Merge Android 12L
Bug: 222710654 Merged-In: I7b9186af0cb135241e23504fa9d6f7c3d6718c7c Change-Id: I60cda8853fd8575beb8617025479d08ccf816fbb
This commit is contained in:
Xin Li
commit
22c3ab8b6b
19 changed files with 59 additions and 47 deletions
|
|
@ -1,2 +0,0 @@
|
|||
dontaudit mediaprovider_app sysfs_vendor_sched:dir search;
|
||||
|
||||
|
|
@ -1,6 +1,4 @@
|
|||
# b/185723618
|
||||
dontaudit dumpstate hal_power_stats_vendor_service:service_manager { find };
|
||||
# b/187795940
|
||||
dontaudit dumpstate twoshay:binder call;
|
||||
# b/190337283
|
||||
dontaudit dumpstate debugfs_wakeup_sources:file read;
|
||||
|
|
|
|||
|
|
@ -49,6 +49,16 @@ allow hal_sensors_default sysfs_aoc_reset:file rw_file_perms;
|
|||
# Allow sensor HAL to read AoC dumpstate.
|
||||
allow hal_sensors_default sysfs_aoc_dumpstate:file r_file_perms;
|
||||
|
||||
# Allow access for dynamic sensor properties.
|
||||
get_prop(hal_sensors_default, vendor_dynamic_sensor_prop)
|
||||
|
||||
# Allow access to raw HID devices for dynamic sensors.
|
||||
allow hal_sensors_default hidraw_device:chr_file rw_file_perms;
|
||||
|
||||
# Allow sensor HAL to access the display service HAL
|
||||
allow hal_sensors_default hal_pixel_display_service:service_manager find;
|
||||
binder_call(hal_sensors_default, hal_graphics_composer_default)
|
||||
|
||||
#
|
||||
# Suez type enforcements.
|
||||
#
|
||||
|
|
|
|||
7
whitechapel/vendor/google/device.te
vendored
7
whitechapel/vendor/google/device.te
vendored
|
|
@ -26,9 +26,6 @@ type cpuctl_device, dev_type;
|
|||
# Bt Wifi Coexistence device
|
||||
type wb_coexistence_dev, dev_type;
|
||||
|
||||
# Touch
|
||||
type touch_offload_device, dev_type;
|
||||
|
||||
# LWIS (Lightweight Imaging Subsystem) devices, used by Lyric camera HAL
|
||||
type lwis_device, dev_type;
|
||||
|
||||
|
|
@ -55,3 +52,7 @@ type amcs_device, dev_type;
|
|||
|
||||
# Battery history
|
||||
type battery_history_device, dev_type;
|
||||
|
||||
# Raw HID device
|
||||
type hidraw_device, dev_type;
|
||||
|
||||
|
|
|
|||
1
whitechapel/vendor/google/euiccpixel_app.te
vendored
1
whitechapel/vendor/google/euiccpixel_app.te
vendored
|
|
@ -10,6 +10,7 @@ allow euiccpixel_app surfaceflinger_service:service_manager find;
|
|||
|
||||
set_prop(euiccpixel_app, vendor_secure_element_prop)
|
||||
set_prop(euiccpixel_app, vendor_modem_prop)
|
||||
get_prop(euiccpixel_app, dck_prop)
|
||||
|
||||
userdebug_or_eng(`
|
||||
net_domain(euiccpixel_app)
|
||||
|
|
|
|||
8
whitechapel/vendor/google/file_contexts
vendored
8
whitechapel/vendor/google/file_contexts
vendored
|
|
@ -384,10 +384,6 @@
|
|||
/vendor/lib(64)?/hw/vulkan\.gs101\.so u:object_r:same_process_hal_file:s0
|
||||
/vendor/lib(64)?/arm\.graphics-V1-ndk\.so u:object_r:same_process_hal_file:s0
|
||||
|
||||
# Touch
|
||||
/dev/touch_offload u:object_r:touch_offload_device:s0
|
||||
/vendor/bin/twoshay u:object_r:twoshay_exec:s0
|
||||
|
||||
# Fingerprint
|
||||
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint@2\.1-service\.goodix u:object_r:hal_fingerprint_default_exec:s0
|
||||
/vendor/bin/hw/android\.hardware\.biometrics\.fingerprint-service\.goodix u:object_r:hal_fingerprint_default_exec:s0
|
||||
|
|
@ -442,3 +438,7 @@
|
|||
/vendor/lib64/android\.frameworks\.stats-V1-ndk\.so u:object_r:same_process_hal_file:s0
|
||||
/vendor/lib64/vendor-pixelatoms-cpp\.so u:object_r:same_process_hal_file:s0
|
||||
/vendor/lib64/libprotobuf-cpp-lite-3\.9\.1\.so u:object_r:same_process_hal_file:s0
|
||||
|
||||
# Raw HID device
|
||||
/dev/hidraw[0-9]* u:object_r:hidraw_device:s0
|
||||
|
||||
|
|
|
|||
35
whitechapel/vendor/google/genfs_contexts
vendored
35
whitechapel/vendor/google/genfs_contexts
