From 293b13687fe11ac83341f0dfcad35a11d6f489e1 Mon Sep 17 00:00:00 2001
From: George Lee <geolee@google.com>
Date: Sat, 5 Nov 2022 10:03:43 -0700
Subject: [PATCH 1/4] betterbug: Fixed sepolicy related to mediaserver [DO NOT
 MERGE]

Added mediaserver sepolicy for betterbug

Bug: 237287659
Test: Run same video capture on Betterbug to confirm video can be
captured.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
(cherry picked from commit 40be3818e112434f63532ab2f1c226d9e155c0f6)
Merged-In: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
---
 whitechapel_pro/better_bug_app.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/whitechapel_pro/better_bug_app.te b/whitechapel_pro/better_bug_app.te
index 506e832f..41d403b8 100644
--- a/whitechapel_pro/better_bug_app.te
+++ b/whitechapel_pro/better_bug_app.te
@@ -6,6 +6,7 @@ userdebug_or_eng(`
   allow better_bug_app app_api_service:service_manager find;
   allow better_bug_app system_api_service:service_manager find;
   allow better_bug_app privapp_data_file:file execute;
+  allow better_bug_app mediaserver_service:service_manager find;
   get_prop(better_bug_app, default_prop);
   get_prop(better_bug_app, vendor_startup_bugreport_requested_prop)
 ')

From a85164a440ea15f1c98ce480aca367ba796823e6 Mon Sep 17 00:00:00 2001
From: George Lee <geolee@google.com>
Date: Sat, 5 Nov 2022 10:03:43 -0700
Subject: [PATCH 2/4] betterbug: Fixed sepolicy related to mediaserver [DO NOT
 MERGE]

Added mediaserver sepolicy for betterbug

Bug: 237287659
Test: Run same video capture on Betterbug to confirm video can be
captured.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
(cherry picked from commit 40be3818e112434f63532ab2f1c226d9e155c0f6)
Merged-In: I5226bdbf9d4fccb991161bbe6ac4edf8fd3b15a7
---
 whitechapel_pro/better_bug_app.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/whitechapel_pro/better_bug_app.te b/whitechapel_pro/better_bug_app.te
index 506e832f..41d403b8 100644
--- a/whitechapel_pro/better_bug_app.te
+++ b/whitechapel_pro/better_bug_app.te
@@ -6,6 +6,7 @@ userdebug_or_eng(`
   allow better_bug_app app_api_service:service_manager find;
   allow better_bug_app system_api_service:service_manager find;
   allow better_bug_app privapp_data_file:file execute;
+  allow better_bug_app mediaserver_service:service_manager find;
   get_prop(better_bug_app, default_prop);
   get_prop(better_bug_app, vendor_startup_bugreport_requested_prop)
 ')

From 71560f74028a12f43276636f760fcaf4c33803cb Mon Sep 17 00:00:00 2001
From: George Lee <geolee@google.com>
Date: Mon, 14 Nov 2022 10:12:24 -0800
Subject: [PATCH 3/4] gs201-sepolicy: Add BrownoutDetection app [DO NOT MERGE]

This app files bugreport for user-debug build with reboot reason = ocp
or uvlo.  Removed the dependency on BetterBug.

Bug: 237287659
Test: Ensure bugreport is generated under user-debug build with reboot
reason = ocp or uvlo.
Signed-off-by: George Lee <geolee@google.com>
Change-Id: Ib8fceb62e66e9d561a6597687ea3cbe5ac9a832d
(cherry picked from commit d59612c409a9869f77797c619e8163d5394bf38e)
Merged-In: Ib8fceb62e66e9d561a6597687ea3cbe5ac9a832d
---
 whitechapel_pro/battery_mitigation.te     |  1 -
 whitechapel_pro/better_bug_app.te         | 13 -------------
 whitechapel_pro/brownout_detection_app.te |  9 +++++++++
 whitechapel_pro/property.te               |  2 +-
 whitechapel_pro/property_contexts         |  2 +-
 whitechapel_pro/seapp_contexts            |  4 ++--
 whitechapel_pro/vendor_init.te            |  2 +-
 7 files changed, 14 insertions(+), 19 deletions(-)
 delete mode 100644 whitechapel_pro/better_bug_app.te
 create mode 100644 whitechapel_pro/brownout_detection_app.te

diff --git a/whitechapel_pro/battery_mitigation.te b/whitechapel_pro/battery_mitigation.te
index 56b83733..5fecbcba 100644
--- a/whitechapel_pro/battery_mitigation.te
+++ b/whitechapel_pro/battery_mitigation.te
@@ -2,7 +2,6 @@ type battery_mitigation, domain;
 type battery_mitigation_exec, exec_type, vendor_file_type, file_type;
 init_daemon_domain(battery_mitigation)
 get_prop(battery_mitigation, boot_status_prop)
-get_prop(battery_mitigation, vendor_startup_bugreport_requested_prop)
 set_prop(battery_mitigation, vendor_mitigation_ready_prop)
 
