diff --git a/aoc/genfs_contexts b/aoc/genfs_contexts index abfc5a99..f474c77b 100644 --- a/aoc/genfs_contexts +++ b/aoc/genfs_contexts @@ -27,4 +27,5 @@ genfscon sysfs /devices/platform/audiometrics/mic_broken_degrade u:ob genfscon sysfs /devices/platform/audiometrics/codec_crashed_counter u:object_r:sysfs_pixelstats:s0 genfscon sysfs /devices/platform/audiometrics/hwinfo_part_number u:object_r:sysfs_pixelstats:s0 genfscon sysfs /devices/platform/audiometrics/ams_rate_read_once u:object_r:sysfs_pixelstats:s0 +genfscon sysfs /devices/platform/audiometrics/cca_rate_read_once u:object_r:sysfs_pixelstats:s0 diff --git a/whitechapel_pro/battery_mitigation.te b/whitechapel_pro/battery_mitigation.te index 59af9d53..643b2fc6 100644 --- a/whitechapel_pro/battery_mitigation.te +++ b/whitechapel_pro/battery_mitigation.te @@ -2,6 +2,8 @@ type battery_mitigation, domain; type battery_mitigation_exec, exec_type, vendor_file_type, file_type; init_daemon_domain(battery_mitigation) get_prop(battery_mitigation, boot_status_prop) +set_prop(battery_mitigation, vendor_mitigation_ready_prop) +get_prop(battery_mitigation, vendor_brownout_reason_prop) hal_client_domain(battery_mitigation, hal_thermal); hal_client_domain(battery_mitigation, hal_health); @@ -11,6 +13,9 @@ r_dir_file(battery_mitigation, sysfs_iio_devices) r_dir_file(battery_mitigation, sysfs_thermal) r_dir_file(battery_mitigation, thermal_link_device) r_dir_file(battery_mitigation, sysfs_odpm) +allow battery_mitigation sysfs_bcl:dir r_dir_perms; +allow battery_mitigation sysfs_bcl:file r_file_perms; +allow battery_mitigation sysfs_bcl:lnk_file r_file_perms; allow battery_mitigation sysfs_thermal:lnk_file r_file_perms; allow battery_mitigation mitigation_vendor_data_file:dir rw_dir_perms; allow battery_mitigation mitigation_vendor_data_file:file create_file_perms; diff --git a/whitechapel_pro/brownout_detection_app.te b/whitechapel_pro/brownout_detection_app.te new file mode 100644 index 00000000..6146a745 --- /dev/null +++ b/whitechapel_pro/brownout_detection_app.te @@ -0,0 +1,9 @@ +type brownout_detection_app, domain, coredomain; + +userdebug_or_eng(` + app_domain(brownout_detection_app) + net_domain(brownout_detection_app) + allow brownout_detection_app app_api_service:service_manager find; + allow brownout_detection_app system_api_service:service_manager find; + get_prop(brownout_detection_app, vendor_brownout_reason_prop) +') diff --git a/whitechapel_pro/chre.te b/whitechapel_pro/chre.te index 6d826217..26c1675f 100644 --- a/whitechapel_pro/chre.te +++ b/whitechapel_pro/chre.te @@ -22,3 +22,6 @@ allow chre hal_wifi_ext_hwservice:hwservice_manager find; # Allow CHRE host to talk to stats service allow chre fwk_stats_service:service_manager find; binder_call(chre, stats_service_server) + +# Allow CHRE to block suspend, which is required to use EPOLLWAKEUP. +allow chre self:global_capability2_class_set block_suspend; diff --git a/whitechapel_pro/file.te b/whitechapel_pro/file.te index d20b6f58..8b79dbe4 100644 --- a/whitechapel_pro/file.te +++ b/whitechapel_pro/file.te @@ -56,7 +56,7 @@ type sysfs_soc, sysfs_type, fs_type; type sysfs_camera, sysfs_type, fs_type; type sysfs_write_leds, sysfs_type, fs_type; type sysfs_pca, sysfs_type, fs_type; - +type sysfs_ptracker, sysfs_type, fs_type; # debugfs