vendored
|
|
@ -71,9 +71,9 @@ genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/gadget/net
|
|||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-0043 u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0043 u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-005a u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-cs40l25a u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/5-0042 u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-cs40l25a u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/i2c-cs40l25a u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-cs40l25a-dual u:object_r:sysfs_vibrator:s0
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-5/i2c-cs40l25a u:object_r:sysfs_vibrator:s0
|
||||
|
||||
# Fingerprint
|
||||
genfscon sysfs /devices/platform/odm/odm:fp_fpc1020 u:object_r:sysfs_fingerprint:s0
|
||||
|
|
@ -101,6 +101,8 @@ genfscon sysfs /devices/platform/acpm_mfd_bus@17500000/i2c-6/i2c-s2mpg10mfd/wake
|
|||
genfscon sysfs /devices/platform/19000000.aoc/usb_control/wakeup/wakeup u:object_r:sysfs_wakeup:s0
|
||||
genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/wakeup/wakeup u:object_r:sysfs_wakeup:s0
|
||||
genfscon sysfs /devices/platform/19000000.aoc/com.google.usf/wakeup/wakeup u:object_r:sysfs_wakeup:s0
|
||||
genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.5.auto/wakeup/wakeup u:object_r:sysfs_wakeup:s0
|
||||
genfscon sysfs /devices/platform/11110000.usb/11110000.dwc3/xhci-hcd-exynos.4.auto/wakeup/wakeup u:object_r:sysfs_wakeup:s0
|
||||
|
||||
# Touch
|
||||
genfscon sysfs /devices/platform/10d40000.spi/spi_master/spi11/spi11.0 u:object_r:sysfs_touch:s0
|
||||
|
|
@ -114,14 +116,16 @@ genfscon sysfs /devices/platform/10940000.spi/spi_master/spi5/spi5.0/nstandby
|
|||
genfscon sysfs /devices/virtual/pps/pps0/assert_elapsed u:object_r:sysfs_gps_assert:s0
|
||||
|
||||
# Display
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/gamma u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/gamma u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_extinfo u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_extinfo u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_need_handle_idle_exit u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/hs_clock u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/gamma u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/gamma u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/min_vrefresh u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/min_vrefresh u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/idle_delay_ms u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/idle_delay_ms u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/1c2c0000.drmdsim.0/panel_extinfo u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/1c2d0000.drmdsim.0/panel_extinfo u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2c0000.drmdsim/hs_clock u:object_r:sysfs_display:s0
|
||||
genfscon sysfs /devices/platform/1c2d0000.drmdsim/hs_clock u:object_r:sysfs_display:s0
|
||||
|
||||
# Modem
|
||||
genfscon sysfs /devices/platform/cp-tm1/cp_temp u:object_r:sysfs_modem:s0
|
||||
|
|
@ -260,6 +264,7 @@ genfscon sysfs /devices/platform/1c500000.mali/hint_min_freq
|
|||
genfscon sysfs /devices/platform/1c500000.mali/dma_buf_gpu_mem u:object_r:sysfs_gpu:s0
|
||||
genfscon sysfs /devices/platform/1c500000.mali/total_gpu_mem u:object_r:sysfs_gpu:s0
|
||||
genfscon sysfs /devices/platform/1c500000.mali/kprcs u:object_r:sysfs_gpu:s0
|
||||
genfscon sysfs /devices/platform/1c500000.mali/power_policy u:object_r:sysfs_gpu:s0
|
||||
|
||||
# nvmem (Non Volatile Memory layer)
|
||||