 hal_client_domain(battery_mitigation, hal_thermal);
diff --git a/whitechapel_pro/better_bug_app.te b/whitechapel_pro/better_bug_app.te
deleted file mode 100644
index 6813024b..00000000
--- a/whitechapel_pro/better_bug_app.te
+++ /dev/null
@@ -1,13 +0,0 @@
-type better_bug_app, domain, coredomain;
-
-userdebug_or_eng(`
-  app_domain(better_bug_app)
-  net_domain(better_bug_app)
-  allow better_bug_app shell_data_file:file read;
-  allow better_bug_app app_api_service:service_manager find;
-  allow better_bug_app system_api_service:service_manager find;
-  allow better_bug_app privapp_data_file:file execute;
-  allow better_bug_app mediaserver_service:service_manager find;
-  get_prop(better_bug_app, default_prop);
-  get_prop(better_bug_app, vendor_startup_bugreport_requested_prop)
-')
diff --git a/whitechapel_pro/brownout_detection_app.te b/whitechapel_pro/brownout_detection_app.te
new file mode 100644
index 00000000..6146a745
--- /dev/null
+++ b/whitechapel_pro/brownout_detection_app.te
@@ -0,0 +1,9 @@
+type brownout_detection_app, domain, coredomain;
+
+userdebug_or_eng(`
+  app_domain(brownout_detection_app)
+  net_domain(brownout_detection_app)
+  allow brownout_detection_app app_api_service:service_manager find;
+  allow brownout_detection_app system_api_service:service_manager find;
+  get_prop(brownout_detection_app, vendor_brownout_reason_prop)
+')
diff --git a/whitechapel_pro/property.te b/whitechapel_pro/property.te
index ca17222c..6a377573 100644
--- a/whitechapel_pro/property.te
+++ b/whitechapel_pro/property.te
@@ -39,4 +39,4 @@ vendor_internal_prop(vendor_telephony_app_prop)
 
 # Battery Mitigation
 vendor_internal_prop(vendor_mitigation_ready_prop)
-vendor_public_prop(vendor_startup_bugreport_requested_prop)
+vendor_public_prop(vendor_brownout_reason_prop)
diff --git a/whitechapel_pro/property_contexts b/whitechapel_pro/property_contexts
index 814d0184..9aa97f1b 100644
--- a/whitechapel_pro/property_contexts
+++ b/whitechapel_pro/property_contexts
@@ -109,4 +109,4 @@ vendor.config.debug.                       u:object_r:vendor_telephony_app_prop:
 
 # Battery Mitigation
 vendor.brownout.mitigation.ready           u:object_r:vendor_mitigation_ready_prop:s0
-vendor.startup_bugreport_requested         u:object_r:vendor_startup_bugreport_requested_prop:s0
+vendor.brownout_reason                     u:object_r:vendor_brownout_reason_prop:s0
diff --git a/whitechapel_pro/seapp_contexts b/whitechapel_pro/seapp_contexts
index ce467c3b..720081c7 100644
--- a/whitechapel_pro/seapp_contexts
+++ b/whitechapel_pro/seapp_contexts
@@ -72,5 +72,5 @@ user=system seinfo=platform name=com.google.android.CatEngine domain=cat_engine_
 # CccDkTimeSyncService
 user=_app isPrivApp=true name=com.google.pixel.digitalkey.timesync domain=vendor_cccdktimesync_app type=app_data_file levelFrom=all
 
-# BetterBug
-user=_app isPrivApp=true name=com.google.android.apps.internal.betterbug domain=better_bug_app type=app_data_file levelFrom=all
+# BrownoutDetection
+user=_app isPrivApp=true name=com.google.android.brownoutdetection domain=brownout_detection_app type=app_data_file levelFrom=all
diff --git a/whitechapel_pro/vendor_init.te b/whitechapel_pro/vendor_init.te
index 5de29166..dae9fa6c 100644
--- a/whitechapel_pro/vendor_init.te
+++ b/whitechapel_pro/vendor_init.te
@@ -37,7 +37,7 @@ set_prop(vendor_init, vendor_battery_defender_prop)
 set_prop(vendor_init, vendor_display_prop)
 
 # Battery Mitigation
-set_prop(vendor_init, vendor_startup_bugreport_requested_prop)
+set_prop(vendor_init, vendor_brownout_reason_prop)
 
 # MM
 allow vendor_init proc_watermark_scale_factor:file w_file_perms;

From 3a7647d59cc9e28a396d44d63ba88aaa87e69b59 Mon Sep 17 00:00:00 2001
From: Ray Chi <raychi@google.com>
Date: Wed, 14 Dec 2022 15:38:22 +0800
Subject: [PATCH 4/4] [DO NOT MERGE] usb: Add sepolicy for extcon access

USB gadget hal will access extcon folder so that this patch
will add new rule to allow USB gadget hal to access extcon.

Bug: 263435622
Test: build pass
Change-Id: I971732c6a40700a85df61170dcf1c3660307b96c
(cherry picked from commit 03fb0f6ceb6bfee492299b9d5a5578f5b2f50822)
Merged-In: I971732c6a40700a85df61170dcf1c3660307b96c
---
 whitechapel_pro/hal_usb_gadget_impl.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/whitechapel_pro/hal_usb_gadget_impl.te b/whitechapel_pro/hal_usb_gadget_impl.te
index ddda7eb9..361e0f71 100644
--- a/whitechapel_pro/hal_usb_gadget_impl.te
+++ b/whitechapel_pro/hal_usb_gadget_impl.te
@@ -19,3 +19,7 @@ allow hal_usb_gadget_impl proc_irq:file w_file_perms;
 # allow gadget hal to search hsi2c dir and write to usb_limit_accessory_enable/current
 allow hal_usb_gadget_impl sysfs_batteryinfo:dir r_dir_perms;
 allow hal_usb_gadget_impl sysfs_batteryinfo:file rw_file_perms;
+
+# allow gadget hal to access extcon node
+allow hal_usb_gadget_impl sysfs_extcon:dir search;
+allow hal_usb_gadget_impl sysfs_extcon:file r_file_perms;