmlXWw553geFcwP1SqOC6j/XOeazSvV4ccCME2VZqIE4pmL+RUr+cgAyQHXPZnet74C7K9sNRV6
+JluS6inqP4lKp7gSFuVrQNYHawNPVinbeTLYEu+df3m3yrHAUpaSvsSUC6qQVWCs0sI8PC6A1+bV
+DXMsIYRvrSnmtN75vOECaQIDAQABo1AwTjAMBgNVHRMEBTADAQH/MB0GA1UdDgQWBBTODyZ1S/is
+Y/2ZuMl8B1M6kFiJwDAfBgNVHSMEGDAWgBTODyZ1S/isY/2ZuMl8B1M6kFiJwDANBgkqhkiG9w0B
+AQsFAAOCAgEAL26IGjeu8Q5tn/b4vfYa+7bRUwozAJA9Buyduw/4wVG6rIAkpEsghkgnoOvyjD72
+ncbCkDoBV3a1PLw2W/bMQWfZvYScOzc2yFwcR9LdQIiEYmtgnwuJHnqc2MDsh+MDeclblyBYfIQQ
+bpZ0JArKalSmDyul0QIcfHq+RKmGAzC3bx0xigclIZJxXEG4tyQylttnqNodAEqYdhMMRajI3w9t
+61QwqNv1KTGJt1sC2Q7NyzbZJo02Kwu711Dw6KnVgHaGKC2sRIixsvjm2s6f9/CcVasuLopkJnyl
+epPeD2jHwHdE4/c2K5ZVQeZ+R0pIOEBKwg1AVkn+/UTbhpjYCkEGP09e8T45Y+//eMlrbORJAbji
+H5cfD9aSO2z4slN4B4w+Fw9Kn+a7bsN2xhv7lvAgQ92aq9g/YS1YysZ7kSoCpmKl7rN+0V/RGRVP
+ab2Cb0C3+JewTnOAF30e7zVs9Vaq3oTAV4XFYNiDRUBU/rvv8EIZKcBdufFJmCGYUpmm1EQQdsTt
+mFMPEh5I4Qd0sy+HKvLjThcMGHqDX0bCeXkbFZdj0GXPOOt5LX8NZBdnsbVgENrZml318uLEj3ZU
+DlojsfsTlVcs5eIPX6Dkx0OdgVcMAXnLF+vjP/ygWuLqiPFPCrZD1b+2g2P9Yip3e221tuyca42b
+q3bvQEBwOsA=
+-----END CERTIFICATE-----

pixelsupport/sepolicy/product/private/keys.conf

@@ -0,0 +1,2 @@
+[@PIXELSUPPORT]
+ALL : device/google/gs-common/pixelsupport/sepolicy/product/private/certs/pixelsupport.x509.pem

pixelsupport/sepolicy/product/private/mac_permissions.xml

@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="utf-8"?>
+<policy>
+
+<!--
+
+    * A signature is a hex encoded X.509 certificate or a tag defined in
+      keys.conf and is required for each signer tag.
+    * A signer tag may contain a seinfo tag and multiple package stanzas.
+    * A default tag is allowed that can contain policy for all apps not signed with a
+      previously listed cert. It may not contain any inner package stanzas.
+    * Each signer/default/package tag is allowed to contain one seinfo tag. This tag
+      represents additional info that each app can use in setting a SELinux security
+      context on the eventual process.
+    * When a package is installed the following logic is used to determine what seinfo
+      value, if any, is assigned.
+      - All signatures used to sign the app are checked first.
+      - If a signer stanza has inner package stanzas, those stanza will be checked
+        to try and match the package name of the app. If the package name matches
+        then that seinfo tag is used. If no inner package matches then the outer
+        seinfo tag is assigned.
+      - The default tag is consulted last if needed.
+-->
+    <!-- PixelSupport app key -->
+    <signer signature="@PIXELSUPPORT" >
+      <seinfo value="PixelSupport" />
+    </signer>
+</policy>

pixelsupport/sepolicy/product/private/pixelsupport_app.te

@@ -0,0 +1,11 @@
+typeattribute pixelsupport_app coredomain;
+
+app_domain(pixelsupport_app)
+# Access the network.
+net_domain(pixelsupport_app)
+# Access bluetooth.
+bluetooth_domain(pixelsupport_app)
+
+allow pixelsupport_app app_api_service:service_manager find;
+allow pixelsupport_app radio_service:service_manager find;
+

pixelsupport/sepolicy/product/private/seapp_contexts

@@ -0,0 +1,2 @@
+# Pixel Support App
+user=_app seinfo=PixelSupport name=com.google.android.apps.pixel.support domain=pixelsupport_app type=app_data_file isPrivApp=true levelFrom=user

pixelsupport/sepolicy/product/public/pixelsupport_app.te

@@ -0,0 +1,2 @@
+type pixelsupport_app, domain;
+

pixelsupport/sepolicy/vendor/pixelsupport_app.te

@@ -0,0 +1,2 @@
+set_prop(pixelsupport_app, vendor_gti_prop)
+

radio/sepolicy/file.te

@@ -1,6 +1,9 @@
 # Data
 type tcpdump_vendor_data_file, file_type, data_file_type;
 