type debugfs_f2fs, debugfs_type, fs_type; type vendor_maxfg_debugfs, fs_type, debugfs_type; @@ -96,6 +96,9 @@ type vendor_usf_stats, vendor_file_type, file_type; type vendor_usf_reg_edit, vendor_file_type, file_type; type vendor_dumpsys, vendor_file_type, file_type; +#vendor-metrics +type sysfs_vendor_metrics, fs_type, sysfs_type; + # Modem type modem_efs_file, file_type; type modem_userdata_file, file_type; @@ -109,6 +112,9 @@ type sysfs_usbc_throttling_stats, sysfs_type, fs_type; # Touch type proc_touch, proc_type, fs_type; +userdebug_or_eng(` + typeattribute proc_touch mlstrustedobject; +') # Vendor sched files userdebug_or_eng(` diff --git a/whitechapel_pro/file_contexts b/whitechapel_pro/file_contexts index 83232f1e..e9b8ab7c 100644 --- a/whitechapel_pro/file_contexts +++ b/whitechapel_pro/file_contexts @@ -62,7 +62,7 @@ /vendor/lib(64)?/pixel-power-ext-V1-ndk\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/android\.frameworks\.stats-V1-ndk\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/vendor-pixelatoms-cpp\.so u:object_r:same_process_hal_file:s0 -/vendor/lib(64)?/libprotobuf-cpp-lite-3\.9\.1\.so u:object_r:same_process_hal_file:s0 +/vendor/lib(64)?/libprotobuf-cpp-lite-(\d+\.){2,3}so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/libgxp\.so u:object_r:same_process_hal_file:s0 /vendor/lib(64)?/gxp_metrics_logger\.so u:object_r:same_process_hal_file:s0 @@ -107,6 +107,7 @@ /dev/logbuffer_maxfg_monitor u:object_r:logbuffer_device:s0 /dev/logbuffer_maxfg_base_monitor u:object_r:logbuffer_device:s0 /dev/logbuffer_maxfg_flip_monitor u:object_r:logbuffer_device:s0 +/dev/logbuffer_bd u:object_r:logbuffer_device:s0 /dev/bbd_pwrstat u:object_r:power_stats_device:s0 /dev/lwis-act-jotnar u:object_r:lwis_device:s0 /dev/lwis-act-slenderman u:object_r:lwis_device:s0 @@ -212,6 +213,7 @@ /data/vendor/sensors/debug(/.*)? u:object_r:sensor_debug_data_file:s0 /data/vendor/sensors/registry(/.*)? u:object_r:sensor_reg_data_file:s0 /data/vendor/uwb(/.*)? u:object_r:uwb_data_vendor:s0 +/dev/maxfg_history u:object_r:battery_history_device:s0 /dev/battery_history u:object_r:battery_history_device:s0 /data/vendor/powerstats(/.*)? u:object_r:powerstats_vendor_data_file:s0 /data/vendor/mitigation(/.*)? u:object_r:mitigation_vendor_data_file:s0 diff --git a/whitechapel_pro/genfs_contexts b/whitechapel_pro/genfs_contexts index 452f93b2..5ee9a609 100644 --- a/whitechapel_pro/genfs_contexts +++ b/whitechapel_pro/genfs_contexts @@ -40,6 +40,7 @@ genfscon sysfs /devices/platform/10db0000.spi/spi_master/spi16/spi16.0/ieee80215 # WiFi genfscon sysfs /wifi u:object_r:sysfs_wifi:s0 +genfscon sysfs /wlan_ptracker u:object_r:sysfs_ptracker:s0 # ACPM genfscon sysfs /devices/platform/acpm_stats u:object_r:sysfs_acpm_stats:s0 @@ -342,6 +343,9 @@ genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.4.au genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb2 u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.5.auto/usb3 u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.6.auto/wakeup u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.6.auto/usb2 u:object_r:sysfs_wakeup:s0 +genfscon sysfs /devices/platform/11210000.usb/11210000.dwc3/xhci-hcd-exynos.6.auto/usb3 u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/11210000.usb/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/14520000.pcie/pci0001:00/0001:00:00.0/0001:01:00.0/wakeup u:object_r:sysfs_wakeup:s0 genfscon sysfs /devices/platform/14520000.pcie/pci0000:00/0000:00:00.0/0000:01:00.0/wakeup u:object_r:sysfs_wakeup:s0 @@ -387,8 +391,14 @@ genfscon sysfs /module/gs_thermal/parameters/tmu_top_reg_dump_fall_thres u:obj genfscon sysfs /module/gs_thermal/parameters/tmu_sub_reg_dump_rise_thres u:object_r:sysfs_thermal:s0 genfscon sysfs /module/gs_thermal/parameters/tmu_sub_reg_dump_fall_thres u:object_r:sysfs_thermal:s0 +#vendor-metrics +genfscon sysfs /kernel/metrics/temp_residency/temp_residency_all/stats u:object_r:sysfs_vendor_metrics:s0 +genfscon sysfs /kernel/metrics/resume_latency/resume_latency_metrics u:object_r:sysfs_vendor_metrics:s0 +genfscon sysfs /kernel/metrics/irq/long_irq_metrics u:object_r:sysfs_vendor_metrics:s0 + # Camera genfscon sysfs /devices/platform/17000030.devfreq_intcam/devfreq/17000030.devfreq_intcam/min_freq u:object_r:sysfs_camera:s0 +genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/max_freq u:object_r:sysfs_camera:s0 genfscon sysfs /devices/platform/17000060.devfreq_tnr/devfreq/17000060.devfreq_tnr/min_freq u:object_r:sysfs_camera:s0 # USB-C throttling stats diff --git a/whitechapel_pro/google_touch_app.te b/whitechapel_pro/google_touch_app.te new file mode 100644 index 00000000..f90fde1e --- /dev/null +++ b/whitechapel_pro/google_touch_app.te @@ -0,0 +1,11 @@ +type google_touch_app, domain; + +userdebug_or_eng(` + app_domain(google_touch_app) + + allow google_touch_app app_api_service:service_manager find; + + allow google_touch_app sysfs_touch:dir r_dir_perms; + allow google_touch_app sysfs_touch:file rw_file_perms; + allow google_touch_app proc_touch:file rw_file_perms; +') diff --git a/whitechapel_pro/hal_dumpstate_default.te b/whitechapel_pro/hal_dumpstate_default.te index 21fa7025..fbfbd227 100644 --- a/whitechapel_pro/hal_dumpstate_default.te +++ b/whitechapel_pro/hal_dumpstate_default.te @@ -45,6 +45,9 @@ allow hal_dumpstate_default mitigation_vendor_data_file:file r_file_perms; allow hal_dumpstate_default sysfs_wifi:dir r_dir_perms; allow hal_dumpstate_default sysfs_wifi:file r_file_perms; +allow hal_dumpstate_default sysfs_ptracker:dir r_dir_perms; +allow hal_dumpstate_default sysfs_ptracker:file r_file_perms; + allow hal_dumpstate_default sysfs_batteryinfo:dir r_dir_perms; allow hal_dumpstate_default sysfs_batteryinfo:file r_file_perms; @@ -99,6 +102,8 @@ allow hal_dumpstate_default vendor_shell_exec:file execute_no_trans; allow hal_dumpstate_default proc_vendor_sched:dir r_dir_perms; allow hal_dumpstate_default proc_vendor_sched:file r_file_perms; +allow hal_dumpstate_default battery_history_device:chr_file r_file_perms; + userdebug_or_eng(` allow hal_dumpstate_default sysfs_leds:dir search; allow hal_dumpstate_default sysfs_leds:file rw_file_perms; @@ -136,6 +141,10 @@ userdebug_or_eng(` allow hal_dumpstate_default vendor_dri_debugfs:file r_file_perms; allow hal_dumpstate_default vendor_page_pinner_debugfs:dir search; allow hal_dumpstate_default vendor_page_pinner_debugfs:file r_file_perms; + allow hal_dumpstate_default debugfs_tracing_instances:dir search; + allow hal_dumpstate_default debugfs_tracing_instances:file r_file_perms; + allow hal_dumpstate_default sysfs_vendor_metrics:dir search; + allow hal_dumpstate_default sysfs_vendor_metrics:file r_file_perms; allow hal_dumpstate_default vendor_cma_debugfs:dir r_dir_perms; allow hal_dumpstate_default vendor_cma_debugfs:file r_file_perms; allow hal_dumpstate_default tcpdump_vendor_data_file:dir create_dir_perms; @@ -164,6 +173,10 @@ dontaudit hal_dumpstate_default sysfs_bcl:dir r_dir_perms; dontaudit hal_dumpstate_default sysfs_bcl:file r_file_perms; dontaudit hal_dumpstate_default vendor_page_pinner_debugfs:dir search; dontaudit hal_dumpstate_default vendor_page_pinner_debugfs:file r_file_perms; +dontaudit hal_dumpstate_default debugfs_tracing_instances:dir search; +dontaudit hal_dumpstate_default debugfs_tracing_instances:file r_file_perms; +dontaudit hal_dumpstate_default sysfs_vendor_metrics:dir search; +dontaudit hal_dumpstate_default sysfs_vendor_metrics:file r_file_perms; dontaudit hal_dumpstate_default vendor_cma_debugfs:dir r_dir_perms; dontaudit hal_dumpstate_default vendor_cma_debugfs:file r_file_perms; dontaudit hal_dumpstate_default tcpdump_vendor_data_file:dir create_dir_perms; diff --git a/whitechapel_pro/hal_fingerprint_default.te b/whitechapel_pro/hal_fingerprint_default.te index ec02f9c4..912776dd 100644 --- a/whitechapel_pro/hal_fingerprint_default.te +++ b/whitechapel_pro/hal_fingerprint_default.te @@ -30,3 +30,6 @@ allow hal_fingerprint_default sysfs_trusty:file rw_file_perms; # Allow fingerprint to access display hal allow hal_fingerprint_default hal_pixel_display_service:service_manager find; binder_call(hal_fingerprint_default, hal_graphics_composer_default) + +# allow fingerprint to access thermal hal +hal_client_domain(hal_fingerprint_default, hal_thermal); diff --git a/whitechapel_pro/hal_health_default.te b/whitechapel_pro/hal_health_default.te index d953d4b2..6c3c6940 100644 --- a/whitechapel_pro/hal_health_default.te +++ b/whitechapel_pro/hal_health_default.te @@ -1,5 +1,7 @@ allow hal_health_default mnt_vendor_file:dir search; allow hal_health_default persist_file:dir search; +allow hal_health_default persist_battery_file:file create_file_perms; +allow hal_health_default persist_battery_file:dir rw_dir_perms; set_prop(hal_health_default, vendor_battery_defender_prop) diff --git a/whitechapel_pro/hal_sensors_default.te b/whitechapel_pro/hal_sensors_default.te index bb3a9139..fcd758a4 100644 --- a/whitechapel_pro/hal_sensors_default.te +++ b/whitechapel_pro/hal_sensors_default.te @@ -81,3 +81,8 @@ binder_call(hal_sensors_default, hal_graphics_composer_default); # Allow display_info_service access to the backlight driver. allow hal_sensors_default sysfs_write_leds:file rw_file_perms; + +# Allow access to the power supply files for MagCC. +r_dir_file(hal_sensors_default, sysfs_batteryinfo) +allow hal_sensors_default sysfs_wlc:dir r_dir_perms; + diff --git a/whitechapel_pro/kernel.te b/whitechapel_pro/kernel.te index c34e7f72..376d8e14 100644 --- a/whitechapel_pro/kernel.te +++ b/whitechapel_pro/kernel.te @@ -9,3 +9,4 @@ allow kernel self:capability2 perfmon; allow kernel self:perf_event cpu; dontaudit kernel vendor_battery_debugfs:dir search; +dontaudit kernel vendor_regmap_debugfs:dir search; diff --git a/whitechapel_pro/pixelstats_vendor.te b/whitechapel_pro/pixelstats_vendor.te index 4ba9ccd7..de94e14b 100644 --- a/whitechapel_pro/pixelstats_vendor.te +++ b/whitechapel_pro/pixelstats_vendor.te @@ -29,3 +29,10 @@ allow pixelstats_vendor sysfs_pca:file rw_file_perms; #Thermal r_dir_file(pixelstats_vendor, sysfs_thermal) allow pixelstats_vendor sysfs_thermal:lnk_file r_file_perms; + +#vendor-metrics +r_dir_file(pixelstats_vendor, sysfs_vendor_metrics) + +# BCL +allow pixelstats_vendor sysfs_bcl:dir search; +allow pixelstats_vendor sysfs_bcl:file r_file_perms; diff --git a/whitechapel_pro/property.te b/whitechapel_pro/property.te index 923c6ccf..b5bf04c2 100644 --- a/whitechapel_pro/property.te +++ b/whitechapel_pro/property.te @@ -37,5 +37,9 @@ vendor_internal_prop(vendor_dynamic_sensor_prop) # Telephony debug app vendor_internal_prop(vendor_telephony_app_prop) +# Battery Mitigation +vendor_internal_prop(vendor_mitigation_ready_prop) +vendor_public_prop(vendor_brownout_reason_prop) + # Trusty storage FS ready vendor_internal_prop(vendor_trusty_storage_prop) diff --git a/whitechapel_pro/property_contexts b/whitechapel_pro/property_contexts index a411368b..32b304b1 100644 --- a/whitechapel_pro/property_contexts +++ b/whitechapel_pro/property_contexts @@ -107,5 +107,9 @@ persist.vendor.ims. u:object_r:vendor_imssvc_prop:s0 # for vendor telephony debug app vendor.config.debug. u:object_r:vendor_telephony_app_prop:s0 +# Battery Mitigation +vendor.brownout.mitigation.ready u:object_r:vendor_mitigation_ready_prop:s0 +vendor.brownout_reason u:object_r:vendor_brownout_reason_prop:s0 + # Trusty ro.vendor.trusty.storage.fs_ready u:object_r:vendor_trusty_storage_prop:s0 diff --git a/whitechapel_pro/seapp_contexts b/whitechapel_pro/seapp_contexts index 68fe8176..3171c163 100644 --- a/whitechapel_pro/seapp_contexts +++ b/whitechapel_pro/seapp_contexts @@ -45,6 +45,9 @@ user=_app isPrivApp=true seinfo=mds name=com.google.mds domain=modem_diagnostic_ # CBRS setup app user=_app seinfo=platform name=com.google.googlecbrs domain=cbrs_setup_app type=app_data_file levelFrom=user +# Touch app +user=_app seinfo=platform name=com.google.touch.touchinspector domain=google_touch_app type=app_data_file levelFrom=user + # Qorvo UWB system app # TODO(b/222204912): Should this run under uwb user? user=_app isPrivApp=true seinfo=uwb name=com.qorvo.uwb.vendorservice domain=uwb_vendor_app type=uwb_vendor_data_file levelFrom=all @@ -72,3 +75,6 @@ user=system seinfo=platform name=com.google.android.CatEngine domain=cat_engine_ # CccDkTimeSyncService user=_app isPrivApp=true name=com.google.pixel.digitalkey.timesync domain=vendor_cccdktimesync_app type=app_data_file levelFrom=all + +# BrownoutDetection +user=_app isPrivApp=true name=com.google.android.brownoutdetection domain=brownout_detection_app type=app_data_file levelFrom=all diff --git a/whitechapel_pro/vendor_init.te b/whitechapel_pro/vendor_init.te index fc6e5474..5b828e93 100644 --- a/whitechapel_pro/vendor_init.te +++ b/whitechapel_pro/vendor_init.te @@ -36,5 +36,11 @@ set_prop(vendor_init, vendor_battery_defender_prop) # Display set_prop(vendor_init, vendor_display_prop) +# Battery Mitigation +set_prop(vendor_init, vendor_brownout_reason_prop) + +# MM +allow vendor_init proc_watermark_scale_factor:file w_file_perms; + # Trusty storage FS ready get_prop(vendor_init, vendor_trusty_storage_prop)