genfscon sysfs /devices/platform/10970000.hsi2c/i2c-4/4-0050/4-00500/nvmem u:object_r:sysfs_memory:s0
|
||||
|
|
@ -323,6 +328,14 @@ genfscon sysfs /devices/platform/sjtag_gsa/interface u:object_
|
|||
genfscon sysfs /devices/platform/17000030.devfreq_intcam/devfreq/17000030.devfreq_intcam/min_freq u:object_r:sysfs_camera:s0
|
||||
genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/min_freq u:object_r:sysfs_camera:s0
|
||||
|
||||
# thermal sysfs files
|
||||
genfscon sysfs /module/gs101_thermal/parameters/tmu_reg_dump_state u:object_r:sysfs_thermal:s0
|
||||
genfscon sysfs /module/gs101_thermal/parameters/tmu_reg_dump_current_temp u:object_r:sysfs_thermal:s0
|
||||
genfscon sysfs /module/gs101_thermal/parameters/tmu_top_reg_dump_rise_thres u:object_r:sysfs_thermal:s0
|
||||
genfscon sysfs /module/gs101_thermal/parameters/tmu_top_reg_dump_fall_thres u:object_r:sysfs_thermal:s0
|
||||
genfscon sysfs /module/gs101_thermal/parameters/tmu_sub_reg_dump_rise_thres u:object_r:sysfs_thermal:s0
|
||||
genfscon sysfs /module/gs101_thermal/parameters/tmu_sub_reg_dump_fall_thres u:object_r:sysfs_thermal:s0
|
||||
|
||||
# USB-C throttling stats
|
||||
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/cleared_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||
genfscon sysfs /devices/platform/google,usbc_port_cooling_dev/hysteresis_time u:object_r:sysfs_usbc_throttling_stats:s0
|
||||
|
|
|
|||
|
|
@ -64,9 +64,6 @@ allow hal_dumpstate_default sysfs_thermal:dir r_dir_perms;
|
|||
allow hal_dumpstate_default sysfs_thermal:file r_file_perms;
|
||||
allow hal_dumpstate_default sysfs_thermal:lnk_file read;
|
||||
|
||||
allow hal_dumpstate_default touch_context_service:service_manager find;
|
||||
binder_call(hal_dumpstate_default, twoshay)
|
||||
|
||||
# Modem logs
|
||||
allow hal_dumpstate_default modem_efs_file:dir search;
|
||||
allow hal_dumpstate_default modem_efs_file:file r_file_perms;
|
||||
|
|
|
|||
2
whitechapel/vendor/google/kernel.te
vendored
2
whitechapel/vendor/google/kernel.te
vendored
|
|
@ -7,3 +7,5 @@ allow kernel per_boot_file:file r_file_perms;
|
|||
# memlat needs permision to create/delete perf events when hotplug on/off
|
||||
allow kernel self:capability2 perfmon;
|
||||
allow kernel self:perf_event cpu;
|
||||
|
||||
dontaudit kernel vendor_battery_debugfs:dir search;
|
||||
|
|
|
|||
1
whitechapel/vendor/google/mediacodec.te
vendored
1
whitechapel/vendor/google/mediacodec.te
vendored
|
|
@ -7,3 +7,4 @@ allow mediacodec hal_camera_default:binder call;
|
|||
allow mediacodec sysfs_video:file r_file_perms;
|
||||
allow mediacodec sysfs_video:dir r_dir_perms;
|
||||
allow mediacodec dmabuf_system_secure_heap_device:chr_file r_file_perms;
|
||||
hal_client_domain(mediacodec, hal_power);
|
||||
|
|
|
|||
|
|
@ -29,4 +29,7 @@ userdebug_or_eng(`
|
|||
allow modem_diagnostic_app modem_img_file:lnk_file r_file_perms;
|
||||
|
||||
allow modem_diagnostic_app hal_vendor_oem_hwservice:hwservice_manager find;
|
||||
|
||||
allow modem_diagnostic_app sysfs_batteryinfo:file r_file_perms;
|
||||
allow modem_diagnostic_app sysfs_batteryinfo:dir search;
|
||||
')
|
||||
|
|
|
|||
3
whitechapel/vendor/google/platform_app.te
vendored
3
whitechapel/vendor/google/platform_app.te
vendored
|
|
@ -13,9 +13,6 @@ allow platform_app uwb_service:service_manager find;
|
|||
allow platform_app fwk_stats_service:service_manager find;
|
||||
binder_use(platform_app)
|
||||
|
||||
allow platform_app touch_context_service:service_manager find;
|
||||
binder_call(platform_app, twoshay)
|
||||
|
||||
# Fingerprint (UDFPS) GHBM/LHBM toggle
|
||||
get_prop(platform_app, fingerprint_ghbm_prop)
|
||||
|
||||
|
|
|
|||
4
whitechapel/vendor/google/property.te
vendored
4