+# Modem
+type sysfs_modem_state, sysfs_type, fs_type;
+
 userdebug_or_eng(`
   typeattribute tcpdump_vendor_data_file mlstrustedobject;
 ')

radio/sepolicy/genfs_contexts

@@ -1,2 +1,3 @@
 # modem state node
 genfscon sysfs /devices/platform/cpif/modem_state       u:object_r:sysfs_modem_state:s0
+

ramdump/ramdump.mk

@@ -1,3 +0,0 @@
-PRODUCT_PACKAGES_DEBUG += dump_ramdump
-
-BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/ramdump/sepolicy

ramdump/sepolicy/file_contexts

@@ -1,2 +0,0 @@
-# dumpstate
-/vendor/bin/dump/dump_ramdump           u:object_r:dump_ramdump_exec:s0

ramdump_and_coredump/ramdump_and_coredump.mk

@@ -0,0 +1,18 @@
+PRODUCT_PACKAGES += \
+  sscoredump \
+
+PRODUCT_PACKAGES_DEBUG += \
+    dump_ramdump \
+    ramdump \
+
+# When neither AOSP nor factory targets
+ifeq (,$(filter aosp_% factory_%, $(TARGET_PRODUCT)))
+  PRODUCT_PACKAGES += SSRestartDetector
+  PRODUCT_PACKAGES_DEBUG += RamdumpUploader
+endif
+
+BOARD_VENDOR_SEPOLICY_DIRS += device/google/gs-common/ramdump_and_coredump/sepolicy
+
+# sscoredump
+PRODUCT_PROPERTY_OVERRIDES += vendor.debug.ssrdump.type=sscoredump
+PRODUCT_SOONG_NAMESPACES += vendor/google/tools/subsystem-coredump

ramdump_and_coredump/sepolicy/bug_map

@@ -0,0 +1,3 @@
+ramdump vendor_hw_plat_prop file b/161103878
+ramdump public_vendor_default_prop file b/161103878
+ramdump proc_bootconfig file b/181615626

ramdump_and_coredump/sepolicy/device.te

@@ -0,0 +1 @@
+type sscoredump_device, dev_type;

ramdump_and_coredump/sepolicy/file.te

@@ -0,0 +1,15 @@
+# ramdump: file
+type ramdump_vendor_data_file, file_type, data_file_type, mlstrustedobject;
+type ramdump_vendor_mnt_file, file_type, data_file_type, mlstrustedobject;
+type ramdump_vendor_fs, fusefs_type, data_file_type, mlstrustedobject;
+
+# sscoredump: file
+type sscoredump_vendor_data_coredump_file, file_type, data_file_type, mlstrustedobject;
+type sscoredump_vendor_data_crashinfo_file, file_type, data_file_type, mlstrustedobject;
+
+# sscoredump: sysfs
+type sysfs_sscoredump_level, sysfs_type, fs_type;                  # sscoredump level
+type sysfs_sscoredump_subsystem_report_count, sysfs_type, fs_type; # subsystem report_count: per device explicit path
+
+# ssr_detector_app
+type sscoredump_vendor_data_logcat_file, file_type, data_file_type, mlstrustedobject;

ramdump_and_coredump/sepolicy/file_contexts

@@ -0,0 +1,17 @@
+# dump_ramdump
+/vendor/bin/dump/dump_ramdump           u:object_r:dump_ramdump_exec:s0
+
+# ramdump
+/data/vendor/ramdump(/.*)?                u:object_r:ramdump_vendor_data_file:s0
+/mnt/vendor/ramdump(/.*)?                 u:object_r:ramdump_vendor_mnt_file:s0
+/vendor/bin/ramdump                       u:object_r:ramdump_exec:s0
+/vendor/bin/ramdump32                     u:object_r:ramdump_exec:s0
+
+# sscoredump
+/data/vendor/ssrdump(/.*)?             u:object_r:sscoredump_vendor_data_crashinfo_file:s0
+/data/vendor/ssrdump/coredump(/.*)?    u:object_r:sscoredump_vendor_data_coredump_file:s0
+/dev/sscd_.*                           u:object_r:sscoredump_device:s0
+/vendor/bin/sscoredump                 u:object_r:sscoredump_exec:s0
+
+# ssr_detector_app
+/data/vendor/ssrdump/logcat(/.*)?      u:object_r:sscoredump_vendor_data_logcat_file:s0

ramdump_and_coredump/sepolicy/genfs_contexts

@@ -0,0 +1 @@
+genfscon sysfs /class/sscoredump/level u:object_r:sysfs_sscoredump_level:s0

ramdump_and_coredump/sepolicy/property.te

@@ -0,0 +1,2 @@
+# ramdump
+vendor_internal_prop(vendor_ramdump_prop)

ramdump_and_coredump/sepolicy/property_contexts

@@ -0,0 +1,3 @@
+# ramdump
+ro.boot.ramdump                           u:object_r:vendor_ramdump_prop:s0
+vendor.debug.ramdump.                     u:object_r:vendor_ramdump_prop:s0

ramdump_and_coredump/sepolicy/ramdump.te

@@ -0,0 +1,48 @@
+type ramdump_exec, exec_type, vendor_file_type, file_type;
+type ramdump, domain;
+
+userdebug_or_eng(`
+  init_daemon_domain(ramdump)
+
+  set_prop(ramdump, vendor_ramdump_prop)
+
+  # f2fs set pin file requires sys_admin
+  allow ramdump self:capability { sys_admin sys_rawio };
+
+  allow ramdump ramdump_vendor_data_file:dir create_dir_perms;
+  allow ramdump ramdump_vendor_data_file:file create_file_perms;
+  allow ramdump proc_cmdline:file r_file_perms;
+
+  allow ramdump block_device:dir search;
+  allow ramdump misc_block_device:blk_file rw_file_perms;
+  allow ramdump userdata_block_device:blk_file rw_file_perms;
+
+  # Allow ReadDefaultFstab().
+  read_fstab(ramdump)
+
+  # read /fstab.${ro.hardware}
+  allow ramdump rootfs:file r_file_perms;
+
+  r_dir_file(ramdump, sysfs_type)
+
+  # To access statsd.
+  hwbinder_use(ramdump)
+  get_prop(ramdump, hwservicemanager_prop)
+  get_prop(ramdump, boot_status_prop)
+  allow ramdump fwk_stats_hwservice:hwservice_manager find;
+  binder_call(ramdump, stats_service_server)
+  allow ramdump fwk_stats_service:service_manager find;
+  binder_use(ramdump)
+
+  # To implement fusefs (ramdumpfs) under /mnt/vendor/ramdump.
+  allow ramdump fuse:filesystem relabelfrom;
+  allow ramdump fuse_device:chr_file rw_file_perms;
+  allow ramdump mnt_vendor_file:dir r_dir_perms;
+  allow ramdump ramdump_vendor_mnt_file:dir { getattr mounton };
+  allow ramdump ramdump_vendor_fs:filesystem { mount unmount relabelfrom relabelto };
+  allow ramdump_vendor_mnt_file ramdump_vendor_fs:filesystem associate;
+
+  # Access new Stats AIDL APIs (ag/13714907).
+  allow ramdump fwk_stats_service:service_manager find;
+  binder_call(ramdump, servicemanager)
+')

ramdump_and_coredump/sepolicy/ramdump_app.te

@@ -0,0 +1,26 @@
+type ramdump_app, domain;
+
+userdebug_or_eng(`
+  app_domain(ramdump_app)
+
+  allow ramdump_app app_api_service:service_manager find;
+
+  allow ramdump_app ramdump_vendor_data_file:file create_file_perms;
+  allow ramdump_app ramdump_vendor_data_file:dir create_dir_perms;
+
+  set_prop(ramdump_app, vendor_ramdump_prop)
+  get_prop(ramdump_app, system_boot_reason_prop)
+
+  # To access ramdumpfs.
+  allow ramdump_app mnt_vendor_file:dir search;
+  allow ramdump_app ramdump_vendor_mnt_file:dir create_dir_perms;
+  allow ramdump_app ramdump_vendor_mnt_file:file create_file_perms;
+
+  # To access subsystem ramdump files and dirs.
+  allow ramdump_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
+  allow ramdump_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
+  allow ramdump_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
+  allow ramdump_app sscoredump_vendor_data_coredump_file:file r_file_perms;
+  allow ramdump_app sscoredump_vendor_data_logcat_file:dir r_dir_perms;
+  allow ramdump_app sscoredump_vendor_data_logcat_file:file r_file_perms;
+')

ramdump_and_coredump/sepolicy/seapp_contexts

@@ -0,0 +1,5 @@
+# ramdump_app
+user=_app seinfo=platform name=com.android.ramdump domain=ramdump_app type=app_data_file levelFrom=all
+
+# ssr_detector_app
+user=system seinfo=platform name=com.google.SSRestartDetector domain=ssr_detector_app type=system_app_data_file levelFrom=user

ramdump_and_coredump/sepolicy/sscoredump.te

@@ -0,0 +1,18 @@
+type sscoredump, domain;
+type sscoredump_exec, vendor_file_type, exec_type, file_type;
+
+init_daemon_domain(sscoredump)
+
+set_prop(sscoredump, vendor_ssrdump_prop)
+
+allow sscoredump device:dir r_dir_perms;
+allow sscoredump sscoredump_device:chr_file rw_file_perms;
+allow sscoredump sscoredump_vendor_data_crashinfo_file:dir create_dir_perms;
+allow sscoredump sscoredump_vendor_data_crashinfo_file:file create_file_perms;
+allow sscoredump sysfs_sscoredump_subsystem_report_count:file r_file_perms;
+
+userdebug_or_eng(`
+  allow sscoredump sysfs_sscoredump_level:file rw_file_perms;
+  allow sscoredump sscoredump_vendor_data_coredump_file:dir create_dir_perms;
+  allow sscoredump sscoredump_vendor_data_coredump_file:file create_file_perms;
+')

ramdump_and_coredump/sepolicy/ssr_detector_app.te

@@ -0,0 +1,27 @@
+type ssr_detector_app, domain;
+
+app_domain(ssr_detector_app)
+allow ssr_detector_app app_api_service:service_manager find;
+allow ssr_detector_app radio_service:service_manager find;
+
+allow ssr_detector_app system_app_data_file:dir create_dir_perms;
+allow ssr_detector_app system_app_data_file:file create_file_perms;
+
+allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:dir r_dir_perms;
+allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
+
+userdebug_or_eng(`
+  allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
+  allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
+  allow ssr_detector_app sscoredump_vendor_data_logcat_file:dir create_dir_perms;
+  allow ssr_detector_app sscoredump_vendor_data_logcat_file:file create_file_perms;
+  get_prop(ssr_detector_app, vendor_aoc_prop)
+  allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
+  allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
+  allow ssr_detector_app proc_vendor_sched:dir search;
+  allow ssr_detector_app proc_vendor_sched:file rw_file_perms;
+  allow ssr_detector_app cgroup:file write;
+')
+
+get_prop(ssr_detector_app, vendor_ssrdump_prop)
+get_prop(ssr_detector_app, vendor_wifi_version)

sota_app/factoryota-watch.mk

@@ -0,0 +1,4 @@
+PRODUCT_PACKAGES += \
+    FactoryOtaWearPrebuilt
+
+SYSTEM_EXT_PRIVATE_SEPOLICY_DIRS += device/google/gs-common/sota_app/sepolicy/system_ext

storage/init.storage.rc

@@ -6,11 +6,14 @@ on default_storage_mode
     # F2FS
     write /dev/sys/fs/by-name/userdata/data_io_flag 8
     write /dev/sys/fs/by-name/userdata/node_io_flag 8
+    write /dev/sys/fs/by-name/userdata/max_io_bytes 524288
+    write /dev/sys/fs/by-name/userdata/min_hot_blocks 0
 
     # Block
     write /dev/sys/block/by-name/rootdisk/queue/iostats 1
     write /dev/sys/block/by-name/rootdisk/queue/nr_requests 128
     write /dev/sys/block/by-name/rootdisk/queue/rq_affinity 2
+    write /dev/sys/block/by-name/zoned_device/queue/rq_affinity 2
 
     # UFS
     write /dev/sys/block/bootdevice/clkgate_enable 1
@@ -27,7 +30,7 @@ on init
 
     # Block
     write /dev/sys/block/by-name/rootdisk/queue/iostats 0
-    write /sys/sys/block/by-name/rootdisk/queue/nr_requests 256
+    write /dev/sys/block/by-name/rootdisk/queue/nr_requests 256
 
     # UFS
     write /dev/sys/block/bootdevice/clkgate_enable 0

storage/sepolicy/device.te

@@ -0,0 +1,2 @@
+# Userdata Exp block device.
+type userdata_exp_block_device, dev_type;