whitechapel/vendor/google/property.te
vendored
|
|
@ -49,3 +49,7 @@ vendor_internal_prop(vendor_tcpdump_log_prop)
|
|||
|
||||
# Fingerprint
|
||||
vendor_internal_prop(vendor_fingerprint_fake_prop)
|
||||
|
||||
# Dynamic sensor
|
||||
vendor_internal_prop(vendor_dynamic_sensor_prop)
|
||||
|
||||
|
|
|
|||
4
whitechapel/vendor/google/property_contexts
vendored
4
whitechapel/vendor/google/property_contexts
vendored
|
|
@ -105,3 +105,7 @@ vendor.tcpdump.output.dir u:object_r:vendor_tcpdump_log_pr
|
|||
|
||||
# Fingerprint
|
||||
vendor.fingerprint.disable.fake u:object_r:vendor_fingerprint_fake_prop:s0
|
||||
|
||||
# Dynamic sensor
|
||||
vendor.dynamic_sensor. u:object_r:vendor_dynamic_sensor_prop:s0
|
||||
|
||||
|
|
|
|||
1
whitechapel/vendor/google/service.te
vendored
1
whitechapel/vendor/google/service.te
vendored
|
|
@ -1,4 +1,3 @@
|
|||
type hal_pixel_display_service, service_manager_type, vendor_service;
|
||||
type uwb_vendor_service, service_manager_type, vendor_service;
|
||||
type touch_context_service, service_manager_type, vendor_service;
|
||||
type hal_uwb_vendor_service, service_manager_type, vendor_service;
|
||||
|
|
|
|||
1
whitechapel/vendor/google/service_contexts
vendored
1
whitechapel/vendor/google/service_contexts
vendored
|
|
@ -1,4 +1,3 @@
|
|||
com.google.hardware.pixel.display.IDisplay/default u:object_r:hal_pixel_display_service:s0
|
||||
com.google.input.ITouchContextService/default u:object_r:touch_context_service:s0
|
||||
uwb_vendor u:object_r:uwb_vendor_service:s0
|
||||
hardware.qorvo.uwb.IUwb/default u:object_r:hal_uwb_vendor_service:s0
|
||||
|
|
|
|||
2
whitechapel/vendor/google/ssr_detector.te
vendored
2
whitechapel/vendor/google/ssr_detector.te
vendored
|
|
@ -11,7 +11,6 @@ allow ssr_detector_app sscoredump_vendor_data_crashinfo_file:file r_file_perms;
|
|||
userdebug_or_eng(`
|
||||
allow ssr_detector_app sscoredump_vendor_data_coredump_file:dir r_dir_perms;
|
||||
allow ssr_detector_app sscoredump_vendor_data_coredump_file:file r_file_perms;
|
||||
get_prop(ssr_detector_app, vendor_aoc_prop)
|
||||
allow ssr_detector_app sysfs_sjtag:dir r_dir_perms;
|
||||
allow ssr_detector_app sysfs_sjtag:file rw_file_perms;
|
||||
allow ssr_detector_app sysfs_vendor_sched:dir search;
|
||||
|
|
@ -21,3 +20,4 @@ userdebug_or_eng(`
|
|||
|
||||
get_prop(ssr_detector_app, vendor_ssrdump_prop)
|
||||
get_prop(ssr_detector_app, vendor_wifi_version)
|
||||
get_prop(ssr_detector_app, vendor_aoc_prop)
|
||||
|
|
|
|||
16
whitechapel/vendor/google/twoshay.te
vendored
16
whitechapel/vendor/google/twoshay.te
vendored
|
|
@ -1,16 +0,0 @@
|
|||
type twoshay, domain;
|
||||
type twoshay_exec, exec_type, vendor_file_type, file_type;
|
||||
|
||||
init_daemon_domain(twoshay)
|
||||
|
||||
allow twoshay touch_offload_device:chr_file rw_file_perms;
|
||||
allow twoshay twoshay:capability sys_nice;
|
||||
|
||||
binder_use(twoshay)
|
||||
add_service(twoshay, touch_context_service)
|
||||
|
||||
# b/193224954
|
||||
dontaudit twoshay twoshay:capability dac_override;
|
||||
|
||||
allow twoshay fwk_stats_service:service_manager find;
|
||||
binder_call(twoshay, stats_service_server)
|
||||
1
whitechapel/vendor/google/uwb_vendor_app.te
vendored
1
whitechapel/vendor/google/uwb_vendor_app.te
vendored
|
|
@ -17,6 +17,7 @@ allow uwb_vendor_app uwb_vendor_data_file:dir create_dir_perms;
|
|||
|
||||
allow hal_uwb_vendor_default self:global_capability_class_set { sys_nice };
|
||||
allow hal_uwb_vendor_default kernel:process { setsched };
|
||||
get_prop(uwb_vendor_app, vendor_secure_element_prop)
|
||||
|
||||
binder_call(uwb_vendor_app, hal_uwb_vendor_default)
|
||||
')
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue